JSer.infoの情報源となるサイトをまとめたサイトです。
全てのサイトを一つにまとめたRSSを配信しています

Slackに貼り付けると更新を受け取ることができます

直近1週間の更新

7/9 (木)

記事のアイキャッチ画像
How GitHub Copilot enables zero DNS configuration for GitHub Pages ブログのファビコン The GitHub Blog
Go from an empty repository to a live custom domain with HTTPS in about 14 minutes, without manually editing a single DNS record.The post How GitHub Copilot enables zero DNS configuration for GitHub Pages appeared first on The GitHub Blog.
44分前

7/8 (水)

記事のアイキャッチ画像
How to Make an Interactive Element Invisible but Accessible ブログのファビコン Master.dev Blog RSS Feed
The attribute `hidden="until-found" can be quite useful in HTML, but we'll need another unexpected bit of CSS to ensure space is reserved.
3時間前
記事のアイキャッチ画像
Introducing Meerkat: an experiment in global consensus
はてなブックマークアイコン 1
ブログのファビコン The Cloudflare Blog
Cloudflare Research is building a global consensus service called Meerkat that uses a new consensus algorithm called QuePaxa. We plan to use Meerkat to build a strongly consistent, fault-tolerant key-value store, and other applications.
4時間前
記事のアイキャッチ画像
pnpm 11.10 Hardens Registry Authentication to Block Token Redirection ブログのファビコン Socket
pnpm 11.10 hardens registry auth to block token redirection, tightens pack-app and deploy, and makes the Rust port (v12) installable.
12時間前
記事のアイキャッチ画像
Flags SDK now evaluates flags 10x faster ブログのファビコン Vercel News
and now evaluate multiple feature flags in bulk around 10x faster. Flags SDKVercel FlagsFlag evaluation time improved by reducing microtask queue overhead and creating fewer promises. The improvement scales with the number of flags.Use instead of to benefit from these optimizations:await evaluate([flagA, flagB])Promise.all([flagA(), flagB()])You can also pass an object to evaluate flags with named keys automatically benefits from these improvements as well.precompute()Upgrade and to the latest v
17時間前
記事のアイキャッチ画像
Use any Chat SDK adapter with eve ブログのファビコン Vercel News
now supports Chat SDK adapters with the new .eveChat SDK channelOne channel connects your eve agent to Facebook Messenger, WhatsApp, Resend, Liveblocks, and any other surface with an . You write normal Chat SDK handler code, and calling inside a handler hands the message to your agent.adaptersendRegister handlers on exactly as you would in a standalone Chat SDK app.botOut of the box, the channel:Supply your own handlers to override any of these defaults.eventsRead the documentation to get starte
17時間前
記事のアイキャッチ画像
Chat SDK now supports Vercel Connect ブログのファビコン Vercel News
You can now use to manage credentials for your bots, with no tokens or signing secrets to store or rotate yourself.Vercel ConnectChat SDKThe new subpath provides adapter helpers for Slack, GitHub, and Linear. Each helper takes a connector UID and returns a config you spread into the matching adapter factory.@vercel/connect/chatOutbound bot calls use a function-form token field backed by , so each API request gets a fresh, short-lived token that Vercel Connect rotates for you.getTokenInbound use
17時間前
記事のアイキャッチ画像
Chat SDK adds Dial support ブログのファビコン Vercel News
Chat SDK now supports Dial with the new .vendor-official adapterBuild bots that send and receive SMS, MMS, and iMessage on a real phone number, with bidirectional media and inbound voice-call transcripts. Replies use the standard Chat SDK thread and message APIs, with HMAC-verified webhooks and stable per-conversation threading.Each phone conversation becomes a Chat SDK . Texts and media arrive as messages on that thread, and when a voice call ends, its transcript appears there too. Subscription
17時間前
記事のアイキャッチ画像
Chat SDK adds Photon support ブログのファビコン Vercel News
Chat SDK now supports Photon with the new .vendor-official adapterBuild bots that send and receive iMessages directly and in group chats, share media, and react with native tapbacks. Run the adapter against Spectrum Cloud, your own server, or directly on a Mac.Each Photon conversation becomes a Chat SDK thread, and tapbacks come through as reactions. Handlers, posts, and subscriptions work the same as with any other adapter. Webhooks are HMAC-verified, and your bot can reply to a DM straight fro
