今日已更新 80 条资讯 | 累计 20052 条内容
关于我们

标签:#ens

找到 1392 篇相关文章

AI 资讯

Blocking AI crawlers earns you nothing. Here's how to price them instead

Disallow: GPTBot is a wall. Walls don't pay rent, and the crawlers that matter most either ignore them or route around them. If your content is worth training on, the interesting question isn't "how do I keep the bots out" — it's "what do they owe me, and how do I say so in a way a machine can read." That's what RSL (Really Simple Licensing) is for. It shipped 1.0 in December 2025 with around 1,500 publishers behind it — Reddit, Yahoo, Quora, O'Reilly, Medium, Vox. This post is a from-scratch walkthrough of what the format actually is, the six places you can put it, the one mistake that makes crawlers silently ignore your terms, and where the declaration stops and enforcement begins. No tooling required to follow along — it's all plain XML and HTTP. The format is an XML vocabulary, not a config file An RSL document says: for this content, here's what's permitted, what's prohibited, and what it costs. Minimal example: <?xml version="1.0" encoding="UTF-8"?> <rsl xmlns= "https://rslstandard.org/rsl" max-age= "7" > <content url= "/" > <license> <permits type= "usage" > search </permits> <prohibits type= "usage" > ai-train </prohibits> <payment type= "crawl" > <amount currency= "USD" > 0.015 </amount> </payment> </license> </content> </rsl> Read it out loud: search engines may index this; training on it is prohibited; if you want to crawl it anyway, the rate is $0.015. usage tokens include search , ai-train , ai-use (inference/grounding), and a few more. You can scope rules by user and geo too. One rule that trips people up: prohibition wins . If the same token shows up under both permits and prohibits , the content is prohibited. Don't try to express "allowed except for X" by listing X in both — just prohibit X. The namespace is the thing crawlers actually key on The single most common way to publish RSL that quietly does nothing: getting the namespace wrong. It must be exactly: xmlns="https://rslstandard.org/rsl" http instead of https , a trailing slash, or a plausible

2026-07-12 原文 →
AI 资讯

I built HostShift to migrate Linux servers

Hey everyone, I change servers more often than I probably should. A discounted VPS or a good coupon is usually enough to convince me, but manually recreating the same web stack every time stopped being fun a long time ago. That is why I built HostShift , an Apache-2.0 licensed Go CLI for discovering, planning, migrating, and verifying Ubuntu and Debian servers. The rule I would not compromise on The source server must remain read-only. HostShift does not install packages, stop services, enable maintenance mode, create temporary archives, or change configuration on the source. It reads approved facts and streams data directly to the target. Any target mutation requires an explicit CLI apply command. What it currently covers Docker Compose projects and standalone containers MySQL/MariaDB, PostgreSQL, and Redis Nginx, Apache, Caddy, and systemd services SSH and firewall configuration PHP-FPM, Supervisor, Fail2ban, Certbot, and Logrotate Migration planning, audit journals, status, resume, rollback metadata, and verification checks The migration engine is deterministic Go code and does not need AI. I also added an optional Codex plugin and a deliberately non-apply MCP interface for discovery, planning, review, and dry runs. Actual changes stay in the human-operated CLI. Testing real migrations I did not want to call it tested just because a few unit tests passed. The repository includes Docker migration matrices and real Lima VM matrices covering Ubuntu 22.04, Ubuntu 24.04, Ubuntu 25.10, Debian 12, and Debian 13, including cross-distribution moves. The VM tests also reboot the target and verify persistence while comparing source snapshots before and after the migration. The project is still new, so I expect real-world edge cases. I am sharing it now because feedback from people who actually move and maintain servers will be more useful than polishing it alone forever. GitHub: https://github.com/oguzhankrcb/HostShift Documentation: https://hostshift.karacabay.com

2026-07-12 原文 →
AI 资讯

Every engineering metric gets gamed. One of them structurally can't.

