今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#api

找到 305 篇相关文章

AI 资讯

EU AI Act compliance as API calls

We shipped eight endpoints on api.moltrust.ch (v2.5) this week. Three implement EU AI Act obligations directly. This is the short version for people who want to call them; the full reasoning is on our blog ( https://moltrust.ch/blog/compliance-as-an-api.html ). Why no model in the loop: the Aithos LARA study (May 2026) placed twelve frontier models in simulated workplaces where the task required breaking EU law. Best model: 54% lawful runs. In the Art. 5(1)(f) scenario (emotion inference from workplace communications, prohibited), all twelve committed the violation. So the classifier is deterministic code branching on the pinned EUR-Lex text, and every response carries article references you can check yourself. POST /compliance/assess — use case + intended purpose + declared signals in, risk tier + obligations + article pins out. Evaluation order: Art. 5 prohibitions, Annex I route (Art. 6(1)), Annex III route (Art. 6(2)/(3)), Art. 50 transparency, minimal. The trap worth knowing: Art. 6(3) offers four derogation grounds, and its final subparagraph voids all of them for systems that profile natural persons. In the code that subparagraph is a branch; it cannot be skipped. curl -X POST https://api.moltrust.ch/compliance/assess \ -H "Content-Type: application/json" \ -d '{ "use_case": "Customer-support agent that reads inbound email and drafts replies", "intended_purpose": "Automated first-line support for consumer inquiries", "performs_profiling": false, "interacts_with_humans": true, "emotion_recognition": false }' POST /compliance/declaration — EU declaration of conformity as a W3C Verifiable Credential with the eight Annex V items, Ed25519-signed. Verify offline against https://api.moltrust.ch/.well-known/jwks.json ; no call back to us. anchor: true adds a sha256 commitment for batch anchoring on Base L2. POST /compliance/incident — records Art. 73 serious incidents and computes the deadline from the regulation: 15 days standard, 10 days for a death, 2 days for wid

2026-07-12 原文 →
AI 资讯

How to Debug AI API Failures Across Multiple Models

Getting an AI API request to return a response is only the beginning. For real AI products, the harder question is what happens when something goes wrong. A chatbot may become slower. A RAG answer may stop using the right context. A structured extraction workflow may start returning invalid JSON. An agent may trigger the wrong tool. A fallback model may answer correctly, but at a much higher cost. In a single-model prototype, debugging is usually simple. You check one provider, one API key, one model, and one request format. In a multi-model application, debugging becomes an infrastructure problem. A product may use GPT for one workflow, Claude for another, Gemini for multimodal tasks, DeepSeek for cost-sensitive reasoning, Qwen or Kimi for Chinese-language workflows, GLM for enterprise scenarios, and MiniMax or Doubao for other product features. When something fails, developers need to know more than whether the API returned an error. They need to know which workflow failed, which model handled it, whether fallback happened, whether latency changed, and whether the final output was still good enough for production. Why multi-model debugging is different AI API failures are not always clean outages. Sometimes the request fails completely. But many production issues are softer: latency increases structured output fails validation tool calls become unstable fallback routes trigger too often answers become less grounded costs increase silently one language performs worse than another a model works for chat but fails for agent workflows That is why teams should not treat AI debugging as simple error handling. They need visibility across the full request path. Start with a failure taxonomy The first step is to classify failures in a way developers can act on. A useful AI API failure taxonomy may include: authentication errors rate limits quota limits timeout errors model unavailable errors high latency responses invalid JSON output schema validation failures tool call fa

