はじめにこんにちは。LINEヤフーで社内プライベートクラウドの開発・運用を担当している中村です。2026年3月23日から26日にかけて、オランダのアムステルダムにて KubeCon + CloudNa...

Hardcoded timeouts with no config options are a silent tax on developers outside the wealthy west. A rant about npx skills, Docker Gordon, and the arrogance of assuming everyone has a fast connection.

xinference

A radio button is this: Paul Hebert took at fair look at how Shadcn turns that into 45 lines of code and three imports, which in turn uses Radix which is 215 lines of code and 7 more imports. But do you get better accessibility? No, it’s arguably worse. But do you get ease of […]

AI agents are reading your documentation. Here's what WorkOS did to serve them clean markdown instead of unparseable HTML.

<p><strong><a href="https://qwen.ai/blog?id=qwen3.6-27b">Qwen3.6-27B: Flagship-Level Coding in a 27B Dense Model</a></strong></p>Big claims from Qwen about their latest open weight model:</p><blockquote><p>Qwen3.6-27B delivers flagship-level agentic coding performance, surpassing the previous-generation open-source flagship Qwen3.5-397B-A17B (397B total / 17B active MoE) across all major coding benchmarks.</p></blockquote><p&g...

Docker and Socket have uncovered malicious Checkmarx KICS images and suspicious code extension releases in a broader supply chain compromise.

Rspack 2.0 is out! It introduces more modern defaults, API design, and build outputs while remaining compatible with the webpack ecosystem.

記事は ics.media へアクセスしてご覧ください。

Stay on top of alert changes with filtered subscriptions, batched summaries, and notification routing built for triage.

I use a Markdown Component for two main reasons: (1) It reduces the amount of markup I need to write, and (2) it converts typographic symbols. Here's how it works.Enhancing Astro With a Markdown Component originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.

Panics in Rust Workers were historically fatal, poisoning the entire instance. By collaborating upstream on the wasm‑bindgen project, Rust Workers now support resilient critical error recovery, including panic unwinding using WebAssembly Exception Handling.

On April 21, 2026, malicious versions of pgserve were published to npm. pgserve is an embedded PostgreSQL server for development — zero config, auto-provisioned databases, designed to be dropped into any Node.js project. The compromised versions (1.1.11, 1.1.12, and 1.1.13) inject a 1,143-line credential-harvesting script that runs via postinstall on every npm install.

CKEditor AI brings AI-assisted writing directly into your rich text editor. Discover how it works, what pain points it solves, and why teams are adopting it.

In a rush to embrace AI, the industry is redefining what it means to be a UX designer, blurring the line between design and engineering. Carrie Webster explores what’s gained, what’s lost, and why designers need to remain the guardians of the user experience.

Chrome extension developers can now opt-in to use the Structured Clone algorithm for message serialization.

Supabase is certified to ISO/IEC 27001:2022. The certificate covers our information security management system across the entire platform.

<blockquote cite="https://blog.mozilla.org/en/privacy-security/ai-security-zero-day-vulnerabilities/"><p>As part of our continued collaboration with Anthropic, we had the opportunity to apply an early version of Claude Mythos Preview to Firefox. This week’s release of Firefox 150 includes fixes for <a href="https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/">271 vulnerabilities</a> identified during this initial evaluation. [...]</p><p>Our experie...

<p><strong><a href="https://github.blog/news-insights/company-news/changes-to-github-copilot-individual-plans/">Changes to GitHub Copilot Individual plans</a></strong></p>On the same day as Claude Code's temporary will-they-won't-they $100/month kerfuffle (for the moment, <a href="https://simonwillison.net/2026/Apr/22/claude-code-confusion/#they-reversed-it">they won't</a>), here's the latest on GitHub Copilot pricing.</p><p>Unlike Ant...

