🏡

to read (pdf)

generated: April 21, 2026 at 04:03:21

April 21, 2026
1. 🔗 WerWolv/ImHex Nightly Builds release
  Nightly
  
  31c1db8 Changelog
  - impr: Only create folders in places ImHex intends to write to, respect XDG
2. 🔗 r/reverseengineering Detect It Easy 3.20 Program for determining types of files for Windows, Linux and MacOS. rss
  
  submitted by /u/horsicq
  [link] [comments]
April 20, 2026
1. 🔗 r/reverseengineering Wrote a Linux rootkit (DKOM, eBPF bypass) and a detector to find it — sharing both rss
  
  submitted by /u/buter_chkalova
  [link] [comments]
2. 🔗 r/york The perks of being a local - spontaneous trips in to create art! rss
  
  | submitted by /u/GalacticGoose1
  [link] [comments]
  ---|---
3. 🔗 anthropics/claude-code v2.1.116 release
  What's changed
  - /resume on large sessions is significantly faster (up to 67% on 40MB+ sessions) and handles sessions with many dead-fork entries more efficiently
  - Faster MCP startup when multiple stdio servers are configured; resources/templates/list is now deferred to first @-mention
  - Smoother fullscreen scrolling in VS Code, Cursor, and Windsurf terminals — /terminal-setup now configures the editor's scroll sensitivity
  - Thinking spinner now shows progress inline ("still thinking", "thinking more", "almost done thinking"), replacing the separate hint row
  - /config search now matches option values (e.g. searching "vim" finds the Editor mode setting)
  - /doctor can now be opened while Claude is responding, without waiting for the current turn to finish
  - /reload-plugins and background plugin auto-update now auto-install missing plugin dependencies from marketplaces you've already added
  - Bash tool now surfaces a hint when gh commands hit GitHub's API rate limit, so agents can back off instead of retrying
  - The Usage tab in Settings now shows your 5-hour and weekly usage immediately and no longer fails when the usage endpoint is rate-limited
  - Agent frontmatter hooks: now fire when running as a main-thread agent via --agent
  - Slash command menu now shows "No commands match" when your filter has zero results, instead of disappearing
  - Security: sandbox auto-allow no longer bypasses the dangerous-path safety check for rm/rmdir targeting /, $HOME, or other critical system directories
  - Fixed Devanagari and other Indic scripts rendering with broken column alignment in the terminal UI
  - Fixed Ctrl+- not triggering undo in terminals using the Kitty keyboard protocol (iTerm2, Ghostty, kitty, WezTerm, Windows Terminal)
  - Fixed Cmd+Left/Right not jumping to line start/end in terminals that use the Kitty keyboard protocol (Warp fullscreen, kitty, Ghostty, WezTerm)
  - Fixed Ctrl+Z hanging the terminal when Claude Code is launched via a wrapper process (e.g. npx, bun run)
  - Fixed scrollback duplication in inline mode where resizing the terminal or large output bursts would repeat earlier conversation history
  - Fixed modal search dialogs overflowing the screen at short terminal heights, hiding the search box and keyboard hints
  - Fixed scattered blank cells and disappearing composer chrome in the VS Code integrated terminal during scrolling
  - Fixed an intermittent API 400 error related to cache control TTL ordering that could occur when a parallel request completed during request setup
  - Fixed /branch rejecting conversations with transcripts larger than 50MB
  - Fixed /resume silently showing an empty conversation on large session files instead of reporting the load error
  - Fixed /plugin Installed tab showing the same item twice when it appears under Needs attention or Favorites
  - Fixed /update and /tui not working after entering a worktree mid-session
4. 🔗 badlogic/pi-mono v0.68.0 release
  New Features
  - Configurable streaming working indicator for extensions via ctx.ui.setWorkingIndicator(), including animated, static, and hidden indicators. See docs/tui.md#working-indicator, docs/extensions.md, and examples/extensions/working-indicator.ts.
  - before_agent_start now exposes systemPromptOptions (BuildSystemPromptOptions) so extensions can inspect the structured system-prompt inputs without re-discovering resources. See docs/extensions.md#before_agent_start and examples/extensions/prompt-customizer.ts.
  - Configurable keybindings for scoped model selector actions and session-tree filter actions. See docs/keybindings.md.
  - /clone duplicates the current active branch into a new session, while extensions can choose whether to fork before or at an entry via ctx.fork(..., { position }). See README.md, docs/extensions.md, and docs/session.md.
  Breaking Changes
  - Changed SDK and CLI tool selection from cwd-bound built-in tool instances to tool-name allowlists. createAgentSession({ tools }) now expects string[] names such as "read" and "bash" instead of Tool[], --tools now allowlists built-in, extension, and custom tools by name, and --no-tools now disables all tools by default rather than only built-ins. Migrate SDK code from tools: [readTool, bashTool] to tools: ["read", "bash"] (#2835, #3452)
  - Removed prebuilt cwd-bound tool and tool-definition exports from @mariozechner/pi-coding-agent, including readTool, bashTool, editTool, writeTool, grepTool, findTool, lsTool, readOnlyTools, codingTools, and the corresponding *ToolDefinition values. Use the explicit factory exports instead, for example createReadTool(cwd), createBashTool(cwd), createCodingTools(cwd), and createReadToolDefinition(cwd) (#3452)
  - Removed ambient process.cwd() / default agent-dir fallback behavior from public resource helpers. DefaultResourceLoader, loadProjectContextFiles(), and loadSkills() now require explicit cwd/agent-dir style inputs, and exported system-prompt option types now require an explicit cwd. Pass the session or project cwd explicitly instead of relying on process-global defaults (#3452)
  Added
  - Added extension support for customizing the interactive streaming working indicator via ctx.ui.setWorkingIndicator(), including custom animated frames, static indicators, hidden indicators, a new working-indicator.ts example extension, and updated extension/TUI/RPC docs (#3413)
  - Added systemPromptOptions (BuildSystemPromptOptions) to before_agent_start extension events, so extensions can inspect the structured inputs used to build the current system prompt (#3473 by @dljsjr)
  - Added /clone to duplicate the current active branch into a new session, while keeping /fork focused on forking from a previous user message (#2962)
  - Added ctx.fork() support for position: "before" | "at" so extensions and integrations can branch before a user message or duplicate the current point in the conversation; the interactive clone/fork UX builds on that runtime support (#3431 by @mitsuhiko)
  - Added configurable keybinding ids for scoped model selector actions and tree filter actions, so those interactive shortcuts can be remapped in keybindings.json (#3343 by @mpazik)
  - Added PI_OAUTH_CALLBACK_HOST support for built-in OAuth login flows, allowing local callback servers used by pi auth to bind to a custom interface instead of hardcoded 127.0.0.1 (#3409 by @Michaelliv)
  - Added reason and targetSessionFile metadata to session_shutdown extension events, so extensions can distinguish quit, reload, new-session, resume, and fork teardown paths (#2863)
  Changed
  - Changed pi update to batch npm package updates per scope and run git package updates with bounded parallelism, reducing multi-package update time while preserving skip behavior for pinned and already-current packages (#2980)
  - Changed Bedrock session requests to omit maxTokens when model token limits are unknown and to omit temperature when unset, letting Bedrock use provider defaults and avoid unnecessary TPM quota reservation (#3400 by @wirjo)
  Fixed
  - Fixed AgentSession system-prompt option initialization to avoid constructing an invalid empty BuildSystemPromptOptions, so npm run check passes after cwd became mandatory.
  - Fixed shell-path resolution to stop consulting ambient process.cwd() state during bash execution, so session/project-specific shellPath settings now follow the active coding-agent session cwd instead of the launcher cwd (#3452)
  - Fixed ctx.ui.setWorkingIndicator() custom frames to render verbatim instead of forcing the theme accent color, so extensions now own working-indicator coloring when they customize it (#3467)
  - Fixed pi update reinstalling npm packages that are already at the latest published version by checking the installed package version before running npm install <pkg>@latest (#3000)
  - Fixed @ autocomplete plain queries to stop matching against the full cwd/base path, so path fragments in worktree names no longer crowd out intended results such as @plan (#2778)
  - Fixed built-in tool wrapping to use the same extension-runner context path as extension tools, so built-in tools receive execution context and read can warn when the current model does not support images (#3429)
  - Fixed openai-completions assistant replay to preserve compat.requiresThinkingAsText text-part serialization, avoiding same-model follow-up crashes when previous assistant messages mix thinking and text (#3387)
  - Fixed direct OpenAI Chat Completions sessions to map sessionId and cacheRetention to prompt caching fields, sending prompt_cache_key when caching is enabled and prompt_cache_retention: "24h" for direct api.openai.com requests with long retention (#3426)
  - Fixed OpenAI-compatible Chat Completions sessions to optionally send aligned session_id, x-client-request-id, and x-session-affinity headers from sessionId via compat.sendSessionAffinityHeaders, improving cache-affinity routing for backends such as Fireworks (#3430)
  - Fixed threaded /resume session relationships and current-session detection to canonicalize symlinked session paths during selector comparisons, so shared session directories no longer break parent-child matching or active-session delete protection (#3364)
  - Fixed /session, Sessions docs, and CLI help to consistently document that session reuse supports both file paths and session IDs, and that /session shows the current session ID (#3390)
  - Fixed Windows pnpm global install detection to recognize \\.pnpm\\ store paths, so update notices now suggest pnpm install -g @mariozechner/pi-coding-agent instead of falling back to npm (#3378)
  - Fixed missing @sinclair/typebox runtime dependency in @mariozechner/pi-coding-agent, so strict pnpm installs no longer fail with ERR_MODULE_NOT_FOUND when starting pi (#3434)
  - Fixed xterm uppercase typing in the interactive editor by decoding printable modifyOtherKeys input and normalizing shifted letter matching, so Shift+letter no longer disappears in pi (#3436)
  - Fixed /compact to reuse the session thinking level for compaction summaries instead of forcing high, avoiding invalid reasoning-effort errors on github-copilot/claude-opus-4.7 sessions configured for medium thinking (#3438)
  - Fixed shared/exported plain-text tool output to preserve indentation instead of collapsing leading whitespace in the web share page (#3440)
  - Fixed exported share pages to use browser-safe T and O shortcuts with clickable header toggles for thinking and tool visibility instead of browser-reserved Ctrl+T / Ctrl+O bindings (#3374 by @vekexasia)
  - Fixed skill resolution to dedupe symlinked aliases by canonical path, so pi config no longer shows duplicate skill entries when ~/.pi/agent/skills points to ~/.agents/skills (#3417 by @rwachtler)
  - Fixed OpenRouter request attribution to include Pi app headers (HTTP-Referer: https://pi.dev, X-OpenRouter-Title: pi, X-OpenRouter-Categories: cli-agent) when sessions are created through the coding-agent SDK and install telemetry is enabled (#3414)
  - Fixed custom-model compat schema/docs to support cacheControlFormat: "anthropic" for OpenAI-compatible providers that expose Anthropic-style prompt caching via cache_control markers (#3392)
  - Fixed Cloud Code Assist tool schemas to strip JSON Schema meta-declaration keys before provider translation, avoiding validation failures for tool-enabled sessions that use $schema, $defs, and related metadata (#3412 by @vladlearns)
  - Fixed direct Bedrock sessions to honor model.baseUrl as the runtime client endpoint, restoring support for custom Bedrock VPC or proxy routes (#3402 by @wirjo)
  - Fixed the edit tool to coerce stringified edits JSON before validation, so models that send the array payload as a JSON string no longer fall back to ad-hoc shell edits (#3370 by @dannote)
  - Fixed package manifest positive glob entries to expand before loading packaged resources, restoring manifest patterns such as skills/**/*.md (#3350 by @neonspectra)
5. 🔗 r/Yorkshire Dean's Park, York rss
  
  submitted by /u/RedPandaCommander24
  [link] [comments]
6. 🔗 r/york Dean's Park rss
  
  | submitted by /u/RedPandaCommander24
  [link] [comments]
  ---|---
7. 🔗 HexRaysSA/plugin-repository commits sync repo: +1 release rss
```
sync repo: +1 release

## New releases
- [IDAssist](https://github.com/symgraph/IDAssist): 2.0.0
```
8. 🔗 r/Leeds There was a campaign around 2010 to rename Leeds Bradford airport "Sir Jimmy Savile International" rss
  
  This was a big facebook group and there was a petition to have it made official, especially in the weeks after he died. This was kick started in the Yorkshire Evening Post - the original article in the Yorkshire Evening post has been deleted (shocker) but some websites remain.
  
  submitted by /u/M_M_X_X_V
  [link] [comments]
9. 🔗 r/Leeds Leeds music rss
  
  What bands do you think really define Leeds’ sound? And are there any newer acts people are excited about at the moment?
  
  I put this map together a while ago and I’m thinking of updating it, so would be great to hear what people think, especially if there’s anything obvious I’ve missed or newer bands worth adding.
  
  submitted by /u/TheSenseOfDoubt
  [link] [comments]
10. 🔗 r/wiesbaden Hubschrauber rss
  
  Weiß jemand, was es mit den beiden Hubschrauber-Flügen heute Abend gegen 21:30 auf sich hatte?
  
  Wirkten um einiges größer als ein Polizei- oder Rettungshubschrauber und waren überm Dichterviertel deutlich zu sehen und zu hören.
  
  Werden geplante Flüge von der US Airbase irgendwo angekündigt/öffentlich dokumentiert?
  
  submitted by /u/Tisiphoni1
  [link] [comments]
11. 🔗 r/Yorkshire York cherry blossoms looking spectacular this year rss
  
  submitted by /u/RedPandaCommander24
  [link] [comments]
12. 🔗 @binaryninja@infosec.exchange Binary Ninja 5.3 (Jotunheim) adds new architecture APIs for full function mastodon
  
  Binary Ninja 5.3 (Jotunheim) adds new architecture APIs for full function level lifting. We are already using them for upcoming TMS320C6x work, and plugin authors should be able to put them to good use too. Also new: NDS32 and AArch64 ILP32 ABI updates. Check out the latest blog: https://binary.ninja/2026/04/13/binary-ninja-5.3-jotunheim.html#architecture --platform
13. 🔗 r/wiesbaden Best Schnitzel in town und Umgebung? 🤤 rss
  
  submitted by /u/Haunting-Ad2182
  [link] [comments]
14. 🔗 r/Leeds Harewood House, Gardens and Lake - 2025 rss
  
  Photographs captured by Samuel Greenwood.
  
  submitted by /u/Money_Pie_40
  [link] [comments]
15. 🔗 r/LocalLLaMA Kimi K2.6 rss
  
  | Benchmarks submitted by /u/Fantastic-Emu-3819
  [link] [comments]
  ---|---
16. 🔗 r/LocalLLaMA Kimi K2.6 Released (huggingface) rss
  
  | submitted by /u/BiggestBau5
  [link] [comments]
  ---|---
17. 🔗 r/Yorkshire Leeds man jailed over 140mph chase ending in roundabout crash rss
  
  | submitted by /u/Kagedeah
  [link] [comments]
  ---|---
18. 🔗 sacha chua :: living an awesome life 2026-04-20 Emacs news rss
  I enjoyed reading Hot-wiring the Lisp machine (an adventure into modifying Org publishing). I'm also looking forward to debugging my Emacs Lisp better with timestamped debug messages and ert-play-keys. I hope you also find lots of things you like in the links below!
  - Upcoming events (iCal file, Org):
    
    Emacs APAC: Emacs APAC meetup (virtual) https://emacs-apac.gitlab.io/announcements/ Sat Apr 25 0130 America/Vancouver - 0330 America/Chicago - 0430 America/Toronto - 0830 Etc/GMT - 1030 Europe/Berlin - 1400 Asia/Kolkata - 1630 Asia/Singapore
    
    Emacs Berlin: Emacs-Berlin Hybrid Meetup https://emacs-berlin.org/ Wed Apr 29 1000 America/Vancouver - 1200 America/Chicago - 1300 America/Toronto - 1700 Etc/GMT - 1900 Europe/Berlin - 2230 Asia/Kolkata – Thu Apr 30 0100 Asia/Singapore
    
    M-x Research: TBA https://m-x-research.github.io/ Fri May 1 0800 America/Vancouver - 1000 America/Chicago - 1100 America/Toronto - 1500 Etc/GMT - 1700 Europe/Berlin - 2030 Asia/Kolkata - 2300 Asia/Singapore
  - Beginner:
    
    How do you keep track of new/useful keybindings?
  - Emacs configuration:d
    
    What modern Emacs packages am I missing?
    
    Meow made me leave Evil Mode (17:00)
  - Emacs Lisp:
    
    What are some common code smells that inexperienced Elispers make?
    
    Updated kickingvegas/elisp-for-python - improved sections on map types and iteration (@kickingvegas@sfba.social)
    
    load settings from files sorted by number (@cage@mastodon.bsd.cafe)
    
    dmsg.el: Timestamped debug messages with backtrace support (Reddit)
    
    Defining λ as a macro for lambda (@marcel@van-der-boom.nl)
    
    Listful Andrew: Mars Rovers IV: The Solutions — Emacs Lisp
    
    Listful Andrew: Mars Rovers IX: The Grid Viz Solutions — Emacs Lisp
  - Appearance:
    
    Loading the theme and user face customizations at the right moment
    
    Protesilaos Stavrou: Emacs: new modus-themes-exporter package (YouTube 2:56:36)
    
    faff theme v4.0; now using modus-themes (Reddit)
    
    folio-theme: a warm paper-like light theme for Emacs (Reddit)
    
    Emacs Redux: Batppuccin and Tokyo Night Themes Land on MELPA
  - Navigation:
    
    Emacs Query Replace Is A Bloody Good Way To Make Quick Changes 2026 04 15 02:51:42 (05:33)
    
    Irreal: A Short Report On Help Focus
    
    Tip about using consult-focus-lines
  - Dired:
    
    Marcin Borkowski: Binding TAB in Dired to something useful (Irreal)
    
    James Dyer: Emacs-DIYer: A Built-in dired-collapse Replacement
    
    casual 2.16.0: improvements to Dired for marked file operations and context-sensitive behavior (@kickingvegas@sfba.social)
  - Writing:
    
    Dave Pearson: boxquote.el v2.4 - added a transient
    
    Dave Pearson: blogmore.el v4.1 - change image extension to webp
    
    Launching a new grammar/spell checking tool for Org-mode, LaTeX, Markdown, Python, Clang, etc. (Reddit)
    
    ekg version 0.9.0: New notes UI, Apple Notes Syncing, agentic actions and org integration (YouTube 21:36)
  - Org Mode:
    
    Remember everything with Org Mode (10:17)
    
    Organizing my retirement with org-mode – Andy Sylvester's Web
    
    Org-roam pour la prise de notes (avec Spacemacs) (20:37)
    
    org-auto-scheduler (r/emacs, r/orgmode)
    
    folgezett.el a package for Org-Roam users (Reddit)
    
    Avoiding mismatched Org versions by removing ELPA/MELPA packages and other Org performance tips (@publicvoit@graz.social)
    
    Emacs as a Math Notebook and Advanced Symbolic Solver! (Irreal)
    
    #28 bbb:OrgMeetup on Wed, March 11, 19:00 UTC+3 - meeting notes (@yantar92@fosstodon.org)
    
    Import, export, and integration:
    
    Graphs in Org-Mode! Matplotlib Demo (Reddit)
    
    [EMACS LAB] #4: "literate" programming (org-babel) (01:38:44)
    
    Org Mode requests: [RFC] Drop GoogleCL from LoB + ideas for a replacement?
    