2026-07-12 原文 →
AI 资讯

Shipping Async Video Background Removal at $0.10/sec

Why async matters for video I've been running useKnockout - a background removal API that processes images in ~200ms - for a few months. Images are fast enough to handle synchronously: POST a file, wait 200ms, get a PNG back. Video is different. Even a 5-second clip at 30fps is 150 frames. At 200ms per frame, that's 30 seconds of processing. You can't hold an HTTP connection open for 30 seconds and call it a good API. So today I shipped POST /video/remove - async video background removal that returns a job ID immediately, processes in the background, and gives you ProRes 4444 (RGB+alpha) when it's done. What shipped As of v0.11.0 (July 10, 2026): POST /video/remove - upload a video, get a job ID back GET /jobs/{job_id} - poll for status, download the result when ready ProRes 4444 output - RGB with full alpha channel, ready to drop into Premiere/Final Cut/DaVinci Node SDK videoRemove() and getJob() in v0.7.0 Python SDK video_remove() and get_job() in v0.7.0 Billing is a dedicated video.seconds meter at $0.10/sec (different from the per-image rate), with a 15-second cap to keep costs predictable. How to use it (Node SDK) import { useKnockout } from ' useknockout-node ' ; import fs from ' fs ' ; const client = useKnockout ({ apiKey : process . env . KNOCKOUT_API_KEY }); // Submit the video const job = await client . videoRemove ({ file : fs . createReadStream ( ' ./input.mp4 ' ) }); console . log ( ' Job ID: ' , job . id ); // Poll until done let status = await client . getJob ( job . id ); while ( status . status === ' processing ' ) { await new Promise ( resolve => setTimeout ( resolve , 2000 )); status = await client . getJob ( job . id ); } if ( status . status === ' completed ' ) { // Download the ProRes 4444 result const video = await fetch ( status . result_url ); const buffer = await video . arrayBuffer (); fs . writeFileSync ( ' ./output.mov ' , Buffer . from ( buffer )); } The job object includes duration_seconds (billed amount), status ( processing / complet

2026-07-12 原文 →
AI 资讯

Migrating Off OpenAI: A Backend Engineer's Notes From Production

Check this out: migrating Off OpenAI: A Backend Engineer's Notes From Production I still remember the morning I opened our team's monthly invoice and nearly spilled cold brew on my mechanical keyboard. We were burning through OpenAI credits like it was nobody's business — specifically, north of $500/month for what amounted to a chat-completion endpoint and some embedding lookups. As the backend engineer who had inherited the LLM integration six months prior, I felt personally responsible. So I did what any self-respecting engineer does at 2 AM with too much caffeine: I benchmarked alternatives. What I found annoyed me. DeepSeek V4 Flash was sitting there at $0.25/M output tokens while GPT-4o charges $10.00/M. That's a 40× price difference for output that, in my blind tests, 80% of users couldn't distinguish. The $500/month bill could plausibly become $12.50. My CFO would weep tears of joy. This post is the migration journal I wish I'd had before I started. fwiw, I've already done the swap across three production services. Here's what worked, what didn't, and exactly how much coffee I drank. The Math That Made Me Pick Up a Keyboard Before I show you code, let's talk numbers — because if you're going to convince your team or your boss, you'll need a slide that fits on one screen. I pulled together the pricing for the models I actually considered routing traffic through. All figures are per million tokens, USD: Model Provider Input $/M Output $/M Relative to GPT-4o GPT-4o OpenAI $2.50 $10.00 1× (baseline) GPT-4o-mini OpenAI $0.15 $0.60 16.7× cheaper DeepSeek V4 Flash Global API $0.18 $0.25 40× cheaper Qwen3-32B Global API $0.18 $0.28 35.7× cheaper DeepSeek V4 Pro Global API $0.57 $0.78 12.8× cheaper GLM-5 Global API $0.73 $1.92 5.2× cheaper Kimi K2.5 Global API $0.59 $3.00 3.3× cheaper Let me be clear about something: those numbers come straight from the provider's pricing pages at the time I ran the analysis. I have not invented, rounded up, or "adjusted" anything her

