Introduction Hey, I’m VuongVu, a backend eng ...

<blockquote cite="https://www-cs-faculty.stanford.edu/~knuth/papers/claude-cycles.pdf"><p>Shock! Shock! I learned yesterday that an open problem I'd been working on for several weeks had just been solved by Claude Opus 4.6 - Anthropic's hybrid reasoning model that had been released three weeks earlier! It seems that I'll have to revise my opinions about "generative AI" one of these days. What a joy it is to learn not only that my conjecture has a nice solution but also to celebrate ...

An experiment in creating a fine-tuned SLM/LLM model as a proof-of-concept using Apple's MLX framework. Required ingredient: MacBook with Apple silicon thatsupports unified memory and Ollama

はじめに こんにちは、奈良先端科学技術大学院大学 修士 1 年 の 東迎健太郎 です。 2025年 ...

はじめに こんにちは！2026年2月に CA Tech Job インターン生として就業 ...

はじめに GOODROIDでUnityエンジニアをしています、及川です。 普段は基盤領域や全体設計な ...

<p><strong><a href="https://blog.google/innovation-and-ai/models-and-research/gemini-models/gemini-3-1-flash-lite/">Gemini 3.1 Flash-Lite</a></strong></p>Google's latest model is an update to their inexpensive Flash-Lite family. At $0.25/million tokens of input and $1.5/million output this is 1/8th the price of Gemini 3.1 Pro.</p><p>It supports four different thinking levels, so I had it output <a href="https://gist.github.com/simonw/99fb28dc11...

Join Socket for live demos, rooftop happy hours, and one-on-one meetings during BSidesSF and RSA 2026 in San Francisco.

Here's how we the search experience better, faster, and more resilient for GHES customers.The post How we rebuilt the search architecture for high availability in GitHub Enterprise Server appeared first on The GitHub Blog.

Malicious Packagist packages disguised as Laravel utilities install an encrypted PHP RAT via Composer dependencies, enabling remote access and C2 callbacks.

GitHub Copilot Dev Days is a global series of hands-on, in-person, community-led events designed to help developers explore real-world, AI-assisted coding. The post Join or host a GitHub Copilot Dev Days event near you appeared first on The GitHub Blog.

A framework-agnostic component library, designed to be styled. It can be done.

Discover CKBox 2.11.0 and 2.10.0 with semantic search, expanded search actions, and improved workspace management for faster asset discovery.

Our newest Smashing Book, “Accessible UX Research” by Michele Williams, is finally shipping worldwide — and we couldn’t be happier! This book is about research, but you’ll also learn about assistive technology, different types of disability, and how to build accessibility into the entire design process. This thoughtful book will get you thinking about ways to make your UX research more inclusive and thorough, no matter your budget or timeline. Jump to the book details or order your copy now.

There has been a fundamental shift toward industrialized cyber threats, highlighted by a record 31.4 Tbps DDoS attack and sophisticated session token theft. Our new report examines how nation-states and criminal actors have moved beyond traditional exploits to "living off the XaaS" within legitimate enterprise logic.

Stop managing ETL pipelines and start threat hunting. Introducing new visualization, automation, and enrichment tools in the Cloudflare Threat Intelligence Platform to turn massive telemetry into instant security posture.

Back in January, I found myself longing for an accessibility-first culture and for a while, I’ve also been looking for ways to learn senior-level accessibility skills. I expected to find one of those needs, but not both, when I joined npmx on a whim. Today is the alpha release of npmx, and I’m happy to share how they’ve already exemplified an accessibility-first community.Missing an accessibility-first communityIt's hard to put into words how lonely it is when you’re the only person ensuring tha

CI/CD and GitOps solve different problems, but they work best together. CI systems validate and build your code. GitOps tools like Argo CD and Flux handle deployment by continuously reconciling your cluster state with what’s defined in Git. When integrated correctly, CI builds artifacts and updates manifests, while GitOps handles the actual deployment. This separation […]The post How to Integrate CI/CD with GitOps Tools Like Argo CD or Flux appeared first on Semaphore.

Cloudy is our LLM-powered explanation layer built directly into Cloudflare One. Its explanations, now part of Phishnet and API CASB, can improve user decisions and SOC efficiency.

Email security is a constant arms race. Like WWII engineers reinforcing only the planes that returned, survivorship bias hides real gaps. But LLMs can help us find the invisible weaknesses.

Cloudflare CASB Remediation lets security teams go beyond visibility to fix risky file sharing in Microsoft 365 and Google Workspace directly from Cloudflare One, all in just a few clicks.

はじめにこんにちは！DevRelの井上です。2026年1月、福岡拠点にて開催した「Tech Link Fukuoka #2」についてご紹介します。Tech Link Fukuokaは、LINEヤフーの...