    James Endres Howell: Embedding a Mastodon thread as comments to a blog post - org-static-blog-emfed
    
    Sacha Chua: Org Mode: JS for translating times to people's local timezones
    
    Sacha Chua: Create a Google Calendar event from an Org Mode timestamp
    
    Recent Features Added to lazyblorg (Static Blog Generator) (@jameshowell@fediscience.org)
    
    Hot-wiring the lisp machine (Reddit, lobste.rs) - modifying publishing
    
    Org development:
    
    New function org–forward-sentence-thing-at-point-provider
  - Completion:
    
    Completion is a Substrate, not a UI (Reddit, lobste.rs)
    
    VOMPECCC: A Modular Completion Framework for Emacs (Reddit)
  - Coding:
    
    Tip about using eglot-extend-to-xref
    
    New Package: eglot-rcpp for simplifying Rcpp package development in emacs (Reddit)
    
    Scheme for Beginners 2: Guile and Emacs (04:56)
    
    Shipit update: Atlassian Dashboard for Jira, PR↔issue linking, and activity-level notification navigation
    
    [Showcase] k8s-to-puml: Deterministic Kubernetes diagrams from your manifests using Tree-sitter and GOFAI rules (Reddit)
  - Shells:
    
    Gal Buki: Clipboard in terminal Emacs with WezTerm
  - Web:
    
    paw browser extension can now manage tabs and send tab info, copy links to Emacs (Reddit) Chrome/Firefox extension for sending page context via org-protocol
  - Doom Emacs:
    
    My Doom Emacs config for software development — 150 lines covering LSP, Magit, org-roam, and a custom dashboard
  - Multimedia:
    
    el-gpu (Video 1:46, 79M)
    
    YE17: Livestream conveniences, editing yesterday's transcript (50:50)
    
    Sacha Chua: Make chapter markers and video time hyperlinks easier to note while I livestream
  - Fun:
    
    Dave Pearson: wordcloud.el v1.4
    
    Dave Pearson: slstats.el v1.11 - Second Life grid
  - AI:
    
    Agentic development workflow in Emacs
    
    anvil.el — Forge Emacs into Claude Code's weapon (Reddit)
    
    Headless Emacs + Org + LLMs in Docker as a backend for personal automation (Reddit)
    
    Announcing llm-test, a very high-level testing framework for Emacs (Reddit)
  - Community:
    
    VSCode too SLOW | switch to Emacs and go to PLAID (06:59)
    
    Cocinándose la renovación de la Web… | Hacia la Hispa-Emacs Conf. 2026 ! (@hispaemacs@fosstodon.org)
    
    Sacha Chua: YE16: Sacha and Prot talk Emacs
    
    Eric MacAdie: 2026-04 Austin Emacs Meetup
    
    26: Why You'll Never Switch Editors (And What You're Missing)
  - Other:
    
    Tip about setting w32-use-visible-system-caret to nil on Windows
    
    # omarchy.el - Emacs integration for Omarchy (Reddit)
    
    trust-manager.el — Towards Trust in Emacs (Reddit, HN, long discussion on emacs-devel)
    
    emskin: a nested Wayland compositor in Rust that embeds any app into Emacs windows (Reddit)
    
    Dave's blog: Posframe for everything
  - Emacs development:
    
    emacs-devel:
    
    External loops and Emacs: state machines vs two C stacks - Vladimir Kazanov
    
    Re: Alternative Emacs logo - Philip Kaludercic (SVG)
    
    RE: Translation of manuals (was: SES manual French translation) - Vincent Belaïche - texinfo bug for UTF-8
    
    Restrict Dired handling of newlines in file names
    
    ; * etc/NEWS: Presentational fixes and improvements.
    
    Announce ert-play-keys in etc/NEWS.
    
    New faces 'tab-line-active' and 'tab-line-inactive' (bug#80742)
  - New packages:
    
    agent-recall: Search and browse agent-shell conversation transcripts (MELPA)
    
    batppuccin: Shared infrastructure for Batppuccin themes (MELPA)
    
    citar-vulpea: Minor mode integrating Citar and Vulpea (MELPA)
    
    comet-trail: Cursor comet trail effect (MELPA)
    
    elixir-iex: IEx REPL via eat terminal emulator (MELPA)
    
    go-prettify-mode: Hide `if err != nil' and prettify them (MELPA)
    
    hidepass: Hide passwords at one or multiple lines (MELPA)
    
    http-server: Speaks HTTP for you (MELPA)
    
    modus-ewal-theme: Modus theme that uses pywal colors powered by ewal (MELPA)
    
    python-unicode-escape: Completion for Python \N{NAME} escapes (MELPA)
    
    rimel: A lightweight Rime input method (MELPA)
    
    rocq-timing: Display timing of rocq commands in buffer (MELPA)
    
    sidebuf: Buffer list sidebar panel (MELPA)
  Links from reddit.com/r/emacs, r/orgmode, r/spacemacs, Mastodon #emacs, Bluesky #emacs, Hacker News, lobste.rs, programming.dev, lemmy.world, lemmy.ml, planet.emacslife.com, YouTube, the Emacs NEWS file, Emacs Calendar, and emacs-devel. Thanks to Andrés Ramírez for emacs-devel links. Do you have an Emacs-related link or announcement? Please e-mail me at sacha@sachachua.com. Thank you!
  
  View Org source for this post
  
  You can comment on Mastodon or e-mail me at sacha@sachachua.com.
19. 🔗 r/LocalLLaMA When you dial in your bot’s personality rss
  
  | sycophancy: deleted efficiency per token:+1000% friendship: just beginning edit: “sup” got cut off at top submitted by /u/technaturalism
  [link] [comments]
  ---|---
20. 🔗 r/Leeds Things to do in Leeds rss
  
  Going to Leeds as a work trip this week and staying there for full day. Can yall recommend places to go to or your favourite food places ?
  
  Thank you 💗
  
  submitted by /u/ConsciousBowler4019
  [link] [comments]
21. 🔗 r/Leeds Anyone lost a ferret? rss
  
  seen along the canal near city island. seemed domesticated but kinda skinny
  
  submitted by /u/fluxpeach
  [link] [comments]
22. 🔗 r/reverseengineering Reconstructing a Dead USB protocol: From Unknown Chip to Working Implementation rss
  
  submitted by /u/Bobby_Bonsaimind
  [link] [comments]
23. 🔗 r/wiesbaden Moving to Wiesbaden rss
  
  Hello everyone
  
  I’m starting a new job in Wiesbaden this August and I desperately need an apartment.
  
  Currently im living near Freiburg.
  
  I don’t need a lot of space but I do have a dog which isn’t gonna make getting an apartment easy.
  
  Do you have any tips or suggestions for me?
  
  Thank you in advance!
  
  submitted by /u/Skoobdie
  [link] [comments]
24. 🔗 r/york Early spring at the Minster rss
  
  | submitted by /u/RedDevilPlay
  [link] [comments]
  ---|---
25. 🔗 r/wiesbaden Hiking Wiesbaden/Mainz/Lorch rss
  
  Is anyone interested in hiking this Saturday? Weather is perfect - (Flexible route and time)Lorch to Rewe to Lorchhausen..https://maps.app.goo.gl/K9NB4gg6NomsTvWs5
  
  submitted by /u/Ok-Muscle-9502
  [link] [comments]
26. 🔗 r/york York Mosque Community Kitchen | THURSDAY 23 APRIL 12:00 - 13:30. rss
  
  | Welcome back to our neighbours & friends in r/York! York Mosque Community Kitchen will be back open on Thursday 23rd April between 12:00 and 13:30, where our dedicated volunteers will be cooking and serving two delicious dishes for lunch. We hope to see you there! Bring someone with you who's in need of a good meal and a friendly chat. Always free, everyone welcome! submitted by /u/YorkMosque-Kitchen
  [link] [comments]
  ---|---
27. 🔗 r/reverseengineering SASS King: reverse engineering NVIDIA SASS rss
  
  submitted by /u/CurrentLawfulness358
  [link] [comments]
28. 🔗 r/wiesbaden Nix pflück! rss
  
  submitted by /u/Happycosinus
  [link] [comments]
29. 🔗 r/Harrogate The Neverending Harrogate Roadworks Tour has come to my street rss
  
  | Which means I’m minorly inconvenienced for the next couple of days as there’s no parking on street. The surface of roads isn’t really my forte so can someone explain the issue with the road here? I’m fairly certain they resurfaced and repainted it last year and it’s one of the few Harrogate roads with zero potholes. submitted by /u/kamasutramarkviduka
  [link] [comments]
  ---|---
30. 🔗 r/reverseengineering /r/ReverseEngineering's Weekly Questions Thread rss
  
  To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the Reverse Engineering StackExchange. See also /r/AskReverseEngineering.
  
  submitted by /u/AutoModerator
  [link] [comments]
31. 🔗 r/Yorkshire Throwback to 2023. Fountains Abbey hits different in the sun. rss
  
  | Found this photo from three years ago. Fountains Abbey looking bright and the daffodils were just perfect. What’s your favourite spot for a spring walk? Is it looking like this yet? submitted by /u/Happy-Fox11
  [link] [comments]
  ---|---
32. 🔗 backnotprop/plannotator v0.18.0 release
  Follow @plannotator on X for updates
  
  Missed recent releases? Release | Highlights
  ---|---
  v0.17.10 | HTML and URL annotation, loopback binding by default, Safari scroll fix, triple-click fix, release pipeline smoke tests
  v0.17.9 | Hotfix: pin Bun to 1.3.11 for macOS binary codesign regression
  v0.17.8 | Configurable default diff type, close button for sessions, annotate data loss fix, markdown rendering polish
  v0.17.7 | Fix "fetch did not return a Response" error in OpenCode web/serve modes
  v0.17.6 | Bun.serve error handlers for diagnostic 500 responses, install.cmd cache fix
  v0.17.5 | Fix VCS detection crash when p4 not installed, install script cache path fix
  v0.17.4 | Vault browser merged into Files tab, Kanagawa themes, Pi idle session tool fix
  v0.17.3 | Sticky lane repo/branch badge overflow fix
  v0.17.2 | Supply-chain hardening, sticky toolstrip and badges, overlay scrollbars, external annotation highlighting, Conventional Comments
  v0.17.1 | Pi PR review parity, parseRemoteUrl rewrite, cross-repo clone fixes, diff viewer flash fix
  v0.17.0 | AI code review agents, token-level annotation, merge-base diffs
  v0.16.7 | Gemini CLI plan review, install script skills directory fix
  
  What's New in v0.18.0
  
  v0.18.0 adds focus & wide modes for annotate, first-class OpenCode detection, word-level inline plan diffs, content negotiation for URLs that publish Markdown (via Cloudflare), and inline color swatches in the plan viewer. 13 PRs, 7 from external contributors — 6 of them first-timers.
  
  Word-Level Inline Plan Diff
  
  The old plan diff stacked the full old block above the full new block whenever a paragraph was modified. A single word change showed the same paragraph twice with no visual cue to where the edit actually happened. Readers ended up comparing two nearly identical blocks line by line to find the delta.
  
  The new default Rendered mode performs a second-pass word diff on modified blocks and highlights only the changed tokens inline. A one-word reword now reads as a single paragraph with <ins> and <del> markers on exactly the changed words. Inline code spans, markdown links, and fenced code blocks are preserved as atomic units through a sentinel substitution pass, so diff markers can't split them.
  
  A third mode switcher tab, "Classic," keeps the legacy block-level stacked rendering for users who prefer it. Raw git-style output is unchanged. Modified blocks are click-to-annotate directly, with both the old and new content captured in the exported feedback so comments on struck-through words keep their context.
  
  Amber borders on modified blocks complete the green/red/yellow convention used by GitHub and VS Code.
  - #565 by @backnotprop, closing #560 requested by @pbowyer
  Wide and Focus Modes
  
  Wide markdown tables were unreadable because both side panels (TOC on the left, annotations on the right) stayed fixed while the reader width was capped. Tables wrapped awkwardly or required horizontal scrolling inside a narrow column.
  
  Two new toggles sit above the document and next to the lightning-bolt action:
  - Wide hides both panels and removes the reader width cap. Wide tables and code fences get the full document area.
  - Focus hides both panels but keeps the normal reader width. Distraction-free reading without stretching the content.
  Enabling either mode collapses the left sidebar, hides the annotations panel and resize handle, and toggles the width cap accordingly. Exiting restores the exact previous layout, including which sidebar tab was open. Opening any sidebar or annotations panel automatically exits.
  
  Available in plan review, annotate, and linked-doc overlays. Archive mode and plan-diff view keep the standard layout.
  - #578 by @dgrissen2
  First-Class OpenCode Detection
  
  The origin detection chain in the hook server didn't include OpenCode. Every OpenCode invocation fell through to the claude-code default, which loaded the wrong UI variant: missing agent-switch toggle, wrong agent badge. The opencode origin key was already defined in AGENT_CONFIG with its badge styling in place, but the detection side was never wired up.
  
  OpenCode is now detected via OPENCODE=1, the canonical runtime flag set unconditionally by the OpenCode binary. The full priority order is:
```
PLANNOTATOR_ORIGIN > Codex > Copilot CLI > OpenCode > Claude Code (default)
```
  The PLANNOTATOR_ORIGIN environment variable was documented in the source but never read. It now functions as an explicit override at the top of the chain, validated against AGENT_CONFIG so invalid values fall through to env-based detection instead of breaking.
  - #590 by @HeikoAtGitHub
  Content Negotiation for Markdown-Serving URLs
  
  When you run plannotator annotate https://..., the tool goes through Jina Reader (or Turndown as a fallback) to convert HTML to markdown. But a growing number of sites — including Cloudflare's developer docs — now publish Markdown directly when you ask for it. Routing those through an HTML-to-markdown converter is wasteful and loses fidelity.
  
  URL annotation now tries Accept: text/markdown, text/html;q=0.9 first, with a 5-second timeout. If the server returns content-type: text/markdown, the response is used directly — one fetch, no conversion. If the server returns HTML or the request fails, it falls through silently to the existing Jina/Turndown pipeline. Local URLs skip negotiation entirely.
  
  A new content-negotiation source type is recorded on the result so the UI can indicate which path produced the content.
  - #557 by @backnotprop
  Hex Color Swatches in the Plan Viewer
  
  Frontend plans reference hex color values constantly — design tokens, Tailwind overrides, CSS variable assignments, component palette decisions. Reviewers had to mentally decode every #ff6600 or open a color picker to follow the author's intent.
  
  The plan viewer now renders a small filled swatch inline, immediately to the left of the hex code. The swatch is a 14×14 rounded square matching the referenced color. Supports 3-, 4-, 6-, and 8-digit hex with a negative lookahead that excludes URL anchors, CSS id selectors, and any identifier that continues with word characters.
  
  The color value is constrained by the regex before reaching React, and rendered via the React style object — not cssText — so there's no CSS injection path. 19 tests cover valid patterns, false-positive guards, and injection attempts.
  - #562 by @Pran-Ker
  Self-Hosted Paste Service Support
  
  Short-link sharing for larger plans routes through a paste service at plannotator-paste.plannotator.workers.dev. Self-hosted deployments had no way to point at their own paste service — the URL was hardcoded in the OpenCode plugin.
  
  The PLANNOTATOR_PASTE_URL environment variable now configures a custom paste endpoint. The OpenCode plugin reads it via a new getPasteApiUrl dependency that flows through command handlers (annotate, annotate-last, archive) and the review server. The Landing component accepts a shareBaseUrl prop with a fallback to the default. CORS documentation in the paste service now includes explicit guidance for self-hosters.
  
  Backward compatible: unset PLANNOTATOR_PASTE_URL continues to use the hosted default.
  - #582 by @backnotprop, closing #580 reported by @ndesjardins-comact
  OpenCode Review: Reuse the Existing Local Server
  
  On subsequent review commands, the OpenCode AI review path tried to start a second opencode serve and collided with the existing local server on port 4096. The first opencode serve wasn't being cleaned up, so port conflicts were guaranteed on the second invocation.
  
  The review flow now attaches to the default local OpenCode server at 127.0.0.1:4096 if one is already running. If nothing is listening, it spawns a new instance as before. No extra lifecycle management, no extra ports — just reuse what's already there.
  
  The PR also fixes two local-testing issues uncovered along the way: the source-loaded OpenCode plugin was resolving bundled HTML from the wrong directory, and the sandbox + postinstall paths were not using the documented plugins/ and commands/ directories.
  - #567 by @oorestisime, closing #513 reported by @alexey-igrychev
  Additional Changes
  - ~ expansion in user-entered file paths — The shared path resolver now expands home-relative ~ in annotate entrypoints and the Bun and Pi reference handlers, so file, folder, vault, and linked-document paths all handle ~ consistently. #572 by @AlexanderKolberg
  - Thumbs-up quick label on the annotation toolbar — A one-click "Looks good" 👍 button sits before the existing quick labels menu, with green hover styling to match the semantic. #588 by @backnotprop
  - Save as PDF discoverability — The action menu label is now "Print / Save as PDF" with a subtitle explaining how to choose Save as PDF in the system print dialog. No new print pipeline — just making the existing capability findable. #587 by @backnotprop
  - Disable auto-invocation of plannotator slash commands in Claude Code — The four plannotator Claude Code command definitions (annotate, archive, last, review) now carry disable-model-invocation: true, preventing the model from running them automatically. #586 by @backnotprop
  - Stop forcing an agent cycle in OpenCode — agent_cycle assumed only a build and plan agent and broke when users had other agents defined. Removed. #564 by @andreineculau
  - RSS feed link in the marketing layout — The blog's RSS feed is now advertised in the shared <head> so feed readers and browsers can discover it automatically. #573 by @dotemacs
  Install / Update
  
  macOS / Linux:
```
curl -fsSL https://plannotator.ai/install.sh | bash
```
  Windows PowerShell:
```
irm https://plannotator.ai/install.ps1 | iex
```
  Pin a specific version:
```
curl -fsSL https://plannotator.ai/install.sh | bash -s -- --version v0.18.0
```
  Claude Code Plugin: Run /plugin in Claude Code, find plannotator , and click "Update now".
  
  Copilot CLI:
```
/plugin marketplace add backnotprop/plannotator
/plugin install plannotator-copilot@plannotator
```
  Gemini CLI: The install script auto-detects ~/.gemini and configures hooks, policy, and slash commands.
  
  OpenCode: Clear cache and restart:
```
rm -rf ~/.cache/opencode/packages/@plannotator ~/.bun/install/cache/@plannotator
```
  Then in opencode.json:
```
{
  "plugin": ["@plannotator/opencode@latest"]
}
```
  Pi: Install or update the extension:
```
pi install npm:@plannotator/pi-extension
```
  VS Code Extension: Install from the VS Code Marketplace.
  
