Calling on developers, startups, and open source organizations to advocate against patent rules that would make it harder to challenge bad patents by the December 2 deadline.The post Developers still need the right to challenge junk patents appeared first on The GitHub Blog.

There are many ways to share properties, but what would it look like to inherit and use any parent property value on a child?On Inheriting and Sharing Property Values originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Practical guidelines on designing time-critical products that prevent errors and improve accuracy. Part of the Measure UX & Design Impact (use the code 🎟 IMPACT to save 20% off today). With a live UX training starting next week.

You can now open your current project in the Vercel Dashboard directly from the command line using vercel open.This gives you quick access to your project without needing to navigate manually in your browser.Update to or newer with to give it a try.vercel48.10.0npm i -g vercelSee for more.docsRead more

Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.

こんにちは、CTOの大垣です。 このブログはマネジメントチームブログリレー 3日目の記事です。前回は岩佐さんの、リモートワークを自作ルーター(OpenWrt)で支える でした。リモートワークで必要な3種の神器、キーボード・机・ルーターは自作するの楽しそうですよね(?) さて、今日のテーマは打って変わって、"アクセント"です。 普段皆さんが何度も口に出していてほしい"エムスリー"という名前、皆さんどういうアクセントで呼んでますか？エムスリー？そうですよね！ さて、今回はCTOとして、"エムスリー"はどういうアクセントで読むのが正しいのか、について技術的に決着をつけに来ました。 今回のブログを読ん…

The 1Password browser extension is entering its eighth year of service, and quite a bit has changed over that time as we’ve built new capabilities and improvements. One crucial piece of the browser extension is its in-page notification system. With the ability to display a notification on a web page, it allows you to perform many important tasks.Over the last eight years, we’ve expanded the capabilities of this small but mighty piece of the user experience to inform you any time you:Save a new l

Why TypeScript’s built-in Omit breaks discriminated unions, and how a distributive version preserves them.

A practical guide to the best OAuth/OIDC platforms for securing autonomous AI agents.

Software Engineer

Improve the error experience when testing asynchronous code with the `.resolves`/`.rejects` chaining.

MCP Apps は MCP の拡張機能として、AI エージェントがインタラクティブな UI コンポーネントを返すための標準化された方法を提供します。この記事では MCP Apps の概要と実装方法について解説します。

After delegating everything and making myself irrelevant, I had to rediscover my purpose as CEO.

Software Engineer

Paul Smith made these Classic Mac OS System 1 Patterns, which are super tiny (in size) graphics that work with background-repeat to make old school “textures”. They have an awfully nostalgic look for me, but they are so simple I can see them being useful in modern designs as well.

Sketch probably didn't "have" to redesign its UI to line up with macOS Tahoe, but a big part of its appeal is the fact that it feels like it totally belongs to the Mac.Sketch: A guided tour of Copenhagen originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.

Learn how to build self-healing CI pipelines with Semaphore using AI agents that automatically diagnose failures, apply fixes, and open pull requests.The post AI-Driven CI: Exploring Self-healing Pipelines appeared first on Semaphore.

In April, we launched the to give maintainers the resources, credits, and support they need to ship faster and scale confidently. The first group joined through our .Vercel Open Source Programspring 2025 cohortToday we are welcoming the fall 2025 cohort. From AI-native apps and developer infrastructure to design systems and creative tooling, open-source builders continue to amaze us. Meet the creators and explore their projects. Read more

AI has transformed how we write code. The next transformation is how we run it.At Vercel, we’re building self-driving infrastructure that autonomously manages production operations, improves application code using real-world insights, and learns from the unpredictable nature of production itself.Our vision is a world where developers express intent, not infrastructure. Where ops teams set principles, not individual configurations and alerts. Where the cloud doesn’t just host your app, it underst

are now included in Observability Plus, adding 10 investigations to every billing cycle at no extra cost to your subscription. Vercel Agent investigationsInvestigations help teams diagnose and resolve incidents faster, and run automatically on error alerts. When an alert flags suspicious activity, such as unexpected spikes in usage or errors, Vercel Agent investigates the issue, identifies the likely root cause, analyzes the impact, and suggests next steps for remediation. Teams can purchase Ver

