今日已更新 420 条资讯 | 累计 20392 条内容
关于我们

标签:#Ring

找到 372 篇相关文章

AI 资讯

You're Not Doing GitOps (You're Doing CI/CD With Extra Steps)

The Uncomfortable Truth Here's a test: when your deployment fails in production, what happens to your main branch? If the answer is "the broken code is already merged" — congratulations, you're doing CI/CD with a Git trigger. That's not GitOps. It's a pipeline that happens to watch a branch. I've spent years building platform engineering systems at enterprise scale — identity management frameworks, infrastructure-as-code pipelines, AI agent platforms that manage operational code. And I keep seeing the same mistake: teams adopt "GitOps" by adding a deployment step after merge, then wonder why they get drift. True GitOps has one non-negotiable rule: main always equals production. If a deployment fails, main doesn't change. Period. This isn't just my opinion — it's the logical extension of OpenGitOps principles : declarative desired state, versioned in Git, automatically reconciled. The enforcement mechanism I'm describing is how you make those principles real rather than aspirational. The Anti-Pattern Everyone Runs The most common "GitOps" setup I see in enterprise teams looks like this: Developer opens PR CI runs tests Reviewer approves PR merges to main Deployment triggers from main ❌ Deployment fails main now contains code that isn't in production This is merge-then-deploy . It's standard CI/CD with extra steps. The moment you merge before confirming a successful deployment, you've broken the core GitOps contract: Git as the single source of truth for what's actually running. The result? Drift. Stale state in main . A branch that lies about what's deployed. Every subsequent PR is now based on a broken foundation. The Enforcement Pattern: Deploy Before Merge The fix isn't philosophical — it's mechanical. GitHub's Merge Queue gives you exactly the right primitive: Developer opens PR CI runs tests (standard checks) Reviewer approves → PR enters the merge queue Merge queue trigger runs a dry-run deployment against the target environment If dry-run passes → queue trigge

2026-06-06 原文 →
AI 资讯

Maybe Coding Agents Don't Need a Bigger Memory. Maybe They Need Continuity.

A practical reflection on why coding agents lose the thread between sessions, and why the repository itself is the right place to preserve it. I used to think the problem was memory. That was the obvious diagnosis. Every new coding-agent session started with the same ritual. Open the repository. Read the README. Inspect the project structure. Search for the files that looked important. Reconstruct the task. Guess which commands mattered. Ask again what had already been tried. Then do the actual work. Sometimes. Because a lot of the work was not work. It was orientation. A coding agent can have a large context window and still lose the operational thread. It can have chat history and still fail to know what happened in the last run. It can retrieve semantically similar notes from a vector store and still miss the one fact that mattered: this command already failed. the previous session stopped here. this file looked relevant, but it was a dead end. the validation was not actually run. One day I stopped thinking about the problem as "agent memory". That word was too broad. Too attractive. Too dangerous. Because once you say memory, the temptation is to build a bigger one. A bigger context window. A bigger note store. A bigger vector database. A bigger archive of everything the agent has ever seen, said, touched, generated, or vaguely implied. That sounds powerful, but it is also how you build a very expensive junk drawer. Context is not continuity Context is what the agent has available now. Continuity is what lets the next execution continue from what actually happened before. Those are not the same thing. Long context helps while a session is alive. It gives the model more text to work with. More files. More prior messages. More implementation details. More room. Although it is really useful it does not automatically produce continuity. When the session ends, gets compacted, moves to another tool, switches from one coding agent to another, or simply starts tomorrow