17時間前
記事のアイキャッチ画像
The Prototype Trap: Shipping AI-written Code Before It’s Ready ブログのファビコン CKEditor Ecosystem Blog
Fast AI prototypes are slipping into production. Learn why vibe coding creates risk—and how leaders can stop the prototype trap.
18時間前
記事のアイキャッチ画像
GitHub Secret Scanning Public Monitoring for Enterprises: Coverage and Gaps ブログのファビコン Step Security Blog
GitHub's new public monitoring finds your enterprise's leaked secrets anywhere on github.com. Here is what it covers, what it cannot see, and how to close the exfiltration gap
19時間前
記事のアイキャッチ画像
sqlite-utils 4.0, now with database schema migrations Simon Willison's Weblog
<p>This morning I released <a href="https://sqlite-utils.datasette.io/en/stable/changelog.html#v4-0">sqlite-utils 4.0</a>, the 124th release of that project and the first major version bump since <a href="https://sqlite-utils.datasette.io/en/stable/changelog.html#v3-0">3.0</a> in November 2020. In addition to some small but significant breaking changes (described in <a href="https://sqlite-utils.datasette.io/en/stable/upgrading.html">this upgrade guide</a&...
21時間前
記事のアイキャッチ画像
LLM Model Fallback Is a Product Strategy ブログのファビコン CKEditor Ecosystem Blog
When Anthropic's Fable 5 went offline with no warning, products on a single LLM broke. Why model fallback and provider abstraction is product strategy.
1日前
記事のアイキャッチ画像
Top Burp Suite alternatives for web application security testing ブログのファビコン Aikido Security's Blog
Compare the top Burp Suite alternatives for DAST and AI pentesting, including Aikido, Caido, ZAP, and Invicti.Category: DevSec Tools & Comparisons
1日前
記事のアイキャッチ画像
Coordinated npm and PyPI Campaign Typosquats Popular Secure Payment Apps ブログのファビコン Socket
Socket uncovered 17 malicious npm and PyPI packages typosquatting Paysafe, Skrill, and Neteller SDKs to steal developer secrets.
1日前
記事のアイキャッチ画像
sqlite-migrate 0.2 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/sqlite-migrate/releases/tag/0.2">sqlite-migrate 0.2</a></p> <p>The version that retires the library, instead implementing a compatibility shim against the new sqlite-utils 4.0 dependency.</p> <p>Tags: <a href="https://simonwillison.net/tags/sqlite-utils">sqlite-utils</a></p>
1日前
記事のアイキャッチ画像
github-code Web Component Simon Willison's Weblog
<p><strong>Tool:</strong> <a href="https://tools.simonwillison.net/github-code-component">github-code Web Component</a></p> <p>An experimental Web Component built using GPT-5.5 and <a href="https://gist.github.com/simonw/0e3db21947b5ae7e29e8a4f69a0b0617">the following prompt</a>:</p><blockquote><p><code>let's build a Web Component for embedding code from GitHub</code></p><p><code><github...
1日前
記事のアイキャッチ画像
Q1 2026 Innovation Graph update: Open source collaboration is accelerating worldwide ブログのファビコン The GitHub Blog
New Innovation Graph data shows global developer communities growing faster than ever, with collaboration reaching new highs across many economies.The post Q1 2026 Innovation Graph update: Open source collaboration is accelerating worldwide appeared first on The GitHub Blog.
1日前
記事のアイキャッチ画像
sqlite-utils 4.0 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/sqlite-utils/releases/tag/4.0">sqlite-utils 4.0</a></p> <p>See <a href="https://simonwillison.net/2026/Jul/7/sqlite-utils-4/">sqlite-utils 4.0, now with database schema migrations</a> for details.</p> <p>Tags: <a href="https://simonwillison.net/tags/sqlite-utils">sqlite-utils</a></p>
1日前
記事のアイキャッチ画像
Get Ready For the Powerful CSS border-shape Property! ブログのファビコン CSS-Tricks
We recently got the shape() function and corner-shape property. What else could we possibly need as far as making shapes in CSS? Let me tell you: the border-shape property!Get Ready For the Powerful CSS border-shape Property! originally handwritten and published with love on CSS-Tricks. You should really get the newsletter as well.
1日前
記事のアイキャッチ画像
Boundary-Aware Styling in CSS ブログのファビコン Master.dev Blog RSS Feed
You might think of the view() function as used in scroll-driven animations, but really it just pairs @keyframes animation with the current position of an element.
1日前

