今日已更新 498 条资讯 | 累计 20470 条内容
关于我们

标签:#Git

找到 1108 篇相关文章

AI 资讯

Who actually wrote that commit... you, or your AI agent?

The gap nobody's really tracking Your Git history can tell you that a workstation pushed a commit. What it can't tell you is who or whatactually produced the change. Was it you? An AI agent running inside your IDE? A CI job? Some vendor tool you forgot you'd wired in? For a long time that question was academic. It isn't anymore. The more code we write with AI in the loop, the shakier one quiet assumption gets: that there's a human author behind every commit. Audit trails, incident reviews, compliance workflows; they all lean on it. And it's breaking. Matrix Scroll is a small, open attempt to fix that. It attaches a signed provenance envelope to a commit, and anyone can verify it offline. What it actually does An agent-assisted commit can carry a signed JSON envelope that records: the actor (human or agent) the tool that produced the change an optional bounded scope an Ed25519 signature over a canonicalized version of the manifest The signing input is strict and frankly kind of boring — which is the entire point. It has to be reproducible byte-for-byte across implementations, so: the top-level signature block is stripped before signing object keys are sorted recursively compact separators, ASCII escaping, UTF-8 bytes no NaN, no Infinity The device ID comes from the first eight uppercase hex characters of SHA-256(public_key), formatted as MS-XXXX-XXXX. Verifying is the easy part: take the canonical manifest bytes, check them against the embedded public key and signature. No central service in the middle. Try it without installing anything There's a browser verifier that runs entirely client-side. Nothing gets uploaded: (̿▀̿‿ ̿▀̿ ̿) : https://matrixscroll.com/verify/ Give it ten seconds: Hit Load Commit Envelope → Verify Signature . You'll get VALID, plus the device ID, mode, algorithm, and canonical byte count. Now hit Tamper Sample → Verify Signature again. It flips to INVALID and tells you exactly what broke — e.g. "Device ID mismatch: expected MS-4319-20D5, manifes

2026-06-21 原文 →
AI 资讯

I Fixed the "AI Commit Messages" Problem in 20 Lines of Python

You've probably seen that trending post — "I Asked AI to Write My Commit Messages and It Was Embarrassing." Same. But instead of accepting embarrassing output, I fixed it. Here's the thing: the problem isn't AI writing commit messages. The problem is how you ask it. One clear system prompt + the actual diff = surprisingly good results. The Setup No new packages. No API key. If you have Claude Code , you're already set. #!/usr/bin/env python3 import subprocess SYSTEM = ( " You are a git commit message generator. " " Output ONLY the commit message — no explanation, no markdown, no quotes. " " Follow Conventional Commits: type(scope): subject. " " Types: feat, fix, docs, style, refactor, test, chore. " " Subject: imperative, lowercase, max 72 chars. " ) diff = subprocess . check_output ([ " git " , " diff " , " --staged " ], text = True ) if not diff . strip (): print ( " Nothing staged. Run `git add` first. " ) raise SystemExit ( 1 ) msg = subprocess . check_output ( [ " claude " , " -p " , SYSTEM + " \n\n " + diff ], text = True , ). strip () print ( msg ) That's it. 20 lines. Uses the claude CLI under the hood — no API key, no config, just your existing Claude Code OAuth session. Why It Works The system prompt does the heavy lifting. Three constraints: Output ONLY the commit message — no preamble, no explanation Follow Conventional Commits — feat , fix , chore , etc. max 72 chars — keeps it readable in git log The diff is the context. You're not asking "write a commit message". You're asking "given these exact changes, what happened?" That's a much more answerable question. Usage # No setup needed if you have Claude Code. Just: git add . python /path/to/git_commit.py # → feat(server): add AI commit message generator via Claude CLI Or wire it into a git alias: git config --global alias.ai '!python /path/to/git_commit.py' # git ai The Results Before: update stuff fix bug WIP added the thing After: feat(api): add generate_commit_message tool to MCP server fix(auth): ha

