See how GitHub is investing in open source security funding maintainers, partnering with Alpha-Omega, and expanding access to help reduce burden and strengthen software supply chains.The post Investing in the people shaping open source and securing the future together appeared first on The GitHub Blog.

Toolbox App 3.4 brings several long-awaited fixes alongside new capabilities for plugin developers. You can now hook into the remote IDE launch lifecycle, the Toolbox window behaves correctly in full-screen mode on macOS, and Windows users with non-ASCII usernames no longer need workarounds. The jetbrainsd service introduced in 3.3 also gets a round of reliability […]

<p><em><a href="https://simonwillison.net/guides/agentic-engineering-patterns/">Agentic Engineering Patterns</a> ></em></p> <p>LLMs are restricted by their <strong>context limit</strong> - how many tokens they can fit in their working memory at any given time. These values have not increased much over the past two years even as the LLMs themselves have seen dramatic improvements in their abilities - they generally top out at around 1,...

Flexbox has a very specific algorithm for determining how to deal with remaining (or lack of) space in a row. Let's use actual math to understand it then apply it to a masonry layout.

Design is about pacing and feelings as much as pixels and patterns. Alan Cohen explores Emotion in Flow and Emotion in Conflict, showing how anime like Dan Da Dan and superhero films like James Gunn’s Superman manage emotional shifts and translating those ideas into practical patterns for product design.

はじめに私たちは、社内のプラットフォームにおいて、Cloud NativeなANN（近似最近傍探索）ベクトル検索エンジン「Vald」のマネージドシステムを約4年間にわたり運用・開発してきました。本記事...

はじめに はじめまして、こんにちは。LegalOn TechnologiesでHead of Dataをしている若菜です。データ部門では、データアナリスト、データエンジニア、アナリティクスエンジニアが所属しており、日夜データに関連する施策に取り組んでいます。 記事タイトルにもある「データガバナンス」と聞くと、ルールで開発を縛る"守り"の活動をイメージされる方も多いかもしれません。しかし私たちは、ガバナンスは開発を止めるものではなく、加速させるものだと考えています。明確な基準があるからこそ、開発者は「このデータを使って良いのか」と迷う時間がなくなり、安心してデータを活用できる。結果として、事業の…

Nothing could make me switch from Keynote to web-based slides. Then, I did! And as a WebSocket geek, I realized it opens up new opportunities! Here's my contribution to making your web presentations beautifully interactive.

Introducing our Users API for Partners in public preview and new Security Automation integrations that enable SOC teams to execute programmatic user actions within automated workflows in 1Password Enterprise Password Manager.Modern security teams increasingly rely on integrated security operations center (SOC) workflows that correlate signals and alerts, while orchestrating detection responses in real time. Behind every alert is an identity: a person, a service account, an API key, or an AI agen

Modern enterprises aren’t just adding employees; they’re adding subsidiaries, multiple teams, contractors, AI builders, temporary projects, and new SaaS tools every week.And every new addition to a company’s ecosystem also brings more credentials to manage. Unfortunately, not all of those credentials can be managed by solutions like single-sign-on (SSO) or privileged access management (PAM). Many of them might be stored in shared spreadsheets, developer environments, browser sessions, and automa

Agentic AI is changing how work gets done inside organizations. It’s embedded in IDEs and automation tools, and it’s showing up in browsers, internal workflows, and everyday productivity apps. Developers are using AI agents to accelerate engineering work, while knowledge workers are vibe coding apps without training on developer security practices, all of which create untenable risks for organizations. That shift has real implications for identity and access control. For years, identity security

Automating user provisioning sounds simple, until you remember everything that provisioning really touches.For most SaaS products, SCIM is “just” user and group lifecycle management. Your identity provider calls an API, accounts get created, access is assigned, and offboarding removes it. But for 1Password, provisioning intersects with something far more sensitive: the cryptographic foundation that protects every vault.1Password is end-to-end encrypted by design. We do not hold your encryption k

A critical flaw in Magento's REST API lets unauthenticated attackers upload executable files to any store. We named the vulnerability "PolyShell" because the attack uses a polyglot (code ...

A practical guide to understanding, preventing, and defending against the #1 vulnerability in LLM applications.

User and organization insights, built directly into AuthKit.