<p>Anthropic today quietly (as in <em>silently</em>, no announcement anywhere at all) updated their <a href="https://claude.com/pricing">claude.com/pricing</a> page (but not their <a href="https://support.claude.com/en/articles/11049762-choosing-a-claude-plan">Choosing a Claude plan page</a>, which shows up first for me on Google) to add this tiny but significant detail (arrow is mine, <a href="https://simonwillison.net/2026/Apr/22/claude-code-confus...

こんにちは！PR TIMES の河瀨翔吾（@shogogg）です。エンジニアリングマネージャーとして、プレスリリース配信サービス PR TIMES の開発や開発チームのマネジメント、業務改善、採用などを行っています。好き […]

Malicious Namastex.ai npm packages appear to replicate TeamPCP-style Canister Worm tradecraft, including exfiltration and self-propagation.

What's new at Cloud Next '26

MCP servers are the best thing since sliced bread. They extend the capabilities of AI assistants and let them connect with third-party tools. If your service doesn't have one yet, it's time to prioritize it.

Listen to the episodeCyber conflict is easiest to misread when we treat it as an isolated technical event. In this episode of Chasing Entropy, Dave Lewis speaks with analyst and author Allie Mellen about her book Code War and why the cyber strategies of the United States, China, and Russia make more sense when viewed through the lens of history, doctrine, and political intent.From the Gulf War to Russia’s war in Ukraine, cyberattacks are most effective when they reinforce defined objectives with

Identity, authorization, and oversight patterns for systems that act on their own.

Master Spring Security authentication from form login and JWT to enterprise SSO, with production-ready patterns across Spring Boot, Quarkus, and Micronaut.

AmebaLIFE事業本部のデジタルプロダクトデザインリードの本田です。 今回は、近年我々が取り組ん ...

はじめに カミナシで新規プロダクトの開発をしているShimmy(@naoya7076)です。 現在、新規プロダクトをプロトタイプとして開発しており、顧客に提供しながらフィードバックを得ています。Claude Codeをはじめ、開発の全工程でAIを活用しており、開発アイテムは予定以上のスピードで実装できています。 「AIでコーディングが速くなった。ではその空いた時間で何をやるのか？」 この問いに対して、自分が新規プロダクト開発で実践してきたことを書きます。 「もっと作る」はアンチパターン AIで実装速度が上がると、「もっと作ろう」という方向に引っ張られがちです。しかし、むやみに作るものを増やすの…

<p>OpenAI <a href="https://openai.com/index/introducing-chatgpt-images-2-0/">released ChatGPT Images 2.0 today</a>, their latest image generation model. On <a href="https://www.youtube.com/watch?v=sWkGomJ3TLI">the livestream</a> Sam Altman said that the leap from gpt-image-1 to gpt-image-2 was equivalent to jumping from GPT-3 to GPT-5. Here's how I put it to the test.</p><p>My prompt:</p><blockquote><p><code>Do a where's Waldo st...

Today we are absolutely thrilled to announce the release of TypeScript 7.0 Beta! If you haven’t been following TypeScript 7.0’s development, this release is significant in that it is built on a completely new foundation. Over the past year, we have been porting the existing TypeScript codebase from TypeScript (as a bootstrapped codebase that compiles […]The post Announcing TypeScript 7.0 Beta appeared first on TypeScript.

<blockquote cite="https://nial.se/blog/less-human-ai-agents-please/"><p>AI agents are already too human. Not in the romantic sense, not because they love or fear or dream, but in the more banal and frustrating one. The current implementations keep showing their human origin again and again: lack of stringency, lack of patience, lack of focus. Faced with an awkward task, they drift towards the familiar. Faced with hard constraints, they start negotiating with reality.</p></b...

Explore exportable charts for vulnerabilities, dependencies, and usage with Reports, Socket’s new extensible reporting framework.

