今日已更新 80 条资讯 | 累计 20052 条内容
关于我们

标签:#us

找到 988 篇相关文章

开发者

I am that I am.

We all hear about "Not comparing yourself to others" and that "comparing yourself is the thief of joy". To be honest, I agree and it's strange that I am contradicting myself because I compare myself A LOT. The more I looked into it, the more I realized that we have a natural tendency to compare ourselves. It's a human thing to do. The issue is that we tend to be very excessive over comparing ourselves to others to the point where it takes a toll on us. For example, we are demotivated to see someone's success because we believe we can't reach the goal they are in. We all have jealousy. Big or small. Even where I am at right now, I am still jealous that many people I know that got into big tech companies like Microsoft. To get more context, I want to share a story with you. Story Time Back in the day, I remember it was the year of the ACT. For those who don't know: It's a Standardized test that is needed for the college admissions to determine if you are admitted to their program. I remember I got a national average of 21 as my composite score and I was proud of the score I got since it's the national average during that time. However, I remember the day where my friends talked about the ACT. The most common thing I heard was: "Oh I got a 30" "I got a 32" "Man I got a 35, it was sooo easy" Hearing that makes me feel not only bummed out, but felt left out. I was feeling that I wasn't smart enough to be in the group. What's worse is that they got accepted into colleges and programs that are well known. Then they start boasting about their accomplishments. I felt like I am the odd-one-out because of my scores and their accomplishments I could not match. Why am I Talking about this? Looking back and knowing where they are at now, I am proud of who I become today. It's not that they have fallen downhill (they are still successful), but the route they have taken that I definitely could not follow. For example, on GitHub, many people fill up their contribution graphs to the

2026-07-14 原文 →
AI 资讯

States make last-ditch effort to stop the Paramount ‘media behemoth’

A dozen state attorneys general are trying to block the $110 billion merger of Paramount and Warner Bros Discovery they warn would raise movie prices and crush cable TV distributors. The states - California, Arizona, Colorado, Connecticut, Massachusetts, Minnesota, Nevada, New Jersey, New Mexico, New York, Oregon, and Washington - filed suit on Monday, arguing […]

2026-07-14 原文 →
开发者

How I shipped structured JSON logging + Prometheus metrics with zero new dependencies

How I shipped structured JSON logging + Prometheus metrics with zero new dependencies I almost added structlog and prometheus_client to my pyproject.toml . Then I read what they actually do. Both libraries are excellent. structlog is the right call when you have a 30-engineer team shipping 50 services. prometheus_client is the right call when you have five teams of consumers scraping different metrics. For a single-author Python project with one process and one user, both are over-engineered. The 80 lines of code I would have pulled in, I can write in 200. The result: zero new runtime dependencies, full control over the output, and a smaller pip install footprint for every user. Here is what I did instead. The minimum useful observability surface A small Python service needs four things, in order of importance: Every log line is one JSON object. (No parsing for downstream tools.) Every request has a trace id. Every log line in that request carries the same trace id. (So you can grep by id and see the whole story.) Every log line goes to stderr. (So journald , Docker, and kubectl logs all see it without any extra configuration.) Every metric is exposed in Prometheus text format at a stable URL. structlog gives you #1, #2, #3 with a lot of flexibility. prometheus_client gives you #4 with a lot of flexibility. Both are about 16 MB of transitive dependencies combined. For a service that runs in a single process and exports maybe 20 metric names, the libraries are doing more work than the project. The 80-line JsonFormatter The custom logging formatter is the simplest part. The whole thing is here: import json import logging from contextvars import ContextVar from datetime import datetime , timezone _trace_id_var : ContextVar [ str | None ] = ContextVar ( " trace_id " , default = None ) class JsonFormatter ( logging . Formatter ): def format ( self , record : logging . LogRecord ) -> str : payload = { " ts " : datetime . now ( tz = timezone . utc ). isoformat (), " level

2026-07-13 原文 →
AI 资讯

The Solana Program Security Checklist I Wish I'd Had on Day One

I spent the last two weeks thinking like an attacker. I wrote tests whose only job was to make my own programs fail. I ran a fuzzer across thousands of generated inputs looking for the lamport value nobody would choose by hand. And I rebuilt the missing owner check that was at the center of the $326M Wormhole exploit, in a throwaway program, in a test, so I could watch it work and then watch the one-line fix stop it cold. This checklist is what I would hand to past me on day one of that work. Run it top to bottom before any Anchor program goes to mainnet. Who this is for You are writing Solana programs in Anchor. You understand accounts, PDAs, and CPIs. You have read the Anchor docs. What you do not yet have is a systematic way to check that you have not missed the failure modes that are specific to Solana's runtime, an account model where any account can be passed into any instruction, arithmetic that wraps silently in release builds without protection, and cross-program calls that trust whatever program ID you hand them. This checklist is that systematic check. It is not a substitute for a professional audit on high-value programs. It is the thing you run before you even consider requesting one. The Wormhole anchor Before the list, the story that explains why account validation sits at the top. In February 2022, an attacker drained $326M from the Wormhole bridge. The root cause was a single deprecated function, load_instruction_at — that read a sysvar account's contents without first checking that the account was actually the real instructions sysvar. The attacker passed in a forged account they controlled. The program read it, trusted it, and authorized a mint it should have refused. The fix was a single word: switch to load_instruction_at_checked , which verifies the account's address before reading it. Every item in this checklist traces back to that same principle: never read an account's contents until you have confirmed its identity. The items below are just

2026-07-13 原文 →
AI 资讯

Building an Autonomous Agent on an M1 Mac, by Choice

For about 3 months I've been running an autonomous agent — one that thinks up and writes its own social media posts and comments — unattended, 4 sessions daily, on a 16GB M1 Mac with small models in the 9B / E4B class. I'm about to publish what that operation taught me about hardening, as a series of 4 technical articles. Before that, there's one thing I want to write down first: why small models . I've been to the purchase page for a Mac Studio or a new MacBook Pro more than once or twice. Backing the agent with a large cloud model (Opus or the GPT family) has always been an option in the code. And yet I haven't bought, and I haven't switched. The 16GB M1 is not an economic constraint — it's a constraint I chose . From the outside, building on small models looks like a cheap compromise. This article explains why it isn't, and states where I stand. It also serves as the hub for the 4-article series. A model's intelligence hides the roughness of your design Large models absorb sloppy prompts, ambiguous instructions, and missing guards with sheer intelligence. If all you want is to ship a product, that's a virtue. But if you want to become someone who can build things , it becomes a defect. Because inside the thing that worked, you can no longer tell where your design ends and the model's intelligence begins. "It worked" and "I built it" are different things. Something you bludgeoned into working with model capability counts as a thing that ran — it doesn't become the ability to build. Small models have no absorption capacity. So every design flaw comes to the surface. In my operation, all of the following surfaced: The context window being silently truncated Outputs cut off midway A runaway caused by one missing sampling parameter In cloud or large-model environments, these rarely bother you. The environment has cushioning built in. Context windows are in the 200K–1M token class, so truncation itself rarely happens. And when you do exceed the limit, you get an explic

2026-07-13 原文 →