2026-06-06 原文 →
AI 资讯

Applying Checkov to Terraform as Code – A TFSEC Alternative

Static Application Security Testing (SAST) is a critical practice in modern DevSecOps. While tools like SonarQube, Snyk, and Veracode are popular, this article focuses on GitHub CodeQL – a semantic code analysis engine that treats code as a database. We will apply it to a vulnerable Java Spring Boot application to detect SQL Injection and Path Traversal. 🤔 Why CodeQL? Unlike pattern-based scanners, CodeQL builds a relational database of your code, including abstract syntax trees, control flow graphs, and data flow graphs. This allows it to track tainted data across functions, classes, and files, drastically reducing false positives. 🚨 Target Application (Vulnerable Java App) Let's look at a simple REST API with two vulnerable endpoints. File: UserController.java package com.demo.controller ; import com.demo.model.User ; import org.springframework.beans.factory.annotation.Autowired ; import org.springframework.jdbc.core.JdbcTemplate ; import org.springframework.web.bind.annotation.* ; import java.nio.file.Files ; import java.nio.file.Paths ; import java.util.List ; @RestController @RequestMapping ( "/api" ) public class UserController { @Autowired private JdbcTemplate jdbcTemplate ; // Vulnerability 1: SQL Injection @GetMapping ( "/users" ) public List < User > getUsers ( @RequestParam ( "id" ) String userId ) { String sql = "SELECT * FROM users WHERE id = " + userId ; // Dangerous concatenation return jdbcTemplate . query ( sql , ( rs , rowNum ) -> new User ( rs . getString ( "id" ), rs . getString ( "name" ))); } // Vulnerability 2: Path Traversal @GetMapping ( "/file" ) public String readFile ( @RequestParam ( "filename" ) String filename ) throws Exception { return new String ( Files . readAllBytes ( Paths . get ( "/var/data/" + filename ))); } } 🛠️ Installing and Configuring CodeQL CLI You can run CodeQL locally to analyze your code before pushing it to a repository. 1. Download CodeQL from GitHub releases: wget [ https://github.com/github/codeql-cli-binaries/re

2026-06-06 原文 →
开发者

ZenQL, KISS And DRY.

imagine you are working in a large codebase. you need to fetch different kinds of data and transforming them, grouping them or sorting them. lets take a closer look at Sorting and Heaps in golang Specifically. we already familiar with heaps and its important interface. the Heap.Interface. a very performant and impressive implementation of heaps and its sorting functionality. type Interface interface { sort . Interface Push ( x any ) // add x as element Len() Pop () any // remove and return element Len() - 1. } as a programming language, it couldnt be done better than what it is today. but most of the time we might not need to implement all the interface items. dont get me wrong the functionalities should exist but mostly all that matters for us is that how the sorting will be done. ZenQL's Implementation In the latest version take advantage of sorting and heaps functionality. in a fast and agile way! result := From ( personList ) . Where ( func ( person Person ) bool { return person . Active == true }) . CollectSorted ( func ( person Person , person2 Person ) bool { return person . Identifier < person2 . Identifier }, true ) In the code snippet above we perform a sort on our collections using the thor engine very easily. we just express our desire about how the sorting needs to be done and wether its ascending or descending. and other functionalities are implemented as below: type Sortable [ T any ] struct { Items [] T less func ( a , b T ) bool desc bool } func ( h Sortable [ T ]) Len () int { return len ( h . Items ) } func ( h Sortable [ T ]) Swap ( i , j int ) { h . Items [ i ], h . Items [ j ] = h . Items [ j ], h . Items [ i ] } func ( h * Sortable [ T ]) Push ( x any ) { h . Items = append ( h . Items , x . ( T )) } func ( h * Sortable [ T ]) Pop () any { old := h . Items n := len ( old ) item := old [ n - 1 ] h . Items = old [ : n - 1 ] return item } be faster and more agile with the Golang ZenQL. Click To Visit ZenQLRepository

2026-06-05 原文 →
AI 资讯

If the warehouse already has the data, why are we copying it elsewhere?

