今日已更新 498 条资讯 | 累计 20470 条内容
关于我们

标签:#dev

找到 2557 篇相关文章

AI 资讯

🐍 Day 1/100 — Starting my Python journey!

Hey everyone! 👋 I'm a complete beginner and today I'm officially kicking off my #100DaysOfCode challenge with Python. I've dabbled with the idea of learning to code for a while, but this time I want to actually commit - so I'm posting daily updates here to keep myself accountable and track my progress over the next 100 days. My plan: Post a short update here every day - what I learned, what I struggled with, and what's next Eventually move into some small real-world projects once I've got the basics down Why I'm doing this: I want to build real skills, not just "watch tutorials and forget everything." Writing it down publicly (even anonymously) keeps me honest and hopefully connects me with others on the same path. If you're also learning Python or doing a 100 days challenge, I'd love any tips, resources, or just to follow along with each other's progress! Day 1 status: Just setting up my environment and going through the basics — nothing exciting yet, but everyone starts somewhere! 100DaysOfCode #Python #Beginner #LearnToCode

2026-07-07 原文 →
AI 资讯

Validate Before You Build: The MVP Lessons I Learned the Hard Way

This is part of my work with 01MVP on OpenNomos — a project that helps founders validate ideas before building. The $0 Launch I once spent three months building a product. It had everything: authentication, payments, a polished UI, dark mode. I was proud of it. Launch day: 27 visitors. Zero signups. I had spent 90 days building and precisely zero days asking anyone if they wanted what I was building. I was solving a problem that existed only in my head. The Hardest Lesson The product wasn't bad. The code was fine. The UI was clean. The problem was that I never validated the core assumption: does anyone actually have this problem, and would they pay to solve it? This is the most common failure mode in indie hacking. You build something you think is cool, polish it to perfection, and launch to silence. The code was never the bottleneck. The validation was. What I Do Differently Now Talk to 10 people before writing code. Not surveys. Not landing page analytics. Actual conversations. "Would you use this? Would you pay for it? Why or why not?" Build a mockup, not a product. A Figma prototype or even a Google Form that simulates the core workflow is enough to test willingness to engage. Charge from day one. Free users will tell you nice things. Paying users will tell you the truth. If nobody will pay, the idea isn't ready. Kill fast. Most ideas fail. The goal isn't to make every idea succeed — it's to fail the bad ones quickly so you can find the good ones. Why This Matters More in 2026 In 2016, building a product was hard. You needed to know how to code, set up servers, handle deployments. The barrier to building kept bad ideas from being built. In 2026, Cursor writes your code, v0 generates your UI, and Replit deploys it. The barrier to building has collapsed to near zero. But here's the problem: AI can help you build anything. It cannot help you figure out what's worth building. The result is a flood of well-built products that nobody wants. The bottleneck shifted from

2026-07-07 原文 →
AI 资讯

"Swipe Cleaner: A Technical Deep Dive into On-Device Photo Privacy"

Disclosure: I write about projects in the OpenNomos ecosystem, including Swipe Cleaner. The Problem With Photo Cleaners Most photo cleaning apps have a dirty secret: your photos leave your device. They get uploaded to some server for "AI processing," "cloud analysis," or just because the developer didn't think about it. Swipe Cleaner takes the opposite approach. Everything happens on your iPhone. Not a single pixel leaves your device. Let me break down why that matters, and how it actually works under the hood. The Architecture Swipe Cleaner is built on three principles: 1. On-device processing, always. Image analysis, duplicate detection, and similarity matching all run locally using Apple's Core ML and Vision frameworks. No cloud roundtrips, no server costs, no privacy policy loopholes. 2. Tinder-style UX for decisions. You don't manage a grid of thumbnails and checkboxes. You swipe. Right to keep, left to delete. This isn't just a UI gimmick — it's a deliberate choice to reduce decision fatigue. When you have 3,000 photos to clean, you need flow, not friction. 3. Sandboxed storage access. The app requests permission for exactly what it needs. It doesn't ask for your entire photo library if you only want to clean screenshots. This is iOS privacy-by-design done right. Why On-Device Matters Now We're in a weird moment. AI capabilities are exploding, which means the temptation to "send it to the cloud for better results" is stronger than ever. But at the same time, Apple is pushing hard in the opposite direction — Private Cloud Compute, on-device ML, differential privacy. Swipe Cleaner aligns with where the platform is going, not where the industry has been. The Technical Trade-offs Local-first isn't free. Here's what you give up: Model size constraints. You can't run a 70B parameter vision model on an iPhone. The models need to be small, optimized, and ruthlessly efficient. No cross-device sync. Your cleaning decisions stay on one device. No cloud means no sync. For

