GitHub Copilot’s next edit suggestions just got faster, smarter, and more precise thanks to new data pipelines, reinforcement learning, and continuous model updates built for in-editor workflows.The post Evolving GitHub Copilot’s next edit suggestions through custom model training appeared first on The GitHub Blog.

Socket now scans OpenVSX extensions, giving teams early detection of risky behaviors, hidden capabilities, and supply chain threats in developer tools.

Is there really a difference between using :not(:open) and :closed? As always, it depends. Sunkanmi Fafowora explains why :closed is currently not a thing.Should We Even Have :closed? originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

You can now access Google's cutting edge image model, Nano Banana Pro (Gemini 3 Pro Image), via Vercel's with no other provider accounts required.AI GatewayNano Banana Pro (Gemini 3 Pro Image) is designed to work for more advanced use cases than Nano Banana. This model introduces improvements specifically for professional and creative workflows, like the generation of diagrams with accurate labeling and integration of web search information for images with up-to-date information. Nano Banana Pro

皆さんこんにちは、こんばんは。今年も冬キャンプにベストなシーズンになってウキウキしている取締役CPO/CAIOの山崎です。 最近お気に入りのキャンプギアはSoomloomのIGTハーフ対応の焚き火台と、同じくSoomloomの円形のアイロンストーブです。 ということで、本日はマネジメントチームブログリレー1日目の記事を担当することになりました。 11月でもタープ泊のストロングスタイル。シュラフはEnlightened Equipmentの30F対応キルト。むしろ暑すぎました。 エンジニアリンググループマネジメントチームについて プロダクト支援チームについて 私の役割 イベントスポンサーとイベン…

こんにちは、バックエンドエンジニアの中山です。 今回は、11月7日に開催されたPR TIMES主催イベントでのブース運営に加えて、11月8日に開催された「PHPカンファレンス福岡2025」に参加してきました。 PHPカン […]

こんにちは、Webエンジニアのima1zumiです。2025年11月6日から7日に島根県松江市で開催されたRubyWorld Conference 2025に参加しました。この記事では参加レポートと、参加したメンバーからの感想をお届けします。 RubyWorld Conferenceは、プログラミング言語Rubyの国内最大のビジネスカンファレンスで、毎年松江市で開催されています。今年は400名ほどの参加だったそうです。 Ruby biz グランプリでSTORESは大賞を受賞しました くにびきメッセ入口の看板 以下は参加したメンバーの感想です。 感想 ima1zumi 印象に残ったセッション： …

JSConf JP2025- https://jsconf.jp/2025/enX- https://twitter.com/sajikix

目次 はじめに データ分析の課題 データ分析基盤システム全体像 AI-Ready なデータ分析基盤の ...

A satisfying little rant from Justin Fagnani: Stop Using CustomEvent. One point is that you’re forcing the consumer of the event to know that it’s custom and you have to get data out of the details property. Instead, you can subclass Event with new properties and the consumer of that event can pull that data […]

Astro 5.16 brings experimental SVG optimization with SVGO, interactive CLI shortcuts, and improved developer experience across the board.

IntroductionRails continues to refine its built-in error handling tools.Testing error reporting behavior has become more precise with new testing utilities introduced in Rails 7.1.Rails 7.1 brought us assert_error_reported and assert_no_error_reported.These additions make our test suites more expressive and align better with Rails testing conventions.Rails 8.1 takes this further with capture_error_reports.This latest addition gives us even more control when we need to verify error details like m

Building Personas for B2B Consultancy WebsitesWhen we started designing for B2B consultancy websites, we realized one thing quickly: not every visitor is the same. Some people come to learn, others to compare options, and a few already know what they want. To design something that connects with all of them, we needed to understand who they are and what they care about. That’s where building personas comes in.Why Personas MatterA persona is a simple profile that represents a group of users with s

Learn how to measure the performance of your Rust code by writing and running benchmarks locally and continuously in CI to catch regressions.

