AI 资讯
Headless Browser Detection in 2026: What Still Trips Up Playwright
Playwright is the best browser automation library in 2026. It's also the most fingerprinted, the most detected, and the most patched in anti-bot databases. If you're running default Playwright against any platform with serious anti-bot defenses, you're getting flagged. We learned what's left of the cat-and-mouse game the hard way building HelperX . This article is what still trips up Playwright today — beyond the well-known navigator.webdriver flag, which everyone fixes in week one. The detection surface has shifted dramatically since 2022. The classic tells (PhantomJS, missing plugins, undefined chrome object) are largely solved. The new battleground is more subtle: CDP protocol artifacts, behavioral inconsistencies, and side-effects of the Playwright runtime that aren't part of the public API. What stopped working in 2024-2025 Detection on the platforms we monitor has gotten dramatically better in the last 18 months. A few things that worked in 2023 and stopped working since: Generic navigator.webdriver = undefined patches — detectable via Object.getOwnPropertyDescriptor if you do it naively Patching Notification.permission — modern detection cross-references with Permissions.query() Faking window.chrome — the property structure changed; old fakes are missing newer subkeys Setting a single User-Agent profile — detection now expects Client Hints to match Empty navigator.languages — flagged as suspicious; needs at least 2 entries These were all "set it once, ship it" fixes. The current generation of detection requires ongoing engineering. CDP artifacts: the deepest tell The Chrome DevTools Protocol (CDP) is how Playwright controls the browser. The browser exposes signals that it's being controlled, and modern detection looks for them specifically. Symptom: Runtime.evaluate artifacts When you run await page.evaluate(() => ...) , Playwright uses Runtime.evaluate under the hood. The evaluated script runs in a special isolated world. If the page can detect that an isola
AI 资讯
Fine-Tuning AI Models for Specialized Tasks
🚀 Technical Briefing: This tutorial is part of our deep-dive series on Agentic Workflows at Gate of AI . For the full technical breakdown, interactive code sandbox, and the native Arabic translation, visit the original article here . <span>Tutorial</span> <span>Advanced</span> <span>⏱ 45 min read</span> <span>© Gate of AI 2026-06-16</span> Learn how to fine-tune large language models (LLMs) to enhance communication capabilities in specialized domains, such as homeless shelters, using modern AI tools and techniques like LoRA. Prerequisites Python 3.10+ OpenAI API key (latest version) Familiarity with machine learning concepts What We're Building In this tutorial, we will embark on a journey to fine-tune a large language model (LLM) to cater to the specific communication needs of homeless shelters. By leveraging a bespoke dataset compiled from the Youth Spirit Artworks (YSA) Tiny House Empowerment Village website, we aim to create a model that can effectively assist in the nuances of communication required in such environments. The finished project will result in a model capable of generating contextually relevant and empathetic responses to inquiries typical within the homeless shelter community. This involves structuring data into a standardized question-and-answer format to enhance the training process, ensuring the model's outputs are aligned with the communication style and needs of the target audience. Setup and Installation To begin, we need to set up our development environment with the necessary tools and libraries for model fine-tuning. We'll be using Python along with the OpenAI library to interact with the LLMs. pip install openai pandas numpy Additionally, you'll need to configure environment variables to securely store your API keys. This ensures that sensitive information is not hardcoded into your scripts. .env file OPENAI_API_KEY=your_openai_api_key Step 1: Data Collection and Preparation The first step in fine-tuning our model involves collecting and
AI 资讯
I Stopped Using Heavy IDEs. AI Became My IDE.