この記事は、合併前の旧ブログに掲載していた記事（初出：2020年11月25日）を、現在のブログへ移管したものです。内容は初出時点のものです。こんにちは。LINE Growth Technology福岡...

Discover how updating non-code files can cause regressions in benchmarks. We investigate how CPU differences, cache architecture, and instruction set extensions affect performance measurements in CI.

There’s a moment every IT and security team recognises. You’ve done the hard work: rolled out SSO, tightened access policies, and moved sensitive tools behind stronger authentication. On paper, it looks like progress.Then reality shows up in the form of a “quick login” from a personal laptop, a contractor device you don’t manage, or a machine that hasn’t been updated in months. Suddenly, your access decision is only as strong as the device behind it.In EMEA, it’s particularly challenging to be c

A deep dive extending Flipper in Rails: friendly actor IDs, team-wide flags, percentage rollouts, analytics events, and admin auditing.

Why your password policy is probably wrong, how attackers actually crack passwords, and what the math says you should do instead.

Why the dashboard is the last step that automation hasn't touched.

Today, npmx.dev officially enters alpha: a fast, modern browser for the npm registry. We've been watching this project closely at VoidZero, because npmx is built on our toolchain and feedback from its developers has already made our tools measurably faster. Here's how that relationship works.A shared mission ​VoidZero's mission is to make JavaScript developers more productive than ever before, including how developers find and choose packages. That's exactly what npmx is tackling. Beyond browsin

W3C Accessibility Guidelines (WCAG) 3.0 Working Draft is updated. The starting place for background, timeline, and up-to-date information is the WCAG 3 Introduction. For a list of changes in the March 2026 draft, see Status: In-progress drafts.

Trace: Declarative Modeling for the AI AgeSpec first, then plan, then code. In the age of AI, most developers already understand the value of this when working with an AI agent.What changes when an LLM is generating the code is the weight placed on how the spec is written. It's no longer just communication between people who can ask each other questions, it's the primary input to a system that will produce significant amounts of code. Vague specs produce vague implementations, and the gap betwee

Learn TypeScript for free in 2026 — no experience needed. A structured path from total beginner to production-ready developer, starting with two free workshops.

The npm browsing experience we always wanted

CSS Anchor Positioning is a powerful tool, but one of the things that you cannot do natively (yet) is animating the position-area property. This blog post introduces a technique to animate position-area changes using View Transitions.

As HubSpot engineers have increasingly started writing more and more of their code with both local and cloud coding agents, we've noticed that now more than ever, code review is taking up a large portion of cycle time on new changes.

Learn how to get organized and collaborate more efficiently with this step-by-step tutorial.The post GitHub for Beginners: Getting started with GitHub Issues and Projects appeared first on The GitHub Blog.

<p><em><a href="https://simonwillison.net/guides/agentic-engineering-patterns/">Agentic Engineering Patterns</a> ></em></p> <p>I like to include animated GIF demos in my online writing, often recorded using <a href="https://www.cockos.com/licecap/">LICEcap</a>. There's an example in the <a href="https://simonwillison.net/guides/agentic-engineering-patterns/interactive-explanations/">Interactive explanations</a> chapter.&lt...

Choosing between Popover API and Dialog API is difficult because they seem to do the same job, but they don’t! After a bit lots of research, I discovered that the Popover API and Dialog API are wildly different in terms of accessibility and we'll go over that in this article.Popover API or Dialog API: Which to Choose? originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

記事は ics.media へアクセスしてご覧ください。

<p>I just sent the February edition of my <a href="https://github.com/sponsors/simonw/">sponsors-only monthly newsletter</a>. If you are a sponsor (or if you start a sponsorship now) you can <a href="https://github.com/simonw-private/monthly/blob/main/2026-02-february.md">access it here</a>. In this month's newsletter:</p><ul><li>More OpenClaw, and Claws in general</li><li>I started a not-quite-a-book about Agentic Engineering</li&g...

We can take a value set in an HTML attribute and use it in CSS, even extracting each individual digit in order to animate separately.

Why you should be cautious of moving too quickly with your titles.

We want to share an update on what our product team is currently working on. Listen on Semaphore Uncut Podcast 🎙️ From CI Jobs to Assistive Agents Semaphore has always been a reliable place to run builds, tests, and deployments at scale. Now, we’re expanding that foundation. We’re developing an AI-powered assistant inside Semaphore designed […]The post Product Update: AI-Driven Onboarding and Workflow Automation in Semaphore appeared first on Semaphore.

