今日已更新 312 条资讯 | 累计 20782 条内容
关于我们

标签:#EV

找到 3020 篇相关文章

AI 资讯

I built a browser-only JWT Creator & Signer — HS256/384/512, verify, expiry check, 77 tests

Debugging JWT authentication usually means copying tokens between tabs and tools. I built a free, browser-only JWT Creator & Signer — create, sign, and verify JWTs entirely in your browser using the Web Crypto API. Live Tool 👉 https://devnestio.pages.dev/jwt-creator/ What it does Create JWTs — edit header (alg, typ) and payload (any JSON) Sign with HMAC — HS256, HS384, or HS512 Quick claim buttons — insert sub , name , exp (+1h), iss with one click Generate random secrets — 256-bit hex secret via crypto.getRandomValues() Verify existing JWTs — paste any token and verify signature + expiry Color-coded output — header in red, payload in green, signature in blue 100% client-side — Web Crypto API, no server, your secrets stay local How signing works (Web Crypto API) const key = await crypto . subtle . importKey ( " raw " , new TextEncoder (). encode ( secret ), { name : " HMAC " , hash : " SHA-256 " }, false , [ " sign " ] ); const sig = await crypto . subtle . sign ( " HMAC " , key , new TextEncoder (). encode ( header + " . " + payload ) ); The output is base64url-encoded (replacing + → - , / → _ , stripping = padding) to form the final JWT. Why browser-only matters for a JWT tool JWT secrets are sensitive. Any tool that sends your signing secret to a server is a liability. This tool never sends anything — the Web Crypto API runs entirely inside your browser tab. Testing 77 tests, all passing ✅ Tests cover: Base64url encoding edge cases JWT structure (3-part dot-separated) HMAC algorithm mapping (HS256 → SHA-256 etc.) Expiry check (expired vs. valid tokens) Error states: invalid JSON payload, malformed JWT UI: claim insertion, secret toggle, copy, clear Web Crypto API usage verification All tools at devnestio.pages.dev — free browser-only developer utilities. Feedback welcome!

2026-07-02 原文 →
AI 资讯

Keeping background services alive: Lessons from building Muffle

Opening hook It happened during a quiet afternoon at the mosque. The imam was mid-sentence when a rhythmic, high-pitched ringtone cut through the silence like a knife. Every head turned. It was my phone. My heart sank as I scrambled to silence it, only to realize I had forgotten to flip the physical toggle before walking in. That moment of collective, disappointed glares burned. It wasn't just an annoyance; it was a total breakdown of my focus and a social failure I had accidentally caused because my phone couldn't manage itself. The problem We live in an era where our devices are supposedly 'smart,' yet they are remarkably bad at knowing when to keep quiet. We carry computers in our pockets that can calculate the exact position of the moon or stream 4K video, but they cannot inherently tell that we are in a meeting, a lecture, or a place of worship. You could argue that setting a manual schedule works, but life isn't static. Meetings run over, prayer times shift by a minute each day based on astronomical calculations, and spontaneous plans happen. I found myself constantly juggling the physical volume buttons. If I remembered to mute it, I inevitably forgot to unmute it afterward, missing urgent calls from family. If I didn't mute it, I was the person disrupting the room. I wanted a solution that respected the context of my location and the specific time of day without requiring me to touch my screen. The core friction is that Android is designed to restrict background processes to save battery, which is exactly what a silent-automation app needs to thrive. Getting the app to reliably trigger a volume change while the phone is sitting in a pocket, deep in Doze mode, became my primary development hurdle. The technical decision / implementation When I started building Muffle, I initially tried a standard Service with a Handler loop to check conditions. It worked fine while the screen was on, but as soon as the phone entered Doze mode, the OS aggressively throttled my

