AI 资讯
I built a free Unicode font generator for social bios and nicknames
I recently built Letras Diferentes , a free Unicode text-styling tool for people who want creative copy-paste fonts for bios, nicknames, social posts and gaming profiles. The idea is simple: Type normal text Preview different Unicode styles Copy the result in one click Use it on Instagram, WhatsApp, TikTok, Free Fire, Discord or social posts The project is especially focused on Portuguese-speaking users, but the tool works with general Latin text too. Main project: One thing I’m learning while building it is that Unicode text tools are not just about “fonts”. They are about UX, compatibility, mobile performance, copy buttons, favorites, categories and making the result easy to use on real platforms. I’m still improving the interface, categories and mobile experience. Feedback is welcome.
AI 资讯
A real bug you can't see - and one that fixed itself (Devlog #4)
Hey. No new feature this time - just a pass through the corners before the next one. We had a list of nine bugs we'd written down and kept walking past. Most were small. One wasn't, and it was hiding behind a button. When you import a file the studio already has - same bytes - we ask whether to share the existing file or make an independent copy you can edit on its own. Pick "independent copy" and you expect exactly that: your own file, safe to change or delete without touching anything else. It mostly worked. But the new copy's internal name was built from how many copies already existed - copy 2, copy 3, and so on. The problem shows up after a delete. Say you had three, removed the middle one, then made another. The new one counted "two exist, so I'm number three" - but number three was already taken. The studio saw the clash, quietly kept the old file, and pointed your new scene at it. You thought you'd made a clean copy; you were sharing the original, and the real copy you just made was orphaned on disk with nothing pointing at it. Edit "your" copy later and you'd be editing the original too. Nothing crashed. Nothing warned you. That's the worst kind. The fix: stop counting, and instead look at which names are actually taken and pick the first free one - so a copy made after a delete always gets its own identity. We also made the studio shout in the logs if two files ever collide again, instead of silently dropping one. Better a loud bug than a quiet one. The rest were smaller. A menu element could jump for a single frame when you grabbed it (the drag started from where the element was saved , not where it was shown ). A countdown number sat blank for one frame before popping in. And the end screen had a leftover timing delay we fixed - which you'll never see, because that screen is solid black either way. Real bug, just invisible. The one we'd marked most important? We went to fix it and found a rebuild from two weeks ago had already solved it. We checked three
AI 资讯
I Built rtl-text-tools ( A Complete RTL Text Processing Toolkit for JavaScript )
If you’ve ever worked with Arabic, Persian, Hebrew, Urdu, or any RTL (Right-to-Left) language on the web, you probably know the pain. Mixed RTL/LTR text rendering breaks unexpectedly. Punctuation looks wrong. Numbers don’t match the locale. Ellipsis appears on the wrong side. URLs inside Arabic text become unreadable. And emails or plain-text environments completely destroy formatting. After dealing with this problem repeatedly, I decided to build: rtl-text-tools A lightweight RTL text processing toolkit for JavaScript and TypeScript. It handles: RTL detection Direction normalization Arabic/Persian digit conversion RTL punctuation conversion Ellipsis fixing Unicode bidi wrapping CSS helpers DOM helpers And it works all the way back to IE11 with zero runtime dependencies. Why This Exists Most internationalization libraries focus on translations and formatting APIs. But very few actually solve the rendering problems of RTL text itself. For example: "مرحبا, رقم 123..." Visually, this often renders awkwardly in mixed-direction environments. You usually want: "...مرحبا، رقم ۱۲۳" That means: move ellipsis to the correct visual side convert punctuation convert digits preserve RTL readability That’s exactly what rtl-text-tools does. Installation npm install rtl-text-tools Quick Example import { fixRTL } from ' rtl-text-tools ' ; fixRTL ( ' مرحبا, رقم 123... ' ); // → "...مرحبا، رقم ۱۲۳" Arabic digits are also supported: fixRTL ( ' مرحبا, رقم 123... ' , { lang : ' arabic ' }); // → "...مرحبا، رقم ١٢٣" If the text isn’t RTL, it returns the original string unchanged: fixRTL ( ' Hello world ' ); // → "Hello world" Features 1. RTL Detection Detect whether text contains RTL scripts. import { hasRTL } from ' rtl-text-tools ' ; hasRTL ( ' مرحبا ' ); // true hasRTL ( ' שלום ' ); // true hasRTL ( ' Hello ' ); // false Supports: Arabic Hebrew Persian/Farsi Urdu Syriac Thaana N’Ko Samaritan Mandaic and more 2. Digit Conversion Convert Latin digits into locale-specific numerals. Persian
AI 资讯