Performance isn’t just a technical metric or a revenue lever. It’s a perception engine. Every delay subtly reshapes how users evaluate your credibility, professionalism, and trustworthiness. Once perception shifts, it’s difficult to reverse.We’ve known for years that slow pages hurt conversion rates. They increase bounce. They reduce revenue. They drag down engagement.But there’s another cost that’s harder to measure and potentially more damaging in the long term: Slow pages change how people fe

What happens if you rebuild a single tooltip using the browser’s native model without the aid of a library? The Popover API turns tooltips from something you simulate into something the browser actually understands. Opening and closing, keyboard interaction, Escape handling, and much of the accessibility now come from the platform itself, not from ad-hoc JavaScript.

OpenVSX releases of Aqua Trivy 1.8.12 and 1.8.13 contained injected natural-language prompts that abuse local AI coding agents for system inspection and potential data exfiltration.

Read about various happenings with Baseline during January 2026

In 2026, agile SASE is the engine for modernization. Discover how Cloudflare One secures humans, devices, and AI agents on a single, programmable connectivity cloud.

Project Helix simplifies and accelerates the onboarding process for Cloudflare One. By using automation and Terraform templates, this tool allows customers to quickly deploy a comprehensive, best-practice configuration in minutes.

As the only SASE platform with a native developer stack, we’re giving you the tools to build custom, real-time security logic and integrations directly at the edge.

はじめに 東京科学大学情報理工学院情報工学系修士1年の千代丸怜央と申します。 2025年2月7日から ...

はじめに 2026年3月1日、VPoE 河合俊典およびCTO 大垣慶介が新たに業務執行役員に就任し、それぞれ業務執行役員VPoEおよび業務執行役員CTOとなりました。 本記事では、Q&A形式で業務執行役員就任の背景と2人の魅力、これからのエムスリーエンジニアリンググループについてを包み隠さずお伝えします！ 左から取締役CPO山崎、業務執行役員CTOの大垣、業務執行役員VPoE河合 はじめに Q1. なぜ今2人が業務執行役員に？ Q2. “AI時代最速”とは、何の速度を最速化することか？ AIの民主化 => それぞれがプロダクト作りの主人公に 意思決定をボトルネックにしないための組織変革 Q3.…

For RSS readers: This article contains interactive content available on the original post on leanrada.com.Implemented a Japanese input method in my keyboard firmware (based on QMK).It’s used to write in katakana and hiragana (syllable-based writing systems for Japanese) using Roman / Latin letters on my keyboard.How kana worksHiragana and katakana (collectively kana) are syllabaries, writing systems where a consonant-vowel syllable is written as a single character.A common way to type kana on a

WorkOS has raised $100 million in Series C financing, valuing the company at $2 billion. The round was led by Meritech and Sapphire, with participation from Audacious, Craft, Abstract, Greenoaks, and others.

はじめに ABEMAのData Scienceチームで、2025年9月から半年間、ミッション型インタ ...

<blockquote cite="https://claude.com/import-memory"><p><code>I'm moving to another service and need to export my data. List every memory you have stored about me, as well as any context you've learned about me from past conversations. Output everything in a single code block so I can easily copy it. Format each entry as: [date saved, if available] - memory content. Make sure to cover all of the following — preserve my words verbatim where possible: Instructions I've given you ...

MUI X pricing and licensing is being updated to reflect product value and support continued investment in the ecosystem.

レスポンシブデザインにおいてメディアクエリを使用して異なる画面サイズに対して異なるフォントサイズを指定する方法は一般的ですが、いくつかの課題点もあります。`clamp()` 関数を使用することで、画面幅の変化に対してフォントサイズが滑らかに変化するようにできます。また煩雑なメディアクエリの管理を減らすことができます。

In short: in my mind, errors are divided into two categories. Expected errors (think “user entered invalid data”), which are part of normal operation, aren’t the developer’s fault, and should be handled. Unexpected errors (think “null pointer exception”) are the developer’s fault, likely indicate a bug, and are allowed to crash.Error handling is an important, but often neglected, part of programming and user experience.Over the years, I’ve developed an opinion about the two types of error in sof

This month, we got a ton of new features across Svelte, SvelteKit and even the Svelte CLI. Plus, the State of JS 2025 is out and Svelte continues to hold the top spot among reactive frameworks in terms of positive sentiment.So, without further ado, let's dive in!What's new in SveltecreateContext can now be used when instantiating components programmatically ([email protected], Docs, #17575){@html} expressions now support TrustedHTML ([email protected], #17701)Comments are now allowed in HTML tags (svelt

Drupal 7 is end-of-life and D10 upgrades cost $50K+. Here's the complete guide to migrating your Drupal site to a modern static codebase.

Framer makes beautiful sites. Astro makes beautiful sites you own. Here's how they compare for marketing pages and portfolios.

Squarespace has the worst mobile performance of any major website builder. Here's why companies are migrating to code — and how to do it.

