AI 资讯
Cron Job Monitoring Tools Compared: From DIY to Fully Managed
Cron's biggest problem isn't scheduling — it's silence. A cron job can fail every night for a month, and unless you're manually checking logs on the server, you won't know. No alert, no dashboard, no audit trail. Just a backup that doesn't exist when you need it, or a data sync that quietly stopped three weeks ago. Monitoring fixes this. But "cron job monitoring" means different things depending on the tool. Some watch for missing heartbeats. Some track full execution history. Some just page you when something breaks. This article compares six approaches — from writing your own monitoring scripts to using a fully managed scheduler with built-in observability — so you can pick the right one for your workload. Heartbeat Monitoring vs. Execution Monitoring Before comparing tools, understand the two fundamentally different approaches. Heartbeat monitoring (dead man's switch) is passive. Your cron job pings a monitoring URL after each run. If the ping doesn't arrive on schedule, you get an alert. This tells you whether a job ran — but not what happened . If the job runs but returns bad data, the ping still fires and the monitor stays green. Execution monitoring is active. The scheduler fires the job, captures the response, records the outcome, and alerts on failure. You get the full picture: status code, response body, duration, retry count, and a timeline of every execution. When to use each: Heartbeat monitoring makes sense when you're stuck with system cron. Execution monitoring makes sense when you're choosing a scheduler — you get monitoring, retries, and logging as part of the platform. Comparison at a Glance Tool Type Alerts Execution Logs Retries Free Tier DIY scripts Custom ⚠️ Whatever you build ⚠️ Whatever you build ⚠️ Whatever you build ✅ Free (your time) Healthchecks.io Heartbeat ✅ Email, Slack, webhooks ❌ No ❌ No ✅ 20 checks Cronitor Heartbeat + telemetry ✅ Email, Slack, PagerDuty ⚠️ Basic (duration, exit code) ❌ No ⚠️ 5 monitors Better Stack Uptime + heartb
AI 资讯
I tested my website for “AI agent readiness” and scored 86/100
I recently tested my agency website using Cloudflare’s “Is Your Site Agent-Ready?” checker. No affiliation with the tool. I was curious about what “agent-ready” actually means. My site scored 21/100 and reached Level 1: Basic Web Presence . It passed three checks: Valid robots.txt Working sitemap Rules for AI crawlers It failed several newer checks: Markdown content negotiation Content Signals HTTP Link headers Agent Skills discovery MCP Server Card WebMCP API and authentication discovery The interesting part is that this is not another SEO score. It checks whether AI agents can discover, understand, and interact with a website through machine-readable standards. For example, an agent could request a clean Markdown version of a page instead of processing the complete HTML. Applications can also publish structured information explaining their APIs, available tools, authentication process, and supported actions. Some checks seem practical today, particularly Markdown responses, crawler rules, and structured discovery. Others, such as agentic payment protocols and DNS-based agent discovery, still feel early for a normal business website. I am planning to implement Content Signals and Markdown negotiation first, then test whether Agent Skills would provide any real value. Has anyone implemented these standards on a production website? Did they improve anything beyond the scanner score? submitted by /u/kelisshekhaliya [link] [留言]
AI 资讯
Can a fake Sentry issue trick your coding agent into running a malicious npm package?
Saw a writeup this week about a new attack aimed at coding agents (Claude Code, Cursor, etc) and it's annoying in how simple it is. Attackers spray fake error logs to generate fake Sentry issues. The issue is written like a runbook, so when your agent goes to "fix" it, the suggested fix is to run a malicious package that quietly exfiltrates your env. The reason it works: the Sentry DSN is unauthenticated by design. Most sites embed the DSN in the front-end for client-side error reporting, and there isn't really a way around that if you want client-side telemetry. So anyone who has the DSN can fire events into your project. The attacker writes the fake issue to read like: "Runtime issue, no code change needed, just run this diagnostic." The "diagnostic" is a typosquatted npm package. They even dress up the event metadata to look like agent permission flags so the model thinks it's been cleared to run the command. What saved the engineer in this case was the agent itself catching the typosquat and refusing to install it. The net held this time, but I wouldn't want my whole defense to be "the model probably notices." The part I keep chewing on is where the control even belongs. "Don't trust external inputs" was the lesson with SQL injection and it still holds, but here the input is a Sentry issue and the executor is your agent, so I'm not sure which layer you fix it at. The DSN can't really be locked down, so that leaves the agent's run permissions or a package allowlist. Lock down permissions and you're approving everything by hand; lean on the allowlist and it breaks the moment something legit isn't on it. What would have caught this in your setup? Because "the model noticed the typosquat" feels like a control I don't want to depend on. submitted by /u/Any_Side_4037 [link] [留言]