SynaptoRoute v0.3.0: Matching Semantic Router While Scaling to 50,000 Routes
This is a follow-up to SynaptoRoute: A Study in Local Semantic Routing . If you haven't read it, the short version is: SynaptoRoute is a zero-token semantic routing engine that classifies user queries into intents using local embeddings instead of LLM API calls. SynaptoRoute v0.3.0: Matching Semantic Router While Scaling to 50,000 Routes What Changed Since v0.2.0 When I published the first post, SynaptoRoute had just shipped dynamic batching and O(1) hot-reload. The throughput numbers were promising, but the accuracy story was incomplete. I had internal benchmarks but no comparison against a widely adopted baseline under identical, reproducible conditions. That gap is now closed. v0.3.0 is live on PyPI: pip install synaptoroute == 0.3.0 The Benchmarking Journey Getting to these numbers took multiple benchmark revisions. Early synthetic datasets produced catastrophic accuracy collapse and initially suggested that both SynaptoRoute and Semantic Router were performing poorly. After deeper investigation, the root cause turned out to be flaws in the dataset generation pipeline rather than limitations of the routing engines themselves. Several rounds of validation, failure analysis, threshold tuning, adversarial testing, and external benchmarking followed. All final results presented in this article come from independent public datasets with strict train/test separation, eliminating dataset leakage and benchmark inflation. That process was valuable because it forced the project to validate assumptions against real-world data instead of relying on synthetic benchmarks. The Benchmark That Actually Matters I evaluated SynaptoRoute against Semantic Router on two standard NLU datasets. Same embedding model ( BAAI/bge-small-en-v1.5 ). Same hardware. Same evaluation script. Same train/test splits loaded from HuggingFace. CLINC150 150 intents spanning 10 domains, plus an out-of-domain class. This is the standard stress test for intent routers. Metric SynaptoRoute Semantic Router
AI 资讯
I built an AI contract review and reader tool for plain-language contract understanding
I recently launched SpotClause, a small AI contract review and reader tool. The idea came from a simple problem: contracts are often difficult to read, especially for freelancers, consultants, and small teams who receive agreements but do not work with contract language every day. SpotClause helps users: summarize contracts in plain language identify key clauses understand payment terms, renewal terms, cancellation language, obligations, and deadlines compare two contract versions and see added, removed, changed, and unchanged wording I also added a Contract Clause Library with plain-language explanations of common clauses like cancellation clauses, renewal clauses, payment terms, confidentiality clauses, and notice periods. You can try the AI Contract Review Tool here: AI Contract Review Tool You can explore the Contract Clause Library here: Contract Clause Library SpotClause is not a law firm and does not provide legal advice. The goal is to help people understand contract language more clearly. I would appreciate feedback on: whether the homepage explains the product clearly whether the AI contract review page feels understandable what clause explanations would be useful to add next
AI 资讯
I built an AI conversation simulator because I kept chickening out of real talks
Last year I needed to ask for a raise. I knew my number, I'd read the guides, I had bullet points in my notes app. Then my manager said "let's chat about your goals for next quarter" and I said "sounds great, looking forward to it" and hung up. Never brought up money. Same thing kept happening elsewhere. Coworker taking credit for my work, I said nothing. Relationship that should've ended months earlier, I kept postponing. I always knew what to say. I just couldn't say it with someone actually looking at me. So I started building a thing to practice on. That thing became cosskill . What it actually is You pick a persona, tell it the situation in a sentence, and start talking. The persona doesn't help you. It holds position and pushes back. You practice not folding. Think of it as a flight simulator for hard conversations. You rehearse until your opener comes out steady, then go do the real thing. 20 personas across five categories: Operators (Musk, Jobs): first-principles thinking, harsh product feedback Strategists (Trump, Buffett): treat everything as a deal or a bet Relationship (Ex, Coworker): breakups, workplace friction, family money Philosophy (Socrates, Aurelius, Confucius, Sun Tzu, four more): each tradition frames problems differently Psychology (Rogers, Rosenberg, Ellis, Frankl, Kahneman, Jung): therapeutic frameworks on real situations These aren't celebrity impressions. The Buffett persona won't hype your startup idea. It'll ask "what's the downside?" and keep asking until you have something concrete. Tech stack Next.js 16 on Cloudflare Workers. DeepSeek for inference. Cloudflare D1 (SQLite at edge) for the bits that need to persist. No user accounts, chat history lives in localStorage. Monthly cost stays low enough that the free tier (10 messages/day) doesn't worry me. Why I made these choices DeepSeek instead of GPT-4/Claude. Each conversation is 10-30 messages. At GPT-4 pricing a free product bleeds money. DeepSeek gives maybe 90% of the quality for