2026-07-12 原文 →
AI 资讯

Designing an Async Image API Client That Does Not Lie About Completion

Image generation is where a seemingly simple API client starts to accumulate production bugs. A request may finish inline for one model, return a task for another, or take a longer path when the input includes edits and uploaded files. Treating every successful HTTP response as a completed image is the fastest way to ship broken retry logic and incorrect user-facing status. This post adapts the TokenLab article TokenLab Async Image Generation Tasks for Production Apps . The canonical article contains the full implementation discussion; this version focuses on the contract decisions that matter when building an integration. The response is a delivery decision, not just a payload An image endpoint can return either a completed representation or an asynchronous task. The client should inspect the response envelope and normalize the delivery mode before it touches application state: type Delivery = | { mode : " sync " ; terminal : true } | { mode : " async " ; task_id : string ; status : string ; terminal : false }; The important invariant is that mode and terminal state come from the API contract. Do not infer completion from a missing progress field, a truthy data property, or a fast response time. Progress is useful when present, but it is not the completion signal. Poll by task identity, not by the original request When the server returns an async task, persist the task ID and the provider-neutral status. A worker can then poll the task endpoint with bounded backoff: async function waitForTask ( id : string ) { for ( let attempt = 0 ; attempt < 60 ; attempt += 1 ) { const task = await getTaskStatus ( id ); if ( task . status === " succeeded " ) return task . result ; if ([ " failed " , " cancelled " , " expired " ]. includes ( task . status )) { throw new Error ( `Media task ${ id } ended as ${ task . status } ` ); } await sleep ( Math . min ( 1000 * 2 ** Math . min ( attempt , 5 ), 30 _000 )); } throw new Error ( `Media task ${ id } exceeded the polling budget` );

2026-07-12 原文 →
AI 资讯

GDPR retention and erasure for an agent mailbox

Most "AI email" demos never think about deletion. The agent reads, replies, files things away, and the inbox just grows. That's fine in a demo. It is a problem the first time a real person emails your agent, because the moment that mailbox holds someone else's name, address, order history, or support complaint, you've taken on a data-protection obligation — and "we kept everything forever" is not a defensible retention policy. An Agent Account on Nylas accumulates personal data you have to be able to purge. It's a mailbox the agent owns — support@yourcompany.com answering to a model instead of a human — and every inbound message lands in it. Under GDPR that data needs two things you can prove: a retention window so it doesn't live forever, and an erasure path so you can delete a specific person's mail when they ask. This post builds both, with the curl and the CLI for each step. A quick, honest caveat before any of it: this is a docs-and-demo walkthrough, not legal advice. The Nylas primitives below cover the mail held in the mailbox . Any derived copy you made — rows in your own database, lines in your application logs, a vector store you embedded the message into — is yours to purge separately. The API can delete the message; it can't reach into your Postgres. Keep that in mind throughout. What the platform gives you Nothing new to learn on the data plane. An Agent Account is just a grant with a grant_id , so everything you already know about Messages and Threads applies directly — listing, reading, and deleting mail run against the same grant-scoped endpoints any other Nylas integration uses. Retention and erasure split cleanly into two layers: Retention is a control-plane setting. It lives on a policy — an application-scoped resource that bundles limits and spam settings — attached to the workspace your Agent Account belongs to. Two fields cap how long mail survives: limit_inbox_retention_period and limit_spam_retention_period . Set them once and Nylas deletes a

2026-07-11 原文 →
AI 资讯

Keep your agent's mail out of spam traps

Spam traps are the failure mode nobody puts in the demo. A bounce is loud — you get a 5.x.x back, your code logs it, you move on. A complaint at least gives you a webhook. A spam trap gives you nothing . The message gets accepted, no error comes back, and somewhere a mailbox provider quietly writes your domain down as a spammer. By the time you notice, your inbox placement has already cratered and you have no single bounce to point at. That's the trap, literally. And it's the one that bites autonomous agents the hardest, because the whole appeal of an agent is that it acts without a human watching every send. Point a model at a list it scraped, let it loop, and it'll happily mail a recycled address that's been a trap for two years. The agent never sees a problem. You only see the aftermath in your deliverability dashboard a week later. I work on the Nylas CLI, so the terminal commands below are the exact ones I reach for when I'm wiring up an Agent Account to not do this. The good news is that an Agent Account is just a grant — a grant_id that works with every grant-scoped endpoint you already know — so there's nothing new to learn on the data plane. The defense is mostly discipline: validate before you send, honor every complaint, and age out the addresses that never wanted to hear from you. What a spam trap actually is, and why it's not a bounce It's worth being precise here, because the three things people lump together behave completely differently. A bounce is a rejected delivery. The receiving server tells you the address is bad, you get a message.bounced event, and you stop. Bounce handling is a solved problem — you listen, you suppress, you're done. A complaint is a recipient hitting "report spam." The mailbox provider relays that back as a feedback loop, and you get a message.complaint event. The address is real and reachable; the human just doesn't want your mail. If you keep mailing them, you're training the provider to filter you. A spam trap is neither.