2026-07-02 原文 →
AI 资讯

Building Invesmal: An AI-Powered Startup-Investor Matching Platform with Laravel

As a final-year Software Engineering student, I wanted my Final Year Project to be more than just another CRUD application. That's how Invesmal came to life a Laravel-based platform that connects startups, investors, and mentors using AI-driven matching. The Problem Finding the right investor or mentor is hard. Startups struggle to identify investors whose interests align with their industry, while investors sift through hundreds of pitches manually. I wanted to solve this with smart, automated matching instead of a simple directory listing. What Invesmal Does Invesmal supports four user roles Student, Investor, Mentor, and Admin and includes 12 AI-driven features built on top of a Laravel backend, including: A core matching engine connecting startups with relevant investors Skills and personality analysis for founders Goal-based matching between mentors and mentees Compatibility scoring between startups and investors A funding readiness score to evaluate startup preparedness A startup health score for ongoing progress tracking A recommendation engine surfacing relevant connections Each feature is built as an independent service class connected through dedicated controllers and routes, keeping the codebase modular and easy to extend. Technical Approach The platform is built entirely on Laravel , using: Service-oriented architecture for AI features (separating business logic from controllers) Blade components for dynamic role-based dashboards Livewire for real-time, reactive UI elements without heavy JavaScript A structured chat/messaging system for communication between users One of the more interesting engineering challenges was migrating a working chat and messaging system from an older version of the project into a redesigned Laravel structure while preserving functionality and fixing layout issues (like a tricky sidebar CSS opacity bug) along the way. What I Learned Building Invesmal taught me how to: Structure a large, multi-role Laravel application without the

2026-07-02 原文 →
AI 资讯

Build a vendor onboarding agent with its own email inbox

Vendor onboarding usually starts with one clean request and then turns into a messy thread. Procurement asks for a W-9, security asks for a SOC 2 report, finance asks for remittance details, legal asks for an executed agreement, and the vendor replies with four attachments across three messages because different people own different parts of the process. That is exactly the kind of workflow where a generic "AI email assistant" gets risky. You do not want a model improvising legal language, requesting bank details in the wrong channel, or forwarding a confidential report to the wrong internal alias. You want the agent to own the repetitive coordination while your application keeps the state machine, policy, audit log, and approvals. The pattern I reach for is a dedicated Nylas Agent Account: vendors@yourcompany.com . It is a real mailbox the onboarding agent owns. It receives the vendor's replies, detects what is attached, updates your vendor record, sends safe reminders, and escalates missing or sensitive items to a human. The agent is not borrowing an employee's inbox, and it is not scraping a shared procurement mailbox. It has a grant, an email address, webhooks, threads, folders, and the same Messages API you would use for any other mailbox. I work on the Nylas CLI, so the terminal examples below use the commands I would use while building and debugging this flow. I also include the raw API calls because the production version belongs in your service, not in a shell script. What the agent should own Start by drawing the boundary tightly. A vendor onboarding agent should own message handling and coordination, not business approval. Good responsibilities: Receive vendor replies at a stable address. Read message bodies and attachment metadata. Match a reply to an existing vendor record. Detect which onboarding items are complete, missing, expired, or unreadable. Draft reminders and status updates. Schedule handoff calls when the vendor asks for help. Escalate sensit

2026-07-02 原文 →
AI 资讯

How we slashed an AI Agent's latency by 80% in 60 minutes

Building an AI agent is fun. Fixing its production latency when it's juggling live data, RAG, and text-to-speech? Not so fun. In the latest episode of the AI Agent Clinic, we sat down with developer Sami Maghnaoui to debug PlaybackIQ, a football / soccer agent he built to provide pre and post match analysis with text to voice, and minute-by-minute match insights with interactive UI. The app was awesome, but under heavy "match day" data loads, the wait times were killing the UX. Here’s how we fixed it: The Bottleneck: We implemented OpenTelemetry on the Agent Platform to trace exactly where the LLM calls and data retrieval were hanging up. The Scale: We shifted the deployment to Cloud Run to properly handle concurrent traffic. The Result: We managed to slash the agent's latency by 80%. If you're dealing with sluggish LLM response times in your own apps and want to see what a production-grade fix looks like, we recorded the whole teardown and rebuild. 🎥 Watch the teardown here: [ https://youtu.be/G7olcqETSn8 ] (Let me know in the comments what your go-to stack is for tracing LLM latency!)

