今日已更新 233 条资讯 | 累计 20205 条内容
关于我们

今日精选

HOT

最新资讯

共 20205 篇
第 31/1011 页
AI 资讯 Dev.to

Why Enterprise AI Governance Should Start at the Access Path

Many enterprise AI governance discussions start with frameworks. Frameworks are useful. They help organizations define principles, roles, controls and accountability. But when an enterprise starts using generative AI in real workflows, the practical governance problem often appears somewhere much more specific: the AI access path. That is the moment when an employee, application, copilot, agent or API workflow sends a request to an AI model. At that point, governance becomes operational. The practical governance questions Before an AI request reaches a model, an enterprise may need to answer several concrete questions: Who is sending the request? What business use case is involved? What data is being sent? Which AI model is being used? Is the model approved for this use case? Should sensitive data be masked or blocked? Was the access decision recorded? Can the activity be reviewed later? Can AI usage and token cost be explained by user, department, model and use case? These questions are not only policy questions. They are architecture questions. If the enterprise cannot answer them at the access path, AI governance may remain too far away from the real system behavior. Why the access path matters Many organizations already have AI policies. But policies are often written before or after the actual AI interaction. The access path is where policy meets execution. For example, a team may approve the use of generative AI for internal productivity. But the organization still needs to understand: whether customer data is being included in prompts; whether employees are using approved or unapproved models; whether sensitive content is being sent to external services; whether different departments are using AI in very different ways; whether audit evidence exists when an incident or review happens. This is why AI governance should not only be treated as a document, committee or training program. It also needs a technical control point. A simple access governance pattern A

Xiaobin Zhang 2026-07-14 20:40 3 原文
AI 资讯 Dev.to

Run Your Website From the Same Claude Chat That Built It

Everyone can generate a website now. Type a prompt, get a decent page — that part is a commodity. The question nobody's answering is what happens on day 2 : the leads start arriving, a line of copy needs a tweak, someone asks for a section you forgot. That's when a website stops being a design project and becomes a thing you have to run — and where most tools hand you yet another dashboard to log into and dread. Sitelas makes a different bet. Because a Sitelas site lives inside Claude through an MCP connector, the same chat that built the site also runs it . You don't open an admin panel to see who filled out your form, write back, or change the page. You just ask. Here's what "running your site from a chat" actually looks like. First, the 30-second why Claude connects to outside tools through MCP connectors — you already use the ones for Gmail, Calendar, and Drive. Sitelas has one too. Add it once (in claude.ai: Customize → Connectors → Add custom connector , and paste https://sitelas.com/api/mcp ), and Claude can do things with your site, not just talk about it: publish it, read its submissions, restyle it, add a section. Your site becomes an automation endpoint sitting next to your other connectors — the thing a Webflow or Squarespace site can't be. New here? Start with How to Build a Website From a Claude Chat . "Did anyone fill out my form today?" That single question is the whole idea. You ask; Claude reads your site's submissions, surfaces the new lead — Maya, a bakery owner — and drafts a warm reply in your voice. One message, no tabs. It works because every form on a Sitelas site captures submissions to your inbox automatically — no integration required. You can open that inbox in the dashboard any time: …but running your site from a chat means you rarely need to. Claude reads those same submissions straight from your site, so "who wrote in today, and what do they want?" is answered in the thread you're already in — not in a panel you have to remember to ch

Usman Haider 2026-07-14 20:39 3 原文
AI 资讯 Dev.to

Every Commit in My Repo Gets Reviewed by a Second AI. Here's What Actually Changed.

My CLAUDE.md has one line near the bottom that I wrote months ago and mostly forgot about until I started actually paying attention to what it does: ## Important Note after your work done codex will review what you done. Terse, no punctuation, clearly typed in a hurry. But it's a real instruction that fires on every session in this repo: I finish a change, and a second model reviews it before I consider the work done. I added it half as an experiment. A few months in, it's changed how I work more than almost anything else in the setup, and not in the way I expected. I thought it would catch bugs. Mostly it doesn't, not directly. What it actually does is force a triage decision on every single piece of feedback, and getting that triage wrong is where all the pain lives. The three buckets Early on I treated every review comment the same way: read it, do it. That lasted about a week before I was silently making changes I didn't agree with because a second AI suggested them, and separately burning a stupid amount of time re-litigating comments that were just wrong or out of scope. What actually works is sorting every comment into one of three buckets before touching code: Fix it, no discussion. The comment is unambiguous, low-risk, and doesn't touch anything architecturally significant. Just do it and move on. Ask first. The comment is ambiguous, or it touches something that would require a real judgment call, or the "fix" would be a bigger refactor than the comment implies. Stop and get a human decision before acting. Skip silently. The comment is a duplicate of something already handled, or genuinely doesn't apply. Don't reply just to say "not doing this," don't leave a comment thread as evidence of having read it. Silence is the correct response to a non-issue. The failure mode I kept falling into before I had these buckets explicitly was collapsing 2 into 1: treating "ambiguous" as "just pick an interpretation and go." That's the actual source of review fatigue, not

