直近1週間の更新
4/14 (火)

AI-Generated UI Is Inaccessible by Default
Frontend Masters Boost RSS Feed
It doesn't mean you can't get AI to help with accessible code, you've just got to know what you're doing.
1時間前

GitHub for Beginners: Getting started with GitHub Pages
The GitHub Blog
Learn how to create a free website for any repository on GitHub Pages.The post GitHub for Beginners: Getting started with GitHub Pages appeared first on The GitHub Blog.
1時間前
4/13 (月)

7 View Transitions Recipes to Try
CSS-Tricks
Craving for a view transition? Sunkanmi has lots of common transitions you can drop into your website right now!7 View Transitions Recipes to Try originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.
2時間前

Durable Objects in Dynamic Workers: Give each AI-generated app its own database
The Cloudflare Blog
We’re introducing Durable Object Facets, allowing Dynamic Workers to instantiate Durable Objects with their own isolated SQLite databases. This enables developers to build platforms that run persistent, stateful code generated on-the-fly.
3時間前

Agents have their own computers with Sandboxes GA
1
The Cloudflare Blog
Cloudflare Sandboxes give AI agents a persistent, isolated environment: a real computer with a shell, a filesystem, and background processes that starts on demand and picks up exactly where it left off.
3時間前

Dynamic, identity-aware, and secure Sandbox auth
1
The Cloudflare Blog
Outbound Workers for Sandboxes provide a programmable, zero-trust egress proxy for AI agents. This allows developers to inject credentials and enforce dynamic security policies without exposing sensitive tokens to untrusted code.
3時間前

Squash and Stretch
Josh Comeau's blog
Have you ever heard of Disney’s 12 Basic Principles of Animation? In this tutorial, we’ll explore how we can use the very first principle to create SVG micro-interactions that feel way more natural and believable. It’s one of those small things that has a big impact.
4時間前

RubyKaigi 2026にSTORESから5名が発表、STORES Quiz でアクキーをプレゼントします
STORES Product Blog
こんにちは、STORES のえんじぇるです。 今年も STORES は RubyKaigi 2026 にNursery Sponsor および Scholarship Sponsor として協賛します! Nursery Sponsor は2024年から3年連続で、今年も小さなRubyistのみなさんに会えるのが楽しみです! Scholarship Sponsor として記載されているのは今年が初ですが、昨年度も学生支援を実施していました。 先日下見に行ったので、写真をまじえながら、STORES のRubyKaigi 2026への関わり方を紹介します。 函館空港でお出迎えしてくれたクマ🐻 登壇 …
7時間前

Aurora MySQLの負荷は高騰していないのにエラーレートが悪化した原因がPerformance Schemaだった話
CyberAgent Developers Blog | サイバーエージェント デベロッパーズブログ
本記事では、ある日起きたAurora MySQLの障害対応事例を紹介します。
13時間前

Quoting Bryan Cantrill Simon Willison's Weblog
<blockquote cite="https://bcantrill.dtrace.org/2026/04/12/the-peril-of-laziness-lost/"><p>The problem is that LLMs inherently <strong>lack the virtue of laziness</strong>. Work costs nothing to an LLM. LLMs do not feel a need to optimize for their own (or anyone's) future time, and will happily dump more and more onto a layercake of garbage. Left unchecked, LLMs will make systems larger, not better &mdash; appealing to perverse vanity metrics, perhaps, but at the cos...
14時間前

信頼性向上のためのSLI/SLO活用vol.1 - SLI/SLOフレームワークおよびサービス稼働状況確認ツール「LINE Status」開発記
LINEヤフー Tech Blog (LY Corporation Tech Blog
はじめにこんにちは。SRE(Site Reliability Engineer)として働いているDahee Eoです。私たちのチームは、Media Platform SREをはじめ、グローバルトラフィ...
14時間前

moon v2.2 - Daemon, AI skills, async graph building, async affected tracking, and more
moonrepo Blog
In this release, we focused entirely on performance improvements, with the introduction of a daemon,
16時間前

The Vertical Codebase
TkDodo's blog
Let's take a look at why the common, horizontal code structure is not ideal, where it breaks down, and what we can do about it.
16時間前

How to Monitor a Shopify Store with Playwright and Checkly
Checkly Blog: Monitoring Insights & Trends
Learn how to monitor Shopify storefronts with Playwright and Checkly, including bot protection, consent popups, and checkout monitoring.
16時間前

