<p>Imagine your Cypress spec calling a <a href="https://on.cypress.io/task">cy.task</a> command to run some code in Node.js. For this exampl

「しかたないスクラム」じゃないアジャイル開発を求めて はじめまして。1月からカミナシでエンジニアリングマネージャ（EM)を担当している @daipresents と申します。 カミナシでは新規事業開発のEMとして、絶賛全力で開発を支援しています。カミナシはとても現場に近い開発環境なので、ご興味のある方はぜひカジュアル面談 をお願いします！ この記事では、僕が関わる「新規事業開発」で実際に行われている「開発プロセス」と、そこに行き着いた経緯や意図をまとめたいと思います。タイトルにあるように、チームは「スクラムじゃないアジャイル開発を求めて」きたように感じています。 チームの立ち上げ期 僕は10ヶ…

Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.

Rogue has a 1000LB Club. Find your cumulative total of a 1 Rep Max Bench/Squat/Deadlift in one hour I’m not particularly interested in actually doing it. You have to record a video with a bunch of rules and crap. But I heard about it years ago and the general challenge idea stuck in my head. […]

Hey we might as well spill out all these wishes as the CSS feature train has been rolling and we oughta get while the getting is good.

A new set of Git releases were published to address a variety of security vulnerabilities. All users are encouraged to upgrade. Take a look at GitHub’s view of the latest round of releases.The post Git security vulnerabilities announced appeared first on The GitHub Blog.

With close of 2024 came the end of another year of the Interop project — the annual collaboration between browser engine teams to improve the interoperability of web technology by collectively focusing on fixing bugs and improving features in specific areas.

With close of 2024 came the end of another year of the Interop project — the annual collaboration between browser engine teams to improve the interoperability of web technology by collectively focusing on fixing bugs and improving features in specific areas.

Safari Technology Preview Release 211 is now available for download for macOS Sequoia and macOS Sonoma.

Safari Technology Preview Release 211 is now available for download for macOS Sequoia and macOS Sonoma.

(This is a sponsored post.)It’s probably no surprise to you that CSS-Tricks is (proudly) hosted on Cloudways, DigitalOcean’s managed hosting arm. Given both CSS-Tricks and Cloudways are part of DigitalOcean, it was just a matter of time …A Few Ways That Cloudways Makes Running This Site a Little Easier originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Cloudflare strengthens its commitment to cybersecurity by joining CISA's "Secure by Design" pledge. In line with this, we're reducing the prevalence of vulnerability classes across our products.

The Vercel Toolbar has a new compact design, making it easier to access the tools you use most.Check out our documentation to learn more about the and its features.Vercel Toolbar Read moreThetoolbar is now smaller and only runs when you click or tap to activate it or when visiting from a link that contains a comment thread, draft link, or flag override.Compact design: ​Your most recently used tools will pin to the top of your menu for easy access.Shortcuts: When visitingprojects and deployments

is now supported in the ongoing .Pythonin-function concurrency public betaIn-function concurrency optimizes functions to handle multiple invocations simultaneously, improving resource efficiency. By reusing active instances instead of creating new ones, it reduces idle compute time and associated costs.In-function concurrency is particularly beneficial for workloads with external API or database calls, such as AI models, where functions often sit idle while waiting for responses.The in-function

Learn how to implement Continuous Delivery with this 10-step guide featuring actionable insights, examples, and best practices.The post The 10-Step Checklist for Continuous Delivery appeared first on Semaphore.

How do we determine the most suitable illustration style? How should illustrations complement and reflect your corporate identity? What will resonate most with your target audience? And regarding the content, what type of illustration would best enhance it, and how would it work for the age range it is primarily for? Thomas Bohm shares insightful examples and discusses the key qualities of effective illustrations, emphasizing the importance of understanding your audience.

Session Replay for Mobile is now generally available. I could bombard you with hyperbolic statements about why Session Replay is worth using, but instead, A…I… ...

.dictionary-entry { background: #2a2a2a; padding: 1.5rem; border-radius: 8px; margin: 2rem 0; font-family: 'Noto Sans', sans-serif;}.dictionary-term { font-size: 1.5rem; font-weight: 700; color: var(--color-highlight); margin-bottom: 0.25rem;}.dictionary-pronunciation { font-family: monospace; color: #999; font-size: 0.9rem; margin: 0 0 0.25rem 0;}.dictionary-part-speech { color: #999; font-size: 0.9rem; margin: 0 0 1rem 0;}.dictionary-definition { margin: 0 0 0.75rem 1.5rem; position: relative;

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, Okta, Ruby, and WorkOS.

