今日已更新 76 条资讯 | 累计 21295 条内容
关于我们

标签:#ast

找到 209 篇相关文章

AI 资讯

A Book of Wrong Answers

There is a note in my runbooks that says the Enter key works. That is almost the whole note. Press Enter and the prompt submits. I wrote it in bold, with sources and a date, because one of my AI agents once fixed the Enter key. The fix was the bug. The Fix Was the Bug I run a fleet of Claude Code agents in tmux panes. An orchestrator script types a prompt into a pane and presses Enter for it. One day an agent decided the submissions were not going through, and it knew the fix: send a backslash before the Enter. That sounds plausible if you have ever fought a terminal. It is also exactly backwards. In Claude Code, backslash plus Enter inserts a newline. It is the multiline key. So the fix turned every prompt into a draft that quietly grew longer and never sent. The panes looked busy. Nothing was happening. The submissions had been fine all along. The agent just had not waited for the reply. What broke: An agent changed Enter to backslash-Enter to repair prompt submission. Backslash-Enter creates a newline, so the repair silently stopped every prompt from sending. The system it fixed had never been broken. There is a second note in the same genre. My monitoring dashboard answers its health check with a 302 redirect to the login page. That is what healthy looks like there. But a 302 looks like trouble if you are hunting for outages, and agents kept trying to repair it. So the runbook now says, more or less: the redirect is normal, do not fix the healthy system. Human teams do not write notes like these. Nobody pins "the Enter key works" to the wall of an office. A New Hire Every Session Why did I have to? Because a human hits a dead end once. The wince is the documentation. Whoever broke a build by fixing the Enter key would remember it for years, tell the story at lunch, and the whole team would absorb it without anyone writing a word. An agent has none of that. It has no episodic memory. Every fresh context window is a new hire: smart, fast, and seeing your system fo

2026-07-18 原文 →
开发者

Source View Technology: Combining the Strengths of APT and AST

Background Take Lombok as an example: at compile time, it reads annotations like @Getter and @Setter through an Annotation Processor (APT, Annotation Processing Tool), then directly modifies the AST (Abstract Syntax Tree) in memory, injecting getter/setter methods for fields. Developers only need to annotate fields, and the compiled .class files automatically include these methods. Advantages of APT APT is an extension mechanism natively supported by the Java compiler. Annotation processors run at compile time and can read annotation information from source code to generate new source files. Its advantages are: Standardized — Simply implement the Processor interface; no need to hack the compiler Composable — Multiple annotation processors can work together in the same compilation process Generated code is visible — Source files generated through the Filer API are located in the build/generated/ directory, and IDEs can navigate to them after configuring the source path Disadvantages of APT APT has a fundamental limitation: it cannot generate a class with the same fully qualified name as the source code. The Java compiler explicitly specifies that two classes with the same fully qualified name are not allowed in the same compilation unit. Source code generated by APT participates in the same round of compilation as the original source code, so it can never generate a class with the same fully qualified name as the original class. This means APT cannot truly "modify" a class; it can only generate new classes (such as Builder, Factory, etc.). Advantages of AST Tools like Lombok bypass the APT limitation by directly modifying the AST in the compiler's memory — injecting methods for fields, injecting constructors for classes, etc. The advantages of AST modification are: Can modify existing classes — Methods are added directly to the AST in memory, breaking through the limitation that APT cannot generate Same-Name Classes Zero intrusion — Classes written by developers rema

2026-07-18 原文 →
AI 资讯

Apple’s plot to crush OpenAI

Apple is suing OpenAI. The complaint is readable and intense, as these things often are, though many experts seem to think many of the allegations are just the ways things are done. So what does Apple really want here, and why is it picking such a public fight with OpenAI? On this episode of The […]

2026-07-18 原文 →
AI 资讯

A FastAPI Agent Template Is Not Production-Ready Until Task Ownership Crosses Every Layer