Gemma 4 audio with MLX Simon Willison's Weblog
<p>Thanks to a <a href="https://twitter.com/RahimNathwani/status/2039961945613209852">tip from Rahim Nathwani</a>, here's a <code>uv run</code> recipe for transcribing an audio file on macOS using the 10.28 GB <a href="https://huggingface.co/google/gemma-4-E2B">Gemma 4 E2B model</a> with MLX and <a href="https://github.com/Blaizzy/mlx-vlm">mlx-vlm</a>:</p><pre><code>uv run --python 3.13 --with mlx_vlm --with torchvision --w...
16時間前

2026年度 新卒研修「サイバーエージェントのデータベース活用事例とパフォーマンス調査入門」
CyberAgent Developers Blog | サイバーエージェント デベロッパーズブログ
こんにちは、Service Reliability Group(SRG)の鬼海 雄太(@fat47) ...
17時間前

Welcome to Agents Week
The Cloudflare Blog
Cloudflare's mission has always been to help build a better Internet. Sometimes that means building for the Internet as it exists. Sometimes it means building for the Internet as it's about to become. This week, we're kicking off Agents Week, dedicated to what comes next.
1日前
4/12 (日)

Securing Vibe Coding and AI Coding Agents: An End-to-End Approach with StepSecurity
Step Security Blog
AI coding agents install packages, create pull requests, push commits, and run autonomously in CI/CD pipelines. Here's how to secure every stage of that workflow
1日前

Introducing StepSecurity Dev Machine Guard: Protecting Developer Machines from Supply Chain Attacks
Step Security Blog
Modern supply chain attacks target developer machines and AI coding agents. Learn how StepSecurity Dev Machine Guard stops credential theft early
1日前

Top 2024 Predictions for CI/CD Security
Step Security Blog
Explore key CI/CD security trends for 2024, including shifts to modern platforms, third-party component risks, rising security incidents, and the growing need for secure pipelines. Learn how to protect your organization from evolving threats in the CI/CD landscape.
1日前
SQLite 3.53.0 Simon Willison's Weblog
<p><strong><a href="https://sqlite.org/releaselog/3_53_0.html">SQLite 3.53.0</a></strong></p>SQLite 3.52.0 was withdrawn so this is a pretty big release with a whole lot of accumulated user-facing and internal improvements. Some that stood out to me:</p><ul><li><code>ALTER TABLE</code> can now add and remove <code>NOT NULL</code> and <code>CHECK</code> constraints - I've previously used my own <a href="...
2日前

SQLite Query Result Formatter Demo Simon Willison's Weblog
<p><strong>Tool:</strong> <a href="https://tools.simonwillison.net/sqlite-qrf">SQLite Query Result Formatter Demo</a></p> <p>See my notes <a href="https://simonwillison.net/2026/Apr/11/sqlite/">on SQLite 3.53.0</a>. This playground provides a UI for trying out the various rendering options for SQL result tables from the new Query Result Formatter library, compiled to WebAssembly.</p> <p>Tags: <a href="https://simonwillison.net...
2日前
4/11 (土)

Claude の Advisor tool を活用して性能とコストのバランスを最適化する
azukiazusa のテックブログ2
Claude に新たに追加された advisor tool を使用すると、通常のタスクは軽量モデルに任せつつ、必要に応じて高性能モデルに相談することで、性能とコストのバランスを最適化できます。この記事では Claude Code 内で advisor tool を活用する方法について紹介します。
2日前

Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline, Forces Certificate Rotation
Socket
OpenAI rotated macOS signing certificates after a malicious Axios package reached its CI pipeline in a broader software supply chain attack.
3日前

Kākāpō parrots Simon Willison's Weblog
<p>Lenny <a href="https://twitter.com/lennysan/status/2042615413494939943">posted</a> another snippet from <a href="https://simonwillison.net/2026/Apr/2/lennys-podcast/">our 1 hour 40 minute podcast recording</a> and it's about kākāpō parrots!</p><p><video src="https://static.simonwillison.net/static/2026/kakapo-lenny.mp4" poster="https://static.simonwillison.net/static/2026/kakapo-lenny.jpg" controls preload="none" playsinline style="display:block; ...
3日前

500 Tbps of capacity: 16 years of scaling our global network
The Cloudflare Blog
Cloudflare’s global network has officially crossed 500 Tbps of external capacity, enough to route more than 20% of the web and absorb the largest DDoS attacks ever recorded.
3日前

GitHub Copilot CLI for Beginners: Getting started with GitHub Copilot CLI
The GitHub Blog
GitHub for Beginners: Getting started with the GitHub Copilot CLI, a step-by-step tutorial.The post GitHub Copilot CLI for Beginners: Getting started with GitHub Copilot CLI appeared first on The GitHub Blog.
3日前