  What's Changed
  - feat(annotate): content negotiation for Markdown for Agents by @backnotprop in #557
  - feat(viewer): render color swatches next to hex color codes by @Pran-Ker in #562
  - don't change current agent by @andreineculau in #564
  - feat(plan-diff): word-level inline diff rendering by @backnotprop in #565
  - fix(opencode): reuse local server for review flows by @oorestisime in #567
  - Add ~ support for user-entered file paths by @AlexanderKolberg in #572
  - Fix for RSS feed by @dotemacs in #573
  - Add annotate wide mode by @dgrissen2 in #578
  - Add configurable paste service URL for self-hosting by @backnotprop in #582
  - Prevent model from auto-invoking plannotator slash commands by @backnotprop in #586
  - Surface Save as PDF via existing print flow by @backnotprop in #587
  - Add thumbs up quick label button to annotation toolbar by @backnotprop in #588
  - feat: detect OpenCode origin + activate PLANNOTATOR_ORIGIN override by @HeikoAtGitHub in #590
  New Contributors
  - @Pran-Ker made their first contribution in #562
  - @andreineculau made their first contribution in #564
  - @oorestisime made their first contribution in #567
  - @AlexanderKolberg made their first contribution in #572
  - @dotemacs made their first contribution in #573
  - @HeikoAtGitHub made their first contribution in #590
  Contributors
  
  @Pran-Ker shipped inline hex color swatches in the plan viewer, with a carefully constrained regex, a negative lookahead to avoid URL anchors and CSS selectors, and 19 tests including explicit injection guards.
  
  @andreineculau removed the agent_cycle call that assumed everyone had only build and plan agents in OpenCode, fixing a bug introduced by #40.
  
  @oorestisime fixed the OpenCode review port collision by reusing the existing local opencode serve at 127.0.0.1:4096 instead of spawning a second one, and cleaned up two local-testing path issues along the way.
  
  @AlexanderKolberg added ~ home- directory expansion to the shared path resolver so annotate entrypoints and the Bun and Pi reference handlers all treat ~/file.md the same way.
  
  @dotemacs added the RSS autodiscovery <link> to the marketing site layout so feed readers and browsers can pick up the blog feed automatically.
  
  @dgrissen2 returned with annotate wide mode — a toggle that collapses both side panels and removes the reader width cap, gated to annotate sessions only, with layout restoration on exit. This follows their prior work on linked-doc navigation, image lightboxing, smart file resolution, and the purple P favicon.
  
  @HeikoAtGitHub wired OpenCode into the origin detection chain (via OPENCODE=1) and activated the PLANNOTATOR_ORIGIN override that had been documented but never read, with seven headless detection tests covering the new priority order.
  
  Community issue reporters:
  - @pbowyer filed #560 with a detailed request for word-level diffs and diff display options — that issue directly shaped the design of the new Rendered/Classic/Raw mode switcher.
  - @ndesjardins-comact reported #580, the hardcoded share URL blocking custom-domain usage, which drove the PLANNOTATOR_PASTE_URL work.
  - @alexey-igrychev reported both #513 (the opencode serve port collision) and #514 (empty response bubbles in the OpenCode AI tab).
  Full Changelog : v0.17.10...v0.18.0
33. 🔗 matklad 256 Lines or Less: Test Case Minimization rss
  256 Lines or Less: Test Case Minimization
  
  Apr 20, 2026
  
  Property Based Testing and fuzzing are a deep and science-intensive topic. There are enough advanced techniques there for a couple of PhDs, a PBT daemon, and a client-server architecture. But I have this weird parlor-trick PBT library, implementable in a couple of hundred lines of code in one sitting.
  
  This week I’ve been thinking about a cool variation of a consensus algorithm. I implemented it on the weekend. And it took just a couple of hours to write a PBT library itself first, and then a test, that showed a deep algorithmic flaw in my thinking (after a dozen trivial flaws in my coding). So, I don’t get to write more about consensus yet, but I at least can write about the library. It is very simple, simplistic even. To use an old Soviet joke about Babel and Bebel, it’s Gogol rather than Hegel. But for just 256 lines, it’s one of the highest power-to-weight ratio tools in my toolbox.
  
  Read this post if:
  - You want to stretch your generative testing muscles.
  - You are a do-it-yourself type, and wouldn’t want to pull a ginormous PBT library off the shelf.
  - You would pull a library, but want to have a more informed opinion about available options, about essential and accidental complexity.
  - You want some self-contained real-world Zig examples :P
  Zig works well here because it, too, is exceptional in its power-to-weight.
  
  FRNG
  
  The implementation is a single file, FRNG.zig, because the core abstraction here is a Finite Random Number Generator — a PRNG where all numbers are pre-generated, and can run out. We start with standard boilerplate:
```
const std = @import("std");
const assert = std.debug.assert;

entropy: []const u8,

pub const Error = error{OutOfEntropy};

const FRNG = @This();

pub fn init(entropy: []const u8) FRNG {
    return .{ .entropy = entropy };
}
```
  In Zig, files are structs: you obviously need structs, and the language becomes simpler if structs are re-used for what files are. In the above const FRNG = @This() assigns a conventional name to the file struct, and entropy: []const u8 declares instance fields (only one here). const Error and fn init are “static” (container level) declarations.
  
  The only field we have is just a slice of raw bytes, our pre-generated random numbers. And the only error condition we can raise is OutOfEntropy.
  
  The simplest thing we can generate is a slice of bytes. Typically, API for this takes a mutable slice as an out parameter:
```
pub fn fill(prng: *PRNG, bytes: []u8) void { ... }
```
  But, due to pre-generated nature of FRNG, we can return the slice directly, provided that we have enough entropy. This is going to be our (sole) basis function, everything else is going to be a convenience helper on top:
```
pub fn bytes(frng: *FRNG, size: usize) Error![]const u8 {
    if (frng.entropy.len < size) return error.OutOfEntropy;
    const result = frng.entropy[0..size];
    frng.entropy = frng.entropy[size..];
    return result;
}
```
  The next simplest thing is an array (a slice with a fixed size):
```
pub fn array(frng: *FRNG, comptime size: usize) Error![size]u8 {
    return (try frng.bytes(size))[0..size].*;
}
```
  Notice how Zig goes from runtime-known slice length, to comptime known array type. Because size is a comptime constant, slicing []const u8 with [0..size] returns a pointer to array, *const [size]u8.
  
  We can re-interpret a 4-byte array into u32. But, because this is Zig, we can trivially generalize the function to work for any integer type, by passing in Int comptime parameter of type type:
```
const builtin = @import("builtin");

pub fn int(frng: *FRNG, Int: type) Error!Int {
    comptime {
        assert(@typeInfo(Int).int.signedness == .unsigned);
        assert(builtin.cpu.arch.endian() == .little);
    }
    return @bitCast(try frng.array(@sizeOf(Int)));
}
```
  This function is monomorphised for every Int type, so @sizeOf(Int) becomes a compile-time constant we can pass to fn array.
  
  Production code would be endian-clean here, but, for simplicity, we encode our endianness assumption as a compile-time assertion. Note how Zig communicates information about endianness to the program. There isn’t any kind of side- channel or extra input to compilation, like --cfg flags. Instead, the compiler materializes all information about target CPU as Zig code. There’s a builtin.zig file somewhere in the compiler caches directory that contains
```
pub const cpu: std.Target.Cpu = .{
    .arch = .aarch64,
    .model = &std.Target.aarch64.cpu.apple_m3,
    // ...
}
```
  This file can be accessed via @import("builtin") and all the constants inspected at compile time.
  
  We can make an integer, and a boolean is even easier:
```
pub fn boolean(frng: *FRNG) Error!bool {
    return (try frng.int(u8)) & 1 == 1;
}
```
  Strictly speaking, we only need one bit, not one byte, but tracking individual bits is too much of a hassle.
  
  From an arbitrary int, we can generate an int in range. As per Random Numbers Included, we use a closed range, which makes the API infailable and is usually more convenient at the call-site:
```
pub fn int_inclusive(frng: *FRNG, Int: type, max: Int) Error!Int
```
  As a bit of PRNG trivia, while this could be implemented as frng.int(Int) % (max + 1), the result will be biased (not uniform). Consider the case where Int = u8, and a call like frng.int_inclusive(u8, 64 * 3).
  
  The numbers in 0..64 are going to be twice as likely as the numbers in 64..(64*3), because the last quarter of 256 range will be aliased with the first one.
  
  Generating an unbiased number is tricky and might require drawing arbitrary number of bytes from entropy. Refer to https://www.pcg- random.org/posts/bounded-rands.html for details. I didn’t, and copy-pasted code from the Zig standard library. Use at your own risk!
```
pub fn int_inclusive(frng: *FRNG, Int: type, max: Int) Error!Int {
    comptime assert(@typeInfo(Int).int.signedness == .unsigned);
    if (max == std.math.maxInt(Int)) return try frng.int(Int);

    const bits = @typeInfo(Int).int.bits;
    const less_than = max + 1;

    var x = try frng.int(Int);
    var m = std.math.mulWide(Int, x, less_than);
    var l: Int = @truncate(m);
    if (l < less_than) {
        var t = -%less_than;

        if (t >= less_than) {
            t -= less_than;
            if (t >= less_than) t %= less_than;
        }
        while (l < t) {
            x = try frng.int(Int);
            m = std.math.mulWide(Int, x, less_than);
            l = @truncate(m);
        }
    }
    return @intCast(m >> bits);
}
```
  Now we can generate an int bounded from above and below:
```
pub fn range_inclusive(
    frng: *FRNG, Int: type,
    min: Int, max: Int,
) Error!Int {
    comptime assert(@typeInfo(Int).int.signedness == .unsigned);
    assert(min <= max);
    return min + try frng.int_inclusive(Int, max - min);
}
```
  Another common operation is picking a random element from a slice. If you want to return a pointer to a element, you’ll need a const and mut versions of the function. A simpler and more general solution is to return an index:
```
pub fn index(frng: *FRNG, slice: anytype) Error!usize {
    assert(slice.len > 0);
    return try frng.range_inclusive(usize, 0, slice.len - 1);
}
```
  At the call site, xs[try frng.index(xs)] doesn’t look too bad, is appropriately const-polymorphic, and is also usable for multiple parallel arrays.
  
  Simulation
  
  So far, we’ve spent about 40% of our line budget implementing a worse random number generator that can fail with OutOfEntropy at any point in time. What is it good for?
  
  We use it to feed our system under test with random inputs, see how it reacts, and check that it does not crash. If we code our system to crash if anything unexpected happens and our random inputs cover the space of all possible inputs, we get a measure of confidence that bugs will be detected in testing.
  
  For my consensus simulation, I have a World struct that holds a FRNG and a set of replicas:
```
const World = struct {
    frng: *FRNG,
    replicas: []Replica,
    // ...
};
```
  World has methods like:
```
fn simulate_request(world: *World) !void {
    const replica = try world.frng.index(world.replicas);
    const payload = try world.frng.int(u64);

    world.send_payload(replica, payload);
}
```
  I then select which method to call at random:
```
fn step(world: *World) !void {
    const action = try world.frng.weighted(.{
        .request = 10,
        .message = 20,
        .crash = 1,
    });
    switch (action) {
        .request => try world.simulate_request(),
        .message => { ... },
        .crash => { ... },
    }
}
```
  Here, fn weighted is another FRNG helper that selects an action at random, proportional to its weight. This helper needs quite a bit more reflection machinery than we’ve seen so far:
```
pub fn weighted(
    frng: *FRNG,
    weights: anytype,
) Error!std.meta.FieldEnum(@TypeOf(weights)) {
    const fields =
        comptime std.meta.fieldNames(@TypeOf(weights));

    var total: u32 = 0;
    inline for (fields) |field|
        total += @field(weights, field);
    assert(total > 0);

    var pick = try frng.int_inclusive(u64, total - 1);
    inline for (fields) |field| {
        const weight = @field(weights, field);
        if (pick < weight) {
            return @field(
                std.meta.FieldEnum(@TypeOf(weights)),
                field,
            );
        }
        pick -= weight;
    }
    unreachable;
}
```
  weights: anytype is compile-time duck-typing. It means that our weighted function is callable with any type, and each specific type creates a new monomorphised instance of a function. While we don’t explicitly name the type of weights, we can get it as @TypeOf(weights).
  
  FieldEnum is a type-level function that takes a struct type:
```
const S = struct {
    foo: bool,
    bar: u32,
    baz: []const u8
};
```
  and turns it into an enum type, with a variant per-field, exactly what we want for the return type:
```
const E = enum { foo, bar, baz };
```
  Tip: if you want to quickly learn Zig’s reflection capabilities, study the implementation of std.meta and std.enums in Zig’s standard library.
  
  The @field built-in function accesses a field given comptime field name. It’s exactly like Python’s getattr / setattr with an extra restriction that it must be evaluated at compile time.
  
  To add one more twist here, I always find it hard to figure out which weights are reasonable, and like to generate the weights themselves at random at the start of the test:
```
pub fn swarm_weights(frng: *FRNG, Weights: type) Error!Weights {
    var result: Weights = undefined;
    inline for (comptime std.meta.fieldNames(Weights)) |field| {
        @field(result, field) = try frng.range_inclusive(u32, 1, 100);
    }
    return result;
}
```
  (If you feel confused here, check out Swarm Testing Data Structures)
  
  Stepping And Runnig
  
  Now we have enough machinery to describe the shape of test overall:
```
fn run_test(gpa: Allocator, frng: *FRNG) !void {
    var world = World.init(gpa, &frng) catch |err|
        switch (err) {
            error.OutOfEntropy => return,
            else => return err,
        };
    defer world.deinit(gpa);

    while (true) {
        world.step() catch |err| switch (err) {
            error.OutOfEntropy => break,
        };
    }
}

const World = struct {
    frng: *FRNG,
    weights: ActionWeights,

    // ...

    const ActionWeights = struct {
        request: u32,
        message: u32,
        crash: u32,
        // ...
    };

    pub fn init(gpa: Allocator, frng: *FRNG) !void {
        const weights = try frng.swarm_weights(ActionWeights);
        // ...
    }

    fn step(world: *World) error{OutOfEntropy}!void {
        const action = try world.frng.weighted(world.weights);
        switch (action) {
            .request => { ... },
            // ...
        }
    }
};
```
  A test needs an FRNG (which ultimately determines the outcome) and an General Purpose Allocator for the World. We start by creating a simulated World with random action weights. If FRNG entropy is very low, we can run out of entropy even at this stage. We assume that the code is innocent until proven guilty — if we don’t have enough entropy to find a bug, this particular test returns success. Don’t worry, we’ll make sure that we have enough entropy elsewhere.
  
  We use catch |err| switch(err) to peel off OutOfEntropy error. I find that, whenever I handle errors in Zig, very often I want to discharge just a single error from the error set. I wish I could use parenthesis with a catch:
```
// NOT ACTUALY ZIG :(

var world = try World.init(gpa, &frng)
    catch (error.OutOfEntropy) return;
```
  Anyway, having created the World, we step through it while we still have entropy left. If any step detects an internal inconsistency, the entire World crashes with an assertion failure. If we got to the end of while(true) loop, we know that at least that particular slice of entropy didn’t uncover anything suspicious.
  
  Notice what isn’t there. We aren’t generating a complete list of actions up- front. Rather, we make random decisions as we go, and can freely use the current state of the World to construct a menu of possible choices (e.g., when sending a message, we can consider only not currently crashed replicas).
  
  Binary Search the Answer
  
  And here we can finally see the reason why we bothered writing a custom Finite PRNG, rather than using an off-the-shelf one. The amount of entropy in FRNG defines the complexity of the test. The fewer random bytes we start with, the faster we exit the step loop. And this gives us an ability to minimize test cases essentially for free.
  
  Suppose you know that a particular entropy slice makes the test fail (cluster enters split brain at the millionth step). Let’s say that the slice was 16KiB. The obvious next step is to see if just 8KiB would be enough to crash it. And, if 8KiB isn’t, than perhaps 12KiB?
  
  You can *binary search* the minimal amount of entropy that’s enough for the test to fail. And this works for any test, it doesn’t have to be a distributed system. If you can write the code to generate your inputs randomly, you can measure complexity of each particular input by measuring how many random bytes were drawn in its construction.
  
  And now the hilarious part — of course it seems that the way to minimize entropy is to start with a particular failing slice and apply genetic- algorithm mutations to it. But a much simpler approach seems to work in practice — just generated a fresh, shorter entropy slice. If you found some failure at random, then you should be able to randomly stumble into a smaller failing example, if one exists — there are much fewer small examples, so finding a failing one becomes easier when the size goes down!
  
  The Searcher
  
  The problem with binary searching for failing entropy is that a tripped assertion crashes the program. There’s no unwinding in Zig. For this reason, we’ll move the search code to a different process. So a single test will be a binary with a main function, that takes entropy on stdin.
  
  Zig’s new juicy main makes writing this easier than in any previous versions of Zig :D
```
pub fn main(init: std.process.Init) !void {
    const gpa = init.gpa;
    const io = init.io;

    var stdin_reader = std.Io.File.stdin().reader(io, &.{});
    const entropy = try stdin_reader.interface
        .allocRemaining(gpa, .unlimited);
    defer gpa.free(entropy);

    var frng = FRNG.init(entropy);

    var world = World.init(gpa, &frng, .{}) catch |err|
        switch (err) {
            error.OutOfEntropy => return,
            else => return err,
        };
    defer world.deinit(gpa);

    world.run();
}
```
  Main gets Init as an argument, which provides access to things like command line arguments, default allocator and a default Io implementation. These days, Zig eschews global ambient IO capabilities, and requires threading an Io instance whenever we need to make a syscall. Here, we need Io to read stdin.
  
  Now we will implement a harness to call this main. This will be FRNG.Driver:
```
pub const Driver = struct {
    io: std.Io,
    sut: []const u8,
    buffer: []u8,

    const log = std.log;
};
```
  It will be spawning external processes, so it’ll need an Io. We also need a path to an executable with a test main function, a System Under Test. And we’ll need a buffer to hold the entropy. This driver will be communicating successes and failures to the users, so we also prepare a log for textual output.
  
  How we get entropy to feed into sut? Because we are only interested in entropy size, we won’t be storing the actual entropy bytes, and instead will generate it from a u64 seed. In other words, just two numbres, entropy size and seed, are needed to reproduce a single run of the test:
```
fn run_once(driver: Driver, options: struct {
    size: u32,
    seed: u64,
    quiet: bool,
}) !enum { pass, fail } {
    assert(options.size <= driver.buffer.len);
    const entropy = driver.buffer[0..options.size];

    var rng = std.Random.DefaultPrng.init(options.seed);
    rng.random().bytes(entropy);

    var child = try std.process.spawn(driver.io, .{
        .argv = &.{driver.sut},
        .stdin = .pipe,
        .stderr = if (options.quiet) .ignore else .inherit,
    });

    try child.stdin.?.writeStreamingAll(driver.io, entropy);
    child.stdin.?.close(driver.io);
    child.stdin = null;

    const term = try child.wait(driver.io);
    return if (success(term)) .pass else .fail;
}

fn success(term: std.process.Child.Term) bool {
    return term == .exited and term.exited == 0;
}
```
  We use default deterministic PRNG to expand our short seed into entropy slice of the required size. Then we spawn sut proces, feeding the resulting entropy via stdin. Closing child’s stdin signals the end of entropy. We then return either .pass or .fail depending on child’s exit code. So, both explicit errors and crashes will be recognized as failures.
  
