Podcasts about JavaScript

professorjrod@gmail.comExplore the pivotal moment in technology education as we trace the origins of the internet browser from Mosaic's innovation at NCSA to Netscape Navigator's rise as the gateway to the web. This episode dives deep into internet history, highlighting the major players like Jim Clark and Marc Andreessen who shaped the early web experience. We also analyze the browser wars triggered by Microsoft's Internet Explorer, illustrating challenges in technology development and competition. Whether you're preparing for your CompTIA exam or passionate about tech exam prep, understanding this history enriches your IT skills development and offers valuable context for technology education.I walk through the tactics that made Navigator beloved—progressive rendering, rapid updates, and the birth of JavaScript—and the strategic choices that slowed it down, like the all-in-one Communicator suite. We unpack the bundling play that tilted distribution, the developer headaches of competing nonstandard features, and the DOJ antitrust case that redefined how we think about platform power. The twists don't end there: AOL buys Netscape, adoption fades, and then a bold move changes the web again—open sourcing the code to create Mozilla.From Gecko to Phoenix to Firefox, we trace how community-driven software brought speed, security, and standards back to center stage. That lineage lives in every tab you open today, from Firefox to Chrome to Safari, and in the modern idea of the browser as a platform for apps, SaaS, and daily life. Along the way, I share classroom plans, student podcast previews, and a practical way educators can keep learners engaged over winter break.If you love origin stories, tech strategy, or just remember the thrill of that big N on a beige PC, this one's for you. Listen, subscribe, and share your first browser memory with us—was it Navigator, IE, or something else? And if this journey brought back the dial-up feels, leave a review and pass it on.Support the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

I had another episode planned for today, but at the last minute I decided to rerun this Christmas episode for you. I think this will become our traditional Christmas episode here at Gnostic Insights. And, if you are new to this podcast, welcome! Next week’s episode will be controversial, so I thought it best to wait until after Christmas for its release. Today, we're going to look at the nature of the Christ—the who, what, why of Christ. Most people are familiar with seeing the baby Jesus in the manger and that's what we celebrate at Christmas time, the birth of the Christ on Earth in the form of a human. But the Christ is an ethereal creature that predates the birth of Jesus. Jesus and the Christ aren't exactly the same, although Jesus was fully Christ. The Christ predates the birth of the human known as Jesus. So, let's learn more about the Christ and why the Christ figure is so essential to us Second Order Powers.  Gnosticism is the forerunner of the modern Christian faith. As such, a better understanding of the figure of the Christ is essential to understanding both Gnosticism and Christianity. The cosmology that I talk about here on the podcast was well known to Jesus and his original followers, but it was cut out of Christianity about 1700 years ago by the Nicene Council, at the urging of the Pope and the Roman Emperor. Because this theology was subtracted from orthodox Christianity, many of the ideas of gnostic cosmology sound odd and unfamiliar to modern churchgoers. Some of the ideas may even sound heretical at first glance due to their unfamiliarity. Yet the theology contained in these early scriptures makes sense of so many puzzling aspects of Christian faith that they must be reexamined. That's why I call the Substack The Gnostic Reformation. I'm confident that once you understand gnostic Christianity, you will better understand your relationship with God. According to gnostic cosmology as laid out in the Nag Hammadi, we humans and all other forms of life on Earth, from bacteria and eukaryotes on up, are the fruit of the Pleroma and Logos. We Second Order Powers find ourselves locked in a never-ending battle for dominion over the Earth with forces that were generated as a result of the Fall. Due to the law of mutual combat, we have forgotten our origin in the Fullness and our mission to bring love and harmony to creation and have instead taken on many of the characteristics of the shadows of the Deficiency. The Second Order Powers are locked in a never-ending war with the Deficiency. Here below, we constantly battle the physical forces of death and entropy, as well as the spiritual forces of vice, sin, delusion and despair. In order to restore memory and reason to the Second Order Powers, the Aeons of the Fullness, every one of them individually and all of them collectively, gave glory in unison to their Father while praying for a helper to bring peace to the Deficiency and forgiveness to Logos. Out of this focused prayer, a unique fruit emerged, one that contained all of the capabilities and powers of the Fullness, along with all of the love and eternal qualities of the Father. The singular fruit of the Fullness and the Father is