JSer.infoの情報源となるサイトをまとめたサイトです。
全てのサイトを一つにまとめたRSSを配信しています

Slackに貼り付けると更新を受け取ることができます

直近1週間の更新

7/17 (金)

記事のアイキャッチ画像
Inkling: Our open-weights model Simon Willison's Weblog
<p><strong><a href="https://thinkingmachines.ai/news/introducing-inkling/">Inkling: Our open-weights model</a></strong></p>Mira Murati's Thinking Machines Lab just released their first open-weights model. Inkling is "a Mixture-of-Experts transformer with 975B total parameters, 41B active" - an Apache-2.0 licensed multimodal model trained on 45 trillion tokens of text, images, audio and video.</p><p>They're also promising Inkling-Small, a 276B (12B...
5分前

7/16 (木)

記事のアイキャッチ画像
Quoting Linus Torvalds Simon Willison's Weblog
<blockquote cite="https://lore.kernel.org/linux-media/CAHk-=wi4zC+Ze8e+p3tMv8TtG_80KzsZ1syL9anBtmEh5Z40vg@mail.gmail.com/"><p>I realize that some people really dislike AI, but this is an area where I'm willing to absolutely put my foot down as the top-level maintainer.</p><p>Linux is not one of those anti-AI projects, and if somebody has issues with that, they can do the open-source thing and fork it.</p><p>Or just walk away.</p><p>AI is a tool, j...
2時間前
記事のアイキャッチ画像
Use cases for aria-expanded ブログのファビコン Piccalilli - Everything
Communication can be difficult. Not only when we humans try to communicate with one another, but also in web development.While it is easy for sighted people with full mental and motor abilities to click a button with a mouse to display more information, users of Assistive Technology (AT) may have a completely different experience with the same action.The information an expandable button conveys to AT depends heavily on the context. This context also dictates which ARIA attributes should (or shou
4時間前
記事のアイキャッチ画像
Benchmarking 13 AI models on rediscovering known CVEs ブログのファビコン Aikido Security's Blog
We tested 13 AI models against 26 known CVEs to see which finds the most vulnerabilities — and whether the priciest model is worth the cost.Category: Technical
4時間前
記事のアイキャッチ画像
Unified Logs is now in open beta ブログのファビコン Supabase Blog
One searchable view for logs across every Supabase service, with live tail, filtering, and a timeline.
9時間前
記事のアイキャッチ画像
非エンジニアのサポート担当者がCodex + Datadogでログ調査できるようになった話 ブログのファビコン LegalOn Technologies Engineering Blog
はじめに LegalOn Technologies でCRE 兼 カスタマーリレーショングループリーダーの長内(@Nick)です。 現在私は、CREとして業務を行いながら、ユーザーサポートメンバーのマネジメントを担当しています。今回のブログでは、非エンジニアのユーザーサポートチームが、Codexを利用したログ調査を自ら行うようになり、一次対応のスピード向上と開発部門の負担軽減を両立できた話をお伝えします。 非エンジニアメンバーを率いるマネージャーの方や、社内のAI活用を推進したいエンジニアの方の参考になれば幸いです。 (久しぶりのEngineering Blogになりますが、以前公開したこちら…
13時間前
記事のアイキャッチ画像
Next.js moves to scheduled security releases ブログのファビコン Socket
Vercel is formalizing a monthly release program for Next.js. The change follows React2Shell and a sharp rise in AI-assisted vulnerability discovery.
14時間前
記事のアイキャッチ画像
将棋の編入試験の「いいとこ取り」は最長 26 局で十分 ブログのファビコン まめめも
問題 将棋の編入試験の受験資格に、「いいところ取りで 10 勝以上、勝率 65% 以上」という基準があります。 プロ棋士でない人が(任意の)プロ棋士と対戦した履歴の中で、勝利が 10 個以上、かつ、勝率が 65% 以上であるような「連続範囲」を切り出すことができれば(=いいとこ取り)、編入試験を受ける資格が得られるというものです 1 。 この「いいとこ取り」、どうやっていいところを取ればいいでしょうか。 非常に長い連続範囲を切り出すことで条件を満たせる可能性を考えると、どこまで計算すればいいのか自明でないと思います。 つまり、「苦節 20 年、ついに 65 勝 35 敗で編入試験の受験資格を獲…
14時間前
記事のアイキャッチ画像
Runtime Security for Third-Party GitHub Actions Runners: Bitrise, Blacksmith, Depot, Namespace, and Warp ブログのファビコン Step Security Blog
Harden-Runner secures third-party GitHub Actions runners. Bitrise macOS runners join Blacksmith, Depot, Namespace, and Warp Build with v2.20.0
14時間前
記事のアイキャッチ画像
Harden-Runner Block Mode Now Available for macOS and Windows GitHub-Hosted Runners ブログのファビコン Step Security Blog
Harden-Runner v2.20.0 extends egress block mode to macOS and Windows GitHub-hosted runners, so you can stop secret exfiltration on every OS your pipelines run on, not just observe it.
14時間前
記事のアイキャッチ画像
Introducing Device Policy: Enforce Approved VS Code Extensions Across Your Fleet ブログのファビコン Step Security Blog