Security leaders are under pressure to manage an expanding number of SaaS apps and shadow IT. Automation transforms the fight for visibility into a framework of continuous monitoring.Virtually every company runs on more SaaS than it can see, and spends more on it than it can control.From analytics tools to HR platforms and AI agents, every new license improved productivity while expanding the surface that IT and security must protect.For years, Identity and Access Management (IAM) and Identity G

We’re excited to announce that today, 1Password Enterprise Password Manager – MSP Edition is now available through Renaissance, a leading IT distributor serving MSPs across the Island of Ireland. This partnership enables even more MSPs to access 1Password through local channels, streamlining their procurement and billing processes while expanding access to enterprise-grade credential security.We know that growing MSPs around the world are constantly balancing the need to:Ensure their own operati

Everything you need to know about choosing a SAML provider for enterprise SSO in modern B2B platforms.

Remote caching delivers such dramatic improvements that many teams stop there, thinking they've maximized their investment. But the real bottleneck isn't just slow task execution—it's the time spent babysitting PRs through flaky test failures and manual reruns. Cache speeds up your tasks, but it can't eliminate the interruptions that keep developers waiting for green builds.

We're using embedding-guided tool routing, adaptive clustering, and a streamlined 13-tool core to deliver faster experience in VS Code.The post How we’re making GitHub Copilot smarter with fewer tools appeared first on The GitHub Blog.

Learn how to write effective agents.md files for GitHub Copilot with practical tips, real examples, and templates from analyzing 2,500+ repositories.The post How to write a great agents.md: Lessons from over 2,500 repositories appeared first on The GitHub Blog.

Bringing supply chain security to the next generation of JavaScript package managers

記事は ics.media へアクセスしてご覧ください。

Jonathan Reimer shares insights on open source startups, developer go-to-market, ecosystem trends, and how AI is reshaping software.The post Jonathan Reimer on Open Source, Startups, and AI appeared first on Semaphore.

Butterick’s Practical TypographyThis book (available to read online) is absolutely packed full of gold.Staggered animation with CSS sibling-* functionsA great, practical article teaching you about the newer sibling-index() and sibling-count() functions in CSS.EchoFeedEverything you read outside of the Piccalilli site (including this email) is powered by tooling like this under the hood. Automation without the hassle is always a good thing too in our experience.Why do you need big tech for your S

When you run vlt install, packages are downloaded and extracted to node_modules, but no lifecycle scripts execute.

Texture component swizzle, and remove bgra8unorm read-only storage texture usage.

こんにちは、技術広報のえんじぇるです。 STORES Tech Conf 2025 “What Would You Do?” の開催が近づいてきました！準備に邁進している今日この頃です。 storesinc.tech STORES Tech Conf 2024からコンテンツを大幅に増やしているので、この記事では STORES Tech Conf 2025 “What Would You Do?”のセッション以外のお楽しみポイントを紹介します。 ポスターセッション 前回好評だったポスターセッションがパワーアップし、15の発表があります！ 先日ポスターセッションのレビューをしたのですが、会議室がポ…

In episode five of Securing the Win, Formula 1® journalist and broadcaster Chris Medland takes us inside the cockpit with Oracle Red Bull Racing’s Max Verstappen and Yuki Tsunoda to uncover what it takes to win. Through their words and the unseen organization that powers them, Medland discovers how every team member at Oracle Red Bull Racing works together to make the car go faster.After exploring leadership, security, and trust behind the scenes, Securing the Win brings us closer to the people

If you’ve built anything with AI tools lately…You’ve probably seen a file like this sitting in your project root:{ "tools": { "github": { "endpoint": "https://api.github.com", "auth": { "token": "ghp_your-secret-token" } } } }That’s a typical mcp.json, the file many agentic development environments (like Cursor or Claude Code) use to tell an MCP server what APIs it can call and what credentials to use.It’s handy. It works. It’s also a plaintext secret waiting to leak.Push that repo to GitHub, sy

Tools like Bolt, Dazl, and Lovable are leading the charge with AI coding tools. But there are design patterns that can improve vibecoding workflows even more, reducing friction, and elevating AI tool UX into intuitive, creator-friendly experiences that appeal to users on a massive scale.

Everything you need to know about OTPs, from HOTP and TOTP internals to real-world pros and cons, plus how WorkOS can help you implement them cleanly.

