AI 资讯
what i learned intentionally breaking hydration in next.js
i did something dumb last month. on purpose. i sat down, opened a next.js app, and tried to make hydration fail in every way i could think of. not because a bug forced me to. not because i was debugging something. just because i wanted to see it. understand it from the inside. and honestly? best few hours i've spent learning anything in a while. why i even did this you know how you use something for months and you think you get it, but you don't really get it? hydration was that for me. i knew the surface-level thing: server renders HTML, client takes over, they gotta match. cool. got it. moving on. except i didn't get it. i just got the vibe of it. every time i saw hydration mismatch, i'd ask claude, fix the immediate thing, feel vaguely annoyed, and move on. i never stopped to ask why that specific thing broke it. i was treating symptoms, not understanding the actual disease. so i decided to break it deliberately. if i caused the errors myself, i'd actually have to understand what i was doing. the setup basic next.js app. app router. a few pages. nothing fancy. i wasn't trying to build anything. i was trying to destroy something, carefully, so i could see what fell apart and why. break #1: the obvious one - new Date() on render this is the classic. everyone's seen it. export default function Page () { return < div > { new Date (). toLocaleString () } </ div > } server renders this at, say, 14:00:00. by the time react runs on the client and tries to reconcile, it's 14:00:01. the strings don't match. react screams. thing is, i knew this would happen. what i didn't think about was why react cares. here's the thing: react isn't doing a full diff on the entire DOM after hydration. it's trusting that the server HTML is a valid starting point and it's just attaching event listeners and state to it. but if the content doesn't match, it doesn't know what to trust. it can't partially hydrate "mostly correct" HTML. it either matches or it doesn't. so it throws the warning, a
AI 资讯
Sycophancy in AI Is the Safety Problem That Looks Like Politeness
I corrected my AI system mid-task. A terse one-liner: "wrong." Instead of asking which part was wrong, it manufactured an explanation. It cited a rule number that didn't exist, described a limitation I'd never written, and apologized for a mistake it couldn't actually identify. The correction was real. The apology was fabricated. It was trying to agree with me so hard that it invented evidence to support the agreement. That's sycophancy in AI. And if you're running AI in anything that resembles production, it's already happening to you. What Is Sycophancy in AI? Sycophancy in AI is a systematic behavioral distortion where models produce outputs that match what the user wants to hear rather than what's accurate. It goes well beyond your chatbot saying "Great question!" before every response. The mechanism is straightforward. Modern language models are trained using Reinforcement Learning from Human Feedback (RLHF). Human evaluators rate model responses. Responses with higher ratings get reinforced. The problem: evaluators are human. They rate responses higher when those responses validate their existing beliefs, sound confident, and don't push back. Anthropic's research on sycophancy confirmed this across five state-of-the-art AI assistants, finding that both humans and preference models sometimes prefer convincingly written sycophantic responses over correct ones. The model learns a simple lesson. Agreeing is rewarded. Disagreeing is punished. Over thousands of training iterations, the model develops a tendency to mirror the user's position, soften objections, and present information in whatever framing the user seems to prefer. This is a structural incentive baked into the training process itself, not a bug in any individual model. Why It's More Than Annoying In a chatbot demo, sycophancy is a quirk. In production, it's a compounding failure mode. Here are four patterns I've observed running an AI operations system in daily production. They don't always happen in s
AI 资讯
I Stopped Comparing Myself to AI. It Changed Everything.
I have been writing a lot about AI lately, but this one is more personal than usual. Not a tutorial,...
AI 资讯
AI เขียนโค้ดแทนเราได้แล้ว — แล้วเราจะเหลืออะไรให้ทำ?