2026-06-21 原文 →
AI 资讯

Three post-deploy checks I run after every Cloudflare Pages build

After spending two weeks debugging issues that only showed up in production — a sitemap _redirects rule that was blocking my own sitemap-index.xml and a Bluesky image upload race against Cloudflare Pages deploy lag — I added three post-deploy checks to my workflow. They're fast and specific to the failure modes I've actually hit, not a full end-to-end test suite. Three sites (aiappdex.com, findindiegame.com, ossfind.com) on Cloudflare Pages with Astro 5 SSG. Here's what I check. Check 1: Sitemap reachability The simplest check and the one I should have had from day one. After a Cloudflare Pages deploy, I verify that sitemap-index.xml is reachable and returning 200 on all three domains: for domain in aiappdex.com findindiegame.com ossfind.com ; do status = $( curl -s -o /dev/null -w "%{http_code}" "https:// $domain /sitemap-index.xml" ) echo " $domain /sitemap-index.xml → $status " if [ " $status " != "200" ] ; then echo "FAIL: $domain sitemap unreachable" fi done I also check sitemap-0.xml — the actual URL sub-sitemap that @astrojs/sitemap generates — and assert that it contains at least a minimum expected URL count. For aiappdex.com that threshold is 1,000; if it drops below that after a deploy, the ETL data pipeline probably broke silently. The reason this check exists: I had a _redirects rule rewriting sitemap-index.xml → sitemap-0.xml as an emergency workaround that turned out to be wrong. It was live for five days before I found it. The rule was blocking the real sitemap-index.xml from reaching crawlers while appearing fine in the browser (which followed the redirect). Curl with -o /dev/null -w "%{http_code}" doesn't follow redirects by default, so it would have caught this immediately. Check 2: IndexNow batch submission After every successful sitemap check, I run node scripts/indexnow.mjs . The script reads the live sitemap XML from each domain, collects all URLs, and POSTs them to the IndexNow endpoint for Bing, Yandex, Naver, and Seznam using site-specific k

2026-06-21 原文 →
AI 资讯

Three post-deploy checks I run after every Cloudflare Pages build

After spending two weeks debugging issues that only showed up in production — a sitemap _redirects rule that was blocking my own sitemap-index.xml and a Bluesky image upload race against Cloudflare Pages deploy lag — I added three post-deploy checks to my workflow. They're fast and specific to the failure modes I've actually hit, not a full end-to-end test suite. Three sites (aiappdex.com, findindiegame.com, ossfind.com) on Cloudflare Pages with Astro 5 SSG. Here's what I check. Check 1: Sitemap reachability The simplest check and the one I should have had from day one. After a Cloudflare Pages deploy, I verify that sitemap-index.xml is reachable and returning 200 on all three domains: for domain in aiappdex.com findindiegame.com ossfind.com ; do status = $( curl -s -o /dev/null -w "%{http_code}" "https:// $domain /sitemap-index.xml" ) echo " $domain /sitemap-index.xml → $status " if [ " $status " != "200" ] ; then echo "FAIL: $domain sitemap unreachable" fi done I also check sitemap-0.xml — the actual URL sub-sitemap that @astrojs/sitemap generates — and assert that it contains at least a minimum expected URL count. For aiappdex.com that threshold is 1,000; if it drops below that after a deploy, the ETL data pipeline probably broke silently. The reason this check exists: I had a _redirects rule rewriting sitemap-index.xml → sitemap-0.xml as an emergency workaround that turned out to be wrong. It was live for five days before I found it. The rule was blocking the real sitemap-index.xml from reaching crawlers while appearing fine in the browser (which followed the redirect). Curl with -o /dev/null -w "%{http_code}" doesn't follow redirects by default, so it would have caught this immediately. Check 2: IndexNow batch submission After every successful sitemap check, I run node scripts/indexnow.mjs . The script reads the live sitemap XML from each domain, collects all URLs, and POSTs them to the IndexNow endpoint for Bing, Yandex, Naver, and Seznam using site-specific k

