今日已更新 80 条资讯 | 累计 20052 条内容
关于我们

标签:#CLI

找到 180 篇相关文章

AI 资讯

全く新しいApidog CLI + SKILLを開発した理由

これは、Apidog が API テストおよび API ライフサイクル管理のためのコマンドラインツールである Apidog CLI をどのように開発したかを共有する全10回のシリーズです。順番に読むか、必要なテーマから直接参照してください。 今すぐApidogを試す タイトル 焦点 1 当社は126のMCPツールを構築しました。しかし、それはAgentにとって最良の解決策ではありません 問題の発見 2 なぜ当社は全く新しいApidog CLIを開発したのか アーキテクチャ開発 3 黄金律:CLIは事実を生成し、モデルは事実に従って行動する 核となる哲学 4 agentHints : CLIにAgentとの会話を教える 構造化出力 5 SKILL:運用経験をコードとして出荷する 運用経験 6 数字は嘘をつかない:ツール呼び出しは30%減、トークンは25%減 定量的結果 7 PRDからテストループまで:Apidog CLIによる完全なAgentワークフロー 実践的なチュートリアル 8 なぜCI/CD互換性がAgentツールにとって不可欠なのか DevOpsの視点 9 AIブランチ:AI Agentによるより安全なプロジェクト変更 セキュリティレイヤー 10 Spec-Firstは昨日。Skill-Firstへようこそ。 ビジョンと未来 当社は、MCPが最適化しない複雑なワークフロー、つまり検証ゲートと構造化された実行を伴うワークフローを処理するために、CLI + SKILLを構築しました。 MCPはその目的を果たし続けています CLI + SKILLに入る前に、前提を明確にします。 Apidog MCPは現在も利用可能で、メンテナンスされています。 MCPは、プロトコルに従って標準化されたツール接続を提供します。特に以下の用途に適しています。 シンプルで明確に定義された操作 MCPベースのワークフローを好むユーザー MCP準拠クライアントとのエコシステム統合 当社はMCPを置き換えたわけではありません。CLI + SKILLはMCPを補完するために構築されました。 MCPは ツール接続 に優れています。一方で、検証、読み戻し、実行確認を伴う多段階のR&Dワークフローでは、Agentに対して 実行可能なエンジニアリングプロセス を提供するほうが安定します。そこにCLI + SKILLが適合します。 タスクごとに使い分けると、次のようになります。 タスクタイプ 推奨されるアプローチ シンプルなツール呼び出し(例:エンドポイントの取得) MCPまたはCLI。どちらも機能します 多段階ワークフロー(例:テストの作成、検証、実行) CLI + SKILL。より良い体験になります CI/CD統合 CLI。ネイティブに適合します MCPエコシステム統合 MCP。プロトコル標準に適合します 古いCLI:最後にテストを実行する Apidog CLIは長年、APIテストを実行するためのコマンドラインのエントリポイントでした。 apidog run --project <projectId> --test-scenario <scenarioId> --environment <environmentId> この基盤は今も重要です。チームには以下を行うための信頼できる方法が必要です。 ターミナルからAPIテストを実行する CIパイプラインでレポートを生成する 自動化ワークフロー内で品質ゲートを維持する ただし、古いCLIの主な役割は テスト実行 でした。つまり、ワークフローの終盤で使われます。 設計 → ドキュメント化 → モック → デバッグ → テスト → [CLIがテストを実行] CLIは最後のステップでした。他の作業が完了したあとに、既存のテストを実行するためのものだったのです。 新しい要件:Agentにはより多くの操作が必要 API開発は変化しています。 AI Agentは現在、APIライフサイクルの複数段階に参加します。 段階 Agentの活動 API設計 PRDからエンドポイント定義を生成する テスト生成 API仕様からテストケースを作成する デバッグ 障害を分析し、修正案を提示する 移行 プロジェクト間でAPIを移動する メンテナンス API変更時にテストを更新する このようなワークフローでは、CLIは既存テストを最後に実行するだけでは不十分です。 Agentが安定して作業するには、CLI側で次の操作を提供する必要があります。 APIアセット(エンドポイント、スキーマ、環境)を読み取る テストアセット(テストケース、テストシナリオ)を作成または更新する 書き込み前に構造化された変更を検証する 変更をプロジェクトに書き戻す 実行結果を検証