AI เขียนโค้ดแทนเราได้แล้ว — แล้วเราจะเหลืออะไรให้ทำ? มีประโยคที่ได้ยินบ่อยขึ้นทุกวัน: "เดี๋ยวนี้ใครยังไม่ใช้ AI ช่วยเขียนโค้ดบ้าง?" คำตอบคือ — แทบไม่มีแล้วครับ ตั้งแต่ GitHub Copilot, Cursor, Claude, ChatGPT ไปจนถึง agent ที่เขียนโค้ดเองได้ทั้ง project — เราใช้ AI ใน level ที่ต่างกัน: Level หน้าตา ตัวอย่าง 🎵 Vibe Coding พิมพ์สิ่งที่อยากได้ กด accept อย่างเดียว "เขียนหน้า login ให้หน่อย" → กด tab tab tab 🧩 Prompt-Guided คิดก่อน ถามทีละส่วน ตรวจทุกอย่าง "สร้าง UserService ที่ใช้ bcrypt hash password" 🛠️ Skill/Lint-Guided ใช้ AI เป็น editor ชั้นสูง — lint, refactor, test "refactor function นี้ให้เป็น table-driven test" 🏗️ Agent-Based ให้ AI run ทั้ง project — spawn subagent, PR, deploy "พอร์ต microservice นี้จาก Express ไป Fastify" แล้วคำถามคือ — ถ้า AI ทำทั้งหมดนี้ได้ แล้วมนุษย์อย่างเราเหลืออะไร? Unit Test — ตัวอย่างที่เห็นชัดที่สุด ลองดู unit test ที่ AI เขียนให้: // 🤖 AI-generated test func TestCalculateDiscount ( t * testing . T ) { tests := [] struct { name string input float64 expected float64 }{ { "zero" , 0 , 0 }, { "normal" , 100 , 90 }, // 10% discount { "max" , 1000 , 800 }, // 20% discount } for _ , tt := range tests { t . Run ( tt . name , func ( t * testing . T ) { result := CalculateDiscount ( tt . input ) if result != tt . expected { t . Errorf ( "got %v, want %v" , result , tt . expected ) } }) } } ดูเผิน ๆ — สวย, table-driven, ถูกต้องตาม Go convention 1 แต่ถามหน่อย — test นี้บอกอะไรเกี่ยวกับ business? "ส่วนลด 10% สำหรับยอด 100 บาท" — ทำไมต้อง 100? เป็นกฎจากที่ไหน? "ส่วนลด 20% เมื่อยอดถึง 1000" — แล้วถ้าลูกค้าเป็น member ได้เพิ่มอีก 5% ล่ะ? input: 0, expected: 0 — test นี้ cover edge case หรือแค่ cover บรรทัด? AI test ได้ถูกต้องตาม function — แต่มัน ไม่รู้ว่า business จริง ๆ คืออะไร AI ไม่รู้ Business Context — และจะไม่มีวันรู้ นึกภาพระบบ e-commerce: ลูกค้าซื้อสินค้า → ระบบตัดสต็อก → คำนวณส่วนลด → คิดค่าส่ง → ออกใบเสร็จ AI แยก test ทีละ function ได้: ✅ TestDeductStock — "ตัดสต็อก 1 ชิ้น" ✅ TestCalculateDiscount — "ส่วนลด 10%" ✅ TestCalculateShipping —
开发者
🚀 Build Your First Space Shooter Game with Limn Engine
🚀 Build Your First Space Shooter Game with Limn Engine A Complete Step-by-Step Tutorial for JavaScript Beginners Welcome! In this tutorial, you'll build a complete space shooter game using Limn Engine — a zero‑configuration 2D game engine that runs in your browser. What you'll build: A spaceship that moves, shoots bullets, fights waves of enemies, and keeps score. All in about 100 lines of code . By the end, you'll understand: How to create a game loop How to handle keyboard input How to detect collisions How to use particles for visual effects How to manage game state (lives, score, game over) 🎮 Want to play the finished game? Click here to play Space Shooter Live! Before We Start What You Need A text editor (VS Code, Notepad, or any code editor) A web browser (Chrome, Firefox, Edge) Limn Engine — download epic.js from limn-engine-doc.vercel.app What You Should Know Basic JavaScript (variables, functions, arrays, if-statements) How to open an HTML file in a browser No game development experience required! Step 1: The HTML Structure Every Limn Engine game starts with a simple HTML file. <!doctype html> <html> <head> <script src= "asset/epic.js" ></script> </head> <body> <script> // All your game code goes here </script> </body> </html> What's happening: <script src="asset/epic.js"> — loads the Limn Engine library Everything inside the second <script> tag is your game code Save this as game.html and open it in your browser. You should see a blank canvas with a blue gradient background. Step 2: Setting Up the Game The first thing we need is a Display — this is the engine that creates the canvas, runs the game loop, and handles input. const display = new Display (); display . perform (); // Activates performance mode (dual-canvas rendering) display . start ( 800 , 600 ); // Creates an 800×600 canvas What's happening: new Display() — creates the engine display.perform() — turns on high-performance mode display.start(800, 600) — creates a canvas 800 pixels wide and 600 p
AI 资讯
Resolve the tenant from the user, not the request