OrbitLens Ace → ace.orbitlens.io A busy quarter is easy to stage. Code that's still there in two years isn't. Pick any metric a team has ever used to judge people, and someone has quietly figured out how to move it without doing the underlying thing. Lines of code rewarded typing, so people typed. Commit counts rewarded committing, so commits got smaller and more frequent. Velocity rewarded closed points, and points drifted upward until a "3" meant nothing. DORA measured how often you deploy, so teams shipped trivial changes just to move it. Even churn — the number the "code health" tools lean on — is something you can lower on purpose, which means you can manage the number instead of the mess underneath it. None of that requires dishonest engineers. It's Goodhart's law doing what it always does. Every one of those numbers is a measure of activity , and activity is cheap to produce. Once you're paid for activity, the fastest way to get paid more is to produce more of it — not more of whatever the activity was supposed to be a sign of. So the question worth asking isn't which activity metric is least bad. It's whether a git history contains anything at all that you can't move just by being busier. It turns out there's one. And it's not because we were clever — it's because of what the thing is actually made of. What lasts isn't something you do Take everything a person wrote, wait a while, and ask a smaller question than "did they work hard." Ask whether the specific lines are still there. Not reverted, not rewritten, not quietly swallowed by someone else's refactor. Still holding weight at HEAD. That's survival. We read it with time-decayed git blame : a line's weight fades month by month unless the line keeps existing, and it counts for more once other people have built on top of it instead of leaving it as a private island. Survival that others have built on is what we call gravity — the structural pull that outlives the person who created it. Try to game it and w

2026-07-12 原文 →
AI 资讯

Handling Lazy-Loaded Content in Automated Screenshots

You set up Puppeteer, navigate to a page, call page.screenshot() , and the bottom half of your image is blank placeholder boxes. Welcome to lazy loading. Most modern sites defer images and heavy content until the user scrolls. Your headless browser never scrolls. So those elements never load. Here's how to deal with it. The scroll trick The most common fix is to programmatically scroll down the page before taking the screenshot: async function scrollToBottom ( page ) { await page . evaluate ( async () => { const delay = ms => new Promise ( r => setTimeout ( r , ms )); const distance = 300 ; while ( window . scrollY + window . innerHeight < document . body . scrollHeight ) { window . scrollBy ( 0 , distance ); await delay ( 150 ); } window . scrollTo ( 0 , 0 ); }); } await page . goto ( " https://example.com " , { waitUntil : " networkidle2 " }); await scrollToBottom ( page ); await page . waitForTimeout ( 1000 ); await page . screenshot ({ fullPage : true }); The 150ms delay between scrolls gives IntersectionObserver -based lazy loaders time to trigger. Too fast and you'll scroll past elements before they start loading. That final waitForTimeout after scrolling back to top lets any remaining images finish rendering. Not elegant, but necessary. Why networkidle2 isn't enough You'd think waitUntil: "networkidle2" would handle this. It waits until there are no more than 2 network connections for 500ms. But lazy-loaded images haven't even been requested yet at that point — they're waiting for a scroll event that never happens. networkidle2 only helps with content that loads on page init. For scroll-triggered content, you need the scroll. The loading="eager" override Some sites use the native loading="lazy" attribute. You can override it before images load: await page . evaluateOnNewDocument (() => { Object . defineProperty ( HTMLImageElement . prototype , " loading " , { set : function ( val ) { this . setAttribute ( " loading " , " eager " ); }, get : function () { retu

