Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Category: Development

PHP Security Audit Reveals and Patches Multiple Vulnerabilities

2025-04-14
PHP Security Audit Reveals and Patches Multiple Vulnerabilities

The PHP Foundation announces the completion of a comprehensive security audit of the PHP source code (php/php-src), commissioned by the Sovereign Tech Agency and conducted by Quarkslab. The two-month audit uncovered 27 issues, 17 of which had security implications, including four vulnerabilities assigned CVEs. These vulnerabilities have been addressed, and users are urged to upgrade to the latest PHP versions. The audit highlighted the overall high quality of the php/php-src project and underscores the PHP Foundation's commitment to enhancing PHP's security and reliability.

(thephp.foundation)
Development Vulnerability Patches

DIY Nissan LEAF Battery Widget: A Clever Hack Using GitHub Actions and IFTTT

2025-04-14
DIY Nissan LEAF Battery Widget: A Clever Hack Using GitHub Actions and IFTTT

Frustrated by the lack of a battery status widget in Nissan's official app and the unavailability of third-party alternatives, the author devised a clever workaround. By ingeniously combining GitHub Actions, IFTTT, and Apple Shortcuts, they created a free solution. A scheduled GitHub Actions workflow retrieves data, sends an email, and IFTTT transforms the email content into an iPhone home screen widget displaying the LEAF's battery level. While not perfect, this successful hack avoids the cost of additional hardware or subscriptions, showcasing the author's creativity and technical prowess.

(kevintechnology.com)
Development

Local CI for GitHub: Ditch the Cloud, Embrace Your Dev Machine

2025-04-14
Local CI for GitHub: Ditch the Cloud, Embrace Your Dev Machine

Tired of slow, expensive, and rented cloud CI? `gh-signoff`, a GitHub CLI extension, brings CI back in-house! Run your tests locally, sign off when they pass (using `gh signoff`), and get that green GitHub commit status without the hassle. Say goodbye to complex merge queues and deployment pipelines – simplicity and control are yours.

(github.com)
Development Local CI

Transformer Lab: Run LLMs Locally, No Code Required

2025-04-14
Transformer Lab: Run LLMs Locally, No Code Required

Transformer Lab is an open-source platform that empowers anyone to build, tune, and run Large Language Models (LLMs) locally without writing a single line of code. Supporting hundreds of popular models like Llama 3 and Phi 3, it works across various hardware including Apple Silicon and GPUs, offering RLHF and diverse preference optimization techniques. Users interact with models via an intuitive interface for fine-tuning, evaluation, and RAG, supporting multiple inference engines, plugins, and model conversions. Accessible on Windows, macOS, and Linux, it allows developers to integrate LLMs into their products without needing Python or machine learning expertise.

(transformerlab.ai)
Development Local Execution

Docker Model Runner: Streamlining Local AI Model Execution

2025-04-14
Docker Model Runner: Streamlining Local AI Model Execution

Docker launched Model Runner, a tool designed to simplify running and testing AI models locally. It tackles the challenges developers face with fragmented tooling, hardware compatibility issues, and disconnected workflows when working with AI models locally. Model Runner integrates a llama.cpp-based inference engine, supports GPU acceleration on Apple silicon, and utilizes OCI Artifacts for standardized model packaging, enabling easy sharing and version control. Furthermore, Docker has partnered with companies like Google and Hugging Face to provide a rich ecosystem of models and tools, making local AI development significantly easier.

(www.docker.com)
Development

arXivLabs: Experimental Projects with Community Collaboration

2025-04-14
arXivLabs: Experimental Projects with Community Collaboration

arXivLabs is a framework enabling collaborators to develop and share new arXiv features directly on the website. Individuals and organizations involved embrace arXiv's values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only partners with those who share them. Got an idea for a valuable community project? Learn more about arXivLabs.

(arxiv.org)
Development

Taming Your Amnesiac LLM Coding Assistant: The Ultimate Cursor Rules Trick

2025-04-14
Taming Your Amnesiac LLM Coding Assistant: The Ultimate Cursor Rules Trick

Using LLMs like Cursor for coding is fantastic, but they have a quirk: they forget everything between sessions. This means constantly reminding the AI about your coding conventions, project structure, and preferences. The solution? A meta-rule. Create a template rule that guides the AI in creating other, project-specific rules. This systematizes your knowledge transfer, saving time and ensuring consistency across your projects. This small upfront investment in creating a meta-rule pays off massively in the long run.

(www.adithyan.io)
Development

Vertical Sharding: A Nightmare?

2025-04-13
Vertical Sharding: A Nightmare?

