Webtagr - Technology News Summarizer

Deus Ex Speedrun Timer in D: A Game Hacking Journey

2025-07-12

Frustrated by the lack of suitable speedrun tools for Deus Ex on Linux, a speedrunner embarked on a project to create a custom timer in D. This article details the process, from initial failed attempts at finding a loading flag, to learning Linux system calls (ptrace and process_vm_readv), reverse engineering to locate suitable memory for code injection, and finally implementing the core timer functionality. The author shares experiences using D, and notes limitations such as incomplete exception handling and save-screen support.

(bradley.chatha.dev)

Development

Building a C Compiler with "Writing a C Compiler": A Step-by-Step Journey

2025-07-12

The author plans to work through "Writing a C Compiler" chapter by chapter, documenting their progress in blog posts. This book provides a step-by-step approach to building a C compiler, culminating in a working compiler by the end of chapter one, with additional features added in subsequent chapters. A comprehensive test suite is included, enabling thorough verification. The author highlights the book's excellent, incremental approach, comprehensive test suite, and focus on a real-world language (C), praising it as an exceptional resource for learning compiler construction.

(jollygoodsw.wordpress.com)

Development

Fabrication of a Superconducting Qubit Chip: A Detailed Process

2025-07-12

This paper details the fabrication process of a superconducting qubit chip, improving upon existing methods to enhance reproducibility. The process involves: using a 6-inch silicon wafer as substrate, sputtering a 200nm niobium film, photolithography and plasma etching to pattern the niobium, electron beam lithography to prepare Josephson junctions, aluminum deposition to form the junctions, and finally dicing and lift-off. The paper also describes the experimental setup for qubit characterization and measurement, including the cryogenic measurement system and signal processing chain. The fabricated Josephson junctions exhibited lower-than-expected critical currents, resulting in low EJ/EC ratios.

(www.nature.com)

Development superconducting qubit chip fabrication Josephson junction

Incus: A Next-Gen Container and VM Manager

2025-07-12

Incus is a next-generation system container, application container, and virtual machine manager offering a public cloud-like experience. Easily mix and match containers and VMs, sharing the same underlying storage and network. Image-based, supporting numerous Linux distributions, Incus scales from laptops to server racks, accommodating diverse storage and network types. Manage instances via command line, REST API, or third-party tools. Developed by many of the original LXD creators, Incus boasts a feature-rich design including security, scalability, event logging, and remote access. It supports system containers, application containers, and virtual machines.

(linuxcontainers.org)

Development system management

Critical Security Alert: Gravity Forms Plugin Supply Chain Attack

2025-07-12

Security researchers have uncovered a supply chain attack targeting the Gravity Forms WordPress plugin, with malicious code embedded in version 2.9.12. The attackers used backdoor functions, `update_entry_detail` and `list_sections`, to steal website information, create administrator accounts, and execute arbitrary code. The malicious code has been removed from the official download, and version 2.9.13 has been released. All Gravity Forms users are urged to update immediately and check their servers for malicious files and network requests.

(patchstack.com)

Development WordPress plugin

Introduction to Digital Filters with Audio Applications

2025-07-12

This comprehensive textbook provides a thorough introduction to digital filters and their applications in audio processing. Starting with the simplest lowpass filter, it progressively covers the theoretical foundations, design methods, and implementation techniques of various filter types, including linear time-invariant (LTI) filters, finite impulse response (FIR) filters, infinite impulse response (IIR) filters, and diverse filter structures and implementations. The book includes numerous Matlab and Faust code examples, along with rich audio application case studies, making it ideal for students and researchers in digital signal processing and audio engineering.

(ccrma.stanford.edu)

Development digital filters

Python's Dark Magic: Dict Unpacking Library

2025-07-12

A Python library called `dict-unpacking-at-home` provides dictionary unpacking, allowing you to unpack dictionaries directly like this: `{greeting, thing} = dct`. While cool, the author claims it's not a critical library and the current version breaks line numbers in stack traces. A fix exists, but at a cost... With almost a million downloads per month and 30M+ total downloads, many people are using this seemingly unreliable library.

