GitHub Actions - Support for organization-wide required workflows public beta | GitHub Changelog
GitHub Actions – Support for organization-wide required workflows public beta githubactionsworkflows January 10, 2023 Today, we are announcing public beta of required workflows in GitHub Actions 🎉 Required workflows allow DevOps teams to define and enforce standard CI/CD practices across many source code repositories within an organization without needing to configure each repository individually
A Terrible, Horrible, No-Good, Very Bad Day at Slack - Slack Engineering
A Terrible, Horrible, No-Good, Very Bad Day at Slack On May 12, 2020, Slack had our first significant outage in a long time. This is a detailed look into the technical issues that caused it. This story describes the technical details of the problems that caused the Slack downtime on May 12th, 2020. To learn more about the process behind incident response for same outage, read Ryan Katkov’s post, “
株式会社ヘンリーでSREをやっているTODA(@Kengo_TODA)です。弊社ではGoogle Cloud Platform(GCP)を活用してサービスを構築しており、またサーバサイドにはKotlinを利用しています。Cloud Runで動くJVMサービスの監視にログベースの指標が便利だったので紹介します。 何をもってJVMで駆動するサービスを「メモリが足りていない」と判断するか Cloud Runのメモリ監視で最も利用しやすいのは、Cloud Monitoringでメモリ利用率などを見ることでしょう。次に示す図のように、サービスごとのデータを取ってグラフ化できます。 図1 メモリ利用率をプロットしてみた ではこのグラフから何がわかるのでしょうか?例えば下側に紫色で示されたCloud Runサービスはメモリにずいぶんと余裕がありそうです。常時この状態であれば、メモリ割当量を減らしても良さ
こんにちは。GMOアドマーケティングのH.Tと申します。 目新しいネタではないのですが、Cloud Pub/SubでBigQueryの「スケジュールされたクエリ」の結果をSlack通知してみたのでご紹介いたします。 きっかけ BigQueryの「スケジュールされたクエリ」が便利で使っています。 「スケジュールされたクエリ」はクエリ失敗時の通知オプションとしてメールかPub/Subから選べるのですが、システム通知をSlackで受け取りたいのでCloud Pub/Sub→Slack通知の連携を試してみました。 システム連携概要 以下図のとおり、BigQuery→Cloud Pub/Sub→Cloud Functions→Slackという形で連携します。 設定の流れ 1.まず、受け取りたいslackのwebhook urlを用意しておきます。 (slack側の準備は本記事では割愛させていただきま
目まぐるしく変化するWebデザインの世界は、新しい技術やテクニックが毎日のように登場し、追いかけるだけでも大変。 「Webデザインの最新テクニックを知りたいけど、時間が足りない」という方へ。 この記事では、話題になった人気テクニックを中心に集めているので、効果的にWeb注目ニュースをインプットできます。 しかもスニペットはコピペで利用でき、CSSのみでスタイリングされたものも多数。 HTML/CSSやJSのコードをリアルタイムで編集、確認できるので、今後のデザイン制作に活用してみてはいかがでしょう。 こんなことできるの?!最新HTMLテクニック・スニペット Cards (gradient border) 最近良く見かけるモダンなUIカードエフェクトをまとめたミニライブラリ。CSSでできるボーダーアニメーションと合わせてどうぞ。 See the Pen Cards (gradient bor
Frontend Application Bundles (💎 FABs) are a bundle format for frontend applications. They unify static sites, single page applications (SPAs), server-side rendering (SSR) & server-side logic in a single format, one that is universally compatible with and easy to deploy to a wide range of hosting providers, even your own infrastructure! Want to get started? Head to fab.dev/guides/getting-started t
Understanding Garbage Collection in JavaScriptCore From Scratch
JavaScript relies on garbage collection (GC) to reclaim memory. In this post, we will dig into JSC’s garbage collection system. Before we start, let me briefly introduce myself. I am Haoran Xu, a PhD student at Stanford University. While I have not yet contributed a lot to JSC, I found JSC a treasure of elegant compiler designs and efficient implementations, and my research is exploring ways to tr
WebKit Features in Safari 17.4
Just like Safari 15.4 and Safari 16.4, this March’s release of Safari 17.4 is a significant one for web developers. We’re proud to announce another 46 features and 146 bug fixes. You can experience Safari 17.4 on iOS 17.4, iPadOS 17.4, macOS Sonoma 14.4, macOS Ventura, macOS Monterey, and in visionOS 1.1. Architectural improvements It’s always exciting to ship new features that you can use while b
はじめに これは Angular Advent Calendar 2019 10日目の記事です。 こんにちは (。・ω・。) Angular と Firebase で CGM サービス(一般ユーザー投稿型サービス)を開発している者です。 早いもので、Angular Advent Calendar も 3 回目の参加となります。 例年ではなんとなく不吉な 4 日目をいただいていたのですが、今年も募集当日にエントリーしに行くと既に 9 割ほどの枠で参加表明があり、狙っていた? 4 日目も埋まっていました。 (どこでも良いので他の人が嫌がる確率が高そうなところに入ったろの精神 今まで #1 しかなかったカレンダーが今年は勢いそのまま #2 まで誕生し、ここ 1 年での Angular コミュニティの成長を実感しています (ノ゚∀゚)ノ 小話はこの辺で... この記事では、約 2 年間 Angul
How MDN’s autocomplete search works – Mozilla Hacks - the Web developer blog
Last month, Gregor Weber and I added an autocomplete search to MDN Web Docs, that allows you to quickly jump straight to the document you’re looking for by typing parts of the document title. This is the story about how that’s implemented. If you stick around to the end, I’ll share an “easter egg” feature that, once you’ve learned it, will make you look really cool at dinner parties. Or, perhaps y
There will be cases like the serverless compute engine ECS Fargate, Google Cloud Run, etc., where some of these pieces are out of our control, so we work on a shared responsibility model. The provider is responsible for keeping the base pieces working and secured And you can focus on the upper layers. Prevention: 8 steps for shift left security Before your application inside a container is execute