Electron 34.0.0 has been released! It includes upgrades to Chromium 132.0.6834.83, V8 13.2, and Node 20.18.1.

Bluesky is enjoying a boon in popularity. The API access right now is nicely open, allowing people to create some interesting stuff around it. I like this idea from Matt Kane: a Web Component (<bluesky-comments>) that loads up all the replies to any particular post like a comment thread. Imagine there is a post for […]

Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.

Steward Brand has talked about Pace Layering for a long time: Pace layers provide many-leveled corrective, stabilizing feedback throughout the system. It is in the contradictions between these layers that civilization finds its surest health. I propose six significant levels of pace and size in a robust and adaptable civilization With this example: The inner […]

Boost your Figma skills with these 10 keyboard shortcuts. From opacity control to component creation, these tricks will save you time and hassle.

Grouping HonoにはGroupingという機能がある。僕はルーティングを複数のファイルに分けて書きたいタイプなので、たぶんこれを使うだろうなと思っている。 https://hono.dev/docs/api/routing#grouping 実験環境 Node.jsが好きなのでNode.jsで動かしている。 hono: 4.6.16 @hono/node-server: 1.13.7 node.js: 23.6.0 分割に対するHono的おすすめはappまるごと ルーティングを分割して書こうと思うと、まず最初に思いつくのはhandler関数を別のファイルに定義することかなと思う。で、…

Today, I want to look into one of those cases of impatient and how the community has waited for that feature, to be specific, two upcoming functions: sibling-count() and sibling-index().How to Wait for the sibling-count() and sibling-index() Functions originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Dates across the dashboard now provide more precision.This builds on a recent update where hovering over dates reveals more information, including the exact timestamp.Read moreFor the first three days, dates are displayed as relative (e.g. "10m ago")After three days, they switch to absolute values (e.g. "Jan 3")

Logs now indicate when Vercel Functions reach (or near) their maximum duration or memory allocation for each request.Logs also include quick links to configure function maximum duration, CPU & memory, region, and Node.js Version directly from requests.View .your project's logsRead more

Before we get started, I can’t stress the following enough: the choices we make at Set Studio don’t challenge your choices. You might also not agree with our choices and that’s fine, but we don’t need alternatives evangelising to us. To paraphrase Rachel Andrew:If it works, it’s rightI do, however, get asked a lot about what technologies and frameworks we use at the studio, so I thought I’d note them down. This information is accurate as of January 2025.HTML, CSS and JavaScriptSounds obvious, bu

Published: January 13, 2024 There are so many amazing projects you can build with AI, with classicmachine learning models and newer large language models (LLMs). With LLMs,computers can generate new content, write summaries, analyze text for

How to: OpenAI in JavaScript with LangChain. A step by step example on how to use the OpenAI API in JavaScript with LangChain ...

The TimeWithZone is a Time-like class that can represent a time in any time zone. It is necessary because standard Ruby Time instances are limited to UTC and the system’s ENV['TZ'] zone.TimeWithZone instances implement the same API as Ruby Time instances, so that Time and TimeWithZone instances are interchangeable.TimeWithZone#inspect Returns a string of the object’s date, time, zone, and offset from UTC.BeforeTimeWithZone#inspect used an RFC822-inspired format for displaying timestamps. For ins

Learn techniques to improve the Largest Contentful Paint metric, a part of Core Web Vitals, for your website.

My Supecharge app is now available on Setapp.

Switch default browser from your menu bar

App Router, Turbopack, Rust search engine Pagefind, RSC i18n, server/client components, compiled by React Compiler, GitHub Alert Syntax, new _meta.global file

Step-by-step tutorial on how to add basic user management functionality to your app using Node.js and WorkOS.

If you are doing security research or just curious about finding npm vulnerabilities, let me share some resources to help you stay up-to-date with the latest security CVEs in the JavaScript ecosystem.

Branded Typeについては、もういろんなところで触れられているから、わざわざ書かなくてもいいよなぁという気持ちがありつつ。でも、せっかく頭の整理をしたから、来月の自分用にまとめておくくらいはやっておこうか、という気持ちになったのでメモを残しておく。それとZodの.brand。 やりたいこと 次の2つの型に対する値を間違えて渡したときに、TypeScriptの型検査でエラーになってほしい。 type UserId = number; type BookId = number; TSの型システムはStructural Subtypingを採用しているので、構造が同じだったら部分型として扱わ…

htmx is only one of many different libraries & frameworks that take thehypermedia oriented approach to building web applications. I havesaid before that I think the ideas of htmx / hypermedia are more important thanhtmx as an implementation.Here are some of my favorite other takes on these ideas that I think are worth your consideration:UnpolyUnpoly is a wonderful, mature front end framework that has been used heavily (especially in theruby community) for over a decade now. It offers best-in-cla

Node.js v23.6.0 から `--experimental-strip-types` フラグがデフォルトで有効になりました。これにより、Node.js でTypeScript を直接実行できるようになります。

Dive into the intricacies of Server-Side Rendering (SSR) vs. Client-Side Rendering (CSR) in web development, exploring their advantages and trade-offs.

