开发者
Deep Dive into Kubernetes Gateway API
I’ve just published a deep dive into Kubernetes Gateway API. The blog post covers: how Kubernetes ingress patterns evolved from Service resources to Ingress and now Gateway API why the Ingress API is limited for modern teams how Gateway API works: GatewayClass , Gateway , 5x Routes , policies, ReferenceGrant , and more what to do if you are still running the deprecated NGINX Ingress Controller how I would think about picking a Gateway API implementation: Envoy Gateway, Istio, kgateway, Traefik, NGINX Gateway Fabric, Cilium, Kong, etc. Hope you find this useful and good luck with your Ingress migrations 🙏 submitted by /u/roma-glushko [link] [留言]
AI 资讯
Captain Caveman Claude
Claude-ITect-Skill Update: Regenerating Your Claude Code Setup (Club Optional) "People assume that configuration is a strict progression of cause to effect, but actually, from a non-linear, non-subjective viewpoint, it's more like a big ball of wibbly-wobbly... skilly-willy... stuff." — a Time Lord, probably, if Time Lords shipped install scripts There is a particular flavor of pain known only to people who run Claude Code seriously: the slow, soul-eroding ritual of configuring fifty-one little things by hand. You wire one hook. You forget the second. You discover the third only exists in a Discord message from four months ago. Somewhere, a yak grows another inch of fur specifically so you can shave it. Claude-ITect-Skill exists to make that ritual unnecessary. It is a one-command starter pack that drops a curated arsenal of skills, agents, and session hooks into any project's .claude/ directory, and then, with the smug confidence of someone who has clearly been burned before, tells you to run /audit to make sure it actually worked. The author calls people like himself "Claude-ITects™," which the industry refuses to call us, and honestly, after using this, the industry should reconsider. This is the update, the regeneration , if you will. Same face-of-the-project, new internals. Let's open the TARDIS doors and see how much bigger it is on the inside. The pitch, in one breath Install it. It deposits a .claude/ folder containing 54 skills, 4 agent definitions, and 6 hook files into your project, patches your settings.json to wire up the session hooks, and gets out of your way. The README's entire onboarding flow is two words long: run audit . That restraint is the first sign you're dealing with someone who has actually used the thing he built rather than someone who just wanted a README with a lot of headers. The install story is genuinely good. PowerShell for Windows, bash for macOS/Linux, sensible --force and --skip-hooks flags, and a thoughtful -ProjectPath option
开源项目
Someone used my open source project to phish 14,000 people
submitted by /u/dreamnyt [link] [留言]
AI 资讯
The case for Direct I/O - why it matters for high performance storage
Hello everyone, Recently I published on GitHub HedgeDB , my high-perf and persisted Key-Value store. Internally, it uses Direct I/O ( O_DIRECT ) almost everywhere. In this article I explain the reasons behind this choice, also motivated from some fun experiments I had with fio that you can find in the article. and some consideration about the page cache. submitted by /u/IlPresidente995 [link] [留言]
开发者
Programming with ellipsis
submitted by /u/fpcoder [link] [留言]
开发者
Edge.js: Running Node apps inside a WebAssembly Sandbox
submitted by /u/fagnerbrack [link] [留言]
AI 资讯
Why AWS Lambda Uses Firecracker Instead of Containers
submitted by /u/viks98 [link] [留言]
开发者
I Stopped Fighting My Tools and Built a Game Engine in D
Alexandros Kapretsos describes how he used some D programming language features in his 2D game engine. He covers his approach to memory management, how he employs metaprogramming, writing scripts with D, and more. submitted by /u/aldacron [link] [留言]
开发者
The Filesystem Is the API (with TigerFS)
submitted by /u/der_gopher [link] [留言]
开发者
Someone hid a full RAT inside a fake npm package and exfiltrated victim data to HuggingFace
A malicious npm package name js-logger-pack , went through 29 versions on the registry which was looking innocuous logger and ending as a binary dropper. The payload it dropped was 81 MB of binary called MicrosoftSystem64 which is a full cross-platform RAT packaged as a Node.js Single Executable Application, so it shows up as a native binary to endpoint tools rather than a node process. And the clever bit was instead of sending the stolen data directly to a C2 server, it uploads everything to private HuggingFace datasets using an embedded API token. So all exfiltration traffic appears as normal HTTPS requests to a legitimate ML platform. If you have any of those in your install history then rotate everything like credentials, SSH keys, API tokens, crypto seed phrases. All packages list and full technical breakdown is in blog. submitted by /u/BattleRemote3157 [link] [留言]
