株式会社はてなに入社しました 株式会社はてなに入社しました - hitode909の日記

Claude Code のスキルが数十個に増えてきたのですが、全員に一律で適用されるのがつらくなってきたので、Plugin Marketplace を使ってオプトイン配布に移行しました。 スキルが増えると何が起きるか Claude Code のスキルは .claude/skills/ に配置すると、リポジトリを開いた全員に適用されます。数個なら問題ないのですが、数十個に増えてくるとスキルの description マッチングで意図しないスキルまで発火するようになってきました。QA 向けのスキルがバックエンドエンジニアの作業中に反応したり、フロントエンド向けのスキルがインフラの作業で発火したりと…

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-extract/releases/tag/0.3a0">datasette-extract 0.3a0</a></p> <blockquote><ul><li>This plugin now uses <a href="https://github.com/datasette/datasette-llm">datasette-llm</a> to configure and manage models. This means it's possible to <a href="https://github.com/datasette/datasette-enrichments-llm/blob/0.2a0/README.md#configuration">specify which mode...

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-enrichments-llm/releases/tag/0.2a0">datasette-enrichments-llm 0.2a0</a></p> <blockquote><ul><li>This plugin now uses <a href="https://github.com/datasette/datasette-llm">datasette-llm</a> to configure and manage models. This means it's possible to <a href="https://github.com/datasette/datasette-enrichments-llm/blob/0.2a0/README.md#configuration">sp...

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-llm-usage/releases/tag/0.2a0">datasette-llm-usage 0.2a0</a></p> <blockquote><ul><li>Removed features relating to allowances and estimated pricing. These are now the domain of <a href="https://github.com/datasette/datasette-llm-accountant">datasette-llm-accountant</a>.</li><li>Now depends on <a href="https://github.com/datasette/datasette-l...

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-llm/releases/tag/0.1a5">datasette-llm 0.1a5</a></p> <blockquote><ul><li>The <code>llm_prompt_context()</code> plugin hook wrapper mechanism now tracks prompts executed within a chain as well as one-off prompts, which means it can be used to track tool call loops. <a href="https://github.com/datasette/datasette-llm">#5</a></li></ul&gt...

<blockquote cite="https://www.greptile.com/blog/ai-slopware-future"><p>I want to argue that AI models will write good code because of economic incentives. Good code is cheaper to generate and maintain. Competition is high between the AI models right now, and the ones that win will help developers ship reliable features fastest, which requires simple, maintainable code. Good code will prevail, not only because we want it to (though we do!), but because economic forces demand it. Mark...

こんにちは。LINEヤフー株式会社で認証・認可基盤Athenzの開発・運用を担当している金 廷祐（Kim, Jeongwoo）です。この記事では、AIエージェントがさまざまなサービスと連携する際のトー...

We analyzed 1,140 early-stage funding rounds in developer tools, cybersecurity, and infrastructure from January 2025 through March 2026. Here are the top VCs and investors writing checks, the metrics that got companies funded, and the exact person to email based on what you're building.

This month, a new best practices guide was added to the Svelte docs. Check it out, if you haven't already!On the code side, the Svelte MCP got even easier to use with improvements to the official OpenCode package. Combined with the improvements to svelte.config.js, server-side error boundaries in SvelteKit and better types all around, this month is full of great improvements!As always, there's plenty in the showcase too!What's new in Svelte and SvelteKitMCP: Svelte's OpenCode config can now be f

<p><strong><a href="https://socket.dev/blog/axios-npm-package-compromised">Supply Chain Attack on Axios Pulls Malicious Dependency from npm</a></strong></p>Useful writeup of today's supply chain attack against Axios, the HTTP client NPM package with <a href="https://www.npmjs.com/package/axios">101 million weekly downloads</a>. Versions <code>1.14.1</code> and <code>0.30.4</code> both included a new dependency called <co...

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-llm/releases/tag/0.1a4">datasette-llm 0.1a4</a></p> <blockquote><ul><li>Ability to <a href="https://github.com/datasette/datasette-llm/blob/0.1a4/README.md#model-references-with-custom-api-keys">configure different API keys for models based on their purpose</a> - for example, set it up so enrichments always use <code>gpt-5.4-mini</code> with ...

