AI 资讯
How Datadog Used Claude and Cursor for Test-Driven Production Migration
In a recent article, Datadog engineer Arnold Wakim shared what worked, what didn't, and the lessons they learned while evolving a critical production system using AI to overcome hard limits in its storage backend and significantly improve performance. By Sergio De Simone
AI 资讯
Improve WordPress Server Response Time by Optimizing Apache and Nginx Configuration
One of the most important performance metrics for a WordPress website is Server Response Time, commonly measured as Time to First Byte (TTFB). While caching plugins like WP Rocket significantly improve performance, many server configurations still route every request through PHP before serving the cached page. In reality, cached HTML files can be delivered directly by the web server (Apache or Nginx), completely bypassing PHP and WordPress. This approach reduces CPU usage, lowers the PHP-FPM workload, and improves overall server response time. This guide explains how to optimize both Apache (.htaccess) and Nginx so they can serve WP Rocket's static HTML cache directly. Why Is This Optimization Important? By default, a typical WordPress request follows this flow: Visitor │ ▼ Apache/Nginx │ ▼ PHP │ ▼ WordPress │ ▼ WP Rocket Cache │ ▼ HTML Response Even when a page has already been cached, the request still passes through PHP before the cached content is returned. With the following configuration, the request flow becomes: Visitor │ ▼ Apache/Nginx │ ▼ WP Rocket HTML Cache │ ▼ HTML Response PHP and WordPress are only executed when a cached file does not exist. Benefits Lower Time to First Byte (TTFB) Reduced CPU usage Less PHP-FPM processing Better performance during traffic spikes Ideal for VPS and dedicated servers Improved scalability with minimal configuration changes Apache (.htaccess) Optimization If your server runs Apache, insert the following block inside the WordPress rewrite section, immediately after: RewriteBase / and before: RewriteRule ^index\.php$ - [L] The resulting configuration should look like this: # BEGIN WordPress # Die Anweisungen (Zeilen) zwischen „BEGIN WordPress“ und „END WordPress“ sind # dynamisch generiert und sollten nur über WordPress-Filter geändert werden. # Alle Änderungen an den Anweisungen zwischen diesen Markierungen werden überschrieben. < IfModule mod_rewrite.c > RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Autho
科技前沿
Surprised doctors find 10-inch worm in man's groin during elective surgery
Oddly, it wasn't the first time this had happened to the man.
AI 资讯
Adopting Terraform Ephemeral Resources
In version 1.11, HashiCorp introduced Terraform Ephemeral resources and write-only attributes to allow for root configs that do not store secrets in the Terraform statefile. But many users ask about how they can adopt ephemerals. This blog attempts to lay out the ways secrets can be stored in state and how you should update your configurations to remove those secrets. Note: For a primer on ephemerals ( see this blog post ). Scenarios to consider: Data sources that fetch a static secret Resources that receive a secret Resources that generate a dynamic a secret Resources that fetch generated secrets to store in another 3rd party system Scenario 1: Data sources with static secrets Ephemeral resources can often be a drop-in replacement for data sources pulling static values: data "vault_kv_secret_v2" "static_kv" { mount = "kvv2" name = "my_password" } ephemeral "vault_kv_secret_v2" "static_kv" { mount = "kvv2" name = "my_password" } However, using these values has 1 specific difference. The attributes on a ephemeral resource are considered ephemeral and can only be used as ephemeral arguments. That means 2 places: Provider blocks Provider blocks are considered ephemeral, so ephemeral resources may populate arguments: provider "example" { password = tostring ( ephemeral . vault_kv_secret_v2 . static_kv . data . password ) } Write-only arguments Write-only arguments are special arguments that require the ephemeral taint for values: resource "aws_db_instance" "example" { ... password_wo = tostring ( ephemeral . vault_kv_secret_v2 . static_kv . data . password ) } If the resource you wish to pass a value to does not have an available ephemeral, open an issue with that provider. You can reference: this blog post this agent skill Scenario 2: Resources that receive a static secret Without duplicating to the section above, write-only arguments are a way to get secrets out of state. Above has guidance if the secret value comes from a data source, but what if its from a variable?