2026-07-06 原文 →
AI 资讯

Reclaim free space from VirtualBox VM on Windows host

When you delete files in your virtualbox VM in order to free up space on the host filesystem, this space is not automatically reclaimed. In order for the host system to see the changes you need to rewrite the free space with zeroes. Follow the below steps to perform this operation: Install zerofree package. It is needed to rewrite the free space with zeroes. Mount the filesystem as "readonly". This is needed for the tool to be able to perform it's task. If you're working with the "/", easiest way to mount it as readonly is to edit the kernel parameters. Edit /etc/default/grub . Find the GRUB_CMDLINE_LINUX_DEFAULT line. Add init=/bin/bash to it reboot Run zerofree -v /dev/sdX . This could run for some time, depending on the size of your disk. After it's done, run exec init to finish booting up. Shutdown the VM in order to be able to run the next command which requires a lock on the VDI volume. On the Windows host run VBoxManage.exe modifymedium "path\to\disk.vdi" --compact

2026-07-05 原文 →
AI 资讯

purefetch: a fastfetch-style system info tool in Rust with zero dependencies

I like neofetch / fastfetch , but I wanted one with a genuinely empty dependency graph — nothing pulled from crates.io. So I built purefetch : a small system-info fetcher written entirely in Rust using only std plus raw Linux syscalls. Disclosure up front: purefetch was built largely with AI assistance (Claude Code). I directed the design, and every change was reviewed and tested — including running it on four architectures under QEMU — but most of the code is AI-generated. I'd rather be honest about that than pretend otherwise. _,met$$$$$gg. ooonea@unicorn ,g$$$$$$$$$$$$$$$P. ────────────── ,g$$P" """Y$$.". OS Debian GNU/Linux 13.5 (trixie) x86_64 ,$$P' `$$$. Host ThinkPad P53 (20QQS0JD01) ',$$P ,ggs. `$$b: Kernel 6.12.94+deb13-amd64 `d$$' ,$P"' . $$$ Uptime 6 days, 15 hours, 30 mins $$P d$' , $$P Packages 2477 (dpkg), 1 (flatpak) $$: $$. - ,d$$' Shell zsh 5.9 $$; Y$b._ _,d$P' Display 1920x1080 (eDP-1) Y$$. `.`"Y$$$$P"' DE GNOME 48.7 `$$b "-.__ WM Mutter (Wayland) `Y$$ Terminal kitty 0.41.1 `Y$$. CPU Intel(R) Core(TM) i7-9850H @ 4.60 GHz `$$b. GPU Quadro RTX 3000 `Y$$b. Memory 15.28 GiB / 62.61 GiB (24%) `"Y$b._ Swap 0 B / 8.00 GiB (0%) `""" Disk (/) 8.52 GiB / 489.57 GiB (2%) Locale en_US.UTF-8 Battery 76% (Not charging) Zero dependencies, really No libc crate, no sysinfo , no nix , no color crate — nothing from crates.io. Almost everything is just reading and parsing /proc and /sys . The result is a single ~484 KiB binary that builds offline. The only things std can't do are statfs (disk usage) and ioctl (terminal size / tty check). Instead of pulling in a binding crate, those are issued as raw Linux syscalls via core::arch::asm! : #[cfg(target_arch = "x86_64" )] unsafe fn syscall3 ( n : usize , a1 : usize , a2 : usize , a3 : usize ) -> isize { let ret : isize ; core :: arch :: asm! ( "syscall" , inlateout ( "rax" ) n as isize => ret , in ( "rdi" ) a1 , in ( "rsi" ) a2 , in ( "rdx" ) a3 , out ( "rcx" ) _ , out ( "r11" ) _ , options ( nostack ), ); ret } Four arch