<p><strong>Release:</strong> <a href="https://github.com/simonw/llm-all-models-async/releases/tag/0.1">llm-all-models-async 0.1</a></p> <p>LLM plugins can define new models in both <a href="https://llm.datasette.io/en/stable/plugins/tutorial-model-plugin.html">sync</a> and <a href="https://llm.datasette.io/en/stable/plugins/advanced-model-plugins.html#async-models">async</a> varieties. The async variants are most common for API-b...

<p><strong>Release:</strong> <a href="https://github.com/simonw/llm/releases/tag/0.30">llm 0.30</a></p> <blockquote><ul><li>The <a href="http://llm.datasette.io/en/stable/plugins/plugin-hooks.html#plugin-hooks-register-models">register_models() plugin hook</a> now takes an optional <code>model_aliases</code> parameter listing all of the models, async models and aliases that have been registered so far by other plugins...

Today, alongside our colleagues at Google and Mozilla, we announced JetStream 3.0, a major update to the cross-browser benchmark suite.

<p><strong>Release:</strong> <a href="https://github.com/simonw/llm-echo/releases/tag/0.4">llm-echo 0.4</a></p> <blockquote><ul><li>Prompts now have the <code>input_tokens</code> and <code>output_tokens</code> fields populated on the response.</li></ul></blockquote> <p>Tags: <a href="https://simonwillison.net/tags/llm">llm</a></p>

I used coding agents to build agents that automated part of my job. Here's what I learned about working better with coding agents.The post Agent-driven development in Copilot Applied Science appeared first on The GitHub Blog.

There is a category of apps that help record short-form videos, mostly screencasts. For those of you who work on products that you need to showcase/teach people how to use, video can be super effective. Here’s a list of the ones I’ve seen for reference: I’ve been trying them out for videos like this, but […]

<p><strong>Release:</strong> <a href="https://github.com/simonw/llm-echo/releases/tag/0.3">llm-echo 0.3</a></p> <blockquote><ul><li>Mechanisms for <a href="https://github.com/simonw/llm-echo/blob/0.3/README.md#tool-calling">testing tool calls</a>. #3</li><li>Mechanism for <a href="https://github.com/simonw/llm-echo/blob/0.3/README.md#raw-responses">testing raw responses</a>. #4</li><li>New <...

Short n’ sweet but ever so neat, this issue covers light/dark favicons, @mixin, anchor-interpolated morphing, object-view-box, new web features, and more.What’s !important #8: Light/Dark Favicons, @mixin, object-view-box, and More originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Magic Transit customers can now program their own DDoS mitigation logic and deploy it across Cloudflare’s global network. This enables precise, stateful mitigation for custom and proprietary UDP protocols.

With the new month just around the corner, could there be a better occasion to freshen up your desktop? If you’re looking for some unique and inspiring wallpapers to accompany you on all those adventures that April may bring — and maybe spark some new ideas, too — well, this post has got you covered.

Codex プラグインを使用すると、Claude Code から Codex を呼び出してコードレビューをしたり、タスクを委任するといったことが簡単にできるようになります。この記事では、Codex プラグインの使用方法と、どのような方法で Codex を呼び出しているのかといった内部の仕組みについて紹介します。

「カミナシ レポート」の開発・運用をしている、AWS インフラが得意な Security Engineering の furuya です（属性過多）。妙に流行り物に乗っかるときがあるのですが、「超かぐや姫!」を見てきました。よかったです。それはさておき今回は「カミナシ レポート」の開発におけるセキュリティ向上施策のお話です。 カミナシでは開発チームに Security Engineer を派遣する取り組みがあります。 kaminashi-developer.hatenablog.jp 気がつけば、この記事の公開から1年が経過していました。ここでそれを振り返ってみたいと思います。 サービスにおけ…

話すこと LLM プロバイダー（Azure OpenAI / Vertex AI / Anthrop ...

こんにちは！ サイボウズ株式会社 デザインテクノロジストの saku (@sakupi01) です。 はじめにサイボウズは 2025 年 4 月より、W3C のメンバーに加入しました。https://blog.cybozu.io/entry/joining-w3c標準化プロセスに関わることができるようになるための最初の一歩として、フロントエンドエンジニアの一部のメンバーは積極的に Web 標準のキャッチアップを行っています。そこで、毎月メンバーが興味を持った Web 標準に関する話題や、実際に標準化プロセスに関わることができた場合にはその報告などを 1 つの記事としてまとめ、...