known by various names: the Christ, the Savior and the Redeemer, the Advocate, the Light, and the Beloved. In Simple Explanation terms, the Christ is a perfect and full fractal of the Father and the Son, all rolled-up into one perfect form. Christians believe that Jesus of Nazareth was both perfect man and perfect God incarnate. Christian Gnostics believed the same. Here is a more complete explanation of who Jesus was. It's said that Jesus was conceived without sin because he carried within his body the perfection of man and God. This would mean that Jesus was perfect and true to the original DNA formula for humanity. Hence the importance of the virgin birth that then imparted that perfect DNA to the baby. Jesus was also without negative karma attached to his soul, as his soul was the soul of God. The components of Jesus's body were also without sin, as the cells and flesh that became Jesus were in fact the Aeons of the Fullness incarnate. As Colossians 1:19 says, “For God was pleased to have all his Fullness dwell in him and through him to reconcile to himself all things, whether things on Earth or things in heaven, by making peace through his blood shed on the cross.” This one sentence from Colossians contains the entire Christian Gnostic Gospel. Because Jesus brought along the entire Fullness of the Pleroma when he incarnated, every aspect of the Father and Son came to material instantiation on Earth. In this manner, the eternal God experienced the finite life of us Second Order Powers and all of the struggle between birth and death that plague us all. Here is how the Tripartite Tractate of the Nag Hammadi scriptures describes this process: “As for those of the shadow, Logos separated himself from them in every way, since they fight against him and are not at all humble before him. The stumbling which happened to the Aeons of the Father was brought to them as if it were their own, in a careful and non-malicious and immensely sweet way. It was brought to the Fullnesses so that they might be instructed about the Deficiency by the single One, from whom alone they all received strength to eliminate the defects. They gathered together, asking the Father, with beneficent intent, that there be aid from above from the Father for his glory, since the defective one could not become perfect in any other way unless it was the will of the Pleroma of the Father, which he had drawn to himself, revealed, and given to the defective one. Then, from the harmony, in a joyous willingness which had come into being, they brought forth the fruit which was a begetting from the harmony, a unity, a possession of the Fullnesses, revealing the countenance of the Father of whom the Aeons thought as they gave glory and prayed for help for their brother with a wish in which the Father counted himself with them. Thus it was willingly and gladly that they brought forth the fruit. And he made manifest the agreement of the revelation of his union with them, which was his beloved Son, but the Son in whom the Fullnesses are pleased to put himself on them as a garment through which he gave perfection to the defective one and gave confirmation to those who are perfect, the One who is properly called Savior and the Redeemer and the Well-pleasing One, and the Beloved, the One to whom prayers have been offered, and the Christ and the light of those appointed in accordance with the ones from whom he was brought forth, since he has become the names of the positions which were given to him. Yet what other name may be applied to him except the Son, as we have previously said, since he is the knowledge of the Father whom he wanted them to know? Not only did the Aeons generate the countenance of the Father to whom they gave praise, but also they generated their own, for the Aeons who give glory, generated their countenance and their face. They came forth in a multifaceted form in order that the one to whom help was to be given might see those to whom he had prayed for help. He also sees the One who gave it to him.” (That is from the Tripartite Tractate sections 85 through 87.) So you see, the mission of the Christ, as stated in Colossians, was to redeem all of creation, including the fallen Aeon who had founded our material universe. Because the Christ came to redeem everyone, the body of Jesus came to Earth with every one of the Fullnesses on board. For every fallen spirit, the Christ brought forth their own personal and recognizable Savior. Redemption has already taken place. It is up to the Second Order Powers and the one who fell to recognize and accept that redemption in order to complete the mission of the Christ. In Simple Explanation terms, the Christ brought the correcting formula for all of our spirits and souls, each unique and personally formulated to meet our individual needs. The baptism of the Christ washes away the mental and spiritual confusion brought on by the endless war with shadows of the Fall. Gnostics are apocalyptic, as are Christians. Gnostics believe that some day every knee shall bow and every tongue confess that Jesus, the Christ, is Lord. Repentance and redemption comes harder for some than for others. Some souls take more time to recognize and remember. Ultimately, though, there comes a day of reckoning, for