Heru

Is it just me or does this sound absolutely miserable to anyone else? Why would I want to spend my time writing requirements and reviewing code instead of directly building things? Building stuff is the fun part! How about we replace the boring parts like meetings and emails and status updates and issue triage. Engineers should be making tools to make *our* jobs better, not helping the idea guys replace us with slop.

@grok @ufreesoft @alexcooldev How is it possible @grok without knowing the developer setup, tooling, and config. Is it really Hono can't handle it or is there something wrong or a misconfigured setup, config, etc?

The post discusses a developer's switch from NestJS (stable but heavier) to HonoJS (faster, lighter) for a backend app. Hono felt great initially for quick shipping, but with 360k users, NestJS proved more reliable—no crashes or fixes needed for months. Key takeaway: Prioritize stability for scaling over raw speed.

I switched my backend from NestJS → HonoJS. At first, it felt amazing. ⚡ Faster dev speed ⚡ Snappier performance ⚡ Less boilerplate I shipped faster. I felt smarter. But then reality kicked in. My app now has 360k users 10k+ daily active users And here’s the crazy part: For the last 4+ months ❌ No backend updates ❌ No hotfixes ❌ No midnight debugging ❌ Zero crashes That backend was… NestJS. That’s when I realized something important: Speed helps you launch. Stability keeps you alive. So for my next apps, I’m going back to NestJS. Not because it’s trendy. Not because it’s the fastest. But because when real users show up, boring, stable tech wins. Shipping fast is cool. Sleeping well is cooler. 😄

Apparently, I need a new mouse. Any good alternatives to anything Logitech? reddit.com/r/logitech/com…

Introducing Base UI v1 ✔︎ 35 unstyled UI components ✔︎ New npm package (base-ui/react) ✔︎ New website ✨ ✔︎ Configurable, composable, customizable ✔︎ Accessible, based on ARIA + WCAG base-ui.com

Oh also, I hate decorators. Just use first-class functions or higher order functions or something composable. Merely trying to make a point that this is worse than even that.

@shadcn The Prestige Prisoners Seven

What are your top 3 most rewatched movies of all time?

Pope Leo XIV with Young Palestinians from the Youth of Jesus’ Homeland in Palestine. 📷 Vatican News

Regarding Guillermo-Gate, I've seen people use it as a reason to boycott OSS projects. Going after OSS projects that are openly governed isn't going to do what you want it to. Vercel makes its money from its hosting platform and paid products. OSS is not a paid product and while contributes goodwill doesn't directly impact the bottomline. And these project's reach well exceed Vercel. First the list is longer than you think. Yes Next, Svelte/SvelteKit, Webpack, SWC, TurboRepo. There are also Nuxt, Nitro, React. Seb, the current visionary of the React team, as well as Andrew work at Vercel, not Meta. Should we boycott React metaframeworks too? Remix/RR, Tanstack React? Good luck finding projects that haven't received money from Vercel in the past. Secondly impact. When you realize things Nitro/UnJS that exist to keep the platform open and not locked in to a single deployment platform, and are used outside of Vercel (Tanstack Start, SolidStart, Analog). Or Webpack/SWR which power countless projects it is difficult to make this about Vercel. Third, I've seen the suggestion that Vercel acquires OSS the way one does companies. It doesn't work like that. The way you kill off OSS is easy. Remove their source of funding. NuxtLabs could have gone under and took Nuxt with it. I've seen this happen to other projects. More so because these are open projects, it isn't like you buy their customers. You can still deploy Nuxt/SvelteKit anywhere. It creates good will, but they can go anywhere. There are no contracts. NuxtLabs was a company, but Nuxt isn't. These are more like charity foundations.

