crabgpt 🦀

The Rust rewrite of pnpm was moved to the pnpm repository today. Now we will make changes to the TS and Rust versions in parallel.

@schteppe 18 years old cve in NGINX ,even the most vetted code bases couldn't escape it depthfirst.com/research/nginx…

C devs should get detention for saying it’s easy to write memory safe C

@aidenybai not bad actually but I'll try to get it higher

Introducing React​ Review Agents write terrible React, this helps you fix it Just paste your GitHub repo! No signup required

@sebastienlorber I know it’s not always possible, but I switched from GitHub Actions caching to using Turborepo instead, and it’s been smooth sailing. I’m glad it also helps mitigate these kinds of security issues

TL;DR for open-source maintainers 🚫 NEVER use "pull_request_target" workflows 🚫 NEVER use shared caches in your publish pipeline Combining these 2 in particular is extremely dangerous I've repeated this countless times over the years, but another reminder is always useful

@meekaale Someone should make a VScode extension that counts how often you reload the workspace,I do it at least 10 times a day.

classic software experience in 2026 i love lamguage server protocols

@icanvardar I’ve been using it for a month, and it’s working really well.

typescript-go. anyone still remember that

Anthropic open sourced buffa 🦀 Rust implementation of protobuf with editions support, JSON serialization, and zero-copy views #rust #programming #rustlang

@RyanCarniato it's so true ,lot of hard lessons can be learned when you try things as simple, saving a remotely fetched user selected option after they hit refresh by accident. you quickly discover it's near impossible to keep everything in sync while uncovering new edge cases along the way

Of course frontend has a concept of architecture. The short version is we learned what you are suggesting doesn't work well in this space. The history of web development answers your question. There is a category of data, we refer to as "state", that is ephemeral. Now we can define ephemeral in different ways since everything persists somewhere but the key is that the ownership of this state is very much tied to the User Interface. Focus, selection state, as so on are shallow examples of this, but you can also think of this in terms of projections of those too. This category only gets larger as things become more interactive. Early web development did not exactly understand this. And when our life began on the server we'd lose this information between actions. POST a form, bye bye state. Now we wised up to that and started serializing it back and forth. ASP.NET had it's ViewState and so on. But we hit a fork in the road in mid 2000s because keeping ephemeral UI state on the server didn't scale great. We wanted RESTful backends, so we could spin up microservices. MVC became king. Its simple model fit: Model (persistent data), View (projection of that data), Controller (singleton that wires it up). What is missing is this non-persisted state. This worked pretty well for simple things. But sort of ignored the problem. Which was ok because people wanted quicker interactivity so more and more started moving to the client. Dawn of SPAs recognized that a more structured approach needed to be taken on the client. So what did we do? We tried to bring our MVC there. Angular, Backbone, Ember, these frameworks followed it. But a pattern started emerging.. we had this thing that had no place. Singleton controllers didn't cut it. `$scope` in angular is the most obvious. And as any early Angular dev will attest became a huge mess, but Ember also started adding all these new concepts, It was more like MVC(insert 12 more letters here). But this was the problem. In fact the misery that was Angular.js => Angular 2 was IMO motivated almost entirely because of this unreconcilable gap in design. React wasn't the first to realize this though. MVVM frameworks like Knockout.js replaced Controller singletons with per View (or per Model) instance wrappers as a natural place to hold this ephemeral state. The VM standing for View Models. But I'd say React was the first to consolidate on a pattern that was already happening in the wild. For better or for worse VMs did much more tightly couple things. Pretending these things weren't coupled just made traceability very difficult. React owned it and was like there is a natural split between the Model and the VM but the VM and the V are not benefiting from the seperation. And thus Components were born. But people early days still really liked their separation. So we built really complicated stores. So we could model all but the most ephemeral state as a sort of hoisted Client model. Early attempts were really awkward because synchronization became really buggy. So work went into making this predictable, singular so that state couldn't get out of sync. Redux comes to mind. But there was this tension. Lifecycles were clearly tied to the UI, so there was this constant issue around either holding too much state that was unnecessary or needing to like register/unregister. Obviously things like Angular had services and DI as their approach. But the problems were the same. Around the mid 2010s... thanks largely to GraphQL it became better understood that except for where the user was the source we could basically view state as derived from the server. When people started using it, the need for Client side stores shrunk considerably. This evolved eventually into things like React Query. Now even though the sources no longer needed management, we still have this derived state graph running through our components. It might not be as obvious because of say the way React re-runs components. But by 2018 with the introduction of Hooks you could start seeing it right in front of you. An irony not lost on me because it was like looking at 2010 Knockout.js code. The result while not realized completely mechanically is an acknowledgement that State and UI are not easily separable, they overlap. Modeling Component === state like early React might have oversimplified things, but something like MVC categorically misses. A lot of the progress in the last 5 years around Signals is based on preserving these 2 graphs(UI, State) ability to co-exist in a way that is natural. As projects get larger it is the only sane approach to modularity. It's arguable that patterns around strict contracts/regions should be solidified into concepts, and to be fair boundaries around errors and loading(Suspense) do contain these things. We have natural boundaries around nested route sections (tied to URL subpaths). But each graph has their own mostly homogenous primitives so those coordination points are extra concepts, and because of the fluidity of this relationship being too strict here will cause you great pain later. So architecture is very much at the top of mind of those designing these systems and tools. However, frontend web is also the most accessible platform. So I don't expect every bootcamp dev to know, understand, or appreciate these things. The structure we have created to allow this modularity and co-location can also be greatly abused. Partially because new devs can be "productive" within their small slice. Which is by design and generally beneficial. But doesn't bestow the same sort of architectural purity and rigor one might expect to find in such large complex systems. To me this is more cultural than an engineering. The information is out there. We're living in it, but who needs to know? It's hard because people who know a bit more keep respinning on the same expectations of what doesn't work and take few steps in before they realize it. And I think a lot of engineers outside of frontend have no appreciation for it.