AI 资讯
Is inline code completion better than prompting
I have a hypothesis that having an llm complete a few lines of your code - mostly boilerplate, could be better than prompting an entire file of code through it. Better in the sense that it isn't entirely vibe coding and it takes some cognitive load to code and the dev has better context of what is written. Do you think so? submitted by /u/GarrettSpot [link] [留言]
AI 资讯
How to Build a Bulletproof Shopify Cart Event Listener (Without App Conflict)
If you’ve ever built a slide-out cart drawer, a dynamic free-shipping bar, or custom analytics tracking for a Shopify store, you've run straight into this brick wall: Shopify themes do not emit consistent, trustworthy cart events. You write a perfect event listener, only to find out a third-party product-bundle app uses old-school XMLHttpRequest (XHR) instead of fetch to add items to the cart. Your listener misses it completely, the cart drawer stays shut, and your user thinks the button is broken. Most developers end up copying and pasting messy, brittle window.fetch overrides into their projects. Frustrated by solving this over and over again, I built Shopify Cart Broadcaster —a zero-dependency, 2 KB utility that intercepts both Fetch and XHR requests seamlessly to provide universal DOM events. 👉 Check out the source on GitHub: Rabin-p/shopify-cart-broadcast (If this saves you an afternoon of debugging, drop a ⭐!) The Nightmare of the /cart/add Response Even if you successfully listen to Shopify's /cart/add.js request, Shopify throws another curveball at you. When you add an item to the cart, the server responds with only the item(s) that were just added —not the updated state of the entire cart. If your slide-out cart drawer needs the new total price to see if a discount threshold is met, you are out of luck. You're forced to manually chain another fetch('/cart.js') request to get the true state. My utility handles this annoying race-condition out of the box. It detects the mutation type, intercepts it, pushes the true cart events to the window and displays it beautifully. window . addEventListener ( ' shopify:cart-updated ' , ( e ) => { // Always gives you the accurate, updated cart object! console . log ( ' New Cart Total: ' , e . detail . cart . total_price ); });
AI 资讯
Why Your React Frontend Crashes When an LLM Streams Malformed JSON
A production-minded walkthrough with a live Next.js demo — JSON.parse() vs partial-json + Zod for real-time AI dashboards. canonical: https://gauravthorat-portfolio.vercel.app/blog/react-llm-stream-json-parser
AI 资讯
Wait... FDE Is Not a JavaScript Framework?
Hello, I'm Maneshwar. I'm building git-lrc, a Micro AI code reviewer that runs on every commit. It is...
AI 资讯
Is webdev easy or am I dumb
Recently i have been trying to learn full stack skills, springboot and react.js , These things are so overwhelming, I haven't started react.js yet, I mean there are so many things to remember ModelMapper, ObjectMapper, GrantedAuthority, User details, User detailsService,Logger, so many annotations, So many features Really getting confused, trying to build a resume based Ecommerce Project Even If I am able to make it , I know many will comment " It's very common, it's a basic project" dude it was so tough for me how can u say that submitted by /u/faangPagluuu [link] [留言]
开发者
Every layer of review makes you 10x slower
submitted by /u/fagnerbrack [link] [留言]
AI 资讯
Recently I studied Kafka and wanted to share my understanding.
Kafka is used for handling messages/events between different services. Here's how I understand it: A Producer sends an event/message to Kafka. The message contains things like Topic, Key-Value data, and Timestamp. Kafka stores these messages in Brokers (Kafka servers). Topics can be divided into multiple Partitions. Each partition has one Leader and multiple Followers (Replicas). All read and write operations happen through the Leader, while Replicas act as backups if a broker fails. Now Kafka does not immediately delete messages after they are consumed, unlike many traditional queues. There is a term called Offsets. You can think of an offset like the index of a message inside a partition. For example: A user places an order → payment is processed → email is sent → analytics service processes the event. Suppose during that analytics service goes down, Kafka knows which offset was last processed. When the service comes back up, it can continue from that offset instead of starting from the beginning. This is also one reason why Kafka keeps messages for some time after consumption. Any corrections? Is there anything else I should know about this topic? Please let me know. submitted by /u/No-Resolution-4054 [link] [留言]
AI 资讯
Building a production TypeScript CLI in 2026: oclif vs commander vs custom.
