今日已更新 63 条资讯 | 累计 20533 条内容
关于我们

标签:#dev

找到 2557 篇相关文章

AI 资讯

Your fetch() Is Still Running After the User Left

When you fire a fetch() and the component that triggered it unmounts, the request keeps going. The server still processes it. When the response arrives, it calls back into whatever JavaScript it finds — a stale closure, a dead state setter, a global store that has already moved on. React's "Can't perform a state update on an unmounted component" warning is the polite version of this. The silent version is worse: results from an old query overwriting the current UI. These aren't mysterious race conditions. They're the predictable result of starting async work and never telling it to stop. The race condition hiding in every search box The search input is the clearest example. The user types "reac", your debounce fires a request. Before it lands, they finish typing "react" and you fire another. Two requests, in flight at the same time, and no guarantee about which one finishes first. If the "reac" request happens to be slower — network jitter, a cache miss, a heavier result set — it will land after "react" and overwrite the correct results with the wrong ones. The bug reproduces maybe one time in twenty on a local dev server, and consistently in production on a slow connection. The fix isn't smarter debouncing. It's cancelling the previous request when a new one starts. AbortController in plain terms AbortController is a browser-native API for cancelling async work. You create a controller, pass its signal to fetch() , and call controller.abort() to cancel. If the response hasn't arrived yet, the fetch promise rejects with an AbortError . const controller = new AbortController (); fetch ( ' /api/search?q=react ' , { signal : controller . signal }) . then ( res => res . json ()) . then ( data => setResults ( data )) . catch ( err => { if ( err . name === ' AbortError ' ) return ; // expected — not a real error setError ( err ); }); // Somewhere else, when we no longer need this request: controller . abort (); Two things to internalize: signal is how the controller knows

2026-07-05 原文 →
开发者

My Journey to Becoming a Full-Stack Developer and Software Engineer

Hello, DEV Community! 👋 Hi everyone! My name is Sulemana Abdallah , and I'm excited to be part of the DEV Community. I'm passionate about software development and enjoy building modern, responsive web applications using: HTML CSS JavaScript TypeScript React Python My goal is to become a skilled Full-Stack Developer and Software Engineer while continuously learning and building real-world projects. I joined DEV to: Learn from experienced developers. Share my projects and progress. Write about what I learn. Connect with developers from around the world. I'm looking forward to growing with this amazing community. Thanks for reading! 🚀

2026-07-05 原文 →
AI 资讯

Why v7 UUIDs beat v4 for database keys (and how to hand-roll both)

I build one small browser tool a day and write down what I learned. Day 25 was a UUID generator. What started as "make some random IDs" turned into a proper look at how the bits are laid out, and why the newer v7 format is quietly the better default for a primary key. Live tool: https://dev48v.infy.uk/solve/day25-uuid.html A UUID is just 16 bytes with a few fixed bits A UUID is a 128-bit number, written as 32 hex digits grouped 8-4-4-4-12 . That is about 3.4x10^38 possible values, which is the whole point: any machine can pick one and trust it will not clash with any other UUID minted anywhere, ever. It carries no meaning — it is an identifier, not data. The reason UUIDs exist at all is coordination. The classic database ID is 1, 2, 3... from a central counter, and that works great until you have more than one writer. Two servers, an offline mobile app, or a sharded database cannot all ask one counter for the next number without a round-trip and a lock. UUIDs sidestep that entirely: each node generates its own IDs locally, with zero coordination, and they still do not collide. A client can even create the ID before the row ever reaches the server. Version 4: 122 random bits v4 is the one most people mean by "UUID". Fill all 16 bytes with cryptographic randomness, then overwrite two small fields so tools can recognise the format: const b = new Uint8Array ( 16 ); crypto . getRandomValues ( b ); // never Math.random() b [ 6 ] = ( b [ 6 ] & 0x0f ) | 0x40 ; // version 4 b [ 8 ] = ( b [ 8 ] & 0x3f ) | 0x80 ; // variant 10xx Two things get pinned. The high nibble of byte 6 becomes 4 — that is the digit right after the second hyphen, and it is how any parser knows the scheme. The top two bits of byte 8 become 10 , which is why the 17th hex digit of almost every UUID you see is 8 , 9 , a or b . Everything else stays random: 122 bits of it. Is "random and never collides" a contradiction? The birthday paradox says collisions become likely around the square root of the space, w