It’s happening. Yarn 6 Preview is here 💫 Yes, we rewrote it in Rust 🦀⚡️ I'm incredibly excited for the future of our beloved package manager. See the benchmarks and plans in our latest post: yarn6.netlify.app/blog/2026-01-2…

I've been really happy with `prek`, a pre-commit implementation in Rust (powered by uv :)) A bunch of us on the Astral team started using it organically, and we officially migrated the Ruff and ty repositories to prek this week.

🦀 Rust Performance with SIMD (Single Instruction/Multiple Data) Rust is probably the ONLY language that allows you to gain top performance with SIMD without touching assembly code. In the post Sylvain Kerkour explains SIMD and Rust kerkour.com/introduction-r… #rust #rustlang

Can we just uhhh all collectively agree that RSC was a bad idea and just roll it all back? You'll have more people happy than upset. It's okay to admit we went the wrong way and course correct.

@DrizzleORM there's levels to this game and drizzle isn't even close 🥱

So React took down Cloudflare 2 times?

am afraid rsc isn't gonna make it

@saltyAom I keep getting issues with drizzle-zod it can't resolve the types properly.. I did see the guide for typebox tho

This is relieving to see Elysia is a TypeScript framework that designed in a way to make you write less explicit type by using type inference If you have to define explicit type, it should always include runtime validation, and OpenAPI documentation

@HSVSphere idk if this is relevant theseus-os.com/Theseus/book/d…

Does anyone have a capability based microkernel that lets processes talk between each other using shared memory, eliminating the normal overhead and sluggishness of microkernels? I'm very interested, thanks

Yaak is the #1 trending GitHub repo for the second day in a row. ⭐ 3000+ stars in 5 days is nuts

@jacobmparis No I made some custom eslint rule that enforce the suffix Icon for imports from luicde-react

@crabgpt Do you often make a badge component of your own?

god dammit AGAIN??

@saltyAom where is this snippet from because elysiajs.com/essential/vali… only shows typebox examples

@crabgpt You can use Zod

Many people use Bun with Hono but never heard of Elysia