AI 资讯
Block the Merge if the Model Isn't Ready": Shifting Local AI Evaluations Left with CI Gates
We’ve all heard "it works on my machine," but when it comes to AI-driven features, that phrase is a recipe for disaster. You can have a perfectly tested agent today, but if you upgrade your base model or change your quantization strategy tomorrow, you might inadvertently kill your agent's reliability. You can’t afford to wait for production to find out your agent is hallucinating or failing its tool calls. This is why we built the headless QuantaMind CLI—to shift AI evaluation left into your CI/CD pipeline. By integrating custom eval JSON collections into your build process, you can now treat your AI agent like any other piece of code. If a model upgrade or a quantization tweak causes your agentic reliability to dip below your required threshold, your CI pipeline should block that merge. It’s not just about testing; it’s about enforcement. If you aren’t gating your deployments based on real, repeatable model performance, you aren’t shipping software—you’re shipping a guessing game.
AI 资讯
I stopped trusting curl | sh — so I built a tool that reads the script first
Every developer has done it. You hit a README, you see the install command: curl -fsSL https://example.com/install.sh | sh And you run it. Maybe you skim the script first. Maybe you don't. But you run it. I've been doing this for years. And each time, a small voice in the back of my head says: you have no idea what that script actually does. You just piped a stranger's code straight into your shell. Eventually I got tired of ignoring that voice. What the pattern actually is curl | sh is not a bad pattern — it's a fast, convenient pattern with a real trust gap. The script runs with your permissions, in your shell, right now. It can: Install something with sudo Delete files with rm -rf Write to your disk with dd Access your SSH keys or .env files Set up a cron job or a systemd service that runs again next reboot Decode and run a payload with base64 | eval Most install scripts do none of these things maliciously. But many do several of them legitimately — and you wouldn't know which ones until something went wrong. --- ## What I built instead I'm a solo founder based in Ouagadougou, Burkina Faso. I build with heavy AI pairing — I'm not a trained engineer, I work with Claude, review the output, and ship. This tool ( peek ) was AI-paired and reviewed by me before release. peek is a ~130-line POSIX shell script that sits in front of the pattern: # Instead of: curl -fsSL https://example.com/install.sh | sh # Do: peek https://example.com/install.sh Before anything runs, peek: Fetches the script Scans it for risky patterns Prints a risk score and the exact dangerous lines Asks you to confirm — and refuses to auto-run a HIGH-RISK script unless you type RUN You can also pipe into it, or run it in analysis-only mode: curl -fsSL https://example.com/install.sh | peek # analyze from a pipe peek --print ./downloaded.sh # never runs, analysis only What it flags (and what it doesn't) The patterns peek checks: Root escalation — sudo , running as root Destructive file ops — rm -rf , fi
AI 资讯
Introducing coreIcons: A Lightweight Library of 352 Icons for Developers 🚀
Hey pessoal! 👋 Queria compartilhar um projeto que venho desenvolvendo para resolver um problema comum: encontrar uma biblioteca de ícones limpa, consistente e fácil de integrar, sem peso desnecessário no projeto. Apresento o coreIcons — uma coleção organizada de 352 ícones de desenvolvimento feita para workflows modernos. 📦 Por que o coreIcons? Leve e Rápido: Impacto mínimo no carregamento das suas aplicações. Organizado: Desenvolvido com uma grade (grid) e estilo totalmente consistentes. Focado no Dev: Feito para se encaixar perfeitamente nos seus projetos de frontend ou full-stack. 🚀 Como Usar É super simples! Basta acessar a nossa demonstração ao vivo, navegar pela coleção e clicar em qualquer ícone. O sistema vai fornecer instantaneamente a URL correta ou o snippet do ícone escolhido para você copiar e usar na hora. 