今日已更新 215 条资讯 | 累计 21081 条内容
关于我们

标签:#webdev

找到 1569 篇相关文章

AI 资讯

Steering Vectors: The Hidden Control Knobs Inside Large Language Models

Hello, I'm Shrijith Venkatramana. I'm building git-lrc, an AI code reviewer that runs on every commit. Star Us to help devs discover the project. Do give it a try and share your feedback for improving the product. What if you could change how an AI thinks without retraining it? Not by rewriting prompts. Not by fine-tuning billions of parameters. Not by collecting another mountain of training data. Instead, imagine finding a direction inside the model's internal representation space and nudging the model a little in that direction. A small push. A different behavior. This idea sits at the heart of one of the most fascinating areas of modern AI interpretability: steering vectors . Steering vectors suggest that many behaviors we care about—careful reasoning, honesty, coding style, security awareness, verbosity, and more—may already exist inside a model. The challenge is learning how to activate them. Let's explore what steering vectors are, how they're created, and why they might become one of the most practical tools for controlling AI systems. 1. What Exactly Is a Steering Vector? Large language models process information through layers of high-dimensional activations. At any point during generation, the model's internal state can be represented as a vector containing thousands of numbers. Researchers discovered something surprising: Different behaviors often correspond to different regions of this activation space. For example: Writing Python code Solving math problems Speaking French Explaining concepts carefully Producing insecure code Each tends to produce distinctive activation patterns. A steering vector is essentially the difference between two activation patterns. Suppose we gather examples where the model is: Careful Methodical Thorough and compare them to examples where it is: Rushed Superficial Incomplete The average difference between these internal states becomes a steering vector. At inference time, we can add that vector back into the model's activatio

2026-06-05 原文 →
AI 资讯

I almost leaked a customer's data while screen-sharing ChatGPT — here's what I built to stop it

A few weeks ago I was on a call sharing my screen, walking a teammate through a prompt I'd been iterating on in ChatGPT. Mid-sentence I scrolled up — and there, three messages back, was a chunk of a customer's data I'd pasted in earlier to debug something. Real email, real account info, sitting right there on a shared screen. Nobody said anything. Maybe nobody noticed. But I noticed, and I spent the rest of the call only half-present, trying to remember everything else still in that thread. If you live in ChatGPT all day, you already know the problem. The thread is your scratchpad. You paste logs, keys, customer rows, half-finished internal docs — things you'd never put in a doc you planned to share. And then someone says "can you share your screen real quick" and suddenly your scratchpad is a presentation. Why the usual advice doesn't work The standard answers are all some version of "be careful": Open a clean tab before sharing. Scroll to the top. Use a separate "demo" account. These fail for the same reason all manual checklists fail under pressure: the moment you actually need them is the moment you're distracted, talking, and not thinking about hygiene. You remember after . The fix has to happen before the screen goes live, and it has to require zero discipline in the moment. What I wanted instead I wanted something that just sat there and blurred sensitive parts of a page automatically, so that even if I forgot, the leak couldn't happen. A few requirements: Local only. Whatever it does, it never sends page content anywhere. A privacy tool that phones home is a contradiction. Before, not after. It blurs while the page renders, not after I've already exposed it. Per-element, not whole-screen. A full black box is useless for a demo. I still need to show the working parts. The interesting technical bit The naive approach is to listen for some "I'm sharing now" signal and react. That's too late — there's a visible frame where the data is exposed before the blur kic

2026-06-05 原文 →
AI 资讯

SkillMap AI

Excited to share SkillMap AI, a platform designed to help organizations make faster and more accurate staffing decisions. The idea is simple: project requirements and candidate profiles often live in separate documents, making team allocation slow and inconsistent. SkillMap AI bridges that gap by converting project requirements into structured skill demand and matching them against candidate capabilities. ✨ Key Features • Requirement Intelligence – Transform project briefs into normalized skill requirements • Candidate Matching – Compare resumes against actual project needs, not just keywords • Skill Gap Analysis – Identify missing capabilities before project execution • Staffing Decision Support – Recommend validation, interviews, and upskilling paths 📊 Outcomes ✓ Faster staffing shortlists ✓ Reduced manual resume screening ✓ Better project-team alignment ✓ Evidence-based skill gap identification ✓ Improved workforce planning 🌐 Live Demo: https://skill-map-ai-delta.vercel.app Would love to hear your thoughts and feedback!