ChatGPT voice mode is a weaker model Simon Willison's Weblog
<p>I think it's non-obvious to many people that the OpenAI voice mode runs on a much older, much weaker model - it feels like the AI that you can talk to should be the smartest AI but it really isn't.</p><p>If you ask ChatGPT voice mode for its knowledge cutoff date it tells you April 2024 - it's a GPT-4o era model.</p><p>This thought inspired by <a href="https://twitter.com/karpathy/status/2042334451611693415">this Andrej Karpathy tweet</a> about the g...
3日前
4/10 (金)

How to Choose a Rich Text Editor for Compliant App Development
CKEditor Ecosystem Blog
Your RTE choice shapes how much compliance work your team owns. Learn what to look for when building for healthcare, finance, or government.
3日前

How To Improve UX In Legacy Systems
Articles on Smashing Magazine — For Web Designers And Developers
Practical guidelines for driving UX impact in organizations with legacy systems and broken processes. Brought to you by Measuring UX Impact, **friendly video course on UX** and design patterns by Vitaly.
3日前

The Index: Issue #177
Piccalilli - Everything
Using CSS animations as state machinesExtremely clever stuff from Patrick here!Endgame for the open webAnil articulates the reality of the open web really well and gives us pragmatic advice of what we can tangibly do to protect if from the vultures in the tech industry.Checking if a movie has a post or mid credit sceneA very cool tool (and write up) that's surprisingly simple.EZ-TreeNeed to procedurally generate trees? Don't slop it and use this tool instead.Wind Waker JSOne for the Zelda fans o
3日前

font-family Doesn’t Fall Back the Way You Think
CSS Wizardry
A quick but important reminder that font-family declarations don’t inherit fallback stacks the way many developers assume.
3日前

Canvas 内に直接 HTML を描画できる HTML in Canvas API について
azukiazusa のテックブログ2
HTML in Canvas API は WICG で提案されている API で、Canvas 内に直接 HTML を描画できるようにするものです。現在の `` 要素にはリッチテキストや HTML コンテンツを描画する標準的な方法が存在しないという課題があります。この記事では HTML in Canvas の使用方法やユースケースについて説明します。
3日前

Dropping noice.nvim for Neovim's native UI2 Duy NG
Neovim 0.12 ships a native UI2 layer that covers most of what noice.nvim provided. Here's what I replaced, what I kept, and what changed.
3日前

Don't Kill the Goose That Lays the Golden Eggs
Socket
Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.
4日前

Androidの権限リクエストで「3回目にダイアログが出ない」→ 「設定画面へ遷移させましょう」
CyberAgent Developers Blog | サイバーエージェント デベロッパーズブログ
要約 3回目に権限をリクエストしたときにダイアログが出ないのは仕様です。権限ダイアログを出すのは諦め ...
4日前

In defense of GitHub's poor uptime Evan Hahn (dot com)
In short: GitHub’s downtime is bad, but uptime numbers can be misleading. It’s not as bad as it looks; more like a D than an F.“Zero nines uptime”?99.99% uptime, or “four nines”, is a common industry standard. Four nines of uptime is equivalent to 1.008 minutes of downtime per week.GitHub is not meeting that, and it’s frustrating. Even though they’re owned by Microsoft’s, one of the richest companies on earth, they aren’t clearing this bar.Here are some things people are saying:“GitHub appears t
4日前

Gemfile of dreams: the libraries we use to build Rails apps
Evil Martians
We unveil the gemfile toolbox of the Martian Rails engineer; a universe of Evil Martian gems that encapsulate our philosophy and soul.
4日前

ClickFix malware hits DoD cybersecurity vendor homepage
Sansec - experts in eCommerce security
The vendor is currently running a ClickFix clipboard hijacker on its own homepage. The vendor sells network exposure management and attack-path analysis to Fortune 500 enterprises, the US Departmen...
4日前

How to Use Lazy Loading Without Hurting Web Performance
DebugBear Blog
Learn how to use lazy loading without hurting web performance. This article explains when lazy loading improves performance, when it backfires, and how it impacts Core Web Vitals like LCP, CLS, and INP — with practical patterns and real-world pitfalls.
4日前

Bucketeer Lite: Running Our Feature Flag Management System on a lightweight environment on Fly.io or AWS
CyberAgent Developers Blog | サイバーエージェント デベロッパーズブログ
Hi, I’m a backend engineer on the Bucketeer ...
4日前