🌟 Apoie o Projeto & Conecte-se! Se você achar essa biblioteca útil, por favor, considere deixar uma estrela ⭐️ no nosso repositório do GitHub ! Seu apoio ajuda o projeto a crescer e a alcançar mais desenvolvedores na comunidade. Também quero deixar um agradecimento enorme a todos que apoiam projetos open-source, contribuem com feedbacks e ajudam a construir um ecossistema melhor para todos nós. Vamos construir juntos! 🔗 Acesse o projeto Repositório no GitHub: https://github.com/mauriciospark/coreIcons Demonstração / Site: https://mauriciospark.github.io/coreIcons/ O que você achou? Deixe suas ideias, feedbacks ou sugestões nos comentários abaixo! 👇 Hey everyone! 👋 I wanted to share a project I've been working on to solve a common problem: finding a clean, consistent, and easy-to-integrate icon library without overhead. Meet coreIcons — an organized collection of 352 development icons built for modern workflows. 📦 Why coreIcons? Lightweight & Fast: Minimal footprint for your applications. Organized: Designed with a consistent grid and style. Developer-Centric: Built to fit smoothly into your frontend or full-stack projects. 🚀 How to Use It's extremely
AI 资讯
Coding Burnout is Real: Build a Stress Warning Dashboard with Oura Ring & GitHub
We’ve all been there: it’s 2 AM, you’re deep in a "Refactoring Rabbit Hole," your coffee is cold, and your heart is racing. You feel productive, but is your body paying the price? As developers, we often ignore the physical signals of burnout until it's too late. In this tutorial, we are going to quantify the "Dev Grind." We'll build a Programmer Stress Warning Dashboard using the Oura Ring API to track Heart Rate Variability (HRV) and correlate it with your GitHub commit frequency . By the end of this guide, you'll have a real-time visualization of how that complex Kubernetes migration is actually affecting your nervous system. We will be utilizing HRV monitoring , biometric data visualization , and the Oura Ring API to create a predictive stress model for high-performance engineers. The Architecture 🏗️ The logic is simple: we fetch your physiological "readiness" and stress markers from Oura and overlay them with your activity from GitHub. If your commits are spiking while your HRV is tanking, it's time to step away from the keyboard. 🥑 graph TD A[Oura Cloud API] -->|HRV & Stress Levels| B(Next.js Backend) C[GitHub API] -->|Commit Frequency| B B -->|Data Aggregation| D{Correlation Engine} D -->|JSON Stream| E[D3.js Visualization] E -->|Alerts| F[Developer Dashboard] style F fill:#f96,stroke:#333,stroke-width:2px Prerequisites 🛠️ To follow this tutorial, you'll need: Oura Ring & a Personal Access Token (from the Oura Developer Portal ). Next.js (App Router) for our frontend and API routes. D3.js for crisp, reactive data visualizations. Vercel for instant deployment. Step 1: Fetching HRV Data from Oura API Heart Rate Variability (HRV) is the gold standard for measuring autonomic nervous system stress. A high HRV usually means you're recovered; a low HRV means you're under pressure. Here is a clean implementation of a Next.js API route to grab your daily stress metrics: // app/api/oura/route.ts import { NextResponse } from ' next/server ' ; export async function GET (
开源项目
🔥 pola-rs / polars - Extremely fast Query Engine for DataFrames, written in Rust
GitHub热门项目 | Extremely fast Query Engine for DataFrames, written in Rust | Stars: 38,779 | 17 stars today | 语言: Rust
开源项目
🔥 typst / typst - A markup-based typesetting system that is powerful and easy
GitHub热门项目 | A markup-based typesetting system that is powerful and easy to learn. | Stars: 54,316 | 75 stars today | 语言: Rust
开源项目
🔥 n0-computer / iroh - IP addresses break, dial keys instead. Modular networking st
GitHub热门项目 | IP addresses break, dial keys instead. Modular networking stack in Rust. | Stars: 9,076 | 326 stars today | 语言: Rust
开源项目
🔥 nocobase / nocobase - NocoBase is an open-source AI + no-code platform for buildin
GitHub热门项目 | NocoBase is an open-source AI + no-code platform for building business systems fast. Instead of generating everything from scratch, AI works on top of production-proven infrastructure and a WYSIWYG no-code interface, so you get both speed and reliability. | Stars: 22,945 | 118 stars today | 语言: TypeScript
开源项目
🔥 desktop / desktop - Focus on what matters instead of fighting with Git.