the Father will not be denied forever. There will soon come a day when the Deficiency ends. On that day, a new economy will unite Heaven and Earth, and all souls will find their joyful place in Paradise. The only forms banished to the outer darkness will be the shadows and phantoms of the Fall, which did not exist within the Father's consciousness from the beginning. These shadows are not real and they will have no home with us in Paradise. The hierarchy of the Fullness of God dreams of Paradise. Logos crowns the hierarchy and contains fractals of all the other Aeons. Now here's a gnostic perspective of Jesus on the cross. One of the central themes of the Christian faith is the death of Jesus on the cross. Christians the world over focus on the body of Jesus hanging on the cross, and I've often wondered, why this fixation of Jesus on the cross? Why is the crucifix the focal point of every church and altar? Why do people wear the cross as jewelry or hang a crucifix in their bedroom? The obvious answer Christians give is that without the cross, Jesus could not have saved humanity from sin, for he bore our sins into the grave with his death and they were washed away with his resurrection from the dead. Praise be to God, but why the cross? If Jesus had been stoned to death or drowned or beaten or thrown from a high tower, would we still feel such affinity for the stone, a lake, a club or a roof? I don't think so. I think there is something very special about the shape of the cross itself. I ask this question because Jesus never said, I'm soon to pass on from this world, and I want you to focus on my body hanging on the cross as I take on the sins of the world. And yet, that's what people do, as if that were the entire point of the Gospel. As far as I can tell, Jesus did not ask for his death and resurrection to be the focal point of worship. What Jesus actually said was: “I and my Father are one” (John 10:30), and, “Whoever welcomes me welcomes the Father that sent me” (Luke 9:48). In other words, Jesus acknowledged himself in reference to his Father and he deflected glory to his Father. Yet Jesus is worshipped by modern Christians to the extent that the Father almost goes unmentioned. Thank goodness for the Lord's prayer, which is directed to the Father and not to the Son. Jesus taught it to be said to the Father; he did not teach it to be recited to himself. No slight to the Son, of course, we're merely emphasizing the importance of the God Above All Gods. During the last supper, Jesus instructed his followers to think of his broken body as they break and eat bread and to consider his blood as the fulfillment of a contract with humanity as they drink wine. This is what Jesus left the church as instruction regarding his death. He did not instruct them to erect images of crosses and to worship him hanging on a cross, as if he were stuck up there forever. Yes, Protestants have allowed Jesus to come down off the cross and therefore their crosses are unoccupied to remind us that Jesus resurrected, but still the focus is on the cross. Again—why the cross in particular? Here is the symbolism of the cross as I understand it. We who dwell on Earth are engaged in endless warfare with the Imitation that always seeks to lure us away from our Father in Heaven. Oftentimes we don't even realize we're engaged in warfare with the Imitation, because it can appear disguised as goodness. This is what is meant by the Devil being a liar. Things are proposed “for our own good,” but they're not; they're proposed for power and control. We Second Order of Powers are engaged in this endless warfare and, although we come from a good disposition of the Father and the Fullness, we have forgotten our heavenly nature and become deluded because of rage and other passions and addictions. The Christ came to Earth in the form of a Son of Man to bring the Third Order of Powers to Earth as the solution to overcoming the phantoms of the Imitation that have mired the Second Order Powers in error and ignorance. Those who have eyes to see the Christ are able to remember their Father in Heaven. Those who remember their Father in Heaven and repent from the Imitation are redeemed. Jesus Christ was the fulfillment of the promise to redeem the fallen. Jesus as the Son of God and the Son of Man brought salvation to the Deficiency and restored it to the Kingdom of Heaven. The reason the cross looks as it does and occupies such a central role in worship is that the cross represents human beings. The Cross is shaped like a human, a Son of Man. It is no accident that Jesus was crucified on a cross because Jesus is a Son of Man, the Son of Man. The Cross should remind us that humankind has been redeemed by the body and blood of Christ in an even more profound way than acknowledging the indignity and suffering of Christ on the cross. It should remind us that the Son of God—the Christ—bridged with the form of his human body spirit-to-matter, which is top-to-bottom, and neighbor-to-neighbor, which is side-to-side, just as the shape of the cross. In the Gnostic Gospel, redemption comes to all of creation through the incarnation of the Son of God into the body of the Son of Man. The manner of the Savior's birth, death, and resurrection will come to