Summary of the AWS Service Event in the Northern Virginia (US-EAST-1) Region
December 10th, 2021 We want to provide you with some additional information about the service disruption that occurred in the Northern Virginia (US-EAST-1) Region on December 7th, 2021. Issue Summary To explain this event, we need to share a little about the internals of the AWS network. While the majority of AWS services and all customer applications run within the main AWS network, AWS makes use
Testing Types | Vitest
Vitest allows you to write tests for your types, using expectTypeOf or assertType syntaxes. By default all tests inside *.test-d.ts files are considered type tests, but you can change it with typecheck.include config option. Under the hood Vitest calls tsc or vue-tsc, depending on your config, and parses results. Vitest will also print out type errors in your source code, if it finds any. You can
Visual studio code tunnel Introduction Since July 2023, Microsoft is offering the perfect reverse shell, embedded inside Visual Studio Code, a widely used development tool. With just a few clicks, any user with a github account can share their visual studio desktop on the web. VS code tunnel is almost considered a lolbin (Living Of the Land Binary). I am so glad that my users now have the ability
More posts When writing services that accept TCP connections, we tend to think of our work as starting from the point where our service accepts a new client connection and finishing when we complete the request and close the socket. For services at scale, operations can happen at such a high rate that some of the default resource limits of the Linux kernel can break this abstraction and start caus
Automating Dependabot with GitHub Actions - GitHub Docs
About Dependabot and GitHub Actions Dependabot creates pull requests to keep your dependencies up to date, and you can use GitHub Actions to perform automated tasks when these pull requests are created. For example, fetch additional artifacts, add labels, run tests, or otherwise modifying the pull request. Responding to events Dependabot is able to trigger GitHub Actions workflows on its pull requ
All JavaScript and TypeScript Features of the last 3 years
TypeScript as envisioned by Stable DiffusionThis article goes through almost all of the changes of the last 3 years (and some from earlier) in JavaScript / ECMAScript and TypeScript . Not all of the following features will be relevant to you or even practical, but they should instead serve to show what’s possible and to deepen your understanding of these languages. There are a lot of TypeScript fe
How COVID-19 is affecting internet performanceTL;DR To understand how the internet is performing with the changes in internet use brought on by the COVID-19 pandemic, we investigated two key metrics during February and March in some of the countries and states that were hit hardest by the virus: changes in the traffic volume served to those regions as a reflection of changes in internet use, and c
セキュリティ英単語帳
2022年6⽉ 独⽴⾏政法⼈ 情報処理推進機構 産業サイバーセキュリティセンター 第5期中核⼈材育成プログラム 「セキュリティエンジニアのための English Reading」プロジェクト 動詞 単語 意味 関連語 使用例 include ~を含む 【名】inclusion: 包含、含まれるもの 【形】inclusive: すべてを含んだ the email including a malicious macro 悪意のあるマクロを含むメール steal ~を盗む steal sensitive information 機微な情報を盗む exploit (脆弱性) を突いて攻撃する 【名】エクスプロイト (コード) 【名】exploitation: (脆弱性を突く) 攻撃 【形】exploitable: 悪用可能な actively exploited vulnerability よく攻
I love GitHub Actions: I’ve been a daily user of it since 2019 for both professional and hobbyist projects, and have found it invaluable to both my overall productivity and peace of mind. I’m just old enough to have used Travis CI et al. professionally before moving to GitHub Actions, and I do not look back with joy1. By and large, GitHub Actions continues to delight me and grow new features that
Announcing Amazon ECS deployment circuit breaker | Amazon Web Services
Containers Announcing Amazon ECS deployment circuit breaker Today, we announced the Amazon ECS deployment circuit breaker for EC2 and Fargate compute types. With this feature, Amazon ECS customers can now automatically roll back unhealthy service deployments without the need for manual intervention. This empowers customers to quickly discover failed deployments, while not having to worry about res