GitHub Repo Size Simon Willison's Weblog
<p><strong>Tool:</strong> <a href="https://tools.simonwillison.net/github-repo-size">GitHub Repo Size</a></p> <p>GitHub doesn't tell you the repo size in the UI, but it's available in the CORS-friendly <a href="https://api.github.com/repos/simonw/datasette">API</a>. Paste a repo into this tool to see the size, <a href="https://tools.simonwillison.net/github-repo-size?repo=simonw%2Fdatasette">for example for simonw/datasette</a> (...
4日前

Sharing Tailwind CSS Styles Across Apps in a Monorepo
Nx Blog
Share Tailwind v4 design tokens across multiple apps in a pnpm + Nx monorepo using a shared styles package and automated @source directives.
4日前

@velora-dex/sdk Compromised on npm: Malicious Version Drops macOS Backdoor via launchctl Persistence
Step Security Blog
A registry-only supply chain attack on @velora-dex/sdk delivers an architecture-aware macOS backdoor that fires the moment your code imports the package. No install hooks, no repo commits, no visible output.
4日前

Behind the Scenes: How StepSecurity Detected and Helped Remediate the Largest npm Supply Chain Attack
Step Security Blog
StepSecurity's AI Package Analyst and Harden-Runner detected the compromise of axios, the largest npm supply chain attack on a single package by download count, before any public disclosure existed. What followed was a race against a state-sponsored threat actor who actively deleted GitHub issues to suppress the warning, a decision to host a community call at midnight that drew 200 attendees, and coverage from Bloomberg to Andrej Karpathy
4日前

axios Compromised on npm - Malicious Versions Drop Remote Access Trojan
65
Step Security Blog
Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.
4日前

10 Layers Deep: How StepSecurity Stops TeamPCP's Trivy Supply Chain Attack on GitHub Actions
Step Security Blog
TeamPCP weaponized 76 Trivy version tags overnight. The KICS attack followed the same playbook days later. One security control is not enough. Here is how the StepSecurity platform's ten independent security layers work together to prevent credential exfiltration, detect compromised actions at runtime, and respond to incidents across your entire organization before attackers can succeed.
4日前

Dev Machine Guard Is Now Open Source: See What's Really Running on Your Developer Machine
Step Security Blog
Your developer machine is running AI agents, MCP servers, IDE extensions, and hundreds of packages. Do you know which ones? Now there's a free, open-source way to find out.
4日前

Datadog's DevSecOps 2026 Report Validates What We've Been Building
Step Security Blog
Datadog's State of DevSecOps 2026 report confirms what StepSecurity has been warning about for years: CI/CD pipelines and GitHub Actions are prime targets for supply chain attacks. Learn how StepSecurity's platform directly mitigates every major risk identified in the report, from unpinned actions to day-of-release dependencies.
4日前

hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far
42
Step Security Blog
A week-long automated attack campaign targeted CI/CD pipelines across major open source repositories, achieving remote code execution in at least 4 out of 5 targets. The attacker, an autonomous bot called hackerbot-claw, used 5 different exploitation techniques and successfully exfiltrated a GitHub token with write permissions from one of the most popular repositories on GitHub. This post breaks down each attack, shows the evidence, and explains what you can do to protect your workflows.
4日前

StepSecurity’s Unified Protection Across the SDLC Infrastructure Threat Framework (SITF)
Step Security Blog
How StepSecurity delivers real-world protection across all critical pillars identified in Wiz's SDLC Infrastructure Threat Framework (SITF)
4日前
4/9 (木)

SVG Filters Guide: Getting Started with the Basics
Frontend Masters Boost RSS Feed
Let's take a look at what SVG filters are and the basics of how they work.
4日前

Selecting a Date Range in CSS
3
CSS-Tricks
A clever approach for selecting multiple dates on a calendar where the :nth-child()'s “n of selector” syntax does all the heavy lifting... even in the JavaScript.Selecting a Date Range in CSS originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.
4日前

Personal website redesign project post: Getting started with the HTML only build
Piccalilli - Everything
Planning is now done, so now it's time to get stuck into a basic version of my website. It's important to do this part well because even though the UI is incredibly temporary, the system behind it is not, so we want to make sure our foundations are solid.I say a HTML-only build but I'm talking rubbish there. I'll mostly only be writing HTML (via Astro components) here, but there is CSS. Over the last couple of years at the studio we've been trying to "solve" global styles. We repeat ourselves ov
4日前

大規模にエージェントを構築する Claude Managed Agents を試してみた
34
azukiazusa のテックブログ2
Claude Managed Agents は Claude を自律的なエージェントとして動作させるためのハーネスとインフラストラクチャーを提供します。長時間かかるタスクや非同期のタスクを実行するために使用するのが想定されています。この記事では実際に Claude Managed Agents を試してみた内容を紹介します。
4日前