A supply chain attack on Axios introduced a malicious dependency, [email protected], published minutes earlier and absent from the project’s GitHub releases.

こんにちは。 AI 事業本部 AI クリエイティブカンパニー BPO 事業部のエンジニアの佐藤 (@ ...

こんにちは。LINEヤフー研究所の大神と田口です。パスワードを使わない認証方法として、「パスキー（Passkey）」を目にする機会が増えてきました。パスキーを使う認証（パスキー認証）では、端末の画面ロ...

こんにちは、PR TIMESでインターンをしている笹山雷雅です。 レビュー中や検証中に、いま触っているブランチをそのまま残したまま、別ブランチの挙動を確認したくなる場面は少なくありません。 ただ、git switch を […]

March 2026 - Astro 6, CloudCannon CMS Partnership, Astro Together London, and more!

At 1Password, our mission is simple: to protect people’s most critical information, their credentials. At the time of writing this post, I personally have 291 items in my vault, so the long-term confidentiality of this data is critical to myself and every 1Password user. We are thrilled to announce the first major milestone in our post-quantum cryptography (PQC) journey, the successful deployment of PQC on 1Password’s web application. If you’re using a PQC-capable browser, such as Chrome or Fire

Most organizations can tell you which apps sit behind SSO. Far fewer can tell you what other apps teams are using, or who has access to the credentials.Shared and sensitive non-SSO logins remain some of the hardest access paths to govern. Credentials are often tied to individuals, scattered across vaults and browsers, and difficult to rotate or revoke when roles change. For many teams, this creates a gap in their Zero Trust strategy.For the last several months, we’ve been hard at work connecting

Cookie syncing and credential injection get agents past login screens, but they break every security assumption your app relies on.

How to design AI agents that do less, prove more, and stay within boundaries your security team can actually audit.

March always seems to be my life’s busiest month.Things I wrote and made“The two kinds of error”: in my mind, software errors are divided into two categories: expected and unexpected errors. I finally wrote up this idea I’ve had for a long time.“All tests pass” is a short story about a strange, and sorta sad, experience I had with a coding agent.Inspired by others, I published a disclaimer about how I use generative AI to write this blog. My main rule of thumb: the final product must be word-for

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-files/releases/tag/0.1a3">datasette-files 0.1a3</a></p> <p>I'm working on integrating <code>datasette-files</code> into other plugins, such as <a href="https://github.com/datasette/datasette-extract">datasette-extract</a>. This necessitated a new release of the base plugin.</p><blockquote><ul><li><code>owners_can_edit</co...

目次 はじめに 背景と課題 避難訓練の全体像 GUIベースのツールを選定した理由 AIによるシナリオ ...

<blockquote cite="https://twitter.com/ggerganov/status/2038674698809102599"><p>Note that the main issues that people currently unknowingly face with local models mostly revolve around the harness and some intricacies around model chat templates and prompt construction. Sometimes there are even pure inference bugs. From typing the task in the client to the actual result, there is a long chain of components that atm are not only fragile - are also developed by different parties. So it...

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-llm/releases/tag/0.1a3">datasette-llm 0.1a3</a></p> <p>Adds the ability to configure <a href="https://github.com/datasette/datasette-llm/tree/0.1a3#purpose-specific-configuration">which LLMs are available for which purpose</a>, which means you can restrict the list of models that can be used with a specific plugin. <a href="https://github.com/datasette/datasette-...

Learn how to secure your projects and keep them safe with GitHub Advanced Security.The post GitHub for Beginners: Getting started with GitHub security appeared first on The GitHub Blog.

Even if you nest details elements, you can ensure only one level of them is open at a time, making a menu you can drill down (and up!) from.

Hello, and welcome to the first State of Flint blog post! These posts explain the high-level status of the Flint project - what's been done, what's coming up next, and what's being pushed to the backlog. For this first post, we'll cover progress made from Flint's start in 2025 through the first few months of 2026.

<p>Trip Venturella released <a href="https://www.estragon.news/mr-chatterbox-or-the-modern-prometheus/">Mr. Chatterbox</a>, a language model trained entirely on out-of-copyright text from the British Library. Here's how he describes it in <a href="https://huggingface.co/tventurella/mr_chatterbox_model">the model card</a>:</p><blockquote><p>Mr. Chatterbox is a language model trained entirely from scratch on a corpus of over 28,000 Victorian-era Bri...