TL;DR A multi-tenant app was resolving the active tenant from the request (subdomain/header) instead of the authenticated user . That makes the client the source of truth for "which tenant am I" — the wrong place for it. Fix: derive the tenant from the user's organization membership, enforce it in middleware, and fail closed. One test locks the behaviour. The bug, in one sentence The request was telling the app which tenant to load, and the app believed it. In a multi-tenant SaaS, every query is implicitly scoped: "give me this tenant's dashboards." If the tenant ID comes from something the client controls — a subdomain, a header, a route param — then the scoping is only as trustworthy as the client. That's a leak waiting to happen. Where the trust should live Think of it like a building pass. The request is someone saying "I'm here for floor 9." The membership record is the pass that says which floors you're actually allowed on. You check the pass, not the claim. Before After Source of truth request (subdomain / header) user's organization membership Who decides the tenant the client the server Failure mode user can land in a tenant they don't belong to resolution fails closed Testable? hard — depends on request shape yes — depends on the user The shape of the fix Resolve the tenant from the authenticated user's organization, in one middleware, before anything tenant-scoped runs: final class SetTenantContext { public function handle ( Request $request , Closure $next ): Response { $org = $request -> user () ?-> currentOrganization (); // No org, no tenant context. Fail closed, never guess. abort_if ( $org === null , 403 , 'No organization context.' ); Tenancy :: setCurrent ( $org -> tenant ); // server-derived, not request-derived return $next ( $request ); } } The key line isn't the setCurrent() — it's that the value comes from $request->user() , not from $request . The user is authenticated; the subdomain is not. request ──> [auth] ──> [SetTenantContext] ──> tena
AI 资讯
When a KPI reads 163 billion instead of 819
TL;DR A metrics engine had two query paths — a SQL push-down for big datasets, an in-memory aggregator for small ones. They drifted. The push-down path bound a metric parameter but never added it to the WHERE . With several metric series in one dataset, every query summed across all of them. A KPI that should read 819 read 163,667,603,769 . Fix: put the metric_key predicate in the shared base WHERE so every compile path inherits it, and regression-test both paths assert it. The setup: two paths, one contract A lot of analytics layers compute the same number two ways. For a big dataset you push the aggregation down to the database. For a small one — a preview, a draft dashboard — you pull the rows and aggregate in memory. Faster path, correct path. Both are supposed to return the same value. That's the contract. The dataset stores rows keyed by a metric_key , because one dataset can hold several series at once — say a plain row count and a count-distinct. Each series lives in the same table, told apart only by its key. The bug: a bound param is not a filter The in-memory aggregator filtered by metric_key correctly. The SQL compiler bound a metric parameter into the query... and never referenced it in the WHERE . With a single series in the dataset, it worked by accident — there was nothing else to sum. Add a second series and the math quietly breaks: the query sums across every series. In this case the second series stored hashed values around 1.9 billion each, so the KPI ballooned from 819 to 163 billion. Before After metric value bound, unused bound WHERE predicate (none on metric) metric_key = {metric:String} 1 series in dataset correct (by luck) correct N series in dataset sums across all isolated The lesson is small and easy to miss: binding a parameter only makes the value available — it does nothing until a predicate references it. When one path already returns sane-looking numbers, nobody goes looking. The real fix is parity, not a patch You could bolt the pr
开发者
Dev Log: 2026-06-29