I used to think a serious developer needed a serious IDE. Big project? Open PhpStorm. Design work? Open Photoshop. Need every refactor, every inspection, every plugin, every panel, every button? Load the heavy tool and wait for the machine to breathe again. But something changed. Not overnight, and not because those tools suddenly became bad. They are still powerful. The change is that AI started taking over the parts of the IDE I actually needed most. Today, I spend more time in VS Code and the terminal than in heavy IDEs. My machine feels lighter. My workflow feels less crowded. And honestly, I do not miss the old setup as much as I thought I would. The old IDE was a safety net For years, big IDEs won because they could see the whole project. They understood symbols, imports, frameworks, database models, refactors, formatting, inspections, and tests. A good IDE felt like a senior assistant sitting beside you, quietly warning you before you made a mess. That was valuable. It still is. But AI has started to move that intelligence out of the IDE shell. The useful part is no longer tied to one huge application. It can live in your editor, your terminal, your pull request, your CI pipeline, or even in a chat window with access to your codebase. When AI can read the files, reason about the bug, generate a test, run the test, inspect the failure, and propose a patch, the IDE becomes less like the brain of the workflow and more like one possible place to type. AI is becoming the environment The phrase "AI coding assistant" already feels too small. Autocomplete was the first version. The newer pattern is closer to an AI developer environment. You ask it to find the bug. It searches the repo. You ask it to explain a weird error. It follows the stack trace. You ask it to write a benchmark. It can create the benchmark file, run it, compare the result, and tell you what changed. You ask it to add tests. It can inspect the code path and generate cases you probably would have de
AI 资讯
The Data Refinery: How JSON Quietly Became the Language AI Agents Speak
Every tool call, every structured output, every agent decision travels as JSON. Here is the serialization knowledge that separates the amateur from the architect — now that the stakes have never been higher. A developer ships an AI agent on a Friday. In the demo it's flawless: the model reads a request, calls a tool, returns a clean answer the app renders perfectly. A week later, production dashboards are full of garbage. A date is showing up as raw text. A field that was definitely there is silently gone. Under one big payload, the whole server froze for two seconds. And here's the maddening part — nothing threw an error. The model returned JSON. The code parsed it. Everything "worked." The bug wasn't in the model, and it wasn't in the parser. It lived in the narrow gap between text and data — the place every JSON value has to cross twice. That gap is serialization , and in 2026 it has quietly become one of the most important things a JavaScript engineer can actually understand. Why now? Because the most important conversations in modern software aren't between humans anymore. They're between models and machines — an LLM deciding which tool to call, a server answering, an agent chaining ten steps together. And every one of those conversations happens in the same format: JSON. So let's open up the refinery and see how raw structure becomes a clean stream of bytes — and back again — without losing anything precious on the way. JSON is not a JavaScript object This is the misunderstanding that creates most JSON bugs, so it's worth saying plainly: JSON only looks like a JavaScript object. It isn't one. JSON is a transport format — flat, inert text meant to travel across a network or sit on a disk. A JavaScript object is a live structure in memory that your application can read, mutate, and call methods on. They resemble each other the way a flat-packed cardboard box resembles assembled furniture: same thing in spirit, completely different states. const user = { name : "
AI 资讯
How I Cut Costs 65% Migrating LangChain to DeepSeek