7/7 (火)

記事のアイキャッチ画像
Cloudflare proudly joins the UK government's Cyber Resilience Pledge ブログのファビコン The Cloudflare Blog
The pledge is a voluntary framework inviting organizations to commit to foundational cyber security governance, board-level accountability, and supply chain rigor. For over a decade, Cloudflare has pioneered the core pillars of this framework: democratizing security, leadership accountability, and radical transparency.
1日前
記事のアイキャッチ画像
Top Chainguard alternatives 2026 ブログのファビコン Aikido Security's Blog
Comparing the best Chainguard alternatives in 2026, from Aikido Security to Docker Hardened Images, Minimus, RapidFort, and Echo.Category: DevSec Tools & Comparisons
1日前
記事のアイキャッチ画像
JetBrains AI for Teams and Organizations: From Fragmented AI Usage to Coordinated Software Development ブログのファビコン Company | The JetBrains Blog
We’re about to start rolling out a new set of AI capabilities that provide shared context, reusable agentic workflows, organization-level governance, and cost control for software production. Developers use different AI tools depending on the task – from JetBrains IDEs to terminal-based agents such as Claude Code, Codex, and other emerging solutions. That freedom is […]
1日前
記事のアイキャッチ画像
Meet Kirki: WordPress’s First Visual Builder With An Infinite Canvas ブログのファビコン Articles on Smashing Magazine — For Web Designers And Developers
We have been building websites inside boxes for years on WordPress. Let’s take a closer look at [Kirki](https://kirki.com/), the first freeform visual builder with an infinite canvas, and explore how it redefines the experience with cleaner performance, full design freedom, and zero plugin dependency.
1日前
記事のアイキャッチ画像
You can now view the Activity Log at a project-level ブログのファビコン Vercel News
Project Settings now includes its own project-specific A. This view pulls the relevant user events from the Activity Log in Team Settings. Review project-level activity without leaving your project settings. ctivity LogVisit to try it out.your project settingsRead more
1日前
記事のアイキャッチ画像
Vercel acquires Better Auth to accelerate open source auth ブログのファビコン Vercel News
Vercel is acquiring , the company behind the open source , which has 4.7M+ weekly npm downloads and more than 850 contributors. Founder Bereket Engida and the core team are joining Vercel to continue their work on Better Auth and agent identity.Better AuthTypeScript authentication libraryLast year, we behind Next.js, AI SDK, and Nuxt: software that's open by default, loosely coupled, and portable to any platform.published our approachBetter Auth applies it to authentication: framework-agnostic,
1日前
記事のアイキャッチ画像
sqlite-utils 4.0rc4 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/sqlite-utils/releases/tag/4.0rc4">sqlite-utils 4.0rc4</a></p> <p>The last RC before the 4.0 stable release. Mainly <a href="https://github.com/simonw/sqlite-utils/issues/769#issuecomment-4900034150">implements feedback</a> from a detailed review by Claude Fable 5.</p> <p>Tags: <a href="https://simonwillison.net/tags/sqlite-utils">sqlite-utils</a>, <a h...
1日前
記事のアイキャッチ画像
PR TIMES は PHP Conference Japan 2026 に協賛・登壇します! ブログのファビコン PR TIMES 開発者ブログ
こんにちは。バックエンドエンジニアの筒井 (@tsuttsun_wind)です。PR TIMESは、PHP Conference Japan 2026 にゴールドスポンサーとして協賛します。 PHP Conference […]
2日前
記事のアイキャッチ画像
「Tech-Verse 2026」Keynote LINEヤフー Tech Blog (LY Corporation Tech Blog
2026年6月29日、LINEヤフーグループ最大の技術カンファレンス「Tech-Verse 2026」が開催されました。ここではKeynoteをアーカイブ動画と書き起こしテキストでご紹介します。アーカ...
2日前
記事のアイキャッチ画像
AWS DevOps Agentの新機能カスタムエージェントで週次SREレポートをつくる ブログのファビコン CyberAgent Developers Blog | サイバーエージェント デベロッパーズブログ
本記事は、DevOps Agentの新機能のカスタムエージェントをつかって週次のSREレポートをつく ...
2日前
記事のアイキャッチ画像
Gemini Embedding 2で作るネイティブマルチモーダルRAG ブログのファビコン CyberAgent Developers Blog | サイバーエージェント デベロッパーズブログ
本記事では、この「ネイティブ」なマルチモーダル埋め込みを活用したRAGの構築方法を解説します。
2日前
記事のアイキャッチ画像
More granular observability for Vercel Sandbox ブログのファビコン Vercel News
observability now includes detailed resource metrics, giving you deeper visibility into how your sandboxes consume compute and networking.Vercel SandboxFrom the in your dashboard, you can now monitor:Observability tabEach metric can be grouped by Sandbox Name and Sandbox Session ID, so you can drill down from aggregate usage to the individual sandbox responsible.You can also query and visualize metrics via the Vercel CLI:Metrics are available at both the team and project level and align directly
2日前
記事のアイキャッチ画像
Better Auth is joining Vercel ブログのファビコン Better Auth Blog
Better Auth is joining Vercel. We're joining to accelerate our work on open-source auth and securing agent workflows.
2日前
記事のアイキャッチ画像
Give your eve agent GitHub tools ブログのファビコン Vercel News
now ships an toolset through the new subpath. One file in can register every GitHub tool, or use a preset such as , so you can build a complete GitHub agent in nine lines of code.GitHub Toolseve@github-tools/sdk/eveagent/tools/maintainerGet started by following the .knowledge base guideRead more Every write tool, such as , requires approval unless you opt out. Gate individual tools with , , or an input-dependent predicate; pauses survive restarts and deploys.Safe by default:mergePullRequestalway
2日前
記事のアイキャッチ画像
tencent/Hy3 Simon Willison's Weblog
<p><strong><a href="https://huggingface.co/tencent/Hy3">tencent/Hy3</a></strong></p>New Apache 2.0 licensed model from Tencent in China:</p><blockquote><p>Hy3 is a 295B-parameter Mixture-of-Experts (MoE) model with 21B active parameters and 3.8B MTP layer parameters, developed by the Tencent Hy Team. Following the Hy3 Preview launch in late April, we gathered feedback from 50+ products and scaled up post-training with higher quality data. To...
2日前
記事のアイキャッチ画像
Git 感覚で AWS / Google Cloud / Azure のシークレットを管理できる CLI/GUI ツール「suve」を作った ブログのファビコン ゆめみのフィード
はじめにAgentic AI 全盛期の昨今,コードを書くのも,テストを書くのも,リファクタリングするのも,かなりの部分を AI に任せられるようになりました。ところが,そんな時代においても シークレットや設定値の管理だけは,いまだに手作業でクラウドコンソールをぽちぽちするのが普通 ではないでしょうか?AWS マネジメントコンソールにログインして,SSM Parameter Store の画面を開いて,該当のパラメータを探して,「編集」ボタンを押して,テキストエリアに値を貼り付けて,保存する「あれ,この値いつ誰が変えたんだっけ?前の値なんだったっけ?」となっても,履歴画面は貧弱...
2日前
記事のアイキャッチ画像
Predicting MongoDB ObjectId() continuously in Rocket.Chat ブログのファビコン Aikido Security's Blog
Aikido's AI pentester found this file-access flaw in Rocket.Chat. A closer look at MongoDB's ObjectId() showed the weak randomness that makes it exploitable.Category: Vulnerabilities & Threats
2日前