That gap between "the form works" and "the business works" is something we don't really tend to discuss much as front-enders. We focus a great deal on user experience, validation methods, and accessibility, yet we overlook what the data does once it leaves our controlForm Automation Tips for Happier User and Clients originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

If you’ve ever tried to build a data table with a sticky header and a sticky first column, you know the pain. You’d think a simple position: sticky with top: 0 and left: 0 would be enough, but the reality was that only one of both would stick.A recent change to CSS fixes this: position: sticky now plays nice with single-axis scrollers, allowing you to have sticky elements that track different scroll containers on different axes. This change is available in Chrome 148.

If your design system can only apply `loading=lazy` or `fetchpriority=high` blindly, it may be safer not to apply them at all.

こんにちは！第一開発部でエンジニアとしてインターンをしていた三宅（@pure_notchman)です。PR TIMESのインターンを卒業することになったため、これまで取り組んできた開発や学びについて振り返りたいと思います […]

We are opening our advanced Client-Side Security tools to all users, featuring a new cascading AI detection system. By combining graph neural networks and LLMs, we've reduced false positives by up to 200x while catching sophisticated zero-day exploits.

<p><strong>Release:</strong> <a href="https://github.com/simonw/llm-mrchatterbox/releases/tag/0.1">llm-mrchatterbox 0.1</a></p> <p>See <a href="https://simonwillison.net/2026/Mar/30/mr-chatterbox/">Mr. Chatterbox is a (weak) Victorian-era ethically trained model you can run on your own computer</a>.</p> <p>Tags: <a href="https://simonwillison.net/tags/llm">llm</a></p>

Read March 2026 Security Releases

NestJS is code-first by default meaning decorators describe your API, and the spec is generated from code. But decorators don't enforce anything at compile time. This post shows how to flip the flow to generate controller method types from an OpenAPI spec and let TypeScript catch contract drift before reaching production.

Sansec is tracking a mass exploitation wave of the PolyShell vulnerability that hit hundreds of online stores within a single hour today. The attacks are ongoing: new victims appear every minute.N...

How AI agents get hijacked, poisoned, and over-privileged, and why identity is the fix for most of it.

How comparing login timestamps and locations catches credential theft before attackers get in.

Let users sync their GitLab projects in your app, using a fresh access token, without writing any OAuth logic.

はじめに こんにちは。AmebaLIFE事業本部エンジニアのsatominです。 この記事では、ビジ ...

ABEMA バックエンドエンジニアの大真です。 ABEMAのサブスクリプションシステムをリファクタリ ...

<p><strong><a href="https://github.com/chenglou/pretext">Pretext</a></strong></p>Exciting new browser library from Cheng Lou, previously a React core developer and the original creator of the <a href="https://github.com/chenglou/react-motion">react-motion</a> animation library.</p><p>Pretext solves the problem of calculating the height of a paragraph of line-wrapped text <em>without touching the DOM</em>. The usual way of d...

<p><strong>Tool:</strong> <a href="https://tools.simonwillison.net/pretext-explainer">Pretext — Under the Hood</a></p> <p>See <a href="https://simonwillison.net/2026/Mar/29/pretext/">my notes on Pretext here</a>.</p>

<p><strong>Tool:</strong> <a href="https://tools.simonwillison.net/python-vulnerability-lookup">Python Vulnerability Lookup</a></p> <p>I learned that the <a href="https://osv.dev/">OSV.dev</a> open source vulnerability database has an open CORS <a href="https://google.github.io/osv.dev/api/">JSON API</a>, so I had Claude Code build this <a href="https://simonwillison.net/2025/Dec/10/html-tools/">HTML tool</a> for past...

<blockquote cite="https://interconnected.org/home/2026/03/28/architecture"><p>The thing about agentic coding is that agents grind problems into dust. Give an agent a problem and a while loop and - long term - it’ll solve that problem even if it means burning a trillion tokens and re-writing down to the silicon. [...]</p><p>But we want AI agents to solve coding problems quickly and in a way that is maintainable and adaptive and composable (benefiting from improvements els...