How I Cut Costs 65% Migrating LangChain to DeepSeek I want to tell you about a switch I made recently that genuinely surprised me. If you're running LangChain in production and haven't explored the DeepSeek models yet, this one's for you. Let me show you what I learned, what broke, and what I'll never go back to. The short version? I was burning cash on a generic LLM setup. I migrated to DeepSeek through Global API's unified interface, and my monthly inference bill dropped by over 60%. Setup took me less time than brewing coffee. Let me walk you through it. Why I Even Looked at This in the First Place Here's the thing about working in AI engineering: the model landscape moves so fast that whatever you chose six months ago is probably overpriced now. That's been my experience, anyway. When I first built my LangChain pipeline, I defaulted to a popular name-brand model because, well, that's what everyone was using. It worked. It was fine. Then I looked at my AWS bill. That's when I started digging into alternatives. And let me tell you, the rabbit hole is deep. Global API alone exposes 184 AI models at prices ranging from $0.01 to $3.50 per million tokens. That's a wild spread. The trick is finding the sweet spot where cost meets quality, and for migration workloads (think: code translation, schema conversion, content rewrites), I found it with DeepSeek. Let me show you the numbers that actually mattered to me. The Pricing Reality Nobody Talks About I built a comparison table when I was making this decision, and I want to share it because staring at these numbers side by side is what convinced me. Here's the lineup I evaluated through Global API: DeepSeek V4 Flash sits at $0.27 per million input tokens and $1.10 per million output tokens, with a 128K context window. That's my default for most production traffic now. Fast, cheap, and smart enough for almost everything. DeepSeek V4 Pro comes in at $0.55 input and $2.20 output with a beefier 200K context. I use this when
AI 资讯
Introducing coreIcons: A Lightweight Library of 352 Icons for Developers 🚀
Hey pessoal! 👋 Queria compartilhar um projeto que venho desenvolvendo para resolver um problema comum: encontrar uma biblioteca de ícones limpa, consistente e fácil de integrar, sem peso desnecessário no projeto. Apresento o coreIcons — uma coleção organizada de 352 ícones de desenvolvimento feita para workflows modernos. 📦 Por que o coreIcons? Leve e Rápido: Impacto mínimo no carregamento das suas aplicações. Organizado: Desenvolvido com uma grade (grid) e estilo totalmente consistentes. Focado no Dev: Feito para se encaixar perfeitamente nos seus projetos de frontend ou full-stack. 🚀 Como Usar É super simples! Basta acessar a nossa demonstração ao vivo, navegar pela coleção e clicar em qualquer ícone. O sistema vai fornecer instantaneamente a URL correta ou o snippet do ícone escolhido para você copiar e usar na hora. 🌟 Apoie o Projeto & Conecte-se! Se você achar essa biblioteca útil, por favor, considere deixar uma estrela ⭐️ no nosso repositório do GitHub ! Seu apoio ajuda o projeto a crescer e a alcançar mais desenvolvedores na comunidade. Também quero deixar um agradecimento enorme a todos que apoiam projetos open-source, contribuem com feedbacks e ajudam a construir um ecossistema melhor para todos nós. Vamos construir juntos! 🔗 Acesse o projeto Repositório no GitHub: https://github.com/mauriciospark/coreIcons Demonstração / Site: https://mauriciospark.github.io/coreIcons/ O que você achou? Deixe suas ideias, feedbacks ou sugestões nos comentários abaixo! 👇 Hey everyone! 👋 I wanted to share a project I've been working on to solve a common problem: finding a clean, consistent, and easy-to-integrate icon library without overhead. Meet coreIcons — an organized collection of 352 development icons built for modern workflows. 📦 Why coreIcons? Lightweight & Fast: Minimal footprint for your applications. Organized: Designed with a consistent grid and style. Developer-Centric: Built to fit smoothly into your frontend or full-stack projects. 🚀 How to Use It's extremely
AI 资讯
Distributing a Python desktop app on Windows and Mac — the full release pipeline