AI Agents Know About Supabase. They Don't Always Use It Right.
Supabase Blog
Introducing Supabase Agent Skills: an open-source set of instructions that teach AI coding agents how to build on Supabase correctly.
4日前

Git自動化で見るMCPとAgent Skillの長所・短所
57LINEヤフー Tech Blog (LY Corporation Tech Blog
こんにちは。AI LabチームのHan Kil Roです。サービスに必要なAIモデルやソリューションを開発するチームで業務に携わっています。最近、LINEヤフー社内で実施された Orchestrati...
4日前

asgi-gzip 0.3 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/asgi-gzip/releases/tag/0.3">asgi-gzip 0.3</a></p> <p>I ran into trouble deploying a new feature using <a href="https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events">SSE</a> to a production Datasette instance, and it turned out that instance was using <a href="https://github.com/simonw/datasette-gzip">datasette-gzip</a> which uses <a href="https://gi...
5日前

GitHub availability report: March 2026
The GitHub Blog
In March, we experienced four incidents that resulted in degraded performance across GitHub services.The post GitHub availability report: March 2026 appeared first on The GitHub Blog.
5日前

Gmail送信前確認用Chrome拡張の内製化
PR TIMES 開発者ブログ
こんにちは、PR TIMESでインターンをしている工藤(@k8035004287922)です。 今回は、社内の一部部署で必須運用されていたGmail送信前の誤送信確認用Chrome拡張を、社内要件に合わせて内製した取り組 […]
5日前

表示速度を飛躍的に向上させるHTML/CSS仕様「content-visibility」「Lazy loading」「contain」をコード付き簡単解説 LINEヤフー Tech Blog (LY Corporation Tech Blog
この記事は、合併前の旧ブログに掲載していた記事(初出:2020年9月8日)を、現在のブログへ移管したものです。現時点の情報に合わせ、表記やリンクの調整を行っています。こんにちは、お久しぶりです。岡部和...
5日前

KubernetesでCDC基盤を構築した話 ~ Strimzi(Kafka)・Debezium・Snowflakeを使ったMySQLデータの自動同期基盤 ~
CyberAgent Developers Blog | サイバーエージェント デベロッパーズブログ
AI事業本部 アドテクカンパニー Dynalystに所属している平田聡一朗と申します。本記事ではSt ...
5日前

Bun v1.3.12
bun.com
Fixes 120 issues (addressing 219 👍). Render Markdown in the terminal with bun ./file.md, Bun.WebView headless browser automation, in-process Bun.cron() scheduler, async stack traces for native errors, 2.3x faster URLPattern, 2x faster Bun.Glob.scan, cgroup-aware parallelism on Linux, and many bugfixes and Node.js compatibility improvements.
5日前

Wasmtime’s April 9, 2026 Security Advisories
Bytecode Alliance
A new world for security-critical projects
5日前

Code is inert. Val Town makes it ert
Val Town Blog
Whether or not you read the code, it's gotta be ert
5日前

Multi-tenant permissions done right: What Slack, Notion, and Linear can teach us
WorkOS Blog
Slack, Notion, and Linear each take a different approach to per-tenant roles and permissions. Here are the patterns worth stealing for your own app.
5日前

Building authentication in Node.js applications: The complete guide for 2026
WorkOS Blog
Master secure authentication in Node.js from Passport.js and JWTs to enterprise SSO, with production-ready patterns and security best practices.
5日前

OAuth governance and consent phishing: What engineers need to know
WorkOS Blog
How attackers turn legitimate consent prompts into persistent backdoors, and what your team can do about it.
5日前

Cryptographic origin binding: How passkeys make phishing structurally impossible
WorkOS Blog
A deep dive into the FIDO2/WebAuthn protocol mechanics that tie every passkey to a specific domain, making credential theft physically impossible at the cryptographic layer.
5日前

Meta's new model is Muse Spark, and meta.ai chat has some interesting tools Simon Willison's Weblog
<p>Meta <a href="https://ai.meta.com/blog/introducing-muse-spark-msl/">announced Muse Spark</a> today, their first model release since Llama 4 <a href="https://simonwillison.net/2025/Apr/5/llama-4-notes/">almost exactly a year ago</a>. It's hosted, not open weights, and the API is currently "a private API preview to select users", but you can try it out today on <a href="https://meta.ai/">meta.ai</a> (Facebook or Instagram login required).</p><...
5日前

Keith Cirkel
Frontend Masters Boost RSS Feed
Keith Cirkel has been building some interesting and educational web games lately:
5日前

Feross on TBPN: How North Korea Hijacked Axios
Socket
Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.
5日前