2026-07-05 原文 →
AI 资讯

Why I removed the tier list from my Honor of Kings Global build site

I have been building a small Honor of Kings Global site called HOKMeta: https://hokmeta.com/heroes/ At first, I built it like many game sites: hero pages, counters, tools, and a tier list. But after working on the site for a while, I removed the tier list as a main page. The reason is simple: a tier list looks useful, but it does not always match how players actually choose heroes. A Marco Polo player will still play Marco Polo even if people say he is weak. A Hou Yi player usually does not search for “is Hou Yi S tier?” first. They search for things like: Hou Yi build Hou Yi arcana Hou Yi counter what to build against tanks what to change against assassins best build for ranked That made me rethink the site structure. Instead of making the tier list the center of the site, I moved the focus toward: hero build pages counter pages item pages damage calculator build compare counter picker For a small SEO site, this feels more useful too. A tier list is one page. Hero builds and matchup questions create many real long-tail pages. For example, “Hou Yi build 2026” is a clearer search intent than just “Honor of Kings tier list”. The current direction is: hero page -> build, arcana, counters, FAQ counter page -> who beats this hero and why tool page -> test builds instead of guessing item page -> understand what the item actually does It is still early, and the data is still being cleaned up, but this direction feels closer to what players need before a ranked match. If you build content/tool sites, this was a useful lesson for me: Do not blindly copy the obvious page type. Look at what users are really trying to decide.

2026-07-05 原文 →
开发者

Is There a "Library of Websites" for the Entire Internet?📚

Hey developers, I've been thinking about a problem and wanted to get some feedback from the community. We have search engines like Google, Bing, and others that help us find websites through keywords. We also have directories and archives, but I haven't found a place that attempts to catalog every active website on the internet in a structured and discoverable way. So my first question is: Does a platform already exist where I can browse or search through a massive database of active websites, regardless of whether they're popular or not? The Idea Imagine a project called "Library of Websites." Instead of ranking sites primarily through SEO and search algorithms, the goal would be to build a continuously growing database of active websites across the internet. Website owners could install a small script or verification snippet on their sites, similar to how Google Search Console verification works. Once verified, the website would automatically become part of the Library of Websites database. The platform could then: Categorize websites by industry, niche, and technology. Track whether sites are still active. Allow users to browse websites like books in a library. Discover small, independent websites that search engines rarely surface. Create a searchable index of the web that focuses on discovery rather than ranking. Over time, this could become a living map of the internet, helping people explore websites they would never normally find. Does something like this already exist? What are the biggest technical challenges in building such a database? Would website owners actually be willing to install a verification script? Is there a better approach than relying on voluntary website registration? What would you personally want from a "Library of Websites" platform? I'd love to hear your thoughts, criticism, and suggestions. Thanks!