2026-07-07 原文 →
AI 资讯

Why Online DevTools Are the Next Big Thing for Developer Productivity

Every developer has been there: you need to format a JSON blob, decode some Base64, or convert a timestamp. You open your terminal, look for the right npm package, or — worse — write a quick script. I used to do this too. Then I discovered a better pattern. The Problem with Local CLI Tools Local tools have real drawbacks: Installation overhead : npm install -g some-tool for a one-time task Version rot : tool stops working after OS update No sharing : you format JSON but cant send the result to a colleague Environment drift : works on your machine, not on staging Online Tools as a Pattern Opennomos Json (reachable via opennomos.com/en/project/01KJ850Z7PNGXHXESBM68HE12Y) represents a shift: developer tools as a platform , not as utilities you install. What makes this different: Zero install — browser tab, done Cross-device — phone, laptop, any OS Shareable results — formatted output has a URL you can send to teammates Timestamp converter built in — ms, seconds, ISO 8601, bidirectional Base64 codec — no need for a separate site The Bigger Trend We are seeing the same pattern across the dev ecosystem: GitHub Codespaces (IDE in browser), Replit (runtime in browser), Vercel (deployment in browser). The next frontier is utility tools in browser . Why run jq locally when a well-designed online tool does it faster and gives you a share link? Try It Head to opennomos.com/en/project/01KJ850Z7PNGXHXESBM68HE12Y — the JSON tools are free, fast, and part of a broader contributor rewards system that makes open-source tooling sustainable. Built as part of the Nomos Build-in-Public series.

2026-07-07 原文 →
AI 资讯

Linux Package Management Explained Simply (apt, dnf, yum & rpm)

Quick Note In my previous article, I mentioned that Linux Troubleshooting Flow for Beginners would be the final post in this series. While preparing it, I realized there were a few practical Linux skills every beginner should learn first. These topics will make the troubleshooting guide much easier to understand and follow. Before we wrap up the series, we'll cover: Package Management Finding Files & Text Viewing Files Efficiently File Compression Then we'll bring everything together in the final Linux Troubleshooting Flow for Beginners. Introduction Installing software on Linux is very different from Windows. On Windows, you usually download an .exe installer. On Linux, software is typically installed and managed using package managers . This is one of the most practical skills every Linux beginner should learn early. What is a Package? A package is a ready-to-install bundle that contains: The main program Required libraries Configuration files Documentation Examples: nginx , git , docker , curl , vim Think of a package as a ready-to-install software box. What is a Package Manager? A package manager is a tool that installs, updates, removes, and manages software packages. Instead of downloading software manually, you simply run a command. Example: sudo apt install git The package manager automatically: Downloads packages from trusted repositories Install required dependencies automatically Upgrade installed software Removes them cleanly Instead of manual downloading, you just run one command. Why Use a Package Manager? Without package managers, you would have to: Search for software manually Download files from websites Install dependencies yourself Update each application separately Package managers automate all of this. What is a Repository? Package managers download software from repositories. A repository is a trusted online collection of software packages maintained by your Linux distribution. Instead of downloading software from random websites, Linux install

2026-07-07 原文 →
AI 资讯

DeepSeek vs Qwen vs Kimi vs GLM: Which AI API Actually Wins in 2025?

