开发者
How Processes Share Memory Without Copying (Visual)
A visual explanation of how two separate processes can access the same bytes without copying a payload between them. It covers virtual memory, page tables, physical frames, shm_open, mmap(MAP_SHARED), lazy allocation, copy-on-write, shared libraries, memory-mapped files, Redis snapshots, and Dirty COW. submitted by /u/Ok_Marionberry8922 [link] [留言]
开发者
Exploiting PackageInstaller parsing: A 974-byte modern Android 14 PoC.
I’ve been exploring the absolute structural floor of the Android APK format. By leveraging hasCode="false" and surgically optimizing the ASN.1 DER encoding of the V2 signature, I’ve managed to get a compliant Android 14 app down to 974 bytes. The system treats it as a first-class app, and it’s fully installable on a stock Android 14 device. It’s an exercise in how much the PackageManager trusts the headers versus what it semantically validates. submitted by /u/Same-Access-6799 [link] [留言]
AI 资讯
Claude Code Sends 33k Tokens Before Your Prompt; OpenCode Sends 7k
A new side-by-side measurement shows Claude Code ships roughly 33,000 tokens of system prompt, tool schemas, and scaffolding before your prompt even arrives — about 4.7x the ~7,000 tokens OpenCode sends on the same setup. The bigger cost surprise is next: Claude Code re-wrote up to 54x more prompt-cache tokens per session, and cache writes bill at a premium. How the test was run The benchmark (published by Systima) spliced a logging proxy between each harness and the model endpoint, capturing the exact request payload and the API's usage block. Both harnesses were pinned to the same conditions: Claude Code 2.1.207 and OpenCode 1.17.18 , both pointed at claude-sonnet-4-5 Fresh config directories, empty workspace, no MCP servers, no instruction files, permissions bypassed Tasks ranged from "reply with OK" (isolating fixed overhead) to a write-run-test-fix loop against FizzBuzz A zero-tools variant separated system-prompt weight from tool-schema weight The payload captures are exact; the only adjustment was subtracting a constant ~6,200-token gateway envelope that wrapped every request in the test setup. The fixed floor Harness Fixed overhead before your prompt Cache-write behavior Claude Code 2.1.207 ~33,000 tokens Re-wrote tens of thousands of cache tokens per run; up to 54x OpenCode OpenCode 1.17.18 ~7,000 tokens Byte-identical prefix each run; cached once, read back cheaply OpenCode's request prefix was byte-identical in every captured run, so it paid to cache its payload once per session and read it back for pennies. Claude Code re-wrote large amounts of prompt-cache tokens mid-session, run after run — and because cache writes bill at a premium, one usage dashboard climbs while the other stays flat. Where it piles on in real setups The harness floor is only the start. The benchmark added variables one at a time: A production repository's 72KB instruction file added an average of ~20,000 tokens to every request. Five modest MCP servers added 5,000–7,000 more. By th
AI 资讯
Why your integration tests pass but your message queue still double-processes in production
You know the story. You write a consumer, test it locally, deploy to staging, everything green. Then in production, the same message gets processed twice. Orders are duplicated. Notifications go out twice. Everyone blames "a race condition" and moves on. We spent the last few months formally verifying what actually happens when consumers crash with at-least-once delivery semantics. The short version: it doesn't matter which broker you use . The race condition is a property of the delivery contract, not a bug in the implementation. What we did Instead of writing more integration tests hoping to reproduce the timing, we wrote a formal specification of the consumer-broker interaction in TLA+ (the specification language by Leslie Lamport). The model checker exhaustively explores every possible interleaving of events — not just the ones you think to test. Then we took the counterexamples from the model and validated them in real running systems using Docker + Toxiproxy (network fault injection). If the math said "double-execution is possible", we confirmed it with actual containers. What we found We applied this pipeline to five different systems: Celery — ACK timeout + network blip: the model found the crash window at depth 9 (444 states). Chaos confirmed it: task executed twice. RabbitMQ — consumer stores result, drops connection before AMQP ACK. Same pattern. 108 states, depth 7. Chaos confirmed. NATS JetStream — consumer crashes after DB write, before ACK. 47 states, depth 6. Docker kill + Toxiproxy confirmed: duplicate execution. Apache Pulsar — batch consumer crashes between Process and SendAck. 21 states, depth 4. Chaos confirmed: 2 DB rows for 1 message. Kafka — consumer commits offset after processing. Crash between StoreResult and commitSync(). Same result: double execution. Every single time, the model predicted the collision and chaos confirmed it. The insight The spec is the same across all five systems. The variable names change, but the topology is identic