2026-07-04 原文 →
AI 资讯

Copilot CLI drops the PAT requirement inside GitHub Actions

GitHub said this week that Copilot CLI, when it runs inside a GitHub Actions workflow, will accept the built-in GITHUB_TOKEN for authentication. Per the July 2 changelog, the previous path required creating and storing a personal access token. The operational read is small and precise: one fewer human-owned credential to mint, rotate and inherit. The exact scope of the change The changelog covers a narrow surface. It applies to Copilot CLI when invoked from a GitHub Actions workflow, and it swaps the required credential from a PAT to the workflow's ambient GITHUB_TOKEN . GitHub does not describe changes to how Copilot CLI authenticates outside Actions, and this post will not extrapolate to those contexts. If your Copilot CLI usage lives on a developer laptop or in another CI system, nothing in this announcement moves for you. Why the PAT was the wrong credential to leave in the loop A personal access token has almost none of the properties you would want from an automation credential. It does not expire on a job boundary. It carries a person's identity, not the workflow's. It sits in Actions secrets long enough to outlive the engineer who created it. And its scopes were chosen by that engineer, at that moment, often wider than the job actually needs. GITHUB_TOKEN is the opposite shape. Actions mints it at the start of a job, scopes it through the workflow's permissions: block, and revokes it when the job ends. If the token leaks, the window for abuse is the runtime of the job, not the years until somebody remembers to rotate it. When the person who wrote the workflow leaves, the pipeline does not silently break because a token expired with their account. For scripted Copilot CLI calls that had to be wrapped in a PAT, that is the whole win. The tool authenticates against the workflow instead of against a human. Wiring it up The workflow-side pattern is the same one every GITHUB_TOKEN -consuming step already follows: declare permissions: explicitly at the job level, k

2026-07-04 原文 →
AI 资讯

Day 56 – Mastering ClickHouse® AggregatingMergeTree: Build Faster Analytics with Pre-Aggregated Data

Introduction As data volumes continue to grow, running aggregation queries directly on raw datasets becomes increasingly expensive. Business dashboards, analytics platforms, and reporting systems often execute the same calculations repeatedly—such as total sales, daily active users, page views, or revenue trends. While ClickHouse® is designed to process analytical workloads at remarkable speed, repeatedly scanning billions of records still consumes valuable CPU, memory, and storage resources. This is where AggregatingMergeTree proves its value. Rather than calculating aggregates every time a query is executed, AggregatingMergeTree stores intermediate aggregation states that are merged automatically in the background. This approach allows analytical queries to read compact, pre-aggregated datasets, resulting in dramatically faster response times and reduced infrastructure costs. In this guide, you'll learn how AggregatingMergeTree works, why aggregate states matter, how to build an automated aggregation pipeline using Materialized Views, and when this engine is the right choice for your ClickHouse® workloads. What is AggregatingMergeTree? AggregatingMergeTree is a specialized ClickHouse® table engine designed to store aggregate function states instead of raw records. Unlike the standard MergeTree engine, which stores every inserted row, AggregatingMergeTree keeps partially aggregated values that ClickHouse combines during background merge operations. This significantly reduces the amount of data that must be processed when generating analytical reports. Because much of the computational work happens during data ingestion, dashboards and reporting applications can retrieve summarized information much more efficiently. Typical scenarios include: Sales reporting Website traffic analytics Financial summaries IoT sensor monitoring Business KPI dashboards Application observability metrics Why Use AggregatingMergeTree? Imagine an online marketplace processing millions of tr

2026-07-03 原文 →
AI 资讯

GitHub Actions won't tell you your CI is getting worse. I built a zero-dep CLI that does.

GitHub Actions shows you one run at a time. Green check, red X, green check, green check, red X. You scroll the list, you re-run the flaky one, you move on. Nobody's asking the question that actually matters: is this getting better or worse? "I calculated how much my CI failures actually cost. Curious what your pipeline success rate looks like — has anyone else tracked the actual wasted compute time over time?" That's a real question from someone who did the math by hand and found their failures were burning a real chunk of their compute budget. The replies were the same story you'd expect: heavyweight CI platforms have their own dashboards for this, but nobody had a lightweight, local way to just... track it. So I built citrend : pull your GitHub Actions run history into a local file, get a trend. npx citrend sync --repo owner/name npx citrend report --repo owner/name What it actually shows you $ citrend report --repo acme/widgets acme/widgets — 812 run(s) (2 in progress) success rate: 87.4% (699/800 settled, 12 skipped) wasted runs: 101 (12.6%) total compute: 118h 42m wasted compute: 14h 6m weekly trend (oldest → newest): 2026-06-05 91.2% success, 8 wasted (58m) 2026-06-12 88.0% success, 11 wasted (1h 22m) 2026-06-19 79.4% success, 22 wasted (3h 8m) 2026-06-26 84.1% success, 15 wasted (2h 1m) That weekly column is the entire point. A single gh run list will never show you that week 3 was a cliff — you'd have to notice it got annoying to work in, which is a much slower and much less precise signal than a number going from 91% to 79%. How it works sync pulls your workflow run history from the GitHub REST API and caches it locally (deduped by run id, so you can run it on a schedule without piling up duplicates). report reads that cache — no network call — and computes: Success rate , over settled runs only (still-running runs don't count either way until they conclude, and skipped runs are excluded from the denominator since they're not a pass/fail outcome). "Wasted"