WorkOS is a proud partner in the Microsoft Entra Agent ID partner ecosystem.

Your competitors will eat your lunch while you refactor

There is quite a bit of interesting design possibility with `random()` coming to CSS. It pairs nicely with animation, particularly animation-composition for agumenting those generated values.

A safer, faster way to eliminate vulnerabilities without updating dependencies

Prevent accessibility issues before they reach production. The Annotation Toolkit brings clarity, compliance, and collaboration directly into your Figma workflow.The post Level up design-to-code collaboration with GitHub’s open source Annotation Toolkit appeared first on The GitHub Blog.

The Gemini 3 Pro Preview model, released today, is now available through the and on . Thanks to Google, Vercel has been testing Gemini 3 Pro Preview across v0, Next.js, AI SDK, and Vercel Sandbox over the past several weeks.Vercel AI Gatewayv0.appWe've noticed the model has an increased focus on coding, multimodal reasoning, and tool use, though it's seen improvements across the board.From our testing, Gemini 3 Pro Preview delivers substantial improvements in instruction following and response c

You can now access Google's latest model, Gemini 3 Pro, via Vercel's with no other provider accounts required.AI GatewayGemini 3 Pro excels at challenging tasks involving reasoning or agentic workflows. In particular, the model improves on Gemini 2.5 Pro's performance in multi-step function calling, planning, reasoning over complex images/long documents, and instruction following.To use Gemini 3 Pro in AI Gateway with the , set to . Gemini 3 Pro is a reasoning model, and you can specify the leve

At JetBrains, we love seeing the developer community grow and thrive. That’s why we support open-source projects that make a real difference — the ones that help developers learn, build, and create better software together. We’re proud to back open-source maintainers with free licenses and to contribute to initiatives that strengthen the ecosystem and the […]

Server chaos doesn’t have to be the norm. AI-ready infrastructure and automation can bring clarity, performance, and focus back to your web work.

Two-step location permissions in Chrome on Windows for enhanced user privacy and control.

こんにちは、原田伶央です。DX内製エンジニア専門組織「INTECH」でFlutterエンジニアをして ...

Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.

Introduction — The Accidental Era of "AI First" Over the last two years, you've probably noticed a strange vibe in the software world: everyone is moving at impossible speed while simultaneously questioning if any of this will matter in five years. We've crossed into a world where individuals can do what once required teams. A world where "engineering" sometimes means "describe the system you want and let an agent scaffold 70% of it." A world where the differentiator is no longer what you can bu

IT and security leaders share a common goal: to empower teams to move fast without compromising security.Over the past year, we partnered closely with customers across industries to understand what helps them scale and where they need more flexibility and control.Their feedback shaped our latest updates to 1Password Enterprise Password Manager (EPM). Each enhancement is designed to make enterprise deployment and governance faster, simpler, and more intuitive so security teams can focus on strate

I like programming languages where variables are immutable by default. For example, in Rust, let declares an immutable variable and let mut declares a mutable one. I’ve long wanted this in other languages, like TypeScript, which is mutable by default—the opposite of what I want!I wondered: is it possible to make TypeScript values immutable by default?My goal was to do this purely with TypeScript, without changing TypeScript itself. That meant no lint rules or other tools. I chose this because I

Everything you need to know to implement and validate JWTs securely in Go: from signing to verifying with JWKS, with code examples and best practices throughout.

こんにちは、先日開催された社内イベント「ごーとんカップ 2025」にてセキュリティチャンピオンになりました、ソフトウェアエンジニアの渡邉(匠)です。「カミナシ 設備保全」の開発に携わっています。 最近、AIエージェントの技術トレンドに乗り遅れないよう、Amazon Bedrock を使ったプロトタイピングに取り組んでいます。その中で、Amazon Bedrock Agents で提供されている「Return of Control」という機能をStrands AgentsとAmazon Bedrock AgentCoreを使って作ってみたので、その実装方法と学びを共有します。 Return of…

By using two sequential View Transitions when intercepting links with the Navigation API – one in the precommitHandler and one in the regular handler – you can fake a Two-Phase View Transition today!