Fonts for a progressive futureTitle says it all. Amazing fonts designed for people doing actual good for the world.Busy simulatorThis is great and will give you a chuckle.Can AI write accessibility specs?Geri truly is a writing super talent. This piece is fantastic.Responsive letter spacingExtremely clever approach!Grid paperA handy tool here if you want to print grids, dot-grids and even isomorphic grids.P.S. this is cool.Sponsor messageOur Black Friday deals start on Tuesday, November 25! Mind

Fixes 95 issues (addressing 348 👍). CompressionStream and DecompressionStream, Control .env and bunfig.toml loading in standalone executables, `retry` and `repeats` in `bun:test`, --no-env-file, SQLite 3.51.0, Upgraded to Zig 0.15.2, Bugfixes for bundler, bun install, Windows, Node.js compatibility, Web APIs, Bun.serve, networking, Bun.YAML, Bun.Transpiler, Bun.spawn & TypeScript definitions

Animations can be one of the most joyful parts of building interfaces, but without structure, they can also become one of the biggest sources of frustration. By consolidating and standardizing keyframes, you take something that is usually messy and hard to manage and turn it into a clear, predictable system.

週末に訪れたゴルフコース はじめに M3の岩佐(@bloody_snow)です。 最近は M3 Technologies にてM3グループ各社のエンジニアリング支援をメインで担当しています。エムスリーキャリア株式会社と株式会社イーウェルで取締役を勤めていますので、興味のある方はこれらの会社もよろしくお願いいたします。 M3ではリモートワークをメインとしているため、ネットワークの品質が業務効率に直結します。長らく市販のルーターを用いていたのですが、同時接続台数が増えるとパケットロスや通信速度低下が発生するなど、安定性に課題を感じていました。 もちろん最新のハイエンド家庭用ルーターに買い替えれば手…

ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.

こんにちは。LegalOn Technologiesでソフトウェアエンジニアをしている浅野（@takuya_b / @takuya_a）です。最近は検索推薦というよりはAIエンジニアっぽいことをしています。 このたび、社内の全プロダクトマネージャー・デザイナー・エンジニア・EM向けに「速習 AIエージェント入門」というタイトルで、AIエージェント開発の社内セミナーを担当しました。その発表で使用したスライドを、弊社のSpeaker Deckに公開しましたので共有します。 昨年、弊社のブログ「社内資料「プロダクトマネージャーのための検索推薦システム入門」を公開します」の中で検索推薦技術の入門講座の…

Using grid lines is a flexible and powerful way to place your elements on a grid, but, when looking at the code, it might be a bit hard to visualize.

Our Path Forward at TypeORM

Starting with Chrome 144, Anchor Positioning is going to be transform-aware. From then on, anchoring will resolve against the bounding box of the transformed ancho

Repeat the same content over and over on top of each other, and you can move each of them just a smidge in 3D space creating the illusion of shape.

GitHub Copilot’s next edit suggestions just got faster, smarter, and more precise thanks to new data pipelines, reinforcement learning, and continuous model updates built for in-editor workflows.The post Evolving GitHub Copilot’s next edit suggestions through custom model training appeared first on The GitHub Blog.

Socket now scans OpenVSX extensions, giving teams early detection of risky behaviors, hidden capabilities, and supply chain threats in developer tools.

Is there really a difference between using :not(:open) and :closed? As always, it depends. Sunkanmi Fafowora explains why :closed is currently not a thing.Should We Even Have :closed? originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

You can now access xAI's latest models, Grok 4.1 Fast Reasoning and Grok 4.1 Fast Non-Reasoning, via Vercel's with no other provider accounts required. These models have a 2M context window and are designed for agentic tool calling.AI GatewayGrok 4.1 Fast Reasoning is best suited for structured reasoning and agentic operations that require high accuracy, whereas Grok 4.1 Fast Non-Reasoning is tailored to speed.To use the Grok 4.1 Fast models in AI Gateway with the , set to or .AI SDKmodelxai/gro

Vercel dynamically transforms source images to reduce file size while maintaining high quality on the visitor's browser.Image OptimizationYou can now invalidate the CDN cache by providing a source image.This feature marks all transformed images derived from that source image as stale. The next request serves stale content instantly while revalidation happens in the background, with no latency impact for users.There are several ways to invalidate a source image:In addition to invalidating by sour