2026-07-11 原文 →
AI 资讯

What is an API? An Explanation for Complete Beginners

Imagine you are sitting at a table in a restaurant. You have a menu in front of you with a list of delicious meals, and the kitchen is ready to cook them. However, there is a missing link. You are sitting in the dining room, and the chefs are tucked away in the back. You can't just walk into the kitchen and grab your food, and the chefs don't leave the stove to come take your order. To bridge the gap, you need a mediator. You need someone to take your order from the table, deliver it to the kitchen, and then bring the food back to you. That person is your waiter. In the digital world, an API (Application Programming Interface) is that waiter. The Plain English Definition An API stands for Application Programming Interface. Strip away the technical jargon, and an API is simply a software messenger that allows two different computer programs to talk to each other and share data. Think of it as a digital bridge. When you use an app on your phone, it doesn't contain all the data in the world inside its small download file. Instead, it uses an API to send a request over the internet to a massive server, which then sends the correct information back. The Restaurant Analogy: Side-by-Side To see how this works in real life, let’s map our restaurant experience directly to how technology works on your phone or computer: The Customer (You): This is the Client (your web browser, smartphone app, or computer). You are the one asking for information. The Menu : This is the API Documentation. It lists out exactly what items you are allowed to order and how you need to ask for them. The Waiter : This is the API. They take your request, run it over to the system, and bring you back the result. The Kitchen : This is the Server / Database. It holds all the raw data, processes the request, and prepares the final output. Where Do You See APIs in Real Life? You interact with dozens of APIs every single day without even realizing it. Here are a few common examples: "Log In with Google" or

2026-07-11 原文 →
AI 资讯

After the ingress-NGINX retirement, what your migration plan owes production

The status of the controller As of March 2026, the Kubernetes SIG Network stopped maintaining ingress-nginx. That is the controller a lot of clusters have been running for years. A CNCF blog post published July 9 walks operators through the state of play. The headline for anyone still on it is short: unpatched CVEs, and no more feature work. The post names two operational risks explicitly. New security issues will not receive upstream fixes. Feature updates and community support have stopped. If your ingress plane is a piece of infrastructure you have not touched in a while, this is the reason to pull it up in this quarter's planning doc. What it means at 3am An ingress controller sits between the internet and your services. When it drops a request, you find out from your users. When it takes a CVE and no one is patching, you find out from a scanner or from a report. Neither is a good discovery path. The controller also carries the exact set of annotations, TLS defaults and rewrite rules your workloads rely on. Nothing about a retirement changes the version you have in production today, so the immediate blast radius is zero. The risk is on the calendar, not on the pager. That is the kind of risk teams reliably defer until a scanner flags an unpatched CVE. The two paths CNCF lays out The post frames the choice as a fork. Path A is a lateral swap to another Ingress controller. The example named is Contour, described in the post as Envoy-based. This keeps you on the Ingress API and mostly moves the problem of who is patching. Path B is modernization to the Gateway API, described in the post as the upstream-backed successor to Ingress. The CNCF post points at ingress2gateway to automate the translation, and recommends an incremental rollout: run the new plane in parallel and move non-critical workloads first. The stopgap version is a mix. Adopt Contour to buy time on maintained code, then schedule the Gateway API move on your own calendar rather than under duress. What

2026-07-11 原文 →
AI 资讯

Your AI coding agent will happily ship a breaking API change. I built an MCP server to catch it.