开发者
How Open Source Enables Collaboration in Creating a Platform
A platform is a collaboration system: platform teams depend on application teams, and both need shared standards. Engineers trust a platform through its predictable behavior, not its features. Being an engineer is about problem-solving and being passionate about it. And being an engineer means sharing your passion for problem-solving. By Ben Linders
AI 资讯
Dentro i “pensieri privati” di un LLM: J-Space, Global Workspace e cosa cambia davvero per chi sviluppa
Un’area interna che sembra una lavagna di ragionamento: non è coscienza, ma è un indizio forte su come emergono controllo e pianificazione nei transformer. Negli ultimi anni ci siamo abituati a pensare ai modelli linguistici come a enormi “scatole nere”: un prompt entra, un testo esce, e nel mezzo c’è un mare di matrici difficili da ispezionare. Ma c’è una novità interessante: alcune analisi suggeriscono l’esistenza di una piccola regione interna, relativamente organizzata, che funziona come uno spazio di lavoro per concetti . Un posto dove il modello “tiene a mente” qualcosa prima di produrre la risposta. È un’idea che fa scattare subito l’associazione più pericolosa (e più abusata) del momento: coscienza . In realtà, il punto non è stabilire se un LLM sia cosciente; il punto è molto più concreto e utile per chi sviluppa: se esiste un’area interna che concentra il ragionamento controllabile , allora possiamo capire meglio cosa guida certe risposte e come intervenire su errori, allucinazioni e comportamenti indesiderati. J-Space: una “lavagna” interna per il ragionamento L’idea chiave è questa: dentro il modello emergerebbe un piccolo insieme di pattern neurali “coerenti” (chiamiamoli J-Space ) che si comporta come una lavagna. Su questa lavagna compaiono concetti (non necessariamente parole che verranno stampate). Questi concetti influenzano la catena di ragionamento . Molte altre abilità—fluency, grammatica, stile, completamento locale—sembrano invece scorrere “automaticamente” altrove. Se questa separazione regge, spiega un fenomeno che tutti abbiamo osservato: modelli capaci di scrivere in modo impeccabile, ma fragili nel ragionamento o incoerenti quando devono mantenere vincoli. Il test più interessante: sostituire un concetto e vedere il ragionamento obbedire Un esperimento illuminante consiste nell’individuare un concetto attivo nello spazio di lavoro e sostituirlo con un altro, senza cambiare né prompt né output manualmente. Esempio (semplificato): Domanda:
AI 资讯
AlloyDB Ships Proxy Models That Replace LLM Calls with Local Inference Inside the Database
Google shipped AlloyDB AI functions GA with a proxy model architecture that trains a lightweight local model from LLM outputs, then runs queries at database speed without external calls. Smart batching delivers 2,400x throughput improvement. The proxy model reaches 100,000 rows per second in preview, but benchmark numbers apply only to ai.if in internal testing. By Steef-Jan Wiggers
AI 资讯
AWS Details How One Customer Scaled to One Million Lambda Functions
AWS has outlined how ProGlove, an industrial-wearables manufacturer, was able to scale its SaaS platform to run more than one million AWS Lambda functions spread across thousands of dedicated customer accounts. By Matt Foster
AI 资讯
Mobile app performance that lasts
Users judge a mobile app in the first few seconds, and they judge it harshly. A slow launch, stuttering scroll, or a device that runs hot will sink an otherwise good app faster than a missing feature. Performance isn't one metric — it's four distinct areas, each with its own causes and fixes. Here's how to keep all of them healthy. Startup time — the first impression Time from tap to usable screen is the metric users feel most. Every extra second measurably increases abandonment. The usual culprits are doing too much before the first frame: heavy synchronous work at launch, loading data you don't yet need, and oversized bundles. Fixes: Defer non-essential initialization until after the first screen renders Lazy-load features and screens instead of loading everything upfront Show a real first screen fast, then hydrate data — don't block on the network Trim your dependency footprint; every library adds to startup cost Rendering — kill the jank Smooth means hitting the device's frame budget (about 16ms per frame for 60fps). Dropped frames show up as stutter during scrolling and animation. The main causes are doing heavy work on the UI thread and rendering more than you need. Virtualize long lists so only visible rows render (FlatList, RecyclerView equivalents) Move expensive work off the main thread Avoid unnecessary re-renders — in React Native, memoize and keep render functions cheap Optimize images: right-sized, cached, and in efficient formats Memory — don't get killed The OS terminates apps that use too much memory, and users read that crash as your bug. Leaks and oversized assets are the main offenders. Watch for retained references, unbounded caches, and full-resolution images held in memory. Load and decode images at display size, release resources when screens unmount, and cap in-memory caches. Battery and network — the invisible costs Users blame the app that drains their battery even if they can't name why. The big drains are aggressive polling, chatty netwo
开发者
DEV's Summer Bug Smash Launches on July 14. Register Now!