みなさんにもマウスホバーで表示されるバルーン内のリンクが開けなくてイラついた経験があるかと思います. リンクにカーソルを移動しようとすると閉じてしまうバルーン 丁寧に吹き出しの三角形の部分を通ったときだけリンクに辿り着ける. イライラ棒か? こんな体験は今すぐ滅ぼしましょう. Web なら floating-ui を使うと, そもそものバルーン自体の実装も簡単にできますし, この問題への対策も 1 行で済みます. 対策 1. バルーンが閉じるのを遅延させる リンクにカーソルを合わせようとするとマウスホバーが外れ, その瞬間にバルーンが閉じてしまうのが問題の原因です. ということで, 素朴にはバ…

Cline Kanban は人間が数十個のエージェントを運用するうえで正気を保つためにはどうすればいいか、という問いに対する 1 つの答えとして、Cline が開発したツールです。Cline Kanban はカンバン方式のビューを提供します。各カードは稼働中のエージェントを表しており、どのエージェントが実行中で、どのエージェントが作業がブロックされているのか、どのエージェントが完了しているのかを一目で把握できるようになっています。

2026 年 3 月末、Figma の MCP サーバーに Figma のキャンバスを直接操作できる `use_figma` ツールが追加されました。`use_figma` ツールは Figma Plugin API を通じて Figma ファイル上で JavaScript を直接実行する汎用ツールとして設計されている点が特徴です。この記事では、実際に `use_figma` ツールを使用して Figma のキャンバスを操作する方法を試してみます。

<p><strong>Release:</strong> <a href="https://github.com/simonw/datasette-showboat/releases/tag/0.1a2">datasette-showboat 0.1a2</a></p> <p>I added an option to export a Markdown file from my app that lets Showboat <a href="https://simonwillison.net/2026/Feb/17/chartroom-and-datasette-showboat/#showboat-remote-publishing">incrementally publish updates</a> to a remote server.</p>

<blockquote cite="https://github.com/chardet/chardet/issues/334#issuecomment-4098524555"><p>FWIW, IANDBL, TINLA, etc., I don’t currently see any basis for concluding that chardet 7.0.0 is required to be released under the LGPL. AFAIK no one including Mark Pilgrim has identified persistence of copyrightable expressive material from earlier versions in 7.0.0 nor has anyone articulated some viable alternate theory of license violation. [...]</p></blockquote><p class="cit...

<p>I have a new laptop - a 128GB M5 MacBook Pro, which early impressions show to be <em>very</em> capable for running good local LLMs. I got frustrated with Activity Monitor and decided to vibe code up some alternative tools for monitoring performance and I'm very happy with the results.</p><p>This is my second experiment with vibe coding macOS apps - the first was <a href="https://simonwillison.net/2026/Feb/25/present/">this presentation app a few weeks ago&...

Workflows are now visualized via step diagrams in the dashboard. Here’s how we translate your TypeScript code into a visual representation of the workflow.

JavaScript for Everyone: DestructuringMat explains the ever-useful, but sometimes hard to understand destructuring assignment in JavaScript.Mise en ModeA very good methodology for design systems now has a book!The old internet is still hereA great reminder for us all. Don't get nostalgic and get surfing instead.2026 design systems reportAnother year and another design systems report, this time delivered with a lovely, texture-rich UI.Paper birdsSome stunning, physical art for you to enjoy.P.S. t

Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.

The next iteration of view transitions is here!

Discover some of the interesting features that have landed in stable and beta web browsers during March 2026.

こんにちは！PR TIMES の河瀨翔吾（@shogogg）です。エンジニアリングマネージャーとして、プレスリリース配信サービス PR TIMES の開発や開発チームのマネジメント、業務改善、採用などを行っています。好き […]

こんにちは！PR TIMES の河瀨翔吾（@shogogg）です。エンジニアリングマネージャーとして、プレスリリース配信サービス PR TIMES の開発や開発チームのマネジメント、業務改善、採用などを行っています。好き […]

<p><strong><a href="https://www.reco.ai/blog/we-rewrote-jsonata-with-ai">We Rewrote JSONata with AI in a Day, Saved $500K/Year</a></strong></p>Bit of a hyperbolic framing but this looks like another case study of <strong>vibe porting</strong>, this time spinning up a new custom Go implementation of the <a href="https://jsonata.org">JSONata</a> JSON expression language - similar in focus to jq, and heavily associated with the <a href...