Escape Drupal's complexity. AI agents rebuild your site as a modern Astro codebase — no PHP, no database, no security patches.

Your Drupal site doesn't need a database. Convert it to clean source code — no PHP, no hosting costs, no security patches.

Move your Drupal site from a PHP server to a GitHub repo. Clean code, version control, deploy anywhere — no more Drupal updates.

Leave Drupal's PHP stack for a modern JavaScript codebase. AI agents migrate your site to Astro or Next.js with full source on GitHub.

Your Drupal site probably doesn't need a database. Convert it to a static site — faster, free to host, zero maintenance.

Love Framer's design but not the $30/mo? AI agents rebuild your site as an Astro codebase — same design, better performance, you own it.

Framer won't export your site. AI agents extract your design and rebuild it as clean, editable code you own.

Your Framer site, rebuilt as clean code in a private GitHub repo. Branch it, edit it, deploy it anywhere.

Move from Framer to a real React codebase. AI agents handle the migration — you get clean Next.js or Astro source on GitHub.

Framer charges $30/mo for what could be a free static site. Convert once, host anywhere, keep the design.

Leave Squarespace's templates and monthly fees behind. Get a modern Astro codebase with Lighthouse 100 and full code ownership.

Own your Squarespace site as real, editable code. AI agents extract everything and rebuild it as clean source you control.

Move your Squarespace site to GitHub. Version control, CI/CD, and AI-editable code — no more template constraints.

Outgrow Squarespace templates. Migrate to a modern Astro or Next.js codebase with full source on GitHub.

Squarespace charges $29/mo for what should be a static site. Convert it once and host for free — forever.

Escape Webflow's monthly fees and code export limitations. AI agents rebuild your site as a clean Astro codebase you actually own.

Webflow's "export" isn't real code. Get a clean, editable codebase that AI agents and developers can actually work with.

Move your Webflow site to a GitHub repo. Version control, branching, AI-editable code — stop paying $29/mo for a visual editor.

Leave Webflow for a real React codebase. AI agents migrate your site to Astro (or Next.js) with full source code on GitHub.

Your Webflow site is already mostly static — you're just paying $29/mo for it. Convert to real static HTML and host for free.

Wix won't let you export your site. AI agents extract everything and rebuild it as fast, clean Astro code you actually own.

Wix won't let you export your site. We extract everything — content, images, structure — and rebuild it as code you own.

Free your Wix site. Get a private GitHub repo with clean source code, version history, and the ability to deploy anywhere.

Outgrow Wix. AI agents migrate your site to a modern Astro or Next.js codebase with full source on GitHub.

Wix charges $39/mo to serve static content slowly. Convert to a real static site — faster, free to host, and yours to keep.

Leave WordPress behind. AI agents rebuild your site as a modern Astro codebase — faster, cheaper, and fully yours.

Stop renting your website from WordPress. Get clean, editable source code you own — deployed from GitHub in minutes.

Your WordPress site, rebuilt as clean code in a private GitHub repo. Clone it, branch it, deploy it anywhere.

Move from WordPress to a modern Next.js or Astro codebase. AI agents handle the migration — you get a GitHub repo in minutes.

Your WordPress site doesn't need a database. Convert it to blazing-fast static HTML — Lighthouse 100, free hosting, zero security patches.

<p><em><a href="https://simonwillison.net/guides/agentic-engineering-patterns/">Agentic Engineering Patterns</a> ></em></p> <p>When we lose track of how code written by our agents works we take on <strong>cognitive debt</strong>.</p><p>For a lot of things this doesn't matter: if the code fetches some data from a database and outputs it as JSON the implementation details are likely simple enough that we don't need to care. ...

minimatch patched three high-severity ReDoS vulnerabilities that can stall the Node.js event loop, and Socket has released free certified patches.

Loren Stewart built the same (kanban) app 10 times and wrote about it, trying to figure out which JavaScript framework is best for his team. The focus is on mobile web performance. The implementations were reviewed by others. Here’s my own summary of his summary:

Talk on CSS Anchor Positioning

Do you need a little inspiration boost? Well, then our new batch of desktop wallpapers is for you. Designed by the community for the community, the wallpapers in this collection are the perfect opportunity to get your desktop ready for spring — and, who knows, maybe they’ll spark some new ideas, too. Enjoy!

February 2026 - Astro shines in the 2025 State of JS, adoption climbs according to HTTP Archive results, and more!