2026-07-03 原文 →
AI 资讯

The same root cause keeps coming back because nobody tracks it. I built a zero-dep CLI that does.

You write the postmortem. You file the action items. Everyone nods, the doc gets archived, and life moves on. Six months later, the exact same root cause takes down the exact same service — and nobody in the room remembers the first incident, let alone that its fix never actually shipped. "We use rootly to track this automatically. It flags when incidents have the same root cause as previous ones." That's a real answer from an SRE thread about this exact problem — and it's a paid, hosted feature of a full incident-management platform. Most teams don't have rootly or incident.io. What they have is a folder of markdown postmortems that nobody diffs against each other. So I built rootecho : a zero-dependency CLI that does the one useful thing those platforms do for this — flag when a new incident's root cause echoes a past one, and show you whether that past incident's action items ever actually got finished. How it works Each postmortem is one JSON record — free-text root_cause and/or curated root_cause_tags , plus action_items with a status: { "id" : "INC-2026-014" , "title" : "Payment webhook retries exhausted" , "root_cause" : "webhook retry queue misconfigured to drop after 3 attempts, no dead-letter fallback" , "root_cause_tags" : [ "webhook" , "retry-queue" , "dead-letter" , "config" ], "action_items" : [ { "id" : "AI-1" , "description" : "Add dead-letter queue for webhook retries" , "owner" : "alice" , "status" : "open" } ] } rootecho add records it and compares against your history: $ rootecho add inc-2026-014.json ⚠ root cause echo detected for "INC-2026-014": INC-2026-003 (2026-03-15) — 100% similar root cause Payment webhook retries exhausted ✓ Add retry backoff [done] ✗ Add monitoring alert for queue depth [open] — 93d overdue → 1 action item(s) from this past incident were never finished. recorded to .rootecho/history.jsonl That's the whole point of the tool in one output: not just "you've seen this before," but "and here's the fix that never happened." r

2026-07-03 原文 →
AI 资讯

Why California’s carbon manure math doesn’t add up

Something stinks in California’s climate policies. Years ago, the state set up a system that pays cattle farmers across the country to turn the methane emitted from cattle manure into natural gas, encouraging the dairy sector to produce a gas we burn instead of one that just pollutes the air. It’s become wildly popular because…

2026-07-02 原文 →
AI 资讯

CodeTrace-AI v1.0.1: AI-Powered Code Intelligence with SHA-256 Delta Sync & Interactive Code Graphs

CodeTrace-AI v1.0.1 — Stop Reading Code. Start Understanding It. Every developer has experienced this. You clone a repository, open it, and suddenly you're staring at thousands of files. You spend hours answering questions like: Where is this function called? Which files depend on this module? What happens if I modify this class? Is this code even used anymore? Traditional tools like grep , IDE search, or AI chat assistants can help you find code. They don't help you understand the architecture . That's why I built CodeTrace-AI . What is CodeTrace-AI? CodeTrace-AI is an AI-powered code intelligence tool that transforms your repository into a searchable structural knowledge graph. Instead of treating your project as plain text, it understands your codebase structurally by analyzing: 📂 Folder hierarchy 📄 Files 🏛 Classes ⚙ Functions 📦 Imports 🔗 Function calls 🌐 Cross-file dependencies Think of it as having an AI Software Architect that understands your entire repository. 🚀 What's New in v1.0.1 This release focuses on speed, privacy, and understanding large repositories. 🕸 Interactive Code Graph One of the biggest additions is the interactive repository graph. Instead of reading hundreds of files manually, you can visualize relationships between: Folders Files Classes Functions Imports Function calls Understanding a new project becomes dramatically easier. ⚡ SHA-256 Delta Sync Engine One feature I'm particularly proud of is the new Incremental Indexing Engine. Most code intelligence tools rebuild their entire index every time. CodeTrace-AI doesn't. It computes a SHA-256 fingerprint for every tracked file and detects: ✅ Modified files ➕ Newly added files ❌ Deleted files Only those files are: Re-parsed Re-embedded Re-added to the knowledge graph Everything else is skipped. This makes repeated indexing dramatically faster, especially for large repositories where only a few files change between runs. Under the hood The sync engine includes: SHA-256 fingerprinting Parallel f