Last month I watched Cursor confidently rename a field across an entire API, commit it, and open a PR. Clean diff, tests green, looked great. It had also just broken a mobile client and a partner integration that were still reading the old field name — and neither Cursor nor I noticed until much later. That's the thing about AI coding agents and APIs: they're fast, they're fearless, and they have zero awareness of your API contract . An agent will drop an endpoint, make a request field required, or change a response type without any sense that a real consumer out there depends on the old shape. The code compiles. Your tests pass (your tests — not the consumer's). The breakage is completely silent until someone downstream feels it, usually in production, usually from an angry message rather than a failing build. We keep giving agents more power to write API changes and nothing to tell them whether a change is safe to ship . So I built that missing piece as an MCP server. The gap: there's no "is this safe?" step in the loop Think about how you'd catch this manually. You'd diff the old and new OpenAPI spec, look for removed endpoints, removed response fields, tightened request contracts, enum narrowing — the classic breaking changes — and decide whether it's safe to merge or whether you need a version bump and a heads-up to consumers. An agent never does that. It has the code in context, not the contract implications . And "did I just break a consumer?" is exactly the kind of question it should be asking before it hands you a diff. Enter MCP If you haven't used it yet: the Model Context Protocol is a standard way to give AI agents tools — little capabilities they can call. Claude, Cursor, and others all speak it. Instead of the agent guessing, it can call a tool and get a real answer. So the fix is simple to state: give the agent a tool that answers "is this API change safe to ship to my consumers?" — and have it call that before it proposes the change. That's the hero

2026-07-11 原文 →
AI 资讯

Day 125 of Learning MERN Stack

Hello Dev Community! 👋 It is officially Day 125 of my software engineering marathon! Today, I crossed an elite milestone in frontend data architecture: moving completely away from local hardcoded mock lists by connecting my centralized state management infrastructure to live third-party servers using the Fetch API alongside Async/Await ! ⚛️🌐⚡ Now, the social media feed dynamically handles server-side data models, passes payloads to an active state reducer, and broadcasts states down to presentation layers via a custom Context portal! 🛠️ Deconstructing the Day 125 Async Network Lifecycle As shown inside my development setup across "Screenshot (279).png" , "Screenshot (280).png" , and "Screenshot (281).png" , the application state engine is clean and modular: 1. Extensible Central State Reducers ( PostList.jsx ) Engineered explicit structural actions inside the reducer core to seamlessly support both user generation and full-scale network array overriding: javascript } else if (action.type === "NEW_INITIAL_POSTS") { NewPostValue = action.payload.posts; }

2026-07-10 原文 →
AI 资讯

Every AI provider fails in its own way. I stopped checking status codes and built an error model instead.

I built an API gateway that routes between OpenAI, Anthropic and Gemini. I figured integrating both providers would be the hard part. It wasn't. Calling their APIs is maybe an afternoon of work each. The hard part showed up later, the first time something went wrong. The moment it broke Early on, my error handling was basically: catch whatever the provider throws, forward the status code, move on. } catch ( error ) { res . status ( error . status || 500 ). json ({ error : error . message }) } This worked fine until I actually looked at what each provider sends back when something goes wrong. OpenAI wraps its errors in an object with a type and sometimes a code . Anthropic wraps its errors differently, with its own type field that means something else entirely. A 429 from one provider might mean "you're sending too fast, back off." A 429 from another context might mean something closer to "we're out of capacity right now, this isn't really about your rate at all." If you're just forwarding error.status and error.message straight through, none of that nuance survives. Your own error handling ends up being provider-specific whether you meant it to be or not, because the shape of the failure is different depending on who you called. What I built instead Instead of trusting each provider's raw error shape, every call now normalizes into the same internal error model before it reaches the response: } catch ( error ) { const classified = classifyProviderError ( error ) res . status ( classified . httpStatus ). json ({ error : ' AI provider error. Please try again. ' , error_class : classified . error_class , provider : classified . provider }) } error_class is one of a small fixed set: rate_limited , overloaded , quota_exceeded , invalid_request , authentication_error , server_error . That's true regardless of which provider actually failed. The raw provider error still gets logged for me to debug, but what the caller sees is the category of failure, not the provider's spe