When we started working on Krenalis , we spent a lot of time reviewing how customer data typically flows through a modern data stack. One pattern kept showing up often enough that we started questioning it. In many modern stacks, customer data already lands in a warehouse. Yet we often copy that same data into a CDP before we can start building customer profiles. During one of those discussions, someone asked a question that sounded almost naive: Why are we moving all this data in the first place? Nobody had a particularly strong answer ready. The answer was mostly: Because that's how CDPs work. We expected the question to have an obvious answer. It didn't. The warehouse is no longer just for analytics Over the last few years, the role of the data warehouse has changed significantly. Warehouses are no longer just analytical systems. They're increasingly becoming the place where organizations centralize the context used by applications, AI agents, copilots, and business processes. Customer data from systems like Shopify, Stripe, CRMs, support platforms, and internal applications often ends up there long before anyone starts thinking about segmentation or activation. In many organizations, the warehouse is already the place where teams answer questions about customers, revenue, retention, and product usage. That made us wonder: If the warehouse is already becoming the operational center of the data stack, why does customer identity usually live somewhere else? Consider a customer who buys through Shopify, pays through Stripe, opens support tickets in Zendesk, and uses the product under a different email address. In many organizations, all of those records already end up in the warehouse. Yet building a unified profile often requires exporting that same data into another platform before identity can be resolved. The cost of another copy To be clear, data duplication is not inherently bad. Most software systems rely on some form of replication, caching, or denormalizati

2026-06-05 原文 →
AI 资讯

What Is Agentic Workflow Consulting? A Practical Guide for Data Leaders

The Term Everyone Uses and Nobody Defines Your CTO came back from a conference and said the team needs to "go agentic." A vendor pitched you an "agentic data platform" last week. LinkedIn is full of posts about agentic workflows transforming everything from customer support to supply chain management. And yet, when you ask three people what "agentic" actually means for your data operations, you get four answers. This is not a vocabulary problem. It is a strategy problem. Organizations are making six-figure decisions about agentic AI without a shared definition of what they are buying, building, or hiring for. That gap between the buzzword and the architecture is where most projects fail -- not because the technology does not work, but because nobody agreed on what it was supposed to do. This guide is a practitioner's attempt to close that gap. No vendor pitch, no hand-waving. Just a clear definition, a real example, and a framework for deciding whether agentic workflow consulting is something your team actually needs. What "Agentic" Actually Means (In Plain Language) Traditional data pipelines are deterministic. You define steps, connect them in order, and run them. Step A feeds step B, which feeds step C. If the input changes shape, the pipeline breaks and a human fixes it. The pipeline does not adapt, reason, or make decisions -- it executes. Robotic process automation (RPA) is slightly smarter but still scripted. It records human actions and replays them. Click here, type there, move this file. When the UI changes or an edge case appears, the bot breaks the same way a pipeline breaks: it stops and waits for a human. Agentic workflows are fundamentally different. An agentic system has components that can reason about their task, make decisions based on context, and take actions without a pre-scripted path for every scenario. Instead of "if X then Y," an agentic node can evaluate ambiguous input, choose between approaches, validate its own output, and route work to

2026-06-05 原文 →
AI 资讯

Amazon S3 Doesn't Hope Hardware Won't Fail. It Assumes It Already Has.

Most engineers build distributed systems hoping nothing breaks. Amazon S3 was engineered under the opposite assumption: that something is already broken, right now, and the system needs to be fine with that. That one mindset shift explains almost everything about how S3 works — and why it's one of the most reliable pieces of infrastructure on the planet. I went through a deep-dive conversation with Mai-Lan Tomsen Bukovec, VP of Data and Analytics at AWS, and extracted the engineering philosophy underneath the product. Not the marketing version. The real one. Here's what actually matters. 1. Hardware failure is not an emergency. It's Tuesday. S3 manages hundreds of exabytes of data across tens of millions of hard drives, spread across 120 Availability Zones in 38 AWS Regions. It currently stores over 500 trillion objects. At that scale, something is always failing. A disk here. A rack there. An availability zone every now and then. The math is unforgiving. So the S3 team made a deliberate architectural decision early: stop treating failure as an exception. Design it into the system as the baseline state. This means dedicated auditor and repair microservices run continuously in the background — not when something goes wrong, but always. They scan the entire fleet, inspect every byte of data, detect discrepancies, and trigger repairs automatically. No human in the loop. No incident ticket. No war room. There's also a specific property they engineer for called crash consistency — the system is designed so that after any fail-stop event, it automatically returns to a valid state without manual intervention. The failure happens. The system continues. Those two things are not in conflict. The system heals itself because it was designed to assume it's already sick. If you're building distributed systems and your failure handling is reactive — you only respond after something breaks — you've already lost. Design the repair loop as a first-class citizen, not an afterthought.