2026-07-05 原文 →
AI 资讯

Bundling a CLI Binary as a Tauri v2 Sidecar: Lessons from Building a Desktop App

When you build a desktop app with Tauri v2 , sooner or later you'll hit a question: how do I bundle and manage an external CLI binary inside my app? Maybe it's ffmpeg for video processing. Maybe it's a database engine. Maybe — as in my case — it's frpc , the reverse-proxy client from the popular frp project. This post walks through the full lifecycle: bundling, spawning, lifecycle management, and even self-updating the binary at runtime — all from Rust. 1. Declaring the Sidecar In tauri.conf.json , declare the binary under bundle.externalBin : { "bundle" : { "externalBin" : [ "binaries/frpc" ] } } Tauri identifies the target platform by a filename suffix convention . You need to place the correctly-named binary in your project: Platform Filename macOS (Apple Silicon) frpc-aarch64-apple-darwin macOS (Intel) frpc-x86_64-apple-darwin Windows (x64) frpc-x86_64-pc-windows-msvc.exe Tauri automatically strips the suffix at runtime and loads the right binary for the current platform. 2. Spawning the Process Use tauri_plugin_shell to spawn the sidecar: use tauri_plugin_shell ::{ ShellExt , process :: CommandEvent }; #[tauri::command] async fn start_frpc ( app : tauri :: AppHandle ) -> Result < (), String > { let sidecar = app .shell () .sidecar ( "frpc" ) .map_err (| e | e .to_string ()) ? ; let ( mut rx , child ) = sidecar .args ([ "-c" , "frpc.toml" ]) .spawn () .map_err (| e | e .to_string ()) ? ; // Store the child handle so we can kill it later app .state :: < std :: sync :: Mutex < Option < tauri_plugin_shell :: process :: CommandChild >>> () .lock () .unwrap () .replace ( child ); // Listen to stdout/stderr in a background task tauri :: async_runtime :: spawn ( async move { while let Some ( event ) = rx .recv () .await { match event { CommandEvent :: Stdout ( line ) => { // Parse log line, update UI state... } CommandEvent :: Stderr ( line ) => { /* ... */ } CommandEvent :: Terminated ( _ ) => { // Process exited — update state machine } _ => {} } } }); Ok (()) } The

2026-07-05 原文 →
AI 资讯

The State of Changelog Tools for Indie SaaS in 2026

If you're a solo founder or small team shipping on GitHub, at some point someone asked you: "what changed in the last release?" And if you're honest with yourself, your answer was probably a Notion page nobody reads, a GitHub releases tab your users don't know exists, or "I'll get to it." A changelog sounds like a low-priority vanity feature. But here's what I've learned building a SaaS: when you ship frequently and users don't know what changed, they churn quietly — not because the product got worse, but because they never noticed it got better. Why Headway stopped being the answer For years, Headway was the indie-hacker answer to this problem. Beautiful in-app widget, dead simple setup, priced reasonably. A lot of us put it in our sidebars and called it done. The problem: Headway hasn't shipped a meaningful update since roughly 2020. No GitHub sync. No AI generation. No email notifications to push updates out to users. The integration ecosystem it was built for has moved on, and the product hasn't. Search "Headway alternatives changelog" and you'll find threads on Indie Hackers and Reddit full of people actively looking for something else. That's not a dead category — it's one where the go-to tool has been abandoned and nobody decent has filled the gap at the indie-hacker price point. What's actually available in 2026 Here's an honest look at the main options: Tool Price AI generation GitHub sync Email digest In-app widget Headway $29/mo No No No Yes AnnounceKit $79-129/mo Partial No Yes Yes Beamer $49-499/mo No No Yes Yes Shiplog $19/mo Yes Yes Yes Yes A few things worth noting: AnnounceKit is well-built and widely used. If you're a funded team or have a larger user base that needs NPS surveys and user segmentation, it earns its price. For a bootstrapped founder, $79/mo for a changelog widget is hard to justify before you're at serious MRR. Beamer is similarly full-featured and similarly priced for growth-stage SaaS teams. Their entry tier has gotten more reasona