How taking on a short-term leadership contract can pave the way to long-term opportunities.

Alex MacArthur shows us there are a lot of ways to break up long tasks in JavaScript. Seven ways, in this post. That’s a senior developer thing: knowing there are lots of different ways to do things all with different trade-offs. Depending on what you need to do, you can hone in on a solution.

The Kubernetes community announced that Ingress NGINX will be retired in March 2026. After that, there won’t be any more updates, bugfixes, or security patches. This decision came after years of the project being maintained by just 1-2 developers working nights and weekends, plus some serious security issues earlier this year (IngressNightmare CVE-2025-1974) that made […]

Generate code with your components faster using fewer tokens

The open source Git project just released Git 2.52. Here is GitHub’s look at some of the most interesting features and changes introduced since last time.The post Highlights from Git 2.52 appeared first on The GitHub Blog.

Reachability analysis for Ruby is now in beta, helping teams identify which vulnerabilities are truly exploitable in their applications.

If we have a ratio that represents the sine, cosine or tangent of an angle, how can we get the original angle? This is where inverse trigonometric functions come in!The “Most Hated” CSS Feature: asin(), acos(), atan() and atan2() originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Bringing Replicate’s tools into Cloudflare will continue to make our Workers Platform the best place on the Internet to build and deploy any AI or agentic workflow.

Malicious npm packages use Adspect cloaking and fake CAPTCHAs to fingerprint visitors and redirect victims to crypto-themed scam sites.

You can now can easily deploy FastAPI and Flask with custom Build Commands, expanding support for Python projects on Vercel.In addition to defining a in the project Settings dashboard, you can also define a script ininside your . Build Commandbuild[tool.vercel.scripts]pyproject.tomlThis script will run after dependencies are installed, but before your application is deployed.Learn more about the for Python projects.Build CommandRead more

, a popular ergonomic TypeScript framework with end-to-end type safety, can now be deployed instantly on Vercel.ElysiaWhen deployed, Vercel will now automatically identify your app is running Elysia and provision the optimal resources to run it efficiently.By default, Elysia will use Node. You can opt-in to the Bun runtime by adding the below to your .bunVersion linevercel.jsonBackends on Vercel use with by default, so you only pay for time where your code is actively using CPU.Fluid computeActi

Test new Content Security Policy (CSP) features in origin trial.

エムスリーUnit9でプロダクトマネージャーをしている北島です。 この記事はデータ基盤チーム & Unit9（エビデンス創出プロダクトチーム） ブログリレー6日目の記事です。 私が所属するUnit9では、データプロダクトの提供やデータの社内活用を行い、データを通じた価値創出をすることをミッションとしています。そのため、日々多くの分析依頼を受けています。 アドホックな分析依頼は、その場限りの対応になりがちではないでしょうか。急ぎの案件が多かったり、依頼ごとに要望される分析ロジックが違うことなどが理由として挙げられます。ただ、単発での対応を続けると、依頼の増加とともにに担当者が対応に追われてしまう…

はじめに こんにちは！東京都市大学大学院 総合理工学研究科 修士1年の平井佑樹です。大学ではリアルタ ...

Learn how to measure the performance of your Python code by writing and running benchmarks locally and continuously in CI to catch regressions.

A look at why tooltip components are often the wrong abstraction in design systems, leading to accessibility issues, misuse, and inconsistent user experiences.

A developer-focused walkthrough of SAML SSO for developers who want to understand all the moving parts without needing a PhD in XML sorcery.

HTML parsing speed speed depends on the processing power of the visitor's device. I collected two quick datapoints.