AI 资讯
🚀 Building an open-source email blast tool — free, self-hosted, no Mailchimp needed. Looking for contributors to help add: 📊 Open & click tracking 🐳 Docker support All issues are open. Jump in 👇 https://github.com/nikhilt101/email-blast-tool
GitHub - nikhilt101/email-blast-tool: Open source HTML email sender tool using CSV/XLSX + Gmail SMTP · GitHub Open source HTML email sender tool using CSV/XLSX + Gmail SMTP - nikhilt101/email-blast-tool github.com
AI 资讯
I Built a Free AI Business Manager for Street Vendors in Hindi & English
How I Built a Bilingual AI-Powered Business Manager for Street Vendors in Jamshedpur The Problem Walk through any street in Jamshedpur, Jharkhand, and you'll find hundreds of small shop owners and hawkers running their entire business from memory — stock levels, daily sales, employee wages, profit margins. They have no tools. Notebooks get lost. Mental math fails. And at the end of the day, most don't even know if they made a profit. These vendors are not tech-illiterate. They have smartphones. They use WhatsApp. But every existing business app is either too complex, too expensive, or only available in English. I wanted to solve that. The Solution — Dukaan Manager Dukaan Manager is a free, offline-capable Progressive Web App (PWA) and Android app built for small shop owners and street vendors in India. It runs entirely in the browser — no server, no subscription, no data charges beyond the initial load. Built using HTML, CSS, JavaScript , and powered by the Gemini 2.0 Flash API , it gives every small vendor access to a smart business advisor in their pocket. What It Does 📦 Stock Management Vendors can add items by name or photo. Each item stores buying price, selling price, and quantity. The app automatically calculates profit margins and flags low-stock items with colour-coded alerts. 💰 Daily Sales Recording Sales are recorded item by item, linked to which employee made the sale. The app auto-fills prices and calculates the total. Unsaved drafts survive accidental page refreshes using sessionStorage. 👥 Employee Tracking Add employees with their role, salary, phone number, and joining date. Mark daily attendance (present/absent) with one tap. Track total sales made by each employee across all time. 📅 Sales History Every saved sale is stored permanently in the browser's localStorage. History is grouped by date, collapsible, and shows daily revenue and profit — clean and simple. 🤖 AI Business Advisor (Gemini-Powered) This is where Google AI comes in. Using the Gemini
AI 资讯
I Built pretext-pdf: Serverless PDFs Without Chromium
I Built pretext-pdf: Serverless PDFs Without Chromium I got frustrated with PDF generation in Node.js. Every tool had trade-offs, and none of them felt right. The Problem Every time I needed to generate PDFs programmatically, I hit the same walls: Puppeteer — Renders HTML to PDF beautifully, but takes 500ms-2s per page. Way too slow for batch operations. wkhtmltopdf — Old, fragile, breaks in production, dependency hell. pdfmake — Good for simple invoices, falls apart with complex layouts. All of them — Overkill if you're not rendering HTML. And here's the kicker: I didn't need to render HTML. I had structured data (invoices, reports, certificates) that I needed to turn into PDFs programmatically . The Solution I built pretext-pdf — a JSON-based PDF generation library. Instead of: javascript // ❌ Puppeteer: render HTML const browser = await puppeteer.launch(); const page = await browser.newPage(); await page.setContent(html); const pdf = await page.pdf(); // 1000ms+ You do: // ✅ pretext-pdf: define structure const doc = { sections: [ { type: 'heading', text: 'Invoice' }, { type: 'table', rows: [...] } ] }; const pdf = await renderPDF(doc); // 40-100ms No Chromium. No external dependencies. Pure Node.js. Why This Matters If you're building: ✅ Invoice generation systems ✅ Dynamic reports for your SaaS ✅ AI agents that create PDFs (Claude, Cursor, Windsurf) ✅ Certificate systems ✅ Multi-language documents ...pretext-pdf is built for you. Today: v2.0.14 Launch I just shipped a major upgrade. The text layout engine (which handles how words break across lines) is now significantly better: Better CJK + Latin mixed-script handling Smarter punctuation (quotes stay with their text) 7-12% faster Zero breaking changes The Stats 337 tests passing — production-ready 0 critical vulnerabilities — secure MIT licensed — free to use Open source — contribute or fork Technical Foundation The layout engine is based on pretext by Cheng Lou (React core team). I cherry-picked 11 patches for
AI 资讯
My website has two audiences now. I only built for one of them.