DeepSeek vs Qwen vs Kimi vs GLM: Which AI API Actually Wins in 2025? I've spent the last decade designing systems that need to stay up no matter what. 99.9% uptime isn't a marketing slogan for me — it's the difference between a happy customer and a 3am incident call. So when the Chinese model ecosystem exploded with options like DeepSeek, Qwen, Kimi, and GLM, I didn't just glance at the benchmarks. I pulled the levers, watched the dashboards, and stress-tested every endpoint I could get my hands on. Here's what I found after weeks of running these models behind load balancers, instrumenting them with p99 latency tracking, and watching how they behave when you throw production traffic at them. The Multi-Region Reality Nobody Talks About Most comparison articles treat AI APIs like they're interchangeable endpoints you curl against. That's fine for a weekend hackathon. It's dangerous for production. When I'm architecting a service that depends on an LLM, I care about three things before I care about quality: p99 latency under sustained load Failover behavior when a region gets congested Cost per million tokens at the rate I'm actually consuming I ran each of these four providers through a series of synthetic workloads — bursts of 200 concurrent requests, sustained 50 RPS for an hour, and cold-start recovery tests. The numbers told a story that the marketing pages don't. The Data at a Glance Here's the TL;DR before I dive in. DeepSeek gives you the best price-to-performance ratio, full stop. Qwen has the widest catalog of model sizes I've ever seen from a single provider. Kimi costs a premium but earns it on reasoning-heavy workloads. GLM punches above its weight on Chinese-language tasks and offers multimodal support that the others don't. Dimension DeepSeek Qwen Kimi GLM Provider DeepSeek (幻方) Alibaba (阿里) Moonshot AI (月之暗面) Zhipu AI (智谱) Output price range $0.25–$2.50/M $0.01–$3.20/M $3.00–$3.50/M $0.01–$1.92/M Budget pick V4 Flash @ $0.25/M Qwen3-8B @ $0.01/M N/A GL

2026-07-07 原文 →
AI 资讯

Building ClaimMate AI

Hi everyone, I'm Marc, the founder of ClaimMate AI. I've been building an AI software engineering platform that helps developers generate code, explain existing code, debug issues, create tests, review code, and build applications from simple prompts or voice. I'm still in the early stages and would really appreciate honest feedback from other developers. Why I Built It I wanted one workspace where developers could chat with AI, generate code, debug problems, and iterate on ideas without constantly switching between multiple tools. I'd Love Your Feedback If you have a few minutes, I'd appreciate any thoughts on: Is the interface easy to understand? Which feature would you use most? What would stop you from using it regularly? What feature is missing? You can try it here: https://ClaimMateAI.pro I'm not looking for praise—I genuinely want constructive feedback that will help improve the product. Thanks for your time!

2026-07-07 原文 →
开发者

INTO Coding...

Hi folks! This is Mark Tony , a fresher to this field of technology from the UG Physics background. In a way, I'm pursuing my desire which I missed during my college days. My new venture begins along with @payilagam_135383b867ea296 Where I'm doing my Full stack developer course right now. I'm excited and enthusiastic about learning and becoming a developer. Dev community kick starts my journey 😉😊

2026-07-07 原文 →
AI 资讯

Test Isolation

Test Isolation: A Lesson I Learned While Migrating Playwright Tests During my software engineering internship, I helped optimize our CI pipeline by identifying which E2E tests could safely run in parallel. That work quickly taught me that the biggest obstacle wasn't Playwright or Python, it was test isolation. This article is about that lesson. What is test isolation? A simple rule I now use is this: if a test can't run by itself with the same outcome, it probably isn't truly isolated. A well-isolated test should produce the same result whether it: runs by itself runs first or last runs after another test runs in parallel with hundreds of other tests To understand test isolation, it also helps to understand what state means. State isn't limited to database rows. During the migration, I found tests interacting with many different kinds of state. database records global configuration filesystem resources application caches If any of these are shared between tests, they become potential sources of hidden dependencies. How tests lose isolation As I started reading the existing test suite, I noticed a recurring pattern. Many tests assumed something about the environment instead of creating it themselves. Some expected specific data to already exist. Others modified global settings without restoring them afterward. Some searched for rows based on their position in a table instead of using a stable identifier like a name or ID. None of these looked particularly problematic when reading a single test. The problems only appeared once the entire suite started running together. One test would leave behind data another test didn't expect. A shared configuration would silently affect unrelated tests. A UI assertion would suddenly fail because another test inserted an extra row into the same table. Individually, the tests appeared independent. Together, they formed hidden dependencies. Not all shared state is equally difficult to isolate One realization that helped me reason abou