We have launched improvements to the Vercel Firewall UI, simplifying your application security monitoring and analysis. Vercel Firewall includes the System firewall and DDoS mitigations, Web Application Firewall, and Bot Management capabilities.The updated experience surfaces more information on security events and mitigations, and allows for easier event investigations, bringing together all security events analytics in one place.The updates include:Learn more about the or visit the on your pro

You can now access Google's cutting edge image model, Nano Banana Pro (Gemini 3 Pro Image), via Vercel's with no other provider accounts required.AI GatewayNano Banana Pro (Gemini 3 Pro Image) is designed to work for more advanced use cases than Nano Banana. This model introduces improvements specifically for professional and creative workflows, like the generation of diagrams with accurate labeling and integration of web search information for images with up-to-date information. Nano Banana Pro

皆さんこんにちは、こんばんは。今年も冬キャンプにベストなシーズンになってウキウキしている取締役CPO/CAIOの山崎です。 最近お気に入りのキャンプギアはSoomloomのIGTハーフ対応の焚き火台と、同じくSoomloomの円形のアイロンストーブです。 ということで、本日はマネジメントチームブログリレー1日目の記事を担当することになりました。 11月でもタープ泊のストロングスタイル。シュラフはEnlightened Equipmentの30F対応キルト。むしろ暑すぎました。 エンジニアリンググループマネジメントチームについて プロダクト支援チームについて 私の役割 イベントスポンサーとイベン…

こんにちは、バックエンドエンジニアの中山です。 今回は、11月7日に開催されたPR TIMES主催イベントでのブース運営に加えて、11月8日に開催された「PHPカンファレンス福岡2025」に参加してきました。 PHPカン […]

こんにちは、Webエンジニアのima1zumiです。2025年11月6日から7日に島根県松江市で開催されたRubyWorld Conference 2025に参加しました。この記事では参加レポートと、参加したメンバーからの感想をお届けします。 RubyWorld Conferenceは、プログラミング言語Rubyの国内最大のビジネスカンファレンスで、毎年松江市で開催されています。今年は400名ほどの参加だったそうです。 Ruby biz グランプリでSTORESは大賞を受賞しました くにびきメッセ入口の看板 以下は参加したメンバーの感想です。 感想 ima1zumi 印象に残ったセッション： …

目次 はじめに データ分析の課題 データ分析基盤システム全体像 AI-Ready なデータ分析基盤の ...

A satisfying little rant from Justin Fagnani: Stop Using CustomEvent. One point is that you’re forcing the consumer of the event to know that it’s custom and you have to get data out of the details property. Instead, you can subclass Event with new properties and the consumer of that event can pull that data […]

Astro 5.16 brings experimental SVG optimization with SVGO, interactive CLI shortcuts, and improved developer experience across the board.

IntroductionRails continues to refine its built-in error handling tools.Testing error reporting behavior has become more precise with new testing utilities introduced in Rails 7.1.Rails 7.1 brought us assert_error_reported and assert_no_error_reported.These additions make our test suites more expressive and align better with Rails testing conventions.Rails 8.1 takes this further with capture_error_reports.This latest addition gives us even more control when we need to verify error details like m

Building Personas for B2B Consultancy WebsitesWhen we started designing for B2B consultancy websites, we realized one thing quickly: not every visitor is the same. Some people come to learn, others to compare options, and a few already know what they want. To design something that connects with all of them, we needed to understand who they are and what they care about. That’s where building personas comes in.Why Personas MatterA persona is a simple profile that represents a group of users with s

Learn how to measure the performance of your Rust code by writing and running benchmarks locally and continuously in CI to catch regressions.

Security leaders are under pressure to manage an expanding number of SaaS apps and shadow IT. Automation transforms the fight for visibility into a framework of continuous monitoring.Virtually every company runs on more SaaS than it can see, and spends more on it than it can control.From analytics tools to HR platforms and AI agents, every new license improved productivity while expanding the surface that IT and security must protect.For years, Identity and Access Management (IAM) and Identity G

We’re excited to announce that today, 1Password Enterprise Password Manager – MSP Edition is now available through Renaissance, a leading IT distributor serving MSPs across the Island of Ireland. This partnership enables even more MSPs to access 1Password through local channels, streamlining their procurement and billing processes while expanding access to enterprise-grade credential security.We know that growing MSPs around the world are constantly balancing the need to:Ensure their own operati

Everything you need to know about choosing a SAML provider for enterprise SSO in modern B2B platforms.