Master the customization of default styles & props of MUI components using MUI's theming system. Learn defaultProps & styleOverrides for efficiency.

Learn to enforce coding style with @vercel/style-guide. Uncover effective use of ESLint, Prettier, and TypeScript for improved code quality and consistency.

Discover the benefits of using T3 Env with Zod for type-safe and runtime-validated environment variables in your Node.js applications.

Learn about migrating from Zod to Valibot for form validation: smaller bundles, familiar APIs, but with room for documentation improvement.

Learn to fix SVG import issues in TypeScript with @svgr/webpack by creating a declaration file for accurate type handling.

Discover when not to use shadcn/ui. Learn about alternative approaches for UI development. Make informed choices for your project's specific needs.

If you are looking to have your spirit lifted, you came to the wrong place because, as I see it, the trend lines almost all point in one depressing direction.

基本的なことは大丈夫なのでざっと読んで気になったところだけをメモしておく。使ってるときに「そういえばこんな機能がZodにあった気がする」って頭の中で引っかかるように。 視点としては、Webアプリケーションのサーバーサイドを作る頭で読んでる。フレームワークを作る頭とかではない。 Coercion コンストラクタ関数を噛ませて変換するやつ。 z.coerce.string() Literals 忘れたりはしないだろうけどメモ z.literal("tuna") Strings datetime ZodStringにくっついてくる。タイムゾーン有無・精度・ローカルとかある。 const schema…

AI エディター Cursor は GitHub Copilot と同様にコードの補完やチャットによるコードの生成をサポートしてくれます。Cursor は VS Code をフォークして作られており、既存の VS Code の拡張機能やキーバインドをそのまま利用することも特徴の 1 つです。

Secrets spilled, discovered, and hidden again—Game Off 2024 brought over 500 jaw-dropping submissions that redefined creativity in gaming. From cult quests for free furniture to spellbinding mysteries, these games will have you hooked. Ready to uncover the winners?!?The post Game Off 2024 winners appeared first on The GitHub Blog.

I’ve seen other websites for helping you generate cubic-bezier() values in CSS for animations and transitions, but Easing Wizard is the best. Importantly, it helps you with the newer linear() style timings as well, which are more powerful. All the different types, the presets, the customization options, the different styles of previews, the clean design… […]

pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.

The open source Git project just released Git 2.48. Here is GitHub's look at some of the most interesting features and changes introduced since last time.The post Highlights from Git 2.48 appeared first on The GitHub Blog.

My fiddle player friend Darin sent me this documentary about GB Grayson, which I enjoyed: The documentary talks about how very few people even recognize the name despite all of recorded tunes essentially becoming standards in today’s folk/bluegrass/old-time world and having been covered by extraordinarily huge artists. That’s true for me! I absolutely had never […]

Reviewing the enhancements delivered by the SonarQube for IDE team for developers during 2024. Focusing on streamlining the UX for teams, harnessing the power of SonarQube Server and Cloud through connected mode into your IDE, and making it even easier to focus on new code.

WinterCG, the Web Interoperable Runtimes Community Group is moving to Ecma as TC55 to be able to publish standards.

The best and worst thing about solo development is the “solo” part. There’s a lot of freedom in working alone, and that freedom can be inspiring, but it can also become a debilitating hindrance to productivity and progress. Victor Ayomipo shares his personal lessons on what it takes to navigate solo development and build the “right” app.