The conversation about who reads your website has been shifting. Agents are part of it now. ChatGPT fetches URLs. Perplexity reads content. Shopping agents try to complete purchases. Coding agents hit your API. Most of those products were built for humans, tested against humans. The agents showed up later and quietly. When they can't figure something out, they don't complain. They just bounce. I heard the phrase "second audience" at a hackathon where you.com was one of the hosts. It stuck. That's what agents are: a second audience the web wasn't designed for and isn't being measured against. And now, I want to build something about it. A scanner that tells you what an AI agent experiences when it tries to use your website or your API. The internal name is Perseus Clew and the public product is Agentis Lux. The split is intentional: Perseus Clew is the engine name, part of a suite of AI builder tools , and Agentis Lux is the product-facing name (Latin for "light of the agent") that describes what agent users see. This isn't a launch post. I just finished a docs phase, and I'm about to write code. Before I do, I want to put this in front of dev.to builders and find out what I'm missing. What it will do Three layers: Deterministic scanning. Twelve check categories — six for frontends, six for APIs — looking at HTML, ARIA, structured data, OpenAPI specs, error responses, idempotency patterns. Same input, same score, every time. The methodology will be published, the weights will be public, and anyone can audit it. AI-readiness scoring tools have a reputation for inflating numbers and hiding their methodology, so the trust floor is making everything inspectable. That's the foundation the rest sits on. An AI-written verdict. After the score, a Bedrock call reads the top findings and writes one sentence about what an agent experiences. Something like: "An agent visiting this page can read your product descriptions, but can't tell which button starts checkout, so it can't f
AI 资讯
I built a detention-pay calculator for truckers in a day — unglamourous niches beat another AI wrapper
Every "what should I build" thread on here is full of AI wrappers fighting over the same five SaaS founders. Meanwhile there's a guy sitting at a loading dock right now, doing arithmetic in his head, who is about to undercharge his broker by a few hundred bucks because nobody built him a 30-second tool. I built that tool. It's a free detention-pay calculator for truck drivers. This is the build log — the niche-selection, the single-file stack, and two decisions (an SVG gauge and a no-mail-service auth scheme) that were more interesting than the app deserves. I'm not a trucker. I build small free web tools for industries other may find unglamourous or not enticing enough. That honesty matters later. The problem (worth $2–6k/yr to one user) Truckers get a "free time" window at a dock — usually 2 hours. Past that, the broker owes detention pay (~$50–100/hr). Drivers leave an estimated $2,000–6,000/year of it unclaimed, mostly because the math + the paperwork is annoying enough to skip. So the spec wrote itself: In/out times + free hours + rate → dollars owed. Export a dispute-ready PDF they can email the broker. Work on a phone, no login, instant. Validating before writing a line The mistake I almost made: assume the niche is empty because I'd never heard of it. I checked. It is not empty — DockClaim ($49/mo, GPS tracking), Detention Buddy, a couple of $9.99/mo App Store apps, even a free email-gated web calculator or two. That killed my first instinct ("be the only one") but clarified the real wedge: everything is a paid app download or email-gated. The opening was a genuinely free, no-signup, instant web version that also generates the claim PDF. Not "the only detention tool" — the one with the least friction. I'll say more on why I'm careful about that claim at the end. Lesson: validate to find your angle , not just a go/no-go. "Crowded but all friction-heavy" is a fine market. The stack: one HTML file No framework. The whole app is a single self-contained .html — m
AI 资讯
SQL-like Queries in FSRS Plugin for Obsidian