7/6 (月)

記事のアイキャッチ画像
Getting Started with Anchor Positioning ブログのファビコン Josh Comeau's blog
For decades, one of the most notoriously-challenging problems on the web has been sticking one element to another element, for things like tooltips and nested menus. The CSSWG has decided to provide a first-class solution to this problem, and it’s pretty friggin’ cool! In this tutorial, I’ll share the most useful parts I’ve found from this modern CSS feature.
2日前
記事のアイキャッチ画像
Your Worker can now have its own cache in front of it ブログのファビコン The Cloudflare Blog
We are launching Workers Cache, a regionally tiered cache that sits directly in front of your Worker entrypoints. Infinitely composable, configured via standard HTTP headers
2日前
記事のアイキャッチ画像
sqlite-utils 4.0rc3 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/sqlite-utils/releases/tag/4.0rc3">sqlite-utils 4.0rc3</a></p> <p>I hoped to release <code>sqlite-utils 4.0</code> stable this weekend, but as I worked through the backlog of issues and PRs with a combination of Claude Fable 5 and GPT-5.5 the changelog since rc2 <a href="https://sqlite-utils.datasette.io/en/latest/changelog.html#rc3-2026-07-05">kept getting bigger</a>...
2日前
記事のアイキャッチ画像
Node.js Considers Public Workflow for Security Reports Amid AI-Driven Surge ブログのファビコン Socket
Node.js is debating whether AI-driven security report volume warrants moving more vulnerability reports into public workflows.
3日前
記事のアイキャッチ画像
レガシープロジェクトからAI主導型プロジェクトへの転換、AXロードマップ LINEヤフー Tech Blog (LY Corporation Tech Blog
はじめに「AIを導入すれば生産性が上がるらしいが、私たちのチームはどこから手をつければいいのだろう?」と悩んだことはありませんか?既存のレガシープロジェクトをAI主導型プロジェクト(AI-driven...
3日前
記事のアイキャッチ画像
ヤフーのiOSアプリにおけるローカル認証を活用した独自のデバイス認証からパスキー認証への移行対応 LINEヤフー Tech Blog (LY Corporation Tech Blog
こんにちは。Yahoo! ID連携のiOS SDKの開発・運用を担当している矢倉です。現在、多くのヤフーのiOSアプリでは、ローカル認証を活用した独自のデバイス認証による再認証機能を搭載しています。こ...
3日前
記事のアイキャッチ画像
Keep Shipping Through Docker Hub Outages and Rate Limits ブログのファビコン Nx Blog
Docker Hub outages and 429 Too Many Requests rate limits break CI pipelines. A read-through cache is the fix the infrastructure vendors recommend, and Nx Cloud offers it for your agents.
3日前

7/5 (日)