Every year, security and tech leaders come to the RSA conference in San Francisco to take the industry’s pulse, and every RSAC tends to be dominated by a single, overarching theme. Last year, the theme was: “AI agents are coming, and governance isn’t ready.” And sure enough, the theme of RSAC 2026 was: “AI agents are here, and governance needs to catch up.”Throughout the conference, security practitioners, vendors, and analysts were all asking the same questions:How can we enable a culture of ag

Understand why scopes and claims serve different roles in OAuth 2.0 and OpenID Connect, and how to design around each.

A developer's guide to registering redirect URIs per environment, debugging "invalid redirect URI" errors, and knowing when to use impersonation instead.

Authentication doesn't end at login. For modern SaaS applications, the real security perimeter is the token, and attackers know it.

Preconnect hints can speed up page loads, but what happens when you use too many? We tested the impact of excessive preconnects on page speed.

<p><strong><a href="https://futuresearch.ai/blog/litellm-attack-transcript/">My minute-by-minute response to the LiteLLM malware attack</a></strong></p>Callum McMahon reported the <a href="https://simonwillison.net/2026/Mar/24/malicious-litellm/">LiteLLM malware attack</a> to PyPI. Here he shares the Claude transcripts he used to help him confirm the vulnerability and decide what to do about it. Claude even suggested the PyPI security contact addr...

Safari Technology Preview Release 240 is now available for download for macOS Tahoe and macOS Sequoia.

NGINX 1.29.6 and 1.29.7 introduce significant updates and mark the first in a planned series to add capabilities to NGINX Open Source formerly limited to NGINX Plus. With updates to core runtime behavior and network support, these releases ensure that NGINX can continue to meet the needs of modern applications and AI workloads. Highlights of these releases include: Together, these changes expand what operators can do with NGINX Open Source while simplifying configurations for optimizing performa

A look at GitHub Actions’ 2026 roadmap, outlining how secure defaults, policy controls, and CI/CD observability harden the software supply chain end to end.The post What’s coming to our GitHub Actions 2026 security roadmap appeared first on The GitHub Blog.

TeamPCP is partnering with ransomware group Vect to turn open source supply chain attacks on tools like Trivy and LiteLLM into large-scale ransomware operations.

<p><strong><a href="https://ngrok.com/blog/quantization">Quantization from the ground up</a></strong></p>Sam Rose continues <a href="https://simonwillison.net/tags/sam-rose/">his streak</a> of publishing spectacularly informative interactive essays, this time explaining how quantization of Large Language Models works (which he says might be "<a href="https://twitter.com/samwhoo/status/2036845101561835968">the best post I've ever made</a&g...

Reviewed advisories hit a four-year low, malware advisories surged, and CNA publishing grew—here’s what changed and what it means for your triage and response. The post A year of open source vulnerability trends: CVEs, advisories, and malware appeared first on The GitHub Blog.

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-llm/releases/tag/0.1a2">datasette-llm 0.1a2</a></p> <blockquote><ul><li><code>actor</code> is now available to the <code>llm_prompt_context</code> plugin hook. <a href="https://github.com/datasette/datasette-llm/pull/2">#2</a></li></ul></blockquote> <p>Tags: <a href="https://simonwillison.net/tags/llm"&g...

A look at an example task an interviewer might give you and all the details of how you could approach and and what they are watching for.

Looking at research and experiments that are designed to automatically generate user interfaces based on user preferences.Generative UI Notes originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

When we investigated why our Atlantis instance took 30 minutes to restart, we discovered a bottleneck in how Kubernetes handles volume permissions. By adjusting the fsGroupChangePolicy, we reduced restart times to 30 seconds.

Accessibility had never really played a significant role since I started working as a front-end developer in 2019. It didn’t have a significant role in my boot camp, or in YouTube tutorials I watched, and certainly not in my job.At some point I got very invested in accessibility, because it was the missing link for me in my profession. Suddenly, the things I built not only looked good, but they also worked as expected when using a keyboard and a screen reader. Slowly, practicing web development

Success in modern UX isn’t about having the most content. It’s about having the most findable content. Yet even with more data and better tools than ever, internal search often fails, leaving users to rely on global search engines to find a single page on a local site. Why does the “Big Box” still win, and how can we bring users back?

A look at recent ISP and government-directed blocks of Supabase domains in three regions—what triggered them, how we worked with authorities and customers to restore access, and what multi-tenant platforms can do to prepare.