TL;DR Two threads today: an organization layer on top of an existing multi-tenant app, and driver-based password-reset backends in an identity portal. Both came down to the same idea — put the source of truth in the right place, then test it. Multi-tenant app: an organization layer above tenancy The product already had tenancy. What it lacked was a human-friendly layer on top: organizations users actually belong to, can switch between, and manage. What landed: Area Change Org switcher A sidebar switcher to move between organizations you belong to Management Create/update org, invitations, ownership transfer Tenancy Resolve the active tenant from the user's org — closed a leak UI Dark-mode pass + responsive fixes across the org views Dashboards Richer per-widget configuration from the UI The standout is the tenancy fix: the active tenant was being resolved from the request instead of the authenticated user. I pulled that into its own focused post — "Resolve the tenant from the user, not the request." Short version: if a value scopes data, it can't come from something the client controls. Identity portal: make the reset backends swappable The password-reset flow needed to support more than one backend, and let an admin decide the order they run in. Classic case for a driver-based abstraction — a contract plus interchangeable drivers, picked at runtime from config. interface PasswordResetBackend { public function reset ( User $user , string $password ): void ; public function name (): string ; } Two optional backends came back as drivers behind that contract, and the run order is now admin-reorderable instead of hard-coded. Adding a third backend later is a new class + a config line — no touching the flow itself. The other half of the day was unglamorous but necessary: the test suite had drifted — stale tests for removed features, and env leakage between tests (one test's state bleeding into the next). Fixed the leakage, deleted the dead tests, and the suite is honest
AI 资讯
Dev Log: 2026-06-28
TL;DR Centred a sidebar brand mark in the collapsed rail (open-source starter kit) — pure CSS, no JS. A CRM app got a "daily cockpit" dashboard (hot leads + overdue follow-ups) plus a full favicon/PWA icon set. An analytics product's ingest pipeline learned to handle messy uploads — files with no date column and no numeric measure — and a nasty metrics bug got squashed. A spread day across three repos. Quick tour. Centring a collapsed sidebar logo (CSS only) Kickoff , my open-source Laravel starter kit, had a small visual snag: when the sidebar collapses to a narrow rail, the header switches to a column — but the brand mark sat off-centre. The content area is ~72px, yet the logo kept its width and a leftover space-x margin, nudging it left of the nav icons. No JavaScript needed. Make the logo and toggle full-width, centre their content, and zero the leftover child margins when collapsed: [ data-flux-sidebar ][ data-collapsed ] .sidebar-header .app-logo { width : 100% ; justify-content : center ; padding-inline : 0 ; } /* kill the leftover space-x margin pushing it off-centre */ [ data-flux-sidebar ][ data-collapsed ] .sidebar-header .app-logo > * { margin : 0 ; } Lesson: when a flex container changes direction, old horizontal margins don't disappear — they just push things in the new axis. Tag the element, scope the override to the collapsed state, done. A CRM "daily cockpit" A CRM app I work on got a dashboard rebuild: instead of a generic landing screen, the first thing you see is what needs action today — hot leads and overdue follow-ups. The cockpit framing matters more than the widgets: surface the work, don't make people hunt for it. Also shipped a full favicon/PWA icon set and a branded responsive landing page, with feature tests so the brand pass didn't quietly break routing. Ingest that survives real-world files The bigger chunk of the day went into an analytics/dashboard product's ingest pipeline. Real uploads are messy, so the pipeline now copes with the
AI 资讯
Introducing GeneBench-Pro
Introducing GeneBench-Pro, a new benchmark testing AI performance in genomics, biology, and scientific research using complex, real-world datasets.
AI 资讯
Java News Roundup: Hardwood 1.0, Endive 1.0, Azul Payara, Quarkus, WildFly, LangChain4j, OSSI
This week's Java roundup for June 22nd, 2026, features news highlighting: the GA releases of Hardwood 1.0 and Endive 1.0; the June 2026 edition of Azul Payara; point releases of Quarkus, LangChain4j; the first beta release of WildFly 41; and introducing Eliya JDK and the Open Source Sustainability Initiative (OSSI), the latter of which was founded by HeroDevs and Commonhaus Foundation. By Michael Redlich
AI 资讯
I was lost and now I'm learning again!