The author recounts their experience with vertical sharding (functional sharding), highlighting its pitfalls. While it alleviates database load, it fragments the application, forcing the application layer to handle joins and queries that should be handled by the database. This significantly increases code complexity and maintenance overhead, and reduces system availability. Using humor and an uptime formula, the author shows how vertical sharding lowers system stability, ultimately delaying product roadmaps and demoralizing engineers. The article concludes by introducing PgDog, an open-source project aiming to solve Postgres sharding.

(pgdog.dev)
Development vertical sharding

Model Context Protocol (MCP): A New Standard for Building Powerful LLM Applications

2025-04-13

This article introduces the Model Context Protocol (MCP), an open protocol for building enterprise-grade Large Language Model (LLM) applications. MCP solves the problem of a lack of standardization in integrating LLMs with enterprise tools, allowing frameworks like LangChain to seamlessly integrate with various data sources and tools such as databases and GitHub. The article details MCP's core components (MCP server, client, and host), installation setup, and Python hands-on demonstrations. These include building a LangChain application to calculate simple and compound interest using Ollama, and interacting with multiple MCP servers using both stdio and sse transport modes. With MCP, LLM applications can more effectively leverage enterprise data and tools for more powerful functionality.

(www.polarsparc.com)
Development Tool Integration MCP Protocol

GNU Radio: Open-Source Software Defined Radio Toolkit

2025-04-13

GNU Radio is a free and open-source software development toolkit that provides signal processing blocks to implement software-defined radios (SDRs). It can be used with readily-available, low-cost external RF hardware or without hardware in a simulation environment. Its modular, flowgraph-based framework and extensive library of processing blocks make it suitable for creating complex signal processing applications in research, industry, and hobbyist settings. While not a solution for specific hardware or radio standards out-of-the-box, it's highly adaptable for developing implementations of various communication standards.

(wiki.gnuradio.org)
Development

Lightweight GRPO Training: No Transformers, No vLLM

2025-04-13
Lightweight GRPO Training: No Transformers, No vLLM

This project implements a lightweight GRPO (Group Relative Policy Optimization) training framework, built almost from scratch, relying only on tokenizers and PyTorch. It improves upon the original algorithm by removing KL divergence and incorporating overlong episode filtering, enhancing training stability and GPU memory usage. The project trains the Qwen2.5-3B-Instruct model on the CountDown task, which requires generating a mathematical expression to reach a target value given a set of numbers. The model solves this by learning to generate chain-of-thought reasoning before the final answer, guided by format and answer rewards. The entire process is straightforward and reproducible, running on a single A40 GPU with minimal commands.

(github.com)
Development

Debugging a flaky test with BCC's `trace`

2025-04-13

While patching an open-source project, the author encountered intermittently failing tests. Using the `trace` utility from the BCC tools, kernel function calls of `touch_atime` were monitored. This revealed a background thread in the author's text editor, scanning project files and altering file access times, thus causing the erratic test failures. The case highlights the power of BCC tools for Linux kernel debugging and the value of deep system understanding.

(alexdowad.github.io)
Development kernel debugging BCC tools

EXWM: A Powerful Tiling Window Manager for Emacs

2025-04-13
EXWM: A Powerful Tiling Window Manager for Emacs

EXWM is a full-featured tiling X window manager for Emacs built on top of XELB. It's fully keyboard-driven, offers hybrid layout modes (tiling & stacking), dynamic workspace support, and ICCCM/EWMH compliance. Optional features include RandR (multi-monitor) support, a system tray, input method support, background setting, and an XSETTINGS server. Check out the screenshots and user guide for a complete overview and installation instructions!

(github.com)
Development

Odin Arena Allocators and Dynamic Arrays: Hidden Pitfalls

2025-04-13
Odin Arena Allocators and Dynamic Arrays: Hidden Pitfalls

Using arena allocators with dynamic arrays in Odin presents subtle pitfalls. Arenas efficiently manage allocations with the same lifetime, deallocating everything at once. However, dynamic arrays' growth mechanism leaves old memory blocks unfreed when using an arena allocator, leading to wasted memory. The article explains why: arena allocators don't support individual deallocations, and dynamic array growth creates a 'graveyard' of old blocks. Solutions include using the default allocator, pre-allocating maximum size, or employing a virtual growing arena. While the virtual growing arena prevents memory block movement, it's not immune to potential waste. The article concludes that if memory usage is highly dynamic, avoiding arena allocators is advisable.

(zylinski.se)
Development Arena Allocator Dynamic Array

Don't Sell Space on Your Home Server!

2025-04-13
Don't Sell Space on Your Home Server!

A tech worker from a medium-sized hosting company details the perils of turning your home server into a makeshift cloud service. The article highlights the need for additional hardware, faster internet, public IPs, a secure location, legal protection, and robust billing systems. It also stresses the challenges of handling customer support, data backups, security vulnerabilities, and compliance with regulations like GDPR and CCPA, along with mitigating risks like DDoS attacks and data breaches. Instead of risking legal and financial repercussions, the author suggests using excess computing power for personal needs, sharing with friends, or donating cycles to research projects.