SQL-like Queries in FSRS Plugin for Obsidian Spaced repetition in Obsidian usually works as "show all cards with due earlier than today." That's enough for simple cases, but once you have hundreds of notes, you want to filter, sort, and select. My FSRS plugin now has a query language resembling SQL. It turns a markdown block into a live table that updates with every review. ``` fsrs-table SELECT file as "Note", r as "Retrievability", date_format(due, '%d.%m.%Y') as "Due" WHERE r < 0.7 ORDER BY r ASC LIMIT 20 ``` → the table shows the 20 most "forgotten" cards, sorted by retrieval probability. From Simple Settings to an Embedded DB Initially I planned to offer table settings using standard SQL syntax. But pretty quickly the syntax became a real query language, and the implementation itself — an embedded lightweight DB. High-level test coverage in TypeScript made it easy to iterate on functionality located in the WASM module via an AI agent. When faced with dual-language testing (TypeScript + Rust), the artificial intelligence prefers to do the job properly rather than fake it. After implementing the lexer → parser → AST → evaluator pipeline for numeric values, I extended it to strings, added filtering via WHERE, then functions. Extending the syntax or adding a function came down to a single request to the agent — and a feasibility check. What's Inside fsrs-table Supported Features SELECT — choose fields, rename via AS . WHERE — conditions with = , != , < , > , <= , >= , AND , OR . ORDER BY — sort ascending ( ASC ) or descending ( DESC ). LIMIT — cap the number of rows. date_format() — convert the due date to any text format. Available fields: Field (alias) Type Description file string path to the note due date next review date stability (s) number stability in days difficulty (d) number difficulty retrievability (r) number probability of recall (0…1) reps number total number of reviews state string New, Learning, Review, or Relearning elapsed number days since last r
AI 资讯
I created a fork of GunDB and rewrote it in TypeScript using Vibe Code
Inspired by a similar project called GenosDB and Cloudflare’s initiative to rebuild Next.js, I decided to rebuild GunDB with a modern coding style, incorporating improvements and addressing shortcomings in the original technology. I used the OpenCode tool with the Big Pickle model to rewrite the project in a new graph database called Garfo (the Portuguese word for “fork”), and I was impressed with the results and its practical applications. In this article, I’ll explain the technology and its improvements over GunDB. Introduction Garfo is a modern, browser-first fork of GUN.js — the decentralized, offline-first graph database. A fork of the original project that keeps the familiar GUN graph API while bringing meaningful improvements to the modern JavaScript ecosystem. Why a Fork? GUN.js is a revolutionary technology — a graph database that syncs in real time, works peer-to-peer, resolves conflicts automatically, and runs in the browser. However, the JavaScript ecosystem has evolved. TypeScript has become the standard, ES modules are the norm, and new transport layers like Nostr have emerged as promising decentralized protocols. Garfo was born to fill these gaps: a GUN rewritten with modern typing, designed with the browser as a first-class citizen, and with native support for the Nostr protocol. Key Features Familiar Graph API If you've used GUN before, you'll feel right at home. Garfo exposes the same chainable API: import Garfo from ' garfo ' ; const db = new Garfo ({ localStorage : true }); db . get ( ' users ' ). get ( ' alice ' ). put ({ name : ' Alice ' , status : ' online ' }); db . get ( ' users ' ). get ( ' alice ' ). on ( profile => { console . log ( ' Update: ' , profile ); }); All the classic methods are there: get() , put() , set() , on() , once() , map() . Optional Nostr Transport This is one of the most exciting additions. Garfo can use Nostr relays as a transport layer, allowing peers to exchange graph messages through public or private relays: const
AI 资讯
BAIXAR VÍDEO DO YOUTUBE
Criei um gerenciador de downloads desktop em Python e quero feedback da comunidade! O PyFlowDownloader é um app desktop feito com Python + PySide6 que usa yt-dlp para baixar vídeos e áudios de forma assíncrona do youtube. Algumas coisas que ele já faz: Fila de downloads com progresso em tempo real Cancelamento de downloads ativos ou pendentes Suporte a MP4 e MP3, de 144p até 1080p Histórico com exportação para CSV Interface desktop com tema visual via QSS Build para Windows via PyInstaller + pipeline de release no GitHub Actions Está na versão v0.3.0 e ainda tem muito espaço pra crescer. Repositório: https://github.com/Vinny00101/PyFlowDownloader Se você puder **testar e deixar sua opinião nos comentários, ficaria muito grato! Quer saber: O que achou da experiência de uso? Algum bug que encontrou? O que você adicionaria ou melhoraria no projeto? Todo feedback é bem-vindo!