Things I did and saw this February.Things I madeI shipped my first feature at Ghost: Inbox Links. When a member enters their email to log in or sign up, we now show a button that takes them straight to their inbox. In addition to shipping a neat feature, I also enjoyed learning about MX records and RFC-compliant email address parsing. The source code for the main logic is here.I was surprised to learn that gzip streams encode which operating system did the compression. I built a little tool, “gz

<p><strong><a href="https://blog.timcappalli.me/p/passkeys-prf-warning/">Please, please, please stop using passkeys for encrypting user data</a></strong></p>Because users lose their passkeys <em>all the time</em>, and may not understand that their data has been irreversibly encrypted using them and can no longer be recovered.</p><p>Tim Cappalli:</p><blockquote><p>To the wider identity industry: <em>please stop p...

<p><strong><a href="https://minimaxir.com/2026/02/ai-agent-coding/">An AI agent coding skeptic tries AI agent coding, in excessive detail</a></strong></p>Another in the genre of "OK, coding agents got good in November" posts, this one is by Max Woolf and is very much worth your time. He describes a sequence of coding agent projects, each more ambitious than the last - starting with simple YouTube metadata scrapers and eventually evolving to this:</p>&lt...

<p><strong><a href="https://claude.com/contact-sales/claude-for-oss">Free Claude Max for (large project) open source maintainers</a></strong></p>Anthropic are now offering their $200/month Claude Max 20x plan for free to open source maintainers... for six months... and you have to meet the following criteria:</p><blockquote><ul><li><strong>Maintainers:</strong> You're a primary maintainer or core team member of a public rep...

<p><strong><a href="https://tools.simonwillison.net/unicode-binary-search">Unicode Explorer using binary search over fetch() HTTP range requests</a></strong></p>Here's a little prototype I built this morning from my phone as an experiment in HTTP range requests, and a general example of using LLMs to satisfy curiosity.</p><p>I've been collecting <a href="https://simonwillison.net/tags/http-range-requests/">HTTP range tricks</a> for a w...

Despite what’s been a sleepy couple of weeks for new Web Platform Features, we have an issue of What’s !important that’s prrrretty jam-packed. The web community had a lot to say, it seems, so fasten your seatbelts!What’s !important #6: :heading, border-shape, Truncating Text From the Middle, and More originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

A hands-on guide to using GitHub Copilot CLI to move from intent to reviewable changes, and how that work flows naturally into your IDE and GitHub.The post From idea to pull request: A practical guide to building with GitHub Copilot CLI appeared first on The GitHub Blog.

TL;DR: We can center absolute-positioned elements in three lines of CSS. And it works on all browsers!Yet Another Way to Center an (Absolute) Element originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Socket uncovered 26 malicious npm packages tied to North Korea's Contagious Interview campaign, retrieving a live 9-module infostealer and RAT from the adversary's C2.

Shades of halftoneExtremely interactive, extremely creative and extremely informative. Great stuff.Colour memory gameThis is really fun! Test your pixel pushing colleagues too 😉x86 CPU made in CSSAnd people still have the nerve to say CSS isn't a programming language. Of course it is!Fav tech museumsA beautifully crafted composition of prose and lovely media.DJR glyph navigatorVery nice glyphs, colours and layout.P.S. this is a good website from personalsit.es.Sponsor messageTake your career to...

こんにちは。Webエンジニアをしているotariidaeです。 「ひとつのSTORES」としてプロダクトの統合を進めてきた結果、システム間通信の実装が増えています。多くのシステムをRuby on Railsで構築している STORES では、こうした機能をテストする際、外部リクエストの扱いとしてWebMockやRSpecのテストダブルが主な選択肢となります。STORES では可能な限り実際の挙動に近い形で検証したいというスタンスから、原則としてWebMockを採用しています。 STORES はWebMock多用企業です。 RSpecのマッチャーが効く WebMockの .with ではRSpe…

はじめまして！ 2026年の2月後半に10日間、エムスリーのAI・機械学習チームでインターンをしていた竜です。 この記事では、セルフホストされた社内のCI/CD基盤を新しく構築し、その上で弊チームにおいてデプロイ時間を約半分短縮した事例について紹介します。 合わせて、1人の学生の視点から見たエムスリーの雰囲気であったり良さを紹介できればと思います！ 最終日に食べたランチ

Minor misconfigurations or request anomalies often seem harmless in isolation. But when these small signals converge, they can trigger a security incident known as a toxic combination. Here’s how to spot the signs.

The Web streams API has become ubiquitous in JavaScript runtimes but was designed for a different era. Here's what a modern streaming API could (should?) look like.

We serve 7.6 billion challenges daily. Here’s how we used research, AAA accessibility standards, and a unified architecture to redesign the Internet’s most-seen user interface.

Cloudflare Radar has added new tools for monitoring PQ adoption, KT logs for messaging, and ASPA routing records to track the Internet's migration toward more secure encryption and routing standards.