2026-06-05 原文 →
AI 资讯

Bölüm 2: Event Pipeline Tasarımı: Kafka’dan Lakehouse’a Gerçek Zamanlı Veri Yaşam Döngüsü

İlk yazıda Event Driven Architecture’ın temel kavramlarını, Kafka üzerinde topic/channel tasarımını, event-command ayrımını, schema contract’ları ve producer-consumer ilişkisini ele aldık. Bu yazıda odağı bir adım ileri taşıyıp event’in platform içindeki yaşam döngüsüne bakacağız. Çünkü EDA tasarımında asıl zorluk yalnızca event üretmek değildir. Asıl mesele, üretilen event’in güvenilir, izlenebilir, tekrar işlenebilir, zenginleştirilebilir ve farklı tüketiciler tarafından kullanılabilir hale gelmesidir. Bu yazıda şu sorulara odaklanacağız: Ham event platforma geldiğinde ne olur? Event nasıl doğrulanır, zenginleştirilir ve tüketilebilir hale gelir? Raw, validated, enriched ve curated topic’ler nasıl konumlandırılmalıdır? Bu yapı modern lakehouse mimarilerindeki Medallion yaklaşımıyla nasıl ilişkilendirilebilir? DLQ ve alert topic’leri ne zaman devreye girer? Replay, idempotency, monitoring, security ve governance nasıl düşünülmelidir? Event Pipeline Nedir? EDA mimarilerinde özellikle data platform projelerinde event’ler genellikle bir yaşam döngüsünden geçer. Bu yaşam döngüsü şöyle modellenebilir: raw -> validated -> enriched -> curated | | v v dlq alert Bu yapı, veri akışının aşama aşama olgunlaşmasını sağlar. Raw topic kaynaktan gelen ham event’i taşır. Validated topic schema ve temel kalite kontrollerinden geçmiş event’leri içerir. Enriched topic event’in referans veriler veya başka veri kaynaklarıyla zenginleştirilmiş halidir. Curated topic ise tüketiciler için güvenilir, normalize edilmiş ve iş anlamı netleşmiş event’leri temsil eder. Event Pipeline ve Medallion Architecture İlişkisi Bu yapı, modern lakehouse mimarilerinde sık kullanılan Medallion yaklaşımıyla doğal bir benzerlik taşır. Lakehouse tarafında Bronze katmanı ham veriyi, Silver katmanı temizlenmiş ve zenginleştirilmiş veriyi, Gold katmanı ise iş tüketimine hazır veri ürünlerini temsil eder. Kafka üzerindeki raw, validated, enriched ve curated topic’leri de benzer bir olgunlaşma mantığını akan veri ü

2026-06-05 原文 →
AI 资讯

Anthropic just said skills are hard

Anthropic published a thoughtful guide to making skills. It is worth reading, but it's a map of work you should not have to do. The Claude Code team wrote a piece on how they use agent skills . If you make skills, read it. It is honest and tells you something important: making a good skill is real work. Here's what the guide covers. It sorts skills into nine categories. It explains progressive disclosure, where the agent knows which files to load and when. It covers scripts, config files, combining skills together, and writing the description so the model reaches for the skill at the right moment. All of that is true and useful. It is also a lot to learn. And most of it exists only because you are doing the work by hand. We're SkillsCake . We make and score agent skills all day. So we read this guide a little differently than someone meeting skills for the first time. Here's what we think. Skills are infinite The guide splits skills into types: library reference, verification, and so on. That is a helpful way to teach a class. It is not what a skill actually is. A skill is prose that tells an agent how to do one thing, sometimes with scripts attached. The set of possible skills is not nine boxes. It is every job you could describe in writing; it's infinite. Categories are how a person gets a handle on something that open-ended. They are scaffolding for learning, not the shape of the thing. This matters because the moment you think in categories, you start bending your skill to look like the example in its bucket. Your real job rarely fits the bucket. The best engineered skill is the one written for your exact task, by an expert. Doing it yourself might not be worth it Progressive disclosure, scripts, config, descriptions tuned for the model, gotchas earned by failing, and eval loops: none of that is busywork. It's how a good skill gets built by hand. The guide is not overcomplicating anything. It is being honest about what the manual path costs. But that is the poin