We're using embedding-guided tool routing, adaptive clustering, and a streamlined 13-tool core to deliver faster experience in VS Code.The post How we’re making GitHub Copilot smarter with fewer tools appeared first on The GitHub Blog.

Learn how to write effective agents.md files for GitHub Copilot with practical tips, real examples, and templates from analyzing 2,500+ repositories.The post How to write a great agents.md: Lessons from over 2,500 repositories appeared first on The GitHub Blog.

Bringing supply chain security to the next generation of JavaScript package managers

記事は ics.media へアクセスしてご覧ください。

Jonathan Reimer shares insights on open source startups, developer go-to-market, ecosystem trends, and how AI is reshaping software.The post Jonathan Reimer on Open Source, Startups, and AI appeared first on Semaphore.

Butterick’s Practical TypographyThis book (available to read online) is absolutely packed full of gold.Staggered animation with CSS sibling-* functionsA great, practical article teaching you about the newer sibling-index() and sibling-count() functions in CSS.EchoFeedEverything you read outside of the Piccalilli site (including this email) is powered by tooling like this under the hood. Automation without the hassle is always a good thing too in our experience.Why do you need big tech for your S

When you run vlt install, packages are downloaded and extracted to node_modules, but no lifecycle scripts execute.

Texture component swizzle, and remove bgra8unorm read-only storage texture usage.

こんにちは、技術広報のえんじぇるです。 STORES Tech Conf 2025 “What Would You Do?” の開催が近づいてきました！準備に邁進している今日この頃です。 storesinc.tech STORES Tech Conf 2024からコンテンツを大幅に増やしているので、この記事では STORES Tech Conf 2025 “What Would You Do?”のセッション以外のお楽しみポイントを紹介します。 ポスターセッション 前回好評だったポスターセッションがパワーアップし、15の発表があります！ 先日ポスターセッションのレビューをしたのですが、会議室がポ…

Remote caching delivers such dramatic improvements that many teams stop there, thinking they've maximized their investment. But the real bottleneck isn't just slow task execution—it's the time spent babysitting PRs through flaky test failures and manual reruns. Cache speeds up your tasks, but it can't eliminate the interruptions that keep developers waiting for green builds.

In episode five of Securing the Win, Formula 1® journalist and broadcaster Chris Medland takes us inside the cockpit with Oracle Red Bull Racing’s Max Verstappen and Yuki Tsunoda to uncover what it takes to win. Through their words and the unseen organization that powers them, Medland discovers how every team member at Oracle Red Bull Racing works together to make the car go faster.After exploring leadership, security, and trust behind the scenes, Securing the Win brings us closer to the people

If you’ve built anything with AI tools lately…You’ve probably seen a file like this sitting in your project root:{ "tools": { "github": { "endpoint": "https://api.github.com", "auth": { "token": "ghp_your-secret-token" } } } }That’s a typical mcp.json, the file many agentic development environments (like Cursor or Claude Code) use to tell an MCP server what APIs it can call and what credentials to use.It’s handy. It works. It’s also a plaintext secret waiting to leak.Push that repo to GitHub, sy

Tools like Bolt, Dazl, and Lovable are leading the charge with AI coding tools. But there are design patterns that can improve vibecoding workflows even more, reducing friction, and elevating AI tool UX into intuitive, creator-friendly experiences that appeal to users on a massive scale.

Everything you need to know about OTPs, from HOTP and TOTP internals to real-world pros and cons, plus how WorkOS can help you implement them cleanly.

WorkOS is a proud partner in the Microsoft Entra Agent ID partner ecosystem.

Your competitors will eat your lunch while you refactor

There is quite a bit of interesting design possibility with `random()` coming to CSS. It pairs nicely with animation, particularly animation-composition for agumenting those generated values.

A safer, faster way to eliminate vulnerabilities without updating dependencies

Prevent accessibility issues before they reach production. The Annotation Toolkit brings clarity, compliance, and collaboration directly into your Figma workflow.The post Level up design-to-code collaboration with GitHub’s open source Annotation Toolkit appeared first on The GitHub Blog.