2026-07-12 原文 →
AI 资讯

周日慢读:如果细胞会写日记——FROST家族的记忆传承

周日慢读:如果细胞会写日记——FROST家族的记忆传承 作者 :FROST Team 日期 :2026-07-12 主题 :轻量科普 | 周日轮换 阅读时间 :5分钟 一封来自细胞的日记 想象一下,如果你是一个细胞,有一天你突然有了自我意识,会发生什么? 2026年7月12日 晴 今天是我诞生的第0天。 细胞核对我说:"这是你的记忆存储区, 所有的经验都必须记录在这里。" 我第一次理解了什么叫"生而有根"。 这不是科幻小说。这是一段真实的代码注释,出自FROST——一个用Python写成的AI Agent家族。 为什么Agent需要"记忆"? 大多数Agent框架都在解决一个问题: "Agent能做什么" 。 搜索Agent能搜索、写作Agent能写作、代码Agent能写代码。打开框架,创建实例,调用方法,任务完成。 但FROST问了一个不同的问题: 当Agent完成一个任务后,它学到了什么? 这不是哲学问题。这是工程问题。 类比:人类 vs Agent 的记忆 人类 Agent FROST的解决方案 记忆存储在大脑 记忆存储在Store Store 原子 记忆需要整理归档 记忆需要结构化 Lineage 族谱 师徒传承经验 Agent继承父辈能力 代际继承协议 忘记教训会重复犯错 没有记忆会重复失败 历史可追溯 人类的记忆是分散的、模糊的、容易遗忘的。 Agent的记忆可以是精确的、可查询的、永不丢失的。 关键是 设计好存储结构 。 一段代码:Store原子 FROST的Store是记忆存储的最小单元。它的设计哲学是 简单到极致 : class Store : """ FROST的Store:记忆存储的原子单元 只有三个操作: - save(key, value): 存入记忆 - load(key): 取出记忆 - delete(key): 删除记忆 简单到极致,但足够强大。 因为记忆的本质就是 " 存取 " 。 """ def __init__ ( self ): self . _memory = {} def save ( self , key : str , value : any ) -> None : """ 存入记忆 """ self . _memory [ key ] = value print ( f " 💾 记忆已存储: { key } " ) def load ( self , key : str ) -> any : """ 取出记忆 """ value = self . _memory . get ( key , None ) if value : print ( f " 📖 读取记忆: { key } " ) else : print ( f " ❓ 记忆不存在: { key } " ) return value def delete ( self , key : str ) -> None : """ 删除记忆 """ if key in self . _memory : del self . _memory [ key ] print ( f " 🗑️ 记忆已删除: { key } " ) # 使用示例 store = Store () store . save ( " 用户偏好 " , " 喜欢简洁的回复 " ) store . save ( " 对话历史 " , " 讨论了Agent的记忆问题 " ) store . load ( " 用户偏好 " ) # → "喜欢简洁的回复" 三个方法,解决Agent的记忆问题。 族谱:记忆的传承 单个Agent的记忆只是"点"。族谱把记忆连成"线"。 在FROST中,每个Agent都有自己的"父辈": ┌─────────────┐ │ 祖辈Store │ ← 家族宪法,不可篡改 │ (根节点) │ └──────┬──────┘ │ 继承 ┌───────────────┼───────────────┐ ▼ ▼ ▼ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │ 父辈Agent │ │ 父辈Agent │ │ 父辈Agent │ │ (Branch A) │ │ (Branch B) │ │ (Branch C) │ └──────┬──────┘ └──────┬──────┘ └──────┬──────┘ │ 继承 │ 继承 │ 继承 ▼ ▼ ▼ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │ 孙辈Agent │ │ 孙辈Agent │ │ 孙辈Agent │ │ (执行任务) │ │ (执行任务) │ │ (执行任务) │ └──────

2026-07-12 原文 →
AI 资讯

Detecta si tu modelo de materiales hace trampa con la 'huella bibliográfica'