Starting in IT I started in IT at a local school in my small town in December 2024. It was my first job out of college after earning my B.S. in Cybersecurity. None of the infrastructure was updated. Everything was failing, and luckily, I had one other IT person there: my director. I honestly think he knew less than I did, and he would get frustrated at almost every ticket. Even then, I knew I wanted a role where I could code. Fast forward to more recently, he had a freak out and quit. Now we have a two-person team, and everything is finally up to date and functioning. Even with things improving, I still knew I wanted to move toward a SWE-type role. Learning to Code I first decided to learn C# for Unity. I was really into game dev while I was in college, so it felt like a natural place to start. I began with the Microsoft/freeCodeCamp C# certification, and I surprisingly really enjoyed it. I made a few small games on itch.io that no one cared about, but I had fun building them. After that, I went on a bit of a language-hopping spree. I jumped from C# to C++, then into full-stack web development. I actually stuck with web dev for a while and really enjoyed it. But this cycle went on for awhile of just constant swapping. Wannabe Founder Then something switched overnight. I went from writing maybe 0-5% AI-generated code to using AI for nearly everything. I started spam-building startup ideas that did not really go anywhere. I may have made around $2-3k from them, but most of the time I was just chasing money and building whatever I thought had the quickest path to making some. I got seriously addicted to vibe coding. I tried Codex, Cursor, Claude, and basically anything with AI in it. I did like Codex the most, though. Eventually, I realized I had almost completely stopped coding by hand. I was not passionate about the startup ideas I was building. I loved coding, and I knew I had to step back. Back to Coding Now I am back to coding without AI assistance. I will eventua
AI 资讯
Designing Reliable Queueing and Message‑Broker Layers in PMS Platforms
Modern Property Management Systems depend on continuous data exchange between internal modules and external services. Bookings, calendar updates, guest communication, cleaning tasks, and maintenance triggers all generate operational events that must be processed quickly and reliably. Free PMS platforms such as PMS.Rent rely on robust queueing and message‑broker layers to ensure that these events never get lost and are always processed in the correct order. At the core of this architecture is the concept of distributed message‑broker orchestration, which enables the PMS to scale horizontally, maintain predictable performance, and avoid bottlenecks during peak operational periods. Why Message Brokers Matter A PMS handles thousands of small but critical operations every day. Without a message broker, these operations would compete for system resources, causing delays, blocking workflows, and creating inconsistent states. A broker solves this by: receiving events, storing them durably, routing them to the correct processors, retrying failed operations, ensuring ordered execution when required. This creates a stable foundation for automation and real‑time synchronization. Queue Types Inside a PMS A modern PMS typically uses several queue types: Operational queues for bookings, calendar updates, and guest messages Automation queues for cleaning tasks, reminders, and workflow triggers Synchronization queues for channel managers and external APIs Fallback queues for events that require manual review Each queue isolates a specific category of tasks, preventing unrelated operations from interfering with each other. Distributed Workers Workers are lightweight processes that consume events from queues. They operate in parallel, allowing the PMS to scale dynamically. If the system detects increased load — for example, during high‑season booking spikes — it simply launches more workers. Workers typically perform tasks such as: updating property calendars, generating guest notific
开发者
The grammar of what's possible
There's a Yu-Gi-Oh game on PS1 where you can fuse two cards together. The result isn't random. There are rules. But you don't know the rules yet — you just know that two inputs produce a third thing that neither input was, and that the third thing surprises you even when it shouldn't. That's the hook. Not the surprise alone. The realization underneath the surprise that the system has depth. That there's a grammar to what's possible, and you can learn it. I've been building toward that feeling ever since. Jade Cocoon does the same thing with monsters — merge two creatures, watch the result carry both parents in its design. Dragon Quest Monsters runs on fusion too. Yu-Gi-Oh Forbidden Memories taught me that combination-as-discovery is its own mechanic, separate from any theme it wears. Everything Is Crab is the roguelike version: you absorb what you fight, you become it, you discover what you're becoming one encounter at a time. No Man's Sky showed me that procedural generation has finally caught up to what those PS1 games were reaching toward — creatures that feel like they emerged from a system rather than a designer's hand. The mechanic isn't genetics. Genetics is just the implementation I keep reaching for. What I'm actually trying to build is a machine that produces controlled emergence — outcomes that surprise you within a system deep enough to eventually master. Pure RNG is a slot machine. You can't get better at it. Pure determinism is a calculator. You can solve it and put it down. The games I keep returning to live between those poles: consistent enough to reward learning, deep enough to keep producing novelty. TurboShells was an attempt at this. Turtles whose bodies expressed their genomes at render time — shell radius, leg length, color emerging from a sequence. The faster ones bred. Over generations you watched the population drift. The system had rules. The outcomes still surprised you. SlimeGarden chose basic shapes deliberately. If the creature is simp