<p><strong><a href="https://github.com/scosman/pelicans_riding_bicycles">scosman/pelicans_riding_bicycles</a></strong></p>I firmly approve of Steve Cosman's efforts to pollute the training set of pelicans riding bicycles.</p><p><img alt="The heading says "Pelican Riding a Bicycle #1 - the image is a bear on a snowboard" src="https://static.simonwillison.net/static/2026/pelican-poison-bear.jpg" /></p><p>(To be fair, most ...

An experimental API let's us put HTML within those opening and closing canvas tags and render it to the canvas, while remaining interactive. Lots of possibility here!

As AI assistants and privacy proxies challenge the capabilities of traditional bot detection, the Web needs new models for accountability. We believe that control should remain with the client, and that an open ecosystem of anonymous credentials is key to preserving user privacy while protecting origins from abuse.

GPT Image 2 is now available on .Vercel AI GatewayOpenAI's newest image model supports detailed instruction following, accurate placement and relationships between objects, and rendering of dense text across multiple aspect ratios.The model can render fine-grained elements including small text, iconography, UI elements, dense compositions, and subtle stylistic constraints, at up to 2K resolution. Non-English text is also supported and reads coherently.GPT Image 2 can produce photos, cinematic st

こんにちは、LINEヤフー株式会社の曾田です。普段はYahoo!マップの新アプリ向けバックエンド開発やスクラムマスターを担当しつつ、Orchestration Development Workshop...

The agent-led growth playbook: how to make AI agents discover, use, and pay for your developer tool, and defend against the ones you didn't invite. LLM discoverability, agent-first onboarding, agent payments, AX security.

Build a Node app that lets users connect Notion and list their pages with a refreshed access token, without implementing OAuth.

An opinionated checklist for the auth decisions you'll actually have to make.

Picking a library, choosing where to verify, and avoiding the mistakes that quietly break security.

A comprehensive technical SEO checklist for 2026 covering crawling, indexing, Core Web Vitals, JavaScript rendering, security, and visibility in AI-powered search engines.

Socket for Jira lets teams turn alerts into Jira tickets with manual creation, automated ticketing rules, and two-way sync.

We're making these changes to ensure a reliable and predictable experience for existing customers.The post Changes to GitHub Copilot Individual plans appeared first on The GitHub Blog.

<p><strong>Release:</strong> <a href="https://github.com/simonw/llm-openrouter/releases/tag/0.6">llm-openrouter 0.6</a></p> <blockquote><ul><li><code>llm openrouter refresh</code> command for refreshing the list of available models without waiting for the cache to expire.</li></ul></blockquote><p>I added this feature so I could try <a href="https://www.kimi.com/blog/kimi-k2-6">Kimi 2.6</a> on O...

The open source Git project just released Git 2.54. Here is GitHub’s look at some of the most interesting features and changes introduced since last time.The post Highlights from Git 2.54 appeared first on The GitHub Blog.

Although Astro has built-in support for Markdown via .md files, I'd argue that your Markdown experience can be enhanced with MDX.Markdown + Astro = ❤️ originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.

A blog is a perfect use case for pre-rendering, so that the static build files can render all on their own. TanStack Start can even help with the server functions via middleware.

Investing in static code analysis tools might seem straightforward, but finding one that truly fits your team can be tough. Most tools promise the usual benefits: cleaner code, fewer bugs, better security, and more consistency in code reviews. Yet in reality, there’s a big difference between a tool the team embraces and one that everyone […]

Agents Week 2026 is a wrap. Let’s take a look at everything we announced, from compute and security to the agent toolbox, platform tools, and the emerging agentic web. Everything we shipped for the agentic cloud.

We built our internal AI engineering stack on the same products we ship. That means 20 million requests routed through AI Gateway, 241 billion tokens processed, and inference running on Workers AI, serving more than 3,683 internal users. Here's how we did it.

Learn about how we built a CI-native AI code reviewer using OpenCode that helps our engineers ship better, safer code.

Poorly handled session timeouts are more than a technical inconvenience. They can become serious accessibility barriers that interrupt essential online tasks, especially for people with disabilities. Here is how to implement thoughtful session management that improves usability, reduces frustration, and helps create a more accessible and respectful web.