<p><strong><a href="https://mistral.ai/news/mistral-small-4">Introducing Mistral Small 4</a></strong></p>Big new release from Mistral today (despite the name) - a new Apache 2 licensed 119B parameter (Mixture-of-Experts, 6B active) model which they describe like this:</p><blockquote><p>Mistral Small 4 is the first Mistral model to unify the capabilities of our flagship models, Magistral for reasoning, Pixtral for multimodal, and Devstral for...

<p><strong><a href="https://developers.openai.com/codex/subagents">Use subagents and custom agents in Codex</a></strong></p>Subagents were announced in general availability today for OpenAI Codex, after several weeks of preview behind a feature flag.</p><p>They're very similar to the Claude Code implementation, with default subagents for "explorer", "worker" and "default". It's unclear to me what the difference between "worker" and "default" is bu...

<blockquote cite="https://www.newyorker.com/news/annals-of-inquiry/the-pentagon-went-to-war-with-anthropic-whats-really-at-stake?_sp=9a6e0ff7-2bfd-46f8-a9e1-3941ef2003b5.1773495048769"><p>The point of <a href="https://simonwillison.net/2025/Jun/20/agentic-misalignment/">the blackmail exercise</a> was to have something to describe to policymakers—results that are visceral enough to land with people, and make misalignment risk actually salient in practice for people who ha...

<blockquote cite="https://daringfireball.net/2026/03/apple_enclaves_neo_camera_indicator"><p>Tidbit: the software-based camera indicator light in the MacBook Neo runs in the secure exclave¹ part of the chip, so it is almost as secure as the hardware indicator light. What that means in practice is that even a kernel-level exploit would not be able to turn on the camera without the light appearing on screen. It runs in a privileged environment separate from the kernel and blits the li...

<p><strong><a href="https://simonw.github.io/nicar-2026-coding-agents/">Coding agents for data analysis</a></strong></p>Here's the handout I prepared for my NICAR 2026 workshop "Coding agents for data analysis" - a three hour session aimed at data journalists demonstrating ways that tools like Claude Code and OpenAI Codex can be used to explore, analyze and clean data.</p><p>Here's the table of contents:</p><blockquote><ul><li...

Cloudflare is appealing a €14 million fine from Italian regulators over "Piracy Shield," a system that forces providers to block content without oversight. We are challenging this framework to protect the Internet from disproportionate overblocking and lack of due process.

Set up your first GitHub Actions workflow in this how-to guide.The post GitHub for Beginners: Getting started with GitHub Actions appeared first on The GitHub Blog.

Node.js is the default, but should it be? Bun and Deno have come a long way in compatibility and there are reasons that can make them better choices depending on the project.

Different AI models catch different mistakes. Here's why I run Cursor Bugbot on every Claude Code PR.

With the Excalidraw skill , agents can draw anything — including their own architecture. Here's why that's worth doing...

Voice messages from your phone, transcribed and executed by your AI agent, which then upgrades itself. The ChatOps self-improvement loop.

Knowledge compression, time compression, skill compression — understanding the unifying pattern behind what AI tooling is actually doing.

Running Claude Opus for every AI agent request was untenable. Here's how tiered model routing via OpenRouter cut costs 17x.

For this issue of What’s !important, we have a healthy balance of old CSS that you might’ve missed and new CSS that you don’t want to miss. This includes random(), random-item(), folded corners using clip-path, backdrop-filter, font-variant-numeric: tabular-nums, the Popover API, anchored container queries, anchor positioning in general, DOOM in CSS, the customizable select element, :open, scroll-triggered animations, the toolbar element, and somehow, more.What’s !important #7: random(), Folded

<p><em><a href="https://simonwillison.net/guides/agentic-engineering-patterns/">Agentic Engineering Patterns</a> ></em></p> <p>As with any tool, understanding how <a href="https://simonwillison.net/guides/agentic-engineering-patterns/what-is-agentic-engineering/">coding agents</a> work under the hood can help you make better decisions about how to apply them.</p><p>A coding agent is a piece of software that acts as a <s...

Tailwind is really great for making layouts and there are many reasons why. Zell Liew looks at four specific examples of common use cases.4 Reasons That Make Tailwind Great for Building Layouts originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Communication is one of the most critical skills for engineers to master, yet it's often overlooked.