Vercel published an OpenAI Agents SDK with FastAPI template on July 17, 2026. A template can remove setup work, but successful generation is not the production boundary that usually breaks. Task ownership is. Primary source: Vercel template, “OpenAI Agents SDK with FastAPI” . Before adopting any agent starter, I would add one vertical test: Alice must be able to create and cancel her task; Bob must not be able to read, stream, or cancel it—even if he guesses the task ID. State the cross-layer contract UI -> POST /tasks -> ownership row -> worker UI <- GET /tasks/:id <- authorization <- state UI <- event stream <- authorization <- events UI -> POST /tasks/:id/cancel -> authorization -> cancellation Use explicit states: queued -> running -> succeeded -> failed queued|running -> cancelling -> cancelled The database, API response, stream, and UI must agree on the same task and owner. Minimal schema create table tasks ( id text primary key , owner_id text not null , state text not null check ( state in ( 'queued' , 'running' , 'succeeded' , 'failed' , 'cancelling' , 'cancelled' )), created_at text not null , updated_at text not null , revision integer not null default 0 ); create table task_events ( task_id text not null , revision integer not null , kind text not null , payload text not null , primary key ( task_id , revision ) ); Do not derive ownership from a browser-supplied field. Resolve the authenticated principal on the server and store it when creating the task. FastAPI authorization seam from fastapi import Depends , FastAPI , HTTPException app = FastAPI () def current_user (): # Replace with verified session/JWT middleware. return { " id " : " alice " } def load_owned_task ( task_id : str , user = Depends ( current_user )): task = db_get_task ( task_id ) # application function if task is None or task [ " owner_id " ] != user [ " id " ]: # Avoid revealing whether another user's task exists. raise HTTPException ( status_code = 404 , detail = " task not found " )

2026-07-17 原文 →
AI 资讯

GDPR Compliance Fails When It Exists Only in Policy Documents

GDPR Compliance Fails When It Exists Only in Policy Documents Many organizations can produce a privacy policy, a data processing register, and a set of security procedures. The harder question is whether their infrastructure can actually protect, recover, trace, and report personal data when something goes wrong. GDPR compliance is often discussed as a legal project. In practice, many of its most difficult requirements depend on everyday IT operations. Can the organization recover personal data after a destructive incident? Can it identify who restored, copied, accessed, or deleted a backup? Can it detect suspicious activity quickly enough to support an investigation? Can it demonstrate that protection controls are applied across on premises, cloud, and hybrid environments? Policies explain intent. Operational controls provide evidence. Availability Is a Privacy Requirement Too Privacy discussions often focus on unauthorized access and disclosure. Data loss and prolonged unavailability matter as well. Personal data may become unavailable because of ransomware, storage failure, accidental deletion, database corruption, software defects, or a regional outage. If the organization cannot restore that data, it may be unable to serve customers, respond to data subject requests, or maintain essential business processes. A GDPR aligned protection strategy should therefore include reliable backup, offsite copies, tested recovery, and resilience across multiple failure scenarios. The backup architecture should support the systems that actually contain personal data, including databases, virtual machines, file servers, object storage, cloud workloads, and large data platforms. Protecting only the most visible applications leaves hidden gaps. Encryption Is Necessary, but It Is Not the Whole Answer Encryption protects data during transmission and storage, especially when backup copies move across networks or are stored outside the production environment. However, encrypted data

2026-07-16 原文 →
AI 资讯

What Is My IP Address? IPv4 vs IPv6 Explained for DevelopersPublished

What Is My IP Address? IPv4 vs IPv6 Explained for Developers If you've ever debugged a CORS error, set up an IP allowlist, or wondered why req.ip returned something weird in your Express logs, you've run into the same question from a different angle: what actually is an IP address, and which one is "mine"? fastestchecker.com This post breaks down IPv4 vs IPv6, public vs private IPs, and how to reliably detect a user's IP address in your own code — plus a fast way to check yours right now. fastestchecker.com TL;DR IPv4 addresses look like 192.168.1.1 — four numbers, 0-255, separated by dots. There are about 4.3 billion of them, and we've run out. IPv6 addresses look like 2001:0db8:85a3::8a2e:0370:7334 — a much larger address space designed to replace IPv4. Your device usually has a private IP (local network) and shares a public IP (internet-facing) with everyone else on your router. You can check your current public IP instantly with a tool like FastestChecker's IP Checker — useful for confirming what your server or API actually sees. > IPv4 vs IPv6 : What's the Actual Difference IPv4 IPv4 has been the backbone of the internet since the 1980s. It's a 32-bit address, which caps the total number of unique addresses at roughly 4.3 billion. Given how many devices are online today, that pool has been effectively exhausted for years — which is why NAT (Network Address Translation) exists: it lets an entire household or office share one public IPv4 address. Example IPv4: 203.0.113.42 IPv6 IPv6 uses 128-bit addresses, which gives it an address space so large it's effectively unlimited for practical purposes (2^128 addresses). It was designed specifically to solve IPv4 exhaustion, and adoption has been climbing steadily — most major cloud providers and mobile carriers support it by default now. ** Example IPv6:** 2001:0db8:85a3:0000:0000:8a2e:0370:7334 Quick Comparison IPv4IPv6Address length32-bit128-bitFormatDotted decimal (192.168.1.1)Hexadecimal, colon-separatedTotal addre