Device Policy lets security teams allow-list VS Code extensions and enforce it fleet-wide through Intune, Jamf, Kandji, or the DMG agent. No MDM required.
14時間前
記事のアイキャッチ画像
Coordinated AsyncAPI Supply Chain Attack: Miasma RAT Delivered via Compromised CI/CD Pipelines in Two Repositories ブログのファビコン Step Security Blog
On July 14, 2026 at 07:10 UTC, three packages in the AsyncAPI generator monorepo (@asyncapi/[email protected], @asyncapi/[email protected], and @asyncapi/[email protected]) were published to npm carrying an obfuscated dropper that fires the moment the library is loaded, not on install. The packages were published through the project's own legitimate GitHub Actions release workflow and carry valid npm OIDC provenance attestations, because the attacker didn't steal an npm token: they
14時間前
記事のアイキャッチ画像
Introducing Secret Exfiltration Protection for GitHub Actions ブログのファビコン Step Security Blog
StepSecurity now blocks and detects secret exfiltration in GitHub Actions, stopping attacks that plant malicious workflows to steal your repository secrets.
14時間前
記事のアイキャッチ画像
Mermaid to Unicode box art (grok-mermaid) Simon Willison's Weblog
<p><strong>Tool:</strong> <a href="https://tools.simonwillison.net/grok-mermaid">Mermaid to Unicode box art (grok-mermaid)</a></p> <p>While <a href="https://simonwillison.net/2026/Jul/15/grok-build/">exploring the codebase</a> for the newly open-sourced Grok CLI coding agent I came across <a href="https://github.com/xai-org/grok-build/blob/b189869b7755d2b482969acf6c92da3ecfeffd36/crates/codegen/xai-grok-markdown/src/mermaid.rs">xai-gro...
15時間前
記事のアイキャッチ画像
Astro 7.1 ブログのファビコン The Astro Blog
Astro 7.1 is about more control: CSP, pagination, dev server, and content collections.
16時間前
記事のアイキャッチ画像
Kimi K3 is now available on AI Gateway ブログのファビコン Vercel News
is now available on AI Gateway.Kimi K3 from Moonshot AIK3 is an open-source model with a 1M-token context window and native visual understanding, accepting text, image, and video inputs.Built for long-horizon software engineering, knowledge work, and deep reasoning, K3 is especially strong where code meets visual and spatial reasoning, which suits frontend, game development, and CAD workflows. Thinking mode is always on.To use Kimi K3, set to in the :modelmoonshotai/kimi-k3AI SDKAI Gateway provi
16時間前
記事のアイキャッチ画像
xai-org/grok-build, now open source Simon Willison's Weblog
<p><strong><a href="https://github.com/xai-org/grok-build">xai-org/grok-build, now open source</a></strong></p>xAI's <code>grok</code> CLI tool faced severe community backlash yesterday when it became apparent that running the command in a directory could upload that <em>entire directory</em> to xAI's Google Cloud buckets. One user <a href="https://x.com/a_green_being/status/2076598897779020159">reported</a> running it in t...
16時間前
記事のアイキャッチ画像
Lessons Learned Rewriting a Sticky Detector ブログのファビコン Master.dev Blog RSS Feed
A dozen years go by, it turns out we can do things a lot differently and a lot better. Here a `scroll` event is entirely replaced by HTML and CSS features and much better performance.
16時間前
記事のアイキャッチ画像
pointer-events ブログのファビコン CSS-Tricks
The pointer-events property controls whether an element can become the target of pointer events like clicks, hover states, and other pointer-based events. In other words, it lets you decide whether the browser should treat an element as interactive when the …pointer-events originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.
20時間前
記事のアイキャッチ画像
GitHub for Beginners: Your roadmap to mastering the GitHub essentials ブログのファビコン The GitHub Blog
New to GitHub? This beginner's guide explains version control, repositories, and pull requests—plus everything else you need to start working confidently on GitHub.The post GitHub for Beginners: Your roadmap to mastering the GitHub essentials appeared first on The GitHub Blog.
1日前
記事のアイキャッチ画像
JavaScriptの日付処理が変わる! DateからTemporalへ ブログのファビコン ICS MEDIA
記事は ics.media へアクセスしてご覧ください。
1日前