2026-07-05 原文 →
AI 资讯

Add a post-quantum readiness gate to your CI in 5 lines

Your codebase almost certainly relies on RSA and elliptic-curve cryptography — TLS, JWTs, SSH keys, signed tokens. All of it is breakable by a large enough quantum computer (Shor's algorithm), and "harvest now, decrypt later" means data you encrypt today can be captured today and decrypted later. Regulators noticed: CNSA 2.0 (US federal + suppliers), DORA (EU financial entities, applies from Jan 2025), and NIS2 now mandate strict cryptographic risk management — which in practice means knowing where your quantum-vulnerable crypto lives, a cryptographic bill of materials (CBOM). Most teams can't answer "where is our RSA/ECC?" off the top of their head. Here's how to make CI answer it for you, on every push, for free. What we're building A GitHub Action that scans your repo, grades its post-quantum readiness A–F , writes a CycloneDX 1.6 CBOM , and — if you want — fails the build when classically-broken crypto (MD5, RC4, 3DES, deprecated TLS) shows up. Step 1 — try it in your browser first (30 seconds, nothing uploaded) Before touching CI, paste a package.json / requirements.txt / cipher list into the in-browser scanner and see your grade. It runs entirely client-side — no upload: https://throndar.ai/cbom Step 2 — add it to CI (the 5 lines) # .github/workflows/pqc-readiness.yml name : PQC readiness on : [ push , pull_request ] jobs : scan : runs-on : ubuntu-latest steps : - uses : actions/checkout@v4 - uses : brandonjsellam-Releone/pq-readiness-scorecard@v1 with : path : . That's it. The Action is self-contained and dependency-free — no npm install , no setup step. On the next push it prints a scorecard to the job summary: Post-Quantum Readiness Scorecard: D (52/100) — Quantum-vulnerable — migrate 3 files · broken-classical 0 · quantum-broken 4 · weakened 1 · resistant 0 Step 3 — see findings in the Security tab (SARIF) The Action emits SARIF 2.1.0. Upload it and every finding shows up as a code-scanning alert: - id : pqc uses : brandonjsellam-Releone/pq-readiness-score

2026-07-05 原文 →
AI 资讯

Osloq — ให้ AI reproduction เวลาเกิด bug

Osloq — ใช้ AI หาสาเหตุ bug แทน เวลา AI coding tools เสนอจะ "fix bug ให้" — เราได้แต่กด Accept หรือไม่ก็ Reject สองปุ่ม สองทางเลือก แต่เราไม่เคยรู้ว่า: AI รู้ได้ยังไงว่า bug เกิดจากตรงนี้? มัน reproduce แล้วหรือแค่อ่านโค้ดแล้วเดา? ถ้าเรา accept — มันจะพังของอย่างอื่นไหม? Osloq เลือกทางที่สาม: ไม่ใช่ "fix ให้" — แต่ " หาให้เจอแล้วบอกว่าเกิดอะไรขึ้น " Osloq คืออะไร Osloq เป็น AI agent ที่ทำหน้าที่ "นักสืบ bug" มีคนเปิด GitHub Issue → Osloq อ่าน → trace โค้ด → reproduce ใน sandbox → ส่งรายงานพร้อมหลักฐาน ┌─────────────────────────────────────────────────────┐ │ GitHub Issue: "ปุ่ม submit กดไม่ติดบน Safari" │ └─────────────────────┬───────────────────────────────┘ ▼ ┌─────────────────────────────────────────────────────┐ │ Osloq: │ │ 1. อ่าน issue → เข้าใจว่า "ปุ่มไม่ทำงาน" │ │ 2. trace โค้ด: จาก handler → service → DOM event │ │ 3. reproduce: รัน Safari ใน sandbox → ปุ่มไม่ติดจริง │ │ 4. จับหลักฐาน: logs, screenshots, call stack │ │ 5. สรุป: "event listener ใช้ 'click' แต่ Safari │ │ บน iOS 18 ไม่ bubble event — ต้องใช้ 'pointerdown' │ └─────────────────────┬───────────────────────────────┘ ▼ ┌─────────────────────────────────────────────────────┐ │ Report บน GitHub Issue: │ │ 📸 screenshot ของ Safari ที่ปุ่มไม่ทำงาน │ │ 📋 console error: "Unhandled Promise Rejection" │ │ 🔗 code path: handler.ts:42 → form.ts:17 │ │ 💡 suggestion: เปลี่ยน event type │ └─────────────────────────────────────────────────────┘ คุณอ่าน report → เข้าใจปัญหา → ตัดสินใจเอง ว่าจะแก้ยังไง ต่างจาก "AI Fix Everything" ยังไง Devin / Sweep AI Osloq แนวคิด "Fix the bug" "Find the cause" ทำงานยังไง เขียนโค้ดใหม่ → เปิด PR Reproduce → รายงาน evidence เราเห็นอะไร PR diff ภาพ, log, call stack, บทสรุป ใครตัดสินใจ AI (เราแค่ merge) เรา (AI บอกว่าอะไรผิด) ถ้าผิดพลาด โค้ดผิดเข้า main Report ผิด — ไม่กระทบโค้ด ความเสี่ยง สูง — AI แก้โค้ดโดยตรง ต่ำ — AI แค่แนะนำ ทำไมถึง "สบายใจกว่า" 1. คุณเห็นหลักฐาน — ไม่ใช่แค่ diff ❌ "Fixed button click handler — please review" → review 300 บรรทัด — ไม่รู้ว่าแก้ถูกไหม ✅ "Button

