AI 资讯
Coding agents should not hold write credentials.
I have been thinking a lot about coding agents lately. Not really about whether they can write good code, because usually they can, sometimes they can't. That part is obvious. But the risk is shifting from wrong answers to wrong outcomes. The part that feels more important to me is this: should the agent actually own the write authority? We already don't trust humans without roles, limits, reviews, and accountability. Developers use PRs, pilots use checklists, bank clerks have transfer limits. Capable agents need the same structure, but machine-readable. Right now a lot of setups still look roughly like this: agent reads the repo agent decides what to change agent has a GitHub token agent creates commits, branches, or PRs I don't think this is the right default. The agent can reason. The agent can inspect files. The agent can propose changes. But the moment it can directly create external impact, the problem changes. It is no longer just: did the agent say something wrong? It becomes: did the agent create the wrong outcome? That is a much more expensive failure mode. Intent is not authority The pattern I like more is simple: agent reads directly agent proposes intent a boundary decides an adapter materializes only admitted work So the agent does not get the write credentials. It submits a structured intent instead, which could look like: { "operation" : "write" , "target" : { "repo" : "example/app" , "branch" : "main" , "path" : "docs/config/agent-policy.md" }, "source_state" : { "blob_sha" : "8f31c2..." }, "requested_effect_hash" : "sha256:..." } This is then not a command anymore, it is a suggestion, or an intent. The system still has to decide whether this proposed outcome should exist. That decision layer can check things like: is this actor allowed? is this repo allowed? is this path in scope? does the source state still match? is this operation allowed? was the same effect already created? should this become a reviewable PR? Only after that should there be an
AI 资讯
Finishing My Personal Website: Mobile-Friendly, Dark Mode, and a Better Projects Section
This is a submission for the GitHub Finish-Up-A-Thon Challenge What I Built I revisited my personal website and decided to turn it into a more complete and polished portfolio. The project originally started as a simple personal website hosted on GitHub Pages. While it was functional, many planned features and improvements were never completed. For this challenge, I am working on improving the mobile experience, adding dark mode support, enhancing the Projects section, improving SEO, fixing existing issues, and making the website more interactive and professional. My goal is to transform an unfinished personal website into a modern portfolio that better represents my work, skills, and projects. Demo Live Website https://ehsankahrizi.github.io/ GitHub Repository https://github.com/Ehsankahrizi/Ehsankahrizi.github.io Current Status This project is currently being improved as part of the GitHub Finish-Up-A-Thon Challenge. Planned improvements include: Better mobile responsiveness Dark mode support Enhanced Projects section Improved SEO More interactive user experience Better website performance Additional pages and content Fixing existing usability issues The Comeback Story When I returned to this project, I realized that many ideas I originally had for the website were still unfinished. Although the website was online, it still had several limitations: The mobile experience needed improvement. Dark mode was not available. The Projects section was incomplete. The contact functionality needed attention. SEO optimization was missing. The website relied on a mostly single-page structure. User interactions were limited. Performance could be improved. Instead of starting a new project, I decided to revisit this existing one and finally complete the improvements that had been postponed. This challenge provided the perfect opportunity to continue development, clean up the codebase, improve the user experience, and turn the website into something I can confidently share with ot
AI 资讯
Building a Production-Grade Customer Inquiry Auto-Responder with SQLite Logging
The Journey I set out to build an efficient automation backend utility designed to classify incoming customer inquiries and automatically suggest optimized replies. My goal for this challenge was to document the transition of a basic, fragile text-parsing utility into a highly resilient, enterprise-ready application script. Production Evolution The Before (Fragile Prototype Base): The initial design relied entirely on rigid, case-sensitive string matching. It contained no persistent database engine, meaning analytics data was lost instantly upon script termination, and it lacked structural exception guarding, making it highly susceptible to standard runtime crashes if empty or unexpected values were inputted. The After (Fault-Tolerant Enterprise Core): I fully refactored the utility's entire architectural layout. The system now initializes a local SQLite relational table structure ( analytics.db ), appends automated date/time timestamps for granular metrics tracking, leverages strict array-based substring evaluation, and traps fatal exceptions seamlessly via localized error handling catch loops. Public Code Repository The complete operational source code, database persistence schemas, and functional verification blocks can be inspected directly via my public repository: https://github.com/playsmai/biz-responder-automation-