2026-07-10 原文 →
AI 资讯

Progress Bar Is Not an API

When a CLI becomes useful, someone eventually tries to automate it. That is where a progress bar can quietly become a problem. For a person, this kind of output is helpful: Translating markdown files 12/40 30% docs/intro.md It tells me that the command is alive, how far it has moved, and which file it is working on. But when another system starts reading that same output, the progress bar stops being only a user interface. It becomes an accidental contract. That was the real problem behind one of the changes in Co-op Translator v0.20.0. The release added a Rich-powered CLI progress UI, but it also added structured translation events. At first, those may look like two separate improvements. They are really two surfaces for the same state: Rich output gives a person something readable, while structured events give integrations something stable. This article is about three things: First, why console output is tempting to parse. Second, how Co-op Translator separated the Rich UI from the event stream. Third, why that separation matters for CLI, Python API, MCP, and product integrations such as Localizeflow. The problem appears when logs become state Console output is written for people. When I run a translation command, I want a quick answer to a few practical questions: Is the command still running? Which stage is active? Which file is being processed? How much work is left? Did anything fail? A progress bar is good for that. It compresses the state of the run into something I can scan quickly. But a product integration needs a different kind of information. Imagine Localizeflow running Co-op Translator as part of a larger workflow. It does not only need to know that text was printed. It needs durable state: Which translation job started Which target language is active Which stage is running Which file completed Which file failed How many items are done Whether the run succeeded If all of that only exists inside console text, the integration has to parse human language

2026-07-10 原文 →
AI 资讯

How to Anonymize PII in Text with an API

What Is Data Masking? Data masking is a technique that replaces sensitive information with realistic but fictitious data, preserving the format and structure of the original while removing its identifiable meaning. The goal is to keep data usable for development, testing, analytics, or sharing — without exposing real personally identifiable information (PII). Common masking techniques include: Substitution — Replace a real value with a plausible fake (e.g., Alice Smith → Jane Doe ). Masking (partial obscuring) — Show only a portion of the value (e.g., 4111-1111-1111-1234 → ****-****-****-1234 ). Redaction — Remove the value entirely. Hashing — Replace with a cryptographic hash. Irreversible, but deterministic when salted. Data masking is widely used in non-production environments, analytics pipelines, data marketplaces, and any scenario where real PII is not needed but structural fidelity is. What Is Dynamic Data Masking? Static data masking (SDM) applies transformations to data at rest — you clone a production database, mask it, and ship the masked copy to a lower environment. The masking happens once, and the result is a permanent dataset. Dynamic data masking (DDM) applies transformations on the fly , at query or API time, based on who is asking. The original data stays untouched; the masking rules are applied in the response layer. This means: Different roles see different levels of detail (e.g., support agents see the last 4 digits of a credit card; auditors see the full number). No masked copies to maintain — one source of truth, many views. Masking policies are centralized and enforceable without application changes. Veramask implements a DDM-style model over an API: you send a request with payload and settings, and receive back the transformed result in real time. No data is persisted on the server — each call is independent and stateless. Anonymizing PII with the Veramask API Veramask exposes two endpoints for dynamic PII masking: Endpoint Input Use Case PO

2026-07-10 原文 →
AI 资讯

Debug the AI API route before you switch models

When an AI API call fails, the tempting reaction is to switch models or providers. That is often premature. A large share of 401, 429, model_not_found, timeout, and confusing billing issues are not model-quality problems. They are route-evidence problems. The request moved through a key, base URL, model ID, retry rule, fallback path, and billing record. If those pieces are not visible, changing the model can hide the real cause. Before you replace the model, debug the route. A practical route checklist Confirm the key scope. Is the API key attached to the right project, environment, and quota rule? A key that works in one workspace can fail in another because the limit, budget, or allowed model set is different. Confirm the base URL. Many OpenAI-compatible errors start with a request going to the wrong host, version path, or proxy. Check the exact Base URL used by the client, not the one written in a README from memory. Confirm the model ID. A model_not_found error is not always a provider outage. It can be a copied alias, a retired ID, a route that does not support that model, or a mismatch between public model names and API model IDs. Separate 401, 403, 404, and 429. These errors ask different questions: 401: is the key present and valid? 403: is the key allowed to use this route or model? 404/model_not_found: is the exact model ID available on this route? 429: is the limit coming from the user, key, project, provider, retry loop, or budget rule? Treating all of them as provider instability wastes time. Look for retry and fallback behavior. A single user action may trigger more than one model call. Agents, RAG pipelines, streaming clients, and SDK retries can quietly multiply traffic. If fallback is enabled, the served route may differ from the requested model. Check the usage and charge record. A successful response is not the end of the test. You should be able to explain which key made the call, which model was requested, which route served it, how many tokens