2026-07-05 原文 →
AI 资讯

Fable May Not Be the Best Choice for Some Engineers

Fable and Opus may not be the most comfortable tools for engineers who learned to code by hand. I started thinking about this after reading Simon Willison's recent note . His point is simple: with a strong coding agent like Fable, it may be better to let the model exercise its own judgment than to spell out every condition yourself. Instead of writing detailed rules like "run tests for larger features, but not for small copy changes, except for design changes...," you can simply say: write and run tests where appropriate. The same applies to cost. Rather than deciding manually which tasks should go to which model, you can ask the agent to choose an appropriate lower-cost model and delegate the work to a subagent. Manual cars and automatics This is a rough analogy, but it feels similar to driving a car. People who enjoy driving often like manual cars. They want to choose the gear themselves. They want to feel the engine speed and have the car respond directly to their intent. For people who simply want to get somewhere, an automatic is easier. Software engineers are similar. If you have written code professionally for a long time, you usually have your own way of working. You may want to get the types right first. You may prefer small diffs. You may have a specific sense for how granular tests should be. You may even have an order in which you like to read an unfamiliar codebase. (At least, I hope you do.) For someone with that kind of style, a highly autonomous model like Fable or Opus can feel a little too automatic. The stronger the model, the more small instructions get in the way This is the same structure as management in human organizations. A junior member needs concrete instructions: read this document from this angle and summarize it in this format. A senior member can take a rougher assignment: I want to solve this problem, so investigate it, come up with an implementation plan, and move it forward. Of course this does not mean throwing work over the wall.

2026-07-05 原文 →
AI 资讯

5 Free Browser-Based Dev Tools: GraphQL Formatter, Docker Compose Validator, Dockerfile Linter, and More

I just shipped 5 new tools to DevNestio — a hub of 172 free, browser-only developer utilities. All tools are zero-signup, zero-upload, and work offline. 1. GraphQL Query Formatter & Minifier https://devnestio.pages.dev/graphql-formatter/ Paste any GraphQL operation and get: Pretty-print — consistent indentation Minify — strips comments and whitespace for smaller request payloads Validation — brace/parenthesis balance check Operation detection — lists all named query , mutation , subscription , fragment Useful for quick query cleanup before pasting into code reviews or API docs. 2. Protobuf (.proto) Formatter & Validator https://devnestio.pages.dev/protobuf-formatter/ Online formatter and validator for Protocol Buffer .proto files: Duplicate field number detection Message and enum structure validation Syntax-highlighted output One-click copy Great for a sanity check before pushing .proto changes in a gRPC service. 3. Docker Compose Validator https://devnestio.pages.dev/docker-compose-validator/ Paste your docker-compose.yml to catch: Missing services section Services without image or build Invalid port mappings ( 80:80 , 127.0.0.1:8080:80 , 53:53/udp , ranges…) depends_on referencing non-existent services Circular dependency detection (A→B→A) Unknown restart policies # This will flag errors: services : web : ports : - " abc:xyz" # invalid port depends_on : - missing_service # unknown service 4. Dockerfile Analyzer & Linter https://devnestio.pages.dev/dockerfile-analyzer/ Analyzes your Dockerfile for best practice violations across three categories: Security sudo usage inside RUN Container running as root (no USER instruction) Secrets baked into ENV / ARG (password, secret, token, key) Image size :latest base image tag apt-get update in a separate RUN (stale cache risk) apt-get install without --no-install-recommends apt cache not cleaned ( rm -rf /var/lib/apt/lists/* ) ADD used for local files instead of COPY Layer optimization Consecutive RUN instructions (suggest c