(grumpy.systems)
Development home server risks

Gatehouse-TS: A Flexible, Zero-Dependency Authorization Library in TypeScript

2025-04-13
Gatehouse-TS: A Flexible, Zero-Dependency Authorization Library in TypeScript

Gatehouse-TS is a flexible, zero-dependency authorization library written in TypeScript, combining role-based (RBAC), attribute-based (ABAC), and relationship-based (ReBAC) access control policies. A port of the popular Rust Gatehouse library, it boasts a user-friendly API, supports policy composition with logical operators, offers detailed evaluation tracing for debugging, and provides a fluent builder API for creating custom policies. Its lightweight design and comprehensive documentation make it easily embeddable and adaptable to various projects.

(github.com)
Development Authorization Access Control

Fennel: A Lisp-like Enhancement for Lua

2025-04-13

Fennel is a programming language running on the Lua runtime. It leverages Lua's efficiency and lightweight nature while addressing some of Lua's shortcomings through Lisp-style syntax and improved design. Fennel employs a paren-first syntax, eliminating operator precedence ambiguity and early returns. Stricter variable management prevents accidental global variable use. Improvements include table notation, looping constructs, function argument checks, data structure destructuring, and pattern matching, enhancing code readability and maintainability. While Fennel offers a powerful macro system, it's often unnecessary. In short, Fennel provides a safer, cleaner way to program in Lua.

(fennel-lang.org)
Development

Linux Mint's Secret Weapon: Is LMDE 7 Poised to Take Over?

2025-04-13
Linux Mint's Secret Weapon: Is LMDE 7 Poised to Take Over?

Linux Mint is adding OEM support to LMDE 7, its Debian-based edition previously considered a mere emergency fallback. This unexpected move fuels speculation about Mint's future strategy. Some users are dissatisfied with Canonical's direction for Ubuntu, particularly regarding Snap packages and telemetry. LMDE, being pure Debian, avoids these issues. The addition of OEM support suggests LMDE might be groomed for a larger role, potentially even replacing the Ubuntu-based Mint as the primary distribution. The development is significant and could reshape the Linux desktop landscape.

(betanews.com)
Development

FreeDOS 1.4 Released: Stability Update for Legacy DOS PCs

2025-04-13
FreeDOS 1.4 Released: Stability Update for Legacy DOS PCs

FreeDOS, the open-source DOS successor, has released version 1.4, focusing on stability improvements. The update includes a revamped installer, updated versions of essential tools like fdisk and format, and an updated edlin text editor. A 'Floppy-Only Edition' caters to vintage systems, while a 'BonusCD' offers additional tools and the OpenGEM graphical interface.

(arstechnica.com)
Development

High-Performance Programming on Low-End Hardware: My Terminal Workflow

2025-04-13

The author shares their experience of efficient programming on underpowered hardware (e.g., Intel Celeron N4000 and Intel Atom x5-Z8350). The secret lies in a lightweight Linux distro (Arch Linux), a minimal window manager like i3wm, and a terminal text editor like Neovim with Alacritty terminal. This setup is resource-light and portable across various machines, providing a comfortable programming experience even on low-end or outdated hardware. Furthermore, the author advocates for lightweight programming ideals, minimizing dependencies to improve compile times and binary sizes.

(colean.cc)
Development

Rust Mutation Testing with cargo-mutants

2025-04-13
Rust Mutation Testing with cargo-mutants

cargo-mutants is a Rust tool that enhances code quality by generating mutant versions of your code to test its robustness. It identifies potential bugs missed by your existing tests, providing a different perspective than traditional code coverage tools. It focuses on whether tests actually verify code behavior, not just code reach. Easy to use and integrates with CI, it's actively maintained and promises future improvements, including new mutation types.

(github.com)
Development

Automating Bug Fixes with Multi-LLM Agent Clusters: Cheaper Than You Think

2025-04-13
Automating Bug Fixes with Multi-LLM Agent Clusters: Cheaper Than You Think

This post details a novel approach to automated bug fixing using multiple large language models (LLMs). By integrating Asana, the Aider coding agent, and a Sublayer agent, the system automatically triggers three LLMs (GPT-4o, Claude 3.5 Sonnet, and Gemini 2.0 Flash) to attempt fixing the same bug. Each attempt runs in a separate Git branch, resulting in multiple pull requests. This 'wasteful inference' approach proves surprisingly cheap and efficient, offering redundancy and diverse solutions. Even if one model fails, others might succeed, providing alternative approaches. This experiment showcases the potential of this multi-model, automated, low-cost bug fixing, hinting at a paradigm shift in future development.