2026-07-02 原文 →
AI 资讯

Why Algeria Needs Its Own AI Infrastructure — and Why I'm Building It

The problem no one was solving Every Algerian developer building with AI hits the same wall: an international payment card. OpenAI, Anthropic, Google — every major AI provider assumes you have one. Most Algerian developers don't, or don't want to deal with the friction of currency conversion, card rejections, and unpredictable billing in a foreign currency. That's not a minor inconvenience. It's a barrier that quietly excludes an entire generation of developers from building with the best AI models available — not because they lack the skill, but because of infrastructure that was never designed with them in mind. The vision: AI sovereignty, not just AI access Access alone isn't the goal. The goal is sovereignty — Algeria having its own AI infrastructure layer, controlled locally, billed locally, and built to local compliance standards, instead of depending entirely on foreign gateways with no local accountability. That's what DEVUP AI is: Algeria's first AI inference gateway, built from the ground up to remove every friction point between an Algerian developer and the AI models they need. What DEVUP AI actually does 170+ AI models — including DeepSeek V4, Llama 3.1 405B, Qwen 3, Gemma 2, Mistral, GPT, Claude, and Gemini — through a single API OpenAI-compatible and Anthropic-compatible — point your existing SDK at our endpoint, no code rewrite needed Local DZD billing via Edahabia/CIB — no international card required SATIM-certified payment infrastructure — full compliance with Algeria's national payment standards Scoped JWT authentication for production-grade security A dedicated SDK ( npm install devupai ) and full documentation, so integration takes minutes, not days The technical bar was non-negotiable: this had to be production-grade from day one, not a side project. SATIM certification alone meant building proper transaction validation, receipt generation, chargeback tracking, and rejection-rate monitoring — the same rigor a bank would expect from a payment pr

2026-07-02 原文 →
AI 资讯

We benchmarked React data grids with 50,000 rows. The winner was not the whole story.

Every data grid demo looks incredible with twenty rows. The columns line up. The hover state is tasteful. The checkbox has confidence. Someone scrolls three inches and everyone quietly agrees that software has advanced. Then the real product arrives. Fifty thousand rows. Twenty columns. Editable money. A custom status cell. Filters. Sorting. Horizontal scrolling. A user who pastes something suspicious from Excel. A product manager asking whether the total row can stay pinned while the server is slow. That is when a table stops being a table and starts becoming infrastructure. So we built a benchmark. Not a perfect benchmark. Those do not exist. A useful one. What we measured The fixture is intentionally boring: 50,000 deterministic rows 20 fixed-width columns 1,200 by 600 pixel viewport two editable columns sorting filtering virtual scrolling production bundles fresh browser contexts raw samples committed to GitHub No network requests. No paid-only feature tricks. No images. No grouping. No heroic demo code designed to make one library look blessed by destiny. The report measures: JS gzip : reachable JavaScript after gzip Ready median : navigation until the grid adapter mounts and two animation frames pass Scroll settle : one scripted vertical and horizontal jump plus animation frames Mounted cells : body cells in the DOM after the scroll Interaction health : heap, long tasks, estimated FPS, dropped frames Live benchmark: https://vitashev.github.io/react-data-grid-benchmark/ Source and raw samples: https://github.com/Vitashev/react-data-grid-benchmark The part most benchmarks get wrong Not every grid exposes the same surface. For example, MUI X Data Grid Community uses 100-row pagination for this workload. That is a valid product boundary, but it is not the same as continuously virtualizing 50,000 rows. So the ranked tables include only compatible continuous-scroll libraries. MUI remains in the fixture and raw data, but not in the leaderboard. That makes the benchma

2026-07-02 原文 →
AI 资讯

How I built a 35-bot trading fleet with an AI pair-programmer

A note before we start: this is about the machine, not the money. I'm not going to show you returns, positions, or a single "this strategy made X%." Partly because that's a regulatory minefield, and partly because the returns aren't the interesting part — the engineering is. If you came for a get-rich screenshot, this isn't that. If you came to see how one person ships production infrastructure with an AI, pull up a chair. The thing I built Over the last few months I built, with an AI coding agent as my pair-programmer, a fleet of ~35 automated trading bots. They run across five equity markets plus crypto. Each one is a long-running service. They share a single database, post to a live dashboard, fire alerts to my phone, and — the part that took the longest — they're built to survive restarts, reconcile against reality, and refuse to do anything stupid. I'm one person. I am not a team. The "team" is me plus an AI in a terminal, working the way you'd work with a very fast, very literal junior engineer who never gets tired and occasionally needs to be talked out of a bad idea. Here's how it's put together, and the handful of lessons that cost me the most to learn. The architecture, in one breath One Postgres database is the brain — every trade, signal, and piece of state lives there. Around it sit ~35 containerized bots, each isolated (its own tables, its own config, its own identity), orchestrated with Docker Compose. A Streamlit dashboard reads the database and renders the whole fleet — open positions, P&L curves, health. A notification layer pushes Telegram alerts on every meaningful event. Schema changes go through migrations so a new bot is never born with a stale database shape. Each bot is the same skeleton wearing a different hat: a signal module (the strategy logic), a trader that turns signals into orders, a storage layer that persists everything, a runner loop on a schedule. Strategies are swappable. The infra underneath them is identical. That sameness is