With , Vercel's AI-powered pair programmer, anyone can participate in prototyping, building on the web, or expressing new ideas.v0While v0 was initially created by developers for developers, now v0's capabilities extend far beyond coding, offering benefits to professionals across various industries. Let's explore how v0 can enhance productivity and creativity in different roles.Read more

<p>Traditionally, we could only apply regular expression flags such as <code>i</code> (for ignoring case) to all of a regular expression. The ECMAScript feature <a href="https://github.com/tc39/proposal-regexp-modifiers">“Regular Expression Pattern Modifiers”</a> (by Ron Buckton) enables us to apply them to only part of a regular expression. In this blog post we examine how they work and what their use cases are.</p><p>Regular expression pattern modifiers attributes reached stage 4 in October 20

HighlightsStable TypeScript configuration file supportIn August of the previous year, ESLint launched support for TypeScript configuration files as an experimental feature.In order to use a TypeScript configuration file like eslint.config.ts, users had to specify the unstable_ts_config flag in the command line, e.g.npx eslint --flag unstable_ts_configFollowing an experimental period of several months, during which there were no specific complaints and only minor adjustments, we have made the dec

img, video { max-width: 100%; margin: 10px;}When I was in college, I wrote some customer service software that tied together some custom AI models I trained, the OpenAI API, a database, and some social media APIs to make the first version of Sidekick.Led astrayOver the next couple years I worked on adding more features and growing the user base. As a solo founder, I should have been focused on sales, marketing, and market discovery. Instead, as an engineer, I wanted to hand-craft the perfect web

This guide explains best practices for keeping your secrets where they belong—secured away from public code and prying eyes.

Your support ticketing system contains sensitive data from multiple organizations and customers. How do you ensure users only see tickets they're authorized to view?

Why do real users sometimes experience slow page load time when that can't be reproduced in the lab? This article looks at various causes.

In this article, I’ll share the insights and experiences I’ve gained over the years with unit testing in Angular, along with the best practices I’ve adopted along the way.

Hello guys, I am Cuong Vu Duc, a Backend Software ...

Dear fellow tech enthusiasts, I’m @vuongvm81 ...

Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.

Over the holiday’s our family did the Exploring Hogwarts puzzle. It was just 500 pieces but took us like… a month? Of course, in the end, there was a missing piece that we absolutely could not find, confirming our conspiracy theories the entire time. It don’t know if that looks hard to you, but my […]

When we published our advice on the simplest and best way to take some static local files and make a proper online website out of them, we recommended Netlify. That holds true. But there is some trepidation, as once in a while you’d hear a horror story about usage blowing up unexpectedly and a user […]

Since Google announced the Chromium project in 2008, we have been excited to build on the great foundations of open-source web browsers and contribute to the continued development of a rich web platform. Today, Chromium is used by hundreds of different projects globally, including big browsers like Chrome, home electronics from LG, application frameworks like Electron and even custom applications like Bloomberg terminals and SpaceX capsule control software.In 2024, Google made over 100,000 commi

In the last few months, we secured 75+ GitHub Actions workflows in open source projects, disclosing 90+ different vulnerabilities. Out of this research we produced new support for workflows in CodeQL, empowering you to secure yours.The post How to secure your GitHub Actions workflows with CodeQL appeared first on The GitHub Blog.

I wrote a post for Smashing Magazine that was published today about this thing that Chrome and Safari have called “Tight Mode” and how it impacts page performance. I’d never heard the term until DebugBear’s Matt Zeunert mentioned it in …Tight Mode: Why Browsers Produce Different Performance Results originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Our Vulnerability Research team looks back at a great year and summarizes the highlights of 2024.

The limits for have been increased, allowing for significantly larger log entries. These updates replace the previous 4KB-per-line restriction, and they are now live for all projects.runtime logVercel FunctionsThe runtime log limits are now:Learn more about our logs in .our documentationRead more Up to 256KB per log line.Log line size: Up to 256 individual log lines per request.Log line count: Up to 1MB (sum of all log lines in a single request).Total log size per request:

The header is now part of , providing the postal code associated with the requester’s public IP address. This complements existing headers like , , and .x-vercel-ip-postal-codex-vercel-ip-countryx-vercel-ip-cityx-vercel-ip-country-regionVercel’s geolocation capabilitiesThe header is accessible in Vercel Functions, including . Here's a TypeScript example:x-vercel-ip-postal-codeEdge MiddlewarePostal codes are also available via the package:@vercel/functionsFor more information on headers and geolo

We know that browsers do all sorts of different things under the hood. One of those things is the way they not only *fetch* resources like images and scripts from the server but how they [prioritize those resources](https://www.debugbear.com/blog/request-priorities?utm_campaign=sm-7). Chrome and Safari have implemented a “Tight Mode” that constrains which resources are loaded and in what order, but they each take drastically different approaches to it. With so little information about Tight Mode

詳細はウェブサイトにアクセスしてご確認ください。

<p>In my previous blog post <a href="/blog/magic-backend/" title="Magic Backed For E2E Testing">Magic Backed For E2E Testing</a> I have show

