今日已更新 353 条资讯 | 累计 21219 条内容
关于我们

标签:#programming

找到 1401 篇相关文章

AI 资讯

FiXiY - Find X in Y

TRIESTE, Italy – For developers, system administrators, and digital hoarders alike, the daily struggle of locating a specific snippet of text buried deep inside hundreds of nested project files is a universal headache. While heavy-handed IDEs and clunky terminal commands exist, they often feel like using a sledgehammer to crack a nut. Enter FiXiY, a lightweight, blazing-fast utility designed to do exactly one thing flawlessly: scan a folder and find precisely what you’re looking for inside the files. Created by software engineer Lorenzo Battilocchi (known online as XeroHero), FiXiY has officially launched as a free, open-source project on GitHub. Simplicity Meets Speed Unlike built-in operating system searches that are notorious for missing code snippets or taking ages to index, FiXiY bypasses the bloat. It provides a localized, no-nonsense approach to file-content searching. Users simply point the tool to a folder, type in the phrase, string, or code block they need, and FiXiY maps out every instance across all supported file types within seconds. "As developers and creators, we waste an incredible amount of cumulative time just navigating our own file structures looking for a variable, a configuration line, or a specific piece of text," says creator Lorenzo Battilocchi. "FiXiY was built out of necessity. It’s a nimble, friction-free alternative for anyone who wants instant answers without waiting for a massive IDE to load or fighting with complex regex syntax in a terminal." Key Features of FiXiY: Deep Folder Scanning: Recursively searches through complex directory trees and nested folders seamlessly. Intelligent Text Matching: Pinpoints exact strings of text, code, or data buried within plain text, source code, scripts, and logs. Lightweight Footprint: Operates with zero background bloat, making it perfect for rapid-fire asset hunting on any machine. 100% Open Source: Built transparently for the community, ensuring full privacy with no data leaving your local mac

2026-05-29 原文 →
AI 资讯

Human-in-the-Loop AI Workflow Automation with Make, FastAPI, OpenAI, and Monday CRM

AI workflow automation looks simple in demos. A form submission comes in. An AI model reads it. The CRM gets updated. A Slack message goes out. An email is sent. But once you move from demo to production, the workflow becomes more sensitive. What happens if the AI summary is wrong? What happens if the CRM is updated with incomplete data? What happens if the customer request needs human approval before the next step? What happens when a workflow fails halfway? That is where AI workflow automation needs better architecture. In one recent project, we designed an AI workflow automation system using: Make.com for workflow orchestration FastAPI for custom backend logic OpenAI/GPT APIs for summarization and structured output Monday.com CRM for record management Slack for internal notifications Gmail for email-based communication Human review steps for approval and control The goal was not to build a chatbot. The goal was to reduce repetitive manual review work while keeping the workflow controlled, traceable, and practical for daily business use. The workflow problem The original workflow had several manual steps: A new request came in. Someone reviewed the request manually. Important information was extracted. A CRM record was created or updated. The internal team was notified. A follow-up email was prepared or sent. The team tracked the workflow manually. This kind of workflow is common in service businesses, operations teams, sales teams, and CRM-heavy processes. The pain was not that any one step was too difficult. The pain was that the same steps repeated again and again. That makes the workflow slow, inconsistent, and dependent on manual copy-paste work. Why not fully automate everything? The obvious idea is: Let AI read the request and update everything automatically. But that can be risky. AI-generated output can be incomplete, overconfident, or slightly wrong. That may be acceptable if the output is only a draft. It is not acceptable if the output directly updates

2026-05-29 原文 →
AI 资讯

The New Shape of Supply-Chain Trust

One poisoned extension, one package install, one CI workflow. Any of them can now be the first domino. That is the uncomfortable lesson from the latest Shai-Hulud activity and GitHub’s recently confirmed internal-repository breach. The scary part is not only the number of affected packages, tokens, or repositories. Counts move fast. The scarier part is where the attacker code ran: inside the trusted developer and CI path. The modern supply chain is not just “the dependencies we ship to production.” It is your IDE, your package manager, your GitHub Actions runner, your cache keys, your OIDC flow, your local gh auth, your AI coding tool config, and the cloud account that quietly pays the bill when something goes sideways. What happened, briefly CISA described the original Shai-Hulud wave as a self-replicating npm worm that compromised more than 500 packages and targeted GitHub personal access tokens plus AWS, GCP, and Azure keys. GitHub later said it removed 500+ compromised packages and began pushing npm toward shorter-lived credentials, 2FA enforcement, and trusted publishing. The later waves got more CI-aware. Instead of only stealing npm tokens from maintainers, they looked for credentials inside build environments, abused publishing workflows, and used the build system itself as distribution. Microsoft’s May 2026 reporting on the @antv ecosystem described a “Mini Shai-Hulud” style campaign that targeted GitHub Actions environments and stole GitHub, AWS, Vault, npm, Kubernetes, and 1Password secrets. Microsoft said GitHub removed 640 malicious packages and invalidated 61,274 npm granular access tokens with write permissions and 2FA bypass. Then GitHub confirmed an incident involving a compromised employee device and a poisoned third-party VS Code extension. GitHub said the attacker’s claim of roughly 3,800 internal repositories was “directionally consistent” with its investigation, while also saying its current assessment was exfiltration of GitHub-internal reposi

2026-05-28 原文 →
AI 资讯

Software Engineering: The Art of Thinking Out Loud (with AI)