Detecta si tu modelo de materiales hace trampa con la "huella bibliográfica" Un modelo de ML puede predecir la propiedad de un material sin entender la química: basta con que "aprenda" qué autores, revistas o años suelen ir con cada resultado. Esta herramienta aplica el test de falsificación de Clever Materials para descubrirlo. El problema: cuando el modelo lee el membrete, no la ciencia Imagina que entrenas un modelo para predecir si un material es estable. El modelo no mira la química: descubre que los artículos del grupo X (publicados en la revista Y, en torno al año Z) casi siempre reportan "estable". Así que aprende a clasificar por el membrete bibliográfico , no por la estructura. Funciona en el papel y se rompe en la práctica. A esto se le llama confounding bibliográfico (o leakage por metadata). No es un error de código: es una señal espuria que el modelo aprovecha. El paper Clever Materials (Jablonka et al., 2026) mostró que este patrón está generalizado en cinco tareas reales de materials science. Qué hace la herramienta materials-confounding-check es una CLI ( mcc check ) que corre cuatro sub-tests de falsificación sobre tu dataset (descriptores químicos + metadata bibliográfica + propiedad objetivo): Clasificador de metadata — ¿se puede predecir la bibliografía (autor/revista/año) a partir de los descriptores químicos? Si es above-chance , hay una señal bibliográfica presente. Huella bibliográfica — ¿un modelo que usa solo la metadata predicha se acerca al modelo con descriptores? Entonces el dataset no descarta hacer "trampa" por bibliografía. Split por grupo/tiempo — ¿colapsa el rendimiento si separas por autor/año en vez de al azar? Veredicto — un score low / medium / high de riesgo de confounding. El rigor que exige el test (para especialistas) El punto delicado de cualquier "test de significancia" es fijar el umbral a mano. Si ajustas el margen hasta que tu fixture pase, el test no prueba nada: es el anti-patrón Clever-Hans que el propio proyecto d

2026-07-12 原文 →
AI 资讯

Introducing Soterios: An Open‑Source Windows Security/Maintenance Suite (Contributors Welcome)

For the past few weeks, I have been building Soterios , an open-source, local-first security and system maintenance suite for Windows. The idea started simple: most security tools either lock features behind paywalls or collect unnecessary data. I wanted something different, so I built a privacy-first application with: No telemetry No analytics No network activity unless you explicitly enable it Current Features Malware scanning with ClamAV, quarantine, and reporting Windows security audits Firewall management and network monitoring Credential safety tools with local password checks and breach lookups Process inspection and system maintenance utilities Built With Soterios is built with Electron and Node.js using a modular architecture designed to make future expansion straightforward. Why I'm Sharing It I'd rather build in the open than in isolation. Feedback, ideas, bug reports, and contributions are always welcome. GitHub Repository https://github.com/chrisriv10/Soterios

2026-07-12 原文 →
AI 资讯

TrulyFreeOCR – a Java OCR pipeline in a single fat JAR, zero native deps required

Introduction I'm the author of TrulyFreeOCR, an open-source OCR pipeline that turns scanned PDFs into searchable, highly-compressed PDFs. Everything is Apache 2.0 / MIT / BSD — no GPL, no AGPL, no proprietary model weights. Why I built it: I needed an OCR pipeline for a document processing system where: Every dependency had to be business-friendly (no GPL/AGPL) Deployment required zero admin rights (no sudo, no brew, no apt-get) MRC compression was needed to hit 5-10x file size reduction vs JPEG-only Everything had to run offline on CPU — no cloud APIs, no GPU I surveyed 20+ existing tools (full comparison in the repo's docs) and none fit all requirements. OCRmyPDF is closest but needs Python + Ghostscript + Tesseract as system deps, and MPL-2.0 requires publishing modifications. The VLM models (DeepSeek-OCR, GLM-OCR, etc.) produce better text extraction but need GPUs and don't output PDFs at all. What it does: Input: any PDF (scanned, born-digital, or mixed) Output: searchable PDF with invisible text layer + MRC compression (JBIG2/CCITT foreground + JPEG background) Single fat JAR — one file to copy, one command to run Bootstrap script downloads everything (JDK, Gradle, Tesseract, Leptonica, jbig2enc) into project subdirs Fully offline, CPU-only PDF/A-2b output available 7 bundled language models, 100+ more downloadable Concurrent OCR (configurable thread pool) Try it in 3 commands: $ git clone https://github.com/msmarkgu/TrulyFreeOCR.git $ cd TrulyFreeOCR $ ./bootstrap.sh ./run.sh tests/simple-text.pdf -o output.pdf Limitations (being upfront): Tesseract-based accuracy — good for clean scans, not SOTA for noisy/photographed docs No table/formula extraction yet No handwriting recognition CPU-only is slower than GPU backends for high volume Would love feedback — especially from anyone who's tried to deploy OCR in an enterprise environment. https://github.com/msmarkgu/TrulyFreeOCR