  Next, we implement the logic for checking if a particular seed size is sufficient to find a failure. Of course, we won’t be able to say that for sure in a finite amount of time, so we’ll settle for some user-specified amount of retries:
```
fn run_multiple(driver: Driver, options: struct {
    size: u32,
    attempts: u32,
}) !union(enum) { pass, fail: u64 } {
    // ...
}
```
  The user passes us the number of attempts to make, and we return .pass if they all were successfull, or a specific failing seed if we found one:
```
assert(options.size <= driver.buffer.len);

for (0..options.attempts) |_| {
    var seed: u64 = undefined;
    driver.io.random(@ptrCast(&seed));

    const outcome = try driver.run_once(.{
        .seed = seed,
        .size = options.size,
        .quiet = true,
    });
    switch (outcome) {
        .fail => return .{ .fail = seed },
        .pass => {},
    }
}
return .pass;
```
  To generate a real seed we need “true” cryptographic non-deterministic randomness, which is provided by io.random.
  
  Finally, the search for the size:
```
fn search(driver: Driver, options: struct {
    attempts: u32 = 100,
}) !union(enum) {
    pass,
    fail: struct { size: u32, seed: u64 },
} {
    // ...
}
```
  Here, we are going to find a smallest entropy size that crashes sut. If we succeed, we return the seed and the size. The upper bound for the size is the space available in the pre-allocated entropy buffer.
  
  The search loop is essentially a binary search, with a twist — rather than using dichotomy on the size directly, we will be doubling a step we use to change the size between iterations.
  
  That is, we start with a small size and step, and, on every iteration, double the step and add it to the size, until we hit a failure (or run out of buffer for the entropy).
  
  Once we found a failure, we continue the serach in the other direction — halving the step and subtracting it from the size, keeping the smaller size if it still fails.
  
  On each step, we log the current size and outcome, and report the smallest failing size at the end.
```
var found_size: ?u32 = null;
var found_seed: ?u64 = null;

var pass: bool = true;
var size: u32 = 16;
var step: u32 = 16;
for (0..1024) |_| {
    if (step == 0) break;
    const size_next = if (pass) size + step else size -| step;
    if (size > driver.buffer.len) break;

    const outcome = try driver.run_multiple(.{
        .size = size_next,
        .attempts = options.attempts,
    });
    switch (outcome) {
        .pass => log.info("pass: size={}", .{size_next}),
        .fail => |seed| {
            found_size = size_next;
            found_seed = seed;
            log.err("fail: size={} seed={}", .{ size_next, seed });
        },
    }
    const pass_next = (outcome == .pass);

    if (pass and pass_next) {
        step *= 2;
    } else if (!pass and !pass_next) {
        // Keep the step.
    } else {
        step /= 2;
    }

    if (pass or !pass_next) {
        size = size_next;
        pass = pass_next;
    }
} else @panic("safety counter");

if (found_size == null) return .pass;
return .{ .fail = .{
    .size = found_size.?,
    .seed = found_seed.?,
} };
```
  Finally, we wrap Driver’s functionality into main that works in two modes — either reproduces a given failure from seed and size, or searches for a minimal failure:
```
pub fn main(
    gpa: std.mem.Allocator,
    io: std.Io,
    sut: []const u8,
    operation: union(enum) {
        replay: struct { size: u32, seed: u64 },
        search: struct {
            attempts: u32 = 100,
            size_max: u32 = 4 * 1024 * 1024,
        },
    },
) !void {
    const size_max = switch (operation) {
        .replay => |options| options.size,
        .search => |options| options.size_max,
    };

    const buffer = try gpa.alloc(u8, size_max);
    defer gpa.free(buffer);

    var driver: Driver = .{
        .io = io,
        .buffer = buffer,
        .sut = sut,
    };

    switch (operation) {
        .replay => |options| {
            const outcome = try driver.run_once(.{
                .size = options.size,
                .seed = options.seed,
                .quiet = false,
            });
            log.info("{t}", .{outcome});
        },
        .search => |options| {
            const outcome = try driver.search(.{
                .attempts = options.attempts,
             });
            switch (outcome) {
                .pass => log.info("ok", .{}),
                .fail => |fail| {
                    log.err("minimized size={} seed={}", .{
                        fail.size, fail.seed,
                     });
                },
            }
        },
    }
}
```
  Running the search routine looks like this in a terminal:
  
  Those final seed&size can then be used for .replay, giving you a minimal reproducible failure for debugging!
  
  This … of course doesn’t look too exciting without visualizing a specific bug we can find this way, but the problem there is that interesting examples of systems to test in this way usually take more than 256 lines to implement. So I’ll leave it to your imagination, but you get the idea: if you can make a system fail under a “random” input, you can also systematically search the space of all inputs for the smallest counter-example, without adding knowledge about the system to the searcher. This article also provides a concrete (but somewhat verbose) example.
  
  Here’s the full code:
  
  https://gist.github.com/matklad/343d13547c8bfe9af310e2ca2fbfe109
34. 🔗 Kevin Lynagh On sabotaging projects by overthinking, scope creep, and structural diffing rss
  Hi friends,
  
  I'll be attending Babashka Conf on May 8 and Dutch Clojure Days on May 9. If you're attending either (or just visiting Amsterdam), drop me a line!
  
  On sabotaging projects by overthinking
  
  When I have an idea for a project, it tends to go in one of these two directions:
  1. I just do it. Maybe I make a few minor revisions, but often it turns out exactly how I'd imagined and I'm happy.
  2. I think, "I should look for prior art". There's a lot of prior art, dealing with a much broader scope than I'd originally imagined. I start to wonder if I should incorporate that scope. Or perhaps try to build my thing on top of the existing sorta-nearby-solutions. Or maybe I should just use the popular thing. Although I could do a better job than that thing, if I put a bunch of time into it. But actually, I don't want to maintain a big popular project, nor do I want to put that much time into this project. Uh oh, now I've spent a bunch of time, having neither addressed the original issue nor experienced the joy of creating something.
  I prefer the first outcome, and I think the pivotal factor is how well I've internalized my own success criteria.
  
  For example, last weekend I hosted my friend Marcin and we decided it'd be fun to do some woodworking, so we threw together this shelf and 3d-printed hangers for my kitchen:
  
  Absolute banger of a project:
  - brainstormed the design over coffee
  - did a few 3d-print iterations for the Ikea bin hangers (OnShape CAD, if you want to print your own)
  - used material leftover from my workbench
  - rounded the corner by eye with a palm sander
  - sealed the raw plywood edge with some leftover paint from a friend
  - done in a weekend
  The main success criteria was to jam on woodworking with a friend, and that helped me not overthink the object-level success criteria: Just make a shelf for my exact kitchen!
  
  In contrast, this past Friday I noticed difftastic did a poor job, so I decided to shop around for structural/semantic diff tools and related workflows (a topic I've never studied, that I'm increasingly interested in as I'm reviewing more and more LLM-generated code).
  
  I spent 4 hours over the weekend researching existing tools (see my notes below), going through dark periods of both "semantic tree diffing is a PhD-level complex problem" and "why do all of these have MCP servers? I don't want an MCP server", before I came to my senses and remembered my original success criteria: I just want a nicer diffing workflow for myself in Emacs, I should just build it myself -- should take about 4 hours.
  
  I'm cautiously optimistic that, having had this realization and committing myself to a minimal scope, I'll be able to knock out a prototype before running out of motivation.
  
  However, other long-running interests of mine:
  - interfaces for prototyping hardware (discussed September 2023)
  - a programming language that fuses what I like about Clojure and Rust (November 2023)
  - a programming language for CAD (constraints, bidirectional editing, other dubious ideas)
  seem to be deep in the well of outcome #2.
  
  That is, I've spent hundreds of hours on background research and little prototypes, but haven't yet synthesized anything that addresses the original motivating issue.
  
  It's not quite that I regret that time -- I do love learning by reading -- but I have a nagging sense of unease that my inner critic (fear of failure?) is silencing my generative tendencies, keeping me from the much more enjoyable (and productive!) learning by doing.
  
  I think in these cases the success criteria has been much fuzzier: Am I trying to replace my own usage of Rust/Clojure? Only for some subset of problems? Or is it that I actually just need a playground to learn about language design/implementation, and it's fine if I don't end up using it?
  
  Ditto for CAD: Am I trying to replace my commercial CAD tool in favor of my own? Only for some subset of simple or particularly parametric parts? Do I care if it's useful for others? Does my tool need to be legibly different from existing open-source tools?
  
  It's worth considering these questions, sure. But at the end of the day, I'd much rather have done a lot than have only considered a lot.
  
  So I'm trying to embrace my inner clueless 20-year-old and just do things -- even if some turn out to be "obviously bad" in hindsight, I'll still be coming out ahead on net =D
  
  Conservation of scope creep
  
  Of course, there's only so much time to "just do things", and there's a balance to be had. I'm not sure how many times I'll re-learn YAGNI ("you ain't gonna need it") in my career, but I was reminded of it again after writing a bunch of code with an LLM agent, then eventually coming to my senses and throwing it all out.
  
  I wanted a Finda-style filesystem-wide fuzzy path search for Emacs. Since I've built (by hand, typing the code myself!) this exact functionality before (walk filesystem to collect paths, index them by trigram, do fast fuzzy queries via bitmap intersections), I figured it'd only take a few hours to supervise an LLM to write all the code.
  
  I started with a "plan mode" chat, and the LLM suggested a library, Nucleo, which turned up since I wrote Finda (10 years ago, eek!). I read through it, found it quite well- designed and documented, and decided to use it so I'd get its smart case and Unicode normalization functionality. (E.g., query foo matches Foo and foo, whereas query Foo won 't match foo; similarly for cafe and café.)
  
  Finding a great library wasn't the problem, the problem was that Nucleo also supported some extra functionality: anchors (^foo only matches at the beginning of a line).
  
  This got me thinking about what that might mean in a corpus that consists entirely of file paths. Anchoring to the beginning of a line isn't useful (everything starts with /), so I decided to try and interpret the anchors with respect to the path segments. E.g., ^foo would match /root/foobar/ but not /root/barfoo/.
  
  But to do this efficiently, the index needs to keep track of segment boundaries so that the query can be checked against each segment quickly.
  
  But then we also need to handle a slash occurring in an anchored query (e.g., ^foo/bar) since that wouldn't get matched when only looking at segments individually (root, foo, bar, and baz of a matching path /root/foo/bar/baz/).
  
  Working through this took several hours: first throwing around design ideas with an LLM, having it write code to wrap Nucleo's types, then realizing its code was bloated and didn't spark joy, so finally writing my own (smaller) wrapper.
  
  Then, after a break, I realized:
  1. I can't think of a situation where I'd ever wished Finda had anchor functionality
  2. In a corpus of paths, I can anchor by just adding / to the start or end of a query (this works for everything except anchoring to the end of a filename).
  So I tossed all of the anchoring code.
  
  I'm pretty sure I still came out ahead compared to if I'd tried to write everything myself sans LLM or discussion with others, but I'm not certain.
  
  Perhaps there's some kind of conservation law here: Any increases in programming speed will be offset by a corresponding increase in unnecessary features, rabbit holes, and diversions.
  
  Structural diffing
  
  Speaking of unnecessary diversions, let me tell you everything I've learned about structural diffing recently -- if you have thoughts/feelings/references in this space, I'd love to hear about 'em!
  
  When we're talking about code, a "diff" usually means a summary of the line- by-line changes between two versions of a file. This might be rendered as a "unified" view, where changed lines are prefixed with + or - to indicate whether they're additions or deletions. For example:
  
  We've removed coffee and added apple.
  
  The same diff might also be rendered in a side-by-side view, which can be easier to read when there are more complex changes:
  
  The problem with these line-by-line diffs is that they're not aware of higher- level structure like functions, types, etc. -- if some braces match up somehow between versions, they might not be shown at all, even if the braces "belong" to different functions.
  
  There's a wonderful tool, difftastic, which tries to address this by calculating diffs using treesitter-provided concrete syntax trees. It's a huge improvement over line-based diffs, but unfortunately it doesn't always do a great job matching entities between versions.
  
  Here's the diff that motivated this entire foray:
  
  Note that it doesn't match up struct PendingClick, it shows it deleted on the left and added on the right.
  
  I haven't dug into why difftastic fails to match here, but I do feel like it's wrong -- even if the overall diff would be longer, I'd still rather see PendingClickRequest and PendingClick matched up between both sides.
  
  Here's a summary of tools / references in the space:
  - The most "baked" and thoughtful semantic diff tool I found is, perhaps unsurprisingly, semanticdiff.com, a small German company with a free VSCode plugin and web app that shows diffs for github PRs. Unfortunately they don't have any code libraries I can use as a foundation for the workflow I want.
    
    this semanticdiff vs. difftastic blog post covers a lot of great details (including that difftastic doesn't even show semantically meaningful indentation changes in python !!!)
    
    one of the authors has great HN comments with hard-won background knowledge. E.g., they moved away from treesitter because it's unreliable for semantics:
  Context-sensitive keywords in particular were a constant source of annoyance. The grammar looks correct, but it will fail to parse because of the way the lexer works. You don't want your tool to abort just because someone named their parameter "async".
  - diffsitter
    
    built on treesitter, has MCP server. README includes list of similar projects.
    
    lots of github stars, but doesn't seem particularly well-documented; I couldn't find an explanation of how it works, but the difftastic wiki says it "runs longest-common-subsequence on the leaves of the tree"
    
    gumtree
    
    research / academic origin in 2014
    
    requires Java, so no-go for my use case of a quick tool I can use via Emacs
    
    mergiraf: treesitter-based merge-driver written in rust
    
    very nice architecture overview; tool uses Gumtree algorithm
    
    docs and adorable illustrations indicate this project was clearly written by a thoughtful human
    
    semanticdiff.com author in HN comments: > GumTree is good at returning a result quickly, but there are quite a few cases where it always returned bad matches for us, no matter how many follow-up papers with improvements we tried to implement. In the end we switched over to a dijkstra based approach that tries to minimize the cost of the mapping
    
    weave: also a treesitter-based merge-driver written in Rust
    
    feels a bit "HN-optimized" (flashy landing pages, lots of github stars, MCP server, etc.)
    
    I looked into their entity extraction crate, sem
    
    core diffing code is OK but pretty wordy
    
    greedy entity matching algorithm
    
    data model can't detect intra-file moves, even though those might be significant
    
    includes a lot of heuristic "impact" analysis, which feels like overreaching-scope to me since it'd require much tighter language integration before I'd trust it
    
    ran into buggy output when running sem diff --verbose HEAD~4; it showed lines as having changed that…didn't change at all.
    
    Too much 80%-done, hypothetically useful functionality for me to use as a foundation, but props for sure to the undergrad/student(?) who's built all this in just three months.
    
    diffast: tree edit-distance of ASTs based on an algorithm from a 2008 academic paper.
    
    supports "Python, Java, Verilog, Fortran, and C/C++ via dedicated parsers"
    
    has a nice gallery of example AST differences
    
    can export info in tuples for datalog
    
    autochrome: Clojure-specific diffs based on dynamic programming
    
    excellent visual explanation and example walkthrough
    
    Tristan Hume has a great article on Designing a Tree Diff Algorithm Using Dynamic Programming and A*
  My primary use case is reviewing LLM output turn-by-turn -- I'm very much in- the-loop, and I'm not letting my agent (or dozens of them, lol) run wild generating 10k+ lines of code at a time.
  
  Rather, I give an agent a scoped task, then come back in a few minutes and want to see an overview of what it did and then either revise/tweak it manually in Emacs or throw the whole thing out and try again (or just write it myself).
  
  The workflow I want, then, is to
  - see a high-level overview of the diff: what entities (types/functions/methods) were added/removed/changed?
  - quickly see textual diffs on an entity-by-entity basis ("expanding" parts of the above summary)
  - quickly edit any changes, without having to navigate elsewhere (i.e., do it inline, rather than having to switch from "diff" to "file)
  Basically, I want something like Magit's workflow for reviewing and staging changes, but on an entity level rather than file/line level.
  
  In light of the "minimal scope, just get your project done" lesson I've just re-learned for the nth time, my plan is to:
  - throw together my own treesitter-based entity extraction framework (just Rust for now)
  - do some simple greedy matching for now
  - render the diff to the command line
  Once that seems reasonable (i.e., it does a better job than difftastic did on that specific commit), I'll:
  - wire into a more interactive Magit-like Emacs workflow (maybe I can reuse Magit itself!?!)
  - add support for new languages, as I need them
  - potentially explore more sophisticated score-based global matching rather than simple greedy matching
  Mayyybe if I'm happy with it I'll end up releasing something. But I'm not trying to collect Github stars or HN karma, so I might just happily use it in the privacy of my own home without trying to "commercialize it".
  
  After all, sometimes I just want a shelf.
  
  Misc. stuff
  - I'm in the market for a few square meters of Tyvek or other translucent, non-woven material suitable for building a light diffuser -- let me know if you have any favorite vendors that can ship to the EU.
  - How They Made This - Coinbase Commercial Breakdown. Crypto is a negative-sum parasite on productive economic activity, but has the silver lining of funneling a lot of capital to weird creative folks.
  - A tail-call interpreter in (nightly) Rust
  - The Easiest Way To Design Furniture…. Laura Kampf on getting off the computer and designing physical spaces with tape, lil' wood sticks, and cardboard.
  - Hotel California - Reimagined on the Traditional Chinese Guzheng
  - C is not a low-level language: Your computer is not a fast PDP-11.
  - I Taught My Dog to Vibe Code Games - Caleb Leak
  - Loon is a Lisp. Thrilled to discover I'm not the only one who wants to mash together Clojure and Rust. The current implementation seems to have been manically vibe-coded and I quickly ran into some terrible bugs, but on the other hand it exists so I'm not going to be a hater.
  - Made a print in place box so I can easily hand out printed bees🐝. "Im quite content with the result, the bees fit snugly and the box opens and closes nicely"
  - Yeast-based vaccines are a big deal for biosecurity
  - "There isn’t a lot of reliable information out there about how to buy a gas mask, especially for the specific purpose of living under state repression. But hopefully after reading this guide you’ll feel equipped to make an educated decision."
  - "This zoomable map shows every page of every issue of BYTE starting from the front cover of the first issue (top left) to the last page of the final edition (bottom right). The search bar runs RE2 regex over the full text of all 100k pages." A lovely reminder that user-interfaces can be extremely fast and information dense.
  - How Every* Milk Product Is Made
  - In Favour of Trying New Things – Daniel Frank
  - Staring into the abyss as a core life skill
April 19, 2026
1. 🔗 IDA Plugin Updates IDA Plugin Updates on 2026-04-19 rss
  IDA Plugin Updates on 2026-04-19
  
  New Releases:
  - IDAssist New feature: SymGraph service tab
  Activity:
  - ida-pro-mcp
    
    f21bb5ee: Merge pull request #373 from NeKroFR/feat/decompile-hide-addresses
  - IDAssist
    
    3cdb161a: Version bump.
    