2026-07-07 原文 →
AI 资讯

Cursor AI Review 2026: The AI-Native Code Editor

Cursor is the first AI code editor I have used that feels less like an autocomplete plugin and more like a place to steer work. It does not write perfect software. It changes the rhythm: ask for a scoped change, review the diff, then tighten it by hand. This Cursor AI review is based on day-to-day developer tasks: reading unfamiliar code, editing React components, moving logic between files, writing tests, and asking the editor to explain errors from the terminal. The short version is simple: Cursor is excellent when a task crosses file boundaries. It is less convincing when you only need cheap inline completions. What Cursor Actually Is Cursor is a VS Code-based editor from Anysphere with AI built into the core experience. Extensions, settings, themes, terminal panes, source control, and the familiar layout are still there. The difference is that chat, agent-style edits, tab completion, codebase search, and model selection are treated as editor controls rather than add-ons. That matters in daily use. I found the chat panel most useful when I pointed it at a directory and asked for a narrow change, such as "move this validation into the shared helper and update the tests." Cursor could usually find the right files, make a first pass, and leave me with a readable diff. I still had to check naming, edge cases, and test coverage, but it saved the boring part of hunting through files. The Best Part: Multi-File Editing Cursor's strongest feature is multi-file editing with codebase context. A lot of AI coding assistants can finish a function. Fewer can update the component, the hook, the type definition, and the test in one pass without losing the shape of the project. In my experience, Cursor is at its best with medium-sized tasks. It handles "add a field to this form and wire it through the API call" better than "invent a new architecture." It also works well for cleanup: renaming a concept, extracting repeated logic, or adding a missing test around an existing pattern.

2026-07-07 原文 →
AI 资讯

How to criar Dockerfiles eficientes com multi stage builds

Multi stage builds sao uma das melhores features do Docker para manter imagens pequenas e organizadas. Vou mostrar como aplicar isso em um projeto Python real. Crie um arquivo app.py simples: # app.py def main(): print("Hello from a multi stage build") if __name__ == "__main__": main() Agora crie o Dockerfile sem multi stage: FROM python:3.12-slim WORKDIR /app COPY requirements.txt . RUN pip install --no-cache-dir -r requirements.txt COPY . . CMD ["python", "app.py"] Essa imagem inclui o pip, o cache do pip e ferramentas de build que nao precisamos em producao. O resultado e uma imagem maior que o necessario. Com multi stage builds separamos o ambiente de build do ambiente final. Veja o mesmo Dockerfile com dois stages: FROM python:3.12-slim AS builder WORKDIR /app COPY requirements.txt . RUN pip install --no-cache-dir -r requirements.txt FROM python:3.12-slim WORKDIR /app COPY --from=builder /usr/local/lib/python3.12/site-packages /usr/local/lib/python3.12/site-packages COPY . . CMD ["python", "app.py"] O primeiro stage instala as dependencias. O segundo stage copia so o que importa. O resultado e uma imagem final muito menor. Para construir e ver o tamanho: docker build -t minha-app . docker images | grep minha-app Para linguagens compiladas como Go o ganho e ainda maior. Veja um exemplo com uma aplicacao Go: FROM golang:1.23 AS builder WORKDIR /app COPY go.mod go.sum ./ RUN go mod download COPY . . RUN CGO_ENABLED=0 GOOS=linux go build -o /app/server FROM scratch COPY --from=builder /app/server /server CMD ["/server"] A imagem final comeca do zero (scratch). Nao tem shell, sistema operacional, nem ferramentas de build. So o binario compilado. Uma dica pratica: sempre nomeie seus stages com AS para facilitar a leitura. Use nomes como builder, test, ou dev. Isso ajuda a saber o que cada stage faz sem precisar contar linhas. That's all for now. Thanks for reading!

2026-07-07 原文 →
AI 资讯

We Made Our AI-vs-Human PR Stats a Public Live Dashboard

A while back I wrote about 64% of our merged PRs being written by AI . A few people (reasonably) asked: "nice story, but can I verify any of that?" So we put it on a public, auto-updating dashboard: 👉 www.codens.ai/stats/en It shows, for our GitHub organization: What % of merged PRs are authored by AI agents (currently 65%) Median time from PR-open to merge (2 minutes) Who merged what — task-execution agents vs maintenance bots vs auto-fix vs humans Weekly AI-merge counts and a per-repository breakdown Every number is tallied straight from the GitHub API by a small collector script, and the page regenerates itself weekly. We can't inflate it — it's measured, and the down weeks show up too (that's kind of the point). Why bother making it public Two reasons. 1. "Trust me bro" doesn't scale. When you claim most of your code is AI-written, the only honest move is to expose the raw counts so anyone can sanity-check them. The dashboard is that receipt. 2. It's a live dogfooding test. The whole thing — the PRD, the implementation, the review, the auto-fix on production errors — runs on Codens , our own AI dev-automation suite. If our own numbers ever tanked, the dashboard would be the first place it'd show. Public accountability is a good forcing function. Funny footnote: the dashboard itself was code-reviewed by our own AI reviewer before it shipped, and it caught two real bugs — an OG-image percentage that had drifted out of sync with the live number, and a broken error-fallback that would have blanked the page on malformed data. The tool built to sell "AI reviews your PRs" reviewed the PR that announces it. We'll take it. If you want to see the same machinery on your repos, there's a 14-day free trial (no card): codens.ai . Japanese version of the dashboard is here .