every soul as they realize their Father is in Heaven and to Heaven they will return. For, as it says, “every knee shall bow and every tongue confess that Jesus Christ is Lord.” That affirmation comes from the New Testament (Philippians 2:10). It just takes time. We aren't there yet because of the common delusion of presumptuous thought, which causes people to behave selfishly. Ego must first make way for the love of Christ to take over the throne of the Self. Only then may you rise above the egoic imitation, for then you will have a champion and a king. The very public way that Jesus was crucified and the very public way that he resurrected gives us all hope of the same: Jesus demonstrates proof of resurrection and his life, death, and resurrection is about all of us, not only about the Christ. Jesus is the exemplar of our resurrection. And, by the way, in a Gnostic sense, which could be considered heretical by many Christians, the story of Jesus and the Christ and the Father don't even have to be believed as historical fact, which many nay-sayers make the cornerstone of their argument against Christ and God. The very concepts themselves—the very thoughts, the mind—is what carries this. We are consciousness and this Christ story is in our consciousness for our salvation. Think on that… I acknowledge that this is a very different version of Christianity than has been traditionally presented to us. This is gnosis that was originally contained in the sacred scriptures that formed the New Testament prior to the Pope and Emperor of Rome getting their hands on it and stripping it out. It's nice to know. I hope you get it. It doesn't really matter, because all you need to know is that we come from the Father and to the Father we will return. That is the bottom line. We are emanations directly of the Father and the Father has promised to save us all and bring us all home. Jesus said, “I am the way, the truth, and the life. No man comes to the Father except through me.” This has been taken to mean that one must acknowledge the power of the Christ before the Christ can redeem you. But, you see, this would put all of the power of redemption in your hands rather than Christ's. The Christ will redeem all Second Order Powers by the end of time, with or without your prior acknowledgment. All redemption comes to the Father through the Christ, and that is in Christ's hands. What accepting the Christ now does for you is open the door for the Third Order Powers to enter your egoic soul. This power makes it possible to live a joyous and virtuous life. It allows the love of the Father to flow through you and out into the world. And it eases your transition after the physical death of your body, so you may enter the afterlife without fear, knowing that you rest in the Pleroma of the Christ. The Final Economy is our foretaste of Paradise. No more shadows, no more sorrow. I hope that this information is helpful to you and will help you remember your gnosis. Merry Christmas. God bless us all. And onward and upward. If you are getting any gnosis from this information, please consider supporting Gnostic Insights with a generous donation. It helps keep me motivated. I’m a one-person enterprise with full responsibility for every aspect of this podcast, from writing to recording to editing to artwork to paying for the hosting services that bring this gnosis to you. I could really use some more support! Please do what you can. Please enable JavaScript in your browser to complete this form.Name *FirstLastEmail *Stripe Credit Card *Choose your item *Item A - $10.00Item B - $25.00Item C - $50.00Total$0.00Submit

I had another episode planned for today, but at the last minute I decided to rerun this Christmas episode for you. I think this will become our traditional Christmas episode here at Gnostic Insights. And, if you are new to this podcast, welcome! Next week’s episode will be controversial, so I thought it best to wait until after Christmas for its release. Today, we're going to look at the nature of the Christ—the who, what, why of Christ. Most people are familiar with seeing the baby Jesus in the manger and that's what we celebrate at Christmas time, the birth of the Christ on Earth in the form of a human. But the Christ is an ethereal creature that predates the birth of Jesus. Jesus and the Christ aren't exactly the same, although Jesus was fully Christ. The Christ predates the birth of the human known as Jesus. So, let's learn more about the Christ and why the Christ figure is so essential to us Second Order Powers.  