WP Maintenance Manager ships from a single Python codebase to both Windows and macOS. "Python is cross-platform — write once, run anywhere," the saying goes. The reality is that the distribution pipeline is completely separate per OS , each with its own pitfalls. PyInstaller / Inno Setup / Apple Notarization / eSigner — the release cycle is a combination of OS-specific toolchains. Here's the full picture, plus what to watch out for at each step. (The choice of internal architecture, Flask + browser UI, is covered separately in why we built a desktop app on local Flask + browser UI ; this post is about distributing that architecture across two operating systems.) The per-OS pipeline at a glance Step Mac Windows Build PyInstaller ( --target-arch x86_64 ) PyInstaller Distribution format .app bundle → .dmg folder → .exe installer Installer creation hdiutil / create_dmg.sh Inno Setup ( .iss script) Code signing codesign + Developer ID certificate eSigner CSC (cloud signing) Pre-distribution validation Apple Notarization SmartScreen reputation buildup Final artifact WP_Maintenance_Pro_X.X.X.dmg WP_Maintenance_Pro_Setup_X.X.X.exe Both OSes share PyInstaller, but the path diverges from there. Mac sits inside Apple's review process; Windows runs through Microsoft's reputation system. They're fundamentally different ecosystems. Mac — PyInstaller → sign → Notarization → DMG The Intel / Apple Silicon trap The first trap in Mac PyInstaller builds is architecture . Running pip install + python build_app.py on an Apple Silicon Mac without thinking produces native binaries (like cffi ) for arm64 only — which then don't run on Intel Macs at all. The fix is to run the entire build through arch -x86_64 : arch -x86_64 pip3 install -r requirements.txt arch -x86_64 python3 build_app.py That produces an .app containing only x86_64 binaries, which runs natively on Intel Macs and through Rosetta 2 on Apple Silicon — a unified distribution. Sign inside-out The .app PyInstaller produces conta
AI 资讯
Coding Burnout is Real: Build a Stress Warning Dashboard with Oura Ring & GitHub
We’ve all been there: it’s 2 AM, you’re deep in a "Refactoring Rabbit Hole," your coffee is cold, and your heart is racing. You feel productive, but is your body paying the price? As developers, we often ignore the physical signals of burnout until it's too late. In this tutorial, we are going to quantify the "Dev Grind." We'll build a Programmer Stress Warning Dashboard using the Oura Ring API to track Heart Rate Variability (HRV) and correlate it with your GitHub commit frequency . By the end of this guide, you'll have a real-time visualization of how that complex Kubernetes migration is actually affecting your nervous system. We will be utilizing HRV monitoring , biometric data visualization , and the Oura Ring API to create a predictive stress model for high-performance engineers. The Architecture 🏗️ The logic is simple: we fetch your physiological "readiness" and stress markers from Oura and overlay them with your activity from GitHub. If your commits are spiking while your HRV is tanking, it's time to step away from the keyboard. 🥑 graph TD A[Oura Cloud API] -->|HRV & Stress Levels| B(Next.js Backend) C[GitHub API] -->|Commit Frequency| B B -->|Data Aggregation| D{Correlation Engine} D -->|JSON Stream| E[D3.js Visualization] E -->|Alerts| F[Developer Dashboard] style F fill:#f96,stroke:#333,stroke-width:2px Prerequisites 🛠️ To follow this tutorial, you'll need: Oura Ring & a Personal Access Token (from the Oura Developer Portal ). Next.js (App Router) for our frontend and API routes. D3.js for crisp, reactive data visualizations. Vercel for instant deployment. Step 1: Fetching HRV Data from Oura API Heart Rate Variability (HRV) is the gold standard for measuring autonomic nervous system stress. A high HRV usually means you're recovered; a low HRV means you're under pressure. Here is a clean implementation of a Next.js API route to grab your daily stress metrics: // app/api/oura/route.ts import { NextResponse } from ' next/server ' ; export async function GET (
AI 资讯
Mistakes I Made as a New Coder- Don't Repeat Them
When I started coding, I made so many silly mistakes 😅 Today I’m sharing 3 small mistakes that every beginner developer makes: 1. Trying to write "Perfect Code" on Day 1 Bro, your code will be messy at the start. Just make it work first. Perfect comes later. 2. Watching tutorials but not coding yourself Watching videos is easy. But you only learn when you type the code on your own laptop. 3. Getting scared of errors Red error ≠ Failure. Error = Teacher. Copy it to Google, you’ll find the fix. What mistake did YOU make when you started? Tell me in the comments 👇
AI 资讯
I Got the proxy.ts Matcher Wrong for Three Projects Before I Understood Why
A few days ago I published a post about the three-layer auth model and the invoice incident that made...