AI 资讯
How I Built a GeoGuessr Game for Super Mario Odyssey
I wanted to build something different from the usual fan project. Instead of recreating gameplay, I asked a different question: How well do players actually remember the worlds of Super Mario Odyssey? The result is OdysseyGuessr, a browser game inspired by GeoGuessr. Players receive a screenshot from one of the game's Kingdoms and must place a marker on the correct location. Every meter counts. The project includes: Browser-based gameplay Single-player with customizable rounds Real-time multiplayer with a 5,000 HP battle system Community-submitted locations Admin moderation tools One of the biggest challenges wasn't the gameplay—it was collecting interesting locations that were difficult but still fair. Watching players confidently choose the wrong cliff or rooftop has been surprisingly entertaining. If you're interested in browser games or Nintendo fan projects, I'd love to hear your feedback. Play here: https://odyssey-guessr.lovable.app OdysseyGuessr is an unofficial fan project and is not affiliated with Nintendo.
AI 资讯
The One DevOps Metric Every Solo Developer Ignores
What’s up everyone! Back again for my daily drop. We talk a lot about deployment frequency and lead time for changes, but if you're a solo dev or part of a small team building something like LaunchAlly , there’s one metric that rules them all: Time to Recovery (TTR) from a bad push. When you're marketing, coding, and handling support all at once, a broken main branch is a massive bottleneck. Here is my quick tip for today: Invest 20 minutes into setting up strict automated rollbacks . If a deployment fails health checks, let the system revert it instantly without your intervention. Spend lots of hours working today...happy to go to bed now:) What’s your go-to strategy for handling failed deployments on the fly?
开发者
Integrating .NET GC in your C++ application
.NET appears as large monolith where everything is working like a magic. But it is not, and even GC can be used outside of .NET runtime (obviously with caveat). When I was a kid, I always love disassemble things, to see how they works. Not always toys survive that exercise. But thanks to source control, .NET GC is safe from my hands. Hopefully lot of people like me, and will enjoy tearing down large system into pieces. submitted by /u/kant2002 [link] [留言]
AI 资讯
Stop Guessing: How I Pick AI API Architecture at Every Scale
Stop Guessing: How I Pick AI API Architecture at Every Scale I've been on both sides of this. Two years ago I was the lone backend engineer at a Series A startup, duct-taping API calls together at 2 AM because the founders wanted a chatbot demo by morning. Last quarter I sat in a procurement meeting at a Fortune 500 where we spent six weeks evaluating three vendors for a single inference workload. Same job title on LinkedIn, wildly different problems. Most AI API guides I've read treat both scenarios like they're the same conversation. They're not. The startup CTO optimizing for burn rate and the enterprise architect worrying about a 99.9% uptime SLA are solving fundamentally different equations. After enough of these conversations, I've developed a framework I'd like to share — and yes, I'll talk about Global API because it's what I actually use, but I'll also explain the reasoning behind each choice so you can adapt it to your own stack. What I Look at First: The p99 Question Before I look at price, I look at the latency distribution. Specifically, the p99. Mean latency tells you almost nothing useful. If your median response is 200ms but your p99 is 4 seconds, your users will see janky behavior on the long tail and you won't know why until production is on fire. For startups in the MVP phase, you can usually get away with best-effort routing. A p99 of 2-3 seconds is fine if you're building an async summarization feature. But the moment you put AI in the synchronous request path — like a customer-facing chatbot or a real-time code suggestion — p99 starts to bite. I learned this the hard way when our startup's "AI assistant" feature had users complaining about slowness that I couldn't reproduce locally. The culprit? Provider cold starts hitting our 1% of users who happened to get routed to a freshly spun-up instance. For enterprises, p99 isn't a nice-to-have, it's a contractual obligation. Most B2B SLAs I've negotiated pin uptime at 99.9% and require reporting on m