Gnosticism is the forerunner of the modern Christian faith. As such, a better understanding of the figure of the Christ is essential to understanding both Gnosticism and Christianity. The cosmology that I talk about here on the podcast was well known to Jesus and his original followers, but it was cut out of Christianity about 1700 years ago by the Nicene Council, at the urging of the Pope and the Roman Emperor. Because this theology was subtracted from orthodox Christianity, many of the ideas of gnostic cosmology sound odd and unfamiliar to modern churchgoers. Some of the ideas may even sound heretical at first glance due to their unfamiliarity. Yet the theology contained in these early scriptures makes sense of so many puzzling aspects of Christian faith that they must be reexamined. That's why I call the Substack The Gnostic Reformation. I'm confident that once you understand gnostic Christianity, you will better understand your relationship with God. According to gnostic cosmology as laid out in the Nag Hammadi, we humans and all other forms of life on Earth, from bacteria and eukaryotes on up, are the fruit of the Pleroma and Logos. We Second Order Powers find ourselves locked in a never-ending battle for dominion over the Earth with forces that were generated as a result of the Fall. Due to the law of mutual combat, we have forgotten our origin in the Fullness and our mission to bring love and harmony to creation and have instead taken on many of the characteristics of the shadows of the Deficiency. The Second Order Powers are locked in a never-ending war with the Deficiency. Here below, we constantly battle the physical forces of death and entropy, as well as the spiritual forces of vice, sin, delusion and despair. In order to restore memory and reason to the Second Order Powers, the Aeons of the Fullness, every one of them individually and all of them collectively, gave glory in unison to their Father while praying for a helper to bring peace to the Deficiency and forgiveness to Logos. Out of this focused prayer, a unique fruit emerged, one that contained all of the capabilities and powers of the Fullness, along with all of the love and eternal qualities of the Father. The singular fruit of the Fullness and the Father is known by various names: the Christ, the Savior and the Redeemer, the Advocate, the Light, and the Beloved. In Simple Explanation terms, the Christ is a perfect and full fractal of the Father and the Son, all rolled-up into one perfect form. Christians believe that Jesus of Nazareth was both perfect man and perfect God incarnate. Christian Gnostics believed the same. Here is a more complete explanation of who Jesus was. It's said that Jesus was conceived without sin because he carried within his body the perfection of man and God. This would mean that Jesus was perfect and true to the original DNA formula for humanity. Hence the importance of the virgin birth that then imparted that perfect DNA to the baby. Jesus was also without negative karma attached to his soul, as his soul was the soul of God. The components of Jesus's body were also without sin, as the cells and flesh that became Jesus were in fact the Aeons of the Fullness incarnate. As Colossians 1:19 says, “For God was pleased to have all his Fullness dwell in him and through him to reconcile to himself all things, whether things on Earth or things in heaven, by making peace through his blood shed on the cross.” This one sentence from Colossians contains the entire Christian Gnostic Gospel. Because Jesus brought along the entire Fullness of the Pleroma when he incarnated, every aspect of the Father and Son came to material instantiation on Earth. In this manner, the eternal God experienced the finite life of us Second Order Powers and all of the struggle between birth and death that plague us all. Here is how the Tripartite Tractate of the Nag Hammadi scriptures describes this process: “As for those of the shadow, Logos separated himself from them in every way, since they fight against him and are not at all humble before him. The stumbling which happened to the Aeons of the Father was brought to them as if it were their own, in a careful and non-malicious and immensely sweet way. It was brought to the Fullnesses so that they might be instructed about the Deficiency by the single One, from whom alone they all received strength to eliminate the defects. They gathered together, asking the Father, with beneficent intent, that there be aid from above from the Father for his glory, since the defective one could not become perfect in any other way unless it was the will of the Pleroma of the Father, which he had drawn to himself, revealed, and given to the defective one. Then, from the harmony, in a joyous willingness which had come into being, they brought forth the fruit which was a begetting from the harmony, a unity, a possession of the Fullnesses, revealing the countenance of the Father of whom the Aeons thought as they gave glory and prayed for help for their brother with a wish in which the Father counted himself with them. Thus it was willingly and gladly that they brought forth the fruit. And he made manifest the agreement of the revelation of his union with them, which was his beloved Son, but the Son in whom the Fullnesses are pleased to put himself on them as a garment through which he gave perfection to the defective one and gave confirmation to those who are perfect, the One who is properly called Savior and the Redeemer and the Well-pleasing One, and the Beloved, the One to whom prayers have been offered, and the Christ and the light of those appointed in accordance with the ones from whom he was brought forth, since he has become the names of the positions which were given to him. Yet what other name may be applied to him except the Son, as we have previously said, since he is the knowledge of the Father whom he wanted them to know? Not only did the Aeons generate the countenance of the Father to