2026-07-07 原文 →
AI 资讯

How I Organized Over 180,000 SVG Files into Searchable Collections

Developers love building things. Sometimes the hardest part isn't writing code—it's organizing data. Over the past few months, I've been building a large SVG library containing more than 180,000 vector files. At first, I assumed collecting the files would be the biggest challenge. I was wrong. The real challenge was organizing them. The Duplicate Problem Once a collection reaches hundreds of thousands of files, duplicates become unavoidable. Different sources often contain identical icons with different filenames. For example: facebook.svg facebook-logo.svg facebook-icon.svg facebook-black.svg facebook-circle.svg Some of these are genuine variations. Others are simply duplicates from different icon packs. Automatically detecting the difference isn't always easy. Collections Instead of Files Instead of treating every SVG as an individual page, I decided to build everything around collections. Examples include: Facebook Docker Kubernetes Payment Icons Weather Icons Medical Icons Programming Languages Each collection groups similar SVGs together, making browsing much easier than searching individual files. Keeping Search Engines Happy One interesting problem appeared during development. Should every individual SVG page be indexed? After experimenting with different structures, I chose a different approach. Only complete, content-rich collections are indexed. Individual SVG pages remain accessible but are excluded from search engine indexes. This avoids creating hundreds of thousands of thin pages while allowing search engines to focus on pages that actually provide value. Automation Managing thousands of collections manually isn't realistic. Several background scripts now automate most repetitive tasks: Collection descriptions Meta titles Meta descriptions FAQ generation Sitemap updates Controlled indexing This allows the library to continue growing without requiring manual editing for every collection. Data Cleanup One task I underestimated was cleanup. Large datasets

2026-07-07 原文 →
AI 资讯

10 Common Unity Networking Issues (and How to Fix Them)

Multiplayer bugs in Unity rarely look like networking bugs. They look like "the game froze," "the player teleported," or "it worked in the Editor and broke in the WebGL build." By the time you've traced it back to the actual cause, you've usually burned an afternoon. Here are 10 issues that show up constantly in Unity networking code — WebSocket-based, Socket.IO, or otherwise — with the actual root cause and the fix. A few of these come straight out of real regression tests and commit history in socketio-unity , an MIT-licensed Socket.IO v4 client for Unity. The rest are patterns you'll recognize if you've shipped a multiplayer game. 1. Reconnect wipes your room/namespace state Symptom: Connection drops for two seconds, comes back, and the player is no longer in their room/lobby/channel — even though the server never removed them. Cause: A common (bad) reconnect implementation tears down the whole client and rebuilds it from scratch — including the list of channels/namespaces the player had joined. The reconnect "succeeds" at the transport level but silently drops application-level state. Fix: Reconnect logic should preserve subscriptions across the transport reset and only re-emit join / connect for namespaces the client already had open. If you're rebuilding the socket object on every reconnect attempt, stop — reconnect the transport, keep the namespace map. // Wrong: rebuilds everything, loses namespace state void OnReconnect () => CreateFreshEngine (); // Right: reuses the existing namespace map void OnReconnect () => ReconnectEngine (); // _namespaces untouched 2. "get_gameObject can only be called from the main thread" Symptom: Random UnityException thrown from inside a network event handler, but only sometimes — usually right when the server sends something. Cause: Your WebSocket/network library delivers callbacks on its own I/O thread. Any Unity API call ( transform.position = , Instantiate , even some Debug.Log paths) from that thread throws. Fix: Never tou