Release Notes for Safari Technology Preview 241
WebKit
Safari Technology Preview Release 241 is now available for download for macOS Tahoe and macOS Sequoia.
5日前

Attackers Are Impersonating a Linux Foundation Leader in Slack to Target Open Source Developers
Socket
OpenSSF has issued a high-severity advisory warning open source developers of an active Slack-based campaign using impersonation to deliver malware.
5日前

GitHub Universe is back: We want you to take the stage
The GitHub Blog
Get inspired by five of the most memorable, magical, and quirky Universe sessions to date.The post GitHub Universe is back: We want you to take the stage appeared first on The GitHub Blog.
5日前

Quoting Giles Turnbull Simon Willison's Weblog
<blockquote cite="https://gilest.org/notes/2026/human-ai/"><p>I have a feeling that <strong>everyone likes using AI tools to try doing someone else’s profession</strong>. They’re much less keen when someone else uses it for their profession.</p></blockquote><p class="cite">&mdash; <a href="https://gilest.org/notes/2026/human-ai/">Giles Turnbull</a>, AI and the human voice</p> <p>Tags: <a href="https://simonwillison.net/tag...
5日前
4/8 (水)

From bytecode to bytes: automated magic packet generation
The Cloudflare Blog
By applying symbolic execution and the Z3 theorem prover to BPF bytecode, we’ve automated the generation of malware trigger packets, cutting analysis time from hours to seconds.
5日前

Material UI v9.0
MUI - Blog
Material UI v9.0 for developers: theming, accessibility, keyboard navigation, performance, and new Base UI-powered additions.
5日前

Introducing Material UI and MUI X v9
MUI - Blog
Introducing Material UI + MUI X v9: unified major version, new foundations, advanced components, and AI-native workflows.
5日前

MUI X Charts v9.0
MUI - Blog
MUI X Charts v9.0, keyboard-first by default, composition and codemods, Pro and Premium updates (heatmap, Sankey, export, WebGL).
5日前

MUI X Chat v9 alpha
MUI - Blog
An early look at MUI X Chat v9 alpha: ChatBox, adapters and streaming, and how it fits AI-native workflows across the stack.
5日前

MUI X Data Grid v9.0
MUI - Blog
MUI X Data Grid v9.0: stronger dynamic data and lazy loading, stable Charts in the grid, and AI Assistant with Console and bring your own key.
5日前

MUI X Scheduler v9 alpha
MUI - Blog
An early look at MUI X Scheduler v9 alpha: event and resource planning, calendar and timeline views, Community vs Premium, and how it fits the advanced stack.
5日前

MUI X v9.0: Tree View, Date Pickers
MUI - Blog
Tree View and Date and Time Pickers in MUI X v9: virtualization-by-default trees, picker field and focus ergonomics, locales, and migration-oriented cleanups.
5日前

Chrome 148 beta
developer.chrome.com: Blog
Get a preview of the next Chrome release with this post detailing the features in the current beta.
5日前

Chrome Web Store: A smarter, faster appeals process
developer.chrome.com: Blog
We're launching a new appeals process in the Chrome Web Store.
5日前

Custom OIDC Providers for Supabase Auth
Supabase Blog
Connect any OpenID Connect identity provider to your Supabase project: GitHub Enterprise, regional providers, and more.
5日前

1/10スケールでも、自動運転はちゃんと難しい - JetRacer合宿で再現した自動運転開発サイクルの基本のキ
newmo 技術ブログ
こんにちは。newmo 自動運転開発室のyui_tangです。 先日、自動運転開発室のオンボーディングと技術理解の共有を目的として、JetRacer を用いた社内ハッカソン合宿「ロボライダー」を開催しました。合宿の様子や背景は note に まとめています。 👉 note.com 本記事ではイベントレポートではなく、合宿で再現した開発サイクルと、実機を扱う際に 顕在化した課題を書き記します。 小さくしても、問題は小さくならない JetRacer は NVIDIA Jetson を搭載した小型の自律走行車プラットフォームです。カメラ 画像を入力としてニューラルネットワークが操舵角とスロットル値を…
5日前

デザインシステムを丸ごと Skills にする
サイボウズ フロントエンドのフィード
デザインシステムを Skills にしたら使いやすくなったサイボウズのプロダクトである kintone では、社内向けに kintone Design System と呼ばれるデザインシステムが提供されています。https://note.com/amishiratori/n/n0d8467106f27AI Agent を用いた開発向けに、このデザインシステムの Skills 化を試みたところ、提供側・利用側ともに非常に取り回しやすい形となったため、事例として紹介します。 デザインシステム x MCPデザインシステムをコーディング用の AI Agent から活用する際、一例...
6日前