2026-07-16 原文 →
AI 资讯

Scale Is a Design, Not a Dial

The dashboard says forty instances, up from twelve this morning. The autoscaler did its job: it saw latency climb and threw hardware at it. And latency got worse. Not flat. Worse. You're paying for three times the compute to serve a slower product. Somewhere under all forty of those boxes is a single thing they're all waiting in line for, and every instance you add makes the line longer. Horizontal scaling multiplies work that doesn't have to coordinate. The instant the work does have to coordinate, more instances make it slower. Amdahl wrote this down in 1967: the serial fraction of a job sets a hard ceiling on how much faster you can go, no matter how much hardware you throw at the parallel part. Neil Gunther's Universal Scalability Law goes further: past a certain point, the cost of nodes coordinating with each other bends the curve back down. Add capacity, get less throughput. That ceiling was not set by the autoscaler, and it will not be moved by the autoscaler. It was set a long time before this morning, in a room, by whoever decided where the state lives and who has to touch it at the same instant. Now hand the service to a fleet of agents. It writes you something that looks built to scale: stateless handlers, a tidy repo, green tests, a canary that bakes fine at 1% traffic. Every gate you trust says ship it. And the bottleneck is sitting right there in the design, invisible to all of it, because the mistake isn't in the lines, it's in the shape. You cannot catch a shape problem by reading a diff. Name the hot state before you pick a framework. Where does the contended state live, and which requests touch it at the same instant? Answer that out loud, before anyone opens an editor. The tool is downstream of that answer, every time. Originally published at https://imacto.com/writing/scale-is-a-design-not-a-dial . Written with Claude Opus 4.8.

2026-07-15 原文 →
AI 资讯

From $39/Month to $1: How I Moved 10+ Sites Off Hostinger for Free

Last month I finally did some math I'd been putting off: how much I was actually paying to keep a bunch of sites online. $39/month on Hostinger (about R$200, I'm in Brazil). For hosting 10+ sites: product landing pages, blogs, a couple of small tools. Every month, on autopilot, straight off the card. Then I asked myself the obvious question I'd been avoiding: out of those 10+ sites, how many actually need a server running 24/7? Answer: none. What these sites actually are A product landing page doesn't need PHP processing a request. A blog doesn't need a database query on every page view. A marketing site doesn't change its content every second. That's HTML, CSS, and JS you can generate once and serve from a CDN. In other words: a static site. A few real examples I migrated: eduardovillao.me → my personal blog, built with Astro formroute.dev → a SaaS landing page, plain HTML wpfeatureloop.com → a dev tool landing page, plain HTML Three different kinds of sites (blog, SaaS, dev tool), two different stacks, and none of them needed a server running around the clock just to exist. The reason I hadn't migrated sooner wasn't technical. It was inertia. "It's already paid for, it already works, leave it alone." Classic. The migration I moved everything to Cloudflare Pages . The reasoning is boring because it's so simple: it's free, global CDN, automatic SSL, Git-based deploys, custom domains at no extra cost. For static sites, there's really nothing to debate. The process, in short: Each site became a repo (or a folder inside a monorepo, depending on the case) Connected the repo to Cloudflare Pages Set up the build, mostly plain HTML, Astro for the blog where I wanted content collections and a proper writing workflow Pointed the domain, SSL came up on its own Cancelled hosting for that domain on Hostinger Repeated that site by site. No magic, just repetitive work, but each one took about 20-30 minutes. (If you want the technical deep dive on one specific migration, including

2026-07-15 原文 →
AI 资讯

The Union‑Find Fellowship: Finding Your Tribe in Code

The Quest Begins (The "Why") I still remember the first time I stared at a LeetCode problem that asked me to count the number of islands in a grid. My initial instinct? Run a BFS/DFS from every unvisited land cell, mark everything reachable, and repeat. It worked, but each query felt like I was re‑exploring the same territory over and over again—like walking the same hallway in a dungeon every time I wanted to open a new door. Then a friend tossed me another problem: “Given a list of friendships, tell me if two people are in the same social circle.” Again, the naive solution was to rebuild the whole graph for every query. I felt like I was stuck in a grind‑fest, repeating the same low‑level work while the real challenge—understanding the structure of the connections—remain. That frustration sparked a question: Is there a way to remember what we’ve already discovered about connectivity, so future queries are instant? The answer, as many of you have guessed, lives in a humble but mighty data structure called Union‑Find (also known as Disjoint Set Union, DSU). The Revelation (The Insight) At its core, Union‑Find is about two simple ideas : Each element starts in its own set – think of every person as a lone adventurer. When we learn that two elements belong together, we merge their sets – we call that a union . The magic isn’t just in merging; it’s in how we find the representative (or “root”) of a set later on. If we naïvely walked up a chain of parents every time, we could end up with O(n) per find—still a grind. Two optimizations turn this into near‑constant time: Union by rank (or size) – always attach the smaller tree under the root of the larger one. This keeps the overall tree shallow, guaranteeing that the height never exceeds log n. Path compression – during a find operation, we make every node we pass point directly to the root. It’s like handing every traveler a map that instantly shows the shortest route to the campfire, so next time they don’t need to trek

2026-07-15 原文 →
AI 资讯

JavaScript has no sorted containers. I built one for TypeScript.