We’re excited to announce our first ever Summer Bug Smash! Every app has its share of rockstar bugs....
AI 资讯
Airbnb Shares Architecture Behind Sitar-Agent Dynamic Configuration Sidecar for Kubernetes Services
Airbnb engineers detailed Sitar-agent, a Kubernetes sidecar for dynamic configuration delivery across tens of thousands of pods, processing updates several times per minute. The system was redesigned with Java, Amazon S3 snapshot bootstrapping, and a migration from Sparkey to SQLite to improve reliability, startup performance, and configuration availability at scale. By Leela Kumili
AI 资讯
Terraform LifeCycle Rules
Day 9 of the 30 Days of AWS Terraform series focuses on Terraform Lifecycle Rules — powerful controls that decide how Terraform creates, updates, replaces, and destroys resources. What Terraform LifeCycle meta arguments are Lifecycle meta arguments allow us to control how Terraform behaves when it creates, updates, or destroys resources. They help us: Avoid downtime Protect important resources Handle changes made outside Terraform Validate configurations before and after deployment Enforcing compliance Controlling replacement behavior Lifecycle rules allow us to override default behavior safely. Lifecycle rules are Terraform-native controls applied inside a resource block: lifecycle { ... } Lifecycle Rules Covered 1️⃣ create_before_destroy — Zero Downtime Updates Problem: Terraform destroys the old resource before creating the new one → downtime. Solution: lifecycle { create_before_destroy = true } Behavior: New resource is created first Old resource is destroyed only after Ensures zero downtime 2️⃣ prevent_destroy — Protect Critical Resources This setting prevents Terraform from deleting a resource. Example If Terraform tries to destroy this resource, it will fail with an error. This is useful for: Production databases State storage buckets Important data resources 3️⃣ ignore_changes — Allow External Modifications Problem: Terraform overwrites manual or automated external changes. Solution: lifecycle { ignore_changes = [desired_capacity] } Demo: Auto Scaling Group desired capacity modified manually in AWS Console terraform apply did not revert the change Behavior: Terraform ignores changes for specified attributes. ✅ Use for: Auto Scaling Groups Resources modified by external systems Ops-driven configurations 4️⃣ replace_triggered_by — Replace When Dependency Changes Problem: Changing a dependency doesn’t always recreate dependent resources. Solution: lifecycle { replace_triggered_by = [aws_security_group.main] } Behavior: When security group changes EC2 instance i
AI 资讯
دليل عملي لاختبار التحميل لواجهات API باستخدام أرتيلري
Artillery هي مجموعة أدوات مفتوحة المصدر لاختبار التحميل مبنية على Node.js. تتيح لك توليد حركة مرور عالية التزامن على واجهة برمجة التطبيقات (API) من خلال ملف YAML بسيط: تحدد مراحل التحميل، تصف تدفقات الطلبات، تشغل artillery run script.yml ، ثم تقرأ نسب زمن الاستجابة المئوية، معدلات الطلبات، وعدد الأخطاء. يشرح هذا الدليل طريقة تثبيت Artillery v2، كتابة اختبار عملي، تشغيله، استخراج النتائج بالطريقة الصحيحة في v2، وربطه بمسار CI. جرّب Apidog اليوم ما هو Artillery ومتى تستخدمه؟ ينشئ Artillery مستخدمين افتراضيين (VUs) يرسلون طلبات إلى نقاط النهاية لديك ويقيسون قدرة النظام على تحمل الحمل المستمر. المستخدم الافتراضي هو عميل مُحاكى ينفذ سيناريو خطوة بخطوة، كما يفعل مستخدم أو خدمة حقيقية. استخدم Artillery عندما تريد إجابات عملية على أسئلة الأداء مثل: كيف يتغير زمن الاستجابة p95 عند 50 طلبًا في الثانية؟ عند أي معدل وصول تبدأ الأخطاء بالظهور؟ هل تبقى واجهة API مستقرة لمدة 5 دقائق من الحمل المستمر؟ هل يتدهور الأداء تدريجيًا مع استمرار الضغط؟ الميزة الأساسية في Artillery أن الاختبار تصريحي. بدل كتابة حلقات تزامن يدويًا، تصف شكل الحمل في YAML. وبما أنه يعمل فوق Node.js، يمكنك تشغيل نفس الاختبار محليًا وفي CI. إذا كنت تقارن الأدوات، راجع ملخص أفضل أدوات اختبار التحميل و مقارنة برامج اختبار التحميل لفهم الفروقات بين k6 وJMeter وGatling وغيرها. تثبيت Artillery v2 اسم الحزمة هو artillery ، والإصدار الرئيسي الحالي هو v2. ثبته عالميًا عبر npm: npm install -g artillery@latest artillery version تحتاج إلى إصدار LTS حديث من Node.js. يعمل Artillery على Windows وmacOS وLinux. إذا كنت لا تريد تثبيت الحزمة عالميًا، استخدم npx : npx artillery@latest run script.yml كتابة اختبار Artillery يتكون ملف الاختبار من قسمين أساسيين: config : يحدد الهدف ومراحل الحمل والمتغيرات. scenarios : يحدد ما يفعله كل مستخدم افتراضي. مثال كامل: config : target : " https://api.example.com" phases : - name : " Warm up" duration : 60 arrivalRate : 5 - name : " Ramp to peak" duration : 120 arrivalRate : 5 rampTo : 50 - name : " Sustained load" duration : 300 arrivalRate : 50 maxVusers : 500 variables : productId : - " 100
科技前沿
How to align columnar output in the terminal
In bioinformatics we are handling a lot of tabular data. Be it VCF files, tabular Blast output, or just creating a CSV or TSV samplesheet. Actually, one of my favorite tabular formats is by using SeqKit to convert Fasta or FastQ files to tabular format, as this allows to do various filtering operations by row , using standard unix tools if so wished. Scrolling through this type of data in the terminal can be messy to say the least though. Although CSVs can of course be imported into a spreadsheet software for viewing, it would be very powerful to be able to view them comfortably right from the terminal, isn't it? To take one example that fits within the code window of a blog post, let's take a selected set of columns from the CSV output from the Mykrobe tool. And to make it emulate another common problem with many csv formats, let's also use tr to convert the _ :s in the headers into real spaces (Mykrobe does not do this, but many other tools do): $ cat SOME_SAMPLE.csv | cut -d , -f 2,3,10,14,15,17,18 | tr '_' ' ' > selection.csv $ cat selection.csv "drug" , "susceptibility" , "kmer size" , "phylo group per covg" , "species per covg" , "phylo group depth" , "species depth" "Amikacin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Capreomycin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Ciprofloxacin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Delamanid" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Ethambutol" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Ethionamide" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Isoniazid" , "R" , "21" , "99.672" , "98.428" , "372" , "347" "Kanamycin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Levofloxacin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Linezolid" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Moxifloxacin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Ofloxacin" , "S" , "21" , "99.672" , "98.428" , "372" , "347" "Pyrazinamide" , "S" , "21" , "99.672"
AI 资讯
AWS Is Not Simpler. Agents Just Got Better at Reading It.