7/15 (水)

記事のアイキャッチ画像
What’s !important #15: Boundary-aware CSS, Time-based CSS, Full-bleed CSS, and More ブログのファビコン CSS-Tricks
Read all about boundary-aware CSS, accessible grid lanes, time-based web designs, full-bleed, the customizable select, and new web platform features.What’s !important #15: Boundary-aware CSS, Time-based CSS, Full-bleed CSS, and More originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.
1日前
記事のアイキャッチ画像
How I tricked Claude into leaking your deepest, darkest secrets Simon Willison's Weblog
<p><strong><a href="https://www.ayush.digital/blog/the-memory-heist">How I tricked Claude into leaking your deepest, darkest secrets</a></strong></p>I've <a href="https://simonwillison.net/2025/Sep/10/claude-web-fetch-tool/">been impressed</a> by the way the Claude <code>web_fetch</code> tool is designed to avoid data exfiltration attacks. Ayush Paul found a hole in that design.</p><p>To recap: regular Claude chat is at ris...
1日前
記事のアイキャッチ画像
No, People Don’t Want More AI In Their Life ブログのファビコン Articles on Smashing Magazine — For Web Designers And Developers
Many companies assume everyone craves new AI features. But the reality is that most people don't want more AI — at least not in the way most AI leaders envision it. Brought to you by Design Patterns For AI Interfaces, **friendly video courses on UX** and design patterns by Vitaly.
1日前
記事のアイキャッチ画像
How Speechify serves 500,000 dynamic pages to 60 million users on Vercel ブログのファビコン Vercel News
Speechify on Vercel500,000+ pages served across 40+ languagesCut costs 50% by auto-scaling with Fluid computeZero user impact on bad deploys with Instant Rollbacks started as a tool for people with dyslexia. Cliff Weitzman, Founder & CEO, built it because reading was challenging and audio made it much easier. That initial use case led Speechify to tens of millions of users and an for inclusion. SpeechifyApple Design Award The product has since grown into something much larger: an AI work pla...
1日前
記事のアイキャッチ画像
個人でのAI活用の次に必要なものは何か──LINEヤフーでAIDD Workshopを開催して見えた、組織導入の条件 LINEヤフー Tech Blog (LY Corporation Tech Blog
こんにちは、井上です。LINEヤフーではこれまで、AI活用スキル向上ワークショップ「Orchestration Development Workshop(ODW)」を通じて、個人がAIを使いながら開発...
2日前
記事のアイキャッチ画像
FixCSS ブログのファビコン Master.dev Blog RSS Feed
There is a famous document from the CSS Working Group that lists the historical mistakes in the design of CSS. It contains stuff like how box-sizing: border-box; should have been the default, which is why a lot of us still put that in starter stylesheets. Declan Chidlow took a step I’ve never seen anyone take […]
2日前
記事のアイキャッチ画像
Contract-Driven Development: Write the Truth Once ブログのファビコン Ben Howdle
At some point in every codebase's life, you fix the same bug three times in one afternoon. Once in the TypeScript type. Once in the resolver. Once in the validation layer. Three commits, three little green ticks, an exhale-laden sense of accomplishment - and then, somewhere around the third coffee, the sinking realisation that the bug was never actually in the code. The bug was that the truth is fragmented across three places, and truths kept in three places do what all unsupervised triplets eve
2日前
記事のアイキャッチ画像
AI × Judgment × Taste = Mega Software ブログのファビコン @dlhck — David Höck
AI makes producing software easier than ever. The products that stand out will be shaped by judgment, taste, and a clear opinion about whom they serve.
2日前
記事のアイキャッチ画像
Implement Website Best Practices With Lighthouse ブログのファビコン DebugBear Blog
A guide to every audit in Lighthouse's Best Practices category and how to fix failures in order to reach a score of 100.
2日前
記事のアイキャッチ画像
Vercel Connect support in GitHub Tools ブログのファビコン Vercel News
now has first-class support for through the new subpath. Instead of storing a long-lived personal access token, your agent mints short-lived, scoped GitHub tokens at runtime from a connector. There is no secret to store, rotate, or leak.GitHub ToolsVercel Connect@github-tools/sdk/connectAttach a GitHub connector to your project and pick a preset:For custom tool factories, returns a lazy token provider you can pass to directly.connectGithubTokencreateGithubToolsGet started by creating a and readi
2日前
記事のアイキャッチ画像
Faster, predictable project linking in the Vercel CLI ブログのファビコン Vercel News
The now resolves your team before discovering projects, then searches for projects only in that team instead of sweeping every team you belong to. Linking is faster and more predictable, and every command that establishes a link (, , , , and ) follows the same flow:Vercel CLIvercel linkdeploypulldevgit connectFor CI and agent workflows, setting and makes fully promptless, while or settles the team on any command. When more than one team is available and no signal is set, non-interactive commands