2026-06-04 原文 →
AI 资讯

Context Engineering: The Skill Replacing Prompt Engineering in 2026

If you've been calling yourself a "prompt engineer" for the past two years, it's time to update your vocabulary — and your mental model. In 2026, the real leverage when building LLM-powered systems isn't in crafting the perfect sentence. It's in context engineering : designing everything an LLM sees before it ever generates a response. Andrej Karpathy coined the term in mid-2025, and it's since taken over serious AI engineering discussions. This article breaks down what context engineering actually is, why it matters more than prompt writing, and gives you concrete techniques you can apply today. What Is Context Engineering? Context engineering is the discipline of systematically designing the information environment that surrounds a prompt. Where prompt engineering asks "what should I tell the model to do?", context engineering asks "what does the model need to know to do it well?" Think of it this way: a doctor doesn't just answer the question you ask on the spot. They look at your chart, your history, your vitals, and then respond. Context engineering is building that chart for your LLM. The context window is the LLM's working memory — everything it can "see" at once. In 2026, these windows are massive: Claude Opus 4.x : 200K tokens GPT-4o : 128K tokens Gemini 2.5 Flash : Up to 1M tokens But bigger isn't automatically better. More tokens = more cost, more latency, and a real risk of what researchers call the "lost-in-the-middle" problem — where models process information at the beginning and end of the context more reliably than content buried in the middle. Why This Matters for Data Engineers Data engineers are increasingly building pipelines that feed LLMs: RAG systems, AI copilots for data quality, agents that write and review SQL, tools that summarize data lineage. In every one of these systems, the quality of what lands in the context window directly determines output quality. A poorly designed context is like feeding a senior analyst a jumbled mess of raw l

2026-06-04 原文 →
产品设计

How a Culture of Data-Driven Conversations Can Support Platform Engineering

To provide SRE as a service, a team built a center of excellence, introducing Federated SREs and roles like production manager and technical tribe lead. They created a culture of data-driven conversations where SLOs and SLAs were democratised. Surviving growing cognitive load meant continuously simplifying architecture and embedding sovereignty and resilience into platform design decisions. By Ben Linders

2026-06-04 原文 →
AI 资讯

Presentation: Architecting a Centralized Platform for Data Deletion at Netflix

The speakers discuss the architectural challenges of executing safe data deletion across distributed datastores. Balancing durability, availability & correctness, they explain how to orchestrate multi-system deletion propagation without impacting live traffic. They share lessons on controlling tombstone accumulation, building continuous audit loops, and gaining trust with a centralized platform. By Vidhya Arvind, Shawn Liu

2026-06-04 原文 →
AI 资讯

Want to work with me? We're hiring a Community Program Manager at DEV!

Hey friends 👋 As the title suggests, we are hiring! If you've been with us for a little while, I'm sure you've seen our uptick in community initiatives since Major League Hacking (MLH) acquired DEV earlier this year. We've been working hard behind the scenes to bring new opportunities to the community and give a fresh spin to previous programs. We're now at a point where we need help optimizing and scaling up everything we do, while ensuring the platform remains a special place. That said, we are looking to hire a full-time, remote Community Program Manager based in the United States that cares deeply about community. Below is a brief overview of the role and skills we're looking for, but here's the full job description and application for anyone that wants to jump right in: Community Program Manager Job Application Job Overview Key Responsibilities You will... Develop and grow our community moderator programs Run DEV Challenges A-Z, plus other fun events Oversee our community support operations And more! Important Skills You are someone who... Effectively communicates with both internal and external stakeholders Can't help but be detailed oriented (sorry, I am pedantic) Uses AI to gain efficiency Knows how to work autonomously and manages up Benefits You'll receive... Competitive salary ($80-110k) Stock options Medical, dental, vision benefits and 401K Unlimited PTO Travel opportunities Questions about the role? Drop them in the comments below!