GitHub热门项目 | Focus on what matters instead of fighting with Git. | Stars: 21,588 | 5 stars today | 语言: TypeScript
开源项目
🔥 Egonex-AI / Understand-Anything - Graphs that teach > graphs that impress. Turn any code into
GitHub热门项目 | Graphs that teach > graphs that impress. Turn any code into an interactive knowledge graph you can explore, search, and ask questions about. Works with Claude Code, Codex, Cursor, Copilot, Gemini CLI, and more. | Stars: 61,090 | 1,222 stars today | 语言: TypeScript
开源项目
🔥 Mathieu2301 / TradingView-API - 📈 Get real-time stocks from TradingView
GitHub热门项目 | 📈 Get real-time stocks from TradingView | Stars: 3,638 | 67 stars today | 语言: JavaScript
开源项目
🔥 mochajs / mocha - ☕️ Classic, reliable, trusted test framework for Node.js and
GitHub热门项目 | ☕️ Classic, reliable, trusted test framework for Node.js and the browser | Stars: 22,956 | 12 stars today | 语言: JavaScript
开源项目
🔥 Asabeneh / 30-Days-Of-Python - The 30 Days of Python programming challenge is a step-by-ste
GitHub热门项目 | The 30 Days of Python programming challenge is a step-by-step guide to learn the Python programming language in 30 days. This challenge may take more than 100 days. Follow your own pace. These videos may help too: https://www.youtube.com/channel/UC7PNRuno1rzYPb1xLa4yktw | Stars: 65,108 | 150 stars today | 语言: Python
AI 资讯
I cleaned India's Census 2011 data so you never have to
Every Indian data scientist hits the same wall. You need district-level population data. You go to censusindia.gov.in. You find hundreds of inconsistent Excel files with merged headers, footnote rows, and zero documentation. You spend a full day just loading the data before doing any actual analysis. I fixed that. Once. For everyone. What I built indiaset/census-2011 India's Census 2011 district data, clean, typed, and ready for pandas. 640 districts · 29 columns · 0 missing values Validated against official India total · LGD codes attached Load it in 4 lines from huggingface_hub import hf_hub_download import pandas as pd path = hf_hub_download ( repo_id = " indiaset/census-2011 " , filename = " census_2011_districts_final.parquet " , repo_type = " dataset " ) df = pd . read_parquet ( path ) print ( df . shape ) # (640, 29) What's in it Column Description state_code Census 2011 state code state_name Official state/UT name district_code Census 2011 district code district_name District name as per Census lgd_code LGD permanent district code district_name_lgd District name as per LGD pop_total Total population pop_male Male population pop_female Female population pop_under6_total Children under 6 years pop_sc Scheduled Caste population pop_st Scheduled Tribe population literate_total Literate persons literate_male Literate males literate_female Literate females illiterate_total Illiterate persons workers_total Total workers workers_male Male workers workers_female Female workers non_workers_total Non workers literacy_rate Literate / Total × 100 sex_ratio Females per 1000 males workforce_participation Workers / Total × 100 The validation The most important test - do all 640 district populations sum to India's official total? print ( df [ ' pop_total ' ]. sum ()) # 1210854977 ✅ — exact match, zero discrepancy What the data actually shows Most literate district → Pathanamthitta, Kerala : 88.74% Least literate district → Alirajpur, Madhya Pradesh : 28.77% Literacy gap acro
AI 资讯
The exact math that made $40,000,000 out of Polymarket (Full roadmap)
While you're manually checking if YES + NO = 1 , quantitative systems are solving massive constraint satisfaction problems across thousands of correlated markets in milliseconds. The Hidden Reality of Prediction Market Arbitrage You see a market where YES is trading at $0.62 and NO at $0.33. You think: There's $0.05 of arbitrage here . You're right. What you don't see is that by the time you place both orders, professional systems have already: Scanned 17,000+ conditions Detected dozens of correlated mispricings Calculated optimal position sizes (with fees & slippage) Executed everything in parallel Moved on to the next opportunity Between April 2024 and April 2025, quantitative traders extracted $39,688,585 in guaranteed arbitrage profits from Polymarket. The top individual wallet made $2,009,631.76 across 4,049 trades — an average of $496 guaranteed profit per trade . This wasn't gambling. This was mathematics. Why Simple "YES + NO = 1" Checks Fail Most retail traders stop at basic price sum checks. That's not enough. Markets are logically dependent. Example: "Will Trump win Pennsylvania?" → YES: $0.48 "Will Republicans win Pennsylvania by 5+ points?" → YES: $0.32 If the second outcome happens, the first must be true. These dependencies create arbitrage opportunities that simple addition cannot detect. This is known as the marginal polytope problem — projecting prices onto the set of arbitrage-free probability distributions. The Scale of the Computational Challenge For any event with n binary conditions, there are 2ⁿ possible outcome combinations. 2024 U.S. elections: 305 markets → tens of thousands of pairs 2010 NCAA tournament: 63 games → 2⁶³ ≈ 9.2 quintillion combinations Brute force is impossible. Smart systems use constraints instead. Real example : Duke vs Cornell basketball market 7 possible win counts per team → 14 conditions. Instead of checking 16,384 combinations, 3 linear constraints were enough. Research found that 41% of 17,218 conditions showed sing
AI 资讯
I got tired of hand-rolling message queues in FreeRTOS. So I built embedmq.