2026-07-02 原文 →
AI 资讯

Scankii: The First Static Security Scanner Built to Stop AI Agents from Leaking API Keys

Hey DevHunt community! 👋 I'm incredibly excited to launch Scankii! As developers, we are building more and more AI Agents using frameworks like LangChain, OpenHands, and AutoGen. The standard paradigm is giving these agents "skills" or "tools" — which are basically just Python functions combined with Natural Language instructions (prompts or docstrings). But here is the problem: Standard secret scanners (like GitLeaks or TruffleHog) are blind to AI-specific vulnerabilities. They only scan source code for hardcoded secrets. But what if your Python code securely loads an API key, and your English instructions accidentally trick the agent into printing that key to stdout? The agent framework captures that output, injects it into the LLM context window, and your secret is suddenly exposed. We call this Cross-Modal Leakage. Enter Scankii. 🛡️ Scankii solves this by analyzing the intersection of your Natural Language and your code. It uses a dual-engine pipeline (NL Semantic Analyzer + AST Syntax Analyzer) to track variable flows between your prompts and your code sinks. ✨ Core Features: Dual-Engine Scanning: Correlates English instructions with Python ASTs. Local-First & Fast: Your proprietary agent tools and code never leave your machine. CI/CD Ready: Outputs standard SARIF reports. Drop it into GitHub Actions or use it as a pre-commit hook. Framework Agnostic: Works with LangChain, AutoGen, CrewAI, MCP, or any custom python agent framework. I built Scankii to give developers peace of mind when scaling their agent toolchains. Security shouldn't be an afterthought when building autonomous systems. I would love for you to try it out on your agent repos, star the project, and leave any feedback or questions below! I'll be here all day answering them. 👇 GitHub Repository: https://github.com/ashp15205/scankii Installation: pip install scankii

2026-07-01 原文 →
AI 资讯

Terminal themes built for prose reading, not syntax highlighting

Claude Code is mostly prose. Tool output, reasoning traces, permission prompts — I read paragraphs of this for hours every day. Most terminal themes are built around syntax highlighting: make keywords pop, dim punctuation, saturate strings. That's optimizing for the wrong thing when your screen is 80% English sentences. I built klein-blue to fix this for my own setup. Four variations, all built around Yves Klein's IKB pigment, all APCA-verified for body-size prose legibility in the specific ANSI slots Claude Code actually uses. The interesting constraint: pure IKB fails APCA contrast as text on a dark ground (Lc -12 — effectively invisible). So I split it across two ANSI slots. ansi:blue gets pure IKB for decorative borders and highlights where legibility doesn't matter. ansi:blueBright gets a lifted Klein-family value (A8BEF0) for readable permission-prompt text. You keep the color identity; you can actually read it. The four variations each answer the same question differently: how should Claude's brand colors live in your terminal? Claude Code uses ansi:redBright for its claude-sand brand color. That's the differentiating moment between the themes: Klein Void Refined — balanced, neutralizes brand competition Klein Void Sand & Sea — accepts claude-sand as a second hero alongside IKB Klein Void Prot — fully APCA-verified across every role (body >= 90, subtle >= 75, muted >= 45, accent >= 60); the only variation where every accent passes strict gates Klein Void Gallery — one-blue maximum void, everything else recedes One prerequisite that took me a while to document clearly: Claude Code's /theme picker must be set to dark-ansi , otherwise Claude Code ignores the Terminal.app ANSI palette entirely and falls back to its hardcoded RGB values. The theme does nothing without that. Ships as macOS Terminal.app .terminal profile files. Built from build.m with a variation-aware Objective-C builder, installed via install.sh , fully rollback-able via restore.sh . CommitMono-Re

2026-07-01 原文 →