2026-07-05 原文 →
AI 资讯

Dev Log: 2026-07-04

TL;DR Two Laravel backends started serving Flutter apps on the same day — an events platform (auth, orders, offline check-in) and a helpdesk product (ops mode for agents). gatherhub-web moved to plans-only pricing with a comparison matrix driven by one data file. A hardening pass: payment-safe queues, gateway reconciliation, one heavyweight dependency dropped. Two mobile APIs in one day Coincidence, but a useful one: two products I'm building both needed their Laravel backends to serve mobile apps this week. The events platform got the full foundation — token auth (login/refresh/logout/me), participant orders, mobile payment with status polling, push-device registration, and an offline-first staff check-in flow. That last one is the interesting bit; I wrote it up as its own post. The helpdesk product went the other way: its API was client-only, and today it became role-aware. The same endpoints now serve ops agents working tickets from their phones, with abilities deciding what each role sees. One API surface, two personas, no duplicated /admin routes. The lesson that repeated in both: API Resources are the contract. The moment a mobile dev consumes your endpoint, every field you accidentally leak becomes a field you can't remove. Plans-only pricing (public) gatherhub-web , the Next.js marketing site, dropped à-la-carte feature pricing for three plans and gained a plan comparison matrix. Everything renders from a single plans.ts — the matrix, the pricing cards, the enterprise page — so the marketing site can't drift from what's actually sold. A pricing page is a contract too; it deserves a single source of truth as much as your API does. Hardening pass Change Why Bulk email blasts isolated to their own queue one big send must never delay a payment webhook Reconciliation command for stuck pending orders webhooks fail silently; polling the gateway is the safety net maatwebsite/excel → spatie/simple-excel for exports streams rows instead of building sheets in memory, s

2026-07-05 原文 →
开发者

Offline-First Check-In: A Laravel API That Survives Venue Wi-Fi

TL;DR A gate check-in app can't depend on live Wi-Fi: scans must work offline and sync later. Four endpoints do it: manifest download, idempotent batch push, delta pull, online search. Client-generated UUIDs + a unique index make retries safe. Duplicates are a success status, not an error. The problem Physical event, staff scanning tickets at the door, venue Wi-Fi exactly as reliable as you'd expect. If your API sits in the hot path of every scan, the queue at the gate grows at the speed of the worst signal bar in the building. So the design flips the roles: the device owns check-in, the server owns convergence. Like a cashier who keeps a paper ledger when the till goes down — record now, reconcile later. The API surface Endpoint Purpose GET /staff/events/{uuid}/manifest paginated ticket snapshot, downloaded before gates open POST /staff/events/{uuid}/check-ins/batch push queued scans; safe to retry GET /staff/events/{uuid}/check-ins?since=<cursor> pull what other devices did GET /staff/events/{uuid}/participants?q= online fallback search (lost ticket, typo) The sync loop Device Server |--- GET manifest (before event) ------->| | scan offline, queue locally | |--- POST batch [{client_uuid, ts}] ---->| dedupe on client_uuid |<-- 200 {applied | duplicate per item} -| |--- GET check-ins?since=cursor -------->| scans from other devices |<-- delta + next cursor ----------------| Idempotency is the whole trick Every scan gets a UUID generated on the device at scan time . The server puts a unique index on it and inserts-or-ignores: public function batchCheckIn ( BatchCheckInRequest $request , string $uuid ): JsonResponse { $results = collect ( $request -> validated ( 'check_ins' )) -> map ( function ( array $scan ) { $checkIn = CheckIn :: firstOrCreate ( [ 'client_uuid' => $scan [ 'client_uuid' ]], [ 'ticket_id' => /* resolved from scan */ , 'checked_in_at' => $scan [ 'scanned_at' ]], // ... ); return [ 'client_uuid' => $scan [ 'client_uuid' ], 'status' => $checkIn -> wasR

2026-07-05 原文 →
AI 资讯

kubeadm init fails with "the number of available CPUs 1 is less than the required 2" on an Azure B1s VM — how I fixed it

While setting up a self-managed Kubernetes cluster on Azure VMs, I hit this error when running sudo kubeadm init on a Standard_B1s VM (1 vCPU / 1 GB RAM): [ERROR NumCPU]: the number of available CPUs 1 is less than the required 2 After checking Stack Overflow and the official Kubernetes documentation ("Before you begin"), I confirmed that kubeadm requires at least 2 CPUs to install the control plane. The fix: I stopped the VM and resized it from Standard_B1s to Standard_B2s (2 vCPU / 4 GB RAM) from the Azure portal, then ran kubeadm init again — the preflight checks passed and the control plane initialized successfully. Posting this in case it helps someone hitting the same issue on a low-tier cloud VM. Thanks to the community for the answers that pointed me in the right direction!