The Gemini 3 Pro Preview model, released today, is now available through the and on . Thanks to Google, Vercel has been testing Gemini 3 Pro Preview across v0, Next.js, AI SDK, and Vercel Sandbox over the past several weeks.Vercel AI Gatewayv0.appWe've noticed the model has an increased focus on coding, multimodal reasoning, and tool use, though it's seen improvements across the board.From our testing, Gemini 3 Pro Preview delivers substantial improvements in instruction following and response c

You can now access Google's latest model, Gemini 3 Pro, via Vercel's with no other provider accounts required.AI GatewayGemini 3 Pro excels at challenging tasks involving reasoning or agentic workflows. In particular, the model improves on Gemini 2.5 Pro's performance in multi-step function calling, planning, reasoning over complex images/long documents, and instruction following.To use Gemini 3 Pro in AI Gateway with the , set to . Gemini 3 Pro is a reasoning model, and you can specify the leve

At JetBrains, we love seeing the developer community grow and thrive. That’s why we support open-source projects that make a real difference — the ones that help developers learn, build, and create better software together. We’re proud to back open-source maintainers with free licenses and to contribute to initiatives that strengthen the ecosystem and the […]

Server chaos doesn’t have to be the norm. AI-ready infrastructure and automation can bring clarity, performance, and focus back to your web work.

Two-step location permissions in Chrome on Windows for enhanced user privacy and control.

こんにちは、原田伶央です。DX内製エンジニア専門組織「INTECH」でFlutterエンジニアをして ...

Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.

Introduction — The Accidental Era of "AI First" Over the last two years, you've probably noticed a strange vibe in the software world: everyone is moving at impossible speed while simultaneously questioning if any of this will matter in five years. We've crossed into a world where individuals can do what once required teams. A world where "engineering" sometimes means "describe the system you want and let an agent scaffold 70% of it." A world where the differentiator is no longer what you can bu

IT and security leaders share a common goal: to empower teams to move fast without compromising security.Over the past year, we partnered closely with customers across industries to understand what helps them scale and where they need more flexibility and control.Their feedback shaped our latest updates to 1Password Enterprise Password Manager (EPM). Each enhancement is designed to make enterprise deployment and governance faster, simpler, and more intuitive so security teams can focus on strate

I like programming languages where variables are immutable by default. For example, in Rust, let declares an immutable variable and let mut declares a mutable one. I’ve long wanted this in other languages, like TypeScript, which is mutable by default—the opposite of what I want!I wondered: is it possible to make TypeScript values immutable by default?My goal was to do this purely with TypeScript, without changing TypeScript itself. That meant no lint rules or other tools. I chose this because I

Everything you need to know to implement and validate JWTs securely in Go: from signing to verifying with JWKS, with code examples and best practices throughout.

こんにちは、先日開催された社内イベント「ごーとんカップ 2025」にてセキュリティチャンピオンになりました、ソフトウェアエンジニアの渡邉(匠)です。「カミナシ 設備保全」の開発に携わっています。 最近、AIエージェントの技術トレンドに乗り遅れないよう、Amazon Bedrock を使ったプロトタイピングに取り組んでいます。その中で、Amazon Bedrock Agents で提供されている「Return of Control」という機能をStrands AgentsとAmazon Bedrock AgentCoreを使って作ってみたので、その実装方法と学びを共有します。 Return of…

By using two sequential View Transitions when intercepting links with the Navigation API – one in the precommitHandler and one in the regular handler – you can fake a Two-Phase View Transition today!

How taking on a short-term leadership contract can pave the way to long-term opportunities.

Alex MacArthur shows us there are a lot of ways to break up long tasks in JavaScript. Seven ways, in this post. That’s a senior developer thing: knowing there are lots of different ways to do things all with different trade-offs. Depending on what you need to do, you can hone in on a solution.

The Kubernetes community announced that Ingress NGINX will be retired in March 2026. After that, there won’t be any more updates, bugfixes, or security patches. This decision came after years of the project being maintained by just 1-2 developers working nights and weekends, plus some serious security issues earlier this year (IngressNightmare CVE-2025-1974) that made […]