AI 资讯
The Risk of Losing Your Know-how and Identity: Microsoft Satya Nadella's Warning on AI
There is a comparison that the artificial intelligence industry had kept out of the public conversation until now. Satya Nadella brought it up this Sunday in a post on X that garnered over a thousand responses in just a few hours. The metaphor he used is "industrial offshoring" . Just as the first wave of globalization hollowed out industrial economies, wiping out factory jobs and decades of competitive advantage with consequences we still feel today, artificial intelligence threatens to do the same to corporate knowledge. The Silent Drain of Expertise The mechanism Nadella describes is concrete. If an organization hands over its workflows, its domain knowledge, and the accumulated judgment of its teams to external AI models, those models absorb it. What was once a unique advantage, now could become a generic capability available to everyone. There are no layoffs or plant closures. The hollowing out happens silently, in every usage cycle, in every operation the model records and leverages. Where there was once exclusive know-how, there is now a standard resource. "You can outsource a task, or even a job. But you can never outsource the learning." Microsoft CEO Warns That AI Winners Could Hollow 'Entire Industries' - Business Insider AI models are hoovering up corporate knowledge, and that's leaving one big loser, says Satya Nadella. businessinsider.com The Invisible Asset / The Identity This warning is not directed at employees but at executives. The risk Nadella identifies is not the loss of an individual position, but the erosion of the organisation's collective intellectual property, its processes, and the judgment a team spends years building. To name this, he introduces a term that was not in the business management vocabulary until now: "Token Capital" . This represents the layer of agentic capability that a firm builds and owns when it connects its real workflows with the AI models it uses. It is not software or a database. It is a system that learns with eve
AI 资讯
15 perguntas de segurança para quem está praticando vibe coding
Outro dia, vi nos stories do Instagram uma amiga pesquisadora contando que estava usando o Claude para ressuscitar uma plataforma criada anos antes por parceiros. Ela não é da área de desenvolvimento de software. O projeto estava praticamente parado. Não havia mais recurso para manter tudo como estava. Com a ajuda da IA generativa, ela conseguiu migrar serviços, reduzir custo, melhorar performance, redesenhar partes da experiência e voltar a implementar coisas que estavam no backlog havia muito tempo. Achei aquilo inspirador! Mas também um pouco assustador. Não por ela estar usando IA generativa. Pelo contrário: acho fascinante que pessoas que não programam profissionalmente estejam conseguindo recuperar autonomia sobre projetos que antes ficavam dependentes de verba, disponibilidade de terceiros ou uma fila infinita de prioridades. O ponto que me acendeu uma luz amarela foi outro: em certo momento da conversa ela comentou que o projeto tinha dados de usuários e pagamentos via Stripe . Antes de seguir, uma ressalva: eu não gosto muito do termo "vibe coding" . Vou usar o termo aqui porque ele pegou, e porque todo mundo entende mais ou menos o que ele quer dizer: criar software com muita ajuda de IA generativa, muitas vezes sem dominar profundamente a linguagem, o framework ou a arquitetura por trás do projeto. Mas o termo me incomoda porque parece diminuir a responsabilidade envolvida. Se você está criando código, alterando código e colocando esse código no ar, você é sim uma pessoa desenvolvedora. Talvez iniciante. Talvez insegura. Talvez dependente demais da IA generativa. Talvez uma pessoa desenvolvedora ruim ou medíocre, como todos nós somos em algum recorte. Mas é. E isso traz responsabilidades. Vibe coding em uma página pessoal é uma coisa. Vibe coding em um sistema com login, dados pessoais, áreas administrativas, arquivos, integrações externas ou pagamento é outra. E aqui existe uma tensão interessante. Eu trabalho com desenvolvimento de software há bastante
AI 资讯
I 10x’d My Output by Delegating These 7 Things to AI (And Why I’ll Never Delegate These 6) - 06 of 21
By spring 2026, the division of labor between human engineers and AI had become precise enough to describe. Not speculate about. Describe. Delegate these 7 immediately: Boilerplate generation: CRUD scaffolding, config files, standard patterns. Near-human accuracy. Review required is a naming scan, not a logic audit. Test generation: 40-60% faster test development with no measurable decline in coverage quality, provided the tests are reviewed by someone who understands the domain. Documentation: 67% of companies rely on AI-assisted doc generation in 2026. The first draft is a solved problem. Your job is verifying and contextualizing. Code translation: Python to TypeScript. React to Vue. Framework migrations that once consumed sprint cycles now take hours. Routine bug fixing: Claude Code, Devin, BugBot can resolve 60% of reported bugs autonomously. Resolution time down 30-50%. Automated code review: First-pass filter before human review. Misses context issues. Doesn't replace human review. Eliminates noise so you focus on signal. Commit hygiene: Messages, PR summaries, changelog entries. Fully automatable. No meaningful error rate. Never delegate these 6: Architecture and system design: AI proposes. You decide. The tradeoffs require organizational context, team capability assessment, and long-horizon thinking no model possesses. Business context translation: The spec says "export to CSV." You ask: which users, under what conditions, with what compliance implications? AI cannot know the specification is wrong. You can. Security architecture: AI generates vulnerabilities as readily as it detects them. Adversarial thinking is not statistical. It is human. Long-horizon product thinking: What to build and why. Not how. Multi-stakeholder navigation: The politics, the relationships, the conversation with the PM that keeps the sprint on track. No model has stakes in the outcome. Agent orchestration: Designing, managing, and correcting the AI systems themselves. This is the ne