Web バックエンドエンジニアの早坂です。本稿は、2025年11月に開催された JJUG CCC 2025 Fall における登壇「Virtual Thread Deep Dive」を記事としてまとめ...

はじめに こんにちは！株式会社LegalOn Technologies、SET（Software Engineer in Test）の引持(@rmochioo)です。普段は自動テストの推進やQA部門横断の施策に取り組んでいます。 2026年3月20日(金・祝)、東京ビッグサイト会議棟にて「ソフトウェアテストシンポジウムJaSST’26 Tokyo」が開催されました。私は「QAプロセスAI支援ツールキットの導入とその効果について」というタイトルで、登壇しました。 本記事では、当日お話しした内容についてと、印象に残った発表を幾つかピックアップしてご紹介したいと思います。

Astro 6.1 introduces codec-specific Sharp image defaults, advanced SmartyPants configuration, and i18n fallback routes for integrations.

Calling vals with GPT Realtime 1.5, NYC doorman, email and voice agents, and more

If 2025 was the year of AI adoption, 2026 is when AI evolves from a software story to a people story. Katya Laviolette, our Chief People Officer, explored this idea in a recent Forbes article about how 1Password’s internal network of AI Champions is shaping this evolution and helping us set the standard for how we use AI to drive impact across 1Password.AI tools help us move faster, but it takes curiosity and judgement to unlock their full value, build new ways of working, and to deliver meaning

Developers need to expand their skills because coding agents are taking an increasing part of their job. Let's start with usability!

Architecture, auth, ecosystem, and the 2026 roadmap for the protocol that connects AI to everything.

50% of Checkly CLI users are already coding agents. Learn how built-in skills, structured output, and agent guardrails make one CLI work for humans and agents alike.

CLIs are the new agent interface. Discover how Checkly turned its CLI into an agentic layer with built-in skills, structured output, and confirmation protocols for safe autonomous monitoring.

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-files-s3/releases/tag/0.1a1">datasette-files-s3 0.1a1</a></p> <p>A backend for <a href="https://github.com/datasette/datasette-files">datasette-files</a> that adds the ability to store and retrieve files using an S3 bucket. This release added <a href="https://github.com/datasette/datasette-files-s3/blob/main/README.md#credentials-broker-response">a mechanism&l...

<p><strong><a href="https://news.ycombinator.com/item?id=47517539">Thoughts on slowing the fuck down</a></strong></p>Mario Zechner created the <a href="https://github.com/badlogic/pi-mono">Pi agent framework</a> used by OpenClaw, giving considerable credibility to his opinions on current trends in agentic engineering. He's not impressed:</p><blockquote><p>We have basically given up all discipline and agency for a sort of addictio...

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-llm/releases/tag/0.1a1">datasette-llm 0.1a1</a></p> <p>New release of the base plugin that makes models from <a href="https://llm.datasette.io/">LLM</a> available for use by other Datasette plugins such as <a href="https://github.com/datasette/datasette-enrichments-llm">datasette-enrichments-llm</a>.</p><blockquote><ul><li>New &lt...

Widespread GitHub phishing campaign uses fake Visual Studio Code security alerts in Discussions to trick developers into visiting malicious website.

From April 24 onward, interaction data—specifically inputs, outputs, code snippets, and associated context—from Copilot Free, Pro, and Pro+ users will be used to train and improve our AI models unless they opt out.The post Updates to GitHub Copilot interaction data usage policy appeared first on The GitHub Blog.

In January, we introduced our Nightly package for RPM-based Linux distributions. Today, we are thrilled to announce it is now available for Firefox Beta! Firefox Beta is great for testing your sites in a version of Firefox that will reach regular users in the coming weeks. If you find any issues, please file them on […]The post Firefox Developer Edition and Beta: Try out Mozilla’s .rpm package! appeared first on Mozilla Hacks - the Web developer blog.

記事は ics.media へアクセスしてご覧ください。

Compare WYSIWYG and Markdown editors across collaboration, storage, and UX. Learn which fits your team and how to pick the right embeddable editor.

Storybook MCP は Storybook と AI エージェントを接続し、エージェントがコンポーネントドキュメントを参照しつつコードを生成したり、ストーリーを作成して UI コンポーネントをテストしたりできるようにする機能です。この記事では、Storybook MCP を実際に試してみた内容を紹介します。