2026-06-21 原文 →
AI 资讯

Cara Cepat Menambahkan MIT License di Repositori GitHub yang Sudah Ada

Pernahkah kamu membuat sebuah proyek perangkat lunak, mengunggahnya ke GitHub, lalu menyadari bahwa kamu belum menambahkan lisensi apa pun di repositori tersebut? Banyak developer pemula yang mengira bahwa menaruh kode di GitHub otomatis membuatnya menjadi open-source . Padahal, secara default , proyek tanpa fail lisensi memiliki hak cipta yang tertutup ( exclusive copyright ). Artinya, orang lain atau developer penerus secara teknis tidak boleh menyalin, mendistribusikan, atau memodifikasi kodemu. Agar proyek tersebut aman untuk dilanjutkan dan dimodifikasi oleh pengembang selanjutnya, kita wajib menambahkan lisensi terbuka. MIT License adalah pilihan paling aman dan populer karena sifatnya yang sangat membebaskan. Berikut adalah cara kilat menyematkan MIT License pada repositori GitHub yang sudah telanjur berjalan tanpa perlu menggunakan command line : Langkah 1: Buat Fail Baru di Repositori Buka halaman utama repositori GitHub kamu. Di bagian atas daftar fail dan folder kodemu, klik tombol Add file , kemudian pilih Create new file . Langkah 2: Pancing Fitur "License Template" Pada kolom pengisian nama fail, ketikkan kata LICENSE (pastikan menggunakan huruf kapital semua). Begitu kamu selesai mengetikkan kata tersebut, GitHub akan otomatis memunculkan sebuah tombol baru di sebelah kanan bernama Choose a license template . Klik tombol tersebut. Langkah 3: Pilih MIT License Kamu akan dibawa ke halaman yang berisi daftar berbagai jenis lisensi open-source . Pilih MIT License dari menu di sebelah kiri. GitHub akan otomatis meracik draf teks lisensinya, lengkap dengan nama akun GitHub kamu dan tahun saat ini. Klik tombol hijau Review and submit di pojok kanan atas. Langkah 4: Lakukan Commit Gulir ke bagian bawah halaman. Tulis pesan commit yang singkat dan jelas (misalnya: "Add MIT License for future development" ), lalu klik tombol hijau Commit changes... . Selesai! Sekarang proyek lama kamu sudah memiliki "payung" yang jelas dan resmi berstatus open-source . Reposito

2026-06-21 原文 →
AI 资讯

AI credits are the new lines of code metric

GitHub added a tiny field to the Copilot usage metrics API this week that is going to create a lot of very confident spreadsheets. Enterprise and organization admins can now see ai_credits_used in the user-level Copilot usage reports. One field. Per user. Available for single-day and 28-day reports. It is not the invoice, and GitHub is careful to say it is a consumption signal rather than a billed total. Still, the shape is obvious. Now AI usage can sit next to adoption, activity, team, department, cost center, and whatever else the company already exports into a dashboard. That is useful. It is also exactly how a tool metric becomes a management metric. And once that happens, the question is no longer "can we measure AI usage?" The question is "what weird behavior will this metric create?" every useful metric becomes a temptation I understand why this field exists. If a company is paying for Copilot, especially with usage-based pieces attached to more expensive models and premium features, it needs some way to understand consumption. Platform teams need budget signals. Engineering leaders need adoption signals. Procurement needs something more concrete than "people seem to like it." Finance will eventually ask why one org burns through credits much faster than another. That is normal. The problem starts when a consumption signal is treated as a productivity signal. High AI credit usage might mean a developer is doing valuable work with agent mode, code review, test generation, refactoring, or research. It might also mean the developer is stuck, repeatedly asking the model to solve the wrong problem, generating code that gets deleted, or using a heavyweight model where a small one would have been fine. Low AI credit usage might mean a developer does not need much help. It might mean the work is mostly design, review, debugging, incident response, mentoring, or architecture. It might mean the codebase is small and well understood. It might mean the developer is skept

2026-06-21 原文 →
AI 资讯

I built an AI priority inbox for GitHub pull requests — and went BYOK instead of running my own AI backend

The problem GitHub shows your pull requests in whatever order they happened to be opened — not in the order they actually need your attention. A one-line typo fix and a PR touching authentication code get exactly the same visual weight in your inbox. Multiply that across a dozen open PRs and you spend more time deciding what to look at than actually reviewing. What I built PR Focus is a Chrome extension (Manifest V3) that sits on top of GitHub's PR pages. It combines three signals into a single priority queue: CI status — failing checks bubble up PR age — stale PRs don't get forgotten AI risk score (0–100) — weighted toward changes touching auth, database, or infra code Each PR also gets a plain-English summary generated from the actual diff (not the title someone wrote at 11pm), and you can generate an approve / request-changes draft review in one click, edit it, and send — without leaving the extension. Why BYOK instead of my own AI backend This was the decision I spent the most time on. Running my own AI backend would have meant: A server in the data path of every PR diff users review — a much bigger trust ask, especially for private repos. Either eating the AI cost myself (unsustainable as a solo dev) or marking it up into a subscription. Going BYOK (bring your own key — OpenAI, Groq, Mistral, or a local Ollama instance) flips both of those: Your GitHub token and AI key live in chrome.storage.local . There's no server of mine in the path — PR diffs only ever go to the AI provider you explicitly configure. Groq's free tier is generous enough to run the AI features for free for most individual workflows. You're paying provider cost directly, with zero markup, if you pay anything at all. How it's built Manifest V3 — required rethinking persistence patterns that worked under MV2's persistent background page; service worker lifecycle and content script injection needed more careful handling. GitHub REST + GraphQL APIs rather than DOM scraping — more upfront work, but

2026-06-20 原文 →