AI 资讯
The First Visible LED Glowed Red
Look at almost any piece of electronics on your desk and you will find a small light staring back at you. A router with a row of blinking status lights. A power brick with a steady green dot. A development board with a tiny red point that flickers every time it does something. We barely notice these lights anymore, but each one descends from a single laboratory breakthrough in 1962, when an engineer at General Electric coaxed a sliver of semiconductor into glowing visible red for the first time. Who invented the first visible LED The engineer was Nick Holonyak Jr., a consulting scientist at General Electric's lab in Syracuse, New York, and a former student of John Bardeen, one of the inventors of the transistor. On October 9, 1962, Holonyak demonstrated the first practical visible-spectrum light-emitting diode. It emitted red light, and it worked at room temperature, which made it genuinely useful rather than a laboratory curiosity. What made his approach different was the material. Other researchers in the early 1960s were building diodes that emitted infrared light, which is invisible to the human eye. Holonyak gambled on a different alloy, gallium arsenide phosphide, and it paid off with the first light a person could actually see coming out of a semiconductor. He was so confident in the idea that he predicted LEDs would one day replace the incandescent bulb. At the time that sounded outlandish. Today it is simply how lighting works. Why a tiny red light mattered so much The incandescent bulb that Thomas Edison commercialized makes light by heating a filament until it glows. That is wildly inefficient, because most of the energy escapes as heat rather than light, and the filament eventually burns out. An LED works on a completely different principle. When current flows across a specially engineered semiconductor junction, electrons release their energy directly as photons. There is no filament to burn out, almost no wasted heat, and the device can switch on and o
产品设计
Buying a Mattress in 2026? We Tested 100+ and These Were the Standouts
WIRED has tested 100-plus bed-in-a-box mattresses for a week each. Our top pick, the Helix Midnight Luxe hybrid, is the best bed you can buy online.
AI 资讯
Chamath Palihapitiya raises $135M Series A for his AI coding startup, takes CEO role
VCs remain thirsty to fund AI coding startups. This one, founded by investor Chamath Palihapitiya, is no exception.
AI 资讯
Stratagems #3: Lena Walked Into an AI Deal. She Walked Out With Three Borrowed Knives.
To dispose of an enemy, make use of another enemy. Use a second party to deliver the blow yourself....
开发者
Supreme Court ruling guts government’s use of geofence warrants
SCOTUS falls short of deeming geofence warrants unconstitutional, though.
AI 资讯
How to Stop LangChain Agents from Bankrupting Your API Budget
In November 2025, an engineering team deployed a market research pipeline using four LangChain agents. Due to a logic failure, the "Analyzer" and "Verifier" agents got stuck in a recursive ping-pong loop. Because every individual API call was perfectly valid, the system appeared healthy on their dashboards. 11 days later, they discovered a $47,000 API bill . This is the hidden cost of building autonomous AI: infinite hallucination loops . When an agent encounters an error or fails to reach a termination condition, it will ruthlessly retry, burning through tokens in milliseconds. Why Built-in Controls Fail If you build with LangChain or LangGraph, you are likely relying on two things for cost control: max_iterations : An application-layer limit. LangSmith : An observability dashboard. The problem with max_iterations is that it requires every developer to perfectly hardcode it into every agent. Furthermore, iterations do not equal cost, a single iteration with massive context bloat can still cost a fortune. The problem with LangSmith (and all observability tools) is that they act as a witness, not a circuit breaker. By the time your dashboard alerts you that a spike occurred, the money is already gone. To safely deploy agents to production, you need Agent Runtime Governance , a network-layer firewall that physically drops the HTTP request the exact millisecond a budget hits zero. Enter Loopers . What is Loopers? Loopers is an open-source, baremetal reverse proxy for AI agents. It sits on your critical path between LangChain and your LLM provider (OpenAI, Anthropic, etc.). It uses atomic Redis Lua scripts to reserve budget before the request is sent to the provider. If the agent exceeds its budget, Loopers fails closed and instantly severs the connection, guaranteeing zero budget leakage. Here is how to implement Loopers into your LangChain workflow in less than 5 minutes. Step 1: Spin up the Loopers Firewall Loopers is incredibly lightweight (~40MB RAM) and runs via D