AI 资讯
FastAPI Introduces Official VSCode Extension
FastAPI released an official VSCode extension, which includes features such as route exploration, endpoint search, and CodeLens-style navigation. This tool aims to enhance the development experience for FastAPI users. submitted by /u/Top-Rush83 [link] [留言]
AI 资讯
How to Build a Coffee Subscription on Shopify That Actually Retains Customers (A Practical Guide)
If you've ever built or set up a subscription experience on Shopify for a coffee brand, you've probably run into the same problem most merchants face: The signup flow works great. The first order goes out. And then subscribers start quietly disappearing before the third delivery. This isn't a coffee problem. It's a subscription infrastructure problem — and it's almost always caused by the same handful of missing pieces in the system underneath the storefront. In this guide I'll walk through the practical setup decisions that actually move the needle on retention for coffee subscription businesses on Shopify — from choosing the right model and pricing structure to the fulfillment calendar, dunning logic, and cancellation flow that most setups skip entirely. Why Coffee Works So Well as a Subscription Product Before getting into setup, it's worth understanding why coffee is genuinely one of the better products to build a subscription around — when the infrastructure supports it. Predictable consumption cycle. A 12-oz bag of whole beans lasts roughly two to three weeks for a single drinker. That natural rhythm makes it easy to design a billing and delivery schedule that matches actual usage patterns. Daily habit. Roughly two-thirds of American adults drink coffee every day. A subscription removes the friction of reordering, and that convenience compounds into real retention over time. Freshness as a retention argument. Coffee quality degrades noticeably after roasting. Subscribers who care about quality genuinely prefer a recurring shipment over buying retail — which means freshness becomes a built-in reason to stay subscribed that most product categories simply don't have. The global coffee subscription market reached $808.8 million in 2024 and is projected to surpass $2.2 billion by 2033. The infrastructure opportunity for developers and merchants building on Shopify is real and still early. Step 1 — Choose the Right Subscription Model Before You Build The model choic
开源项目
🗓️ Monthly Dev Report: May 2026
Hey everyone! I bring you my development journey on what I have discovered, accomplishments for this...
AI 资讯
I built a 9-agent AI dev team in a Claude Code plugin — here's what happened
The moment I realized AI coding assistants were broken I was building a side project — a simple task manager app. I opened Claude Code, typed: "Add user authentication with email and password login" …and hit enter. Twenty minutes later, I had code. A lot of code. Authentication logic, routes, middleware, even some basic tests. But there was a problem. The frontend (me, on a different day) had assumed a different API shape. The tests only covered the happy path. There was no architecture decision to reference — I just picked JWT because it felt right. And the docker-compose.yml ? It didn't exist yet. I had AI-generated code, but no real software development workflow. What was actually missing Good software isn't just code. Before you write a single line, you need: A spec that everyone (including future-you) agrees on An architecture decision that explains the why Backend and frontend designed to talk to each other Tests that prove things actually work A code review that catches security holes before they ship A deployment config that someone can actually run Normally, a team handles all of this. A PM writes the spec. An architect proposes options. Engineers implement and review each other's work. A DevOps person sets up CI/CD. What if AI could fill all those roles? Building the pipeline I built claude-dev-pipeline — a Claude Code plugin that orchestrates a team of specialized AI agents, each with a specific job. airwaves778899 / claude-dev-pipeline 7-agent full-stack development pipeline plugin for Claude Code — PM → Architect → Backend → Frontend → QA → Reviewer → DevOps claude-dev-pipeline A Claude Code plugin that orchestrates 7 specialized AI agents to take your feature request all the way from requirements analysis to production deployment — with a human-in-the-loop checkpoint at every phase. 中文說明 Why? Writing a feature involves more than just code. You need: A clear spec that everyone agrees on An architecture decision before you write a single line Backend and