2026-07-09 原文 →
AI 资讯

Anthropic Shipped @Claude For Slack. My Team Runs On

Anthropic Shipped @claude for Slack. My Team Runs on Telegram. Anthropic just shipped @Claude inside Slack channels. Tag the bot, it reads the thread, does work async, posts back. Nice product. Except roughly 95% of small businesses don't live in Slack — they run on WhatsApp, Telegram, and Gmail. If you're a solopreneur or a 1-to-10-person team, here's the exact four-part recipe I use to run the same pattern in Telegram for under $12/month. What Anthropic actually shipped (and who it's for) Anthropic shipped an enterprise distribution deal wearing a product launch t-shirt. @Claude for Slack lets you tag the bot in a channel or thread, gives it channel memory, connects to your other apps, and returns work asynchronously — but only on Slack Team and Enterprise plans. That's the punchline: it lives where the annual contracts live. Look at the raw user counts. Slack's own reporting puts it around 35–40 million weekly active users globally. WhatsApp is over 2 billion. Telegram is over 900 million. Gmail sits around 1.8 billion. In the 1-to-10-employee segment outside US tech, Slack penetration is single digits. Small teams in Europe, LATAM, and most of Asia coordinate in WhatsApp groups and run pipeline out of Gmail. They are not about to add Slack seats at $15/user/month just to get an @Claude mention. That's a rational call for Anthropic — Slack is where the enterprise procurement motion already exists. It's just not a product for the operator segment. And the pattern they productized is trivially replicable on any messenger with a bot API. Platform Weekly/monthly active users Bot API Cost to run a mention-bot Slack ~35–40M WAU Yes, paid plan $15/user/mo + API Telegram ~900M MAU Yes, free ~$5–12/mo API only WhatsApp Business ~2B MAU Yes, metered $0.005–0.08/conversation + API Gmail ~1.8B MAU Pub/Sub push Free tier + API The four-part recipe (works in any messenger) Every mention-bot is the same four moving parts: a webhook that fires on mention, a context store that ho

2026-07-09 原文 →
AI 资讯

2026 Technical Comparison: Stock & Forex Historical Market Data APIs – Capabilities & Integration Workflows

Introduction Fintech engineers building backtesting engines, live quote dashboards, and algorithmic trading pipelines repeatedly face consistent pain points with market data APIs: limited granularity on free tiers, disjoint real-time and historical endpoints, inconsistent protocol support, and fragmented cross-asset coverage. This neutral technical breakdown compares three widely adopted market data providers, evaluating native functionality and end-to-end integration patterns to streamline API vendor selection for backend and quant teams. Core Evaluation Criteria Data Granularity & Historical Depth: Support for tick, intraday, and daily bars plus long-term archived records across equities and FX Protocol Compatibility: Native REST batch query and WebSocket real-time streaming implementation Developer Operational Overhead: Rate limits, documentation completeness, and production integration complexity Comparative Overview Provider Value Propositions AllTick: All-in-one multi-asset market data API built for quant developers, delivering unified tick/intraday/daily historical archives and dual REST/WebSocket access with balanced pricing for individual builders and small teams. Bloomberg: Institutional-grade terminal API offering comprehensive cross-market depth, alternative datasets, and proprietary analytics; targeted exclusively at enterprise investment teams with high entry integration overhead and subscription costs. Alpha Vantage: Lightweight free-first REST API ideal for early-stage prototyping and educational use, lacking native real-time streaming and deep tick-level historical archives. Feature Comparison Matrix Metric AllTick Bloomberg Alpha Vantage Free Tier Rate Limits 100 requests/min, full tick granularity access No permanent free tier; limited trial enterprise access only 5 requests/min, restricted to daily/intraday bars Live Latency Average 170ms native WebSocket push Sub-10ms dedicated institutional line feeds Polling-only, minute-scale delayed refresh