I optimized my architecture for the wrong model. I used to think black-box infrastructure was the right abstraction for AI-driven development. Vercel, Supabase, Cloudflare Workers — a sharp contract in front, a managed backend behind — felt like the obvious fit. The less an agent had to reason about, the fewer places it could get lost. Give it a clean interface, hide the messy backend, move fast. I still think that was right for the agents we had last year. I don't think it's right for the agents we're starting to use now. The shift is not that AWS got simpler. It didn't. Setup still takes longer, CI/CD takes more work to wire, and cost control has real limits. The shift is that agents got better at reading complexity — and once an agent can actually use a large structured context, the things I treated as overhead (resources, provider schemas, IAM policies, explicit queues, explicit alarms, explicit networks) become the highest-signal context I can hand it. To keep this concrete, I'm holding the tool constant. This is HCL/Terraform on AWS vs HCL/Terraform on Cloudflare — same language, same workflow, two providers. The inversion Agents are… Best served by… Context-poor (last year's loops) Black boxes — shrink the surface, hide the backend Context-rich (now) Inspectable systems — describe everything as code The one-line version: The better agents get at reading, the more valuable explicit infrastructure becomes. I didn't become more pro-AWS because AWS got easier. I became more pro-AWS because agents got better at reading it. Same Terraform, two providers The interesting comparison isn't AWS-elegance vs Cloudflare-elegance. It's how much of the infrastructure topology and operational contract an agent can reconstruct from the HCL plus the provider schema alone. Terraform × AWS Terraform × Cloudflare Provider maturity AWS provider is about as battle-tested as IaC gets; enormous public corpus of modules/examples v5 is a ground-up, OpenAPI-generated rewrite — improving
AI 资讯
Chrome for Developers a Berlino: cosa aspettarsi dall’ecosistema web nel 2026
Tra performance, piattaforma e toolchain: i temi che contano davvero per chi costruisce frontend oggi. Il frontend nel 2026 è diventato una disciplina sempre più “di prodotto”: non basta far funzionare l’interfaccia, serve che sia veloce, stabile, accessibile e misurabile in produzione. E quando l’ecosistema Chrome parla di “connessione” tra developer e piattaforma, il messaggio utile per chi lavora sul web è semplice: capire dove investire tempo per ottenere impatto reale sugli utenti . Di seguito, una lettura pratica dei temi che continuano a emergere come prioritari per chi costruisce applicazioni e siti moderni. 1) Performance: meno benchmark, più realtà La performance non è più un esercizio di ottimizzazione a fine progetto. È un requisito continuo che va gestito con strumenti, metriche e processi. Cosa significa “misurabile” oggi Metriche di campo (real user monitoring) : le prestazioni che contano sono quelle che arrivano dai dispositivi reali, su reti reali. Metriche di laboratorio : restano utili per regressioni e CI, ma vanno interpretate come “segnali” e non come verità assolute. Implicazione pratica Imposta una pipeline dove: le metriche sintetiche bloccano regressioni evidenti (build/PR), le metriche reali guidano le priorità (release e backlog). 2) DevTools: dal debug al controllo qualità Gli strumenti di sviluppo non servono più solo a “trovare il bug”, ma a ridurre il rischio : regressioni di layout, memory leak, risorse inutili, dipendenze pesanti. Abitudini che fanno differenza Profilare prima di ottimizzare: CPU, rete e rendering hanno colli di bottiglia diversi. Isolare i cambiamenti: una variazione di bundling o di immagini può ribaltare il profilo prestazionale più di una micro-ottimizzazione in JS. 3) La piattaforma web continua a crescere (e chiede scelte più consapevoli) La Web Platform oggi offre API potenti, ma la parte difficile non è “usarle”: è scegliere quando usarle. Un criterio utile Se una feature riduce complessità (meno librerie,
AI 资讯
Left of the Loop: The PO is Dead, Long Live the PO
When I wrote about shifting the engineering process left — spec sessions, autonomous agents, humans reviewing output rather than writing code — a question kept coming up. Where does the Product Owner fit in all of this? It’s the right question. And I think the answer is more interesting than “the PO disappears.” Let’s start with acceptance criteria. We invented them to bridge a gap. The team needed to know when something was done. The PO needed confidence that what got built matched the intent. Acceptance criteria were the contract between the two. But if the Spec Session is where intent gets defined — by the whole team, together, before the agent runs — that gap closes. What the team agreed on in the room is the definition of done. The spec is the acceptance criteria. You don’t need a separate validation step because the planning and the agreement happened at the same time. The tighter the loop, the less ceremony you need around it. There’s a caveat though. The spec is a necessary contract. It’s not a sufficient one. Simon Martinelli’s work on the AI