Postgres gets a lot of love, but this result beautifully sums up why MySQL and InnoDB are still awesome.

The jailbreak that got Fable 5 pulled, by Anthropic's own account, is asking it to read a codebase and fix the flaws. The same thing every defender does daily and other models already do. I've found bugs by hand for twenty years and nobody called it a national security threat.

Technical leadership is the art of ignoring.

literally every Silicon Valley product comparison chart:

Our Vercel bill was $25k per month. We just switched to Cloudflare and our spend is $2k per month. This is your sign to switch to Cloudflare

GitHub found a way to stop supply chain attacks 👍

The Go team that works on the stdlib has a pretty legendary quality/stability/security track record too.

2019 was technological masturbation. you cared more about state management libraries than the value the app they were being used for was providing. leaning into product and outcomes is infinitely more fulfilling than that bikeshedding bullshit.

If you're a naturally anxious person, I recommend pursuing a high stress career path where at least you'll be compensated for anxiety you're going to have anyways.

I strongly believe there are entire companies right now under heavy AI psychosis and its impossible to have rational conversations about it with them. I can't name any specific people because they include personal friends I deeply respect, but I worry about how this plays out. I lived through the great MTBF vs MTTR (mean-time-between-failure vs. mean-time-to-recovery) reckoning of infrastructure during the transition to cloud and cloud automation. All those arguments are rearing their ugly heads again but now its... the whole software development industry (maybe the whole world, really). It's frightening, because the psychosis folks operate under an almost absolute "MTTR is all you need" mentality: "its fine to ship bugs because the agents will fix them so quickly and at a scale humans can't do!" We learned in infrastructure that MTTR is great but you can't yeet resilient systems entirely. The main issue is I don't even know how to bring this up to people I know personally, because bringing this topic up leads to immediately dismissals like "no no, it has full test coverage" or "bug reports are going down" or something, which just don't paint the whole picture. We already learned this lesson once in infrastructure: you can automate yourself into a very resilient catastrophe machine. Systems can appear healthy by local metrics while globally becoming incomprehensible. Bug reports can go down while latent risk explodes. Test coverage can rise while semantic understanding falls. Changes happens so fast that nobody notices the underlying architecture decaying. I worry.

> be github > invent copilot > you are literally the first one > you are literally the only one > you literally have access to all the code in the world > get mogged by literally every single agentic bs that came out in the past few years this level of fumble should be studied

every tech executive is talking about making it so anyone on the team can ship code this means engineers focus on guardrails, patterns, etc to allow for this to happen safely but this isn't new! this has always been the job of the senior people on the team, make the less experienced people more productive and you do this by being really good at designing code, and you're gonna have to be really really really good to allow your marketing team to ship changes without things breaking

Americans are really good at selling stuff. I fancy myself a bit more grounded than the average joe, I’ll expect them to not enshittify their own product in less than 5 years to start considering buying their magic potion.

every engineer at anthropic has been using mythos for ~1.5 months. meanwhile, their uptime is horrendous, claude code still has rendering bugs, etc. one could conclude that it won't be the end of software engineering.

🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise. This is textbook supply chain installer malware. axios has 100M weekly downloads. Every npm install pulling the latest version is potentially compromised right now. Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that: • Deobfuscates embedded payloads and operational strings at runtime • Dynamically loads fs, os, and execSync to evade static analysis • Executes decoded shell commands • Stages and copies payload files into OS temp and Windows ProgramData directories • Deletes and renames artifacts post-execution to destroy forensic evidence If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.

cloudflare rfc for skill discovery puts it at /.well-known/skills those skills can point to useful endpoints in /api then agent can call those and if auth is needed we already have standards for that and wow no new stack of tech is needed

Head of product at a $50 Billion company, says they can't support more than 2 colors (it's 50 lines of CSS) Straight into the top3 most retarded things I've heard this year

I hate these "coding isn't the hard part" tweets I have been a part of and seen several companies not just struggling with "the right decision" but the culmination of their past technical decisions. AI won't magically make this go away. Lines of Code is still a liability and producing it faster doesn't change or reduce it, if anything it increases liability. Room temperature Twitter take strikes yet again