記事のアイキャッチ画像
sqlite-utils 4.0rc2, mostly written by Claude Fable (for about $149.25) Simon Willison's Weblog
<p>I wrote about the <a href="https://simonwillison.net/2026/Jun/21/sqlite-utils-40rc1/">sqlite-utils 4.0rc1</a> release a couple of weeks ago. Since we only have Claude Fable on our Max subscriptions for a few more days, I decided to see if it could help me get to a 4.0 stable release that I felt truly comfortable about, since I try to keep to <a href="https://semver.org">SemVer</a> and like my incompatible major versions to be as rare as possible.</p><p&...
4日前
記事のアイキャッチ画像
sqlite-utils 4.0rc2 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/sqlite-utils/releases/tag/4.0rc2">sqlite-utils 4.0rc2</a></p> <p>See <a href="https://simonwillison.net/2026/Jul/5/sqlite-utils-fable/">sqlite-utils 4.0rc2, mostly written by Claude Fable (for about $149.25)</a>.</p>
4日前
記事のアイキャッチ画像
moon v2.4 - Task checks, Ruby toolchain, storage APIs, and much more ブログのファビコン moonrepo Blog
This release is all about control and trust. We're giving tasks a way to gate, skip, and
4日前
記事のアイキャッチ画像
pnpm 11.10 ブログのファビコン pnpm Blog
pnpm 11.10 adds the _auth setting for CI-friendly registry authentication, new pnpm prefix and pnpm issues commands, and the ability for pnpm self-update to install pnpm v12 (the Rust port). It also improves pnpm up accuracy, speeds up resolution against registries that ignore abbreviated metadata, and hardens global package management, pnpm deploy, and pnpm pack-app.
4日前
記事のアイキャッチ画像
Building a World Map with only 500 bytes Simon Willison's Weblog
<p><strong><a href="https://www.experimentlog.com/blog/building-a-world-map-with-only-500-bytes">Building a World Map with only 500 bytes</a></strong></p>Iwo Kadziela (assisted by Codex) figured out a way to generate a credible ASCII world map using 445 bytes of data:</p><p><img alt="A map of the world rendered as black asterisk ASCII characters, it looks very good" src="https://static.simonwillison.net/static/2026/world-map-ascii.png" />&lt...
4日前
記事のアイキャッチ画像
Better Models: Worse Tools Simon Willison's Weblog
<p><strong><a href="https://lucumr.pocoo.org/2026/7/4/better-models-worse-tools/">Better Models: Worse Tools</a></strong></p>Armin reports on a weird problem he ran into while hacking on Pi:</p><blockquote><p>The short version is that newer Claude models sometimes call Pi’s edit tool with extra, invented fields in the nested <code>edits[]</code> array. And not Haiku or some small model: Opus 4.8. The edit itself is usually correc...
4日前

7/4 (土)

記事のアイキャッチ画像
Safari MCP サーバーでエージェントが Safari ブラウザを操作できるようにする ブログのファビコン azukiazusa のテックブログ2
Web アプリケーションの開発には実ブラウザでの動作確認が必要不可欠です。Playwright CLI や chrome-devtools-mcp などエージェント向けのブラウザ操作ツールは多くが Chromium に依存しています。Safari Technology Preview 247 の MCP サーバーは、エージェントを Safari に接続し操作できるようにします。
4日前
記事のアイキャッチ画像
AI SDK の MCP Apps 対応でインタラクティブな UI を返す ブログのファビコン azukiazusa のテックブログ2
AI SDK の v7 では MCP Apps 対応が追加されました。AI モデルはツールを呼び出す際に `ui://` リソースが紐付けられていれば、アプリケーション側でその UI をサンドボックス化された環境でレンダリングすることができます。この記事では AI SDK の MCP Apps 対応を試してみた内容を紹介します。
4日前
記事のアイキャッチ画像
Authentication Bypass in the default configuration phpBB ブログのファビコン Aikido Security's Blog
Our AI pentest agents found a critical phpBB auth bypass (CVE-2026-48611): one unauthenticated request logs you into any account. See the exploit and the fix.Category: Vulnerabilities & Threats
5日前
記事のアイキャッチ画像
Open Source AI Gap Map Simon Willison's Weblog
<p><strong><a href="https://map.currentai.org">Open Source AI Gap Map</a></strong></p><a href="https://www.currentai.org">Current AI</a> is "a global partnership building a public option for AI", founded as a non-profit at the AI Action Summit in Paris in February 2025 and backed by serious capital ($400m already committed).</p><p>They <a href="https://www.currentai.org/blogs/introducing-the-gap-map-v0-1">launched their Gap Map&l...
5日前
記事のアイキャッチ画像
Quoting Josh W. Comeau Simon Willison's Weblog
<blockquote cite="https://bsky.app/profile/joshwcomeau.com/post/3mkxyqgrp2d2t"><p>I just launched my third course, Whimsical Animations, and so far, it’s on track to sell roughly ⅓ as many copies as a typical course launch.</p><p>It’s a similar story with my two existing courses. Sales are down significantly from last year.</p><p>There are likely a lot of reasons for this, but I think the biggest is AI. There’s sort of a double whammy with AI:</p><ol...
5日前
記事のアイキャッチ画像
Fable's judgement Simon Willison's Weblog
<p>One of the most interesting tips I got from <a href="https://www.ai.engineer/worldsfair/schedule?session=asn_slot_2026_06_30_main_stage_1230_2026_06_08t09_35_43_039z">the Fireside Chat</a> I hosted with Cat Wu and Thariq Shihipar from the Claude Code team at AIE on Wednesday was to let Fable (and to a certain extent Opus) use their own judgement rather than dictating how they should work.</p><p>The example they gave was testing. You can tell Fable "only use auto...
5日前

7/3 (金)