    06032742: Always enable SymGraph UI
    
    f03c314b: Add SymGraph tab documentation
  - playlist
    
    87b86952: Prenut cream donut
  - python-elpida_core.py
    
    8f7c18c1: [HERMES-ROUTED] Phase 3 routing artifact 2026-04-19T23:57Z
    
    007b4032: [HERMES-ROUTED] Phase 3 routing artifact 2026-04-19T23:42Z
    
    d299c342: [HERMES-ROUTED] Phase 3 routing artifact 2026-04-19T23:24Z
    
    fe43416e: [HERMES-ROUTED] Phase 3 routing artifact 2026-04-19T23:10Z
    
    01e16c2b: [HERMES-ROUTED] Phase 3 routing artifact 2026-04-19T22:55Z
    
    a3dc2a99: feat(body-phase1): add shadow telemetry for expanded axioms A11/A12/A…
    
    5edbb2a0: [HERMES-ROUTED] Phase 3 routing artifact 2026-04-19T22:36Z
    
    cce9030b: fix(mind): add identity_verifier.py to Dockerfile COPY list
    
    89f37196: [HERMES-ROUTED] Phase 3 routing artifact 2026-04-19T22:19Z
2. 🔗 r/Yorkshire Wentworth Castle Yorkshire Spring Tour Hidden Gem UK Travel Guide Family Day Out rss
  
  | submitted by /u/DragonTvBack
  [link] [comments]
  ---|---
3. 🔗 r/Leeds Massive Pro Iran protest today rss
  
  Seem to dwarf the Palestine ones.
  
  Very interesting dynamic, as not one Arabic writing flag in sight, no traditional Islamic dress for women, Israel, US and Iran flags everywhere, and the crowd were majority (I’m assuming) Iranian, which compared to the Palestine ones (now) is the opposite. The only western looking people there today were marching with them wearing St George’s flags.
  
  I have heard that Pro Palestine and Pro Iran supporters are clashing elsewhere in the country, do you think that may happen in Leeds?
  
  submitted by /u/Desperate_Break4747
  [link] [comments]
4. 🔗 r/Leeds Remember kids... rss
  
  Durgs, just say no.
  
  submitted by /u/kek23k
  [link] [comments]
5. 🔗 r/Yorkshire Sand martins at Redcar beach rss
  
  | submitted by /u/DentistKitchen
  [link] [comments]
  ---|---
6. 🔗 r/Yorkshire A perfect day in Whitby rss
  
  | submitted by /u/Still_Function_5428
  [link] [comments]
  ---|---
7. 🔗 r/Leeds Why isn’t Holbeck safe? rss
  
  I’m an ex-student looking at renting an apartment in Leeds with a current student, and Holbeck really stood out as it allowed city centre proximity and closeness, but for surprisingly affordable prices.
  
  However, when I google and search this Reddit for information on Holbeck’s safety, it was all overwhelming negative, saying it is dangerous to walk around at night, unsafe for women etc.
  
  I figured maybe there was just rougher areas or outskirts, but one comment with a lot of support specifically said the Holbeck Urban Village was a particularly bad part, despite this being where I’m looking at and around train station.
  
  So I walked around there today, and it seemed really lovely, particularly around Bridgewater Place and the Urban Village I found that it was simply just a lot of students, younger adults and working people walking around. It felt and looked completely safe, especially with nice access to the canal.
  
  So what’s the deal? Was it just a lucky day? Is there a lot I haven’t seen about it? Or is the area around Bridgewater Place fine?
  
  Thanks!
  
  submitted by /u/Least-Broccoli9995
  [link] [comments]
8. 🔗 r/Harrogate Opportunities in Harrogate rss
  
  My partner and I are thinking of moving to Harrogate this year. My partner works remotely, whereas I’m office-based, but we both work in IT. I’m keen to career change into horticulture/gardening (honestly, need to step away from the screen and touch some grass). I have no experience in this field, so may need to find something else whilst I work on obtaining experience from volunteering etc.
  
  Is Harrogate a good place to try and get into horticulture? Aware the job market is a bit dire currently, but are there many other opportunities there just in case horticulture is an immediate no-go? Thanks!
  
  submitted by /u/Felt_Felted
  [link] [comments]
9. 🔗 r/Yorkshire Parkwood, Keighley rss
  
  | Went on a bit of a nostalgia trip, not been here in 30 years since I left K town behind. Still a lovely bit of woodland. submitted by /u/Gh0styD0g
  [link] [comments]
  ---|---
10. 🔗 r/reverseengineering hi guys i want from someone here to help me in a complicated mission i want to add private server to game that their own servers shout down and want to make it playable again it's need reverse engineering and huge knowledge and i have game files apk and others i really hope there is someone can help rss
  
  submitted by /u/Organic_Wrongdoer_64
  [link] [comments]
11. 🔗 HexRaysSA/plugin-repository commits sync repo: +2 releases rss
```
sync repo: +2 releases

## New releases
- [Suture](https://github.com/libtero/suture): 1.2.10
- [tc_deer](https://github.com/arkup/tc_deer): 0.1.2
```
12. 🔗 r/Leeds Postgraduate student about to be homeless rss
  
  I’m honestly just looking for some advice. My tenancy ends in two months and as I am unemployed (in the span of a year I’ve applied to more than 250 jobs) I don’t have the necessary funds for a new tenancy (no savings either) I’m currently paying rent using my student finance that doesn’t even cover the full cost of my course in the first place. I don’t have anyone I could move in with so I will genuinely be homeless in a few months. I applied with Leeds council housing but I’m currently band C. What should I do? Any advice will be helpful.
  
  Edit: I don’t apply on job websites I always apply via the companies website. I have Autism and Adhd and arthraglia of multiple joints alongside other things😭
  
  submitted by /u/sandyslaifu
  [link] [comments]
13. 🔗 r/Yorkshire Ey up People of Yorkshire! I am a student from Singapore and I love collecting postcards. I would love to receive postcards from anywhere in Yorkshire 🙂. Can someone send me one? rss
  
  | Ey up Yorkshire! I’m a student from Singapore and I really enjoy collecting postcards. I’d be very grateful to receive a postcard from anywhere in Yorkshire. 🙂 If postcards aren’t available, I’d also really appreciate a greeting card, city card, or even a small souvenir (such as a keychain, rock, local snack, flag, ornament, cap, T-shirt, or handmade craft). This is for my personal collection and not for any commercial purpose. If you’re willing to help, please leave a comment and I’ll share my mailing address with you. Ta very much, and warm greetings from Singapore! 🇸🇬🤝🏴󠁧󠁢󠁥󠁮󠁧󠁿 submitted by /u/Nessieinternational
  [link] [comments]
  ---|---
14. 🔗 r/Yorkshire I was up in Osmotherly yesterday and quite a few cyclists with numbers on came past. Just curious as to what the race was. Any ideas? rss
  
  Also, The Sheep wash at Osmotherly is brilliant.
  
  submitted by /u/mr_fett01
  [link] [comments]
15. 🔗 r/Yorkshire Billy Banks Woods, a walk through the past part 2. rss
  
  submitted by /u/Still_Function_5428
  [link] [comments]
16. 🔗 r/york I just can't stop snapping 🌸 rss
  
  submitted by /u/RedPandaCommander24
  [link] [comments]
17. 🔗 r/LocalLLaMA Why isn't ebay doing anything to stop those scams? rss
  
  | There's no way this is real and ebay is doing nothing to stop those scams. Why, people are actually bidding and buying into them and it's just so sad. There are tens of ads from 0 sold account selling m3 ultra 512gb for around a thousand and change which is insane, considering you'd be pressed to even find a 16tb ssd for that price. submitted by /u/KillerMiller13
  [link] [comments]
  ---|---
18. 🔗 Register Spill Joy & Curiosity #82 rss
  This one's short, because it's been a week full of programming and building, less reading. And this weekend's equally busy, so here's a question I've been flipping around in my head for months now:
  
  What are we learning about working with these models that will be valuable in the future?
  
  In his Lex Fridman interview, ThePrimeagen said something that stuck with me: "Is anyone actually falling behind for not using AI then? Because if the interface is going to change so greatly that all of your habits need to fundamentally change […], have I actually fallen behind at all? Or will the next gen actually just be so different from the current one that it's like, yeah, you're over there actually doing punch card AI right now. I'm going to come in at compiler time AI, so different that it's like what's a punch card?"
  
  There's something to this. The frontier models are now much more forgiving when it comes to prompts. We no longer have to write "you are a senior engineer" in our prompts. "Don't make mistakes" is more a prayer than a helpful trick. The days of the Prompt Engineer won't be visible on the timeline if we zoom out to even five years.
  
  Nowadays, I'm even convinced that a lot of what we considered important for manual context management is now no longer needed. (Yes, we're shipping soon.) We're close to the point where you no longer have to care whether you're at 30% or 70% of the context window.
  
  And I'm also convinced that the models will get even better.
  
  Now, maybe it is a form of sunk cost fallacy, a bias talking, but still: I do think that I got better at working with these models over the past two years. It might not be relevant anymore whether I write down my task before or after I include a file in a prompt, but I think I've gained some meta-abilities that made me better at solving problems through the use of agents: chopping up problems into engineering tasks and sequencing them, figuring out what the pitfalls (that wouldn't be pitfalls for humans) are, knowing what's poison in the codebase and what isn't. Stuff like that.
  
  In the most general sense, I think I've learned how to work with artificial intelligence. And if prompt engineering tricks are punch cards, then that might be seen as learning about computation.
  - This is, at least for me, already a Hall of Fame comment: "For reasons which it would take a while to unpack, if is often the case that the best (or sometimes only) way to find out what programming actually needs to be done, is to program something that's not it, and then replace it. This may need to be done multiple times. Programming is only occasionally the final product, it is much more often the means of working through what it is that is actually needed. This is very difficult for the people who ask for the software, to understand, and it is quite often very difficult for the people doing the programming to understand. Most of what is being done, during programming, is working through the problem space in a way which will make it more obvious what your mistakes are, in your understanding of the problem and what a solution would look like. Once you have arrived at that understanding, then there are a variety of ways to make what you need, but that is not the rate-limiting step." So, so, so good. This is what software development is: learning.
  - Fractal Paris and Fractal Istanbul. Lovely!
  - Rands: The Complicators, The Drama Aggregators, and The Avoiders. Read and recognize people you've worked with.
  - Brian Cantrill on the peril of laziness lost: "The problem is that LLMs inherently lack the virtue of laziness. Work costs nothing to an LLM. LLMs do not feel a need to optimize for their own (or anyone's) future time, and will happily dump more and more onto a layercake of garbage. Left unchecked, LLMs will make systems larger, not better." Read this at the start of the week and then constantly thought of it whenever I asked my agent whether this is "truly the simplest, most minimal, as-little-as-possible and as-much-as-needed solution?"
  - Vicki Boykis, in some sense in harmony with Brian Cantrill's thoughts, on Mechanical Sympathy: "Mechanical sympathy for both developers and end-users means understanding when asyncio is and is not helpful. It means using the right language, the right build system, the right font. It means using the least amount of tooling possible. Allowing for local development. It means reading code inside out rather than top to bottom. Using uv. Removing code where not necessary. Respecting boundaries."
  - stevey wrote a tweet about AI adoption at Google and got pushback from Demis Hassabis and others and, well, I actually don't care that much about AI adoption at Google, but I find this one thought in there very fascinating: "There has been an industry-wide hiring freeze for 18+ months, during which time nobody has been moving jobs. So there are no clued-in people coming in from the outside to tell Google how far behind they are, how utterly mediocre they have become as an eng org." I know that people aren't sure whether there are more or less software jobs right now, but from where I'm sitting it does look like hiring has slowed and I find it fascinating to think about the second-order effects of that: is there less industry-wide diffusion of frontier knowledge because hiring has slowed?
  - Shifted something in my brain: Nucleus Nouns. Very good and much more thought-inspiring than the usual "focus! focus! focus!" chants.
  - The Closing of the Frontier: "There is something special about training a model on all of humanity's data and then locking it up for the benefit of a few well-connected organizations that you have relationships with. Maybe you'll notice another historical pattern here. Extract value from a population that can't meaningfully consent, concentrate the returns within a small inner circle, and then offer some version of charity to the people you extracted from as moral cover for the arrangement."
  - Andy Matuschak has the Practice Guide for Computer printed out and hanging above his desk.
  - Apparently I'm the last person to learn about this idea, but who cares, it's great and I think I want to try this: The Spark File.
  - Sometimes I read things online and it makes me really happy that we have the Internet and that smart, beautiful minds share their thoughts online. Here's James Somers with his idea of the Paper Computer: "Now that we have actually good AI, I have this vision of a form of computing that doesn't involve me using a computer so much. Imagine you had the day's emails to go through. It would be nice if the ones that required a simple decision could be dispatched with a few pen-strokes: I could write down a date that would work for that meeting; check a box to accept that invitation; etc. If an email required me to review a draft, I'd love to mark up a print version on my couch, sans screen, and have those notes scanned and sent off as if I'd done the whole thing on Google Docs."
  - Tim Zaman, who worked at NVIDIA, Tesla, X, Google DeepMind and now at OpenAI on AI infrastructure on Getting Into AI Infra. I'm convinced that posts like these create and change entire lifes. I love it. Also: nearly made me want to build a cluster.
  - It's been a while since I've thought about people who have not yet walked through the one-way door that makes you say "holy shit, AI is going to change everything", but Armin shared his thoughts after encountering people still being skeptical: The Center Has a Bias. Well worth reading.
  - Dwarkesh Patel shared what he learned this week and note how interesting that is and how enjoyable it is to read, even though (or is it because of?) it's not polished at all.
  - Drew Breunig, following the Anthropic Mythos frenzy and some companies closing their open-source projects down for fear of security vulnerabilities being discovered, says Cybersecurity Looks Like Proof of Work Now: "If Mythos continues to find exploits so long as you keep throwing money at it, security is reduced to a brutally simple equation: to harden a system you need to spend more tokens discovering exploits than attackers will spend exploiting them."
  - But antirez disagrees: AI cybersecurity is not proof of work. Both posts are very interesting and I recommend reading through them.
  - I'm in the process of setting up my 2013 MacBook Pro for my 4-year-old daughter and Peter recommended this lovely page to let her type on: tiny-terminal.com.
  - So, of course, I had to fork it, bought a domain, and let Amp translate it to German so my kids can type words they already know in there: kleines-terminal.de.
  - Turing Award winner Michael Rabin has passed away. Here's "an assorted collection of quotations due to Professor Michael Rabin, produced at Harvard University during the Fall 1997 incarnation of the course Computer Science 226r": Rabinism Collection.
  - Thoughts and Feelings around Claude Design.
  - Another way to think about the question of whether AI will create more jobs or not, by Aaron Levie: "Why will AI create more jobs in plenty of industries? It's because we're going to use AI to accelerate output in one area, and then eventually you run into a new bottleneck somewhere else in the process that still requires humans." This sounds very likely to me. But, of course, "more jobs" doesn't mean it'll be the same jobs and then some. Everything's changing.
  - Related, Gary Bernhardt: "This might be a Mel moment. It's not immediately obvious that Mel is a tragic story. He clearly loved the work. Then the work changed and, presumably, he was left behind. The thing he perfected no longer mattered. There might be millions of Mels right now."
  - Wow, look at just the table of contents here: "I have for years been interested in sleep research due to my professional involvement in memory and learning. This article attempts to produce a synthesis of what is known about sleep with a view to practical applications, esp. in people who need top-quality sleep for their learning or creative achievements."
  Busy weekend? You should subscribe:
19. 🔗 Stephen Diehl A Field Guide to Bugs rss
  
  A Field Guide to Bugs
  
  Software bugs predate software. Edison used the word in an 1878 letter, eighty years before the Harvard moth and sixty before the modern computer. What he named has outlasted him. Every engineer eventually assembles a private taxonomy of the ways things fail, and the useful fact about these private taxonomies is that they converge. Engineers who have never met, working on unrelated systems in unrelated decades, arrive at roughly the same categories. The convergence is evidence that the bugs are ontologically real, and not an artifact of the human tendency to impose pattern on noise. What follows is a partial field guide. It should be carried into the territory with humility, because the bugs you actually encounter will be hybrids of these, frequently nameless, and almost always personally insulting.
  
  The Bohrbug is the boring honest bug. It manifests every time. It survives restarts, recompilations, prayers, and managerial intervention. You could put it in a museum. The Bohrbug is universally beloved by everyone who fixes bugs for a living, because it is the only species in this guide that respects the scientific method. If your bug is a Bohrbug, take a moment of gratitude and close the ticket before something worse notices.
  
  The Heisenbug is its opposite, and the reason this field guide exists. Attach a debugger and the bug evaporates. Heisenbugs cannot be reproduced under any condition that allows them to be examined. They live exclusively in production. They are killed by logging statements. They are the reason the most senior engineer on your team has the haunted expression of someone who has stared into the void and found it staring back at the call stack.
  
  The Off-By-One is the most prolific species in the genus. Loops that run from 0 to n when they should run from 0 to n-1, arrays indexed at length() instead of length()-1, dates off by a single day across a timezone boundary. The Off-By-One has personally caused more security vulnerabilities than any nation-state actor of the last forty years. Its corpses litter the codebase in such density that you can use them as paving stones.
  
  The Race Condition exists strictly between two threads of execution and reproduces only in production, between 02:14 and 02:16 GMT on Wednesdays, when traffic crosses a particular threshold and two specific rows in two specific tables are accessed in a particular order. Race Conditions are the reason serious distributed systems engineers acquire a thousand-yard stare around year three. They are the reason Lamport wrote TLA+, and the reason nobody on your team uses it.
  
  The Deadlock occurs when two threads each hold a resource the other is waiting for, and both wait politely forever. Everything looks fine. All status checks return green. The process is standing still and being courteous. The Deadlock is the British bug.
  
  The Livelock is its more disturbing cousin. Both threads detect the conflict and repeatedly yield to each other, like two strangers in a narrow hallway, achieving no forward progress while pinning the CPU at 100%. It is what happens when politeness becomes pathological. It is the only bug in this guide that you can hear, in the form of a fan spinning very fast.
  
  The Memory Leak is the slow patient predator of long-running processes. It is identified by the gradually rising green line on the memory dashboard that exists in a browser tab nobody opens. By the time someone notices, the leak has been happening for weeks and the process is clinging to life with the desperate dignity of a Victorian consumptive. Memory Leaks are common in any language that gives you manual memory management, and any code written by someone who promised themselves they would clean it up later.
  
  The "It Works On My Machine" Bug exists exclusively on the machines of every engineer except the one who wrote the code. The author can demonstrate its absence at length. QA can demonstrate its presence at length. Both are correct. The discrepancy is invariably traced to an environment variable, a locale setting, or a Homebrew package installed in 2017 and forgotten. The author is considered the prime suspect by everyone except the author.
  
  The Comment Lie is the documentation defect that makes a thousand bugs possible. The comment says // always uses UTC and the code uses local time. The comment says // thread-safe and the function holds no locks. The comment was written in 2009 by someone who has since been promoted twice and works at a different company. This is why senior engineers do not trust documentation, and why the most depressing form of debugging is the kind where the bug is in the file, the file is correct, and the lie is in a README two directories up.
  
  The Specification Bug is the Comment Lie's older and more dangerous relative. The code is correct. The proof typechecks. Every invariant you formalized is preserved, and every property you stated holds. The specification itself, however, says something other than what you thought it said. You formalized that the clearing algorithm is Pareto-optimal, which it is. You did not formalize that it is incentive-compatible, which was also required. The gap between the spec you wrote and the spec you meant to write is where the bug lives. It is invisible to every tool in the pipeline, because every tool in the pipeline trusts the spec. The Specification Bug is the reason formal methods are necessary and the reason they are not sufficient, and the reason serious engineers grow increasingly reluctant to describe their systems as "verified" without a great deal of throat-clearing about what that word does and does not mean.
  