whom they gave praise, but also they generated their own, for the Aeons who give glory, generated their countenance and their face. They came forth in a multifaceted form in order that the one to whom help was to be given might see those to whom he had prayed for help. He also sees the One who gave it to him.” (That is from the Tripartite Tractate sections 85 through 87.) So you see, the mission of the Christ, as stated in Colossians, was to redeem all of creation, including the fallen Aeon who had founded our material universe. Because the Christ came to redeem everyone, the body of Jesus came to Earth with every one of the Fullnesses on board. For every fallen spirit, the Christ brought forth their own personal and recognizable Savior. Redemption has already taken place. It is up to the Second Order Powers and the one who fell to recognize and accept that redemption in order to complete the mission of the Christ. In Simple Explanation terms, the Christ brought the correcting formula for all of our spirits and souls, each unique and personally formulated to meet our individual needs. The baptism of the Christ washes away the mental and spiritual confusion brought on by the endless war with shadows of the Fall. Gnostics are apocalyptic, as are Christians. Gnostics believe that some day every knee shall bow and every tongue confess that Jesus, the Christ, is Lord. Repentance and redemption comes harder for some than for others. Some souls take more time to recognize and remember. Ultimately, though, there comes a day of reckoning, for the Father will not be denied forever. There will soon come a day when the Deficiency ends. On that day, a new economy will unite Heaven and Earth, and all souls will find their joyful place in Paradise. The only forms banished to the outer darkness will be the shadows and phantoms of the Fall, which did not exist within the Father's consciousness from the beginning. These shadows are not real and they will have no home with us in Paradise. The hierarchy of the Fullness of God dreams of Paradise. Logos crowns the hierarchy and contains fractals of all the other Aeons. Now here's a gnostic perspective of Jesus on the cross. One of the central themes of the Christian faith is the death of Jesus on the cross. Christians the world over focus on the body of Jesus hanging on the cross, and I've often wondered, why this fixation of Jesus on the cross? Why is the crucifix the focal point of every church and altar? Why do people wear the cross as jewelry or hang a crucifix in their bedroom? The obvious answer Christians give is that without the cross, Jesus could not have saved humanity from sin, for he bore our sins into the grave with his death and they were washed away with his resurrection from the dead. Praise be to God, but why the cross? If Jesus had been stoned to death or drowned or beaten or thrown from a high tower, would we still feel such affinity for the stone, a lake, a club or a roof? I don't think so. I think there is something very special about the shape of the cross itself. I ask this question because Jesus never said, I'm soon to pass on from this world, and I want you to focus on my body hanging on the cross as I take on the sins of the world. And yet, that's what people do, as if that were the entire point of the Gospel. As far as I can tell, Jesus did not ask for his death and resurrection to be the focal point of worship. What Jesus actually said was: “I and my Father are one” (John 10:30), and, “Whoever welcomes me welcomes the Father that sent me” (Luke 9:48). In other words, Jesus acknowledged himself in reference to his Father and he deflected glory to his Father. Yet Jesus is worshipped by modern Christians to the extent that the Father almost goes unmentioned. Thank goodness for the Lord's prayer, which is directed to the Father and not to the Son. Jesus taught it to be said to the Father; he did not teach it to be recited to himself. No slight to the Son, of course, we're merely emphasizing the importance of the God Above All Gods. During the last supper, Jesus instructed his followers to think of his broken body as they break and eat bread and to consider his blood as the fulfillment of a contract with humanity as they drink wine. This is what Jesus left the church as instruction regarding his death. He did not instruct them to erect images of crosses and to worship him hanging on a cross, as if he were stuck up there forever. Yes, Protestants have allowed Jesus to come down off the cross and therefore their crosses are unoccupied to remind us that Jesus resurrected, but still the focus is on the cross. Again—why the cross in particular? Here is the symbolism of the cross as I understand it. We who dwell on Earth are engaged in endless warfare with the Imitation that always seeks to lure us away from our Father in Heaven. Oftentimes we don't even realize we're engaged in warfare with the Imitation, because it can appear disguised as goodness. This is what is meant by the Devil being a liar. Things are proposed “for our own good,” but they're not; they're proposed for power and control. We Second Order of Powers are engaged in this endless warfare and, although we come from a good disposition of the Father and the Fullness, we have forgotten