記事のアイキャッチ画像
June 2026 newsletter Simon Willison's Weblog
<p>The June edition of my <a href="https://github.com/sponsors/simonw/">sponsors-only monthly newsletter</a> is out. If you are a sponsor (or if you start a sponsorship now) you can <a href="https://github.com/simonw-private/monthly/blob/main/2026-06-june.md">access it here</a>.</p><p>This month:</p><ul><li>Claude Fable 5, GPT-5.6, and US export restrictions</li><li>GLM-5.2 is the new best open weights model</li><l...
5日前
記事のアイキャッチ画像
The Field Guide to Grid Lanes ブログのファビコン Master.dev Blog RSS Feed
The WebKit gang did a good job with The Field Guide to Grid Lanes showcasing what kind of layouts are now achievable with display: grid-lanes;. Basically: Masonry layout, with arbitrary column widths, and proper tabbing order, is now progressive-enhanceable and HTML/CSS only.
5日前
記事のアイキャッチ画像
Users Don’t Need More Tools: They Need Seamless Integrations ブログのファビコン Articles on Smashing Magazine — For Web Designers And Developers
A closer look at why users don’t need more tools in their daily lives. What they need are seamless integrations of useful features to match already existing, established mental models. Brought to you by Design Patterns For AI Interfaces, **friendly video course on UX** and design patterns by Vitaly.
5日前
記事のアイキャッチ画像
The Index: Issue #189 ブログのファビコン Piccalilli - Everything
Fixing full-bleed CSSA rather deep dive into how some of the newer CSS can make this age old pattern even better.Where’s the holistic AI productivity data?It’s hard to find anything other than anecdata from individuals telling us how AI has made them individually more productive. If AI really was creating measurable improvements in productivity across entire organisations, wouldn’t we be seeing that data?[nods]The Goldilocks customizable select heightEven the new custom <select> capabiliti...
5日前
記事のアイキャッチ画像
Vercel Sandbox now supports FUSE-based filesystems ブログのファビコン Vercel News
now supports FUSE, letting you mount remote storage and custom filesystems inside a running Sandbox. Use it to attach S3 buckets, network filesystems, or any other FUSE-compatible driver as a regular path.Vercel SandboxThis makes it possible to stream large datasets directly from object storage, share state across Sandboxes through a common filesystem, or run tools that expect POSIX paths against remote sources without copying data into the Sandbox first.Learn more about in the documentation.rem
6日前
記事のアイキャッチ画像
You have been invited to the 0xInsider.com Discord server! ブログのファビコン Trevor I. Lasn, Building 0xinsider
Join the 0xInsider.com Discord community — talk markets, odds, and predictions with fellow prediction market traders in real time.
6日前
記事のアイキャッチ画像
Manage Vercel Flags segments with Vercel CLI ブログのファビコン Vercel News
segments can now be managed from the with the new command.Vercel FlagsVercel CLIvercel flags segmentsA segment is the targeting primitive a flag uses to decide who sees what. Membership composes from three repeatable tokens: , , and . Pass them to or for incremental edits. For full replacement, takes the entire segment definition as raw JSON.include:exclude:rule:--add--remove--dataAll segment commands support output, making them scriptable from CI, local workflows, and agent-driven pipelines tha
6日前
記事のアイキャッチ画像
Agent Runs now available in the Vercel MCP and CLI ブログのファビコン Vercel News
Your agent can now inspect via the Vercel MCP and CLI for , the open-source agent framework.Agent Runseveeve traces are automatically ingested when deployed to Vercel and available as Agent Runs. The new and let you find projects with runs, list recent runs, and retrieve full traces, including reasoning, tool calls, and token usage.Vercel MCP toolsVercel CLI commandsVercel MCP tools:Vercel CLI commands:Every CLI subcommand supports for machine-readable output, and traces render as markdown when
6日前
記事のアイキャッチ画像
StepSecurity Maintained Actions Are Now Free for Public Repos ブログのファビコン Step Security Blog
StepSecurity Maintained Actions are now free for public repos. Secure, drop-in replacements for risky third-party GitHub Actions, reviewed and actively maintained.
6日前
記事のアイキャッチ画像
10 Layers Deep: How StepSecurity Stops TeamPCP's Trivy Supply Chain Attack on GitHub Actions ブログのファビコン Step Security Blog
TeamPCP weaponized 76 Trivy version tags overnight. The KICS attack followed the same playbook days later. One security control is not enough. Here is how the StepSecurity platform's ten independent security layers work together to prevent credential exfiltration, detect compromised actions at runtime, and respond to incidents across your entire organization before attackers can succeed.
6日前
記事のアイキャッチ画像
llm-coding-agent 0.1a0 Simon Willison's Weblog
<p><strong>Release:</strong> <a href="https://github.com/simonw/llm-coding-agent/releases/tag/0.1a0">llm-coding-agent 0.1a0</a></p> <p>Another Fable 5 experiment. Now that my <a href="https://llm.datasette.io/">LLM library</a> has evolved into more of an agent framework it's time to see what a simple coding agent would look like built on it.</p><p>I started a <a href="https://github.com/simonw/llm-coding-agent/tree/2466fa03ba8...
6日前
記事のアイキャッチ画像
Using DSPy to evaluate and improve Datasette Agent's SQL system prompts Simon Willison's Weblog
<p><strong>Research:</strong> <a href="https://github.com/simonw/research/tree/main/dspy-datasette-agent-prompts#readme">Using DSPy to evaluate and improve Datasette Agent's SQL system prompts</a></p> <p>One of this morning's AIE keynotes covered <a href="https://github.com/stanfordnlp/dspy">dspy</a>, which reminded me I've been meaning to see if it could help me improve the system prompt used by <a href="https://agent.datasette....
6日前
記事のアイキャッチ画像
Cloudflare Workers and Hyperdrive with TanStack Start ブログのファビコン Master.dev Blog RSS Feed
In Part 2 of the series on using Cloudflare with Web Apps, the focus is on setting up a database and addressing key issues like performance and connection management.
6日前
記事のアイキャッチ画像
Understand to participate Simon Willison's Weblog
<p>I saw Geoffrey Litt speak at <a href="https://www.ai.engineer/worldsfair/2026">AIE</a> yesterday, and one framing he used particularly resonated with me:</p><p><strong>Understand to participate</strong></p><p>Geoffrey was talking about the challenge of collaborating with coding agents as they construct increasingly large and sophisticated changes, and the need to avoid taking on <a href="https://simonwillison.net/tags/cognitive-debt/"&...
6日前
記事のアイキャッチ画像
Toolbox App 3.6: Smarter Storage Cleanup, Windows installation diagnostics, and More ブログのファビコン Company | The JetBrains Blog
Toolbox App 3.6 gives you better control over local storage and makes Windows installation failures easier to diagnose. Clean up removable Toolbox App data from Settings The Toolbox App now shows how much removable data it can safely clean up, providing a breakdown for the download cache, previous versions, temporary leftovers, and leftover tool directories. […]
6日前
記事のアイキャッチ画像
How GitHub used secret scanning to reach inbox zero ブログのファビコン The GitHub Blog
GitHub had 20,000+ secret scanning alerts across 15,000 repositories. Here's how we separated signal from noise, built remediation workflows, and reached inbox zero in nine months.The post How GitHub used secret scanning to reach inbox zero appeared first on The GitHub Blog.
6日前