(worksonmymachine.substack.com)
Development

Osprey: Your Browser's New Security Guard

2025-04-13
Osprey: Your Browser's New Security Guard

Osprey is a browser extension designed to protect you from malicious websites. It checks URLs against known threats and blocks access to harmful sites, displaying a warning if a malicious site is detected. Easily installable from the Chrome Web Store or Microsoft Edge Addons, Osprey also offers manual installation instructions. Customize protection settings and get support through the provided issue tracker.

(github.com)
Development malware protection

DragonFlyBSD's Next-Gen Disk Encryption: dm_target_crypt_ng

2025-04-13

DragonFlyBSD has a major update: dm_target_crypt_ng, a next-generation disk encryption implementation. Developer Michael Neumann re-engineered the DM-crypt code for improved performance and interactivity. The new version ditches opencrypto and cryptodev, opting for a simplified symmetric block cipher API and using two worker pools for efficiency. Currently supporting AES-CBC and AES-XTS, with plans to add Twofish and Serpent. This update significantly improves system responsiveness, providing a smoother disk encryption experience for DragonFlyBSD users. It's expected to become the default in the upcoming DragonFlyBSD 6.4 release.

(www.phoronix.com)
Development

A Personal Approach to Unix Package Management

2025-04-13

The author shares a clever method for managing personal software packages on Unix systems. They use a `~/lib/` directory tree to store software for different architectures, with each program installed in a separate, versioned subdirectory (e.g., `emacs-30.1`). A `~/bin/bin.` directory contains symbolic links or wrapper scripts pointing to these programs, allowing easy switching between versions. For tools like pipx and Cargo, the author keeps their default installation locations but creates links in `~/bin/bin.` to avoid path conflicts. This setup isn't perfect, but it's very useful for managing software unavailable through the system's package manager or that is too old.

(utcc.utoronto.ca)
Development software management

Go Channels: A Critical Re-evaluation

2025-04-13

A seasoned Go developer delivers a critical assessment of Go's channel mechanism. While acknowledging Go's theoretical grounding in CSP and its reliance on channels and goroutines, the author argues that their practical implementation suffers from several shortcomings. These include potential goroutine leaks, performance inferiority to traditional synchronization primitives, and complex interactions with other concurrency mechanisms. The author advocates for cautious channel usage, suggesting mutexes and callbacks as superior alternatives in many scenarios. Improvements to the channel system are proposed, such as enabling selection on condition variables and enhancing garbage collection to manage unused channels.

(www.jtolio.com)
Development channels

Whenever: Typed, DST-Safe Datetimes for Python

2025-04-13
Whenever: Typed, DST-Safe Datetimes for Python

Tired of Python's `datetime` pitfalls? Whenever offers typed, DST-safe datetime operations with unmatched performance, outpacing other third-party libraries and often the standard library itself. Choose between a high-performance Rust implementation or a pure Python version for ease of use. It addresses the standard library's shortcomings in DST handling and type checking, providing a clean API for writing correct datetime code.

(github.com)
Development datetime

Chonky: Intelligent Text Segmentation with Transformers

2025-04-13
Chonky: Intelligent Text Segmentation with Transformers

Chonky is a Python library that cleverly divides text into meaningful semantic chunks using a fine-tuned transformer model. This library is useful in Retrieval Augmented Generation (RAG) systems. It efficiently processes large texts, breaking them down into smaller, manageable pieces for easier analysis and processing. Example code demonstrates how to use Chonky to split a sample text into semantically coherent chunks.

(github.com)
Development text segmentation

ArcoLinux Creator Retires After 8 Years of Dedication

2025-04-13

After eight years of building and promoting the ArcoLinux project and fostering a vibrant Linux community, the creator is stepping down. His mission was to educate and empower Linux users, resulting in over 5,000 educational YouTube videos, tools like ArcoInstall, and countless hours of community support. Facing age-related energy challenges, he's choosing to retire at the project's peak, leaving a strong legacy for others to build upon. He plans to enjoy life and continue tinkering with Linux for personal enjoyment.

(www.arcolinux.info)
Development

Git @ 20: Linus Torvalds Reflects on its Journey

2025-04-13
Git @ 20: Linus Torvalds Reflects on its Journey

To celebrate Git's 20th anniversary, GitHub hosted a Q&A with Linus Torvalds. He recounted Git's origins, born out of necessity to solve the Linux kernel's version control chaos. Developed in just 10 days, the early version quickly evolved into an indispensable tool for software development worldwide. Despite initial difficulties, Git's adoption exploded. Linus admits his personal interest waned after his needs were met, quickly handing maintenance over to Junio Hamano. Today, Git's ubiquity presents new challenges, such as a surge in abandoned projects. Linus' focus remains on the ongoing development of the Linux kernel, with no immediate plans for new projects.

(news.itsfoss.com)
Development
← Previous 1 3 4 5 6 7 8 9 97 98