开发者
ZeroFS vs. Amazon S3 Files
submitted by /u/Either_Collection349 [link] [留言]
开发者
Prefer STRICT tables in SQLite
submitted by /u/Either_Collection349 [link] [留言]
开发者
How we scale PgBouncer in ClickHouse Managed Postgres
submitted by /u/Either_Collection349 [link] [留言]
开发者
Prefer STRICT tables in SQLite
submitted by /u/mitousa [link] [留言]
AI 资讯
Every AI tool, agent, and site builder a developer should know in 2026
hi, i am Aniruddha Adak, a full-stack developer from kolkata who spends way too much time building things with ai tools, shipping apps, and reading way too many github readmes at 2 am. i built 27 apps in 45 days using no-code and ai tools last year. that experience taught me one thing very clearly: the landscape of ai tooling for developers is moving insanely fast, and it is genuinely hard to keep up. so i sat down and did something about it. this is my deep research post on every ai tool, agent, builder, reviewer, and framework that developers, software engineers, and ai engineers should actually know about right now. i have organized it into categories so you can find what you need quickly. no fluff. just the tools, their sites, and what they do. why i wrote this i keep seeing developers waste time because they do not know the right tool exists. someone is manually reviewing pull requests for a week straight, not knowing coderabbit exists. someone else is hand-writing supabase schemas when emergent can do it in seconds. another person is spending days on a landing page when v0 can scaffold it in one prompt. this post is my attempt to fix that. i went through github repositories, dev communities, product hunt launches, and research aggregators to compile this. it is long. that is intentional. bookmark it. section 1: ai-native ides these are not just editors with a chatbot plugged in. these are environments built from the ground up around how language models think and work. tool site what it does cursor https://www.cursor.com forked vscode, codebase-aware context windows, multi-file edits with copilot-style background indexing windsurf https://windsurf.com cascade ai agent that writes files, runs terminal checks, and fixes things in real-time zed https://zed.dev built in rust with gpui, super low latency, native multiplayer coding support replit https://replit.com cloud ide with a full autonomous agent that runs inside serverless virtual workspaces google antigravit
AI 资讯
DORA Metrics Measure Delivery Health. What Measures Security Posture Health?
✓ Human-authored analysis; AI used for formatting and proofreading. Delivery teams have DORA. Four metrics — deployment frequency, lead time for changes, mean time to restore, change failure rate that predict whether a team is shipping well. Thoughtworks recently added a fifth: rework rate, measuring how much of the pipeline is consumed by fixing work previously considered complete. These metrics changed how delivery organizations operate. Because they're leading indicators. They tell you the trajectory before the outcome arrives. A team with increasing lead times is heading for trouble. A team with rising rework rate is accumulating debt. You see it in the metrics before you see it in the incidents. Security teams have no equivalent. What security teams measure today Finding counts. "We found 247 misconfigurations this quarter." More scanning produces more findings. A team that scans more frequently or adds a new tool sees the number go up which looks worse even if posture is improving. Finding counts measure scanning effort, not security health. Compliance percentages. "We're 94% compliant with CIS Benchmarks." This measures the last audit, not the current trajectory. A team at 94% today might be at 87% next week if three Terraform changes introduced misconfigurations. The percentage is a snapshot, not a trend. It rewards breadth of coverage over depth. 94% across 200 checks sounds better than 100% across 50 checks, even if the 50 are the ones that matter. Incident counts. "We had two security incidents this quarter." This is a trailing indicator. It measures failures that already happened. A team with zero incidents might have excellent posture or might have excellent luck. You can't tell. By the time the count goes up, the damage is done. None of these answer the question delivery teams answer with DORA: are we getting better, and how fast? The mapping The five DORA metrics adapt directly to security posture. The definitions are concrete and measurable from eval
AI 资讯
I Poked a 10-Year-Old Chat Protocol With a Stick
Hello, I'm Maneshwar. I'm building git-lrc, a Micro AI code reviewer that runs on every commit. It is...