AI 资讯
Show HN: DCAP — A security analyzer that admits when it fails Most tools lie with false "PASS". DCAP reports "Pattern Vacuum" instead. Zero false positives. Self-verifying (6/6). Forensic reports. 900ms/94 files. Open source. github.com/aim-core/dcap
AI 资讯
Building ReefWatch, a Coral-Powered Production Triage Agent
Production incidents almost never break in one place. The alert fires in one tool. The broken deploy is in Netlify. The suspicious change is in GitHub. The stack trace is in Sentry. The human context is in Slack. The runbook is in Notion. The "is this actually paging someone?" answer is in PagerDuty. A normal chatbot can sound helpful in that situation. It can say things like "you should check your recent deployments" and "look for related errors in Sentry." But that is not triage. That is a polished to-do list. I wanted something more useful: an agent that could go get the evidence, connect the dots across sources, show its work, and give an operator-grade answer grounded in real system data. The design constraint from the start was simple: no evidence, no answer. That became ReefWatch , a Coral-powered production triage agent built to investigate instead of improvise. It discovers the tools connected to a workspace at runtime, queries them as evidence, correlates records across systems, and produces a compact answer only when the facts support one. Coral became the backbone because it turns the messiest part of agent tooling into something the model can actually reason about: SQL . What This Guide Builds By the end of this route, you will have a blueprint for an agent that can: discover connected Coral sources at runtime query production systems through read-only SQL correlate evidence across code, deploys, errors, alerts, chats, and runbooks stream every query and row count into an inspectable UI run the same investigation workflow from a CLI when you want a scriptable path generate an incident report only when the evidence supports one stay focused with policy layers instead of a giant prompt blob In one sentence: ReefWatch is a Coral-powered investigation workspace that lets an agent discover connected tools at runtime, query them with read-only SQL, stream the evidence trail, and generate an incident report only when the facts actually support one. Why Coral B
AI 资讯
The Real Sovereign OS - OnemanBSD updated!
I lost more than 60 days but I made a huge update All OnemanBSD OS is now 64 bits. I also removed all bloat like Rust, Wayland and Qt dependencies from all app ports used in the system. (mpv was changed to gnome-mplayer because of that). New apps included (+ fixed source code of everything): audacity (audio editor) godot (game editor) deadbeef (mp3 player) ted (word processor) Also some bug fixes. Here is the link again: http://bialamusic.com/onemanBSD/ Here are my thoughts: I feel that we as humans are loosing control over technology that was created by humans. This is rising some serious and strange questions. I think we now need tools to power the individual so we can fight back. Not corporations. Not governments. Not organizations. Consider this my bullet in this battle. It is now in your hands so you can be active developers not just passive users.