2026-06-05 原文 →
工具

Best practice and postman/curl

When using the Postman extension in vsCode I was wondering where all the Collections credentials and tokens are stored. Are they secure and what is best practice for its use? Should I switch to curl? And can I use environment variables like curl? The postman documentation just talks about using the postman vault but doesn't say where they are stored and how securely if you aren't using it. submitted by /u/ElectricYFronts [link] [留言]

2026-06-05 原文 →
产品设计

Question about web hosting split for solo play vs multiplayer game (same game) - see description

TLDR: I’ve built a single player browser game which is static assets and 0 cost, I plan to release multiplayer which will cost me - would you split into 2 different URLs eg “multi.myurl.gg” vs “myurl.gg” etc (placeholder URLs) Hey reddit, I’ve built a browser game in my spare time and have a question about potentially hosting on 2 different URLs. My specific issue is - right now the game is single player only + bots, and cost wise most of the game is free for me to host at any scale due to the way I’ve architected single player. This includes sharing features and things like watching replays, I could effectively have a billion users and still pay the same as when I have 1 user. This is great! But, once I introduce multiplayer, I have to pay for Cloudflare workers, storage, egress fees potentially etc for those same sharing and replay features. I’ve estimated these costs to be quite low even at scale, but I’m extremely frugal and want to always keep the single player experience alive. The multiplayer experience is more dependant on how well it performs with the public. So I was thinking of hosting single player at something like “myurl.gg” and multiplayer at something like “multi.myurl.gg” for a clean separation of concerns. Am I over-engineering here?? @mods this is not self promotion, I’ve used placeholder URLs etc submitted by /u/ComfortablePeace8859 [link] [留言]

2026-06-05 原文 →
AI 资讯

Bernini's plan before render mapping is what coding agents need too

Bytedance released Bernini for video editing. The architecture splits the pipeline into a semantic planner that understands intent, then a renderer that executes. The planner draws a semantic sketch before any pixels are committed. This is the exact structure I want from coding agents. A planning stage that understands the codebase, the constraints, the dependencies. Then an execution stage that respects that plan. Right now most coding agents skip the planning layer or treat it as advice the agent can ignore mid flight. Bernini gets around the ignore problem by making the plan structural. The semantic sketch is a contract. The renderer's job is to match it. Coding agents need the same contract: a structured task graph where each step has inputs, outputs, and exit conditions. The hardware angle is interesting too. Gemma 4 at 2GB vram means the planner can run locally while the renderer stays in the cloud. Local intent understanding plus remote execution. Latency drops. Privacy improves. I have been using verdent partly for this reason: the plan comes before execution. Coding agents should pay attention to how video generation solved the same problem. submitted by /u/SherbertDazzling3661 [link] [留言]

2026-06-05 原文 →
AI 资讯

i need so help ssl

I’m trying to set up SSL for a newly added domain on a shared cPanel hosting account. The domain is already added inside cPanel and shows under the SSL/TLS section, but the certificate status says the installed certificate does not cover the new domain. The existing certificate appears to be old/expired and was not issued by AutoSSL. When I go to the SSL/TLS Wizard, it says: “There are no SSL/TLS products available at this time. SSL/TLS providers can be enabled by the server administrator.” I’m not seeing a clear “Run AutoSSL” button anywhere in cPanel. Is this something I can fix myself from cPanel, or does the hosting provider need to enable AutoSSL / SSL providers on the server side? I’m mainly trying to get SSL working for the main domain and www version of the domain. submitted by /u/PersonalityLife6196 [link] [留言]

2026-06-05 原文 →
AI 资讯

Found an open source mac app that allows you to run claude code terminals as highly capable agents

This is too cool to gate-keep, I’ve decided to open-source Munder Difflin. Munder Difflin a local multi-agent harness that allows you to run the office with as many agents as you want. To put simply it completes ambitious tasks autonomously(almost) by running a cluster of your own claude code agents performing various activities in a controlled environment with inter agent connectivity and one of the top benchmarked memory layer. You can choose to only talk to Michael the god orchestrator which will automatically distribute the asks among other agents. It has gives your agents one of the top bench marked memory layer, gives you full orchestration access with a GOD agent(Michael), schedule repeated instructions that your agents will perform, integrate with slack and much more. (Link in comments) submitted by /u/chaitanyagiri [link] [留言]

2026-06-05 原文 →
开发者

Does anyone actually have a reusable-code system that survives long term?