Fixes 82 issues (addressing 381 👍). bun test --parallel, --isolate, --shard, and --changed, bun install streams tarballs to disk using 17x less memory, source maps use 8x less memory, 5.5x faster gzip with zlib-ng, Range request support in Bun.serve(), SHA3 in node:crypto and WebCrypto, ws+unix:// WebSocket client, and many bugfixes and Node.js compatibility improvements

Take a last chance to try out the Soft Navigations API before release with this final origin trial.

Kimi K2.6 from Moonshot AI is now available on .Vercel AI GatewayThe model focuses on long-horizon coding tasks, with generalization across languages such as Rust, Go, and Python and across front-end, devops, and performance optimization work. K2.6 can turn simple prompts into complete front-end interfaces with structured layouts.For autonomous, proactive agents that run continuously across multiple applications, K2.6 improves on API interpretation, long-running stability, and safety awareness d

<p><strong>TIL:</strong> <a href="https://til.simonwillison.net/google-sheets/datasette-sql">SQL functions in Google Sheets to fetch data from Datasette</a></p> <p>I put together some notes on patterns for fetching data from a Datasette instance directly into Google Sheets - using the <code>importdata()</code> function, a "named function" that wraps it or a Google Apps Script if you need to send an API token in an HTTP header (not supported ...

LINEヤフー株式会社では、技術に関するイベントや勉強会の主催・協賛などを行っています。最新情報は各リンク先でご確認ください。タイミングによっては、申し込み開始前や既に満席となっていることがあります。...

こんにちは、エンジニアリングマネージャーの宮崎（@sucalul）です。 今回は3月9日(月)〜11日(水)に開催したPR TIMES HACKATHON 2026 Springでやったことについて書きたいと思います。 […]

ソースコードや設定ファイルに含まれるAPIトークンやパスワードなどの機密情報を見つけるSecretlintのv12.0.0をリリースしました。Release v12.0.0 · secretlint/secretlintこのバージョンでは、次のように追加で検知できるようになったサービスが10個あります。Groq、Hugging Face、Notion、GitLab、Grafana、HashiCorp Vault、Vercel、Databricks、Docker、Figmaあわせて、@secretlint/secretlint-rule-preset-recommendのパッケージサイズを約80%削減しています。新しく追加された検出ルール@secretlint/secretlint-rule-preset-recommendに、次の10個のサービスのAPIトークンなどを検出するルールが追加されました。Groq - gsk_から始まるAPIキーHugging Face - hf_から始まるUser Access TokenNotion - secret_/ntn_から始まるIntegrat

<p><strong><a href="https://tools.simonwillison.net/claude-token-counter">Claude Token Counter, now with model comparisons</a></strong></p>I <a href="https://github.com/simonw/tools/pull/269">upgraded</a> my Claude Token Counter tool to add the ability to run the same count against different models in order to compare them.</p><p>As far as I can tell Claude Opus 4.7 is the first model to change the tokenizer, so it's only worth running...

Deploy apps from a pnpm or npm workspace to Cloudflare Pages with one GitHub Actions workflow, using Nx as the task scheduler to rebuild only what changed.

AI agents are increasingly used to refactor large codebases, but many teams lack a clear understanding of where they succeed and where they fail. At 1Password, we applied agentic tooling to a multi-million-line Go monolith, and in this blog we'll share what worked, what broke, and what it means for teams adopting AI in production systems.Here’s the situation: 1Password runs a large Go monolith called B5. It has been the foundation of our product for years and continues to perform well in product

Stytch works, until your enterprise deals outgrow it. Here's what to use instead.

A practical walkthrough of RFC 9449 for engineers: the proof JWT, server-issued nonces, key storage in the browser, and where DPoP fits next to mTLS.