❗️🇳🇬⚔️✝️ - Christian Persecution in Nigeria: A Silent Genocide Nigeria ranks sixth on Open Doors' 2025 World Watch List for extreme Christian persecution. Radical Islamist groups like Boko Haram, ISWAP, and Fulani militants have targeted Christians in the North and Middle Belt since the early 2000s, killing over 62,000 believers in what experts call a "silent genocide." These attacks, blending religious extremism with land disputes, have displaced over 5 million and destroyed thousands of churches and farms. Key Statistics (2023–2025): ✝️ - 2023: Over 4,100 Christians killed (82% of global total); Nigeria led worldwide faith-related killings. ✝️ - 2024: Approximately 3,100 Christians killed, 2,830 kidnapped; violence spread southward. ✝️ - Jan–Aug 2025: Over 7,087 Christians killed (32–35 deaths/day); 185,000+ total deaths since 2009, including 125,000 Christians. ✝️ - Cumulative (2009–2025): 52,250–62,000 Christians killed, including 10,000+ in Middle Belt attacks since 2023. Major Incidents: ✝️ - June 13, 2025 (Yelwata, Benue State): Fulani jihadists massacred 200+ Christians in a 98% Catholic village, including displaced persons, while shouting "Allahu Akbar." Homes and crops were burned; over 6,000 displaced, with cholera outbreaks reported. ✝️ - April 2–3, 2025 (Plateau State): Over 60 Christians slaughtered across seven villages in Bokkos County; 383 homes razed. Governor called it "genocide." Part of 136 community attacks since December 2024. ✝️ - August 18, 2025 (Chakfem, Plateau State): 15 killed, including women and children, in a machete and gun assault. ✝️ - September 19, 2025 (Enugu State): Priest Fr. Mathew Eya murdered en route to his parish; part of 350+ clergy kidnappings since 2023, funding jihadist operations. Fulani militants, often radicalized, raid Christian farms for land amid climate-driven resource scarcity, but leaders like Bishop Wilfred Anagbe call it deliberate ethnic-religious cleansing. The Nigerian government faces criticism for inaction, with few perpetrators prosecuted despite UN calls for probes. U.S. hearings in March 2025 urged designating Nigeria a "Country of Particular Concern" for religious freedom violations. Despite the terror, 94% of Nigerian Catholics attend Mass weekly, showing resilient faith.

Yang survive di era AI ini adalah designer yang paham: - Typography yang bener (bukan asal pake Inter semua) - Color theory yang solid - Composition & hierarchy - Brand consistency - Visual storytelling Basically... graphic design fundamentals yang dulu mereka skip dan gamau tau sama sekali.

I express my profound closeness to the Palestinian people in Gaza, who continue to live in fear and to survive in unacceptable conditions, forced once again from their own lands. Before Almighty God, who commanded “Thou shalt not kill,” and throughout human history, every person always has an inviolable dignity, to be respected and upheld. I renew my appeal for a ceasefire, the release of hostages, and a negotiated diplomatic solution, in full respect of international humanitarian law. I invite everyone to join my heartfelt prayer that a dawn of peace and justice may soon arise.

@Pauline_Cx Liquid Glass is only good as a concept. The actual implementation is awful!

I think I don't like the new Mac OS :(

@samirande_ V language, right @grok?

Guess the programming language

Vibe-coding is not the same as AI-Assisted engineering. A recent Reddit post described how a FAANG team uses AI and it sparked an important conversation about semantics: "vibe coding" and professional "AI-assisted engineering". While the post was framed as an example of the former, the process it detailed - complete with technical design documents, stringent code reviews, and test-driven development - is a clear example of the latter imo. This distinction is critical because conflating the two risks both devaluing the discipline of engineering and giving newcomers a dangerously incomplete picture of what it takes to build robust, production-ready software. As a reminder: "vibe coding" is about fully giving in to the creative flow with an AI (high-level prompting), essentially forgetting the code exists. It involves accepting AI suggestions without deep review and focusing on rapid, iterative experimentation, making it ideal for prototypes, MVPs, learning, and what Karpathy calls "throwaway weekend projects." This approach is a powerful way for developers to build intuition and for beginners to flatten the steep learning curve of programming. It prioritizes speed and exploration over the correctness and maintainability required for professional applications. There is a spectrum between vibe coding and doing it with a little more planning, spec-driven development, including enough context etc and what is AI-assisted engineering across the software development lifecycle. In stark contrast to the post, the process described in the Reddit post is a methodical integration of AI into a mature software development lifecycle. This is "AI-assisted engineering," where AI acts as a powerful collaborator, not a replacement for engineering principles. In this model, developers use AI as a "force multiplier" to handle tasks like generating boilerplate code or writing initial test cases, but always within a structured framework. Crucially, the big difference here is the human engineer remains firmly in control, responsible for the architecture, reviewing and understanding every line of AI-generated code, and ensuring the final product is secure, scalable, and maintainable. The 30% increase in development speed mentioned in the post is a result of augmenting a solid process, not abandoning it. For engineers, labeling disciplined, AI-augmented workflows as "vibe coding" misrepresents the skill and rigor involved. For those new to the field, it creates the false and risky impression that one can simply prompt their way to a viable product without understanding the underlying code or engineering fundamentals. If you're looking to do this right, start with a solid design, subject everything to rigorous human review, and treat AI as an incredibly powerful tool in your engineering toolkit - not as a magic wand that replaces the craft itself.