(github.com)

Development dictionary unpacking dark magic

Deep Dive into CLR Garbage Collection

2025-07-12

This article provides a comprehensive overview of garbage collection (GC) within the Common Language Runtime (CLR). The GC acts as an automatic memory manager, handling memory allocation and release for managed code, freeing developers from manual memory management and preventing issues like memory leaks. It details core GC concepts, memory management principles, allocation and release processes, generational garbage collection strategies (Gen 0, 1, 2, and the Large Object Heap), trigger conditions, phase breakdowns, and handling unmanaged resources. The article explains how the GC optimizes memory usage by dividing the heap into generations based on object lifespan, improving efficiency by focusing on shorter-lived objects first.

(learn.microsoft.com)

Development

Reverse Proxy Deep Dive: Connection Management Challenges and Evolution

2025-07-12

This article delves into the inner workings of a reverse proxy and the complexities of connection management. From single-threaded to multi-threaded, multi-process, and event-driven architectures with socket sharding, reverse proxies have evolved significantly to handle high concurrency. The article details the advantages and disadvantages of various techniques, such as the efficiency of epoll in I/O multiplexing and the challenges of multi-threaded models with multi-core processors, and points out further complexities in supporting TLS and protocol diversity.

(medium.com)

Development connection management

Modularizing a Monolith with Elixir's Hot Code Reloading

2025-07-12

Alzo, an Elixir monolith deployed as one instance per client, leverages Elixir and Erlang VM's hot code loading for client-specific features. This avoids microservices' cascading failures and complex testing. Client-specific LiveView apps reside in `/alzo/lib/clients/apps`, dynamically loaded at startup. Client code is removed during the build process, preventing the main app from depending on runtime apps. Hot code upgrades are avoided for simplicity. This approach provides efficient development, maintainability, scalability, and the ability to easily refactor common functionalities from dynamic apps into the main codebase.

(lucassifoni.info)

Development Hot Code Loading Monolithic Application

Jank: Seamless C++ Interop in Clojure, Achieved by a Solo Dev

2025-07-12

Jank, a Clojure runtime, has made significant strides in achieving seamless interoperability with C++. Through manual memory management, enhanced type systems, and opaque boxes, the developer enables direct C++ code calls within Clojure. Real-world examples showcased include printing "Hello, world!" via C++ streams and parsing JSON files using the JSON for Modern C++ library. Future work focuses on packaging, distribution, bug fixes, and ultimately, an alpha release.

(jank-lang.org)

Development Interop

Simple Sonos Control for a 5-Year-Old using ESP32

2025-07-12

A father built a simple Sonos Play:1 speaker control system for his 5-year-old child. Using an M5Stack CardPuter v1.1 (ESP32S3) as a controller and Go for backend logic, the child can play or restart their favorite playlist with a button press. A green light indicates operational status. This is a fun, easy-to-use project highlighting simplicity and playful interaction.

(github.com)

Development Kids Project

Fighting Back Against Abusive Web Crawlers with Fake JPEGs

2025-07-12

The author developed a small web application called Spigot that generates fake web pages to confuse malicious web crawlers. Recently, a crawler called ImageSiftBot aggressively targeted it for images, despite Spigot lacking them. To counter this, the author cleverly exploits the structure of JPEG files, generating fake JPEGs filled with random data. This effectively wastes the crawler's resources while minimizing CPU load on the server. The approach is simple and efficient, requiring minimal code, and the generated images display correctly in most browsers.

(www.ty-penguin.org.uk)

Development malicious crawlers

Near-Catastrophic OpenZFS Bug Highlights the Power of Rust's Type System

2025-07-11

A subtle yet devastating bug in OpenZFS's core disk allocation function was recently discovered. The bug, a simple type error resulting in the wrong size being returned, could silently overwrite data. It took nearly two days to track down. While the bug wasn't present in any released version, it spurred reflection on the limitations of static analysis in C and the advantages of Rust's type system. Rust's ability to define custom types (like `PhysicalSize` and `AllocatedSize`) would have prevented this. The author argues that relying solely on programmer perfection is flawed; leveraging tools and language features to improve code quality and mitigate hard-to-detect, high-impact bugs is key.

(despairlabs.com)

Development

Red Hat Style Guide: A Deep Dive into Terminology

2025-07-11

This document meticulously outlines the standardized terminology used in Red Hat technical documentation. It covers a wide range of aspects, from software names (e.g., IBM S/390, Samba) to descriptions of security (avoiding vague terms like "secure" and requiring specific details on security features). The guide also standardizes abbreviations (e.g., SSH, SSL), command-line descriptions, and clarifies the proper usage of easily confused words (e.g., "since" vs. "because"). The overall aim is to ensure consistency and accuracy, enhancing readability and professionalism.