2日前
記事のアイキャッチ画像
Inkling from Thinking Machines is now available on AI Gateway ブログのファビコン Vercel News
is now available on AI Gateway.Inkling from Thinking MachinesInkling is a broad generalist model, trained across agentic, reasoning, coding, instruction-following, factuality, vision, and audio tasks rather than optimized for a single domain. The model also supports controllable thinking effort.To use Inkling, set to in the :modelthinkingmachines/inklingAI SDKAI Gateway provides a unified API for calling models, tracking usage and cost, and configuring retries, failover, and performance optimiza
2日前
記事のアイキャッチ画像
Vercel Workflows trace viewer now has a minimap ブログのファビコン Vercel News
The trace viewer for now has a minimap that shows the entire run in one view.Vercel WorkflowsDrag the viewport to pan, resize it to zoom, or drag across the minimap to select a new section. Click anywhere on the minimap to jump to that point, or scroll and use arrow keys to step through the run.The minimap is available in the trace viewer on Vercel and locally through the Workflow SDK with . Learn more about and the .npx workflow@beta webVercel WorkflowsWorkflow SDKRead more
2日前
記事のアイキャッチ画像
Chat SDK adds Discord Components V2 support ブログのファビコン Vercel News
You can now send Discord bot messages with , an opt-in layout system that treats text, images, files, and buttons as flexible components you can arrange in any order.Components V2Set the adapter's option to and cards render with native containers, sections, media galleries, separators, buttons, and string selects. Embeds remain the default, so existing bots work unchanged.contentFormatComponentsV2Individual sections can carry their own actions, markdown renders correctly inside components, and t
2日前
記事のアイキャッチ画像
Nx 23.1 Is Here: Per-Run Performance Reports, TypeScript 6, and Angular 22 ブログのファビコン Nx Blog
Everything that landed in Nx 23.1: a performance report at the end of every run, TypeScript 6, Angular 22 support, mouse support in the terminal UI, and more flexible target defaults.
2日前
記事のアイキャッチ画像
Quoting GitHub Changelog Simon Willison's Weblog
<blockquote cite="https://github.blog/changelog/2026-07-14-dependabot-version-updates-introduce-default-package-cooldown/"><p>Dependabot now waits until a new release has been available on its registry for at least three days before opening a version update pull request. This cooldown is now the default and requires no configuration.</p></blockquote><p class="cite">— <a href="https://github.blog/changelog/2026-07-14-dependabot-version-updates-introduce...
2日前
記事のアイキャッチ画像
simonw/pedalican Simon Willison's Weblog
<p><strong><a href="https://github.com/simonw/pedalican">simonw/pedalican</a></strong></p>Clearly I wasn't paying attention when these were <a href="https://twitter.com/OpenAIDevs/status/2050301642717950166">first announced</a> back in May, but today I accidentally activated a "pet" in Codex Desktop - a little animated robot, reminiscent of <a href="https://en.wikipedia.org/wiki/Office_Assistant">Clippy</a> - and then learned you can c...
2日前
記事のアイキャッチ画像
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload ブログのファビコン Socket
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
2日前
記事のアイキャッチ画像
lobste.rs is now running on SQLite Simon Willison's Weblog
<p><strong><a href="https://lobste.rs/s/ko1ji1/lobste_rs_is_now_running_on_sqlite">lobste.rs is now running on SQLite</a></strong></p>Community site <a href="https://lobste.rs">Lobsters</a> has been planning a migration away from MariaDB <a href="https://github.com/lobsters/lobsters/issues/539#issuecomment-4959857588">since August 2018</a> - originally targeting PostgreSQL, but last year they decided to <a href="https://github.com/l...
2日前
記事のアイキャッチ画像
Quoting Armin Ronacher Simon Willison's Weblog
<blockquote cite="https://lucumr.pocoo.org/2026/7/13/the-tower-keeps-rising/"><p>The shared language of a software project is not English or Python but it is the common understanding of what its concepts mean, where the boundaries are, which invariants matter, who owns what, and why the system has the shape it does. This language is rarely written down in one place. It lives partly in documentation and code, but also in code review, conversations, arguments, and the experience of ha...
2日前
記事のアイキャッチ画像
datasette 1.0a37 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/datasette/releases/tag/1.0a37">datasette 1.0a37</a></p> <p>A minor release. Performance and <a href="https://docs.datasette.io/en/latest/authentication.html#authentication-permissions-explained">documentation</a> improvements to the permissions system, plus I reverted a cosmetic API change which caused almost every existing plugin test suite to break.</p> <p>Tags: &l...
2日前