How LLMs leak data, get hijacked, and turn friendly inputs into exploits, and why most of the defenses live outside the model.

The one layer of your app where 'seems to work' isn't good enough.

Most Shopify speed advice focuses on Lighthouse scores, but the real bottlenecks are oversized hero sections, uncontrolled app scripts, and poor loading strategy. Here's how to fix them properly.

<p><strong><a href="https://interconnected.org/home/2026/04/18/headless">Headless everything for personal AI</a></strong></p>Matt Webb thinks <strong>headless</strong> services are about to become much more common:</p><blockquote><p>Why? Because using personal AIs is a better experience for users than using services directly (honestly); and headless services are quicker and more dependable for the personal AIs than having them cl...

クリップボードを監視して、機密情報やAPIトークンが入ったら自動的にマスクするmacOSアプリ SecureClipboard を作りました。GitHub: secretlint/secure-clipboardテキストだけでなく画像にも対応していて、スクリーンショットに写り込んだトークンなどもVision frameworkでOCRしてマスクします。内部ではsecretlintを使って、AWS、GitHub、Slack、GCP、Azure、npm、Dockerなどのトークンを検出します。スキャン処理はすべてローカルで完結するmacOSアプリケーションなので、クリップボードの内容が外部に送信されることはありません。なぜ作ったかAPI Tokenをコピーして.envへ貼り付けたあと、そのトークンがクリップボード上に残り続けることがあります。そのまま別のウィンドウで⌘+Vしてしまい、Slackのメッセージ欄やLinearのIssueタイトル、ブラウザの検索バーなどに意図せずペーストしてしまう事故が起きやすいです。ペーストするまでクリップボードに何が入っているかは目に見えないので、気づきにく

GitHub CLI に `gh skill` コマンドが追加され、GitHub 上のエージェントスキルを簡単にインストール・検索・管理できるようになりました。この記事では `gh skill` コマンドの使い方について紹介します。

<p>Anthropic are the only major AI lab to <a href="https://platform.claude.com/docs/en/release-notes/system-prompts">publish the system prompts</a> for their user-facing chat systems. Their system prompt archive now dates all the way back to Claude 3 in July 2024 and it's always interesting to see how the system prompt evolves as they publish new models.</p><p>Opus 4.7 shipped the other day (April 16, 2026) with a <a href="https://claude.ai/">Claude.ai</a&...

<p><strong>Research:</strong> <a href="https://github.com/simonw/research/tree/main/extract-system-prompts#readme">Claude system prompts as a git timeline</a></p> <p>Anthropic <a href="https://platform.claude.com/docs/en/release-notes/system-prompts">publish the system prompts</a> for Claude chat and make that page <a href="https://platform.claude.com/docs/en/release-notes/system-prompts.md">available as Markdown</a>. I had Claud...

<p><em><a href="https://simonwillison.net/guides/agentic-engineering-patterns/">Agentic Engineering Patterns</a> ></em></p> <p>Here's an example of a deceptively short prompt that got a quite a lot of work done in a single shot.</p><p>First, some background. I send out a <a href="https://simonw.substack.com/">free Substack newsletter</a> around once a week containing content copied-and-pasted from my blog. I'm effectively ...

<p>This year's <a href="https://us.pycon.org/2026/">PyCon US</a> is coming up next month from May 13th to May 19th, with the core conference talks from Friday 15th to Sunday 17th and tutorial and sprint days either side. It's in Long Beach, California this year, the first time PyCon US has come to the West Coast since Portland, Oregon in 2017 and the first time in California since Santa Clara in 2013.</p><p>If you're based in California this is a great opportunity ...

Socket won two 2026 Reppy Awards from RepVue, ranking in the top 5% of all sales orgs. AE Alexandra Lister shares what it's like to grow a sales career here.

See how we created an emoji list generator during the Rubber Duck Thursday stream.The post Building an emoji list generator with the GitHub Copilot CLI appeared first on The GitHub Blog.