Software development is accelerating. With AI tools helping developers write code faster, teams are shipping more frequently than ever before. Iteration cycles are shorter. Pipelines run more often. Tests execute continuously. In this environment, CI/CD isn’t just a tool used occasionally during development: it’s an always-on infrastructure that powers modern software delivery. To support this […]The post Introducing Semaphore’s New Pricing Model: Built for the AI Era of CI/CD appeared first on

This benchmark compares Semaphore to GitHub Actions, GitLab CI, Buildkite, and CircleCI using the same repository, pipeline logic, versions, and equivalent machine classes. The goal is to measure real execution time and compute cost under identical conditions. Repository and Workload Repository: Redmine (Ruby on Rails application). The workload consists of dependency installation and full test […]The post Semaphore CI/CD Benchmark: Performance and Cost Analysis appeared first on Semaphore.

The changes of proposal’s status @ 113th meeting of Ecma TC39ECMA-262New ProposalsProposal Stage Iterator Includes 2.7 Updated ProposalsProposal From To Curtailing the power of “Thenables” 1 2 Temporal 3 4 Import Text 2 3 Error Stack Accessor 2 2.7 ArrayBuffer.prototype.transfer 4 withdrawn Dynamic Import Host Adjustment 2 withdrawn ECMA-402New ProposalsNo DataUpdated ProposalsProposal From To Intl Era and MonthCode Proposal 3 4 This diff is generated by ECMAScript Proposal Diff Tool.AgendaAgend

TC39’s March 2026 meeting advanced eight ECMAScript proposals, including Temporal reaching Stage 4 and securing its place in the ECMAScript 2026 specification.

こんにちは。LINEヤフーの永吉です。2月24日（火）、「LINEヤフー Development with Agents Meetup #2」を開催しました。今回のMeetupは、Orchestrat...

こんにちは。LINEヤフー研究所でヒューマンコンピュータインタラクション（HCI）分野の研究をしている山中です。クラウドソーシングで収集したデータを使って、とても精度が良いとされているモデルに当てはめ...

For RSS readers: This article contains interactive content available on the original post on leanrada.com.You may have heard of the legendary naturalSort in JavaScript./** Natural Sort algorithm for Javascript - Version 0.7 - Released under MIT license* Author: Jim Palmer (based on chunking idea from Dave Koelle)*/function naturalSort (a, b) { var re = /(^-?[0-9]+(\.?[0-9]*)[df]?e?[0-9]?$|^0x[0-9a-f]+$|[0-9]+)/gi, sre = /(^[ ]*|[ ]*$)/g, dre = /(^([\w ]+,?[\w ]+)?[\w ]+,?[\w ]+\d+:\d+(:\d+)?[\w

It's been about a month since our major v2.0 release, and we're back with a smaller, but still

First-class application support in WorkOS with per-app client IDs, session policies, and shared identity.

<p><em><a href="https://simonwillison.net/guides/agentic-engineering-patterns/">Agentic Engineering Patterns</a> ></em></p> <p>I use the term <strong>agentic engineering</strong> to describe the practice of developing software with the assistance of coding agents.</p><p>What are <strong>coding agents</strong>? They're agents that can both write and execute code. Popular examples include <a href="https://code...

Back in January 2022, I wrote about an exciting new CSS Working Group decision: a function to detect at-rule support using @supports at-rule(@keyword). Fast forward to today, and the CSS Conditional Rules Module Level 5 specification has solidified how this feature works and Chromium (Chrome, Edge, etc.) is about to ship it in Chromium 148!

ライブラリのメンテナが Agent Skills を生成・検証して npm パッケージに同梱することを支援するツールである `@tanstack/intent` を使用して、ライブラリの使用者側と、メンテナ側の両方の観点から Agent Skills を利用する方法を紹介します。

Entering the major release era.

<blockquote cite="https://jazzband.co/news/2026/03/14/sunsetting-jazzband"><p>GitHub’s <a href="https://www.theregister.com/2026/02/18/godot_maintainers_struggle_with_draining/">slopocalypse</a> – the flood of AI-generated spam PRs and issues – has made Jazzband’s model of open membership and shared push access untenable.</p><p>Jazzband was designed for a world where the worst case was someone accidentally merging the wrong PR. In a world where <a href="ht...

<p>I was a speaker last month at the <a href="https://www.pragmaticsummit.com/">Pragmatic Summit</a> in San Francisco, where I participated in a fireside chat session about <a href="https://simonwillison.net/guides/agentic-engineering-patterns/">Agentic Engineering</a> hosted by Eric Lui from Statsig.</p><p>The video is <a href="https://www.youtube.com/watch?v=owmJyKVu5f8">available on YouTube</a>. Here are my highlights from the conversatio...