7/14 (火)

記事のアイキャッチ画像
The practical checklist for defending against supply chain attacks ブログのファビコン Aikido Security's Blog
Thirty prioritized defenses against the recent wave of software supply chain attacks. Graded critical, high, or medium. Category: Guides & Best Practices
2日前
記事のアイキャッチ画像
A broken DNSSEC rollover took down .al. Now 1.1.1.1 tells you when validation is bypassed ブログのファビコン The Cloudflare Blog
When a failed DNSSEC key rollover took down the .al TLD, we deployed a Negative Trust Anchor to restore resolution. This time, though, clients didn't have to take our word for it: 1.1.1.1 returned EDE 33, a new DNS error code that signals directly in the response that DNSSEC validation was bypassed.
2日前
記事のアイキャッチ画像
Speeding Up Checkout in a Fast-Growing Monorepo with Blacksmith ブログのファビコン Nicolas Charpentier's Blog
We swapped actions/checkout for Blacksmith's cached checkout across our GitHub Actions. Mean checkout time dropped from 69s to 20s, reclaiming ~33 hours of runner time each weekday.
2日前
記事のアイキャッチ画像
AsyncAPI npm packages backdoored via GitHub Actions ブログのファビコン Aikido Security's Blog
Five package versions, including specs at roughly 2 million weekly downloads, shipped an obfuscated dropper on 2026-07-14. Here is what we have confirmed so far.Category: Vulnerabilities & Threats
2日前
記事のアイキャッチ画像
Compromised npm Packages in the AsyncAPI Namespace Deliver Miasma Botnet Loader ブログのファビコン Socket
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.
2日前
記事のアイキャッチ画像
ID-JAG The Hard Way:失敗から学ぶAIエージェントのセキュリティハンズオン LINEヤフー Tech Blog (LY Corporation Tech Blog
こんにちは。LINEヤフー株式会社で認証・認可基盤「Athenz」の開発・運用を担当している金 廷祐(Kim, Jeongwoo)です。前回の記事「AI時代の認証課題を解決する次世代標準候補「ID-J...
3日前
記事のアイキャッチ画像
Using uvx in GitHub Actions in a cache-friendly way Simon Willison's Weblog
<p><strong>TIL:</strong> <a href="https://til.simonwillison.net/github-actions/uvx-github-actions-cache">Using uvx in GitHub Actions in a cache-friendly way</a></p> <p>I finally found a cache-friendly recipe for using <code>uvx tool-name</code> in GitHub Actions workflows that I like.</p><p>The trick is setting a <code>UV_EXCLUDE_NEWER: "2026-07-12"</code> environment variable at the start of the workflow and then usi...
3日前
記事のアイキャッチ画像
The joy of Inertia Rails: painting your own with 50 happy little lines ブログのファビコン Evil Martians
Inertia is Turbolinks with one twist: render JSON instead of HTML on the second visit. We rebuild the whole protocol on a real Rails app with a 50-line client and a 16-line server, then audit what the real gem adds on top.
3日前
記事のアイキャッチ画像
Vercel Blob now supports consistent reads on private storage ブログのファビコン Vercel News
now supports consistent reads on private storage. Pass to or for a read that reflects the latest write.Vercel BlobuseCache: falseget()presignUrl()A blob written to a fresh pathname has no existing cached entry, so reads reflect the latest write immediately. When you overwrite a blob at an existing pathname, readers might see the cached version for up to 60 seconds. When a read must reflect the latest write, like an agent's memory file, a session transcript, or a scheduled JSON report, pass . The
3日前
記事のアイキャッチ画像
Vercel Plugin now available in VS Code and GitHub Copilot CLI ブログのファビコン Vercel News
The is now available in VS Code and the GitHub Copilot CLI.Vercel PluginGitHub Copilot now has Vercel platform knowledge on demand, with skills for Next.js, AI SDK, Vercel Functions, and more. The Vercel plugin also helps Copilot stay up to date with the latest Vercel APIs and recommended patterns.To install it for Copilot Chat, search for in the Extensions panel in VS Code.@agentPlugins vercelTo install it for the GitHub Copilot CLI, run .npx plugins add vercel/vercel-pluginLearn more in the .V
3日前
記事のアイキャッチ画像
Node.js 20 is being deprecated on October 1, 2026 ブログのファビコン Vercel News
Following the Node.js 20 end of life on April 30, 2026, we are deprecating Node.js 20 for Builds and Functions on October 1, 2026.How can I see which of my projects are affected?You can see which of your projects are affected by this deprecation with:Will my existing deployments be affected?No, existing deployments with Serverless Functions Invocations to already-deployed functions will continue to work normally. Only new deployments will be affected.will not be affected.When will I no longer be
3日前
記事のアイキャッチ画像
Endform joins the Vercel Marketplace ブログのファビコン Vercel News
is now available on the . It runs your Playwright tests in parallel, so your suite finishes in the time of your slowest test.EndformVercel MarketplaceKey capabilities:Install Endform on the or with the Vercel CLI: .Vercel Marketplacevc i endformRead moreRun every test on its own isolated machineBring your existing Playwright tests with no config changesGet a pass/fail on every production and preview deployment, linked to full traces in the Endform dashboardcheckSpot flaky tests by tracking resul
3日前
記事のアイキャッチ画像
AgentMail joins the Vercel Marketplace ブログのファビコン Vercel News
You can now provision and manage directly from the Vercel Marketplace. AgentMailYour AI agents can send, receive, and respond to email from a real inbox. AgentMail handles the mail servers and deliverability.Key capabilities:Install AgentMail on the or with the Vercel CLI: .Vercel Marketplacevc i agentmailRead moreProvision inboxes and custom domains through the APIHandle threads, attachments, and deliverability out of the boxTrigger agentic workflows using webhooks and WebSockets
3日前
記事のアイキャッチ画像
Chat SDK adds X adapter support ブログのファビコン Vercel News
Chat SDK now supports X, extending its single-codebase approach to Slack, Discord, GitHub, Teams, Telegram, and WhatsApp with the new .X adapterTeams can build bots that reply to public mentions and hold direct message conversations through the X API v2 and the . The adapter handles CRC verification and webhook signature checks automatically and can manage OAuth token refresh for long-running bots.X Activity APILikes are the only supported reaction, and responses post once on completion since X
3日前
記事のアイキャッチ画像
Access and share AI Gateway leaderboard data ブログのファビコン Vercel News
We are making the data behind the open under the . You can now download or query the data through the API endpoint and render any chart as a shareable image.AI Gateway leaderboardsCC BY 4.0 licenseleaderboard-exportThe AI Gateway leaderboards show how AI is used in production, ranking traffic for models, labs, apps, and providers. Data is aggregated daily across trillions of tokens, so you can see what gets adopted and how that changes over time. For deeper analysis, see the .July AI Gateway Pro
3日前
記事のアイキャッチ画像
DOOMQL Simon Willison's Weblog
<p><strong><a href="https://github.com/petergpt/doomql">DOOMQL</a></strong></p>Peter Gostev built this using GPT-5.6 Sol. This is a <em>lot</em> of fun: </p><blockquote><p>DOOMQL started with a deliberately unreasonable question: what if SQLite were the game engine, not merely the place where a game stores data?</p><p>The result is a small, original Doom-like game in which SQL owns movement, collision, enemies, combat...
3日前
記事のアイキャッチ画像
How Aikido Intel detects malware and vulnerabilities first ブログのファビコン Aikido Security's Blog
Aikido Intel is a real-time feed that catches malware and undisclosed vulnerabilities across open-source ecosystems, often within 8 minutes of release.Category: Product & Company Updates
3日前
記事のアイキャッチ画像
datasette code-frequency chart on GitHub Simon Willison's Weblog
<p><strong><a href="https://github.com/simonw/datasette/graphs/code-frequency">datasette code-frequency chart on GitHub</a></strong></p>Out of curiosity I decided to see if I could find a useful illustration of the impact of coding agents and Opus 4.5 class models on my own output. The best I've found so far is this GitHub chart of frequency of code changes to my <a href="https://datasette.io/">Datasette</a> open source project:</p><p>...
3日前
記事のアイキャッチ画像
In-N-Out Animation using sibling-index() ブログのファビコン Master.dev Blog RSS Feed
Temani mimics a View Transition by placing items using their index and translations. The placement calculation change when the index changes, which is an animation opportunity!
3日前
記事のアイキャッチ画像
What is a dependency firewall? ブログのファビコン Aikido Security's Blog
A dependency firewall blocks malicious open-source packages before they install. Learn how they work and how Aikido Safe Chain stops supply chain attacks. Category: Guides & Best Practices
3日前

7/13 (月)