Changes to the status page will provide more specific data, so you'll have better insight into the overall health of the platform.The post Bringing more transparency to GitHub’s status page appeared first on The GitHub Blog.

This issue of What’s !important brings you clip-path jigsaws, a view transitions toolkit, name-only containers, the usual roundup of new, notable web platform features, and more.What’s !important #9: clip-path Jigsaws, View Transitions Toolkit, Name-only Containers, and More originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.

A site building framework like TanStack Start can be used to make a server-side rendered blog, no problemo.

The Agent Readiness score can help site owners understand how well their websites support AI agents. Here we explore new standards, share Radar data, and detail how we made Cloudflare’s docs the most agent-friendly on the web.

Today, we’re excited to give you a sneak peek of our support for shared compression dictionaries, show you how it improves page load times, and reveal when you’ll be able to try the beta yourself.

Soft directives don’t stop crawlers from ingesting deprecated content. Redirects for AI Training allows anybody on Cloudflare to redirect verified crawlers to canonical pages with one toggle and no origin changes.

Running LLMs across Cloudflare’s network requires us to be smarter and more efficient about GPU memory bandwidth. That’s why we developed Unweight, a lossless inference-time compression system that achieves up to a 22% model footprint reduction, so that we can deliver faster and cheaper inference than ever before.

Cloudflare Agent Memory is a managed service that gives AI agents persistent memory, allowing them to recall what matters, forget what doesn't, and get smarter over time.

By migrating our request handling layer to a Rust-based architecture called FL2, Cloudflare has increased its performance lead to 60% of the world’s top networks. We use real-user measurements and connection trimeans to ensure our data reflects the actual experience of people on the Internet.

We are launching Flagship, a native feature flag service built on Cloudflare’s global network to eliminate the latency of third-party providers. By using KV and Durable Objects, Flagship allows for sub-millisecond flag evaluation.

GraphiteA free and open source vector editing tool that looks great. Sure, Affinity is now free to everyone, but tools like Graphite will work well if you want to get away from corporate software, for example.Blank pageA handy, simple markdown/text editor that even has dictation capabilities.delphitoolsThere's some unbelievably good tools in this collection and there are loads to choose from. Our favourite is the simple font file explorer.WiretextWireframes are supposed to be very lo-fi and this

Retention policies no longer delete the latest preview deployment for branches with open or unmerged pull requests. Previously, deployments for active branches could be removed if they exceeded the configured retention window.This means you can safely use shorter retention windows without risking losing active preview deployments. This change applies to all plans.Your 10 most recent production deployments and any aliased deployments continue to be preserved regardless of retention settings.Learn

NIST will stop enriching most CVEs under a new risk-based model, narrowing the NVD's scope as vulnerability submissions continue to surge.

<p><strong>Release:</strong> <a href="https://github.com/simonw/datasette/releases/tag/1.0a28">datasette 1.0a28</a></p> <p>I was upgrading Datasette Cloud to <a href="https://simonwillison.net/2026/Apr/15/datasette/">1.0a27</a> and discovered a nasty collection of accidental breakages caused by changes in that alpha. This new alpha addresses those directly:</p><blockquote><ul><li>Fixed a compatibility bug introduced i...

Zo Computer on VercelDeath by a thousand adaptersAI SDK + AI Gateway: two layers, one integration20x improvement in reliabilityScaling to a million personal cloud owners20x reduction in retry rate (7.5% → 0.34%)99.93% chat success rate (up from 98%)P99 latency cut 38% (131s → 81s)New models added in less than 1 minuteAverage latency improved 25.7%P95: 46s → 34s (25% improvement)P99: 131s → 81s (38% improvement)Every company has servers that store data, run services, and do work around the clock.