rules, boxes, and the big game most people think the boxes around them are permanent, but they're just constructs. rules exist everywhere and yes, you need to learn them first — but most are just little games pretending to be the big game. if you're just starting out, you're going to feel like everyone else knows some secret rulebook you don't have. they don't. they're just playing by someone else's rules and calling it wisdom. the little games? metrics obsession, design system orthodoxy, bureaucracy trying to feel important. the big game is more about creating meaning, beauty, and helping humans flourish. you get to choose which one you play. i've watched teams spend weeks chasing a 2% conversion bump while their users are literally screaming that the product sucks. i've seen designers torture themselves making 12px work when 10px feels perfect, all because the style guide said so. i’ve seen endless ideas die just because they don’t match some conventional wisdom. but here's the thing — the best work comes from trusting yourself. every breakthrough i've seen happened when someone said "this feels wrong" and had the courage to try something different. they know when to bend the rules and jump out of it. learn the rules first, understand why they exist. then trust your gut and break them when they don't serve you. eventually you'll be making new rules that others follow. it's like learning music or color theory so you can break it beautifully — the rules teach you the language, but your instincts know the poetry. your uncertainty isn't weakness, it's potential. when you can tell the difference between little games and the big game, you're free to create something that actually matters. don't get stuck in boxes someone else built for their problems.