Unified Process validates the spec-driven approach technically. But his model is about the artifact — requirements at the center, AI generating everything else from them. How the team actually builds shared understanding before the spec exists isn’t something it addresses. That’s not a criticism. It’s just a different question. A spec written after a real Spec Session — where the team worked through edge cases together, disagreed, got to resolution — is different from a spec written by one person and signed off asynchronously. Same artifact. Different quality of shared understanding. That distinction matters when the agent hits an edge case the spec didn’t anticipate. So what’s actually left for a dedicated PO? Two things. And they’re very different. The first is product thinking — challenging intent, representing user needs, asking why before the agent runs with something. That’s valuable. But it doesn’t require a ded
AI 资讯
Performance Testing RAG Applications: Complete Engineering Guide
In this blog post, we will see how to performance test a RAG (Retrieval-Augmented Generation) application properly, covering both speed and correctness, and how to wire both into a CI/CD pipeline so regressions get caught before they reach production. Performance testing a RAG application requires two separate testing gates: one for speed and one for answer quality. Traditional load testing tools measure response times but cannot detect hallucinations, where a model returns fast but factually incorrect answers grounded in fabricated context rather than retrieved documents. The guide demonstrates using k6 for load testing end-to-end latency and DeepEval for evaluating faithfulness and answer relevancy using an LLM-as-judge approach. Both gates are integrated into a GitHub Actions CI/CD pipeline so regressions in either performance or output quality are caught automatically on every pull request before reaching production. If you've come from a JMeter or k6 background like I have, your first instinct with a RAG endpoint is probably to point a load test at it and check response times. That gets you halfway there. A RAG app can return a fast, confident, completely wrong answer, and a plain load test will never tell you that. You need two testing surfaces, not one: performance and quality. This guide covers both, using a single running example throughout: a documentation assistant that answers "How do I run JMeter in non-GUI mode?" against a small knowledge base. Why RAG breaks traditional load testing assumptions A conventional API returns a complete response and you measure the round trip. A RAG endpoint does two expensive things before it answers: it retrieves context from a vector store or search index, then it streams a generated response token by token. That second part matters a lot. A single request can stream hundreds of tokens over several seconds, so "request duration" as a single number hides two very different problems: how long the model took to start answe
AI 资讯
F1 in Britain: Automated software to blame for crushing expectations
Sometimes races finish behind a safety car, but it's not always satisfying.
AI 资讯
Scaling Terraform Infrastructure Beyond a Single Team
When a single engineer manages all the Terraform in an organisation, everything is simple. One repo, one state, one pipeline, one set of credentials. There's no coordination overhead because there's no one to coordinate with. That stops working the moment a second team needs to deploy infrastructure. And by the time you have three or four teams — networking, platform, application, security — the single-team model is actively slowing everyone down. This guide covers what breaks, how teams typically work around it, and how to set up a structure where each team owns their slice of infrastructure independently. What breaks State lock contention Terraform's state locking is per-state. When the networking team is running terraform plan , the application team's pipeline is blocked — even though they're changing completely unrelated resources. The more teams share a state, the more time everyone spends waiting. Blast radius A junior engineer deploying a new application service shouldn't be able to accidentally destroy the VPC. But if application resources and networking resources share a state, a single misconfigured terraform apply can touch anything. Code review catches some of this. Not all of it. Credential sprawl A shared pipeline needs credentials for everything — the networking team's Azure subscription, the application team's AWS account, the security team's DNS provider. Every team's secrets end up in one CI environment, accessible to anyone who can trigger a run. This fails most compliance audits. Approval bottlenecks In many organisations, one person or a small group gatekeeps all infrastructure changes. Every PR needs their review. Every apply needs their approval. The gatekeeper becomes a bottleneck not because they're slow, but because they're a single point of serialisation for all infrastructure work. Backend access as implicit access control Terraform has no built-in concept of per-team or per-workspace permissions. All workspaces in a backend share the sam