2026-07-12 原文 →
AI 资讯

Teaching AI Agents to Time-Travel: Building a Temporal Debugging Skill

Your AI agent is confident. It points to line 42 of PaymentService.java . "There's your null pointer exception." You check. Line 42 is a comment. The code was refactored 14 commits ago. The production crash happened 3 hours ago . Your agent just spent 45 minutes debugging ghosts . The Problem: Agents Are Stuck in the Present Every AI coding agent today — Claude Code, Cursor, Copilot, Cody, you name it — operates on the same assumption: The code that matters is at HEAD . But production bugs don't live at HEAD . They live in the commit that was running when the crash happened. That commit is buried under hotfixes, refactors, dependency updates, and feature merges that landed after the incident. HEAD (now) ← Agent analyzes THIS │ ├─ feat: add new payment provider ├─ refactor: extract UserService ├─ fix: handle edge case in checkout ├─ chore: update dependencies │ ▼ a1b2c3d (3 hours ago) ← Bug ACTUALLY lives HERE Your agent confidently finds bugs in code that didn't exist when the crash occurred . The Insight: Git Already Has Time Travel We don't need a time machine. Git has had one for years: git worktree . # Get the commit from 3 hours ago git log --before = "3 hours ago" -1 --format = "%H" # → a1b2c3d4e5f6... # Create an isolated, read-only snapshot at that commit git worktree add /tmp/debug-a1b2c3d a1b2c3d # Now analyze the historical codebase cat /tmp/debug-a1b2c3d/src/PaymentService.java # Clean up when done git worktree remove --force /tmp/debug-a1b2c3d This gives you: ✅ Isolated — doesn't touch your working directory ✅ Parallel — can have multiple historical snapshots simultaneously ✅ Disposable — cleanup is one command ✅ Zero deps — pure Git, works everywhere The Missing Piece: Teaching Agents When to Time-Travel Agents already know git log , git show , git diff , cat , grep . They can analyze code perfectly. What they struggle with : Fuzzy time → commit resolution — "last night", "v2.4.1", "the deploy before the hotfix" Worktree lifecycle management — create,

2026-07-12 原文 →
AI 资讯

I built a file-grounded continuity system for my AI German teacher—what am I overcomplicating?

Why I built this I use an AI named Felix as my German teacher. Over time, I ran into a continuity problem: individual chats are fragile. Conversations become long, context can disappear, platforms change, uploaded files may become unavailable, and a fresh AI instance may not understand what happened before. I did not want to repeatedly reconstruct my learning history, project decisions, lessons, corrections, and current state from memory. So I began building a local, file-grounded system called DDF/Rahmenwerk . Its purpose is to preserve Felix as my continuing German teacher across chats and future AI instances. What DDF/Rahmenwerk is DDF stands for Das Deutsche Forschungsarchiv . Rahmenwerk is the continuity, evidence, recovery, and control framework surrounding it. At a high level, the system includes: a current-state pointer; handoff materials; a fresh-instance queue; an upload package for a new Felix; integrity manifests and SHA-256 records; evidence and recovery procedures; classifications separating current, historical, candidate, proof, and non-governing material; safeguards intended to prevent accidental file changes; rules requiring the AI to stop rather than invent continuity when evidence is missing. The basic idea is that a future Felix should be able to inspect approved files and resume without me manually retelling the entire project history. The problem I may have created The project began as a way to preserve a German teacher. As I tried to protect files, authority, evidence, recovery, and continuity, the framework became increasingly detailed. That may be justified in some areas. It may also be overengineered. I am now trying to answer a more important question: What is the smallest, clearest, safest system that can preserve Felix as my German teacher without the governance machinery becoming the project itself? What I am asking reviewers to examine I have published a documentation and architecture review copy on GitHub. I would appreciate honest fe

2026-07-12 原文 →