2026-07-07 原文 →
AI 资讯

100 Days of DevOps, Day 6: Cron's Sneaky OR, and the EC2 Key You Only Get Once

Automation is the part of DevOps that actually earns the title. Day 6 was two of the most everyday automation tasks there are, and both had a trap sitting in plain sight. One Linux task, one AWS task. Schedule a recurring job with cron, and launch an EC2 instance from the AWS CLI. The tasks come from the KodeKloud Engineer platform if you want the same lab to work through. Cron: five fields, one rule that trips everyone Cron is the scheduler that has quietly run Linux automation for decades. You hand it a job and a schedule, and its daemon, crond, wakes up every minute to check whether anything is due. If that daemon is not running, nothing fires, so the first move is making sure it is installed and enabled. # Become root sudo su - # Install the cron daemon if it is missing yum install cronie -y # Enable it at boot, start it now, and confirm it is alive systemctl enable crond.service systemctl start crond.service systemctl status crond.service cronie is the package name on RHEL-family distros. enable makes the service survive a reboot, start brings it up right now, and status is how you confirm it is actually running instead of assuming it is. Now edit the crontab: # Edit the current user's crontab crontab -e # minute hour day-of-month month day-of-week command 0 2 * * * /path/to/script.sh # List what is currently scheduled crontab -l That line runs the script every day at 2am. The five fields, in order, are minute, hour, day of month, month, and day of week: minute: 0 to 59 hour: 0 to 23 day of month: 1 to 31 month: 1 to 12 day of week: 0 to 7, where both 0 and 7 mean Sunday Here is the rule that quietly breaks schedules. When you set both the day-of-month field and the day-of-week field to something other than a star, cron treats them as OR, not AND. So 0 0 13 * 5 does not mean midnight on Friday the 13th. It means midnight on every 13th of the month, and also every Friday, whichever lands first. If you actually want the AND, you restrict one field in cron and che

2026-07-07 原文 →
AI 资讯

AI Attribution Governance: Enforcing AI Disclosure Policies at the CI Level

The open-source ecosystem is converging on a hard question: when a commit is written with AI assistance, how do we know — and how do we enforce the disclosure policy? Python's discourse, Linux kernel's Assisted-by trailer, Fedora's AI policy, Apache's disclosure guidelines — every major project is grappling with this. But until now, there has been no tool at the CI level to enforce whatever policy a project chooses. Commit Check v2.11.0 introduces AI Attribution Governance — a new feature that detects known AI tool signatures in commit messages and lets projects decide whether to forbid them outright. To our knowledge, no existing tool enforces this kind of policy at the CI level. The industry need The conversation around AI disclosure is no longer theoretical: The Linux kernel standardized on the Assisted-by: trailer format — but deliberately stopped short of CI enforcement. As Sasha Levin noted at the Maintainers Summit, the kernel sets the convention, not the gate. The Python community is actively discussing whether Claude Code usage should be documented VS Code issue #313962 proposes replacing Co-authored-by with Assisted-by for AI agents Fedora requires AI disclosure (recommends the Assisted-by trailer). QEMU and Gentoo go further and forbid AI-generated contributions entirely. Each community defines its own policy — but none provides a neutral enforcement layer. That is the gap Commit Check fills. Configuration: a single toggle Commit Check keeps it simple. One configuration value, three ways to set it. TOML ( cchk.toml ): [commit] ai_attribution = "forbid" CLI: commit-check --message --ai-attribution = forbid Environment variable: CCHK_AI_ATTRIBUTION = forbid commit-check --message Two modes: Mode Behavior "ignore" No validation (default, backward compatible) "forbid" Rejects any commit containing known AI tool signatures There is no require mode in this release — only ignore and forbid . The reason is pragmatic: requiring an Assisted-by or similar trailer is