記事のアイキャッチ画像
Introducing Precursor: detecting agentic behavior with continuous client-side signals ブログのファビコン The Cloudflare Blog
Precursor, our new continuous behavioral validation engine for bot management, offers visibility into how humans and bots actually interact across the full user journey. By turning session-level behavior into bot detection signals, it identifies advanced automation with higher precision — while reducing friction for legitimate users.
3日前
記事のアイキャッチ画像
Open-weight models surge to 29% of volume, price per token flattens ブログのファビコン Vercel News
AI Gateway Production Index — July 2026 Every month, routes tens of trillions of tokens between production applications and AI labs, giving us a view of what AI usage actually looks like in today’s enterprise. We publish that view here. See the Production Index reports published in and .AI GatewayMayJuneThe July index reports on AI Gateway data collected in June 2026. In June, token volume and spend grew at nearly the same rate, 29% and 27%, while the price per token remained steady. The month b
3日前
記事のアイキャッチ画像
AI 時代に増え続ける「作業状態の管理負荷」を、GTD × AI エージェントで軽くする LINEヤフー Tech Blog (LY Corporation Tech Blog
LINE アプリ開発に携わっている Hiraki と申します。普段は、LINE アプリにおけるアーキテクチャの統一を推進するプロジェクトのリードや、AI ネイティブな開発スタイルを業務に組み込むための...
4日前
記事のアイキャッチ画像
How to maintain code quality standards with AI code and vibe coding ブログのファビコン Aikido Security's Blog
Vibe coding ships features fast and leaves review debt behind. See how benchmarked, per-rule code quality checks give teams one consistent answer across PRs and repos.Category: News
4日前
記事のアイキャッチ画像
Agent Runs now show subagent activity on eve projects ブログのファビコン Vercel News
You can now inspect subagent activity for eve projects in . Agent RunsThe new Subagents tab shows every subagent, organized by which turn started it. Each row shows the prompt, duration, and any failures, all on a shared timeline.Click any subagent to open its run. The tab shows the same details as a parent run: turns, tool calls, metadata, cost, and token usage.Open to try it, or read the to learn more.Agent RunsdocumentationRead more
4日前
記事のアイキャッチ画像
Manage Vercel Flags targeting rules from the CLI ブログのファビコン Vercel News
You can now manage targeting rules for through the . With the command, you and your agents can add new rules, move existing ones, and inspect the current ordering without leaving your terminal.Vercel FlagsVercel CLIvercel flags rulesRules you create from the CLI use the same model as the dashboard. Conditions can target or reusable , outcomes can serve a single variant, a weighted split, or a progressive rollout, and rules evaluate top to bottom. For scripts and agents, prints the full rule set.
4日前
記事のアイキャッチ画像
Configure which sources can create deployments with Deployment Policies ブログのファビコン Vercel News
Deployment Policies are now available and enable teams to restrict which mechanisms, organizations, and repositories are allowed to create deployments.Each policy can be configured per environment at the team and project level, allowing flexible combinations of rules.Learn more about .Deployment PoliciesRead more
4日前
記事のアイキャッチ画像
Web Analytics and Speed Insights are now more cost-efficient ブログのファビコン Vercel News
and are now almost 10% more cost-efficient for all Pro and Enterprise teams.Web AnalyticsSpeed InsightsInfrastructure and event-processing improvements reduced cost across both products, so page views, referrers, top routes, and Core Web Vitals are now processed more efficiently, and savings scale with your event volume.The change applies automatically, with no configuration, plan changes, or code to update. You'll see the change reflected on your next bill.Learn more in the and documentation.We
4日前
記事のアイキャッチ画像
Directly Responsible Individuals (DRI) Simon Willison's Weblog
<p><strong><a href="https://handbook.gitlab.com/handbook/people-group/directly-responsible-individuals/">Directly Responsible Individuals (DRI)</a></strong></p>I went looking for a definition of "Directly Responsible Individuals" and the best I found was in the GitLab handbook. Apparently the term originated at Apple, where it's used to describe the person who is "ultimately accountable for the success or failure of a specific project, initiative, or activity...
4日前
記事のアイキャッチ画像
shot-scraper 1.11 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/shot-scraper/releases/tag/1.11">shot-scraper 1.11</a></p> <p>Some minor improvements, mainly around command option consistency and making the <code>server:</code> mechanism <a href="https://shot-scraper.datasette.io/en/stable/multi.html#running-a-server-for-the-duration-of-the-session">used by</a> both <code>shot-scraper video</code> and <code>shot-...
4日前
記事のアイキャッチ画像
Fable gets another bump Simon Willison's Weblog
<p>One of the consequences of GPT-5.6 Sol being clearly a Fable/Mythos class model is that Anthropic have, once again, <a href="https://x.com/claudeai/status/2076351399999557669">bumped the date</a> that Fable stops being available in their Claude Max plans:</p><blockquote><p>We're extending Claude Fable 5 access on all paid plans, as well as keeping Claude Code’s weekly rate limits 50% higher, through July 19.</p><p>As before, you can use up to h...
4日前
記事のアイキャッチ画像
sqlite-utils 4.1.1 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/sqlite-utils/releases/tag/4.1.1">sqlite-utils 4.1.1</a></p> <p>Mainly a fix for an edge case that regular Claude chat spotted while <a href="https://claude.ai/share/564b187d-d126-47ea-9b59-07c16ade0b70">experimenting with the 4.1 release</a> to answer a question about ON DELETE.</p><blockquote><ul><li><code>table.transform()</code> now raises ...
4日前
記事のアイキャッチ画像
jscrambler npm package publishes malicious preinstall binary ブログのファビコン Step Security Blog
On July 11, 2026, version 8.14.0 of jscrambler was published to npm carrying a malicious preinstall hook that drops and executes a platform-specific native binary on Linux, Windows, and macOS. jscrambler is the official CLI client for the Jscrambler Code Integrity API, a commercial JavaScript obfuscation and web-app protection service, with a clean version history dating back to 0.1.0. The compromised release was flagged by StepSecurity's AI Release Analyzer with a suspicion score of 0 (the maxi
4日前
記事のアイキャッチ画像
Injective npm Supply Chain Attack: 18 Packages Backdoored to Steal Crypto Wallet Keys ブログのファビコン Step Security Blog
On July 8, 2026, attackers used access to a trusted developer's account to slip a backdoor into a widely used software development kit for the Injective blockchain. Disguised as harmless analytics, the code quietly captured wallet recovery phrases and private keys and sent them to an attacker-controlled server the moment a wallet was created or loaded. Automatic publishing pushed the tainted code out to 18 related packages within minutes, and it stayed live for less than an hour before being pul
4日前
記事のアイキャッチ画像
GitHub Secret Scanning Public Monitoring for Enterprises: Coverage and Gaps ブログのファビコン Step Security Blog
GitHub's new public monitoring finds your enterprise's leaked secrets anywhere on github.com. Here is what it covers, what it cannot see, and how to close the exfiltration gap
4日前