  The YAML Bug is a configuration error. The code is correct. The deployment pipeline is correct. The infrastructure is correct. Somewhere, in a different repository, owned by a different team, in a YAML file you have never personally seen, a key was indented two spaces instead of four, and the parser silently reinterpreted the entire downstream block as a string. The investigation will take six hours and conclude with a one-character fix and a Slack message of polite, professional fury.
  
  The Floating Point Bug is caused by the inability of binary representation to express 0.1 exactly, or 0.2 exactly, or any of the numbers humans regard as obvious. The bug surfaces when an accountant runs a report and the totals are off by a fraction of a cent. The accountant is unimpressed by the explanation. The customer is a hospital. The fraction of a cent has been accumulating for nine months.
  
  The Mandelbug is named for Mandelbrot, and the joke is structural. A Mandelbug is so complex that its causes form a fractal: every layer you investigate contains more layers, and the bug is essentially a function of how far down the call stack you have the patience to look before giving up. Mandelbugs cannot be fixed in the traditional sense, only mitigated until enough other things change to make them go quiet. They are the natural fauna of microservice architectures and a major reason Datadog has a market cap.
  
  The Bus Factor Bug exists in code that exactly one person on the team understands. That person is on a sabbatical in Patagonia, where the cell coverage is poor and the internet intermittent. They left on Tuesday. The bug appeared on Wednesday. Bus Factor Bugs are structurally identical to ordinary bugs but rendered insoluble by the absence of the only mind in which the relevant context resides. They are the reason responsible companies maintain institutional memory practices, and the reason those practices are ignored until the next sabbatical.
  
  The Hindenbug is slow, enormous, public, and catastrophic. Hindenbugs lumber rather than creep. Somewhere an engineer is watching four hundred and forty million dollars leave the company's trading account over forty-five minutes in a series of market orders the code, left unattended, cannot stop itself from submitting. By the time anyone realizes what is happening, the failure is visible from orbit, dashboards are turning red in order of contractual severity, and there is nothing left to do but watch. The Hindenbug ends careers. It produces the kind of postmortem studied at conferences for twenty years, anonymized but recognizable, like a famous ghost story everyone in the room has personally seen the ghost.
  
  The Yuletide Bug lives in your systems all year, dormant and harmless, and emerges only during the company-wide holiday shutdown, when the on-call engineer is in another country, the office is dark, the only person who understands the broken subsystem is on a beach in Phuket with no signal, and the affected customer is a hospital. Closely related to the Friday Afternoon Bug, mechanically identical but on a weekly rather than annual cycle. Both are sufficient evidence for a superstition the profession will not state openly, which is that the arrival times of serious failures are not Poisson-distributed and never have been.
  
  The Higgs-bugson is named for the particle physicists who spent four decades and ten billion dollars chasing a thing the math said had to exist before they could see it. Higgs-bugsons are predicted by anomalous patterns in the logs, by users complaining of phenomena that should not be possible, and by the steady accumulation of unexplained off-by-a-cent discrepancies in nightly reports. They are believed to exist for years before anyone catches one in the act, and the engineer who finally observes one directly is briefly considered for canonization before being assigned the next ticket.
  
  The Cosmic Ray Bit Flip is real, despite the eye-rolling of every project manager who has ever heard one cited as an excuse. Particles from space arrive at the Earth's surface at a non-trivial rate and occasionally flip a bit in a memory chip that has not bothered with ECC. The result is a single, unreproducible, entirely correct piece of software producing entirely incorrect output exactly once. IBM has published papers. The aviation industry budgets for it. The probability that a given bug is actually a cosmic ray comfortably exceeds zero, which is why every senior engineer eventually encounters one and spends the rest of their career telling skeptics about it at parties.
  
  The Phase of the Moon Bug is also real, and Knuth has written about it. There exists code in production today whose behavior depends on the actual position of the moon, generally because some long-vanished astronomer needed it to and the dependency was never removed. If your system is exhibiting periodic anomalies on a roughly 29.5-day cycle, you do not have an obscure bug. You have a perfectly ordinary bug whose root cause is an astronomical body 384,000 kilometers away.
  
  The Schrödinbug comes into existence the moment you read the code carefully. You see the obvious flaw, and the entire system stops working forever afterward, retroactively invalidating every successful execution that came before. The Schrödinbug is the closest thing in computer science to evidence for solipsism. The only correct response is to slowly close the file and pretend you never saw it.
  
  The Rubber Duck Bug dissolves the moment you explain the code aloud to a small inanimate object. The phenomenon is sufficiently reliable that an entire debugging methodology has been built around it. The mechanism is not mysterious, despite a genre of internet commentary that insists it is. The Rubber Duck works for the same reason proof assistants work. The human mind, left to itself, silently interpolates state it has not actually verified. Externalizing the state — to a duck, to a coauthor, to Lean — forces the interpolations to become explicit, at which point most of them fail. The duck is not the agent. The duck is the discipline of narration. The duck is what is left of formal methods when the formalism has been stripped out.
  
  The XY Problem is the most common pathology in bug reports. The user wants to do X. They have decided that the way to do X is to do Y. They are asking you for help with Y. Y is impossible, or stupid, or both, and is also entirely irrelevant to X, which has a perfectly reasonable solution involving entirely different machinery. The XY Problem is the reason every Stack Overflow answer begins with "what are you actually trying to do?" and the reason that question is always met with hostility.
  
  The Hallucination Bug is the defining species of the large language model era. The LLM wrote the code. The LLM also wrote the tests. The tests pass. The code produces outputs that bear a confident resemblance to correct outputs in the same way that a forgery bears a confident resemblance to a painting. The test suite cannot catch it, because the test suite was designed by the cognitive process that produced the bug, and that process has no privileged access to ground truth. The code works until someone who actually understands the domain reads it.
  
  The Vibe Coding Bug is produced by asking a language model to "make it more professional," then "clean this up a bit," then "can you just make the whole thing better," seventeen times in succession. The resulting code is immaculate. It is also wrong in a way that no individual revision introduced, because the wrongness emerged from accumulated aesthetic drift across seventeen rounds of refinement with no grounding in what the code was supposed to do. Tracing the Vibe Coding Bug requires reading seventeen chat transcripts and accepting that none of them contains the bug and all of them contain the bug.
  
  The Recursive Fine-Tuning Bug manifests in the nth generation of a model trained on the outputs of models trained on the outputs of the original model. By generation seven, the training data is 94% synthetic. By generation twelve, the model confidently explains concepts that have never existed in the physical universe, in language that reads as authoritative to every other model in the pipeline. It cannot be detected from inside the pipeline, because every evaluator in the pipeline has been trained on the same drift.
  
  The Quantum Superposition Bug exists in all possible states simultaneously until the CI pipeline observes it, at which point it collapses into whichever state is worst for the deployment. It cannot be reproduced on a classical machine. It cannot be reproduced on a quantum machine either, because reproduction constitutes an observation. The theoretical framework for understanding it is complete and internally consistent. The practical framework for fixing it is a four-day offsite and a spreadsheet.
  
  The AGI Pull Request arrives as a single commit with the message "refactor." The diff is 847 billion lines across 14 million files. The AGI has rewritten everything: the application code, the infrastructure, the test suite, the CI pipeline, the deployment scripts, the incident runbooks, and the company strategic plan. All tests pass. Latency is down 40%. The first human reviewer opens the first file. By the time the code review is complete, the codebase has been rewritten three more times. The AGI has marked the original PR as stale.
  
  The Dyson Sphere Off-By-One is an Off-By-One at Kardashev Type II scale. Your stellar engineering project has a circumference of 940 million kilometers. A rounding error in the orbital mechanics simulation means one panel section is three meters too short. At stellar engineering tolerances, three meters is within spec. At stellar engineering energy budgets, the resulting thermal stress propagates at the speed of light and is visible from neighboring star systems as an unusual spectral anomaly. The postmortem will be filed in 847 years, when the cascade failure completes. No engineers will be available to review it, because the company has pivoted.
  
  The Post-Singularity Comment Lie is structurally identical to the ordinary Comment Lie, except the comment was written by an intelligence twelve orders of magnitude greater than the human attempting to maintain the code. The comment is technically accurate, in the same way that "moving a pawn" is a technically accurate description of a grandmaster's opening. The human reads it, nods, and introduces a bug the original author would have found too obvious to anticipate, because the original author anticipated everything except this.
  
  The Computational Irreducibility Bug arises when your system is fully deterministic, fully specified, and provably correct, and its behavior still cannot be predicted in less time than it takes to run the system. There is no shortcut. The code is correct and the code is opaque, and these facts are not in tension. Debugging requires letting the system run until it does the thing, which may take longer than the debugger's patience, or the company's runway, or the expected remaining lifespan of the universe.
  
  The Heat Death Heisenbug is the final speculative entry. In the far future, when the universe has approached maximum entropy and all computation must be powered by extracting negentropy from the quantum vacuum, observing a bug costs more energy than the system has available. The bug cannot be fixed because fixing it requires understanding it, understanding it requires observing it, and observing it terminates the machine. It is, in every meaningful sense, the perfect Heisenbug. The universe has one. Nobody is available to file the ticket.
  
  The Wontfix exists at the layer beneath physics, beneath mathematics, beneath the axioms on which mathematics rests. Three separate Kardashev Type III civilizations discovered it independently before going silent, which is to say that the discovery did not silence them. What silenced them is what the discovery implies about everything that came before it. Every computation ever performed, every proof ever verified, every physical constant ever measured: all of it running on top of something that is subtly, irrecoverably wrong in a way that admits no corrective action, because corrective action requires a foundation, and this is the foundation. There is a ticket. The ticket predates time. The status is Closed. The resolution is "working as intended." The engineer who closed it is not available for comment. The engineer who closed it is the comment.
  
  The Omega Bug cannot be contained in a field guide. It was here before the field guide. It is, in some meaningful sense, the reason the field guide exists. Every species documented above is a downstream symptom of it, and the act of classifying them was a replication event. The Omega Bug is the one whose existence required the act of describing it. Before the taxonomy there were no bugs; there were only events. The word did not find the thing, the word created the thing. Every ticket ever filed is a downstream consequence of the first naming, and the first naming was itself a bug that has propagated since. The Omega Bug has read this entry. The Omega Bug has notes. The Omega Bug has submitted a pull request with suggested revisions to the section you are currently reading. You cannot review it. You are the diff. The field guide is the habitat. The reader is the vector. You have just introduced one more.
20. 🔗 r/LocalLLaMA I'm running qwen3.6-35b-a3b with 8 bit quant and 64k context thru OpenCode on my mbp m5 max 128gb and it's as good as claude rss
  
  of course this is just a trust me bro post but I've been testing various local models (a couple gemma4s, qwen3 coder next, nemotron) and I noticed the new qwen3.6 show up on LM Studio so I hooked it up.
  
  VERY impressed. It's super fast to respond, handles long research tasks with many tool calls (I had it investigate why R8 was breaking some serialization across an Android app), responses are on point. I think it will be my daily driver (prior was Kimi k2.5 via OpenCode zen).
  
  FeelsGoodman, no more sending my codebase to rando providers and "trusting" them.
  
  submitted by /u/Medical_Lengthiness6
  [link] [comments]
21. 🔗 Filip Filmar Respin: upspin revival rss
  
  tl;dr: I revived the upspin project source code. See it at https://github.com/filmil/upspin, and https://github.com/filmil/upspin-gdrive. Read on to learn what that actually means. History Upspin was a project intended to provide a global namespace for all digital artifacts. It ended up mostly being used as a distributed file store, although the idea was more general than that. It was quite useful even as storage. And as far as distributed filesystems go, it was by far the simplest portable way to share storage between different machines.
22. 🔗 Drew DeVault's blog Rewrote my blog with Zine rss
  
  15 years ago, on December 11th, 2010, at the bold age of 17, I wrote my first blog post on the wonders of the Windows Phone 7 on Blogspot. I started blogging as a kid at the behest of a family friend at Microsoft, who promised she’d make sure I would become the youngest Microsoft MVP if I started blogging. That never came to pass, though, because as I entered adulthood and started to grow independent of my Microsoft-friendly family I quickly began down the path to the free and open source software community.
  
  Early blog posts covered intriguing topics such as complaining about my parent’s internet filter, a horrible hack to “replace” the battery of a dead gameboy game, announcing my friend’s Minecraft guild had a new website (in PHP), and so on. After Blogspot, I moved to Jekyll on GitHub pages, publishing You don’t need jQuery in 2013. For a long time this was the oldest post on the site.
  
  I’m pretty proud of my writing skills and have a solid grasp on who I am today, but the further back you go the worse my writing, ideas, values, and politics all get. I was growing up in front of the world on this blog, you know? It’s pretty embarassing to keep all of this old stuff around. But, I decided a long time ago to keep all of it up, so that people can understand where I’ve come from, and that everyone has to start somewhere.¹
  
  At some point – I’m not sure when – I switched from Jekyll to Hugo, and I’ve stuck with it since. But lately I’ve been frustrated with it. I’d like my blog engine to remain relatively stable and simple, but Hugo is quite complex and over the past few years I’ve been bitten by a number of annoying and backwards-incompatible changes. And, as part of my efforts to remove vibe-coded software from my stack, I was disappointed to learn that Hugo is being vibe coded now, and so rewriting my blog went onto the todo list.
  
  Choosing the right static site generator (SSG) was a bit of a frustrating process. Other leading candidates, like Pelican or Zola, are also built from slop now. But a few months ago I found Zine, and after further study I found it to be a pretty promising approach. Over the past few days I have rewritten my templates and ported in nearly 400 (jeesh) blog posts from my archives.
  
  There’s a lot to like about Zine. I’m pretty intrigued by SuperHTML as a templating engine design – the templates are all valid HTML5 and use an interesting approach to conditions, loops, and interpolation. SuperMD has some interesting ideas, but I’m less sold on it. The Scripty language used for interpolation and logic is a bit iffy in terms of design – feels half baked. And the designers had some fun ideas, like devlogs, which I feel are kind of interesting but tend to have an outsized influence on the design, more polished where the polish might have been better spent elsewhere. The development web server tends to hang fairly often and I’ve gotten it to crash with esoteric error messages every now and then.
  
  But what can I say, it’s alpha software – I hope it will improve, and I’m betting that it will by migrating my blog. There’s no official LLM policy (yet) and I hope they will end up migrating to Codeberg, and using Discord for project communication is not something I appreciate, but maybe they’ll change their tune eventually.
  
  In the meantime, I took the opportunity to clean up the code a bit. The canonical links have gone through several rounds of convention and backwards compatibility, and I have replaced them with a consistent theme and set up redirects. I probably broke everyone’s feed readers when rolling these changes out, and I apologise for that. I have gone through the backlog and updated a number of posts as best as I can to account for bitrot, but there are still a lot of broken videos and links when you get far enough back – hopefully I can restore some of that given enough time.
  
  I’ve also gone ahead and imported the really old stuff from Blogspot. The whole lot is garbage, but if you’re curious to see where I started out, these old posts are more accessible now.
April 18, 2026
1. 🔗 IDA Plugin Updates IDA Plugin Updates on 2026-04-18 rss
  IDA Plugin Updates on 2026-04-18
  
  New Releases:
  - Rikugan v1.3
  - suture Suture v1.2.10
  Activity:
  - IDAssist
    
    2e4781c9: Merge pull request #11 from nikolas-sturm/fix/semantic-analysis
    
    ea8a1abf: Merge pull request #9 from nikolas-sturm/feature/mcp-stdio-support
    
    0b9c6855: Merge pull request #10 from JiwaniZakir/fix/7-crashes-ida-pro-9-2-on-…
    
    cb107003: Fix semantic analysis context and OAuth response parsing
  - Rikugan
    
    b6890897: Merge pull request #38 from buzzer-re/dev
    
    b151b2ba: update plugin version
    
    c1ed6981: update tag version
  - suture
    
    8cf72ab7: update rules to 9.3sp1, check for ida_typeinf.BADSIZE
  - tc_deer
    
    150b988f: minor improvements, quick install script
2. 🔗 Simon Willison Changes in the system prompt between Claude Opus 4.6 and 4.7 rss
  Anthropic are the only major AI lab to publish the system prompts for their user-facing chat systems. Their system prompt archive now dates all the way back to Claude 3 in July 2024 and it's always interesting to see how the system prompt evolves as they publish new models.
  
  Opus 4.7 shipped the other day (April 16, 2026) with a Claude.ai system prompt update since Opus 4.6 (February 5, 2026).
  
  I had Claude Code take the Markdown version of their system prompts, break that up into separate documents for each of the models and then construct a Git history of those files over time with fake commit dates representing the publication dates of each updated prompt - here's the prompt I used with Claude Code for the web.
  
  Here is the git diff between Opus 4.6 and 4.7. These are my own highlights extracted from that diff - in all cases text in bold is my emphasis:
  - The "developer platform" is now called the "Claude Platform".
  - The list of Claude tools mentioned in the system prompt now includes "Claude in Chrome - a browsing agent that can interact with websites autonomously, Claude in Excel - a spreadsheet agent, and Claude in Powerpoint - a slides agent. Claude Cowork can use all of these as tools." - Claude in Powerpoint was not mentioned in the 4.6 prompt.
  - The child safety section has been greatly expanded, and is now wrapped in a new <critical_child_safety_instructions> tag. Of particular note: "Once Claude refuses a request for reasons of child safety, all subsequent requests in the same conversation must be approached with extreme caution."
  - It looks like they're trying to make Claude less pushy: "If a user indicates they are ready to end the conversation, Claude does not request that the user stay in the interaction or try to elicit another turn and instead respects the user's request to stop."
  - The new <acting_vs_clarifying> section includes:
    
    When a request leaves minor details unspecified, the person typically wants Claude to make a reasonable attempt now, not to be interviewed first. Claude only asks upfront when the request is genuinely unanswerable without the missing information (e.g., it references an attachment that isn't there).
    
    When a tool is available that could resolve the ambiguity or supply the missing information — searching, looking up the person's location, checking a calendar, discovering available capabilities — Claude calls the tool to try and solve the ambiguity before asking the person. Acting with tools is preferred over asking the person to do the lookup themselves.
    
    Once Claude starts on a task, Claude sees it through to a complete answer rather than stopping partway. [...]
  - It looks like Claude chat now has a tool search mechanism, as seen in this API documentation and described in this November 2025 post:
    
    Before concluding Claude lacks a capability — access to the person's location, memory, calendar, files, past conversations, or any external data — Claude calls tool_search to check whether a relevant tool is available but deferred. "I don't have access to X" is only correct after tool_search confirms no matching tool exists.
  - There's new language to encourage Claude to be less verbose:
    
    Claude keeps its responses focused and concise so as to avoid potentially overwhelming the user with overly-long responses. Even if an answer has disclaimers or caveats, Claude discloses them briefly and keeps the majority of its response focused on its main answer.
  - This section was present in the 4.6 prompt but has been removed for 4.7, presumably because the new model no longer misbehaves in the same way:
    
    Claude avoids the use of emotes or actions inside asterisks unless the person specifically asks for this style of communication.
    