Enjoy Kumawat 2026-07-14 20:39 3 原文
AI 资讯 Dev.to

Prometheus Agent Mode vs Grafana Alloy: Choosing the Right Push Agent in 2026

TL;DR: If you only collect metrics, Prometheus Agent mode is lightweight, familiar, and difficult to beat. If you collect metrics, logs, or traces together, or expect to in the future, Grafana Alloy's unified pipeline is usually worth the additional complexity. Once you've decided to move from pull-based scraping to a push architecture , the next question is which agent should actually run on each host. In 2026, the two strongest choices are Prometheus Agent mode and Grafana Alloy. I run Alloy across my production fleet, but that doesn't automatically make it the right answer for everyone. The Shift in the Monitoring Landscape Over the last couple of years, Grafana has consolidated both metrics and log collection into Grafana Alloy. Grafana Agent reached end of life on November 1, 2025, and Promtail followed on March 2, 2026. Neither receives security fixes anymore. The practical choice moving forward: Feature Prometheus Agent Grafana Alloy Metrics ✅ ✅ Logs ❌ ✅ Traces ❌ ✅ Config Prometheus YAML Alloy components Footprint Smaller Larger Learning curve Low Moderate Future direction Metrics agent Unified telemetry The table gives the short answer. The rest of this article explains where those differences actually matter in practice. Prometheus Agent mode. Run the Prometheus binary with the --agent flag and it stops acting as a full Prometheus server. It no longer stores local TSDB blocks, evaluates alerting rules, or serves queries. Instead, it scrapes targets, buffers samples in a write-ahead log, and forwards them upstream via remote_write . It is Prometheus with the storage and query layers removed. Grafana Alloy. A single agent that collects metrics, logs, and traces, processes them in a component pipeline, and pushes each signal to its backend. It embeds many exporters directly, so a line like prometheus.exporter.unix "node_exporter" {} gives you full node_exporter functionality without installing a separate binary. The Case for Prometheus Agent If you only need m

Justyn Larry 2026-07-14 20:36 2 原文
AI 资讯 Dev.to

LeetCode 78. Subsets

Link https://leetcode.com/problems/subsets/description/ Problem Given an integer array nums of unique elements, return all possible subsets (the power set). The solution set must not contain duplicate subsets. Return the solution in any order. Example Example 1: Input: nums = [1,2,3] Output: [[],[1],[2],[1,2],[3],[1,3],[2,3],[1,2,3]] Example 2: Input: nums = [0] Output: [[],[0]] Solution First, create a variable subsets, initialized to [[]], as the return value. Loop through nums, and for each element, create new subsets by appending that element to each existing subset. Then, append these new subsets to subsets. Sample code class Solution : def subsets ( self , nums : List [ int ]) -> List [ List [ int ]]: """ 0: [[]] 1: [[]]+[1] -> [[], [1]] 2: [[],[1]] + [2],[1,2] -> [[], [1], [2], [1, 2]] 3: [[], [1], [2], [1, 2]] + [3], [1, 3], [2, 3], [1,2,3] -> [[], [1], [1, 2], [3], [1, 3], [2, 3], [1, 2, 3]] """ subsets = [[]] for num in nums : new_subsets = [ subset + [ num ] for subset in subsets ] subsets += new_subsets return subsets