2026-07-02 原文 →
AI 资讯

We Built a Jira Alternative Because Jira Got Too Expensive for Our Team

We started using Jira to manage our internal development workflow. At first it worked fine, but once we outgrew the free tier, the cost became hard to justify. At $15 per user per month, we were suddenly looking at a bill that did not match how we actually used the product. What we Built We created WannaTrack, a lightweight project management tool designed for small dev teams that do not need enterprise complexity. The goal was not to recreate Jira. It was to remove everything we did not use. Key ideas : minimal agile board with no clutter or heavy configuration simple issue tracking flow fast interface for daily development work minimal setup and no onboarding overhead Migration from Jira One of the biggest concerns was switching tools without breaking our workflow. So we built a Jira import tool that lets you migrate existing tickets into WannaTrack without manual effort. This allowed us to switch internally without downtime. Where it is now We now use WannaTrack daily for our own development workflow and are opening it up to other teams who feel the same pain with traditional tools. If you are a small dev team, indie hacker, or startup looking for a simpler issue tracker without overhead, you can check it out here: https://wannatrack.com

2026-07-02 原文 →
AI 资讯

Evaluating Agents With an LLM-as-Judge Harness (Without Kidding Yourself About It)

Key Takeaways You can't unit-test a coach agent the way you test a pure function — the output is non-deterministic and "good" is a judgment call, not an assertion. An LLM-as-judge harness lets you grade a whole test set automatically against a rubric, which is the only way solo-scale eval stays sustainable. But the judge is itself a fallible model. If you don't design around its known biases — position, verbosity, self-preference, and quiet drift when the judge model updates — you build a green dashboard that means nothing. The mitigations that actually work are mechanical, not prompt-magic: shuffle order on every pairwise call, pin the judge version, keep a small human-labelled anchor set, and re-check the judge against it. The problem I actually had FamNest's coach agent generates responses to parents — check-ins, encouragement, the occasional gentle redirect. I have a growing pile of these interactions, and every time I change a prompt, swap a model, or adjust the pipeline, I need to know one thing: did I just make it better or worse? For normal code, that's what tests are for. I change something, the suite runs, red or green, done. But there's no assertEqual for "was this an empathetic, useful response to a tired parent." The output changes every run even at temperature zero-ish, and the quality bar is a human judgment, not a fixed string. Two responses can be worded completely differently and both be good. One can match my "expected output" word for word and still be worse than a version that didn't. So the honest options were: read every response by hand every time I change something (does not scale past about week two), or build a harness where a model grades the outputs against a rubric. I built the harness. Then I spent an uncomfortable amount of time learning all the ways a harness like that can lie to you. What the harness actually is At its simplest, it's a loop: def evaluate ( test_cases , coach_agent , judge ): results = [] for case in test_cases : res

2026-07-01 原文 →
AI 资讯

Codegarden 2026 - a little late, because it gave me something to build

A few weeks ago I was in Copenhagen for my first Codegarden, and one quiet thought has stuck with me since. It didn't come from a keynote. It came from the bit the keynote leaves out. I've worked with Umbraco for years, but I'd never been to Codegarden, and I turned up without much of a fixed idea of what the two days would be. I kept that open on purpose. I wanted to take it in rather than measure it against something I'd decided in advance. What struck me most was that the value came from two places at once. The sessions were a fantastic source of inspiration; everything from keynotes to guest speakers all seemed to resonate in some way or another. The conversations in between the sessions - drifting around the event space and finding common ground with anyone and everyone - proved just as valuable. I came home more energised than I've been in a while, with a notebook full of half-formed ideas and a better feel for the community I'm part of. But the thing I kept turning over afterwards was that bit the keynote leaves out. That's what I want to write about. The easy half and the hard half Every major Umbraco release gets the same treatment. A polished keynote, a clean demo, a feature that looks effortless on stage. There's plenty in 18, and which part matters most depends on what you're building. For me it's Elements: a new Library section where you manage reusable content and reference it through a new element picker. Create once, use everywhere. It's a genuinely good direction. Reusable content has lived awkwardly in the content tree for years, and Library finally gives it a proper home. What the demos don't show you is the part I've been playing around with for the past few weeks. Taking a real Umbraco 17 site, with content pickers threaded through block lists, block grids, rich text blocks and base document properties, and getting all of it to point at the new Library without an editor ever noticing anything moved underneath them. The feature is the easy half.