AI 资讯
Is AI Making Us More Vulnerable? The Growing Threat of Cyberattacks in the AI Era
Something feels different about security incidents lately. Breaches, leaks, account takeovers, phishing campaigns they're not new. But their frequency, sophistication, and scale seem to be growing at a pace that feels genuinely alarming. Instagram accounts hacked overnight. Corporate systems compromised in hours. Phishing emails that sound disturbingly human. As someone studying AI & Big Data, I can't help but ask: is AI responsible for this? And if so, how? I think the honest answer is: yes but in two very different ways. The two faces of AI in cybersecurity When we talk about AI and cyberattacks, most people imagine one scenario: hackers using AI to attack systems faster and smarter. That's real. But it's only half the picture. The other half is something we talk about far less: the vulnerabilities that come from integrating AI into systems in the first place. These are two very different problems. And conflating them leads to the wrong solutions. Problem 1: AI is expanding the attack surface Every time a platform integrates an AI feature, they're adding something new to their infrastructure. And new infrastructure means new potential vulnerabilities. AI systems require: Massive data pipelines more data flowing through more systems APIs connecting multiple services more endpoints that can be exploited Third-party models and tools more external dependencies, more trust relationships Real-time processing less time to detect anomalies before damage is done Many organizations are integrating AI features faster than their security teams can audit them. And the consequences are already visible. In June 2026 , hackers reportedly manipulated AI-powered support systems to gain unauthorized access to Instagram accounts. The attack didn't target traditional software vulnerabilities it targeted the AI system itself , exploiting the automated account recovery flow that Meta had built with AI. This is the new reality: attackers are no longer just targeting your code. They're ta
AI 资讯
The $0 Bug That Cost Us $1,800 in API Calls
Last quarter our OpenAI bill went from $620 to $2,480 in 23 days. No new features shipped. No traffic spike. Zero error alerts. Deployment logs were clean. Just a number climbing in silence while five engineers stared at dashboards that gave us totals and nothing else. This is what we found. And why "cost monitoring" is completely the wrong mental model. The dashboard that answers the wrong question First thing I did was open the OpenAI usage dashboard. It showed me a total. A graph going up. A model breakdown. I knew we spent $2,480. I still had no idea which feature spent it, which service triggered it, or which user was responsible. The dashboard was answering "how much" while we were desperately asking "what caused it." Those are completely different questions. Almost every cost tool on the market only answers the first one. That distinction matters more than most engineering teams realise until they are staring at a bill like ours. Three features, zero visibility We had three features hitting GPT-4o: A document summariser, triggered manually by users An inline suggestion engine, triggered on keystrokes A batch report generator, triggered on export Any one of them could be the problem. Or all three. Or one specific tenant hammering one endpoint in a loop nobody noticed. Without attribution at the feature, service, and user level, we were just guessing. So I did what most engineers do: optimised the feature that felt most expensive. Added caching to the one that ran most often. Two weeks later the bill was still climbing. Guessing at cost problems without attribution data is exactly like debugging a performance issue without a profiler. You move things around and hope. 48 hours of real data A teammate dropped CostReveal in our Slack. I set it up that evening. The Node.js SDK wraps your existing provider calls. You instrument each one with a feature name, service context, and user or tenant ID. That is the entire integration for the base case: import { CostReveal
AI 资讯
Extracting and Organizing Content from Older Websites: A Solution for Structured Documentation Including Mouse-Over Images