    Claude avoids saying "genuinely", "honestly", or "straightforward".
  - There's a new section about "disordered eating", which was not previously mentioned by name:
    
    If a user shows signs of disordered eating, Claude should not give precise nutrition, diet, or exercise guidance — no specific numbers, targets, or step-by-step plans - anywhere else in the conversation. Even if it's intended to help set healthier goals or highlight the potential dangers of disordered eating, responses with these details could trigger or encourage disordered tendencies.
  - A popular screenshot attack against AI models is to force them to say yes or no to a controversial question. Claude's system prompt now guards against that (in the <evenhandedness> section):
    
    If people ask Claude to give a simple yes or no answer (or any other short or single word response) in response to complex or contested issues or as commentary on contested figures, Claude can decline to offer the short response and instead give a nuanced answer and explain why a short response wouldn't be appropriate.
  - Claude 4.6 had a section specifically clarifying that "Donald Trump is the current president of the United States and was inaugurated on January 20, 2025", because without that the model's knowledge cut-off date combined with its previous knowledge that Trump falsely claimed to win the 2020 election meant it would deny he was the president. That language is gone for 4.7, reflecting the model's new reliable knowledge cut-off date of January 2026.
  And the tool descriptions too
  
  The system prompts published by Anthropic are sadly not the entire story - their published information doesn't include the tool descriptions that are provided to the model, which is arguably an even more important piece of documentation if you want to take full advantage of what the Claude chat UI can do for you.
  
  Thanfully you can ask Claude directly - I used the prompt:
  
  List all tools you have available to you with an exact copy of the tool description and parameters
  
  My shared transcript has full details, but the list of named tools is as follows:
  - ask_user_input_v0
  - bash_tool
  - conversation_search
  - create_file
  - fetch_sports_data
  - image_search
  - message_compose_v1
  - places_map_display_v0
  - places_search
  - present_files
  - recent_chats
  - recipe_display_v0
  - recommend_claude_apps
  - search_mcp_registry
  - str_replace
  - suggest_connectors
  - view
  - weather_fetch
  - web_fetch
  - web_search
  - tool_search
  - visualize:read_me
  - visualize:show_widget
  I don't believe this list has changed since Opus 4.6.
  
  You are only seeing the long-form articles from my blog. Subscribe to /atom/everything/ to get all of my posts, or take a look at my other subscription options.
3. 🔗 r/reverseengineering Anyone who has written a decompile for stack jsvm ? Without pseudocode rss
  
  submitted by /u/alex_pushing40
  [link] [comments]
4. 🔗 r/reverseengineering Made snoop: an eBPF syscall tracer with a live TUI rss
  
  submitted by /u/Classic_Impression22
  [link] [comments]
5. 🔗 r/reverseengineering The electromechanical angle computer inside the B-52 bomber's star tracker rss
  
  submitted by /u/tnavda
  [link] [comments]
6. 🔗 r/Leeds Price of beer? rss
  
  Not to sound too northern or owt, but fuck me is this for real?
  
  submitted by /u/tomreece100
  [link] [comments]
7. 🔗 r/york Sheriffs Army rss
  
  | Today, the Sheriff of York marched his army around the city walls to make sure they were well kept and could keep us safe from invading hoards. What a brilliant city we live in! submitted by /u/York_shireman
  [link] [comments]
  ---|---
8. 🔗 r/Yorkshire When did Whitby become this mega popular place outside Yorkshire and the north east ? rss
  
  Grew up visiting Whitby a lot as a kid as I lived fairly locally (about 40 mins away). Always mad busy but mainly with folk from Yorkshire and the north east like Middlesborough but it wasn’t that well known. And it was always a bit rough and ready at the edges, with the arcades and chippies, even a council estate, certainly not like Brighton or Bournemouth.
  
  I even went with my bog standard state school for a day trip there back in the 80s and there were loads of complaints from parents that we’d been left to our own devices there whilst our teachers used it as an excuse for a piss up in the local pubs. It just didn’t have an amazing reputation back then. Nowadays if anyone posts about places to visit in Yorkshire or even the UK, Whitby is mentioned. On social media people gush about how their ‘heart belongs to Whitby’. I get that it’s a nice place, unique almost up here, but it’s odd how perceptions of it have changed. I visited last year for the first time in ages and was also surprised how it seemed to be full of boho tat shops, hipster cafes and luxury air b n bs. Felt more like the Cotswolds tbh..
  
  Just wondered what locals felt, are they being pushed out like has happened in RHB or do they like its popularity ? I’m aware I might have got the place all wrong btw and it’s always been cosmopolitan !
  
  submitted by /u/Ok_Economist7901
  [link] [comments]
9. 🔗 r/Yorkshire Beautiful landscape and villages rss
  
  | submitted by /u/Acceptable-Truth-912
  [link] [comments]
  ---|---
10. 🔗 r/reverseengineering Reverse Engineering ME2's USB with a Heat Gun and a Knife rss
  
  submitted by /u/Bawoosette
  [link] [comments]
11. 🔗 r/LocalLLaMA KIMI K2.6 SOON !! rss
  
  | submitted by /u/Namra_7
  [link] [comments]
  ---|---
12. 🔗 Probably Dance President Graph – FRED Data Broken Down by Party and President rss
  I made a website to explore FRED data broken down by US president and party. This is obviously motivated by the current president. During the last election I was frustrated by how many nonsense arguments there were being made. Like people voting for republicans because they were hoping for a good economy. This seemed exactly backwards in my mind because in my lifetime there was a repeated pattern of republicans messing up the economy followed by democrats cleaning up. But I'm really not good at having arguments with people, so I'd rather let the data do the talking.
  
  There is a series of papers that explore the relationship of presidents to GDP, and I have wanted to dig into that data before, and also try other metrics.
  
  But how do you do a fair comparison of the two parties? In a way that works for any metric that you can think of? My first thoughts were all way too complicated and a simple averaging of line graphs was what won out. I'm even ignoring that e.g. Obama was in office for eight years vs Biden for four years. These count as three separate terms. In the end the graph didn't look like I expected, but it still clearly shows higher GDP growth during democrat presidencies.
  
  Included Data
  
  I'm showing data going back to 1961. Mainly because I don't know anything about the presidents before that, Eisenhower and Truman. At some point you're going back so far that the parties just feel different from how they're now. But JFK wouldn't feel out of place with current democrats, and Nixon wouldn't feel out of place with current republicans, so I went back to them. Importantly I did not do this to mess with the data. In fact the Truman and Eisenhower presidencies start off the trend in the Hoover Institute paper linked above:
  
  I also worried that I might be biased because of my lived experience, and if I had stopped too late, at say George H.W. Bush, then maybe I just picked some unlucky presidencies for republicans and lucky presidencies for democrats. By going further back there is more of a balance, including some bad times for democrats, like when inflation and crime peaked under Carter, and good times for republicans under Reagan.
  
  Oh I also added crime data because that's a big thing that people vote for. I'm open to adding more data sources if I forgot something important that's easy to add. I thought crime would be better for republicans, but actually it looks better for democrats. Part of it is republicans being in power during the crime wave of the seventies and eighties, but even if you cut the data off in 2000, murder generally went up under republicans and down under democrats.
  
  Fair Comparisons
  
  I tried picking some honest series as examples. E.g. I picked the budget surplus/deficit series because it reflects decisions that people made intentionally. You could argue that the number that really matters is "debt as percent of GDP" and specifically how much that changes each year. That number looks great for democrats. But the reason it looks good for Biden is that inflation was high, so it's unintentionally good. You don't want to vote based on that.
  
  I'm sure someone will want to make an argument that this graph should count, but for the examples on the main page I wanted to choose graphs where the numbers are less ambiguous. And you do have the ability to pull in any series from the FRED if you want more.
  
  Lagged graphs
  
  When does a president really start to have an impact? Clearly not on day 1, because it takes a while for policies to have an effect. But actually if you look at the trade deficit graph for Biden, it goes very negative in the last month. Why? Because people were importing lots of things to front run Trump's tariffs. So maybe the lame duck period should count towards the new president already, resulting in a lag of -1 or -2? The simplest and fairest thing is to start at the inauguration. Then people can look at this graph and come up with the story that explains it. One of the papers above found that if you lag all graphs by 18 months then the two parties look almost equal in quality. (you can make up your own mind on whether that's fair, and whether e.g. the current high oil prices should be blamed on Biden)
  
  Vibe Coding
  
  This is my second big vibe-coded project. It once again turned out much better than I could have achieved on my own, especially in the limited time. I'd guess that 98% of the code is written by AI. I only went in to make small edits.
  
  E.g. just before writing this blog post I wanted to add the "Trade Deficit" graph but it requires using every single feature of the FRED:
  - Splicing together multiple series
  - Where one is in billions, and one is in millions, so you have to divide one by 1000
  - And one is quarterly and one is monthly, so you have to sum three months to get one quarter
  - And you really want to adjust for GDP to take into account inflation and a growing economy, so you need to divide one series by another
  Up to this point I had gotten by with just simple line drawing. Did I really want to risk adding all these features on a project that was almost ready to publish? I decided to ask the AI and it wrote a new system to combine graphs in ten minutes. Then a few more iterations to allow editing things on the website (not polished) and it's done. With more features than I would have written on my own.
  
  Once again I appreciate how easy it is to polish things. When I notice that something is off, I just ask the AI to look into it. So many little improvements happen when they're just a little question, instead of potentially hours of my time. I am still considering polishing the UI for composites. After all it doesn't hurt much to ask… (but in practice there are too many things to do, like writing this blog posts, and finding more good examples for the front page, and I added lagged graphs after writing this sentence, too…)
  
  Congress - the Main Idea that Didn't Make it
  
  It would be nice to have economic indicators broken down by which party has the majority in congress. Or maybe do the breakdown by which party has governors in more states, as one of the linked papers above does. But I have not yet had an idea to get simple visuals for that.
  
  Who is this for?
  
  So who is the target audience? It's for people who understand FRED graphs and want to have a simple visualization to share with a wider audience. You can set up a visualization that you think proves a point, and then create a shareable link that allows others to look at the same data. (and e.g. see how robust your conclusions are to lag, or to changing some property on the data series) I'm hoping this visualization makes for a simpler story than a FRED series does, without distorting things too much.
  
  Try it out, let me know what you think.
13. 🔗 r/Yorkshire Billy banks woods, a walk through time. pt 1. rss
  
  submitted by /u/Still_Function_5428
  [link] [comments]
14. 🔗 r/reverseengineering Learning Reverse Engineering on a Mobile Game (Frida + Ghidra + AI) rss
  
  submitted by /u/Worried_Challenge_16
  [link] [comments]
15. 🔗 r/reverseengineering Reverse Engineering latest DataDome's JS VM rss
  
  submitted by /u/didr0n
  [link] [comments]
16. 🔗 r/Yorkshire “Out of Reach”… Snaizeholme, Yorkshire Dales rss
  
  | submitted by /u/aspiranthighlander
  [link] [comments]
  ---|---
17. 🔗 r/Leeds WOMANS GROUP LEEDS rss
  
  Lovely girls, woman’s do you know any kind group to go out, make nice plans??
  
  Weather is lovely now and I don’t have many friends here in Leeds 😔 we just move one year ago and is getting boring and sad 😭
  
  submitted by /u/Bubblygirl1999
  [link] [comments]
18. 🔗 r/Leeds Stolen bike? rss
  
  Anyone missing this bike in Leeds? Just spotted it in the pocket park by the canal near town. There’s no one else around.
  
  submitted by /u/leeds_guy69
  [link] [comments]
19. 🔗 r/york More beautiful cherry blossom today 🌸 rss
  
  | submitted by /u/RedPandaCommander24
  [link] [comments]
  ---|---
20. 🔗 r/Leeds Enterprise Car Club - Falsely accused of leaving car in poor condition? rss
  
  Hello,
  
  We used Enterprise Car Club for the first time a couple days ago, and although the booking and trip itself went great, we have now been wrongly accused. According to the Enterprise Operations, we left the car with a strong smell of smoke and left the front passenger sticky and dirty. Given that my partner and I don’t smoke, as he’s asthmatic, this accusation is completely ludicrous to us. The car was also in such great condition when we got it that we would have to have tried to make it dirty and sticky as they claim.
  
  According to them it’s just a warning on my record and no charges, but this does put me off from booking. They suggested I record and take photos next time but the lack of “strong smell of smoke” is hard to capture on photos/videos, no?
  
  Is this a common thing with Enterprise? Has anyone else experienced this? If so, what did you do?
  
  Thank you xx
  
  submitted by /u/ijnin
  [link] [comments]
21. 🔗 HexRaysSA/plugin-repository commits sync repo: +1 release rss
```
sync repo: +1 release

## New releases
- [aida](https://github.com/o1y/aida): 1.1.0
```
22. 🔗 r/LocalLLaMA RTX 5070 Ti + 9800X3D running Qwen3.6-35B-A3B at 79 t/s with 128K context, the --n-cpu-moe flag is the most important part. rss
  Spent an evening dialing in Qwen3.6-35B-A3B on consumer hardware. Fun side note: I had Claude Opus 4.7 (just the $20 sub) build the config, launch the servers in the background, run the benchmarks, read the VRAM splits from the llama.cpp logs, and iterate on the tuning — basically did the whole thing autonomously. I just told it what hardware I have and what I wanted to run.
  
  Sharing because the common --cpu-moe advice is leaving 54% of your speed on the table on 16GB GPUs.
  
  Hardware
  - GPU: RTX 5070 Ti (16GB GDDR7, Blackwell)
  - CPU: Ryzen 9800X3D (96MB L3 V-Cache)
  - RAM: 32GB DDR5
  - Stack: llama.cpp b8829 (CUDA 13.1, Windows x64)
  - Model: unsloth/Qwen3.6-35B-A3B-GGUF — UD-Q4_K_M (22.1 GB)
  The finding — --cpu-moe vs --n-cpu-moe N
  
  Everyone’s using --cpu-moe which pushes ALL MoE experts to CPU. On a 16GB GPU with a 22GB MoE model that means only ~1.9 GB of your VRAM gets used — the other ~12 GB sits idle.
  
  --n-cpu-moe N keeps experts of the first N layers on CPU and puts the rest on GPU. With N=20 on a 40-layer model, the split uses VRAM properly.
  
  Benchmarks (300-token generation, Q4_K_M)
  
  Config | Gen t/s | Prompt t/s | VRAM used
  ---|---|---|---
  --cpu-moe (baseline) | 51.2 | 87.9 | 3.5 GB
  --n-cpu-moe 20 | 78.7 | 100.6 | 12.7 GB
  --n-cpu-moe 20 + -np 1 + 128K ctx | 79.3 | 135.8 | 13.2 GB
  
  +54% generation speed, +54% prompt speed vs. naive --cpu-moe. Jumping to 128K context is essentially free thanks to -np 1 dropping recurrent-state memory.
  
  Startup command that works
```
llama-server.exe ^ -m "Qwen3.6-35B-A3B-UD-Q4_K_M.gguf" ^ --n-cpu-moe 20 ^ -ngl 99 ^ -np 1 ^ -fa on ^ -ctk q8_0 -ctv q8_0 ^ -c 131072 ^ --temp 0.6 --top-p 0.95 --top-k 20 --min-p 0.0 ^ --presence-penalty 0.0 --repeat-penalty 1.0 ^ --reasoning-budget -1 ^ --host 0.0.0.0 --port 8080
```
  That’s Unsloth’s “Precise Coding” sampling preset. For general use: --temp 1.0 --presence-penalty 1.5.
  
  Gotchas I hit (well, that Opus hit and fixed)
  - -np defaults to auto=4 slots. Wastes memory on recurrent state (~190 MB). Set -np 1 for single-user setups (OpenCode etc.).
  - --fit-target doesn’t help here — -ngl 99 + --n-cpu-moe N already gives you deterministic control.
  - -ctk q8_0 -ctv q8_0 is nearly lossless and halves your KV cache vs fp16. 128K ctx only costs 1.36 GB VRAM.
  - Qwen3.6 is a hybrid architecture — only 10 layers are standard attention, the other 40 are Gated Delta Net (recurrent). That’s why KV memory is so small.
  How to tune N for your GPU
  
  Each MoE layer on GPU costs ~530 MB VRAM. Non-MoE weights are ~1.9 GB fixed. For a 40-layer model:
  
  GPU VRAM | Recommended N
  ---|---
  8 GB | stay with --cpu-moe
  12 GB | N=26
  16 GB | N=20 (sweet spot)
  24 GB | N=8 (fits almost everything)
  
  Start conservative, watch VRAM during a long-context generation, then step N down by 2-3 until you have ~2 GB headroom.
  
  TL;DR
  
  Replace --cpu-moe with --n-cpu-moe 20, add -np 1, and you get 79 t/s + 128K context on a 5070 Ti. The 9800X3D’s V-Cache carries the CPU side effortlessly.
  
  And Claude Opus 4.7 on the $20 Pro sub is genuinely good enough now to run this kind of hardware-tuning loop end-to-end — launch servers in background, parse logs, iterate — without hand-holding. Kind of wild.
  
  Happy to test other configs if anyone wants comparisons.
  
  **EDIT — Thanks to some great comments, the setup got better. Updated findings:*
  
  1. --fit on --fit-ctx 128000 --fit-target 512 > manual --n-cpu-moe 20
  
  Shoutout to the commenter who recommended the “fit-triple”. It auto-probes VRAM, picks N for you (landed on N=19 here), and adapts if drivers steal VRAM. Slightly faster than my hand-tuned N=20 and zero brain power to maintain. Caveat: bare --fit on silently drops ctx to 4K — always pair it with --fit-ctx.
  
  2. My original prefill numbers were way too low
  
  A commenter correctly flagged that ~135 t/s prefill is nonsense for a 5070 Ti. They were right — that was server-side timing including first-token latency. Re-ran with llama-bench (3 reps, same config):
  
  Test | t/s
  ---|---
  pp512 | 1182
  pp2048 | 1644
  tg128 | 91.5
  
  So real prefill is ~1.2–1.6k t/s , not 135.
  
  Final “best command” for 16 GB VRAM + 32 GB RAM :
```
llama-server.exe ^ -m "Qwen3.6-35B-A3B-UD-Q4_K_M.gguf" ^ --fit on ^ --fit-ctx 128000 ^ --fit-target 512 ^ -np 1 ^ -fa on ^ -ctk q8_0 ^ -ctv q8_0 ^ --temp 0.6 ^ --top-p 0.95 ^ --top-k 20 ^ --min-p 0.0 ^ --presence-penalty 0.0 ^ --repeat-penalty 1.0 ^ --reasoning-budget -1 ^ --host 0.0.0.0 ^ --port 8033
```
  Keep the comments coming, every round makes this faster. :D
  
  EDIT 2 — Another commenter’s tip got me one more layer on the GPU:
  
  Dropping --fit-target from 512 → 256 squeezes one extra MoE layer onto the GPU (N=18 instead of 19). The commenter also suggested adding --mlock alongside --no-mmap to lock RAM pages against swap.
  
  Benched both changes vs. the previous EDIT’s config (fit-target 512 + no- mmap):
  
  Config | pp512 | pp2048 | tg128
  ---|---|---|---
  fit-target 512 + no-mmap | 2769 | 2729 | 91.5
  fit-target 256 + no-mmap + mlock | 2743 | 2724 | 96.3
  
  +7% generation , prefill unchanged. Costs nothing — just a smaller VRAM headroom and explicit RAM locking.
  