开发者
C3 0.8.2 A modest improvement
submitted by /u/Nuoji [link] [留言]
AI 资讯
Building Accessible Popups Natively with the HTML5 Element
Many developers still rely on heavy, third-party JavaScript frameworks or external UI libraries just to create simple popups and modal windows. This introduces bloated bundle sizes, slows down page speed, and often ruins accessibility (a11y) for keyboard users and screen readers. Fortunately, you can build an accessible, highly interactive modal window completely natively using the modern HTML5 <dialog> element. The Code Setup Here is how simple it is to build a native modal with semantic HTML, minimal JavaScript, and a touch of modern CSS styling. 1. The Markup (index.html) <main> <h1> Native HTML5 Dialog Element </h1> <p> Click the button below to open a completely native, accessible popup modal. </p> <button id= "openModalBtn" > Open Modal Window </button> </main> <dialog id= "myModal" > <h2> Native Modal Title </h2> <p> This modal is rendered natively by the browser. Focus is trapped automatically! </p> <button id= "closeModalBtn" > Close Modal </button> </dialog> ### 2. The Logic (script.js) Instead of manually managing visibility states or toggle classes, the browser gives us built-in `.showModal()` and `.close()` methods: javascript const modal = document.getElementById('myModal'); const openBtn = document.getElementById('openModalBtn'); const closeBtn = document.getElementById('closeModalBtn'); openBtn.addEventListener('click', () => { modal.showModal(); }); closeBtn.addEventListener('click', () => { modal.close(); }); dialog ::backdrop { background-color : rgba ( 0 , 0 , 0 , 0.6 ); backdrop-filter : blur ( 4px ); } dialog { border : none ; border-radius : 8px ; padding : 2rem ; box-shadow : 0 4px 12px rgba ( 0 , 0 , 0 , 0.15 ); } Interactive Demos & Source Code Working Live Code Demo: ( https://codepen.io/editor/CoderDecoding/pen/019f5548-f0cb-75f8-b915-b9fdb33e92d1 ) Public Code Repository: ( https://github.com/CoderDecoding/native-dialog-demo )
开发者
Equality Operators (==, !=) in Java — Part 1
Equality operators are among the most frequently used operators in Java. They allow us to compare two values and determine whether they are equal or not. Unlike relational operators ( < , > , <= , >= ), equality operators work with all primitive data types , including boolean , and they can also compare object references . However, many beginners get confused about how == behaves with objects, strings, and null . These concepts are also some of the most frequently asked Java interview questions. Let's understand them with simple explanations and practical examples. What Are Equality Operators? Java provides two equality operators. Operator Description == Equal to != Not equal to Both operators always return a boolean value. Example System . out . println ( 10 == 10 ); System . out . println ( 20 != 10 ); System . out . println ( 5 == 8 ); Output true true false Rule 1: Equality Operators Work with All Primitive Types Unlike relational operators, equality operators can be applied to every primitive type , including boolean . Supported primitive types include: byte short int long float double char boolean Numeric Examples System . out . println ( 10 == 20 ); Output false System . out . println ( 'a' == 'b' ); Output false System . out . println ( 'a' == 97 ); Output true Explanation 'a' = 97 (Unicode) 97 == 97 ↓ true System . out . println ( 'a' == 97.0 ); Output true Even though one operand is a char and the other is a double , Java performs numeric promotion before comparison. Boolean Example System . out . println ( true == false ); Output false System . out . println ( false == false ); Output true Unlike relational operators, equality operators fully support boolean values. Equality Operators vs Relational Operators Many beginners confuse these operators. Expression Result true == false ✅ Valid true != false ✅ Valid true > false ❌ Compile-time error true < false ❌ Compile-time error Remember: Equality operators work with boolean . Relational operators do not. Rul