I've spent years trying to organize reusable code. I've tried: ● snippet managers ● internal libraries ● private repositories ● documentation systems Everything works initially. Then projects evolve, code diverges, and suddenly there are multiple versions of the same utility everywhere. At this point I'm wondering if perfect organization simply isn't realistic. How are experienced developers handling this? submitted by /u/Unhappy-Pepper- [link] [留言]

2026-06-05 原文 →
AI 资讯

Someone is trolling me and regularly sends messages through the contact form on my website—how can I protect my website from this?

Starting this year, I’ve been receiving fake inquiries through the form on my website—about one or two a month. The name, company, and email address are correct, but the message wasn’t sent by the people listed. Either they don’t respond to my reply, or they write back saying they never contacted me. This is frustrating because it reflects poorly on my business. What can I do about it? submitted by /u/Weekly-Month-9323 [link] [留言]

2026-06-04 原文 →
AI 资讯

How I stopped nodding along and actually contributed to open source

For years I saw "open source contributions" on job descriptions and just... nodded along. Typed it into Google once, got overwhelmed, closed the tab. It always seemed like something other people did. People who actually knew what they were doing. People who weren't me. Then I started looking into it properly. And honestly? It still seemed big. Like I'd need to understand an entire codebase, find a complex bug, write some genius fix that the maintainers would applaud. Turns out that's not it at all. I found some resources that changed how I saw it completely. The bar to start is embarrassingly low, and that's intentional. The open source community built it that way on purpose. So I did it. Was it a few lines of code? Yes. Did I do it directly in the browser like a person who has no idea what they're doing? Also yes. Do I care? Absolutely not. Where to actually start: goodfirstissue.dev — filters repos by good first issue label up-for-grabs.net — same idea, different interface Docs you already use — if you read something and think "that's oddly worded," you're already there GitHub search — label:"good first issue" is:open and filter by language Here's the thing though, this isn't just about open source. Everything seems big and intimidating at first. So you start small. One tiny contribution. Not because it's impressive but because it's real, and it's yours, and it builds something. Confidence mostly. Then you do a slightly bigger thing. Then a bigger thing after that. You don't level up by waiting until you're ready. You level up by starting small and not stopping. My first contribution exists now. That's enough for today.

2026-06-04 原文 →
AI 资讯

Scoring a Page's Meta Tags 0-100: The Rubric Behind Our Analyzer

A meta tag audit is a pile of binary checks. Title present, yes or no. Title in range, yes or no. Description present. One H1. og:image set. Canonical present. Run them all and you get a few dozen booleans. The problem is that a wall of green and red checkmarks does not motivate anyone. People glance at it, feel vaguely bad, and close the tab. A single number does motivate. "You are at 62" is a thing a person will act on. But a number only works if it is honest, and a number is only honest if it is explainable. So we set one hard constraint before writing any scoring code: every point a page loses has to trace back to a named check with a specific fix. No mystery deductions. If you are at 62 and not 100, the tool can point at the exact items that cost you the other 38. That constraint shaped every decision that followed, and it is the reason the rubric looks the way it does. This is the write-up of how we got from a pile of booleans to a number we are willing to defend. Choosing the dimensions and the weights The first decision was how to group the checks. We landed on five dimensions, each with a fixed weight, and the overall score is their weighted average: Basic meta, 30 percent. Title tag and meta description. Headings, 20 percent. H1 count and heading-level hierarchy. Open Graph, 20 percent. og:title, og:description, og:image, og:url. Twitter Card, 15 percent. twitter:card, twitter:title, twitter:description, twitter:image. Technical, 15 percent. Canonical, html lang, viewport, robots. The weights are the opinionated part, and they encode what we actually believe about how pages get found now. Basic meta gets 30 percent, the largest slice, because the title and description are the strings an AI engine quotes when it summarizes or cites a page. They are the highest-value characters on the whole page, so a gap there should cost the most. Technical gets the smallest slice at 15 percent, but for a subtler reason than "it matters least." Technical failures are rarer

2026-06-04 原文 →
AI 资讯

My web app fired two POST requests per submit. The fix taught me what React StrictMode is actually for.

