Justin Bennett

Alrighty folks, I've renamed my twitter account from @zephraph to @just_be_dev. Got a placeholder for the old one.

@yzuyr @ilha_js Hmm, what was the motivation for that change?

Ilha 0.5 is out, and hopefully this will be the last breaking change before the beta version, which should be released in about a month. I retired the .bind() method in favor of the new template syntax, which was highly inspired by Svelte. Read more: #template-bindings" target="_blank" rel="nofollow noopener">ilha.build/guide/island/r…

Rough experiment adding a UI to a `.md` backed slide tool. Fields are mapped to custom page templates and validated with Zod. Because it's backed by React templates and regular text content, an LLM could generate presentations much more efficiently than with MCP.

Lately, I've been thinking a good deal about designing APIs and abstractions. @jlongster linked me to this, which is quite good and is now, I'm afraid, part of your assigned reading. blog.sbensu.com/posts/apis-as-…

@MichaelArnaldi @EffectTS_ I hear you. I was doing supply chain analysis which is why I asked. I don’t think the concern is as much just weight, but the dependencies in general.

@just_be_dev @EffectTS_ It doesn’t really matter though, if you use effect you will need tree shaking in place which means fast check won’t end up in your prod bundle

@EffectTS_ is fast-check intentionally a dependency instead of a dev dependency?

aube was already the most secure package manager for node but in today's 1.13.0 release I've added even more features: - typosquatting prevention: if you try to `aube add` a package with <1000 weekly downloads, aube will stop to make sure you (or your agent) got the right name. - OSV db vulnerability checks: if it is known to contain malware, we won't let you install it. Simple as that. - Lifecycle hooks are default banned, however if we detect something fishy inside of them we'll let you know about that in a warning before telling you how to approve the build. - Compatibility with bun security scanner plugins so you can extend aube with your own scanners on top of what it already does. aube was already best-in-class for security with default trustPolicy (which nobody else has), default minReleaseAge, default deny to lifecycle hooks, default blockExoticDeps, and (currently) optional lifecycle hook jail builds—all while retaining the incredible perf aube is known for. tl;dr: if you want to install malware with aube you'll have to turn off a bunch of shit first. You don't need to understand any of this—it's idiot-proof. github.com/endevco/aube

Wat

@cnakazawa That’s exciting! I want to dig into the server protocol more. I’ve got a few python backends I have to deal with and it’d be interesting to implement a python version of the server module.

Shipping fate.technology 1.0 soon with live views, garbage collection, drizzle support, native transport without tRPC, and Void as a router. fate is going to be the first complete Async React framework where routing, data and forms are fully integrated.

executor now has a desktop app! add whatever MCPs / OpenAPIs / GraphQL servers you want once and then every agent can use them converts them all into code mode under the hood, so you can have thousands of tools and no context bloat everything stays 100% local on your device

SHUT UP AND TAKE MY MONEY 💲💲💲💲💲

@JoviDeC Congrats!!

In other news, this year I'm also starting a new project. It will be my first big closed-source one, project dad will become reality in 2026

Alchemy v2 already making its way into new places I've never heard of - here's a "Proxmax" resource provider for "homelab folks".

Update: Socket has found 121 more compromised npm package artifacts across 84 package names, including 64 UiPath artifacts. Combined w/ TanStack, the current known total is 205 affected npm package artifacts across enterprise automation, AI/MCP, auth, workflow, and dev tooling.

@kitlangton You're the best kind of weird.

I made a Stacked PR tool for my robots to use. 👁️👃👁️ 🐝 👄 🫴 bee hold

ayyyy, we're back!

Was on the dev tools fm podcast last week to talk about alchemy v2.

Catalogs just landed in evlog Centralize your error & audit management in one place. No more magic strings scattered everywhere. Start small with a single file, scale to multi-package monorepos with full TypeScript autocomplete. You define it once, use it everywhere. evlog.dev/learn/catalogs

@MichaelArnaldi Once the beta stabilizes and the docs are updated you'll really be cooking with gas.

Marketing Effect is indeed hard, impossible maybe not

@threepointone Are y'all doing something like @RhysSullivan with executor? I've seen the MCP portal, but it seems somewhat limited.

starting to think now that every agent should have just 2 tools. search and execute. we _want_ agents to have access to 100s, if not 1000s of capabilities, that can contextually change during their lifetimes, even per message. saying stiff like "just use bash" doesn't encompass 3rd party apis, and you don't want to keep switching up the base prompt all the time. you gotta generalise that. I also guess search has to be semantic, so probably something with a vector db type thing. does it run on every message? probably...

@lenjaminbeonard is definitely hands down one of the most talented designers I've ever had the pleasure to work with.