どうもセキュリティエンジニアの西川です。私は最近ポケモンカードの奥深さと難しさを痛感する日々を過ごしていますが、みなさんいかがお過ごしでしょうか。 カミナシでは社内セキュリティ競技会を実施しました。1年に1度開催しておりまして、気付けば今年で3回目です。初回は私一人で運営していましたが、2回目は二人、3回目は三人と徐々にセキュリティエンジニアリングに人が増え、問題の幅が増えたように感じています。 「こいつ競技会やる度にブログ書いてるな」と思われるかもしれないのですが、新しい発見というか自分なりに改めて社内セキュリティ競技会を実施する目的などを言語化したので、それについても共有できればと思ってい…

YAPC::Fukuoka 2025で「読む技術・書く技術・伝える技術 - 15年続けて分かった持続可能なオープンソース開発」というタイトルで発表をしました。スライドは次のページで公開しています。スライド: 読む技術・書く技術・伝える技術 - 15年続けて分かった持続可能なオープンソース開発Proposal: https://fortee.jp/yapc-fukuoka-2025/proposal/64dbeabc-a630-4564-97ff-812106e7be81発表内容この発表では、15年間のオープンソース活動から学んだ持続可能な開発のための3つのプロジェクトについて話しています。読む技術 - JSer.infoJSer.infoは2011年から続けている週刊のJavaScript情報ブログで、これまでに750記事以上を公開しています。「整理されたデータである『情報』を伝えること」をテーマに、14年間続けてきた情報収集システムやワークフローについて紹介しています。関連記事:JSer.info 10周年: JavaScript情報の集め方、書き方、まとめ方 - JSer.info

Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.

Explore the most common misconceptions about monorepos and learn the truth behind the myths. From performance concerns to scaling limitations, we tackle the biggest obstacles to monorepo adoption.

Discover practical tips, examples, and best practices for writing effective instructions files. Whether you’re new or experienced, you’ll find something to level up your code reviews.The post Unlocking the full power of Copilot code review: Master your instructions files appeared first on The GitHub Blog.

Probably worth keeping an eye on Vite+ (still in “early access”). They say it’s “everything you’ve been duct-taping together” which feels actually kinda fair when you consider this has “dev, build, test, lint, format, monorepo caching & more in a single dependency.” So even if you’re using Vite anyway, perhaps you’d get to ditch Jest […]

The extremely new framework that caught lots of attention will continue as a personal project.Quiet UI Came and Went, Quiet as a Mouse originally published on CSS-Tricks, which is part of the DigitalOcean family. You should get the newsletter.

Debugging controllers can be a real pain. Here’s a deep dive into how CSS helps clean it up and how to build a reusable visual debugger for your own projects.

public.monsterThis is fantastic. Free hosting for people that want a place on the internet that is their own as a throwback to the 90s.Little Character fontA free and open source font that has an incredible back-story. I saw Astrid (the creator) talk about it at beyond tellerrand last week and I'm still thinking about it.HandyA handy, free, open source speech-to-text tool designed to bring accessibility to as many people as possible.Stonking newsThis is cool: news ranked by engagement on Bluesky

PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads

こんにちは。2025年の9月に中途で入社しましたフロントエンドエンジニアの白濱（@shiraha_maru）です。社内デザインシステムのMCP化、Figma MCPを活用して入社1ヶ月目からスムーズに開発を進められる体制 […]

Bring Val Town to your favorite LLM

At 1Password, we know that a culture of belonging is essential to achieving our company’s goals. Since launching our first Employee Resource Groups (ERGs) in 2021 and expanding to Employee Community Groups (ECGs) in 2023, these communities have become so much more than spaces for connection – they’re shaping how we lead, grow, and perform together. Today, our ERGs and ECGs collectively represent more than 1,300 Slack channel members, reflecting strong engagement across communities at 1Password.O

HighlightsThis version of ESLint is not ready for production use and is provided to gather feedback from the community before releasing the final version. Please let us know if you having any problems or feedback by creating issues on our GitHub repo.Most of the highlights of this release are breaking changes, and are discussed further in the migration guide. There are summaries of the significant changes below. (Less significant changes are included in the migration guide.)This prerelease versi

Mix client and server code seamlessly with React Server Components (RSC), now available outside of the Next.js ecosystem.

A practical guide to choosing the right machine authentication model for your SaaS product.

I saw Tony Conway & Jeremy Wagner’s post on web.dev, Use Baseline with Browserslist, and I had a little play with it myself (saved live stream). Allow me to write down what I know and what I learned. So here’s Browserslist. Browserslist is the developer community at it’s best. There are a bunch of tools […]