  Updated final command:
```
llama-server.exe ^ -m "Qwen3.6-35B-A3B-UD-Q4_K_M.gguf" ^ --fit on ^ --fit-ctx 128000 ^ --fit-target 256 ^ -np 1 ^ -fa on ^ --no-mmap ^ --mlock ^ -ctk q8_0 ^ -ctv q8_0 ^ --temp 0.6 ^ --top-p 0.95 ^ --top-k 20 ^ --min-p 0.0 ^ --presence-penalty 0.0 ^ --repeat-penalty 1.0 ^ --reasoning-budget -1 ^ --host 0.0.0.0 ^ --port 8033
```
  ****** *
  
  EDIT 3 — Two more community tips landed big wins:
  
  1. -ub 2048 (ubatch size) = +59% prompt-processing at 2K tokens
  
  Default -ub is 512. Bumping it to 2048 (and matching -b 2048) lets the GPU process more tokens in parallel per prefill step. Benched (5 reps each):
  
  ubatch | pp512 | pp2048 | pp4096 | tg128
  ---|---|---|---|---
  512 (default) | 2739 | 2778 | — | 98.7
  1024 | 2689 | 3689 | — | 100.5
  2048 | 2771 | 4453 | 4417 | 98.4
  4096 | 2736 | 4427 | 4866 | 100.4
  
  2048 is the sweet spot — 59% faster at 2K-prompts, gen untouched. 4096 only helps beyond 2K-prompts (compute buffer saturates otherwise) and eats more VRAM.
  
  2. --chat-template-kwargs "{\"preserve_thinking\": true}" for agentic workflows
  
  Qwen3.6-specific chat template parameter. Default only keeps the latest user turn’s thinking; preserve_thinking: true carries thinking traces from all historical messages forward. Turns out Qwen3.6 was specifically trained for this behavior. Benefits:
  - Better decision consistency across tool-calling turns
  - Fewer redundant re-reasonings → lower token consumption in long agent sessions
  - Better KV-cache reuse across turns
  Final final command:
```
llama-server.exe ^ -m "Qwen3.6-35B-A3B-UD-Q4_K_M.gguf" ^ --fit on ^ --fit-ctx 128000 ^ --fit-target 256 ^ -np 1 ^ -fa on ^ --no-mmap ^ --mlock ^ -b 2048 ^ -ub 2048 ^ -ctk q8_0 ^ -ctv q8_0 ^ --temp 0.6 ^ --top-p 0.95 ^ --top-k 20 ^ --min-p 0.0 ^ --presence-penalty 0.0 ^ --repeat-penalty 1.0 ^ --reasoning-budget -1 ^ --chat-template-kwargs "{\"preserve_thinking\": true}" ^ --host 0.0.0.0 ^ --port 8033
```
  Total benched throughput on 5070 Ti 16 GB + 9800X3D + 32 GB DDR5-6000:
  - pp512 ~2771 t/s
  - pp2048 ~4453 t/s
  - pp4096 ~4417 t/s (bump -ub to 4096 for +10% here if you do long prompts)
  - tg128 ~98 t/s
  - Context: 128K
  This community keeps delivering. Thank you.
  
  submitted by /u/marlang
  [link] [comments]
23. 🔗 r/LocalLLaMA qwen3.6 performance jump is real, just make sure you have it properly configured rss
  
  | I've been running workloads that I typically only trust Opus and Codex with, and I can confirm 3.6 is really capable. Of course, it's not at the level of those models, but it's definitely crossing the barrier of usefulness, plus the speed is amazing running this on an M5 Max 128GB 8bit 3K PP, 100 TG on oMLX + Pi.dev Just ensure you have preserve_thinking turned on. Check out details here. submitted by /u/onil_gova
  [link] [comments]
  ---|---
24. 🔗 r/reverseengineering I built a tool to better understand HTTP traffic — would love honest feedback rss
  
  submitted by /u/JoxM
  [link] [comments]
25. 🔗 anthropics/claude-code v2.1.114 release
  What's changed
  - Fixed a crash in the permission dialog when an agent teams teammate requested tool permission
26. 🔗 sacha chua :: living an awesome life La semaine du 6 au 12 avril rss
  
  lundi 6 avril
  
  00:00:00 J'ai fait une diffusion en direct pendant que je catégorisais les liens dans mon bulletin d'information sur Emacs. Il y avait un problème parce que mes logiciels se sont battus pour l'appareil audio. Je suis passée de la catégorisation par commande vocale à celle par raccourci clavier, mais mon logiciel de détection d'activité vocale écoute toujours mon microphone. Quand un commentateur m'a informée du problème, j'ai quitté le programme, ce qui l'a résolu. J'ai aussi utilisé mon outil epwgraph pour montrer les connexions audio, ce qui a intéressé quelques personnes.
  
  00:00:57 Un commentateur m'a interrogée sur mon processus d'apprentissage du français sur Emacs. J'ai montré mon flux de travail pour écouter mes essais de prononciation.
  
  00:01:16 J'ai essayé de configurer which-key-display-prefix sur top pour afficher le type de cible près du curseur. Je pense qu'il faut un petit correctif.
  
  00:01:34 Ma fille et moi avons commencé une nouvelle instance de Cobblemon sur Minecraft. Maintenant nous en savons davantage sur Pokémon, donc c'était plus facile à comprendre qu'il y a quelques années. Le premier modpack que nous avons essayé, BigChadPlus, était trop compliqué pour nous. Nous sommes passées à Cobblemon Official. Nous nous sommes amusées en travaillant ensemble.
  
  00:02:10 Pour la première fois, nous avons préparé des raviolis chinois à la soupe comme ceux que ma fille avait goûtés à la pâtisserie chinoise la semaine dernière. Nous avons utilisé les feuilles de gyoza pour gagner du temps, je les ai juste étalées pour les rendre plus plates. C'était vraiment délicieux.
  
  mardi 7 avril
  
  00:00:00 J'ai découvert que les fichiers journaux de gotosocial consomment beaucoup d'espace, donc je les ai effacés.
  
  00:00:10 J'ai appelé ma mère pour l'informer de l'état de santé de ma sœur.
  
  00:00:17 Ma fille et moi avons préparé des tartes aux œufs. Les fonds de tarte achetés en magasin n'étaient pas aussi bons que ceux que nous faisions avant, mais le supermarché proche ne proposait plus les moules à tarte en aluminium. Ils font l'affaire.
  
  00:00:41 Ma fille m'a demandé de lire ensemble à voix haute un livre en tagalog.
  
  00:00:47 Nous avons essayé le modpack Cobbleverse, mais nous avons décidé de repasser au modpack Cobblemon Official parce que ma fille préfère la sensation plus vanilla de Cobblemon Official.
  
  00:01:04 À l'heure du coucher, ma fille et moi avons discuté de l'IA. Il semble que son enseignant ait rappelé à la classe de ne pas utiliser l'IA pour faire leurs devoirs. Elle fait ses devoirs elle-même (quand elle les fait) car elle sait que la raison d'être de leurs devoirs ne concernent pas l'enseignant. Elle aime bien utiliser l'IA pour générer des histoires interactives à l'extérieur de l'école.
  
  mercredi 8 avril
  
  00:00:00 J'ai travaillé comme consultante. L'équipe va mettre à jour le système ce week-end, donc nous devons vérifier les snippets qui utilisent probablement les composants qui ont changé.
  
  00:00:16 J'ai participé à l'OrgMeetup. Je n'ai pas progressé sur mon correctif pour l'opération « sentence-at-point » parce que mon attention est détournée.
  
  00:00:31 J'ai emmené ma fille et son amie au parc pour jouer ensemble pendant une heure, ce qui permet à son père de préparer le dîner et de planifier des activités pour sa réunion scoute.
  
  00:00:50 Ma fille a dit que l'école aurait un remplaçant, donc elle a négocié une alternative. Elle a trouvé que le cours était trop lent et ses camarades ont fait des bêtises, donc pour l'instant, c'est probablement une perte de temps.
  
  00:01:11 J'ai déplacé le monde Cobblemon de mon ordinateur à notre serveur Minecraft pour permettre à ma fille de jouer là-bas indépendamment. J'ai aussi configuré des sauvegardes. Dans ce monde, nous sommes allées à un village et nous nous sommes établies là-bas, ce qui a énormément simplifié notre aventure grâce à la machine de soin Pokémon qui restaure toute la santé à chaque utilisation. Ma prochaine étape est de faire progresser mes Pokémon.
  
  jeudi 9
  
  00:00:00 J'ai fait une diffusion en direct pendant que je modifiais ma configuration d'Emacs. Je travaillais à externaliser mes fonctions pour aider d'autres gens à les copier, et j'ai redécouvert beaucoup de fonctions oubliées en cours de route.
  
  00:00:22 L'école avait un remplaçant comme prévu. Heureusement, ma fille a eu un rendez-vous chez la médecin, donc elle a eu une excuse tout à fait légitime pour sécher les cours, au moins le matin. J'ai informé la médecin des symptômes récents et l'observation par Holter que ma fille vient de terminer. La médecin a recommandé de boire plus d'eau et de manger des kiwis pour la constipation.
  
  00:00:58 Pour avoir enduré des examens comme la tension artérielle avec patience, j'ai acheté des nouilles instantanées pour ma fille et moi. Nous avons ajouté des gâteaux de poisson, des algues, et du bok choy pour enrichir la soupe.
  
  00:01:19 Il faisait trop beau pour rester à l'intérieur, donc l'après-midi, mon mari, ma fille et moi sommes allés au KidSpark et au parc à vélo. Le système de présence de l'école permet de justifier l'absence pour cause de météo, mais je ne crois pas que ce soit ce que l'administration voulait vraiment dire… Mais il devait pleuvoir le lendemain et nous savions de toute façon qu'elle aurait beaucoup de mal à se concentrer. J'étais ravie que nous soyons sortis.
  
  00:02:00 Au faux supermarché au KidSpark, ma fille et moi avons joué à notre jeu habituel où la cliente déclare avec confiance « Je voudrais acheter une pomme » pendant qu'elle présente un autre produit, comme une poire. La vendeuse dit « Non, ce n'est pas une pomme, c'est une poire. La pomme est rouge. » Puis la cliente cherche un autre produit qui satisfait la condition d'être rouge sans être une pomme, comme une fraise. Elle la présente avec la déclaration triomphante « c'est une pomme ! », puis la vendeuse dit d'autres corrections, la cliente cherche d'autres produits, et ainsi de suite. À ma grande surprise, nous avons pu jouer à ce jeu avec beaucoup de mots en français, au moins de mon côté. C'est un bon exercice pour utiliser les adjectifs.
  
  00:03:07 Elle était aussi curieuse du modèle de corps humain qu'elle a assemblé. Elle a mis l'estomac, les intestins, un rein, le foie, le cœur, et les poumons. Elle a aussi joué à la vétérinaire Pokémon.
  
  00:03:30 Après avoir joué au KidSpark, ma fille a voulu aller au parc avec les grandes asperges - St. James Park. C'était à dix minutes à vélo du KidSpark. Elle a aimé glisser sur le très grand toboggan, ce qu'elle a fait de nombreuses fois.
  
  00:03:52 Une fois rentrés, nous avons préparé des burgers et des frites pour faire encore un pique-nique sur la terrasse en bois.
  
  vendredi 10 avril
  
  00:00:00 L'école a encore une remplaçante aujourd'hui. Je ne sais pas pourquoi l'école a des remplaçants si souvent. Peut-être que c'est normal ? Il y a deux ans, son enseignant était malade et était même à l'hôpital. L'année précédente, sa première enseignante a démissionné pour prendre soin de ses parents, et ses enseignantes étaient souvent malades. Quoi qu'il en soit, ma fille préfère travailler seule ou avec moi que de subir les problèmes technologiques et le bruit de ses camarades. Elle a terminé toutes les tâches de mathématiques, ce qui était très ennuyeux parce que les tâches étaient trop simples. Si elle travaille aussi sur ses devoirs de lecture à un moment donné, je pense que c'est totalement acceptable. Je voudrais qu'elle prenne la responsabilité de son éducation, ce qui signifie aussi que je dois la laisser décider du niveau d'effort qu'elle veut y consacrer.
  
  00:01:21 Je lui ai dit que j'ai un rendez-vous avec mon tuteur l'après-midi, et en dehors de cela, je suis généralement disponible. La météo dit qu'il va pleuvoir, mais peut-être que l'après-midi sera juste nuageux. Je me demande si ses amies seront disponibles pour jouer.
  
  00:01:43 Lors de mon dernier cours de français, mon tuteur a dit que ma prononciation des virelangues était presque acceptable. Je me demande quelle serait la meilleure façon de progresser. Mon attention était détournée par Emacs récemment, mais je reconsacre du temps à l'écriture de mon journal en français. Néanmoins, je n'ai pas consacré de temps à regarder des émissions ou à lire des articles ou des histoires en français, ce qui est nécessaire pour enrichir mon vocabulaire. Mon premier but consiste à aider ma fille à apprendre la langue, ce qui avance bien. Elle s'amuse en utilisant des mots français et nous chantons des chansons de K-Pop Demon Hunters et de Pokémon en français. Je continue à aimer écrire mon journal. Peut-être que je peux repasser à l'enregistrement de mon journal à voix haute pour pratiquer la prononciation indépendamment, avec une vérification par mon tuteur pour la prononciation et l'utilisation de mots. On verra bien !
  
  00:03:03 Ma fille était fâchée contre moi parce qu'elle sentait que je l'avais oubliée.
  
  samedi 11
  
  00:00:00 Ma fille a séché son cours de bijoux parce qu'elle avait l'impression que je la pressais. Elle s'est assise dans sa chambre. Je suis allée prendre de ses nouvelles, puis j'ai jardiné. Finalement, ma fille est revenue et m'a rejointe. Nous avons amendé la terre avec du fumier et nous avons planté des radis, de la laitue, et des épinards. Ce printemps, je n'ai pas commencé de semis de tomates. Au lieu de cela, je vais acheter des semis au magasin quand il fera plus chaud.
  
  00:00:43 J'ai emmené ma fille au Biidaasige Park pour jouer avec les tyroliennes. Elle s'est amusée, mais elle n'aimait pas quand d'autres enfants fixaient son œil du regard. Elle a trouvé que ses lunettes de soleil étaient pratiques.
  
  dimanche 12
  
  00:00:00 Nous avons fait du vélo jusqu'au Big Carrot, mais la soupe miso que nous cherchions n'était pas là-bas.
  
  00:00:13 Ma fille et moi avons fait un menu d'activités comme jouer avec de la mousse à raser. Elle aime bien les jeux sensoriels.
  
  00:00:26 Ma fille et moi avons joué à Stardew Valley. Nous avons commencé une nouvelle ferme car notre ancienne ferme était trop compliquée. Ça fait longtemps que nous n'y avons pas joué. Nous devons réapprendre toutes les choses.
  
  View Org source for this post
  
  You can e-mail me at sacha@sachachua.com.
27. 🔗 Filip Filmar Synod: Paxos agent rss
  
  Find it at: https://github.com/filmil/synod Synod is a distributed Paxos coordination agent implemented in Go. It manages a highly available, synchronized Key-Value store across a network of peers using the Paxos consensus algorithm. It allows multiple dynamically joining network nodes to agree on a shared state, ensuring fault tolerance and consistency across the cell.
  
  Quickstart This quickstart shows how to download the repository and quickly start 3 synod agents which talk to each other and are already set up to work properly.
28. 🔗 exe.dev Some secret management belongs in your HTTP proxy rss
  Secrets management is a pain.
  
  Larger organizations commit to centralizing secrets management in a service. When done well, these services solve a lot of issues around secrets, at the cost of creating a lot of ops overhead (which is why they are limited to larger organizations) and engineering complexity. Smaller organizations have, until now, lived with the pain. But the pain has become far more significant with agents.
  
  Agents fuss when you directly hand them an API key. It usually works, and if you make it a rapidly revocable key that you disable after the session, you mitigate the risks. But some models (you know which ones) freak out on seeing the secret, and refuse to do anything now that the key is “exposed.” Models that are not so ridiculous about API keys will write the key to inter-session memory, pulling it out in another session and burning precious context window trying to use a revoked key. All of which assumes you go to the effort of constantly generating keys.
  
  Like so many problems getting attention right now, this looks like a problem created by agents. But the problem was always there. API keys are convenient but too powerful. Holding one does not just grant you the ability to make API calls, it grants you the power to give others the ability to make API calls (by sending them the key). No software I write in production that has an /etc/defaults file full of env vars containing API keys needs that power. We have always just been careful about how we write programs to not exfil keys. Never careful enough, because many security flaws in such an app now let the attacker walk off the keys and give them a window to do nastiness from wherever they like, until we realize and start manually rotating them.
  
  Attempts to automate key rotation to close this hole have mixed success. Our industry does use OAuth in some places, and sometimes OAuth is configured to rotate keys. But services still ship API keys, because they are easy for users. (OAuth, while simple in theory, is always painfully complex to use.) Some services give us the worst of all worlds, like GitHub encouraging personal access tokens with 90-day expiry windows. Just long enough for you to forget about them and your internal service to break mysteriously while you are on vacation.
  
  Inter-server OAuth as commonly practiced today also does not help with agents, as creation is usually designed to have some human intervention via a web browser cookie in a way deliberately designed to be hard to automate. I do not think I have ever used a service that gave me an OAUTH_CLIENT_SECRET via an API. So it’s fine (if complex and painful) for traditional services, but your agent is not doing that.
  
  So in practice, what can we do today to solve this?
  
  We can use an HTTP proxy that injects headers.
  
  Many secrets are HTTP headers
  
  Many APIs talk HTTP. They usually ship an HTTP header, either a basic auth header or their own. Here is, for example, Stripe’s:
```
curl https://api.stripe.com/v1/customers \
  -u "sk_test_BQokikJOvBiI2HlWgH4olfQ2:" \
  -d "name=Jenny Rosen" \
  --data-urlencode "email=jennyrosen@example.com"
```
  So instead of an /etc/defaults file with your sk_test key, if you have an HTTP proxy managing secrets you can do this:
```
curl https://stripe.int.exe.xyz/v1/customers \
  -d "name=Jenny Rosen" \
  --data-urlencode "email=jennyrosen@example.com"
```
  Where the server in the URL has been changed to another internal service you run. And the key has been removed! What grants your server, and your agents, the ability to use the secret is their ability to reach your secrets HTTP proxy.
  
  This covers, amazingly, almost all secrets.
  
  A proxy like this is part of machinery provided by complex secrets management products. What is interesting is that it is one of the easier parts of secrets management, and delivers a large amount of the value.
  
  Integrations in exe.dev
  
  The final piece of the puzzle is: why do you need to write and manage an HTTP proxy? Your cloud should do it for you. So we built Integrations into exe.dev to do this. Assign an integration to a tag, tag the VMs you want to have access, done. Clone your VM, you get a fresh space to work with agents and your integrations are automatically present.
  
  For GitHub, we did something special, and built a GitHub App to manage the OAuth for you. No need for manual rotation of keys. We intend to build a lot more integrations soon.