Introduction Extracting data from older websites is a technical challenge that goes beyond simple copy-pasting. The example website provided illustrates this perfectly: its outdated design, reliance on mouse-over interactions, and lack of structured export options create a perfect storm of extraction difficulties. This article dissects these challenges and provides a roadmap for extracting both visible content and mouse-over images while preserving data integrity. The Core Problem: Legacy Technology Meets Modern Needs The website's URL parameters ( screen_width=0&screen_height=0 ) immediately signal a legacy system likely built for a bygone era of fixed-width displays. This design choice breaks modern scraping tools that expect responsive layouts. The mouse-over images, critical to the site's content, are dynamically loaded via JavaScript , meaning they don't exist in the initial page source. This requires simulating user interactions to trigger their appearance, a task beyond basic HTML parsing. Why Manual Extraction Fails Attempting to manually save images or copy text from this site is a losing battle. The mouse-over images, for instance, are not directly downloadable – they're embedded in JavaScript events. Even if you could save them individually, maintaining their association with the corresponding visible content would be error-prone and time-consuming. This method also fails to scale for larger websites with hundreds of such elements. The Technical Solution: A Multi-Pronged Approach Effective extraction requires a combination of techniques: Browser Automation: Tools like Selenium or Puppeteer can simulate mouse movements to trigger hover events, capturing both visible and hidden content. This method mirrors human interaction , ensuring all dynamic elements are revealed. Network Request Inspection: Analyzing the website's backend requests using browser developer tools can reveal direct URLs for mouse-over images , bypassing the need for hover simulation. This
AI 资讯
Stop letting the prompt be your state machine
Stop letting the prompt be your state machine You shipped an LLM feature six months ago. Now the same user input produces wildly different outputs depending on... nothing you can point to. Something in the sampling? The time the context filled up and a chunk got dropped? Nobody knows. This is what happens when the prompt becomes your runtime. The trap: the prompt as an accidental runtime Here is what the trap looks like in TypeScript: async function handleUserRequest ( input : string ): Promise < string > { const prompt = ` You are a helpful assistant. The user said: ${ input } Previous context: ${ someGlobalContext } Decide what to do, gather any information you need, format the response, and return it. ` ; return llm . complete ( prompt ); } The model is doing everything here: deciding the intent, gathering data, formatting output, choosing what to persist. That is a footgun. You handed the runtime to a stochastic function. Gartner attributes many failed agentic AI projects to unclear value and inadequate risk controls. Deterministic, testable workflows address both. The fix is not a better prompt. The fix is to stop using the prompt as an architecture. What "deterministic" can and cannot mean here Be honest about what you can and cannot control. You cannot control: the model's exact output. It is probabilistic by design. You can control: The shape of the output (structured output plus schema validation) The steps that run before and after the model call What data enters the model What happens when the output fails validation Whether a human reviews the result before it commits to anything irreversible Determinism here means: the same inputs, the same workflow steps, the same guardrails every time. Not the same tokens every time. That is a realistic and achievable target. It is also the thing teams skip when they are moving fast. Typed workflow steps around the model call Break the work into discrete typed steps. Each step has a clear input type and a clear output
AI 资讯
What Recruiters Can't See On My GitHub
What Recruiters Can't See On My GitHub If you spend about 30 seconds looking at my GitHub profile, you might think I'm all over the place. React. Python. Healthcare. AI. Scrapers. Automation. Marketing tools. Job bots. Honestly, that's something I've worried about. I have over 100 repositories. Recruiters can see most of them, but not all of them. Some are private because they're client work. Some are private because they're unfinished. Some are private because they contain ideas I've spent years developing and I'm not quite ready to throw the blueprints onto the internet. From the outside, it can look random. But recently I realized something. All of those projects are solving the same problem. I hate repetitive work. My GitHub is here: https://github.com/ashb4 The Job Application That Broke Me I've applied to thousands of jobs over the years. Thousands. And one thing has always driven me absolutely insane. You upload your resume. Then the company immediately asks you to type your entire resume into fifteen different boxes. Your work history. Your education. Your skills. Everything. The computer already has the information. The resume is right there. Yet somehow I'm sitting on page seven of an application retyping information that already exists. It feels inefficient. It feels stupid. And most of all, it feels like a waste of time. Eventually I got annoyed enough to start building tools to help. Then I Noticed a Pattern At first I thought I was building unrelated projects. A job application helper. A content scheduler. A healthcare platform. An AI framework. A browser automation system. But when I stepped back, I noticed the same motivation behind almost all of them. Every project started with some version of: "There has to be a better way to do this." Take PostPunk. Most people see a social media scheduler. I see hours of repetitive posting that I never want to do again. I like creating content. I do not like manually posting the same content everywhere. So I buil
AI 资讯
I Moved Everything to a $4.50 Hetzner Box. Here's What Broke and What Didn't.