We run an app where you describe a task and an AI agent does it. The first step after you hit submit is a planning call: POST /api/web/tasks/plan, which turns your free text into a structured plan the agents can pick up. One submit should mean one plan. While testing locally I noticed two plan requests going out per submit. Same payload, fired back to back. The agents handled it fine because the second plan just overwrote the first, but it bothered me. A doubled write is a doubled write, and the next one might not be idempotent. First wrong guess: a double-click My first assumption was the obvious one. The user double-clicks, or the button is not disabled during the request, so two clicks sneak through. I added the disabled state, watched the network tab, and got two requests from a single click. So it was not the button. The thing I had stopped seeing The submit logic lived in an effect. When the form phase flipped to submitting, the effect ran and fired the plan call. There was a second effect too: when the user changed the tier or output format mid-flow, a matching effect re-planned, because a different tier means a different plan. Neither effect had any guard against running twice. And in development, React StrictMode mounts every component, unmounts it, and mounts it again, on purpose, to surface effects that are not safe to re-run. My plan effect was exactly the kind of effect StrictMode is built to expose. The double mount fired it twice. The detail that made it click: I built the app for production and watched the network tab there. Exactly one request. The double was a development-only artifact of StrictMode doing its job. The bug was never in production traffic, but the fact that StrictMode could double it meant my effect was not safe, and an unsafe effect is a latent bug waiting for a real remount. The fix: ref guards set before the await, not reset in cleanup The instinct is to reach for a boolean. The catch is where you reset it. If you reset the guard

2026-06-04 原文 →
AI 资讯

Wordpress 7.0 completely broke keyboard navigation in the block editor

I don’t know if the adoption of 7.0 is just too low for this to become widespread or if I’m just a weirdo and most people don’t use their arrow keys to navigate the editor but this used to work perfectly and is now completely broken. Before 7.0 if you had a set of nested blocks, let’s say a group block with columns and then heading, paragraphs, images etc in the individual columns, you could use your arrow keys to move through the layers. For example if I was in the heading tag at the top of a column and clicked the up arrow it would make the column block the active selected block. Press it again and you’re on the columns container. One more time and you’re at your parent group. Now if I’m in that exact same scenario and click up from the heading block it will jump me to the lowest nested child block of the next highest root level block or if I’m already in the highest root level block it will take me to the page title. There is absolutely no way to use the keyboard to navigate between layout block layers anymore and it’s infuriating. This functionality is so engrained into my brain that it’s muscle memory at this point and I keep flying all over the page when I just want to adjust my column gaps or something. Forcing me to point and click around to the breadcrumbs or expanding the document overview sidebar is such a pain and takes so many steps. I have to imagine this is also absolutely horrible for accessibility, not being able to even get to certain blocks without a mouse. I just have no clue why they would change something that was so logical and just worked exactly as expected since the inception of the block editor. Was this just a mistake or did someone intentionally do something this stupid? I truly can’t see any value to how the keyboard navigation works now and see no point in why someone would choose for it to behave this way over the old way. Is there something I’m missing? Am I just a stubborn old developer who hates change? I feel like this is not unre

2026-06-04 原文 →
开发者

Laravel API data envelope

i'm having a hard time deciding which approach i should implement. i'm developing a Laravel api which is consumed by Vue & Nuxt and i didn't noticed that i actually implemented two approaches of the returned response: [1] return ArticleResource::collection($articles); this returns a JSON like this: { "id": 1, "title": "My Article" } [2] return response()->json([ 'data' => new ArticleResource($article), 'success' => true, 'message' => 'OK', ]); JSON: { "data": { // output of ArticleResource transformed $article }, "success": true, "message": "OK" } considering that the API and frontend are private repositories. does wrapping all of the response inside 'data' makes sense or should i just stick on [1] for less nesting? what do you guys think what do you usually do with your years of experience? submitted by /u/Totoro-Caelum [link] [留言]

2026-06-04 原文 →
开发者

Do you think Generative UI is the new Frontend?