(stylepedia.net)

Development Technical Writing Style Guide

Cactus: Cross-Platform Framework for Local LLM Deployment

2025-07-11

Cactus is a cross-platform framework for deploying large language models (LLMs), vision language models (VLMs), and text-to-speech (TTS) models locally within your app. Supporting Flutter and React Native, it works with any GGUF model from Hugging Face (Qwen, Gemma, Llama, etc.), handling models from FP32 down to 2-bit quantization. Cactus provides MCP tool calls for enhanced AI functionality (reminders, image search, message replies), cloud model fallback for complex tasks, Jinja2-powered chat templates, and token streaming. Example code, performance benchmarks across various devices, and C++ backend are provided.

(github.com)

Development

Btrfs Performance Boost: Chunk Allocation with Device Roles

2025-07-11

A significant performance improvement is coming to the Btrfs filesystem! A new patch introduces a performance-based chunk allocation method using device roles, addressing the current imbalance caused by allocation based solely on free space. By defining five device roles (metadata_only, metadata, none, data, data_only) and prioritizing roles alongside remaining space, the system can intelligently assign faster devices to metadata and slower devices to data, significantly boosting read/write performance. This improvement avoids complex device speed measurements, leveraging the existing on-disk format for smarter, more efficient storage management.

(lwn.net)

Development

diffsitter: Semantic Code Diff Tool

2025-07-11

diffsitter is a code diff tool that generates semantically meaningful diffs by comparing the Abstract Syntax Trees (ASTs) of files, ignoring formatting differences. It supports numerous programming languages and offers features like configurable node filtering, terminal-friendly formatting, and detailed logging. Installation options include building from source, using pre-built binaries, and package managers.

(github.com)

Development code diff abstract syntax tree

eBPF and Container Runtimes: Connecting via the CRI

2025-07-11

This article explores how open-source eBPF projects connect with container runtimes (CRs) using the Container Runtime Interface (CRI) to enrich context with pod and container information. It details the connection process: locating the Unix socket file, establishing a gRPC connection using the CRI API, and querying information. Examples from Tetragon, crictl, and Tracee illustrate different approaches to connecting to the CR, including hardcoded default socket paths and runtime connection attempts. Finally, it demonstrates querying container information like cgroup paths using the CRI API, such as Tetragon's method for retrieving a container's cgroup path.

(h0x0er.github.io)

Development Container Runtime

AI Tools Slow Down Experienced Open-Source Developers: A Randomized Controlled Trial

2025-07-11

A randomized controlled trial (RCT) investigated the impact of early-2025 AI tools on the productivity of experienced open-source developers working on their own repositories. Surprisingly, developers using AI tools took 19% longer to complete tasks – AI made them slower. Researchers view this as a snapshot of current AI capabilities; they plan to continue this methodology to track AI acceleration from AI R&D automation. The study explores potential factors contributing to the slowdown and examines discrepancies between this RCT and other benchmarks and anecdotal evidence, highlighting the need for diverse evaluation methodologies to comprehensively assess AI capabilities.

(metr.org)

Development

Android's New Canary Channel: Continuous Early Access for Developers

2025-07-11

Google is replacing its Developer Preview program with a new Canary channel for Android, offering developers rolling updates throughout the year. This allows for earlier and more consistent access to experimental features and APIs. Unlike previous manual installations, Canary builds are delivered over-the-air and run concurrently with the beta program. While intended for testing and not daily use, Canary provides valuable early feedback, enabling developers to identify issues and test their apps continuously. Support is currently available for Pixel devices and the Android Studio Canary version.

(nerds.xyz)

Development Canary Channel Developer Preview

Hacker News Database Popularity: ClickHouse and DuckDB Surge

2025-07-11

An analysis of 18 years of Hacker News data reveals the surging popularity of open-source databases ClickHouse and DuckDB, while cloud-native databases see declining discussion. PostgreSQL maintains its strong presence, and SQLite stands out for high user engagement. The analysis uses headline counts and engagement metrics (comments and points) to show trends, highlighting the rise of open-source and analytical databases.