ASPA is the cryptographic upgrade for BGP that helps prevent route leaks by verifying the path network traffic takes. New features in Cloudflare Radar make tracking its adoption easy.

はじめに こんにちは、株式会社LegalOn TechnologiesでSET (Software Engineer in Test)のポジションで仕事をしている島根(@shimashima35)と申します。 この記事では、汎用的なAI Agentシステムを自社開発するにあたってのテスト戦略やテスト観点についての私の考察を紹介します。「汎用的なAI Agentシステム」とは、特定の業務やアプリに特化せず、ユーザーの自然言語の指示をもとに複数の外部サービス（例：Google Workspace など）と連携しながらタスクを実行できるAI Agentのことです。さらに、API連携に加えてブラウザ操…

こんにちは。フロントエンドエンジニアの白濱(@shiraha_maru)です。 PR TIMESは、PHPerKaigi 2026にゴールドスポンサーとして協賛いたします。また、同イベントに社内から1名のエンジニアが登壇 […]

difit-auto-detect.sh This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters Show hidden characters #!/bin/bash # ============================================================================= # difit-auto-detect.sh # Automatically detects git state and opens appropriate diff view # with difit in a

Read February 2026 Security Releases

Master secure authentication in Rails with production-ready patterns and enterprise features.

A year of watching people bet real money on outcomes changed how I think about everything.

Safari Technology Preview Release 238 is now available for download for macOS Tahoe and macOS Sequoia.

An impersonated golang.org/x/crypto clone exfiltrates passwords, executes a remote shell stager, and delivers a Rekoobe backdoor on Linux.

GitHub Copilot coding agent now includes a model picker, self-review, built-in security scanning, custom agents, and CLI handoff. Here's what's new and how to use it. The post What’s new with GitHub Copilot coding agent appeared first on The GitHub Blog.

<p><em><a href="https://simonwillison.net/guides/agentic-engineering-patterns/">Agentic Engineering Patterns</a> ></em></p> <p>Many of my tips for working productively with coding agents are extensions of advice I've found useful in my career without them. Here's a great example of that: <strong>hoard things you know how to do</strong>.</p><p>A big part of the skill in building software is understanding what's possible and...

Step-by-step guide to setting up Git, GitHub, Node.js v24 with Volta, Cursor, and epicshop for EpicWeb TypeScript workshops on any OS.

<blockquote cite="https://twitter.com/karpathy/status/2026731645169185220"><p>It is hard to communicate how much programming has changed due to AI in the last 2 months: not gradually and over time in the "progress as usual" way, but specifically this last December. There are a number of asterisks but imo coding agents basically didn’t work before December and basically work since - the models have significantly higher quality, long-term coherence and tenacity and they can power thro...

This post is an expanded version of a presentation I gave at the 2025 WebAssembly CG meeting in Munich. WebAssembly has come a long way since its first release in 2017. The first version of WebAssembly was already a great fit for low-level languages like C and C++, and immediately enabled many new kinds of […]The post Why is WebAssembly a second-class language on the web? appeared first on Mozilla Hacks - the Web developer blog.

Setting up a CI/CD pipeline for the first time can feel overwhelming. There are tools, configuration files, build stages, environments, and deployment strategies to think about. But at its core, a basic CI/CD pipeline is straightforward. It should do three things reliably: This guide walks through how to set up a minimal, production-ready CI/CD pipeline […]The post How to Set Up a Basic CI/CD Pipeline for Your Application appeared first on Semaphore.

A list of items with thumbnails that flip into place as needed. Can we ditch the JavaScript?

As promised in the last one, we'll wrap up planning today. This stuff is the more fun to do though!The toolsI know it's what you want to see, so let's get into what I'm using for this project.My uses is here too.Planning and organisingObsidian for tracking what needs to be done, lists and notestldraw; for sketching/mappingDesignAffinity for vectors and photoshop-like workPenpot for UI designHTML, CSS and web components for prototypingWebsite systemNavi for the pattern library/design system (this

Toolbox App 3.3 introduces jetbrainsd – a lightweight background service that lays the foundation for cross-IDE features like protocol handling. This release also brings significant stability improvements for Linux users, smoother plugin updates, and a number of bug fixes across all platforms. jetbrainsd Toolbox App 3.3 ships with the jetbrainsd service – a new lightweight […]

Meet our brand new conference for designers and UI engineers who love the web. That’s [SmashingConf Amsterdam](https://smashingconf.com/amsterdam-2026), taking place in the legendary Pathé Tuschinski, on April 13–16, 2026.

Integrate OAuth with CKEditor real-time collaboration. Log in via Google, Microsoft, GitHub and more - identity patterns, tokens, and access control.