Yesterday, I read a blog by Shubham on how Generative UI is changing entire frontend space. The frontend has always been something you build ahead of time and ship. The agent just works inside it. For 30 years that was the deal. What's actually shifting: the interfaces shipping in 2026 are drawn partly by the agent itself, in real time, from what the user actually asked for. He breaks down the different approaches (A2UI, MCP Apps, AG-UI) via CopilotKit and where each one actually falls apart depending on how deep in the app you go.. along with the token tax - how typical tool description with its JSON schema runs around 400 tokens. 25 components are 10,000 tokens on every turn, you pay that tax per request. worth a read especially the declarative generative UI pattern where you hand the agent a catalog and let it assemble layouts you didn't pre-build. blog link: https://x.com/Saboo_Shubham_/status/2062220865643982875 repo: https://github.com/CopilotKit/copilotkit do you think it's just marketing hype or actually the future of UI? submitted by /u/allenaa3 [link] [留言]

2026-06-04 原文 →
AI 资讯

How I Built Pakistan's Stock Market Education Platform as a Solo Trader-Developer

I am a full time trader and part time developer based in Karachi, Pakistan. A year ago I sat down to research how to properly compare brokers on the Pakistan Stock Exchange. Three hours later I had 11 browser tabs open, two of which had broken links, one had data from 2019, and none of them had everything I needed in one place. So I built PSX Pulse. What PSX Pulse Is PSX Pulse is a free stock market education platform for Pakistani retail investors. Everything a beginner needs to start investing in Pakistan's stock market — in one place. What is live right now: 35 verified SECP-licensed brokers with full contact details Complete mutual funds directory across 15 AMCs DCA calculator with realistic return scenarios 30-day beginner learning path Islamic investing guide PSX sector guide covering 12 sectors IPO tracker 100-term searchable glossary Weekly market recap every Friday All free. No login required. Live at: https://psxpulse.xwen.com.pk/ The Stack React + Tailwind CSS for the frontend. Vercel for hosting — free tier handles everything comfortably. No backend for most features — localStorage and static data keeps it fast and simple. Newsletter handled via a serverless Vercel function writing to a private GitHub CSV. What I Learned Building This Solo 1. The information gap in emerging markets is enormous Pakistani investors are not underserved because nobody cares. They are underserved because nobody with the technical skills to build tools also has the market knowledge to know what those tools should do. Being both a trader and a developer turned out to be the actual unfair advantage. 2. Free tools beat content for SEO My DCA calculator and broker directory pages get more consistent Google clicks than any article I have written. Tools solve a specific search intent that AI overviews do not replace — people still need to interact with a calculator, not just read about one. 3. Building in public is uncomfortable but worth it Sharing what you are building before it i

2026-06-04 原文 →
AI 资讯

How I built a lightning-fast Game Sens Converter in Vanilla JS

As a developer who frequently switches between competitive FPS titles like CS2 and Valorant, re-tuning mouse sensitivity is always a hassle. I wanted a fast, ad-free tool to translate my aim perfectly across titles, so I built a clean Game Sens Converter . The Approach I built this using 100% Vanilla JS. It’s a simple utility, so there was absolutely no need for a backend or heavy frameworks. It loads instantly and calculates right in the browser. Here is a quick look at the core logic handling the sensitivity conversion multipliers: function convertSensitivity ( gameFrom , gameTo , currentSens ) { // Standardized multipliers relative to CS2 / Source engine const multipliers = { ' cs2 ' : 1 , ' valorant ' : 3.181818 , ' overwatch ' : 0.3 , ' apex ' : 1 }; if ( ! multipliers [ gameFrom ] || ! multipliers [ gameTo ]) return null ; // Convert to base (CS2), then to the target game const baseSens = currentSens * multipliers [ gameFrom ]; const convertedSens = baseSens / multipliers [ gameTo ]; return convertedSens . toFixed ( 3 ); } Try it out You can use the live tool for free here: Game Sens Converter Let me know what your main game is or if you'd add any other FPS titles to the list in the comments!

2026-06-04 原文 →