(camelai.com)

Development

AI Coding Tools: A 19% Productivity Drop for Experienced Developers

2025-07-11

A rigorous study of experienced developers using AI coding tools reveals a surprising 19% decrease in productivity, contradicting developers' self-reported expectation of a 20% increase. The study found that AI-generated code often failed to meet the high standards of mature, large-scale projects, leading to significant time spent reviewing and correcting the AI's output. This highlights the limitations of current AI coding tools, suggesting that their effectiveness is heavily dependent on project type, developer experience, and the maturity of the tools themselves.

(secondthoughts.ai)

Development

Visual Linear Algebra Blog: A Diagrammatic Approach to Linear Algebra

2025-07-11

This blog explores linear algebra through a visual, diagrammatic approach. It explains complex mathematical concepts in an accessible way, using illustrations to clarify challenging topics. The content spans from basic operations to advanced concepts like matrices, homomorphisms, and relations, all explained step-by-step with diagrams. The blog also announces an Applied Category Theory Research School and related research opportunities, making it valuable for students and researchers interested in linear algebra.

(graphicallinearalgebra.net)

Development visual mathematics

FOKS: Secure Data Access via Simple Key Hierarchy

2025-07-11

FOKS secures data access using a simple key hierarchy. Base-level keys include user device keys, backup keys, and YubiKeys. Each user has multiple per-user keys (PUKs) whose seed secrets are encrypted with all available base-level keys. Removing a base-level key rotates PUKs. Team keys (PTKs) function similarly, shared among team members (users or sub-teams) and encrypted with member keys. This hierarchy ensures only authorized devices, teams, and users can access data.

(foks.pub)

Development key management

HTTP Status Code Blog Series Starts with 100 Continue

2025-07-11

The author plans to write a series of articles on HTTP and web services, starting with each HTTP status code. The first article on 100 Continue has been published, with weekly updates planned for a year. This is a fun way to learn about HTTP and cultivate a regular writing habit.

(evertpot.com)

Development Web Services

LLM Inference in Production: The Definitive Guide

2025-07-11

This handbook tackles the fragmented knowledge surrounding LLM inference in production. It covers core concepts, performance metrics (like Time to First Token and Tokens per Second), optimization techniques (continuous batching, prefix caching), and operational best practices. Whether you're fine-tuning a small open model or running large-scale deployments, this guide helps make LLM inference faster, cheaper, and more reliable.

(bentoml.com)

Development inference production

Gemini API Gets a Batch Mode for High-Throughput Workloads

2025-07-11

Google's Gemini API now offers a batch mode, an asynchronous endpoint ideal for high-throughput tasks where latency isn't critical. Submit large jobs, let the system handle processing, and retrieve results within 24 hours at a 50% discount compared to synchronous APIs. Perfect for pre-prepared data needing no immediate response, it offers cost savings, increased throughput, and simplified API calls. Reforged Labs uses it to process massive video ads, significantly improving efficiency and lowering costs. Get started easily with the Google GenAI Python SDK.

(developers.googleblog.com)

Development Asynchronous Processing

PostgreSQL LISTEN/NOTIFY Bottleneck: Lessons from Processing Millions of Meeting Hours

2025-07-11

Recall.ai processes millions of hours of meeting data each month. Their Postgres database suffered downtime due to high-concurrency writes. Investigation revealed that the LISTEN/NOTIFY feature acquires a global database lock during transaction commit, serializing all commits and creating a bottleneck. Migrating this logic to the application layer resolved the issue.

(www.recall.ai)

Development

Pangolin: Self-Hosted Zero Trust Tunneled Reverse Proxy

2025-07-11

Pangolin is a self-hosted, tunneled reverse proxy server with identity and access control, designed to securely expose private resources across distributed networks. It acts as a central hub, connecting isolated networks – even those behind restrictive firewalls – via encrypted tunnels, enabling easy access to remote services without opening ports. Leveraging WireGuard, Pangolin offers robust features including centralized authentication (SSO, TOTP), role-based access control, and flexible deployment options. Extend its functionality with Traefik plugins. Use cases include bypassing port restrictions, deploying business applications, and managing IoT networks. A self-hosted alternative to Cloudflare Tunnels.

(github.com)

Development zero trust

Category: Development