Under the hood of MDN's new frontend
MDN Blog
You may have spotted that MDN has a new frontend. There's plenty happening under the surface, so let's unpack the technologies we chose, the architectural decisions we made, and why we did a rebuild at all.
6日前

NIST and AI agents: 1Password’s approach to agent identity
Blog on 1Password Blog
NIST published a concept paper stating, “Organizations need to understand how identity principles such as identification, authentication, and authorization can apply to agents to provide appropriate protections while enabling business value.”This post, and the series that follows, is 1Password’s response to NIST’s call for input on how those principles should apply to agents.At 1Password, we approach security through simplicity. We are developing an agent identity architecture to simplify and en
6日前

Migrating an event pipeline from NATS to Kafka with zero downtime
Evil Martians
Evil Martians migrated Wallarm's core event pipeline from NATS to Kafka in two months with zero downtime. Learn how we also handle event deduplication and reconstruct business flows for better understanding of the application.
6日前

AI Strikes Back: Using an LLM to write COBOL
Marmelab Blog
When AI-powered coding meets punch-card era technology
6日前

Top 5 PropelAuth alternatives for secure authentication in 2026
WorkOS Blog
What to use when your B2B auth needs outpace PropelAuth.
6日前

Securing agentic apps: How to vet the tools your AI agents depend on
WorkOS Blog
30 CVEs in 60 days, a backdoored npm package stealing emails, and a hosting platform flaw that put 3,000 servers at risk. Here's how to secure the supply chain your AI agents depend on.
6日前

JWT algorithm confusion attacks: How they work and how to prevent them
WorkOS Blog
A complete breakdown of one of the most dangerous JWT vulnerabilities, from the cryptographic mechanics to the defensive code patterns that stop it.
6日前

MoonBit 0.9: Introducing First-Class Formal Verification
MoonBit Blog
MoonBit 0.9 introduces formal verification for AI-native workflows, enabling AI systems to generate code that is not just functional, but provably correct.
6日前

North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads
Socket
Malicious packages published to npm, PyPI, Go Modules, crates.io, and Packagist impersonate developer tooling to fetch staged malware, steal credentials and wallets, and enable remote access.
6日前

GLM-5.1: Towards Long-Horizon Tasks Simon Willison's Weblog
<p><strong><a href="https://z.ai/blog/glm-5.1">GLM-5.1: Towards Long-Horizon Tasks</a></strong></p>Chinese AI lab Z.ai's latest model is a giant 754B parameter 1.51TB (on <a href="https://huggingface.co/zai-org/GLM-5.1">Hugging Face</a>) MIT-licensed monster - the same size as their previous GLM-5 release, and sharing the <a href="https://huggingface.co/papers/2602.15763">same paper</a>.</p><p>It's available <a href="htt...
6日前

Cloudflare targets 2029 for full post-quantum security
The Cloudflare Blog
Recent advances in quantum hardware and software have accelerated the timeline on which quantum attack might happen. Cloudflare is responding by moving our target for full post-quantum security to 2029.
6日前
Access Control Policy in NGINX Ingress Controller: Patterns for Ingress
NGINX Community Blog
NGINX Ingress Controller lets you define IP-based access rules once in a Policy resource and apply them consistently across your Ingress traffic paths. Across this blog, we’re focused on: Why Use a Policy for Access Control? Many teams manage IP restrictions through cloud firewalls or raw NGINX config snippets and quickly end up with drift. […]
6日前

Anthropic's Project Glasswing - restricting Claude Mythos to security researchers - sounds necessary to me Simon Willison's Weblog
<p>Anthropic <em>didn't</em> release their latest model, Claude Mythos (<a href="https://www-cdn.anthropic.com/53566bf5440a10affd749724787c8913a2ae0841.pdf">system card PDF</a>), today. They have instead made it available to a very restricted set of preview partners under their newly announced <a href="https://www.anthropic.com/glasswing">Project Glasswing</a>.</p><p>The model is a general purpose model, similar to Claude Opus 4.6, but Anthr...
6日前

Microsoft Releases Open Source Toolkit for AI Agent Runtime Security
Socket
Microsoft has released an open source toolkit for enforcing runtime security policies on AI agents as adoption accelerates faster than governance controls.
6日前

SQLite WAL Mode Across Docker Containers Sharing a Volume Simon Willison's Weblog
<p><strong>Research:</strong> <a href="https://github.com/simonw/research/tree/main/sqlite-wal-docker-containers#readme">SQLite WAL Mode Across Docker Containers Sharing a Volume</a></p> <p>Inspired by <a href="https://news.ycombinator.com/item?id=47637353">this conversation</a> on Hacker News about whether two SQLite processes in separate Docker containers that share the same volume might run into problems due to WAL shared memory. The answ...
6日前
4/7 (火)