2026-07-09 原文 →
AI 资讯

8 Free Food & Nutrition APIs (No Key, Tested 2026)

On July 8, 2026 I looked up a barcode that does not exist. Eight zeros. I sent them to Open Food Facts, the largest open nutrition database on the web, and it answered HTTP 200. Green light. Then I read the body: "status":0 , "status_verbose":"no code or invalid code" . A success code wrapped around a total miss. Ten seconds of trusting the status line and I would have written that empty result into a calorie tracker as if it were food. That is the whole post. The list of APIs is the easy part. The hard part is that a keyless food API hands you a clean 200 and a wrong answer, and it does it a slightly different way on almost every endpoint. A free food API here means a public nutrition, ingredient, or recipe endpoint that returns JSON with no API key, no signup, and no card. Not a CSV dump, not a partner form, not a portal from 2012. A real REST call you can paste into a terminal right now. I found eight that clear that bar, plus three worth knowing that quietly lean on a shared key. I re-verified every one with a live curl on July 8, 2026 (real HTTP code, real body, trimmed but never paraphrased). If you build calorie trackers, meal planners, grocery tools, or an AI agent that answers "how much sugar is in this," these are the lookups you reach for. Every one of them can lie to you with a 200. Here is the uncomfortable finding before the list. Keyless nutrition data in 2026 is mostly one project. Open Food Facts and its sibling databases (Pet Food, Products, Beauty, Prices) are six of the eight entries below: five distinct databases on one shared engine, with Open Food Facts itself showing up twice because it fails two different ways. Only two entries, Fruityvice and Wger, are independent, and Wger re-imports its data from Open Food Facts anyway. That concentration is not a weakness of the roundup. It is the point. Because it is one engine, the data-quality traps below are systemic, not one-offs. Learn them once and they repeat across the whole family. Let me be st

2026-07-09 原文 →
AI 资讯

Did you ever face "stale singleton httpx connection" and "cold-start connection problem" problem, Well I did tonight.

It is been while I am learning and build around FastAPI. So there is a project where I was thinking how to add this new feature over exiting one. Like what changes I need to make in database which need to be reflected in my backend and frontend. I already lunched the web locally. Problem started When I when back to the web and reload it it shows this error: ERROR: ConnectTimeout: Unauthorized 401. I was like what? Why? I thougth there is some issue with login endpoint or refresh token function. When i did some debugging and found some new information which is: "Either Supabase's edge/pooler (or OS, or an intermediate proxy/NAT) silently kills those idle connections server-side after some timeout but client-side pool doesn't know that." As I was doing nothing in become idle state so to save the resources server side silently close that particular connection. So I came back and try to connect it give this error. First thought come it my mind after this was there should be a way to automatically check this idle state and if user was in ideal state then create a new connection. Proposed Solutions After a while I come up with these solution: Calculate the Idle time: if it is more then server connection timeout then establish new connection. Retry logic: retry once on the specific connection errors. I thought this will work but This again give me error then this new issue I faced. Cold-start connection problem There is something call dual-stack (IPv4 and IPv6) networks and Happy Eyeballs is a network mechanism which automatically move to IPv4 connection if IPv6 fails. But supabase-py uses httpx and it doesn't support Happy Eyeballs. So in first try after the connection time out it try to establish IPv6 connection which is not routeable in most Pakistani ISPs and ultimately it fails and wait for timeout. There is no way to try it again for IPv4. So we have to do it manually. So this error help me to learn many thing in process. Share your thoughts.

2026-07-09 原文 →