Announcing Distributed Application Runtime (Dapr), an open source project to make it easier for every developer to build microservice applications - Microsoft Open Source Blog
Announcing Distributed Application Runtime (Dapr), an open source project to make it easier for every developer to build microservice applications Toggle share menu for: Announcing Distributed Application Runtime (Dapr), an open source project to make it easier for every developer to build microservice applications Share Share Announcing Distributed Application Runtime (Dapr), an open source proje
Chapter 12 - Introducing Non-Abstract Large System Design, Google SRE Book
Introducing Non-Abstract Large System Design By Salim Virji, James Youngman, Henry Robertson, Stephen Thorne, Dave Rensin, and Zoltan Egyed with Richard Bondi With responsibilities that span production operations and product engineering, SRE is in a unique position to align business case requirements and operational costs. Product engineering teams may not be aware of the maintenance cost of syste
by Frank San Miguel on behalf of the Cosmos team IntroductionCosmos is a computing platform that combines the best aspects of microservices with asynchronous workflows and serverless functions. Its sweet spot is applications that involve resource-intensive algorithms coordinated via complex, hierarchical workflows that last anywhere from minutes to years. It supports both high throughput services
ReactでHooks APIが登場したのは2019年2月。現在では当たり前のように使われているHooksですが、みなさんは正しく使いこなせているでしょうか? 本記事ではHooks APIの基本的な使い方から、注意点まで説明します。 useStateとは HooksはReactバージョン16.8で追加された新機能です。stateやライフサイクルといったReactの目玉機能を、クラスコンポーネントでなくとも使えるようになります。次のコードは、ボタンをクリックすると数値が増えるカウンターを作成するコンポーネントです。数値はReactのstate機能を使って管理されています。 import React, { useState } from "react"; export const CounterComponent = () => { // state を追加 const [count, set
UI Testing Playbook
UI testing workflows often spiral into maintenance nightmares. Your tests break whenever there’s an implementation tweak. You duplicate test cases for every tool. It’s easy to find tools that test different parts of the UI. But knowing how to combine them into a productive workflow is tricky. If you get it wrong, the UI development process feels like a slog. I interviewed ten teams from companies
SVT-AV1 is an open-source AV1 codec implementation hosted on GitHub https://github.com/OpenVisualCloud/SVT-AV1/ under a BSD + patent license. As mentioned in our earlier blog post, Intel and Netflix have been collaborating on the SVT-AV1 encoder and decoder framework since August 2018. The teams have been working closely on SVT-AV1 development, discussing architectural decisions, implementing new
Debugging in CSS means figuring out what might be the problem when you have unexpected layout results. We’ll look at a few categories bugs often fit into, see how we can evaluate the situation, and explore techniques that help prevent these bugs. We’ve all been there, at the end of completing CSS for a layout and — what’s that? Ah! An extra scrollbar! Or maybe an element is an unexpected color. An
When people say “debuggers are useless and using logging and unit-tests is much better,” I suspect many of them think that debuggers can only put breakpoints on certain lines, step-step-step through the code, and check variable values. While any reasonable debugger can indeed do all of that, it’s only the tip of the iceberg. Think about it; we could already step through the code 40 years ago, sure
On January 8, 2022, the open source maintainer of the wildly popular npm package colors, published colors@1.4.1 and colors@1.4.44-liberty-2 in which they intentionally introduced an offending commit that adds an infinite loop to the source code. The infinite loop is triggered and executed immediately upon initialization of the package’s source code, and would result in a Denial of Service (DoS) to
Retrospective and Technical Details on the recent Firefox Outage – Mozilla Hacks - the Web developer blog
Retrospective and Technical Details on the recent Firefox Outage On January 13th 2022, Firefox became unusable for close to two hours for users worldwide. This incident interrupted many people’s workflow. This post highlights the complex series of events and circumstances that, together, triggered a bug deep in the networking code of Firefox. What Happened? Firefox has a number of servers and rela
I’ve wondered Why Rails becomes slow with JIT for a long time. Today, I’m pleased to share my answer to the question in this article, which I spent three years of my life to figure out. RubyKaig 2018 / The Method JIT Compiler for Ruby 2.6"MJIT Does Not Improve Rails Performance"As I wrote in Ruby 3.0.0 Release Note and my previous post, we thought: it is still not ready for optimizing workloads li