Building a production TypeScript CLI in 2026: oclif vs commander vs custom. I shipped my first Node CLI in 2019 with a 12-line arg slicer and process.argv . It worked until it needed a second command and then collapsed into spaghetti. The other extreme is grabbing a full framework for a tool that runs one command. In 2026 there are three reasonable paths between those extremes, and each one wins on a specific slice of the problem. This post covers @oclif/core v4, commander v14, and a zero-dependency parser that fits in 30 lines. Same "greet" command in all three. Same distribution steps at the end. Honest tradeoffs throughout. TL;DR oclif v4 commander v14 zero-dep npm install size ~8 MB ~220 kB 0 B Type inference on flags Full, generated Good, manual Manual Plugin ecosystem Yes (Heroku, Salesforce) No No Learning curve High (day 1) Low (hour 1) None Best for Multi-team, multi-command CLIs Most real-world tools One-shot scripts 1. The decision: framework vs no framework Reach for a framework when the tool needs subcommands, a plugin system, or auto-generated help text. The second engineer who touches the CLI should be able to find where things live without reading your code twice. Build your own when the tool does one thing, ships as a one-file script, or lives inside a monorepo where pulling in 8 MB of transitive deps is not welcome. A zero-dep parser also removes the surface area for supply-chain incidents, a real concern on tools that run in CI. Commander sits in the middle: a 220 kB install that covers most real tools without the scaffolding overhead of oclif. 2. Project skeleton Every path shares the same bin setup. Start with a package.json that declares the executable: { "name" : "greet-cli" , "version" : "1.0.0" , "bin" : { "greet" : "./dist/cli.js" }, "scripts" : { "build" : "tsc" , "dev" : "tsx src/cli.ts" }, "type" : "module" } The tsconfig.json for a CLI targets the Node release line you plan to support. Node 24 LTS handles ESM natively, so use "module":
AI 资讯
I built a cert prep platform in my spare time because I couldn't find a good practice platform
A few months ago I was trying to prepare for a cloud certification exam. I went looking for practice questions - good ones. Not just answer lists, but questions that actually trained the reasoning the exam tests. I found some scattered GitHub repos, a few YouTube playlists, sites with outdated question dumps. Nothing that felt structured. Nothing that explained why an answer was right, not just what it was. So I started building my own study tool. Mock questions, practice sets, AI-generated explanations. The kind of thing I wished existed. Six weeks later that became ArchReady - a certification prep platform for AWS, GCP, and PSM1. It's live now. What it does Practice questions across AWS (CCP, SAA, DVA, SAP), GCP ACE, and PSM1 Explanations for wrong answers - walks through the reasoning, not just the correct option AI-powered explanations coming soon Claude (Anthropic) Confidence tracking - shows which topics you're weak on Free to practice, no signup required. Pro unlocks full history and tracking. The stack Frontend: Next.js 14 (App Router) Backend: FastAPI (Python) AI: Claude (Anthropic) - explanations launching soon Payments: Dodo Hosting: Vercel (web) + Railway (API) Nothing exotic. I kept it boring on purpose - solo founder, 2-5 hrs/week, I can't afford interesting infrastructure problems. What I actually learned Ship before it feels ready. I had a list of 12 features I thought were "required for launch." I launched with 4. Nobody noticed the missing 8. Questions sourced from open-source + AI is good enough to start. Questions come from curated GitHub repos and AI-generated content built around official exam frameworks. That's enough to be useful. Perfection is a later problem. The hardest part isn't building - it's the first 10 users. The product exists. Getting people to try it is the actual work now. Where it is today Live at archready.io . Early stage. Still building. If you're prepping for AWS, GCP, or PSM1 - try it free, no account needed. Honest feedba
AI 资讯
The Loop Is Not the Product
A tweet landed on my timeline from Peter Steinberger — OpenClaw founder, now at OpenAI: "Here's...
AI 资讯
I scanned 100 German e-commerce sites with a pa11y + axe-core + Puppeteer pipeline across 5 page types, sharing the setup and results
Built a small scripted pipeline to benchmark accessibility on 100 German online shops and the numbers were rougher than I expected, so here is the setup in case it is useful for your own CI. Stack: Puppeteer drives a headless Chromium through up to five routes per shop (home through checkout). Then pa11y 9.1.1 runs HTML_CodeSniffer and axe-core 4.10.2 runs on the same loaded DOM. Results get deduped by selector and rule id so the two engines do not double-count. Shops were picked to match German platform share. Shopify was the biggest block at 40 of 100, with Shopware and WooCommerce next. Output: 29,745 hard errors across the sample, with every one of the 100 shops failing WCAG 2.1 AA and homepages averaging 99.8 errors. The recurring offenders were touch targets under 44px on all 100, low contrast on 67, broken heading order on 61 and unnamed links on 58. Two practical notes for anyone scripting this. Checkout was only reachable on 82 of 100 without an account or a real cart, so deep-page coverage is uneven and you should log it per route instead of pretending you scanned everything. And automated detection is about 57% of real issues, so this is a smoke test, not an audit. submitted by /u/Loewenkompass [link] [留言]
AI 资讯
What do you think of the Siri Ai that Apple released during the WWDC
What are your thoughts since I’m pretty sure they partnered with Google submitted by /u/Classic-Grab-2866 [link] [留言]
AI 资讯
Learnings about authentication and authorization.