2026-07-01 原文 →
AI 资讯

Prepare Application Artifacts To Be Deployed To AWS | 🏗️ Build A Multi-Environment Serverless App

Exam Guide: Developer - Associate 🏗️ Domain 3: Deployment 📘 Task 1: Prepare Application Artifacts To Be Deployed To AWS Before you can deploy anything to AWS, you need to package it properly. This task covers Lambda deployment packaging (zip vs container), managing dependencies, structuring projects for multi-environment deployment, and using AWS AppConfig for runtime configuration. 📘Concepts Lambda Deployment Packaging Options Option Max Size Build Complexity Cold Start Best For Zip Package (inline editor) 3 MB (editor limit) None Fastest Simple functions, no dependencies Zip Package (upload) 50 MB compressed / 250 MB uncompressed Low Fast Most Lambda functions Zip + Lambda Layers 250 MB total (function + all layers) Medium Fast Shared dependencies across functions Container Image 10 GB Higher Slower (first invoke) ML libraries, large dependencies, custom runtimes 💡 If a scenario is about a deployment package exceeding 250 MB, the answer is container images. If it mentions sharing dependencies across multiple functions, the answer is Lambda Layers. Zip is the default for most workloads. Lambda Layers Aspect Detail What They Are Zip archives containing libraries, custom runtimes, or other dependencies Max Layers Per Function 5 Size Limit 250 MB total (function code + all layers uncompressed) Versioning Each publish creates an immutable version Sharing Can be shared across functions, accounts, or made public Path Contents extracted to /opt in the execution environment Dependency Management Strategies Strategy How It Works Pros Cons Bundle In Zip Install deps into package directory, zip together Simple, self-contained Larger package, duplicated across functions Lambda Layers Package deps as a layer, attach to functions Shared across functions, smaller deploys Layer version management, 5-layer limit Container Image Install deps in Dockerfile Full control, large deps supported Slower cold starts, ECR management sam build SAM resolves deps from requirements.txt automatic

2026-07-01 原文 →
AI 资讯

I finally understood cron expressions by building an explainer for them

For years I copied cron expressions off Stack Overflow, pasted them into a config file, crossed my fingers, and moved on. 0 9 * * 1-5 ? Sure, that "looks like weekday morning." */15 * * * * ? "Every 15 minutes, probably." I never actually read them. So I did the thing that always cures this for me: I built a tool that parses a cron expression, explains it in plain English, and shows the next five times it will fire. No library. About 50 lines of real logic. Here's everything I learned. The five fields (and the order that trips everyone up) A standard cron expression is exactly five fields separated by spaces: ┌──────── minute 0 - 59 │ ┌────── hour 0 - 23 │ │ ┌──── day - of - month 1 - 31 │ │ │ ┌── month 1 - 12 │ │ │ │ ┌ day - of - week 0 - 6 ( 0 = Sunday ) * * * * * The order never changes, and the number-one beginner mistake is swapping the first two. Minute comes first. If you write 9 30 * * * thinking "9:30am," you actually get "minute 9, hour 30" — which is invalid, because hours only go to 23. Say it out loud every time: minute, hour, day-of-month, month, day-of-week. Each field answers one question: which values of this unit does the job run on? An * means "every value." Most real schedules pin down a couple of fields and leave the rest as * . Daily at 9am is 0 9 * * * — minute and hour fixed, everything else "every." Lists, ranges, and steps Beyond single numbers, each field understands three operators, and they combine: Comma makes a list: 1,15 in the day field means the 1st and the 15th. Hyphen makes an inclusive range: 1-5 in the day-of-week field means Monday through Friday. Slash makes a step, taking every n-th value: */15 in the minute field means 0, 15, 30, 45 . Steps can apply to a range too, so 0-30/10 means 0, 10, 20, 30 . That's the whole grammar. Number, list, range, step. Once you can expand a field into the concrete set of numbers it matches, you understand cron. Here's the expansion function, which is the heart of the parser: function expandFie

2026-07-01 原文 →