こんにちは。フロントエンドエンジニアの小張（@kobari41257）です。 PR TIMESは、フロントエンドカンファレンス名古屋2026にゴールドスポンサーとして協賛いたします。また、同イベントに当社から1名のエンジ […]

Bug Fixes14be92b fix: model generator yield resumption paths in code path analysis (#20665) (sethamus)84a19d2 fix: no-async-promise-executor false positives for shadowed Promise (#20740) (xbinaryx)af764af fix: clarify language and processor validation errors (#20729) (Pixel998)e251b89 fix: update eslint (#20715) (renovate[bot])Documentationca92ca0 docs: reuse markdown-it instance for markdown filter (#20768) (Amaresh S M)57d2ee2 docs: Enable Eleventy incremental mode for watch (#20767) (Amaresh

April marks Southwest Asia and North Africa (SWANA) Heritage Month, a time to recognize and celebrate the rich cultures, histories, and contributions of SWANA communities. At 1Password, we’re proud to highlight the people who bring these perspectives to life in our work and shape our culture every day.This month, we’re spotlighting Kaynat Chowdhury, Customer Success Manager and Communications Lead for our SWANA Employee Community Group. We sat down with Kaynat to learn more about her career jour

<p><strong>Release:</strong> <a href="https://github.com/simonw/llm-anthropic/releases/tag/0.25">llm-anthropic 0.25</a></p> <blockquote><ul><li>New model: <code>claude-opus-4.7</code>, which supports <code>thinking_effort</code>: <code>xhigh</code>. #66</li><li>New <code>thinking_display</code> and <code>thinking_adaptive</code> boolean options. <code>thinking_disp...

Socket is an initial recipient of OpenAI's Cybersecurity Grant Program, which commits $10M in API credits to defenders securing open source software.

<p>For anyone who has been (inadvisably) taking my <a href="https://simonwillison.net/tags/pelican-riding-a-bicycle/">pelican riding a bicycle benchmark</a> seriously as a robust way to test models, here are pelicans from this morning's two big model releases - <a href="https://qwen.ai/blog?id=qwen3.6-35b-a3b">Qwen3.6-35B-A3B from Alibaba</a> and <a href="https://www.anthropic.com/news/claude-opus-4-7">Claude Opus 4.7 from Anthropic</a>.</p><p&...

Learn how Github uses eBPF to detect and prevent circular dependencies in its deployment tooling. The post How GitHub uses eBPF to improve deployment safety appeared first on The GitHub Blog.

We're building AI Gateway into a unified inference layer for AI, letting developers call models from 14+ providers. New features include Workers AI binding integration and an expanded catalog with multimodal models.

We built a custom technology stack to run fast large language models on Cloudflare’s infrastructure. This post explores the engineering trade-offs and technical optimizations required to make high-performance AI inference accessible.

Behind every technology, there should be a guide for its use. While JavaScript modules make it easier to write “big” programs, if there are no principles or systems for using them, things could easily become difficult to maintain.A Well-Designed JavaScript Module System is Your First Architecture Decision originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.

StepSecurity adds cooldown and group support for Dependabot configuration, giving teams control over update frequency and PR batching across npm, pip, Docker, and GitHub Actions. Reduce alert fatigue. Merge more patches. Strengthen your supply chain.

Give your agents, developers, and automations a home for code and data. We’ve just launched Artifacts: Git-compatible versioned storage built for agents. Create tens of millions of repos, fork from any remote, and hand off a URL to any Git client.

AI Search is the search primitive for your agents. Create instances dynamically, upload files, and search across instances with hybrid retrieval and relevance boosting. Just create a search instance, upload, and search.

Learn how to deploy PlanetScale Postgres and MySQL databases via Cloudflare and connect Cloudflare Workers.

Let's work out what I need to account for here by referring back to our existing page audit.I need to account for the following:Post listings, limited by a defined items per pagePagination to render each page of post listingsThe actual blog items themselvesWith those, I'd consider this base implementation done, which is where I want to be in this iteration.A pagination shell component---const { next, previous } = Astro.props;---{ (previous || next) && ( <div class="wrapper"> <na...