2026-06-04 原文 →
AI 资讯

You're Not Paying for Code Generation. You're Paying for Context

The hidden cost of AI isn't generating code. It's understanding your codebase. For a long time, I assumed AI coding tools became expensive because they generated a lot of code. These tools can produce components, tests, SQL queries, documentation, and sometimes entire features on demand. If costs were climbing, the output volume must be the reason. The more I used these tools, the more I realized I was measuring the wrong thing. The expensive part isn't writing code. The expensive part is understanding what code should be written — and that work is mostly invisible. That realization changed how I think about AI-assisted development entirely. Two Prompts, Two Very Different Problems Consider these two requests: "Create a utility function that formats dates" and "Review this feature and suggest improvements." At first glance, both look ordinary. Both might even produce short answers. But they require completely different levels of understanding. The first is narrow and well-defined. The AI needs very little information before it can produce a useful answer. The second is open-ended. Before suggesting a single improvement, the AI may need to read multiple files, understand dependencies, follow existing patterns, compare implementations, and build a mental model of why the feature exists at all. The output might still be small. The work required to reach it is not. Why Agent Workflows Feel Different From Autocomplete This became much clearer when I started using AI agents. Traditional autocomplete is predictive — you type, the AI guesses what comes next. It's fast, cheap, and deliberately context-light. Agents behave differently. When you ask one to improve a feature or review a workflow, it doesn't immediately start generating code. It starts reading. It follows imports, finds related files, and tries to understand the system before touching it. That is exactly what makes agent workflows feel slower and more resource-intensive than autocomplete: they are spending effor

2026-06-03 原文 →
AI 资讯

Presentation: Choosing Your AI Copilot: Maximizing Developer Productivity

Sepehr Khosravi discusses the evolution of developer productivity tools. Evaluating the strengths of tools like Cursor and Claude Code, he explains actionable techniques for senior engineers - including context engineering, custom rules, and Model Context Protocol (MCP) integrations. He shares real-world benchmarks and strategic frameworks for balancing AI adoption with clean code quality. By Sepehr Khosravi

2026-06-03 原文 →
AI 资讯

CAP Theorem Explained

CAP Theorem Explained: Choosing Between Consistency, Availability, and Partition Tolerance in Databases Imagine you're trying to book a flight online, and just as you're about to pay, the website crashes. When you try to book again, you find that the flight is now sold out, even though the website initially showed available seats. This frustrating experience is a classic example of a database trade-off between consistency, availability, and partition tolerance. The CAP theorem, first introduced by Eric Brewer in 2000, states that it's impossible for a distributed data store to simultaneously guarantee more than two out of these three principles. In this post, we'll delve into the world of CAP theorem, exploring its fundamentals, real-world database examples, and design implications. Introduction to CAP Theorem Understanding the Basics of CAP Theorem The CAP theorem is based on three primary principles: Consistency : Every read operation will see the most recent write or an error. Availability : Every request receives a response, without guarantee that it contains the most recent version of the information. Partition Tolerance : The system continues to function and make progress even when network partitions (i.e., splits or failures) occur. Importance of CAP Theorem in Distributed Systems In distributed systems, where data is spread across multiple nodes, the CAP theorem plays a crucial role in understanding the trade-offs between these principles. By grasping the CAP theorem, developers can design more resilient and scalable databases that meet the specific needs of their applications. Brief Overview of the Blog Post This post will explore the CAP theorem in depth, using real-world database examples to illustrate the trade-offs between consistency, availability, and partition tolerance. We'll discuss the fundamentals of CAP theorem, examine CA, CP, and AP systems, and provide guidance on designing for each combination. By the end of this post, you'll have a solid un

2026-06-03 原文 →