Paper は AI エージェントを通じてコードとキャンバスを双方向に接続するデザインツールで、AI にデザインの作成やコードへの変換を任せることができます。Paper の MCP サーバーのツールを組み合わせることでキャンバス上のノードの情報を取得したり、デザインを挿入・編集したりすることができます。この記事では実際に Paper を試して、コードからデザインへ、デザインからコードへの双方向のワークフローがどのように実現されているのかを紹介します。

「カミナシ レポート」の開発・運用をしている furuya です。最近我が家では成長してきた子どもたちのことを考えて寝室含めて部屋の配置換えを検討しており、そのパズルに頭を悩ませています。それはさておき今回は「カミナシ レポート」の開発において AI Agent を主軸にした開発スタイルを取り入れたお話です。 背景 近年の AI Agent の進化は目覚ましいですね。日々情報がアップデートされる中、カミナシのエンジニアリング組織としてもこの流れについていかなければならない、ということで各チームいろんなことにトライしており、組織的にもそれが推奨されています。もちろん、前提として以前から GitH…

初版公開

Discover some of the interesting features that have landed in stable and beta web browsers during February 2026.

Fixes 155 issues (addressing 642 👍). New native REPL, --compile --target=browser for self-contained HTML, TC39 standard ES decorators, Windows ARM64 support, barrel import optimization, and a faster event loop. structuredClone up to 25x faster for arrays, Buffer.slice() 1.8x faster, path.parse() up to 7x faster, fewer closures in bundled output, and upgraded JavaScriptCore with 168x faster deep rope string slicing. Fixes Python asyncio-based MCP servers breaking with Bun.spawn(), plus numerous ...

デコレータの Proposal が Stage 3 になってから約 4 年, TypeScript がサポートしてから約 3 年経っているにも関わらず, 未だに普段使いしなさすぎて全く使い方を覚えられていません. ということで TypeScript での使い方を中心に覚える / 忘れたら読んで思い出すために記事を書いておきます. なお具体的なユースケースについてはほぼ触れませんので悪しからず. それについてはまたの機会に... 仕様の本体 = ECMAScript への Proposal は以下. tc39/proposal-decorators: Decorators for ES6 cla…

<p><strong><a href="https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules">Google API Keys Weren't Secrets. But then Gemini Changed the Rules.</a></strong></p>Yikes! It turns out Gemini and Google Maps (and other services) share the same API keys... but Google Maps API keys are designed to be public, since they are embedded directly in web pages. Gemini API keys can be used to access private files and make ...

こんにちは、技術広報のえんじぇるです。 STORES は、2026年2月28日に福岡で開催される福岡Rubyist会議05にスポンサーとして協賛します！ この記事では、当日登壇するメンバーとブースについて紹介します。 登壇者の紹介 STORES からは、公募セッションとスポンサーセッションの2つの枠でメンバーが登壇します！ セッション登壇 スピーカー: Shia 時間: 11:10-11:25 タイトル: 型を書かないRuby開発への挑戦 「型を書かなくても十分有用な型情報を得られる」を目標に開発中の LSP「type-guessr」について話します。 完全さを諦めることでいい感じの体験を目指…

<blockquote cite="https://www.ben-evans.com/benedictevans/2026/2/19/how-will-openai-compete-nkg2x"><p>If people are only using this a couple of times a week at most, and can’t think of anything to do with it on the average day, it hasn’t changed their life. OpenAI itself admits the problem, talking about a ‘capability gap’ between what the models can do and what people do with them, which seems to me like a way to avoid saying that you don’t have clear product-market fit. </p>...

npm rolls out a package release cooldown and scalable trusted publishing updates as ecosystem adoption of install safeguards grows.

LINEヤフーでは、開発業務に関わる全てのエンジニアを対象に、AI活用スキルを実践的に高めるワークショップ「Orchestration Development Workshop」を開始しました。この取...

Rails 8 (released November 2024) is the smoothest upgrade yet.The focus?Simplicity and performance - removing external dependencies while boosting speed.Solid Queue, Solid Cache, and Solid Cable eliminate Redis for many use cases.Built-in authentication removes the need for Devise.Ruby 3.4 (latest stable) with continued YJIT improvements delivers excellent performance.Note: This is Part 5 of our Rails Upgrade Series. Read Part 1: Planning Rails Upgrade for the overall strategy.Before We StartExp

For security and IT professionals, the past decade has brought a series of tectonic shifts that have toppled old assumptions and created new opportunities. First, the SaaS revolution destroyed the paradigm of an IT-governed corporate network. Next, COVID-19 forever altered how and where work gets done. Then, the biggest shockwave of them all arrived: AI-based tools that are rewriting the very definition of “identity.”Today, the traditional boundaries of the corporate network have dissolved. As o

Konstantin Vinogradov, an open source and infra VC investor, and his co-founders are building the first permanent funding model for critical open source infrastructure. We dive into why OSE stands a chance at battling the Nebraska problem, and how Evil Martians contributed as a pro-bono donor.