To quote the human.json Protocol:human.json is a protocol for humans to assert authorship of their site content and vouch for the humanity of others. It uses URL ownership as identity, and trust propagates through a crawlable web of vouches between sites.I think this is a neat idea, so I added it to my site. It’s available at evanhahn.com/human.json.For more, see the human.json documentation. And see how I use AI on this blog.

Since January 31, 2026, we identified at least 72 additional malicious Open VSX extensions, including transitive GlassWorm loader extensions targeting developers.

<p><strong><a href="https://claude.com/blog/1m-context-ga">1M context is now generally available for Opus 4.6 and Sonnet 4.6</a></strong></p>Here's what surprised me:</p><blockquote><p>Standard pricing now applies across the full 1M window for both models, with no long-context premium.</p></blockquote><p>OpenAI and Gemini both <a href="https://www.llm-prices.com/#sel=gemini-3-1-pro-preview-200k%2Cgpt-5.4-272k%2Cgemini-3-...

<blockquote cite="https://craigmod.com/essays/software_bonkers/"><p>Simply put: It’s a big mess, and no off-the-shelf accounting software does what I need. So after years of pain, I finally sat down last week and started to build my own. It took me about five days. I am now using the best piece of accounting software I’ve ever used. It’s blazing fast. Entirely local. Handles multiple currencies and pulls daily (historical) conversion rates. It’s able to ingest any CSV I throw at it ...

Learn how Cloudflare and CDW de-risk SASE migrations with a blueprint that treats legacy debt as an application modernization project.

The way JavaScript handles time has evolved significantly, from the built-in `Date` API to Moment.js and now Temporal. The new standard fills gaps in the original `Date` API while addressing limitations found in Moment and other libraries. Joe Attardi shares practical “recipes” for migrating Moment-based code to the new Temporal API.

NES.cssA NES-themed CSS framework and it looks exactly as you'd expect it to.An immersive personal siteWe're all out here building blogs, while Jonathan is here building an immersive first-person world as a personal site.Your AI slop bores meIn a world looming with the threat of ai stealing your job, save humanity by stealing AI's job.A very interesting person-to-person "chat bot".BonsplitA handy looking tabs and layout splitting tool for macOS power users.BaseWatchWant to get alerted as soon as

Vite+ は Vite, Vitest, Oxlint, Oxfmt, Rolldown, tsdown といった人気のツールを統合し、開発, テスト, ビルド, リント, フォーマットなどのフロントエンド開発に必要な機能を1つのツールチェインで提供する新しいフロントエンドツールチェインです。この記事では実際に Vite+ をインストールして、プロジェクトのセットアップから開発、テスト、ビルドまでの一連の流れを試してみました。

<p><strong><a href="https://github.com/Shopify/liquid/pull/2056">Shopify/liquid: Performance: 53% faster parse+render, 61% fewer allocations</a></strong></p>PR from Shopify CEO Tobias Lütke against Liquid, Shopify's open source Ruby template engine that was somewhat inspired by Django when Tobi first created it <a href="https://simonwillison.net/2005/Nov/6/liquid/">back in 2005</a>.</p><p>Tobi found dozens of new performance micro-opti...

はじめに こんにちは。メディア統括本部 Data Science Center（DSC）の土井 悠生 ...

はじめに こんにちは。プロダクト開発基盤チームのYoshioka（@tsuyogoro）です。 LLMによるコーディングが当たり前になり、チームでも人力でコードを書く場面は減ってきました。一方で、手戻りが起きやすいのは実装そのものより「実装の前」だという感覚は残っています。 何をどう分解するか どの順序で進めるか 依存関係や完了条件をどう定義するか ここが曖昧なままだと、あとから設計や優先順位が崩れ、「進んでいるのに進んでいない」状態になりがちです。こうした経験に心当たりのある方も多いのではないでしょうか。さらに計画フェーズは認知負荷が高く、人間がボトルネックになりやすい傾向があります。 そこ…

Women’s History Month is a time to recognize the women who are not only advancing their fields, but reshaping what leadership means within them. The theme guiding this year’s Women at 1Password Employee Resource Group (ERG), Leading the Change: Women Shaping a Sustainable Future, reflects that responsibility.One of the women leading that change within 1Password is Nicole Scherbina, Senior Staff Manager of Product Operations and a leader within our Women at 1Password ERG. Her perspective on leade

Discover what's new in Atomic CRM 1.5, including SSO support, a new MCP server for AI assistants, enhanced mobile UX, and much more.