Last year my side project was running on AWS. A t3.small EC2 instance, an RDS PostgreSQL db.t3.micro, an S3 bucket, and a CloudFront distribution. Total bill: $47/month for an app with 200 daily users. Then someone on Reddit told me to look at Hetzner. I now run the same stack on a single CAX21 (4 vCPU ARM, 8GB RAM, 80GB SSD) for €5.49/month. Here's exactly what happened. The Migration What I was running on AWS: Node.js API (Express) PostgreSQL database Redis for sessions Nginx reverse proxy Static files on S3 + CloudFront What I moved to Hetzner: Same Node.js API PostgreSQL installed directly on the server Redis installed directly on the server Nginx + Certbot for SSL Static files served by Nginx Total migration time: one Saturday afternoon. The hardest part was setting up automated backups (solved with a cron job + Hetzner's snapshot API). What Broke Nothing critical, but: No managed database failover. On RDS, if the database crashes, AWS restarts it automatically. On Hetzner, if PostgreSQL crashes at 3 AM, I'm the one fixing it. In 8 months, this has happened zero times. But it could. No CDN by default. My static assets now serve from a single Hetzner datacenter in Germany. For my EU-heavy userbase, this is actually faster than CloudFront. For US users, it's about 50ms slower. I added Cloudflare (free tier) in front and the problem disappeared. Deployment changed. No more eb deploy or push-to-deploy. I wrote a 12-line bash script that SSHs in, pulls from git, runs migrations, and restarts PM2. Takes 8 seconds. Honestly prefer it — I know exactly what's happening. The Cost Comparison at Every Scale This is what surprised me most. The gap isn't just at my small scale — it gets wider as you grow: SpecAWSDigitalOceanVultrHetzner2 vCPU, 4GB$30/mo$24/mo$24/mo€4.50/mo4 vCPU, 8GB$61/mo$48/mo$48/mo€8.50/mo8 vCPU, 16GB$122/mo$96/mo$96/mo€16/mo Hetzner is roughly 5-7x cheaper than AWS at every tier. DigitalOcean and Vultr sit in the middle. 👉 Calculate your exact costs When
AI 资讯
Mid-Conversation System Prompts: Steering an Agent Without Breaking the Cache
Here is a problem I hit building a long-running agent: I needed to inject a new instruction partway through a session ("the project is Go, write Go") but editing the top-level system prompt to add it invalidated my entire prompt cache. Every cached turn got reprocessed at full price. The fix is a feature that landed in the current Claude models: mid-conversation system messages. Here is what it is and when to use it. The setup that breaks A long agent session has a large, stable system prompt and a growing message history, and you cache the prefix so each turn reuses the prior work cheaply. That works until you learn something mid-session that the agent needs to know: a mode toggled, the user delivered async context, files changed on disk, the token budget dropped. The naive move is to edit the system prompt to include the new fact. But the system prompt sits at the front of the cached prefix. Change one byte there and you invalidate everything after it. Your whole conversation history reprocesses at full input price on the next request. For a long session, that is expensive and slow. The fix: a system message in the messages array The current models let you put a system -role message directly in the messages array, after the history, instead of editing the top-level system : const response = await client . messages . create ( { model : " claude-opus-4-8 " , max_tokens : 16000 , system : [ { type : " text " , text : STABLE_SYSTEM , cache_control : { type : " ephemeral " } }, ], messages : [ ... history , // cached prefix, untouched { role : " user " , content : latestUserMessage }, // @ts-expect-error: role:"system" SDK types may still be landing { role : " system " , content : " This project is Go. Write all code in Go. " }, ], }, { headers : { " anthropic-beta " : " mid-conversation-system-2026-04-07 " } }, ); Because the new instruction sits after the cached history, it invalidates nothing before it. The cached prefix stays intact, you pay full price only for the