参照ガイドラインのリンク集を加筆および構成を調整

AI・機械学習チームの池嶋（@mski_iksm）です。AI・機械学習チームではPythonで開発しているプロダクトのパッケージ管理にpoetryを使用していますが、年明け早々こんなメッセージが出てpoetry installができなくなるトラブルが頻発しました。 Warning: The current project could not be installed: No file/folder found for package XXXXXXXXXX 2025年1月5日にリリースされたpoetry 2.0.0では、自パッケージのインストールに関する挙動が変更されました。その影響で、poet…

はじめに こんにちは、Repro Booster という製品の開発責任者／プロダクトマネジメントを担当しているEdward Fox（@edwardkenfox）です。 今回は、ServiceWorkerに組み込まれた新機能「Static Routing API」を実際に試してみた件について説明します。Repro Boosterでの応用を通じて得た知見を共有できればと思います。 Repro Boosterとは Repro Boosterは、私たちが提供しているパフォーマンス最適化ソリューションです。サイトにタグを設置するだけで、読み込み速度が向上するというシンプルなコンセプトで設計されています。…

はじめに 初めまして！2024年11月にCATechJOBプログラムで株式会社AbemaTV BD ...

<p>The ECMAScript feature <a href="https://github.com/tc39/proposal-import-attributes">“Import Attributes”</a> (by Sven Sauleau, Daniel Ehrenberg, Myles Borins, Dan Clark and Nicolò Ribaudo) helps with importing artifacts other than JavaScript modules. In this blog post, we examine what that looks like and why it’s useful.</p><p>Import attributes reached stage 4 in October 2024 and will probably be part of ECMAScript 2025.</p>

It’s very rare I write for other publications than this one, but I wanted to give CSS-Tricks (especially Geoff) a nod because they’re working their way back to what they did best. This article sort of fits Piccalilli, but I think it fits CSS-Tricks better. I certainly wanted it to have mass-reach too because I’m obsessed with soft skills and how they make us better at — well — everything. In short, skill up on soft skills, which I call core skills.Check it out!

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, Okta, Go, and WorkOS.

By calling getBoundingClientRect before and after the snaphots are taken, you can get the before and after positions of the transtioned elements.

Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.

How Copilot can generate unit tests, refactor code, create documentation, perform multi-file edits, and much more. The post How to use GitHub Copilot: What it can do and real-world examples appeared first on The GitHub Blog.

Comparing Cursor, Windsurf, and GitHub Copilot AI coding assistants. Analysis of features, capabilities, and pricing reveals Cursor as the current frontrunner.

Bun v1.1.43 introduces 1st-class S3 support, HTML bundling, bun install --filter, V8 heap snapshots, bun install --lockfile-only, bun add --peer, 100% of `node:path` module Node.js test pass, 98% of `node:zlib` tests pass, Bun.file(path).stat(), Bun.file(path).delete(), along with many reliability improvements and bugfixes.

I just got a big ol’ stack of USPS Priority Mail®️ marked as RETURN TO SENDER. It’s… malicious spam. Physical spam, I suppose. I didn’t send these, of course. But the return address is CodePen Headquarters, so it seems it was just a free way to get spam into our door. The evil schmucks drop […]

I started 2024 with a super in-depth Reality Check article (more of those coming this year) so I thought I’d start simple this year because I’m still a bit tired from, y’know, writing a whole CSS course 😅What is masonry?I’m not going to presume that everyone knows what a masonry layout is, but you’ve almost certainly seen one websites like Pinterest, Unsplash and countless others.A masonry layout is a grid-like layout that has a set column system with a flexible, content-driven row system. What...

Set a variable in Pug, then create an inline script which sets that variable for using in JavaScript and use setProperty to pass it to CSS.

At Cloudflare, we treat developer content like an open source product. This collaborative approach enables global contributions to enhance quality and relevance for a wide range of users. This year,

You can now get AI-assisted answers to your questions from the Next.js docs search:Start searching with (or on Windows) menu on .⌘KCtrl+Knextjs.org/docsRead moreUse natural language to ask questions about the docsView recent search queries and continue conversationsEasily copy code and markdown outputLeave feedback to help us improve the quality of responses

We've released two minor versions of react-admin v5 since the fall. Read on to learn about the new features and improvements we've added to the library.

Wrapping up Advent of Spin 2024 - Looking back at the fun coding challenges to help you learn Spin and Serverless WebAssembly

HTML attributes are like little instructions that we add to the markup of elements to make them do certain things or behave in certain ways. For example, most of us know that the `target` attribute with a value of `_blank` opens the link in a new tab or window. But did you know that you can use it on the `form` element, too? John Rhea presents several lesser-known uses for common HTML attributes.