REST APIs serve developers. MCP serves AI agents. Learn how the two protocols layer together and when your API needs both.

Hello to our Kubernetes community! Over the past few months, the F5 NGINX Community and F5 NGINX Kubernetes teams have been working on reinvigorating our open source presence. One of our new initiatives involves having public roadmaps available through GitHub Projects boards for both the NGINX Ingress Controller and NGINX Gateway Fabric project! We also […]

Safari Technology Preview Release 239 is now available for download for macOS Tahoe and macOS Sequoia.

<p><strong><a href="https://malus.sh/">MALUS - Clean Room as a Service</a></strong></p>Brutal satire on the whole vibe-porting license washing thing (<a href="https://simonwillison.net/2026/Mar/5/chardet/">previously</a>):</p><blockquote><p>Finally, liberation from open source license obligations.</p><p>Our proprietary AI robots independently recreate any open source project from scratch. The result? <strong>Leg...

<p><strong><a href="https://www.nytimes.com/2026/03/12/magazine/ai-coding-programming-jobs-claude-chatgpt.html?unlocked_article_code=1.SlA.DBan.wbQDi-hptjj6">Coding After Coders: The End of Computer Programming as We Know It</a></strong></p>Epic piece on AI-assisted development by Clive Thompson for the New York Times Magazine, who spoke to more than 70 software developers from companies like Google, Amazon, Microsoft, Apple, plus other individuals including ...

<blockquote cite="https://blog.lmorchard.com/2026/03/11/grief-and-the-ai-split/"><p>Here's what I think is happening: AI-assisted coding is exposing a divide among developers that was always there but maybe less visible.</p><p>Before AI, both camps were doing the same thing every day. Writing code by hand. Using the same editors, the same languages, the same pull request workflows. The craft-lovers and the make-it-go people sat next to each other, shipped the same produc...

AI automates triage for accessibility feedback, allowing us to focus on fixing barriers—turning a chaotic backlog into continuous, rapid resolutions.The post Continuous AI for accessibility: How GitHub transforms feedback into inclusion appeared first on The GitHub Blog.

Use your CKEditor 14-day trial to test AI, collaboration, and export. Learn what’s included, how to get a license key, and what changes after it ends.

Just two short long years ago, I wrote an article here called Document Collaboration (with Comments!). As a long-time blogger who helps others with their articles too, I’ve played with lots of tools to help with this flow. I put some options in that post, but none are perfect. The big names come with baggage […]

Six malicious Packagist packages posing as OphimCMS themes contain trojanized jQuery that exfiltrates URLs, injects ads, and loads FUNNULL-linked redirects.

As AI becomes part of CI/CD workflows, new questions emerge: When AI participates in pipeline decisions — whether for test selection, risk scoring, anomaly detection, or deployment approval — observability and auditability become critical. This article explains how to monitor and audit AI-driven decisions in CI/CD pipelines in a way that preserves traceability, rollback safety, […]The post How to Monitor and Audit AI Decisions in a CI/CD Pipeline appeared first on Semaphore.

To add to the container query options that we already have (size queries, style queries, scroll-state queries), as well as the container query range syntax and many upgrades to all of the above, we can now use anchored container queries from Chrome 143.Chrome’s announcement post demonstrates how, if we were using anchor positioning, we could use anchored container queries to query the currently active fallback position (if any). They’ve provided a little demo in the post where a toggletip caret

要素が画面内に入った時にアニメーションを開始するスクロールトリガーアニメーションは、これまでは JavaScript を使用して `Intersection Observer API` を利用する方法が一般的でした。JavaScript を使わずに CSS だけで実装を完結できるようになる `animation-trigger` という新しい CSS プロパティが登場しました。

For years, developers have been hacking around the limitations of `border-radius`, using clip-path, SVG masks, and fragile workarounds just to get anything other than round corners. The new `corner-shape` property finally changes that, opening the door to beveled, scooped, and squircle corners.

Blocking bots isn’t enough anymore. Cloudflare’s new fraud prevention capabilities — now available in Early Access — help stop account abuse before it starts.