7/12 (日)

記事のアイキャッチ画像
sqlite-utils 4.1 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/sqlite-utils/releases/tag/4.1">sqlite-utils 4.1</a></p> <p>The first dot-release since <a href="https://simonwillison.net/2026/Jul/7/sqlite-utils-4/">4.0 a few days ago</a>, introducing a number of minor new features.</p><blockquote><ul><li><code>sqlite-utils insert</code> and <code>sqlite-utils upsert</code> now accept a <code&...
5日前
記事のアイキャッチ画像
jscrambler npm Package Compromised in Supply Chain Attack ブログのファビコン Socket
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
5日前
記事のアイキャッチ画像
The Siren Song of ariaNotify() ブログのファビコン Master.dev Blog RSS Feed
Mat Marquis details the good-and-dangerous of a new method which we can just make a screenreader say something. There’s a brand new ariaNotify() method — defined by the Accessible Rich Internet Applications (WAI-ARIA) 1.3 Specification — that provides you with a means of programmatically triggering narration in a screen reader. It accepts a string as its first argument, and […]
5日前

7/11 (土)

記事のアイキャッチ画像
Next.js の Instant Navigations を試してみた ブログのファビコン azukiazusa のテックブログ2
Next.js 16.3 Preview では、Instant Navigations という新機能が導入されました。画面遷移で即時表示できない箇所を開発時に検出し、修正を促すための機能です。この記事では Instant Navigations を実際に試してみた様子を紹介します。
6日前
記事のアイキャッチ画像
Prefer STRICT tables in SQLite Evan Hahn (dot com)
In short: I prefer strict tables in SQLite because they avoid some datatype problems, such as putting text in number columns.SQLite has a feature that I think is underrated: strict tables. Strict tables help enforce rigid typing, preventing mistakes like putting text into integer columns. I like them, and wrote this post to promote their use!To make a strict table, add STRICT to the end of its definition. Like this:-CREATE TABLE people (name TEXT);+CREATE TABLE people (name TEXT) STRICT;That’s i
6日前
記事のアイキャッチ画像
Seedream 5.0 Pro is now available on AI Gateway ブログのファビコン Vercel News
Seedream 5.0 Pro is now available on .AI GatewaySeedream 5.0 Pro is an image generation and editing model. It generates images from text, rendering text without spelling errors and following typographic rules, and produces dense infographics with charts, timelines, and layouts alongside realistic imagery.To use Seedream 5.0 Pro, set to in the :modelbytedance/seedream-5.0-proAI SDKAI Gateway provides a unified API for calling models, tracking usage and cost, and configuring retries, failover, and
6日前
記事のアイキャッチ画像
Quoting Nilay Patel Simon Willison's Weblog
<blockquote cite="https://youtu.be/v4vkwUf4AMw?t=2427"><p>The reality is to make augmented reality glasses, you need to put a camera next to your eyes that is continuously recording everything you see and processing that to put information over it.</p><p>There is not another way around it. And there's certainly not a chip that can fit in the stem of a glasses that is both powerful enough and power miserly enough to do that in real time.</p><p>You have to send...
6日前
記事のアイキャッチ画像
Better tools made Copilot code review worse. Here’s how we actually improved it. ブログのファビコン The GitHub Blog
How migrating Copilot code review to shared Unix-style code exploration tools reduced review cost by reshaping agent workflows around pull request evidence.The post Better tools made Copilot code review worse. Here’s how we actually improved it. appeared first on The GitHub Blog.
6日前
記事のアイキャッチ画像
Traces now support Tree and Waterfall views ブログのファビコン Vercel News
now support Tree and Waterfall views. See span hierarchy, critical path, and timing without leaving the log entry.Traces in Vercel LogsThe Tree view groups spans by parent and child. On load, spans are sorted by duration so the slowest appear first.The Waterfall view places every span on one chronological axis, showing what ran in parallel and where time was lost.Read the to learn more.Tracing documentationRead more
6日前

7/10 (金)