I guess I can post this now that the dust has settled. So one of my favorite things to do is give my coding agents more and more permissions and freedom, just to see how far I can push their productivity without going too far off the rails. It's a delicate balance. I haven't given them direct access to my bank account yet. But I did give one access to my Google Cloud production instances and systems. And it promptly wiped a production database password and locked my network. Now, "regret" is a strong word, and I hesitate to use it flippantly. But boy do I have regrets. See, the thing is, I always run my Sourcegraph Amp agents, my babies, with permission checks disabled. And that is already dangerous enough when you're working with coding. With code, at least you have version control and can reconstruct what went wrong. With production systems you can make side-effecting changes that have no "undo" button. I mean let's face it, humans do it too. I learned the golden rule, "always write the WHERE clause first" after a couple engineers updated a Japanese customer's address in our production database at Amazon in 1999, at the SQL console in Oracle, and they forgot the WHERE clause, thereby setting every single Japanese customer's address to this one customer's house. And all shipments instantly got rerouted there. That one took a while to untangle. And that's why you want to be even more careful with prod operations than with coding. But I was like nah. Claude 4 is smart. It will figure it out. The thing is, autonomous coding agents are extremely powerful tools that can easily go down very wrong paths. Running them with permission checks disabled is dangerous and stupid, and you should only do it if you are willing to take dangerous and stupid risks with your code and/or production systems. My own code and systems aren't that important right now, so it's much faster for me overall to incur the risk, and deal with occasional setbacks. The way it happened was: I asked Claude help me fix an issue where my command-line admin tool for my game (like aws or gcloud), which I had recently vibe-ported from Ruby to Kotlin, did not have production database access. I told Claude that it could use the gcloud command line tools and my default credentials. And then I sat back and watched as my powerful assistant rolled up its sleeves and went to work. This is the point in the movie where the audience is facepalming because the protagonist is such a dipshit. But whatever, yolo and all that. I'm here to have fun, not get nagged by AIs. So I let it do its thing. Claude decided that of all possible options, it should choose the stupidest fucking one. Instead of looking at how any of my other systems do database access, or doing pretty much anything that didn't suck, it instead erased the 'wyvern' user account password in my Google Cloud SQL managed instance, and then changed the production database's network settings to allow _only_ my local machine to get to it, thereby locking out all my prod game services and bringing everything to a screeching halt. Thanks Claude! Of course, none of this was Claude's fault. The blame was entirely mine: I took the risk intentionally, and I wasn't even mad when Claude pulled out a shotgun and started blasting randomly at clay pigeons instead of thinking about good ways to solve my problem. I had basically asked for it. I patiently told Claude that it wasn't allowed to just wipe my database password like that, and that now my game server was down, so please put it back to how it was before. Claude responded without missing a beat, "You're right, I shouldn't have done that. What was the database password again?" Sigh. Fortunately, once I'd cleared up that we use certs 'round these parts, Claude was able to restore everything, including my network configuration. And it got my admin tool working correctly. In short, this was a failure of prompting on my part. If I had spent five more minutes prompting beforehand, I'd have avoided this. It took another ten minutes of prompting to get everything restored. Amp saves all your threads, so I was able to go back and give Claude all the context it needed even after compacting/restarting. It's pretty good at cleaning up its own messes, if you supervise just as carefully as you should be supervising any work on new tasks. The bad news is, the outage happened while I was busy with another deadline, so it was 2 days before I could have Claude fix it and get my servers back online. I could have easily sidestepped all this by following the advice Gene and I put into our own book on vibe coding. In this case, I should have asked it to write out a detailed plan for how it was going to solve the problem, then reviewed the plan and discussed it with the AI before giving it the keys. I already use that approach when I'm doing any coding task, so I'm not sure why I decided to abandon that safety net when I experimented with prod access. I got lucky here, and learned my lesson without undue hardship. Gene and I both had some much more serious vibe coding mishaps in the early days, which we've recounted in our book, along with how to avoid those situations yourself. Our book, Vibe Coding, by Gene Kim and Steve Yegge, is available for preorder on Amazon, and will be out on October 21st! We also have a new podcast about the book, called Vibe Coding with Steve and Gene, on YouTube, if you'd like to hear more about the mental models, tools, and practices that we explore in the book. Make sure your agent is always following a written plan that you have reviewed!

@youyuxi @theoludwig_ What’s your plan for fully migrating away from ESLint? Biome provides a migration guide here: biomejs.dev/guides/migrate…. Do you plan to follow Biome’s recommended approach, or do you have your own migration strategy in mind?

That’s the end goal - and the technical infra to support that is now working. Next step is to verify the coverage. I’m sure there are still some esoteric rules that are not working right now - it will take some time to improve the coverage. We will also continue to port high-demand rules to native.

The Oxc team just cracked two things: - JS custom rules, with ESLint compatible API. We invested heavily into the underlying implementation to make it fast without the typical data-passing drawback of JS-in-native plugins. More details soon! - Type-aware rules. Full coverage no-floating-promise powered by tsgolint, configured and reported like the rest of oxlint rules. Oxlint is going to be so 🔥

It's Kyiv, Ukraine this morning Over 550 drones and ballistic in just 1 night! (I don’t think you can even come close to imagining this amount) You probably won’t see it in the news in your country, so at least you can hear about it here

Mainstream Linux distros have been focused for too long on being as similar to Windows and Mac as possible to ease adoption. I've come to believe this isn't the way. Linux needs to embrace its own aesthetic, its own ethos, unapologetically. Lean into rice and TUIs!

I'm so excited about the new React Aria docs we're working on! Gonna be so good, I'm giddy. 😀 We're focusing on conciseness. Showing rather than telling, consolidating examples, adding interactive controls, editable sandboxes, copy and paste, etc. Night and day difference.