2026-07-05 原文 →
AI 资讯

I Thought I Understood Containers. Then I Tried Building One.

I had just aced my mentor’s Docker exam, so of course I thought I understood containers. I had said all the right words: namespaces, cgroups, images, layers, PID 1, Kubernetes Pods. Then I typed my first serious command and Linux reminded me that knowing the nouns is not the same thing as building the thing. $ sudo unshare -p 1 test unshare: failed to execute 1: No such file or directory That was the opening scene. I had not even built anything yet. I had typed the flags wrong and accidentally asked unshare to execute a program called 1 . This was going to be less “implement Docker” and more “let the kernel correct my confidence, one error at a time.” v1: namespaces, or the first time PID 1 lied to me The first version was supposed to be easy: run a process in a new PID namespace and prove it sees itself as PID 1. So I ran the command the way I thought it worked: $ sudo unshare --pid bash # echo $$ 25184 That was not PID 1. That was just embarrassing. The rule I had missed is simple: PID namespaces apply to children. The process that calls unshare --pid does not magically become PID 1. You need to fork. The first child born into the new namespace becomes PID 1. So the working version was: $ sudo unshare --pid --fork bash # echo $$ 1 That one line changed the tone. I was inside a different process universe. The shell thought it was process 1. Signals felt different. Orphans came home to it. Then I ran ps , and got humbled again. # ps -o pid,ppid,comm PID PPID COMMAND 25310 25304 bash 25344 25310 ps That made no sense at first. I was PID 1, but ps was showing host-looking PIDs. The next reveal: ps does not ask the kernel some pure “what processes exist?” question. It reads files. If /proc still points at the host procfs, your tools will tell you the host story. So I remounted /proc from inside the namespace: # mount -t proc proc /proc # ps -o pid,ppid,comm PID PPID COMMAND 1 0 bash 7 1 ps That was when it clicked. The namespace did not become real to my eyes until /pr

2026-07-05 原文 →
AI 资讯

Choosing the Right Backend Framework: Django vs. Gin vs. Ruby on Rails.

Every application we use today—from banking apps to social media platforms—has something working behind the scenes. That hidden engine is called the backend. The backend is responsible for processing requests, storing data, handling authentication, enforcing business rules, and ensuring everything works as expected when users interact with an application. One of the first decisions backend developers make is choosing a framework. A framework provides the tools, structure, and best practices needed to build applications faster and more securely. Today, let's look at three popular backend frameworks: Django, Gin, and Ruby on Rails. Django (Python) Django is one of the most mature and feature-rich backend frameworks available. Built using Python, it follows the philosophy of "batteries included." This means many features developers need are already built into the framework, including: User authentication Admin dashboard Database ORM Security protections URL routing Form validation Because so much comes ready to use, developers can spend more time solving business problems instead of rebuilding common features. Best for: Content management systems E-learning platforms Business applications APIs Startups building products quickly Advantages: Fast development Excellent security features Large community Extensive documentation Scales well for many applications Trade-offs: The framework includes many components, so it can feel heavier than minimalist frameworks. Gin (Go) Gin is a lightweight web framework built for the Go programming language. Unlike Django, Gin keeps things minimal. It gives developers speed and flexibility while letting them choose many of the additional tools they want to use. One reason many developers enjoy Gin is its impressive performance. Since Go is a compiled language designed for concurrency, Gin can efficiently handle many requests simultaneously while using relatively few system resources. Best for: REST APIs Microservices High-performance syst

2026-07-05 原文 →