AI 资讯
The Day Our Treasure Hunt Engine Blew Up at 3 AM (And How We Rebuilt It Right)
The Problem We Were Actually Solving Our event platform at Veltrix ran a treasure hunt game that gave users real-world rewards. It started as a simple Rails app with a PostgreSQL counter column for each hunt. By 3 AM on Black Friday, that counter column became a single point of failure. Every leaderboard update blocked the entire leaderboard query because PostgreSQL row-level locks escalated to table-level for SERIAL columns. Our error rate jumped from 0.2% to 18% under 2000 concurrent writes. The system didnt just slow down; it started failing writes with could not serialize access due to concurrent update deadlocks. We lost $47K in rewards payouts before we could scale up the database. What We Tried First (And Why It Failed) Our first fix was to shard the PostgreSQL counter by hunt ID, splitting the hot row into 1024 partitions. That reduced the lock contention, but introduced new problems. Each hunt now needed its own sequence, and our Rails code had to route writes to the correct shard. The shard routing introduced 400ms extra latency on leaderboard queries because we had to union results across 1024 tables. Meanwhile, PostgreSQL sequences had gaps up to 1024 when nodes restarted, so our reward payouts were off by thousands on high-traffic hunts. Our Redis cache didnt help because the leaderboard queries were point lookups against 1024 tables, and Redis couldnt pipeline those efficiently. The Architecture Decision We ripped out the PostgreSQL counter and replaced it with a Kafka Streams-based event sourcing system called HuntStream. Every hunt action (point earned, reward claimed) became an immutable event in a Kafka topic. We built a materialized view on top of RocksDB that consumed the topic and maintained the current leaderboard state in memory. The materialized view was partitioned by hunt ID, which meant leaderboard queries only hit one RocksDB partition per hunt. We used RocksDBs built-in caching to keep hot leaderboards in memory, and fall back to disk fo
AI 资讯
What actually happens when you run `go run main.go`
Hello, I'm Maneshwar. I'm building git-lrc, a Micro AI code reviewer that runs on every commit. It is...
AI 资讯
Discovering Google Lighthouse . A Small Tool That Changed How I See Web Development
Today I discovered something I honestly should have explored a long time ago: Google Lighthouse. Funny enough, revamping my portfolio is one of those projects I kept pushing forward with the classic “I’ll do it tomorrow” mindset — and somehow tomorrow kept winning. But today I finally sat down and started improving it, and during that process, I came across Lighthouse. For anyone who hasn’t heard of it yet, Google Lighthouse is an open-source automated tool designed to help developers improve the quality of web pages. You can run it on almost any page — whether it’s public or behind authentication. What immediately caught my attention is that it audits things like: Performance Accessibility SEO Best Practices And probably a few more things I’m still discovering You can run Lighthouse directly inside Chrome DevTools, through the command line, or even as a Node.js module. The process is simple: You give Lighthouse a URL, it scans the page, runs a series of audits, and then generates a detailed report showing how your website performs. What makes it powerful is that it doesn’t just tell you what’s wrong it also explains: _ Why the issue matters How it affects users And how you can fix it _ As a beginner software engineer and developer, I’m slowly realizing that writing code is only one part of building great applications. Performance, accessibility, maintainability, and user experience matter just as much. And honestly, tools like Lighthouse make the learning process feel less overwhelming because they point you in the right direction. One thing I’ll say though don’t fall into the trap of chasing a perfect Lighthouse score instead of building useful projects. A lot of developers start optimizing numbers before validating whether the product itself solves a real problem. Lighthouse is a guide, not the final goal. For my portfolio specifically, Lighthouse exposed a few weaknesses immediately: Large unoptimized images Accessibility issues Slow-loading assets Missing metad