7/2 (木)

記事のアイキャッチ画像
AI Pentesting for Compliance ブログのファビコン Aikido Security's Blog
Learn which compliance frameworks accept AI pentesting Category: Compliance
6日前
記事のアイキャッチ画像
Personal website redesign project post: Rendering AT protocol posts on my /feed ブログのファビコン Piccalilli - Everything
I'm again, going to be doing a lot of the same sort of work I did for the WordPress integration, but as this is the first iteration of the AT protocol, it's going to be a lot simpler than that.Just like with the WordPress integration, I used Astro's pagination capabilities to build a paginated "feed" of posts, to satisfy the "Basic rendering of my AT protocol posts" part of the core features I outlined at the beginning of this series.Let's get stuck into that bit first. I created a pages/feed/[.
6日前
記事のアイキャッチ画像
Matching AI Modality To User Intent: Designing The Right Interface ブログのファビコン Articles on Smashing Magazine — For Web Designers And Developers
We’ve fallen into conversational tunnel vision, defaulting every AI capability into a chat-based interface simply because LLMs are trained on dialogue data. But great UX is about matching modality to users’ context, intent, and cognitive load, so the interface adapts to the user, not the other way around.
6日前
記事のアイキャッチ画像
生成AIの利活用事例に関するLT会を開催しました! Hacking Fest 2026 Spring 開催レポート LINEヤフー Tech Blog (LY Corporation Tech Blog
2026年5月某日、生成AI利活用を推進する有志による「Hacking Fest 2026 Spring」が開催されました。Hacking Festとは?Hacking Festは、ゴールデンウィーク...
7日前
記事のアイキャッチ画像
理論をどう実運用に乗せるのか。メディア領域のレコメンド最適化で問われる、実装可能性と事業価値への翻訳 LINEヤフー Tech Blog (LY Corporation Tech Blog
レコメンドや最適化の仕事は、モデルの精度を上げることだと思われがちです。しかし、実サービスではそれだけで価値になるとは限りません。ユーザー体験を良くしたい。セッション数を伸ばしたい。広告収益も維持した...
7日前
記事のアイキャッチ画像
Changelog - July 2, 2026 ブログのファビコン Val Town Blog
Townie 5x cheaper, HTTP analytics, scoped blob, agent plugin, ...
7日前
記事のアイキャッチ画像
Announcing Vite+ Beta ブログのファビコン VoidZero
TL;DR: Vite+ is now in beta. It unifies the runtime, package manager, and frontend tools every web project needs behind one fast, consistent workflow. Start a new project with vp create, or adopt it in an existing project with vp migrate.
7日前
記事のアイキャッチ画像
Electron 43 ブログのファビコン Electron Blog
Electron 43 has been released! It includes upgrades to Chromium 150.0.7871.46, V8 15.0, and Node v24.17.0.
7日前
記事のアイキャッチ画像
Routing rules now available on AI Gateway ブログのファビコン Vercel News
now supports .Vercel AI Gatewayrouting rulesRouting rules are firewall-style rules that control which models your team can use, applied at the gateway level instead of in your application code.When a model goes down or gets retired, you usually have to ship a code change to move off it. With routing rules, you push one rule and every request reroutes instantly. There are two types:Rules apply to every request made with your team's AI Gateway credentials. You manage them with the .Vercel CLICreat
7日前
記事のアイキャッチ画像
Introducing the Safari MCP server for web developers ブログのファビコン WebKit
In Safari Technology Preview 247, we’re introducing the Safari MCP server — a Model Context Protocol server for web developers that makes your web development and debugging workflow faster and more powerful.
7日前
記事のアイキャッチ画像
Release Notes for Safari Technology Preview 247 ブログのファビコン WebKit
Safari Technology Preview Release 247 is now available for download for macOS Golden Gate and macOS Tahoe.
7日前
記事のアイキャッチ画像
Totally Free Course: Claude Code ブログのファビコン Master.dev Blog RSS Feed
Lydia Hallie from Anthropic spends a couple of hours with us, helping us level up what we’re doing with Claude Code. Learn to customize Claude Code for your codebase, using CLAUDE.md, plan mode, and permissions that adhere to your team’s standards. Build reusable skills tailored to your processes and wire up hooks so Claude behaves […]
7日前
記事のアイキャッチ画像
The Missing Governance Layer in AI Document Editing ブログのファビコン CKEditor Ecosystem Blog