In February, we experienced six incidents that resulted in degraded performance across GitHub services.The post GitHub availability report: February 2026 appeared first on The GitHub Blog.

The GCVE initiative operated by CIRCL has officially opened its publishing ecosystem, letting organizations issue and share vulnerability identifiers without routing through a central authority.

はじめに はじめまして、株式会社LegalOn Technologies（職種: データ分析）の上野と申します。現在、データ分析チームに所属し、データとML/AIを用いた営業支援活動を行っております。 2つの既存サービス「LegalForce」と「LegalForceキャビネ」がひとつになり、次世代の法務AI「LegalOn」として産声を上げてから、早いもので2年が経とうとしています。 プロダクトの統合によって、利便性は大きく向上しました。と同時に、サービス形態の変更により、お客様との契約方法も大きくアップデートされております。この新しい環境の中で、弊社営業部門がお客様と密接で継続的なコミュニ…

Announcing CloudCannon as an official Astro partner, sponsoring $4,000 each month toward the ongoing open-source maintenance and development of Astro.

Inspired by others, I’m publishing how I use generative AI to write this little blog.General feelings on generative AIGenerative AI, like any technology, has tradeoffs. I think the cons far outweigh the pros. In other words, the world would be better off without generative AI.Despite this belief, I use it. I’m effectively forced at work, but I also use LLMs to help write this personal blog. I think they can produce better writing if used correctly.Also: I want to be critical of this technology.

Manage environment variables in the Firebase console, and learn about a small change our engineering team made to improve build times for everyone.

Taskfile is a tool inspired by Makefile written in Go. It was designed to address common problems encountered with Makefile, while offering a simpler and more readable syntax.

Nuxt 4.4 brings custom useFetch/useAsyncData factories, vue-router v5, a new accessibility announcer, typed layout props, build profiling, smarter payload handling, and much more.

A 2026 guide to the best SCIM providers for SaaS teams that need enterprise ready user provisioning.

<p><strong><a href="https://tools.simonwillison.net/sort-algorithms">Sorting algorithms</a></strong></p>Today in animated explanations built using Claude: I've always been a fan of animated demonstrations of sorting algorithms so I decided to spin some up on my phone using Claude Artifacts, then added Python's timsort algorithm, then a feature to run them all at once. Here's the <a href="https://claude.ai/share/2c09f6f7-57ed-47eb-af2e-fc39ddc4c39f">full...

When you make a Web Component for a form element, you've got a bit of extra work to do to make sure they participate on the form in expected ways.

GitHub recently experienced several availability incidents. We understand the impact these outages have on our customers and are sharing details on the stabilization work we’re prioritizing right now.The post Addressing GitHub’s recent availability issues appeared first on The GitHub Blog.

Today we’re announcing the availability of a new open source module that enables real-time insights into Model Context Protocol (MCP) traffic processed by NGINX. This capability empowers NGINX operators to trace and monitor activity from AI agents, enabling the ability to spot error-prone agents, high latency MCP tools, throughput disparities between MCP servers, and much […]

記事は ics.media へアクセスしてご覧ください。

<blockquote cite="https://twitter.com/ID_AA_Carmack/status/1405932642005041153"><p>It is hard for less experienced developers to appreciate how rarely architecting for future requirements / applications turns out net-positive.</p></blockquote><p class="cite">— <a href="https://twitter.com/ID_AA_Carmack/status/1405932642005041153">John Carmack</a>, a tweet in June 2021</p> <p>Tags: <a href="https://simonwillison.net/tags/john-car...

Let’s go over a few demos using the new customizable <select> feature that may be wild, but also give us a great chance to learn new things in CSS.Abusing Customizable Selects originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

The project is retiring its odd/even release model in favor of a simpler annual cadence where every major version becomes LTS.

Cloudflare now returns RFC 9457-compliant structured Markdown and JSON error payloads to AI agents, replacing heavyweight HTML pages with machine-readable instructions. This reduces token usage by over 98%, turning brittle parsing into efficient control flow.

Cloudflare AI Security for Apps is now generally available, providing a security layer to discover and protect AI-powered applications, regardless of the model or hosting provider. We are also making AI discovery free for all plans, to help teams find and secure shadow AI deployments.