2026-07-07 原文 →
AI 资讯

JSON, YAML, CSV, and TOML: When to Use Each Data Format

Software spends a surprising amount of its life just moving structured data around: an API returns JSON, a config file is written in YAML or TOML, a report is exported as CSV, a spreadsheet wants tabular rows. These formats are not interchangeable — each was designed for a particular job, and using the wrong one creates friction. Knowing the strengths of each makes you faster and saves you from a category of frustrating bugs. JSON: the lingua franca of APIs JSON (JavaScript Object Notation) is the default for data exchange between systems, especially web APIs. It represents nested objects and arrays cleanly, every programming language can parse it, and its rules are strict enough to be unambiguous. That strictness is also its main friction for humans: no comments are allowed, every string needs double quotes, and a single trailing comma makes the whole document invalid. JSON is excellent for machine-to-machine communication and data storage; it is merely tolerable for files humans have to edit by hand. YAML: configuration humans edit YAML was designed to be readable and writable by people. It uses indentation instead of braces, supports comments, and drops most of the punctuation that makes JSON noisy. This makes it popular for configuration in tools like CI pipelines and container orchestration. Its strength is also its danger: because structure is defined by indentation, a single misplaced space can silently change the meaning of your file or break it entirely. YAML also has surprising type-coercion quirks (the classic example: the word "no" being read as the boolean false ). Use YAML for human-edited configuration, but validate it. TOML: configuration that stays unambiguous TOML (Tom's Obvious Minimal Language) aims for YAML's readability without YAML's ambiguity. It uses explicit, INI-like sections and clear key-value pairs, supports comments, and has unambiguous typing. It is less prone to the silent indentation mistakes that plague YAML, which is why a number

2026-07-07 原文 →
AI 资讯

Hard Object References: Stable Object References for Mutable Application State

In JavaScript and TypeScript, object references are often treated as disposable. An object is created, assigned to a variable, passed around, replaced, copied, spread, cloned, and eventually discarded. That is normal language behavior, but in larger mutable systems it creates a specific class of bugs: stale aliases. A stale alias appears when one part of the program still holds a reference to an old object while another part has already replaced that object with a new one. The old reference is still valid JavaScript, but it no longer points to current data. Hard Object References is a discipline for avoiding that class of bugs. The idea is simple: Object and array references should be stable. Do not replace them as a normal update mechanism. Copy data into existing objects instead. This rule is useful for application state, but it is not limited to global stores. It applies to ordinary variables, local component state, nested fields, arrays, drafts, snapshots, runtime models, and temporary objects. The broader principle is: Replace primitive values. Do not replace object and array references. The First Rule: const for Objects and Arrays The first level is variable bindings. If a variable holds an object or array, it should normally be declared with const : const user = { /* ... */ }; const items = [ /* ... */ ]; not: let user = { /* ... */ }; let items = [ /* ... */ ]; The point is not that the object becomes immutable. It does not. This is still possible: user . name = ' Alex ' ; items . push ( nextItem ); The point is that the variable should not be rebound to a different object: user = nextUser ; items = nextItems ; That replacement changes which object the variable points to. Any other code that still holds the old reference now points to obsolete data. So the first rule is: Use const for object and array references. Mutate or copy data into the object. Do not rebind the reference. This rule also applies to temporary objects. A temporary object may be short-live

2026-07-07 原文 →
AI 资讯

Why I stopped using online image compressors and built a CLI instead

Four years of optimizing React and Next.js projects taught me one thing: unoptimized images are everywhere, and nobody wants to fix them. Every project has the same pattern. Heavy PNG and JPG files are sitting inside /public , there is no consistent image pipeline, and some of those files have no business being that large in a production codebase. This is especially common in small and mid-sized projects. There is no CDN transformation layer or dedicated asset pipeline. Images get added while the product is moving quickly, and the cleanup becomes a task for “later.” Later, of course, never comes. Then, at 1am, while refactoring an extremely vibe-coded Next.js project, I found myself doing the cleanup manually again. Find an image. Upload it to an online compressor. Hit the free limit. Open another tool. Convert a few more. Download everything. Replace the original files. Hunt through the codebase for every import and src path. Hope I did not miss one. And I finally thought: I am a developer. Why am I doing this by hand? So I built pixcrush . npx pixcrush . One command to convert the images, compress them, and update their matching code references automatically. “But doesn’t Next.js already optimize images?” Yes, and if your application uses next/image consistently, you should absolutely take advantage of it. The Next.js <Image> component can resize images for different devices, lazy-load them, and serve modern formats such as WebP. Files inside /public can be referenced from the root URL, while statically imported images also give Next.js access to their intrinsic dimensions. The official Next.js image documentation explains these runtime optimizations in detail. But that solves a different layer of the problem. I wanted to clean up the source assets themselves: Replace heavy PNG and JPG files with smaller WebP files when conversion is worthwhile. Update existing imports and string-based image paths across the repository. Identify images that are no longer reference

2026-07-07 原文 →