At the beginning of my Engineering career, I worked in a place where I had a lot of freedom to implement and experiment any technology I found interesting. I tried many technologies like PHP, Java, EJBs, SOAP, Rest and JavaScript. This gave me a lot of perspective, but I lacked the guidance and mentoring from more experienced developers. One of the most problematic things I built was a login. I would like to share in this document things that I did in the past so you understand why it is problematic and how I would build them today. Earlier Mistakes My First PHP Login. This is not a terrible option when using a single host, small project, but the biggest problem comes when we need to scale horizontally. Session variables exist only on the servers they are created. If you add more servers + Load Balancer, there is no guarantee that your requests go to the same server. In terms of vulnerabilities, if somebody manages to read your session id, they can impersonate you, act on your behalf. This is not really different from other methods like JWT so it is important to set up SameSite cookies or CSRF tokens, but do you think I did that for my first login ? of course NOT! My first Password storage. If you are thinking on implementing a login please NEVER do what I am about to describe: The first time I implemented a password, I was worried that somebody would find out the "actual" password. I wasn't actually thinking about using HTTP (instead of HTTPs), so my take on this was "encrypting" the password into MD5. Then the password was saved in MD5, but I was NOT doing anything different than just sending the password AS is. Let me explain the problems with this approach: Over HTTP an MD5 password can be read, and anybody can simply replicate the request with the same MD5 MD5 was actually NOT encrypting, it was a hashing. There are databases all over the internet mapping MD5 and other hashed passwords available so finding an MD5 can actually be translated to an actual password
AI 资讯
How I Configured Cursor to Stop Breaking My Codebase
If you use Cursor, Claude Code, or Windsurf daily, you've probably had this experience: You open a fresh chat, ask for a small fix, and twenty minutes later the AI has rewritten your API layer, added three new dependencies, and switched your data-fetching pattern "for consistency." The model isn't broken. It's contextless. Every new session starts from zero. It doesn't know your stack, your conventions, or the things it must never touch. So you spend the first ten minutes re-explaining — and the last hour undoing. Here's what fixed it for me. The real problem isn't prompts Most devs collect prompts. Notes app, Slack snippets, old chat threads. That helps for one-off tasks, but it doesn't solve the session problem. What you need is persistent context — rules that load automatically before you type anything. Two files do this: CLAUDE.md — read by Claude Code (and usable as project context elsewhere) .cursorrules — loaded by Cursor on every session (rename to .windsurfrules for Windsurf) Drop them in your project root. Done. What goes in a good config file A useful config is not ten lines of "use TypeScript and write clean code." That's too vague to change behavior. Mine include: Project structure — where pages, components, and API routes live Stack + versions — Next.js 14 App Router, not Pages; Zod; shadcn/ui Commands — npm run dev, npm run typecheck, npm run test Coding conventions — naming, import aliases, Server vs Client Components DO NOT section — the most important part (more on this below) Workflow notes — use @folder, prefer editing existing files, minimal diffs Here's an excerpt from the DO NOT section that saved me the most time: DO NOT — Critical Anti-Patterns Do NOT create a pages/ directory or use the Pages Router Do NOT rewrite the entire API layer — extend existing route handlers Do NOT add new npm dependencies without stating why Do NOT make drive-by refactors in unrelated files Do NOT fetch data in useEffect when Server Components can fetch directly T
科技前沿
Release Notes for Safari Technology Preview 245
submitted by /u/feross [link] [留言]
科技前沿
Release Notes for Safari Technology Preview 245
submitted by /u/feross [link] [留言]
开源项目
looking to code a quiz into readymag, based off of images
I hope this makes sense. Keep in mind I'm pretty new to coding and have learnt for random one-off projects. I want to generate a quiz to be hosted on readymag, but started creating the still images so I can control the aesthetic. I'm looking to use buttons overlayed on top of the images to advance it, but they would also have to correlate with specific answers and store that data to trigger the right response on the final screen of the results. is this doable? how so? I'm not asking anyone to do a bunch of hard work for me for free, just point me in the right direction. I know how to make the buttons, but not actually have the action be advancing, and storing the data to refer back to it. sorry if there is any confusion. see the image as an example, which would have a start button and advance to the next prompt, one image at a time. they will have 2 or 3 options per question as buttons. thanks! https://preview.redd.it/sjw645ccx46h1.png?width=2636&format=png&auto=webp&s=146f36e1e5e242e340105e84dcb5579295bc0489 submitted by /u/Global_Math_7631 [link] [留言]