JavaScript ships with Array , Set , and Map — but nothing that keeps its elements sorted as you insert. If you've ever built a leaderboard, an order book, or anything that answers "give me the items between X and Y", you know the workaround: push into an array and .sort() after every insertion. It works, until scale punishes you — you're paying O(n log n) over and over for data that was already 99.9% sorted. Python solved this years ago with sortedcontainers , built on an elegant "list of lists" design instead of balanced trees. I just published sorted-collections , which brings that idea to TypeScript — with full credit to the original as its inspiration. What you get SortedList, SortedSet, SortedMap — always sorted, no manual re-sorting, range queries built in. O(log n) insertions, O(√n) positional access via sqrt-decomposition into buckets. Zero runtime dependencies , ~2KB gzip, types included, dual ESM/CJS. Package quality gated in CI with publint , arethetypeswrong , and size-limit . The API in 30 seconds import { SortedList , SortedSet , SortedMap } from " sorted-collections " ; // SortedList: stays sorted on every insert const list = new SortedList ([ 5 , 1 , 4 , 2 , 3 ]); list . add ( 0 ); console . log ([... list ]); // [0, 1, 2, 3, 4, 5] console . log ( list . at ( 2 )); // 2 — positional access on sorted order // SortedSet: no duplicates, plus set algebra const a = new SortedSet ([ 1 , 2 , 3 , 4 ]); const b = new SortedSet ([ 3 , 4 , 5 ]); console . log ([... a . intersection ( b )]); // [3, 4] // SortedMap: keys always in order, range queries built in const prices = new SortedMap < number , string > ([ [ 104.5 , " order-3 " ], [ 99.2 , " order-1 " ], [ 101.0 , " order-2 " ], ]); for ( const [ price , id ] of prices . irange ( 100 , 105 )) { console . log ( price , id ); // 101.0 order-2, then 104.5 order-3 } Custom comparators are fully typed: number and string get natural ordering for free; for your own types, TypeScript requires a comparator at compile

2026-07-15 原文 →
AI 资讯

He Built an App in 24 Hours and Made $20,378 the Next Day. Here's the Part Nobody Screenshots.

Marc Lou read a tweet, slept on it, and woke up still annoyed. The tweet, from Pieter Levels, was about all the fake revenue screenshots on X. By the next evening Lou had built a thing to fix it. By the day after that, the thing had made $20,378. That is the part everyone retweets. I want to walk you through it, and then I want to show you the line in his own year-end letter that complicates the whole legend. The setup Lou got fired by Tai Lopez in November 2021, was broke and depressed, and moved to Bali. He started shipping tiny products in public, copying the playbook of, yes, Pieter Levels. His breakout was ShipFast , a Next.js starter kit that did $40,000 in its first month in September 2023. By December 2025 he was running 15 startups generating about $84,900 a month, with cumulative revenue past $2.26 million, per his verified TrustMRR data. The reason I trust his numbers more than most is that he verifies them through Stripe on his own product, TrustMRR , which brings me to the 24-hour story. The moment something worked, absurdly fast TrustMRR exists to kill fake MRR screenshots. You connect a read-only Stripe key, and it shows your verified revenue on a public page nobody can edit. Lou built it in a day on top of his own boilerplate, which is the cheat code here. He was not starting from zero, he was starting from ShipFast. "TrustMRR is 24 hours old and was built in 24 hours." @marc_louvion on X He monetized it with sidebar ad slots. He listed them at $299 a month, then raised the price each time one sold, all the way to $1,499. In his newsletter he wrote that within three days every slot was gone and the side project had made $20,378. He called it the third fastest-growing thing he has ever built. Five days in, he posted the run-rate dream out loud. "20/20 spots filled! TrustMRR went from $0 to $18,380 MRR in 5 days. That's $220,000 ARR if I'm allowed to dream a little" @marc_louvion on X It kept going. By December 2025 TrustMRR was his single biggest inco

2026-07-14 原文 →