ryo ariyama 2026-07-14 20:36 2 原文
AI 资讯 Dev.to

Which Is to Be Master? Language, Authority and LLMs

Introduction “When I use a word,” Humpty Dumpty said in rather a scornful tone, “it means just what I choose it to mean—neither more nor less.” “The question is,” said Alice, “whether you can make words mean so many different things.” “The question is,” said Humpty Dumpty, “which is to be master—that's all.” — Lewis Carroll, Through the Looking-Glass Humpty Dumpty believes that words can mean whatever we choose them to mean. Alice asks an interesting question. Can they? Programming and Language Programming languages derive much of their power from formally specified semantics. The language implementation, not the programmer, defines what if , while and return mean. I cannot persuade the compiler that false should be treated as true . The rules establish a shared and mechanically enforced understanding of what a program means. Large Language Models however, do not execute according to fixed semantics. They interpret natural language through context. This distinction has profound consequences and suggests that a language model has no intrinsic notion of authority. In a programming language, when two instructions conflict, the language specification and execution environment determine the outcome. In natural language, authority does not arise from the words alone. It depends on context, convention, identity, and external rules. Language models, by nature, inherit this ambiguity. A prompt is therefore not a program in the traditional sense. It is an attempt to establish the context within which subsequent language should be interpreted. "You are a detective." "Do not reveal the identity of the murderer." "Only answer questions using the evidence you have observed." None of these statements is mechanically enforced merely because it appears in the prompt. They describe a role, a constraint, and an assumed world. The model may follow them, but their authority must be created and protected by systems outside the model. Prompt injection exploits precisely this weakness. It

Vincent Hendriks 2026-07-14 20:34 2 原文
AI 资讯 Dev.to

Stop Writing try/catch in Every Controller

When I first started building APIs with Express.js, every async controller looked the same. I would write a try block, perform some database operations, and then write a catch block that called next(error) . It worked, so I copied the same pattern into every controller. One controller became ten. Ten became fifty. Eventually, I realized that half of my controller code wasn't actually business logic, it was just repetitive error handling. That's when I discovered the Async Handler pattern. The Problem A typical Express controller often looks like this: export const getUser = async ( req , res , next ) => { try { const user = await User . findById ( req . params . id ); if ( ! user ) { throw new Error ( " User not found " ); } res . json ( user ); } catch ( error ) { next ( error ); } }; There's nothing wrong with this code. The problem is that every async controller ends up looking exactly the same. Every file contains: try, catch and next(error) over and over again. Besides being repetitive, it's also easy to forget. Miss one try-catch block, and Express won't automatically catch errors thrown inside async functions. What Is an Async Handler? An async handler is a small wrapper function that automatically catches errors from async controllers. Instead of every controller handling its own errors, the wrapper does it for you. A Simple Analogy Imagine an office where every employee has to stop working whenever someone rings the front door. Besides doing their own job, they also have to greet every visitor. This quickly becomes repetitive and inefficient. Instead, the company hires a receptionist to handle every visitor. Now the employees can focus on their actual work while the receptionist takes care of the door. An async handler works the same way. Controllers focus on handling requests, while the async handler catches errors and passes them to Express's error handler. Without an Async Handler export const createUser = async ( req , res , next ) => { try { const user

vedant kale 2026-07-14 20:28 2 原文
AI 资讯 Dev.to

We Open-Sourced 42 Construction Calculators — Here's Why

I run EstimatorSuite.com — we review construction estimating software for US contractors (HVAC, electrical, plumbing, roofing, landscaping). We just open-sourced our entire calculator suite: 42 construction calculators under MIT license. React + TypeScript + Tailwind. 🔗 Repo 🔗 Live Demo 🔗 npm What's included: • 36 material calculators (concrete volume, roofing squares, drywall, paint, flooring, etc.) • 6 trade estimators (HVAC load, electrical conduit fill, plumbing pipe sizing) Two entry points: → React components — drop into any project → Pure calculation functions — zero UI dependency, works in Node.js, Vite, Next.js, anywhere Why we built this: Construction software is expensive. Contractors told us they needed free tools that actually work — not ad-filled spreadsheets. So we built them, and we open-sourced them. Full story →

lsj 2026-07-14 20:26 2 原文
AI 资讯 Dev.to

A Practical Guide to Proxies for Web Scraping (with Python examples)

If you have written more than a couple of scrapers, you already know the pattern. The first few hundred requests fly through. Then responses slow down, you start seeing 429 Too Many Requests , a captcha wall appears, and finally the target just returns empty pages or a hard 403 . Your code did not change. Your IP did. Scraping at any real volume is less about parsing HTML and more about managing where your requests come from. This post is a practical walk-through of how proxies fit into a scraping pipeline: why a single IP fails, what proxy types actually matter, how rotation works, and how to wire it all up in Python with requests , aiohttp , and Scrapy. There is code you can copy, plus the mistakes that cost me the most time. Why one IP is never enough Every site you scrape sees the same thing: a stream of requests from one address, arriving faster and more regularly than a human ever would. Anti-bot systems are built to spot exactly that. The signals they use are boring but effective: Request rate per IP. Too many hits in a short window trips a rate limiter. Volume over time. Even a slow scraper eventually stands out if every request comes from the same address for hours. Behavioral fingerprint. No mouse, no scroll, identical headers, requests in perfect intervals. Reputation. Datacenter ranges that have been abused before are pre-flagged. You can soften some of these with headers, delays, and a real browser, but there is a ceiling. Once a single IP has made enough requests, it gets throttled or blocked regardless of how polite you are. The only way past that ceiling is to spread requests across many addresses, so no single one crosses the threshold. That is the entire job of a proxy pool. The proxy landscape, minus the marketing Providers love to complicate this. For scraping, the distinctions that actually change your results are these: Shared vs private. Shared proxies are handed to many customers at once. You inherit everyone else's behavior, so an address ca