Frontier AI models corrupt around 25% of content in long edits. See how an enterprise AI governance layer makes every AI change reviewable.
7日前
記事のアイキャッチ画像
Secure internal communication between services (beta) ブログのファビコン Vercel News
Service Bindings make it easy for one Vercel service to securely call another within the same deployment.When a service declares a binding for another service, Vercel automatically injects the configured environment variable. That means user code can fetch that URL normally, while Vercel handles the internal rewrite, routing, authentication, and TLS behind the scenes.This enables multi-service applications on Vercel, like a Next.js frontend calling a FastAPI backend, while preserving service iso
7日前
記事のアイキャッチ画像
Secure Registry now tells you which machine pulled a compromised package ブログのファビコン Step Security Blog
Secure Registry now traces every npm and PyPI install back to the developer machine or CI pipeline behind it, so you can scope a compromised package in minutes.
7日前
記事のアイキャッチ画像
Multiple @immobiliarelabs Backstage Plugins Compromised on npm ブログのファビコン Step Security Blog
Compromised versions run a malicious payload at npm install time through a binding.gyp node-gyp hook, harvesting credentials from sources like GitHub Actions secrets, cloud provider keys, and package registry tokens, while trying to persist in AI coding assistant configs. Static analysis of version 2.1.2 against the clean 2.1.1 release revealed a new 5 MB index.js and an added binding.gyp, both absent from earlier releases.
7日前
記事のアイキャッチ画像
Maven Support Comes to GitHub Checks and OSS Package Search ブログのファビコン Step Security Blog
StepSecurity now supports Maven in GitHub Checks and OSS Package Search, blocking compromised and freshly published Java dependencies in your pull requests.
7日前
記事のアイキャッチ画像
Mass npm Supply Chain Attack: 20 Leo Platform Packages Compromised ブログのファビコン Step Security Blog
On June 24, 2026, an attacker published malicious versions of 20 npm packages belonging to the Leo Platform ecosystem in a coordinated burst spanning less than three seconds. All 20 packages carry an identical CI/CD attack toolkit that steals secrets from GitHub Actions runners, cloud credential stores, package registries, and password managers, then exfiltrates them via the victim's own GitHub token. Together these packages receive approximately 13,600 downloads per week.
7日前
記事のアイキャッチ画像
simonecorsi/mawesome GitHub Action has been compromised ブログのファビコン Step Security Blog
On June 24, 2026, an attacker compromised the simonecorsi/mawesome GitHub repository. They force-pushed malicious commits and repointed several version tags to that commit. As a result, any workflow running against those tags after that time executed the attacker's code inside its GitHub Actions runner.
7日前
記事のアイキャッチ画像
codfish/semantic-release-action GitHub Action has been compromised ブログのファビコン Step Security Blog
On June 24, 2026, an attacker compromised the codfish/semantic-release-action GitHub repository. At 15:39:06 UTC they force-pushed a malicious commit and repointed several version tags to that commit. As a result, any workflow running against those tags after that time executed the attacker's code inside its GitHub Actions runner.
7日前
記事のアイキャッチ画像
15 Malicious JetBrains Plugins Stole AI API Keys from 70,000 Developers ブログのファビコン Step Security Blog
A coordinated 8-month supply chain attack planted credential-stealing code inside fake AI coding assistants on the JetBrains Marketplace, quietly exfiltrating OpenAI, DeepSeek, and SiliconFlow API keys to an attacker-controlled server in Beijing -- which our investigation found still operational today.
7日前
記事のアイキャッチ画像
PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems ブログのファビコン Socket
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.
7日前