AI 资讯
How to Develop a Mobile App? 📱 | A Step-by-Step Guide for Beginners
Hello DEV Community! 🚀 In my last post, I shared my passion for App Development. Today, I want to talk about the actual process of building an app. Whether you want to build an Android or iOS app, the core workflow remains the same. Here is a step-by-step roadmap for anyone starting out: 1. Planning and Research 💡 Before writing a single line of code, you need a clear idea. Identify the problem: What problem does your app solve? Target Audience: Who will use this app? Feature List: Write down the core features (e.g., login, dark mode, notifications). 2. UI/UX Design 🎨 Design is how your app looks and feels. Sketch your ideas on paper first. Use tools like Figma or Adobe XD to create wireframes and visual mockups. Keep the user interface clean and easy to navigate. 3. Choosing the Right Tech Stack 🛠️ You need to decide how you will build the app: Native Development: Use Kotlin/Java for Android, or Swift for iOS. Cross-Platform Development: Use Flutter (Dart) or React Native (JavaScript) to build for both Android and iOS with a single codebase. 4. Development (Coding) 💻 This is where the magic happens! Frontend: Building the screens and visual elements that users interact with. Backend: Setting up servers and databases (like Firebase or Node.js) to store user data, login details, etc. 5. Testing and Publishing 🚀 Before releasing it to the world, you must test it thoroughly. Test for bugs, crashes, and performance issues. Once everything is perfect, publish it on the Google Play Store or Apple App Store . Conclusion 🤔 App development takes time and patience, but seeing your app live on a smartphone is an amazing feeling! What framework are you using for your app development journey? Let me know in the comments below! 👇
AI 资讯
🚀 Calling all DevOps, SRE, and Platform Engineers! Let’s build the future of AI for DevOps together.
Over the last few years, I've been exploring AI agents, and one thing became obvious. There are hundreds of AI agents available today, but almost all of them are general-purpose. They can answer questions, write code, or browse the web, but very few truly understand the day-to-day challenges of running production infrastructure. As someone who has spent years working in DevOps, I wanted something different. That's why I built DevOps Open Agent, an open-source, self-hosted AI platform designed specifically for DevOps engineers, SREs, and Platform teams. Today, the project includes: ✅ Kubernetes Debugging Agent for AI-assisted cluster troubleshooting ✅ AWS DevOps Agent for investigating infrastructure issues ✅ Cloud Cost Detector to identify optimization opportunities ✅ GitHub PR Reviewer with DevOps-focused code reviews ✅ Slack, Microsoft Teams, and PagerDuty integrations ✅ MCP support for connecting external tools and services ✅ Support for multiple LLM providers including OpenAI, Anthropic, Gemini, OpenRouter, and Ollama But this is just the beginning. There is so much more we can build together: ✔️ Better Kubernetes diagnostics ✔️ Smarter AWS investigations ✔️ Terraform and Infrastructure-as-Code analysis ✔️ Observability integrations ✔️ Performance debugging ✔️ Security analysis ✔️ Historical investigation memory And many more AI-powered workflows for production engineering If you're passionate about DevOps, SRE, Platform Engineering, or Generative AI, I'd love to have you involved. Whether you contribute code, improve documentation, report bugs, review pull requests, or suggest new ideas, every contribution helps move the project forward. ⭐ Give the repository a star 🍴 Fork the project 🚀 Pick an issue and submit a pull request If you've been looking for an opportunity to work at the intersection of DevOps and AI, this is it. Let's build the open-source AI platform that every DevOps engineer wishes existed. 🔗 Repository: https://github.com/ideaweaver-ai/devops-op