ProxyMaster 2026-07-14 20:26 2 原文
AI 资讯 Dev.to

How I Built an Ultra-Fast, Programmatic Results & GPA Portal for My University (MUET)

At Mehran University of Engineering and Technology (MUET), Jamshoro, results are traditionally announced via large, static PDF tables. But the main issue is: Every semester, the same story. Need to check your result? Open your laptop. Connect to the university network... or set up a VPN. Want to know your actual class or batch rank? Good luck guessing. That frustration became my latest project. To solve this, I set out to build the MUET Results Portal ( https://muetresults.vercel.app )—an independent, open-source lookup engine and administrative compiler that provides students with instant semester results, CGPA calculations, batch standings, and interactive academic calendars. Here is an engineering deep-dive into how I built it using a serverless GitOps pipeline, vanilla JavaScript SPA, and Gemini AI. 🛠️ The Architecture & Data Pipeline To keep the platform hosting costs at absolute zero while maintaining lighting-fast page loads, I designed a pre-rendered static pipeline. Rather than querying a database at runtime, all student data is compiled statically. Here is the GitOps workflow: Official PDF Release : The Mehran University Examination Department publishes a new results PDF. LLM OCR Parsing : Via a secure administrative panel ( /mokshadmin ), I upload the scanned PDF/image. A serverless backend function streams the document to the Google Gemini 1.5 Flash API , which returns structured JSON student records. Git Database Update : The approved JSON records are committed back to the repository's git-tracked database ( muet_student_gpa_dataset.csv ) using the GitHub REST API. CI/CD Pre-rendering Build : The new commit triggers a Vercel build hook. Node compilation scripts read the CSV database and: Group records and compile them into static runtime JSON structures. Pre-render complete static HTML folder structures for all batch rankings and departments. Regenerate SEO sitemaps ( sitemap.xml ). Instant Deployment : Vercel serves the pre-rendered static files instan

Mokash Kumar 2026-07-14 20:22 2 原文
AI 资讯 Dev.to

Manticore Speaks MySQL - So I Made It a Laravel Database Driver Instead of a Scout Engine

The problem I've been working with Manticore Search for about two years at EricaPRO , building the search layer for two financial data platforms. For the past year, that work has been a Laravel API. Manticore was never the problem. It's fast and it's stable. The problem was the gap between Manticore and Laravel. I had already built a package for this — laravel-manticore-search , a fluent builder over Manticore's HTTP/JSON API. It works, and it's still in use. But it's a client wrapper. Every feature had to be implemented manually. Every new filter or facet meant more custom architecture around the client, and none of the things Laravel gives you for free — models, migrations, pagination, casts — applied to it. Scout doesn't close that gap either. Scout gives you search() . No full query builder, no migrations for your indexes, sync is your problem. That's not a criticism — Scout abstracts over engines with completely different APIs, so it exposes the lowest common denominator. It just wasn't what I needed. What I needed was simple to describe and annoying to not have: something plug and play. Something Laravel way. Point Eloquent at Manticore and use Eloquent. The insight Manticore speaks the MySQL wire protocol. Out of the box, port 9306. You can connect to it with any MySQL client and run SQL. I had been using that port for two years without thinking about what it meant for Laravel. Because here's the thing: all of Eloquent — models, query builder, migrations, pagination, chunking — sits on top of a Connection and a Grammar . The grammar compiles builder calls into SQL for a specific dialect. That's the entire mechanism behind Laravel supporting MySQL, Postgres, SQLite and SQL Server with one codebase. So the real question was never "how do I re-implement Eloquent on top of Manticore's client?" It was "how thin can a Manticore grammar be?" If Manticore accepts MySQL-protocol connections and mostly-MySQL SQL, then a Laravel database driver — a custom connection plu

Renato Maldonado 2026-07-14 20:21 2 原文