AI 资讯
I Ran 200+ Website Audits — Here's What's Actually Broken in 2026
Over the last few weeks I built a website audit tool and ran it on 200+ small business and service websites — dental practices, plumbing companies, landscapers, law firms, real estate agents. Not Fortune 500 pages optimized by dedicated teams. The sites that actually serve local customers. I expected some issues. I did not expect this. Here's the raw data, the patterns I found, and what you can actually do about it. The Scorecard I grade sites across five dimensions on a 0–100 scale. Here are the averages from 200+ audits: Dimension Average Score Worst Score Speed 56 11 SEO 68 29 Mobile usability 61 18 Accessibility 52 8 Security 70 17 SEO and security tend to be passable (automated checks from Google Search Console and automatic SSL help). Speed and accessibility are consistently neglected — probably because the feedback loop is invisible. A slow or inaccessible site loses visitors silently, and the owner never knows why. Finding #1: 67% of Sites Ship >50% Unused CSS This was the single most surprising data point by far. When a browser loads a page, it downloads every byte of CSS, parses it, builds style rules for every selector, and only then paints. If 60% of those rules never get applied (because they target a contact form behind a click, or a mobile menu at 768px+), the browser still processed them. Worst case: a dental practice shipped 287 KB of CSS. Only 31 KB was used on first paint. That's 256 KB of unnecessary render-blocking weight that delayed First Contentful Paint by roughly 1.4 seconds. The fix: If you're using Tailwind, make sure tree-shaking is enabled. If you're writing vanilla CSS, open DevTools > Coverage tab > Reload. Anything over 40% unused is worth addressing. Most bundlers handle this — you just need to turn it on. Finding #2: Average Image Payload Is 1.8 MB — Way Too High Average image payload across all scanned sites: 1.8 MB per page. Only 34% serve WebP or AVIF (modern formats that cut file size by 30-50%). Only 28% serve responsive sizes
AI 资讯
I'm 15, Built My First Real Project in 4 Days, and Put It on Gumroad
I'm 15 and Built an AI Energy Dashboard with Next.js 15 + Groq Hey Dev.to! 👋 I'm a 15-year-old student developer from South Korea. I just finished my first real production project — FuelScope AI. What is it? An energy market intelligence dashboard that uses Groq's Llama 3.3 70B to summarize real energy news in real time. 🔗 Live Demo: https://fuelscope-ai.vercel.app What it does ⛽ Regional gas price cards 📈 Energy stock tickers (XOM, CVX, SHEL) 🤖 AI-summarized energy news (Llama 3.3 70B via Groq) 🗺️ Interactive Mapbox station map 📍 GPS nearest station finder 🎨 Apple-inspired clean design Tech Stack Next.js 15 + TypeScript Tailwind CSS Groq API (Llama 3.3 70B) — FREE tier GNews API — FREE tier Mapbox GL JS Vercel deployment What I learned This was my first time building something with: Real API integrations AI summarization pipeline Production deployment on Vercel Apple design system principles Honestly learned more in 4 days building this than months of tutorials. Honest disclosure Gas prices and stock data are mock values — the README includes guides for swapping in real APIs (EIA, Alpha Vantage, etc.). The AI news summaries are 100% live though. Template I'm selling the template for $19 on Gumroad if anyone wants to build on top of it: 👉 https://LZF01.gumroad.com/l/djzoaj Would love any feedback from the community! 🙏 Built with Next.js 15, Groq, GNews, Mapbox
AI 资讯
Secure Your Microservices: Meet Halimun, the High-Performance Encrypted Proxy
Meet Halimun Proxy a high-performance, ultra-low latency proxy tunnel system built from the ground up in Rust. Why Rust? By leveraging Rust , Halimun achieves extreme efficiency. Using the Axum web framework and Tokio for non-blocking asynchronous I/O, it manages to maintain a tiny footprint—running on as little as ~15MB of RAM . It’s designed to be fast, memory-safe, and incredibly stable under load. Core Security Features Halimun isn't just a proxy; it’s a security layer. It enforces strict request validation to ensure your internal services are never exposed to malicious actors: AES-256-CBC Encryption: End-to-end payload masking. Even if your traffic is intercepted, the actual API endpoint and data remain indecipherable. HMAC-SHA256 Integrity: Validates that data hasn't been tampered with in transit. Replay Attack Prevention: Uses Nonce and timestamp verification in-memory (via DashMap ) to reject duplicate spoofed requests. SSRF Protection: Built-in mechanisms to prevent attackers from targeting your internal network infrastructure (e.g., 127.0.0.1 ). Camouflage Routing: It hides your actual API structure behind random, dummy URL segments, making traffic profiling by WAFs or human analysts nearly impossible. Quick Start (Docker) Halimun is "Docker-ready," making it easy to drop into any existing infrastructure. 1. Configuration First, generate your encryption keys using the built-in generator: # Generate keys and save to .env docker build -t halimun-proxy . docker run --rm halimun-proxy ./halimun-proxy --keygen --format = env > .env 2. Deployment Configure your config.yaml to map your backend services, then launch your cluster: docker-compose up -d Your production proxy is now live, listening securely on port 80 while your backend services remain completely secluded within a private Docker network. Under the Hood: Request Lifecycle Halimun uses an encrypted tunnel approach. A typical request follows this structure: POST /proxy/1/SEGMENT1/SEGMENT2/SEGMENT3/SEGMEN