記事のアイキャッチ画像
From Kickoff To First Concept: How To Turn Brand Strategy Into Visual Direction ブログのファビコン Articles on Smashing Magazine — For Web Designers And Developers
The strongest visual concepts don’t start in Figma. They start with the right questions. Explore the pre-concept phase of brand identity design, where teams research brand context, uncover hidden assumptions with stakeholders, and turn shared direction into a visual foundation before a single concept is created.
6日前
記事のアイキャッチ画像
Improving Smart Tiered Cache for Public Cloud Regions ブログのファビコン The Cloudflare Blog
Smart Tiered Cache allows for precise upper tier selection for origins hosted on AWS, GCP, Azure, and Oracle Cloud with customer-provided cloud region hints.
6日前
記事のアイキャッチ画像
The Index: Issue #190 ブログのファビコン Piccalilli - Everything
Code TV: The best landing page everWe very rarely share video content, but this episode was an absolute delight to watch. They're running a hackathon too which is well worth checking out.New Game+Mat has not given up and nor should you!Kyroh fontDan Cederholm has brought out yet another affordable, and very nice font.Time-based background colour transitions with Temporal and CSS color-mixThere's been so much dry content about Temporal so far but Sophie Koonin has written about a nice creative us
6日前
記事のアイキャッチ画像
Quoting OpenAI Simon Willison's Weblog
<blockquote cite="https://help.openai.com/en/articles/20001275-chatgpt-work-and-codex"><p>[...] Work on web and mobile runs in the cloud. Work in the desktop app can also use local files and desktop apps with your permission. At launch, cloud Work conversations do not appear in desktop Work; desktop Work threads and local files remain on that computer.</p></blockquote><p class="cite">— <a href="https://help.openai.com/en/articles/20001275-chatgpt-work-...
7日前
記事のアイキャッチ画像
動画広告の配信基盤におけるImpressionログの処理遅延の原因調査と改善 ブログのファビコン CyberAgent Developers Blog | サイバーエージェント デベロッパーズブログ
はじめに こんにちは!同志社大学大学院 修士 1年の近藤 大輔です。 2026年6月3日 〜 6月3 ...
7日前
記事のアイキャッチ画像
ABEMAの課金導線を壊さずに運用負荷を改善する ブログのファビコン CyberAgent Developers Blog | サイバーエージェント デベロッパーズブログ
はじめに 2026年6月に約3週間、CA Tech Jobに参加しました、早稲田大学基幹理工学部情報 ...
7日前
記事のアイキャッチ画像
ESLint v9.39.5 released ブログのファビコン ESLint Blog
HighlightsThis release backports a fix originally released in v10.3.0 that prevents ESLint from crashing in host environments where require.cache is unavailable, such as Yarn Plug’n’Play.Bug Fixes253be16 fix: handle unavailable require cache (backport of #20812 to v9.x) (#21065) (Eric)Documentation74930ed docs: switch build to Node.js 24 (#20894) (Milos Djermanovic)eaec8bb docs: Add ESLint v9.x EOL notice (#20828) (Milos Djermanovic)Chores458205f chore: update @eslint/eslintrc and @eslint/js for
7日前
記事のアイキャッチ画像
ESLint v10.7.0 released ブログのファビコン ESLint Blog
HighlightsNew option checkConstructorCallCallbacks in max-nested-callbacksThe max-nested-callbacks rule now supports a checkConstructorCallCallbacks option.When enabled, the rule also counts callback functions passed to constructor calls with new, such as new Promise((resolve) => {}), when calculating nesting depth.For example, with { "max": 1, "checkConstructorCallCallbacks": true }, the rule reports the following code as exceeding the allowed callback nesting depth:run(() => { new Promis...
7日前
記事のアイキャッチ画像
Hot Potato: How Projects Actually Get Shipped ブログのファビコン Ben Howdle
There's a game you play as a kid - music plays, a potato gets passed around the circle (ours was a beanbag, I think, or somebody's shoe - the potato was always theoretical), and the only rule anyone actually remembers is that you do not want to be the one holding it when the music stops. That's it. Fifteen years of shipping software - startups, banks, tax systems, and now a large government data platform - and the most useful delivery framework I've found is a children's party game. Never be the
7日前
記事のアイキャッチ画像
Fake Braintree NuGet Package Skims Credit Cards and Harvests Merchant Credentials ブログのファビコン Socket
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.
7日前
記事のアイキャッチ画像
The new GPT-5.6 family: Luna, Terra, Sol Simon Willison's Weblog
<p>OpenAI's latest flagship model <a href="https://openai.com/index/gpt-5-6/">hit general availability this morning</a>, and comes in three sizes: Luna, Terra, and Sol (from smallest to largest).</p><p>The new models are priced per 1M input/output tokens as Luna $1/$6, Terra $2.50/$15, Sol $5/$30. For comparison, the Claude Opus series are $5/$25 and the Claude Fable 5 is $10/$50, but price-per-million tokens doesn't tell us much now that the number of reasoning to...
7日前
記事のアイキャッチ画像
How GitHub gave every repository a durable owner ブログのファビコン The GitHub Blog
GitHub had over 14,000 repositories. Fewer than half had clear ownership. Here's how we gave every active repository a validated owner in under 45 days, archived the rest, and made ownership the foundation for everything that followed.The post How GitHub gave every repository a durable owner appeared first on The GitHub Blog.
7日前
記事のアイキャッチ画像
Introducing Muse Spark 1.1 Simon Willison's Weblog
<p><strong><a href="https://ai.meta.com/blog/introducing-muse-spark-meta-model-api/">Introducing Muse Spark 1.1</a></strong></p>Following <a href="https://simonwillison.net/2026/Apr/8/muse-spark/">Muse Spark in April</a>, here's Muse Spark 1.1 - the first Spark model to offer an API. Meta claim significant improvements in agentic tool calling and computer use.</p><p>There are a lot more details are in the <a href="https://ai.meta.co...
7日前
記事のアイキャッチ画像
llm-meta-ai 0.1 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/llm-meta-ai/releases/tag/0.1">llm-meta-ai 0.1</a></p> <p>Let's LLM run prompts against the new <a href="https://ai.meta.com/blog/introducing-muse-spark-meta-model-api/">muse-spark-1.1</a> model.</p> <p>Tags: <a href="https://simonwillison.net/tags/llm">llm</a>, <a href="https://simonwillison.net/tags/meta">meta</a></p>
7日前
記事のアイキャッチ画像
llm 0.31.1 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/llm/releases/tag/0.31.1">llm 0.31.1</a></p> <blockquote><ul><li>Fix for a bug with OpenAI Chat Completion endpoints where a tool call with empty arguments could result in a JSON error from some providers. <a href="https://github.com/simonw/llm/issues/1521">#1521</a></li></ul></blockquote><p>This bug came up when I was testing <a href="https...
7日前