Hi all,
This week the github action tj-actions/changed-files are compromise and steeling credential of github action env. I had always found the concept of trusting randome github action is scary. Especially github make the action appear under the global namespace /marketplace/actions make it seems trust worth. Had github adopt a <user-org>/name probably more people will aware. I recommend for any non official github action, fork it to your own org or account and review source code manually.
Second thing, if you has been using WHOIS to find out domain owner or registra info, that is going to change. ICANN is Launching RDAP; Sunsetting WHOIS and a CLI to replace whois too.
If you enjoy BetterDev, please spread the word by sharing it with your friends. And if you’d like to support my work, buying me a coffee would be much appreciated.
Lots of coding AIs have cool X demos on greenfield apps. But the day-to-day of a pro software engineer working on a team looks…a little different from vibe coding. Enter Augment Code. The first developer AI built for teams and large codebases, Augment works on codebases of millions of lines of code and thousands of files, bringing full codebase context to every keystroke. Customers like Datastax, Observe, Kong, and Lemonade trust Augment because it’s fast, high quality, and secure. Even better - you don’t have to switch your IDE - Augment works in VS Code, JetBrains, and even Vim. Augment is free to try and never trains on code without consent. Start building for free today.
Non-volatile storage is a cornerstone of modern computer systems. Every modern photo, email, bank balance, medical record, and other critical pieces of data are kept on digital storage devices, often replicated many times over for added durability. we’re going to cover the history, functionality, and performance of non-volatile storage devices over the history of computing, all using fun and interactive visual elements.
Google release the full details of EntrySign, the AMD Zen microcode signature validation vulnerability which they initially disclosed on Feb 2025. This vulnerability allows an adversary with local administrator privileges (ring 0 from outside a VM) to load malicious microcode patches. We have demonstrated the ability to craft arbitrary malicious microcode patches on Zen 1 through Zen 4 CPUs
Exploring an unpopular git bundle-uri that can help speed up Git by pre-populate git local object cache from https instead of fetching from git server.
WebGPU is a modern graphics API designed to provide high-performance graphics and computation capabilities across different platforms, including web browsers, desktops, and mobile devices. It is intended to be a successor to the WebGL API, offering more advanced features, better performance, and greater flexibility for developers
CSS is evolving realy fast. This is a useful feature used to cover by CSS pre-processor like SCSS or LESS.
The question everyone have an answer for. The OP share with us an interesting concept: visual patterns of code, specifically the ones that make their brain hurt!
Any distributed system you will hear the term Raft or Paxos. Some expert consider Paxos is super simple, some say it’s the most complicated. In this post, the OP modeling Paxos with FizzBee, a design specification language and model checker to specify distributed systems at a much higher level of abstraction than a programming language for system analysis and design. So we will learn 2 things in this post.
Building on a previous post on sorting algorithms, I implemented the same algorithms using CUDA to explore performance improvements through parallel computing. The goal is to see how we can leverage the power of parallel computing to speed up our sorting algorithms. I went for a NVIDIA recruiting event some days ago, that was a great event and it motivated me to try to rewrite the sorting algorithms using CUDA.
“PostgreSQL scales” - we have all heard this phrase over and over again. However, the question is: What does this actually mean? Does it mean 1 million rows? Or maybe even 1 billion rows? So, on a rainy weekend, I decided to do a little experiment to figure out if it is possible to squeeze 1 trillion rows (= 1000 billion rows) into my local personal computer
As an engineer we’re all curious how a compilers to made. The bad news is there is no single resource to grasp all of that. The good news are all the resource widely available for us to get started.
Binary Security found the undocumented APIs for Azure API Connections. In this post we examine the inner workings of the Connections allowing us to escalate privileges and read secrets in backend resources for services ranging from Key Vaults, Storage Blobs, Defender ATP, to Enterprise Jira and SalesForce servers.
A delightful Ruby way to work with AI. No configuration madness, no complex callbacks, no handler hell – just beautiful, expressive Ruby code.
Rubya powerful, web-based image editor built with React and TypeScript. It provides a modern, intuitive interface for quick image edits and filters, optimized for both desktop and mobile devices.
TypeScriptIf you ever need a short-cut like a spotlight search for your app. You would want this
JavaScripta robust Rust framework for building interactive REPL (Read-Eval-Print Loop) applications and custom shells. It provides a flexible, type-safe foundation with built-in terminal UI capabilities using ratatui.
RustThe cryptography-based networking stack for building unstoppable networks with LoRa, Packet Radio, WiFi and everything in between.
PythonVery interesting and insightful from creator of C# and TypeScript.
Prevent merging of malicious code in pull requests
The agents.json Specification is an open specification that formally describes contracts for API and agent interactions, built on top of the OpenAPI standar
a Python package designed to facilitate the creation of engaging short videos or social media clips. It leverages a variety of external services and libraries to streamline the process of generating, processing, and uploading short content.
Elevate your designs with our curated collection of modern background patterns. Preview, customize, and implement with just a few clicks.
an open source, community-driven, native audio turn detection model. Hugging Face model is available
an open-source, fast, reactive, in-memory database optimized for modern hardware.
Horizontal scaling for PostgreSQL.
A blazing-fast KV store written in pure Golang without any dependencies with native pub-sub support, engineered for high-frequency, contention-heavy workloads
Toolkit for linearizing PDFs for LLM datasets/training
The open source document alternative to Notion or Outline. Build with Django and React
Open and Advanced Large-Scale Video Generative Models
BetterDev Link
Every Monday