A colleague said something to me recently that I keep coming back to: "Often, by the time you've finished articulating a complex problem for the AI, you've already solved it yourself." It sounds almost like a joke. You open a chat window, start typing out your problem in careful detail — and somewhere in the middle of the second paragraph, the answer appears. Not from the AI. From you. If you've worked with LLMs seriously, you've probably experienced this. And I think it points to something important about what is actually changing in our craft — something that goes beyond the usual conversation about automation and job displacement. The Rubber Duck, Promoted Developers have known for decades that explaining a problem out loud helps solve it. The classic technique involves a rubber duck: you place it on your desk, narrate your code to it, and the act of articulation forces you to confront the assumptions you'd quietly made. The duck never responds. That's not the point. The LLM is a rubber duck that occasionally says something useful back. But even when it doesn't — even when the response is generic or slightly off — the discipline of formulating the prompt has already done its work. You've had to be precise. You've had to strip away ambiguity. You've had to decide what actually matters. That process is not a workaround. It is thinking. The Inversion of the Workflow In the pre-AI era, the typical development workflow looked something like this: you had a rough mental model of the solution, you started coding, and you discovered the edge cases along the way. The code was exploratory. The thinking happened during the writing. With AI assistance, that workflow inverts. Vague inputs produce vague outputs — the model has no way to compensate for an underspecified problem. So precision becomes mandatory upfront. You have to think before you type, not while you type. This is a more demanding cognitive posture. It requires holding the full shape of a problem in your head be

2026-05-28 原文 →
AI 资讯

Stream Plumbing in Embedded Systems

I've been documenting some thoughts on stream plumbing in embedded systems, based on my own frustrations encountered while interfacing modules on constrained platforms. Mostly just an attempt to formalise patterns I've found to be working well recently. Interested in hearing how others approach this. submitted by /u/MickJC_75 [link] [留言]

2026-05-28 原文 →
AI 资讯

Apache Fory Serialization 1.0.0 Released Now

Apache Fory is a blazingly fast multi-language serialization framework for idiomatic domain objects, schema IDL, and cross-language data exchange. Key Features For 1.0 Release: Unified xlang type system and xlang is default serialization mode now across java/python/c++/rust/go/c#/swift/javascript/dart/kotlin/scala. Decimal, bfloat16, dense array support for xlang serialization. Android serialization and Java annotation processor support Kotlin xlang, KSP, and schema IDL support Scala schema IDL support and scala3 macro derived serializer Serialization performance improvements submitted by /u/Shawn-Yang25 [link] [留言]

2026-05-28 原文 →
AI 资讯

Tipos de errores, Wrapping e Inspección en Go

Tabla de Contenidos Objetivo Restricciones de los Errores Basados en Texto Errores Personalizados en Go Conceptos Clave Implementar e Inspeccionar Errores Casos de Uso Comunes Para no morir en el intento y consejos que no pediste Conclusiones del Tema Objetivo Aprender a diseñar tipos de errores personalizados con metadatos de negocio en Go y a propagarlos correctamente a través del flujo de la aplicación sin perder su tipo ni su información de origen. Restricciones de los Errores Basados en Texto En programas sencillos, el uso de errors.New es perfecto. Sin embargo, en aplicaciones empresariales los errores necesitan transportar datos estructurados. Por ejemplo, si una validación de entrada falla, el frontend no solo quiere saber que "hubo un error", necesita saber qué campo exacto falló (ej. email ) y qué regla se violó (ej. formato inválido ). Si solo devolvemos una cadena de texto, la capa superior de nuestra aplicación tendría que parsear el texto del error con expresiones regulares para extraer los metadatos. Esto es extremadamente ineficiente, propenso a errores de formato y acopla la lógica interna a los mensajes de texto visibles al usuario. Tipos de Errores Comunes en Go Antes de analizar cómo propagar y envolver errores, es fundamental comprender los dos patrones principales que se utilizan en Go: Sentinel Errors : Son variables globales predefinidas que representan un estado de error estático y específico. Se definen a nivel de paquete y se comparan directamente por valor. Ejemplos estándar: io.EOF , sql.ErrNoRows . Creación: Generalmente declarados con errors.New (como var ErrNotFound = errors.New("not found") ). Custom Structs (Errores estructurados personalizados): Son estructuras que implementan la interfaz error y contienen campos adicionales para transportar metadatos dinámicos del fallo en tiempo de ejecución (como códigos de estado o parámetros de entrada). Creación: Un struct personalizado que implementa el método Error() (ej. type ValidationErr

2026-05-28 原文 →
开发者

Bugs not dead: How to catch bugs in game code

Bugs, crashes, glitches... Game development is full of them, and even experienced teams run into issues. But while no game is perfect, that doesn't mean we should stop chasing better quality. In this live session, we'll look at why even seasoned game development teams make mistakes and how you can reduce the number of issues in your own projects. What's the talk about? The speaker, Gleb Aslamov, developer advocate and static analyzer developer at PVS-Studio, will walk you through common and less obvious reasons behind code errors, share real-world bug examples from actual game projects, discuss development practices that help prevent bugs before release, and demonstrate tools designed to catch those issues early. Gleb will show some amusing bug examples from projects like osu!, GZDoom, and SanAndreas Unity. The discussion will cover how code reviews, testing, and CI/CD, combined with profilers, dynamic analyzers, and static analyzers, can help detect issues long before players ever encounter them. Also, expect to see static analysis in action, including warnings that reveal performance-sensitive issues and other hidden problems in game code. When? Mark your calendar for June 2, 2026, at 1:00 PM UTC+1 . Join the live talk and learn how to make your game code more reliable—one bug at a time. P.S. And don't forget to check your inbox to confirm the registration!

2026-05-28 原文 →