AI 资讯
This Rewrite Isnt the Constraint: How a 300ms Tail Latency Hunt Led to a New Event Pipeline
We were burning 400ms in p99 tail latency on a core event-processing path in Veltrix. The upstream teams kept blaming the network, but the numbers didnt lie—64% of the time was spent inside the JVM, specifically in sun.misc.Unsafe.park during GC pauses. Every time we hit 80% heap pressure, the throughput collapsed and we lost 300k events per minute. That was the exact moment I stopped believing in the JVM as the runtime and started looking at the system boundary. The first attempt was aggressively tuned HotSpot with G1GC and pinning the critical threads to their own NUMA nodes. We set -XX:MaxGCPauseMillis=20 , -XX:+UseNUMA , and even migrated to Azul Zulu Prime because its handling of large heaps was supposedly better. The p99 dropped to 280ms, but the GC telemetry still showed a sawtooth pattern of 30–40ms spikes every 230ms on a 16GB heap. Profiling with JDK Flight Recorder told us 18% of CPU time was spent in card-table scanning. At that point I knew we were fighting the runtime, not the problem. The event pipeline was small—just JSON parsing, enrichment, and a single RocksDB write—but the JVMs generational collector couldnt stop moving objects. The architecture decision came during a four-day blackout window after a failed Blue-Green deploy. Three of us sat in a war room with a single Grafana dashboard showing 100% CPU steal time on the Kubernetes nodes. We had two choices: squeeze more life out of the JVM by manually balancing the heap or rewrite the critical hot path in Rust and give the compiler full control over memory layout. The Rust option meant losing the JVM ecosystem (no more async-profiler, no more one-liner heap dumps) but gave us stackless futures, zero-cost abstractions, and compile-time memory safety. We chose Rust. We forked the Cargo.toml wed used in a sidecar for metrics and started porting the event collector. The numbers after the rewrite told the story. We recompiled the same two endpoints— POST /events and GET /aggregates —and served them f
开发者
Node.js worker threads are problematic, but they work great for us
submitted by /u/fagnerbrack [link] [留言]
AI 资讯
Stop Upgrading the Model. Start Engineering the Harness.
When a team hits a ceiling with their coding agent, the first instinct is to reach for a better model. The reasoning feels obvious: the model is the part that produces the code, the code is the part that is wrong, therefore a smarter model will produce more correct code. Wait for the next release. Switch providers. Bump the tier. This is sometimes right. It is much more often wrong, and the cost of being wrong about it is that you spend months waiting for a model upgrade to solve a problem the model was never the cause of. The harness is the cause of the problem more often than the model. Most teams discover this only after they have exhausted the model-upgrade reflex and finally turn to look at everything else. What a model upgrade actually buys you Newer, stronger models do tangibly improve some things. They handle longer contexts more reliably. They make fewer simple reasoning errors on complex tasks. They follow nuanced instructions more closely. On a fixed prompt, with a fixed task, a better model produces a better answer. What model upgrades do not change: The fact that the agent has no idea your team prefers functional components over class components, because the convention is not in any file the agent reads. The fact that your tests do not actually fail when the code is wrong, so the agent can ship broken code that passes CI. The fact that your codebase has three different ways of handling errors and the agent picks one at random on each PR. The fact that the rule the senior engineer keeps repeating in reviews is not encoded anywhere the next session can see. None of these are fixed by a smarter model. They are fixed by a better harness. A smarter model loaded into the same broken harness will produce slightly more sophisticated versions of the same problems. The diagnostic The diagnostic is one question: when the agent fails, does it fail because it lacked information, or because it lacked capability? A capability failure looks like: the task required reas