Sabitlenmiş Tweet
zeb
2.6K posts
"capa"
Turn OpenAPI specs into Cloudflare service bindings
- Stripe, GitHub, GitLab, Jira, Slack, Twilio, Kubernetes, Box, Discord, Zoom + more
- 13 capabilities so far, lmk what else to add
- 5,852 generated methods you can bind to today
capa.coey.dev
English
zeb retweetledi
point → annotate → ship
any opentui renderable, to any agent. clipboard or mcp.
English
A very important part of onboarding to cloudflare as an engineer is seeing your first PR ship and it's at millions of requests per second scale, and then realizing this is the norm.
vaish@wishee0
@zebassembly I KEEP TELLING PEOPLE ABOUT THIS. NO CLUE HOW PEOPLE ARE DESENSITISED TO THIS, THE SCALE HERE IS INSANE
English
@thegenioo @ashtonasidhu These are subsidized plans though, if anything this will make them more profitable since the cost to serve the subscription is higher than what they get through the subscription revenue.
English
went through this Claude Sub cancellation thread from Theo
500+ replies, ~70% actual cancellations = 350 people gone (can actually be higher than this)
rough math (assumptions):
- 210 Pro @ $20 = $4,200/mo
- 84 Max $100 = $8,400/mo
- 56 Max $200 = $11,200/mo
$23,800/month. $285K/year. From one tweet.
and this is just the people who replied 💀
Theo - t3.gg@theo
For every person who replies with a screenshot of their cancelled Claude Code plan, I will donate $10 to open source.
English
Cloudflare is one of the few companies where you go "wait, this cluster is 10 petabytes?!?!?" only to find out that's not even impressive
Our clickhouse team are unsung heroes, so many of our products wouldn't be possible without them.
Thomas Ankcorn@thomas_ankcorn
The clickhouse team are so so brilliant
English
zeb retweetledi
I've been working on a registry-gateway built on @CloudflareDev Workers due to previous compromises like this.
This is reenforcing my belief that every company will need to have this in the future.
The gateway will:
* Enforce a cooldown period for new versions (similar to how pnpm does it but at a gateway level this enforces it globally and supports ALL package managers)
* Allows blocking packages or package prefixes
* Logs all downloads
* Clone all packages into R2 - this is to avoid any package being replaced and compromised that way. We know byte for byte this will not change (while I don't believe any registries allow this anymore, it's defence in depth)
My gateway currently works for npm and Golang is mostly done now too.
Rust is next up.
I truly believe the future is Enterprises all having their own registry gateways and enforcing security that way.
TANSTACK@tan_stack
SECURITY ADVISORY — TanStack npm packages A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package. Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down. Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys. If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised: • Rotate cloud, GitHub, and SSH credentials immediately • Audit cloud audit logs for the last several hours • Pin to a prior known-good version and reinstall from a clean lockfile Detection — the malicious manifest contains: "optionalDependencies": { "@tanstack/setup": "github:tanstack/router#79ac49ee..." } Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root). Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level. Full technical breakdown, complete package and version list, and rolling status updates: github.com/TanStack/route… Credit to the security researcher for responsible disclosure.
English
@strat0manc3r Did it? I thought Optane still had much better latencies
I can't find any recent benchmarks comparing the two
English
@zebassembly You’re looking for “storage class memory”. Optane died because SLC flash hit the same performance numbers cheaper.
Weirdly only available in drive format, not dimms, despite the name.
English
I wish Intel didn't kill their Optane technology, 10x better latencies for random reads would be so nice for databases
Ben Dicken@BenjDicken
FYI physics is still physics. NVMe is fast. Felt like a good day to update you all on this
English
@confusedqubit @CloudflareDev I actually prototyped exactly this last year, I think it'd be really cool. Never found time to implement it unfortunately.
English
Who do I know @CloudflareDev for a feature request in workers?
Please make it possible for me to trigger a worker from your dashboard - not just fetch requests 🙏
Just like how Github CI runs have a "manual dispatch" option!
English
Gemini is the genius anti-social kid that has can't work a job to save its life, and I love it for it
Luke Parker@LukeParkerDev
ill bless my timeline with this on a sunday. gemini 3.1 pro is the ONLY model I've seen REMOVE heaps of shitty code to refactor with a net-negative churn. do with that what you will.
English
ok but what if we slop forked workerd to 100% rust
Jarred Sumner@jarredsumner
99.8% of bun’s pre-existing test suite passes on Linux x64 glibc in the rust rewrite
English
zeb retweetledi
dang, this is sad to hear. some people I really admire at Cloudflare
if you were affected and planning to start looking again soon, please DM me and happy to connect to the right folks at Cursor
Matthew Prince 🌥@eastdakota
An update regarding the future at @Cloudflare. I’ve shared my full message to the team and details on the support we're providing those departing here: blog.cloudflare.com/building-for-t…
English
zeb retweetledi
@dillon_mulroy @mattpocockuk Do you have some internal PRs I can look at 👀
I've been wanting to try the skill but haven't found time
English
i've been trying to merge at least one PR a day using @mattpocockuk's improve-codebase-architecture skill, and it has turned into my favorite work each day.
English