The value of z-indexA really pragmatic and systematic approach to z-index here.How to start a record collectionSome great recommendations here and as Mike says, "Congrats. I’m sorry."You probably shouldn’t be annotating focus orderA delightfully thorough piece by Eric here. Not many do it better.Animated dark mode transition with modern CSSDid you know that you can animate @property? You will by the end of this article.5 quick tips for giving better presentationsPlenty of very good advice here f

長らく Node.js では偶数バージョン (v22, v24 など) が LTS としてメンテナンスされてました。しかし 2027/4 リリース予定の v27 以降はそうではなくなります。Node.js 公式ブログで、v27 以降に取り入れられる新しいリリーススケジュールについて説明されています。 Node.js — Evolving the Node.js Release Schedule かいつまんで説明すると: major リリースは年2回から年1回となる 奇数番号だけでなく全てのリリースが LTS となる 早期テスト目的で利用されてた奇数リリースは alpha チャンネルで代替される…

Get a preview of the next Chrome release with this post detailing the features in the current beta.

Learn the different purposes of WebMCP and MCP, and how to use them together for agentic experiences.

皆さんこんにちは。花谷（@potato4d）です。今回は2月28日に開催された React Tokyo フェス 2026 について、LINEヤフーとしてスポンサーを行いました。本記事では、イベント本編...

2026年2月17日、当社主催の「LINEヤフー Development with Agents Meetup #1」を紀尾井町オフィスとオンラインの同時開催で実施しました。会場参加は定員100名で満...

Welcome to our blog! I'm Jason Williams, a senior software engineer on Bloomberg's JavaScript Infrastructure and Terminal Experience team. Today the Bloomberg Terminal runs a lot of JavaScript. Our team provides a JavaScript environment to engineers across the company.Bloomberg may not be the first company you think of when discussing JavaScript. It certainly wasn't for me in 2018 before I worked here. Back then, I attended my first TC39 meeting in London, only to meet some Bloomberg engineers w

Evil Martians is a developer tools consultancy. Founded in 2006, we work with about 40 early-stage startups a year, mostly seed to Series B. We helped bolt.new scale from zero to $40M+ ARR in 5 months. Teleport and Tines reached unicorn status with Martians on their teams.

JavaScript plugins for Oxlint have reached alpha - and we expect 80% of ESLint users can now switch to Oxlint and have it "just work".Oxlint already has over 650 popular lint rules implemented in Rust, running at native speed. JS plugins fill in the gaps - an ESLint-compatible plugin API, letting you run existing ESLint plugins and write your own custom rules, all within Oxlint. Native performance for most rules, full flexibility for the rest.Since the first technical preview last year, we've fi

Autonomous agents are becoming first-class API consumers. Your authorization model needs to treat them that way.

React Server Components (RSC) render exclusively on the server and are never included in the bundle. RSCs can improve web performance and Largest Contentful Paint by shipping less JavaScript to the browser.

View Transitions are a powerful Modern Web feature allow for smooth seamless animated transitions two between different states of a web page. They can make for a much more pleasant user experience, but as with any new web platform feature, browser support is not yet fully universal so you need to add some fallback logic to your code.view-transitions-mock bridges that gap. It is a spec-compliant JavaScript implementation of Same-Document View Transitions that polyfills the entire JavaScript API s

はじめに AmebaLIFE事業本部でWebフロントエンドエンジニアをしている湯本航基（@yu_3i ...

<p><em><a href="https://simonwillison.net/guides/agentic-engineering-patterns/">Agentic Engineering Patterns</a> ></em></p> <p>Many developers worry that outsourcing their code to AI tools will result in a drop in quality, producing bad code that's churned out fast enough that decision makers are willing to overlook its flaws.</p><p>If adopting coding agents demonstrably reduces the quality of the code and features you are producing, ...

Published late February to early March 2026, these crates impersonate timeapi.io and POST .env secrets to a threat actor-controlled lookalike domain.

AI is shifting from prompt-response interactions to programmable execution. See how the GitHub Copilot SDK enables agentic workflows directly inside your applications.The post The era of “AI as text” is over. Execution is the new interface. appeared first on The GitHub Blog.

The new .setHTML() method in JavaScript, part of the Sanitizer API, can be a one-to-one replacement for .innerHTML(), making sites more secure from XSS attacks. I think that’s pitch-perfect feature branding from Mozilla on this: Goodbye innerHTML, Hello setHTML: Stronger XSS Protection in Firefox 148. Listen to Frederik Braun go deep into this on ShopTalk […]