Performance monitoring with Lighthouse CI Stay organized with collections Save and categorize content based on your preferences. How to add Lighthouse to a continuous integration system, such as GitHub Actions. Lighthouse CI is a suite of tools for using Lighthouse during continuous integration. Lighthouse CI can be incorporated into developer workflows in many different ways. This guide covers th
Part 1: Debugging Go in prod using eBPF | Pixie Labs Blog
This is the first in a series of posts describing how we can debug applications in production using eBPF, without recompilation/redeployment. This post describes how to use gobpf and uprobes to build a function argument tracer for Go applications. This technique is also extendable to other compiled languages such as C++, Rust, etc. The next sets of posts in this series will discuss using eBPF for
by Alistair Shepherd published on Dec 14, 2023 Carefully observing websites in the wild As the murderous tortoises start to converge on Ryūji’s hideout, they pull out their phone. It’s a cheap, older device but it’s survived the toils of the tortoise-ageddon well so far. Thankfully the internet still exists, although a bit slower, so they’re able to search online for how to scare tortoises away. T
Testing sync at Dropbox
…and how we rewrote the heart of sync with confidence. Executing a full rewrite of the Dropbox sync engine was pretty daunting. (Read more about our goals and how we made the decision in our previous post here.) Doing so meant taking the engine that powers Dropbox on hundreds of millions of user’s machines and swapping it out mid-flight. To pull this off, we knew we would need a serious investment
shogihax - Remote Code Execution on Nintendo 64 through Morita Shogi 64
shogihax - Remote Code Execution on Nintendo 64 through Morita Shogi 64 Introduction I've been wanting to develop Nintendo 64 homebrew for a while, but have been put off due to the limited options available for testing on the hardware. Instead of shelling out money for a flashcard (which have inflated prices since they are marketed for pirating games), I decided to invest some time systematically
AWS News Blog New – Announcing Amazon AppFlow Software as a service (SaaS) applications are becoming increasingly important to our customers, and adoption is growing rapidly. While there are many benefits to this way of consuming software, one challenge is that data is now living in lots of different places. To get meaningful insights from this data, we need to have a way to analyze it, and that c
Why is there a "V" in SIGSEGV Segmentation Fault?06/18/2020 Another long night. I was working on my perfect, bug-free program in C, when the predictable thing happened: $ clang skynet.c -o skynet $ ./skynet.out Segmentation fault (core dumped) Oh, well... Maybe I'll be more lucky taking over the world another night. But then it struck me. My program received a SIGSEGV signal and crashed with "Segm
Register now for a full day of community, learning, and all things Visual Studio Code April 2022 (version 1.67) Update 1.67.1: The update addresses this security issue. Update 1.67.2: The update addresses these issues. Downloads: Windows: x64 Arm64 | Mac: Universal Intel silicon | Linux: deb rpm tarball Arm snap Welcome to the April 2022 release of Visual Studio Code. There are many updates in thi
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Cloud Runで動くJVMの監視にログベースの指標が便利 - 株式会社ヘンリー エンジニアブログ
Cloud Pub/SubでBigQueryの「スケジュールされたクエリ」の結果をSlack通知する
こんなことできるの?!最新HTMLテクニック・スニペット30選 2024年5月版
Home
Angular と Firebase で月間PV1億超えの PWA を作った話 - Qiita
Container security best practices: Comprehensive guide
Blocking Visual Studio Code embedded reverse shell before it's too late
Scaling Linux Services: Before accepting connections
How COVID-19 is affecting internet performance
GitHub Actions could be so much better
The Netflix Cosmos Platform
React Hooks入門 - ICS MEDIA
SVT-AV1: an open-source AV1 encoder and decoder
A Guide To CSS Debugging — Smashing Magazine
What a good debugger can do 🔮
Open source maintainer pulls the plug on npm packages colors and faker, now what? | Snyk
Ruby 3 JIT can make Rails faster
Performance monitoring with Lighthouse CI | Articles | web.dev
Getting started with Web Performance 🚀 - HTMHell
New – Announcing Amazon AppFlow | Amazon Web Services
Why is there a "V" in SIGSEGV Segmentation Fault?
Visual Studio Code April 2022