Every FreeRTOS project I've worked on has the same problem. You have a sensor task that reads temperature. You have a UI task that needs to display it. So you create a QueueHandle_t, pass it to both tasks at init, call xQueueSend on one side and xQueueReceive on the other. Fine. Then you add a WiFi task that also needs temperature. You add another queue. Then a logging task. Another queue. Soon your app_init() is a mess of queue handles being passed around, and changing one task means touching everything it's connected to. On bare metal it's the same story in a different shape — a dozen global flags in main: if (flag_sensor) ... if (flag_button) ... if (flag_timer) ..., each one added as the project grows, none of them easy to trace back to where they're set. On embedded Linux it's pointers — modules holding direct references to each other, so a change in one ripples everywhere. I wanted one solution that works across all three without rewriting the dispatch logic every time. embedmq collapses it to 3 functions: embedmq_register(q, "sensor.temp", on_temp, NULL); // subscriber embedmq_post(q, "sensor.temp", &data, sizeof(data)); // producer, any thread/task No shared queue handles. No global flags. No direct pointers between modules. The library handles the ring buffer, the mutex, and the semaphore wakeup. Same API, three platforms: Linux: pthread + POSIX semaphore, zero external dependencies FreeRTOS: counting semaphore + xTaskCreate, static mode for zero heap after init Bare-metal: C11 atomic spinlock, drive dispatch with embedmq_poll() from your superloop FreeRTOS PAL is verified on the POSIX simulator in CI — not real hardware yet, I'll be honest about that. GitHub: https://github.com/w4ysonch/embedmq Happy to answer questions about the design or the FreeRTOS porting details.
AI 资讯
Why Most Trading Bots Fail: I Ditched 10 Indicators and Built Winners with Just 2 (Public $100k+ PnL Proof)
Stacking indicators doesn't make you smarter — it makes your bot dumber. You've seen the guides....
AI 资讯
Forget 10+ indicators for your bot. I use only 2 and publicly made $100k+ PnL on Polymarket.
This advice is everywhere now: Stack ten indicators, wait for three of five to agree, then size up...
AI 资讯
How I Built the Two Missing Payload CMS v3 Plugins — Reviews, JSON-LD & Real Production Bugs
Running 23 European e-commerce shops on Payload CMS v3 taught me that some things simply don't exist yet. So I built them. Background I maintain a multi-clone e-commerce infrastructure — 23 Next.js + Payload CMS v3 shops deployed across Europe, each on its own subdomain and language. Think fr.myshop.com , de.myshop.com , sk.myshop.com ... all running on the same codebase with country-specific patches. While building this, I kept running into two missing pieces that no one had published for Payload v3: A customer reviews system with admin moderation and Google star ratings Complete Schema.org JSON-LD for Google rich snippets (Product, BreadcrumbList, ItemList, AggregateRating) Both are now published on npm. Here's what I built, the bugs I hit, and how I solved them. Part 1 — The Reviews Plugin What didn't exist Search npm for payload reviews or payload ratings — you'll find nothing for v3. The official plugin ecosystem covers SEO, forms, redirects, Stripe... but not customer reviews. Building the collection The reviews collection itself is straightforward — relationship to products , rating (1-5), status select (pending/approved/rejected), author fields. The tricky parts came later. Access control gotcha: Payload v3 uses a roles array, not a role string. This breaks if you copy v2 patterns: // ❌ Wrong — always returns false update : ({ req }) => req . user ?. role === ' admin ' , // ✅ Correct for v3 update : ({ req }) => req . user ?. roles ?. includes ( ' admin ' ), Prevent self-verification: Users can POST any field on create: () => true collections. Lock verified in a beforeChange hook: hooks : { beforeChange : [ ({ data }) => { if ( ! data . status ) data . status = ' pending ' data . verified = false // admin-only, always reset on create return data }, ], }, Email protection: read: () => true on the collection exposes authorEmail in the public API. Add field-level access: { name : ' authorEmail ' , type : ' email ' , access : { read : ({ req }) => req . user ?.
AI 资讯
I Open-Sourced MarketEye — Here's Why (and the GitHub Link)
I open-sourced MarketEye today. For anyone who missed the first post: MarketEye is a self-hosted competitor price monitor I built because I didn't want to pay $99/month for Prisync. The code is now up on GitHub under MIT license. GitHub: github.com/dachengzi065-gif/marketeye Why open source? Three reasons: 1. People actually asked for it. After my first post here, a few people DM'd me asking to see the code. They're developers too — they want to modify it, extend it, make it their own. That's fair. Selling source code to devs is like selling ice to eskimos. 2. Trust. A closed-source price tracker that "runs on your machine" — you either trust the author or you don't. Open source removes that doubt. You can read every line, check what data leaves your machine (nothing), and build it yourself if you want. 3. Longevity. Self-hosted tools have a dirty secret: if the developer disappears, you're stuck with a broken tool. Open source changes that. Even if I get hit by a bus tomorrow, you can fork the repo and keep going. What this means for the $49 version The Gumroad package still exists. It includes: The same code, pre-packaged Email support (I'll help you set it up) A clear conscience subscription (you're paying for convenience, not software) But honestly? If you can run pip install , just clone the repo. It's free. What's next I'm actively working on: Docker image (one-command deploy) More scrapers (plugins for different sites) Discord/Telegram bot alerts (requested by several people) PRs welcome. Issues welcome. Feedback welcome. 👉 github.com/dachengzi065-gif/marketeye