AI 资讯
SecAPI: Secure, AI-Driven API Key Management & Leak Prevention
This is a submission for the GitHub Finish-Up-A-Thon Challenge What I Built SecAPI is a local-first, zero-trust CLI utility and key manager designed to make code security the easiest developer path. Exposing secrets (like Stripe, OpenAI, or AWS keys) in repository files is one of the most common causes of credential leaks. Often, developers resort to plaintext .env files that can be accidentally staged and pushed, or struggle with complex vault set-ups. SecAPI solves this with a seamless three-step command line workflow: Scans codebases for exposed API keys using fast regex rules or advanced AI analysis. Vaults secrets locally using strong AES-256 encryption derived via PBKDF2-HMAC (completely offline). Replaces raw hardcoded strings in code with secure, runtime references ( load_key("key_name") )—preserving variable names, indentation, and comments. It means we can keep our code secure, separate environments easily, and prevent pushes with unencrypted credentials—all without relying on cloud-based vault hosts. Demo Interactive Web Showcase : secapi.netlify.app GitHub Repository : github.com/BinayakJha/SecAPI The Scrolling CLI Showcase in Action Check out the interactive scrollytelling page on secapi.netlify.app to see the simulator type out and execute the CLI commands (scanning, setting up vaults, applying smart code rewrites, checking the status board, and running the git pre-commit hook) in real-time as you scroll! The Comeback Story Where It Started SecAPI was an abandoned CLI prototype. It was un-installable due to file packaging typos, suffered from weak vault security (a custom padding scheme instead of a standard key derivation function), had no recovery options if the master password was lost, and used a basic console print command to list keys. Furthermore, the AI scanner relied on outdated OpenAI package versions, creating environment conflicts. What I Changed, Fixed, and Added I gave the project a complete, ground-up overhaul to turn it into a premium,
AI 资讯
Finishing the e-commerce app I abandoned in 2023
This is a submission for the GitHub Finish-Up-A-Thon Challenge What I Built GlowStore — a full-stack MERN e-commerce store (React + Redux + Express + MongoDB). Back in 2023 I built this as my university Web Engineering final project. I ran out of time, handed in what I had, and never touched it again. When I reopened it for this challenge I found something funny: the backend was basically finished — JWT auth, products, orders, reviews, search — but the React frontend never actually talked to it. It was a good-looking shell with fake logic bolted on. So "finishing it" meant connecting the two halves and making it a real store you can actually shop in. Repo: https://github.com/hashaam-011/Web-Engineering Demo Before — the entire app was just a fake login screen. Typing anything (or nothing) and clicking "Log in" flipped a boolean and "logged you in": After — a working storefront with products from the database: A real product detail page (was literally <h1>DetailsPages</h1> before): You can run it yourself in two terminals (no database setup needed — it boots an in-memory MongoDB and seeds itself): cd backend && npm install && npm start # http://localhost:4000 npm install && npm start # http://localhost:3000 Demo login: user@example.com / 123456 — or register a new account. The Comeback Story Here's what the project looked like before , and what I changed: Before After Login dispatched a boolean and ignored your credentials Real login/register against the API with JWT + bcrypt Frontend never called the backend (no axios anywhere) Axios client with token injection; products load from MongoDB Product details page was <h1>DetailsPages</h1> and wasn't routed Full details page (image, price, stock, rating) routed by slug Cart was local-only; "checkout" button did nothing Persistent cart → checkout → real order placed and saved Backend had a reviews endpoint the UI never used Product reviews: read them and post your own with a star rating Only 3 routes; most of the app was
AI 资讯
From Skeleton to Production: Building HR Goal Tracking Portal with GitHub Copilot
This is a submission for the GitHub Finish-Up-A-Thon Challenge What I Built I built the Atomberg Goal Setting & Tracking Portal — a full-featured, role-based HR performance management system for Atomberg Technologies (a fast-growing Indian consumer electronics brand). The portal manages the complete employee performance lifecycle : 🎯 Goal Setting — Employees create goals with weightage, UoM type, and thrust area alignment. Business rules enforced: max 8 goals, total 100% weightage, minimum 10% per goal ✅ Manager Approval Workflow — Submit → Review → Approve / Return for Rework 📊 Quarterly Check-ins — Q1–Q4 progress logging with 4 UoM types (Numeric Min/Max, Timeline, Zero-is-best) 🚨 Escalation Monitor — Rule-based detection of overdue submissions, missing approvals, and pending manager reviews 📈 Analytics & Reports — QoQ trend charts, department-wise performance, thrust area distribution, CSV exports 🔒 Admin Governance — Cycle phase management, shared goal distribution, full audit logging Tech Stack: React 18 + Vite · Context API · localStorage (zero-backend demo) · Recharts · Lucide Icons · Custom dark glassmorphism CSS Demo 🔗 Live App: https://atomberg-goal-tracker.vercel.app/ 📁 GitHub Repo: https://github.com/anonomous29/atomberg-goal-tracker Quick Login Credentials Role Email Password Admin priya.sharma@atomberg.com admin123 Manager rajesh.kumar@atomberg.com manager123 Employee vikram.singh@atomberg.com emp123 What to try: Login as Admin → Go to Escalation Monitor → see rule-based alerts Go to Reports → QoQ Trends tab → see Q1 performance bar chart Login as Employee → Dashboard shows Q1 score donut + goal-level progress Login as Manager → See team check-in status and review Q1 feedback The Comeback Story This project started as a hackathon requirement — a Business Requirements Document (BRD) from Atomberg asking for a digital goal management system. The initial version had the core structure but was essentially an empty shell: blank dashboards on login, no check