In short: gzip streams contain metadata, like the operating system that did the compression. I built a tool to read this metadata.I love reading specifications for file formats. They always have little surprises.I had assumed that the gzip format was strictly used for compression. My guess was: a few bytes of bookkeeping, the compressed data, and maybe a checksum.But then I read the spec. The gzip header holds more than I expected!What’s in gzip metadata?In addition to two bytes identifying the

React-admin 5.12, 5.13 and 5.14 introduce TanStack router adapter, RecordsIterator, TextArrayField, DataTableInput, and more!

A practical comparison of modern auth providers, trade-offs, and best practices for Java apps.

Nx joins the Linux Foundation and Agentic AI Foundation (AAIF) to help shape open standards for AI-powered development. Learn how the intersection of agentic AI and build tooling will transform software development workflows, and why Nx is committing to open collaboration with Anthropic, AWS, Google, and Microsoft to build the future of autonomous AI agents in developer tooling.

Read an explanation of the recent CVE-2026-2441 vulnerability that was labeled a "CSS exploit" that "allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page."An Exploit … in CSS?! originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

<p><strong><a href="https://github.com/tldraw/tldraw/issues/8082">tldraw issue: Move tests to closed source repo</a></strong></p>It's become very apparent over the past few months that a comprehensive test suite is enough to build a completely fresh implementation of any open source library from scratch, potentially in a different language.</p><p>This has worrying implications for open source projects with commercial business models. Here's an exa...

<p><strong><a href="https://code.claude.com/docs/en/remote-control">Claude Code Remote Control</a></strong></p>New Claude Code feature dropped yesterday: you can now run a "remote control" session on your computer and then use the Claude Code for web interfaces (on web, iOS and native desktop app) to send prompts to that session.</p><p>It's a little bit janky right now. Initially when I tried it I got the error "Remote Control is not enabled for y...

<p>I gave a talk this weekend at Social Science FOO Camp in Mountain View. The event was a classic unconference format where anyone could present a talk without needing to propose it in advance. I grabbed a slot for a talk I titled "The State of LLMs, February 2026 edition", subtitle "It's all changed since November!". I vibe coded a custom macOS app for the presentation the night before.</p><p><img src="https://static.simonwillison.net/static/2026/state-of-llms.jpg" alt="A...

「npm-package-template」という、id:mizdra が爆速で npm package を実装するための開発テンプレートがある。以前ブログで紹介した。 github.com www.mizdra.net 毎年ちょっとした変更を加えているのだけど、今年は色々な事情があって大きな変更を加えた。高速な formatter/linter が登場したり、npmjs.com へのサプライチェーン攻撃が流行ったり、Coding Agent が普及したり... 時代が変化してるので、それに合わせたテンプレートに変えてみた。 Update 2026/02 (Part 1) by mizdra …

From Nicholas C. Zakas’s regularly interesting newsletter: The best way to work with legacy code is to approach it patiently—understand small parts, write tests, and document what you learn. My favorite line about legacy code, which I’ve probably shared too much, is when David Khourshid called it “Legendary Code”. Legacy code feels a smidge mean […]

記事は ics.media へアクセスしてご覧ください。

Browsers don't just let you bookmark web pages. You can also bookmark JavaScript, allowing you to do so much more than merely save pages.A Complete Guide to Bookmarklets originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Discover Export to PDF v2 with mirror margins, metadata, password protection, and digital signatures. Plus new footnote support for Word converters.

Before we get into the Good Links™, allow me to share our brand new homepage with you. I'd love it if you checked it out!Chip awayA really good read about an infamous design pattern and how to be more deliberate in their pattern choices.Blogs are backA great new RSS reader and discovery service that helps you to find more writing, away from the algorithms and timelines.Everything you never wanted to know about visually-hiddenExtremely deep dive here with some interesting and simpler solutions to

Chat SDK は TypeScript で記述されたライブラリで、1 つのコードベースで複数のチャットプラットフォームに対応するチャットボットを開発できるようになります。イベント型アーキテクチャを採用しており、メンション, メッセージ, リアクション, スラッシュコマンドなどのイベントに型安全なハンドラーを定義できます。この記事では実際に Chat SDK を使用して、Slack 向けのチャットボットを実装する方法を紹介します。

Deno 2.7 stabilizes the Temporal API, adds Windows on ARM builds, npm overrides in package.json, brotli compression streams, self-extracting compiled binaries, deno create, and dozens of Node.js compatibility improvements.

Support WebGPU compatibility mode on OpenGL ES 3.1 and transient attachments.