Name-Only Containers: The Scoping We Needed
Frontend Masters Boost RSS Feed
If we give a `container-name` to the root of all our unique components, we can scope styles to them with a simple @container query.
6日前

Alternatives to the !important Keyword
CSS-Tricks
Cascade layers, specificity tricks, smarter ordering, and even some clever selector hacks can often replace !important with something cleaner, more predictable, and far less embarrassing to explain to your future self.Alternatives to the !important Keyword originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.
6日前

Identifying Necessary Transparency Moments In Agentic AI (Part 1)
Articles on Smashing Magazine — For Web Designers And Developers
Designing for agentic AI requires attention to both the system’s behavior and the transparency of its actions. Between the black box and the data dump lies a more thoughtful approach. Victor Yocco explores how to map decision points and reveal the right moments to build trust through clarity, not noise.
6日前

New in Chrome 147
developer.chrome.com: Blog
Element-scoped view transitions, CSS contrast-color(), and the border-shape property.
6日前

What's new in DevTools (Chrome 147)
developer.chrome.com: Blog
Automatic context switching for AI assistance, Updates for DevTools for agents, and code completion for Console and Sources panels.
6日前

システム設計・開発の実践Tips LINEヤフー Tech Blog (LY Corporation Tech Blog
こんにちは。ソフトウェアエンジニアの眞井です。私はこれまでアーキテクトとして、検索連動型ショッピング広告のレポートシステムに関連する2つの新規システム開発や、その他数多くの機能追加に携わってきました。...
7日前

Investor Update – March 2026
Val Town Blog
21% revenue growth. Everyone's building AI agents and internal tools. You should deploy them on Val Town
7日前

プロダクトマネージャやデザイナがAIでプルリクエストを作成できるプロセスを作ろう
カミナシ エンジニアブログ
プロダクトマネージャやデザイナもAIでプルリクエストを作成できるプロセスを作ろう こんにちは。息子と『ドラベース』を読みはじめた daipresents です。トンボール投げたい! カミナシでは「カミナシ 教育」と「カミナシ 従業員」のマネージャを担当しております。 前回、月1回のオンサイトにおける取り組みを紹介させていただきました。 参考: エンジニアじゃない人でもAIを使えば開発貢献できるんじゃないの?イベントを開催してみた こちらについては、プロダクトマネージャやプロダクトデザイナの評価はとても高く、「もっとやりたい!」、「リリースしたい!」と、みんな開発に対する意気込みを表明してくれま…
7日前

React Native 0.85 - New Animation Backend, New Jest Preset Package
React Native Blog
Today we are excited to release React Native 0.85!
7日前

SVG Onload Tag Hides Magecart Skimmer on 99 Stores
Sansec - experts in eCommerce security
In the early hours of April 7th, nearly 100 Magento stores got mass-infected with a "double-tap" skimmer: a credit card stealer hidden inside an invisible SVG element. Sansec found stolen...
7日前

Better Auth 1.6
Better Auth Blog
OpenTelemetry instrumentation, non-blocking scrypt, passkey pre-auth registration, SAML hardening, a new release workflow, and more.
7日前

RS256 vs HS256: A deep dive into JWT signing algorithms
WorkOS Blog
Symmetric vs asymmetric JWT signatures: how each algorithm works, when to use which, and the security tradeoffs every developer should know
7日前

The 5 best identity and access management providers to power your SaaS app in 2026
WorkOS Blog
A 2026 guide to the leading IAM solutions for SaaS teams, with a breakdown of features, pricing, and trade-offs to help you choose the right provider and start closing enterprise deals faster.
7日前

Adversary-in-the-middle attacks: The threat that makes your MFA useless
WorkOS Blog
Your users enable multi-factor authentication, use strong passwords, and follow every security best practice you recommend. But none of it matters if an attacker is sitting between them and your login page, relaying traffic in real time and walking away with a valid session cookie.
7日前

GitHub Copilot CLI combines model families for a second opinion
The GitHub Blog
Discover how Rubber Duck provides a different perspective to GitHub Copilot CLI. The post GitHub Copilot CLI combines model families for a second opinion appeared first on The GitHub Blog.
7日前

How we built Organizations to help enterprises manage Cloudflare at scale
The Cloudflare Blog
Cloudflare Organizations is now in public beta, introducing a new management layer for enterprise customers with multiple accounts. Learn how we consolidated our authorization systems to enable org-wide management.
7日前