AI 资讯
The GSoC Arc: How I Almost Didn't Show Up to My Own Story
"This wasn't a success story. It started as survival." Intro Hey, I'm Supreeth C , a third-year engineering student, open source developer, and professional overthinker from Bengaluru. This is my first blog, and fair warning: it's long. Not "LinkedIn post with 5 bullet points" long. Actually long. This is the story of how I got selected for Google Summer of Code 2026 with CircuitVerse but more honestly, it's the story of how I almost didn't submit a proposal, almost quit twice, and spent a lot amount of time reading codebases on the Bengaluru Metro while missing my stop. Connect with me on GitHub and LinkedIn PS: I'm writing this at 4.05am, because sleep is a myth XD. Act I: The Prequel Second semester. Fresh-faced. Absolutely clueless. I joined Pointblank , the one genuinely breathable space in my Tier-3 college. I can say its the best student-run club overall and the main reason being : everyone around me was terrifyingly good . Codeforces experts and specialists, GSoC mentees, LFX mentees, Smart India Hackathon winners. People whose LinkedIn bios are of several lines. And me? I knew C++. That was it. That was my entire personality. Cue the imposter syndrome : that lovely feeling where you're convinced you snuck into a room you have no business being in, and everyone else is one conversation away from figuring it out. My solution? Chaos. I started learning everything simultaneously: web dev, Android, ML, DevOps, a bit of systems engineering. Jack of all trades, master of none, spiraling fast. I wasn't learning; I was collecting domains like Pokémon and actually using none of them. Then a senior said something that cut clean through the noise: "Find your own path." So I slowed down. Started from the basics of web dev. Attended many hackathons but always ended up in third or fourth and winning: zero . But something clicked anyway. Those hackathons introduced me to open source, and somewhere in that chaos, I gave myself a simple challenge: 4 pull requests for Hacktob
开源项目
🔥 perspective-dev / perspective - A data visualization and analytics component, especially wel
GitHub热门项目 | A data visualization and analytics component, especially well-suited for large and/or streaming datasets. | Stars: 10,909 | 283 stars this week | 语言: Rust
开源项目
🔥 web-infra-dev / midscene - AI-powered, vision-driven UI automation for every platform.
GitHub热门项目 | AI-powered, vision-driven UI automation for every platform. | Stars: 13,487 | 257 stars this week | 语言: TypeScript
开源项目
🔥 JannisX11 / blockbench - Blockbench - A low poly 3D model editor
GitHub热门项目 | Blockbench - A low poly 3D model editor | Stars: 5,523 | 89 stars this week | 语言: JavaScript
开源项目
🔥 manaflow-ai / cmux - Ghostty-based macOS terminal with vertical tabs and notifica
GitHub热门项目 | Ghostty-based macOS terminal with vertical tabs and notifications for AI coding agents | Stars: 20,249 | 2,534 stars this week | 语言: JavaScript
开源项目
🔥 plastic-labs / honcho - Memory library for building stateful agents
GitHub热门项目 | Memory library for building stateful agents | Stars: 4,467 | 599 stars this week | 语言: Python
开源项目
🔥 razvandimescu / numa - Portable DNS resolver in Rust — .numa local domains, ad bloc
GitHub热门项目 | Portable DNS resolver in Rust — .numa local domains, ad blocking, developer overrides | Stars: 1,229 | 27 stars today | 语言: Rust
开源项目
🔥 SaladDay / cc-switch-cli - ⭐️ A cross-platform CLI All-in-One assistant tool for Claude
GitHub热门项目 | ⭐️ A cross-platform CLI All-in-One assistant tool for Claude Code, Codex & Gemini CLI. | Stars: 3,041 | 23 stars today | 语言: Rust
开源项目
🔥 zed-industries / zed - Code at the speed of thought – Zed is a high-performance, mu
GitHub热门项目 | Code at the speed of thought – Zed is a high-performance, multiplayer code editor from the creators of Atom and Tree-sitter. | Stars: 84,059 | 102 stars today | 语言: Rust
开源项目
🔥 linebender / vello - A GPU compute-centric 2D renderer.
GitHub热门项目 | A GPU compute-centric 2D renderer. | Stars: 4,044 | 8 stars today | 语言: Rust
开源项目
🔥 millionco / react-doctor - Your agent writes bad React. This catches it
GitHub热门项目 | Your agent writes bad React. This catches it | Stars: 11,481 | 181 stars today | 语言: TypeScript
开源项目
🔥 bia-pain-bache / BPB-Worker-Panel - A GUI Panel providing Worker subscriptions for VLESS, Trojan
GitHub热门项目 | A GUI Panel providing Worker subscriptions for VLESS, Trojan and Warp configs alongside a private DoH server and chain proxies, offering full DNS, clean IP, Fragment, Warp, Warp pro and routing settings for cross-platform clients using Amnezia, Wireguard, Sing-box, Clash/Mihomo and Xray cores. | Stars: 10,613 | 44 stars today | 语言: TypeScript
开源项目
🔥 pingdotgg / t3code
GitHub热门项目 | | Stars: 12,155 | 86 stars today | 语言: TypeScript
开源项目
🔥 microsoft / vscode - Visual Studio Code
GitHub热门项目 | Visual Studio Code | Stars: 185,505 | 62 stars today | 语言: TypeScript