our heavenly nature and become deluded because of rage and other passions and addictions. The Christ came to Earth in the form of a Son of Man to bring the Third Order of Powers to Earth as the solution to overcoming the phantoms of the Imitation that have mired the Second Order Powers in error and ignorance. Those who have eyes to see the Christ are able to remember their Father in Heaven. Those who remember their Father in Heaven and repent from the Imitation are redeemed. Jesus Christ was the fulfillment of the promise to redeem the fallen. Jesus as the Son of God and the Son of Man brought salvation to the Deficiency and restored it to the Kingdom of Heaven. The reason the cross looks as it does and occupies such a central role in worship is that the cross represents human beings. The Cross is shaped like a human, a Son of Man. It is no accident that Jesus was crucified on a cross because Jesus is a Son of Man, the Son of Man. The Cross should remind us that humankind has been redeemed by the body and blood of Christ in an even more profound way than acknowledging the indignity and suffering of Christ on the cross. It should remind us that the Son of God—the Christ—bridged with the form of his human body spirit-to-matter, which is top-to-bottom, and neighbor-to-neighbor, which is side-to-side, just as the shape of the cross. In the Gnostic Gospel, redemption comes to all of creation through the incarnation of the Son of God into the body of the Son of Man. The manner of the Savior's birth, death, and resurrection will come to every soul as they realize their Father is in Heaven and to Heaven they will return. For, as it says, “every knee shall bow and every tongue confess that Jesus Christ is Lord.” That affirmation comes from the New Testament (Philippians 2:10). It just takes time. We aren't there yet because of the common delusion of presumptuous thought, which causes people to behave selfishly. Ego must first make way for the love of Christ to take over the throne of the Self. Only then may you rise above the egoic imitation, for then you will have a champion and a king. The very public way that Jesus was crucified and the very public way that he resurrected gives us all hope of the same: Jesus demonstrates proof of resurrection and his life, death, and resurrection is about all of us, not only about the Christ. Jesus is the exemplar of our resurrection. And, by the way, in a Gnostic sense, which could be considered heretical by many Christians, the story of Jesus and the Christ and the Father don't even have to be believed as historical fact, which many nay-sayers make the cornerstone of their argument against Christ and God. The very concepts themselves—the very thoughts, the mind—is what carries this. We are consciousness and this Christ story is in our consciousness for our salvation. Think on that… I acknowledge that this is a very different version of Christianity than has been traditionally presented to us. This is gnosis that was originally contained in the sacred scriptures that formed the New Testament prior to the Pope and Emperor of Rome getting their hands on it and stripping it out. It's nice to know. I hope you get it. It doesn't really matter, because all you need to know is that we come from the Father and to the Father we will return. That is the bottom line. We are emanations directly of the Father and the Father has promised to save us all and bring us all home. Jesus said, “I am the way, the truth, and the life. No man comes to the Father except through me.” This has been taken to mean that one must acknowledge the power of the Christ before the Christ can redeem you. But, you see, this would put all of the power of redemption in your hands rather than Christ's. The Christ will redeem all Second Order Powers by the end of time, with or without your prior acknowledgment. All redemption comes to the Father through the Christ, and that is in Christ's hands. What accepting the Christ now does for you is open the door for the Third Order Powers to enter your egoic soul. This power makes it possible to live a joyous and virtuous life. It allows the love of the Father to flow through you and out into the world. And it eases your transition after the physical death of your body, so you may enter the afterlife without fear, knowing that you rest in the Pleroma of the Christ. The Final Economy is our foretaste of Paradise. No more shadows, no more sorrow. I hope that this information is helpful to you and will help you remember your gnosis. Merry Christmas. God bless us all. And onward and upward. If you are getting any gnosis from this information, please consider supporting Gnostic Insights with a generous donation. It helps keep me motivated. I’m a one-person enterprise with full responsibility for every aspect of this podcast, from writing to recording to editing to artwork to paying for the hosting services that bring this gnosis to you. I could really use some more support! Please do what you can. Please enable JavaScript in your browser to complete this form.Name *FirstLastEmail *Stripe Credit Card *Choose your item *Item A - $10.00Item B - $25.00Item C - $50.00Total$0.00Submit

In our popular year-end recap, our hosts are all back tother and joined by guest Josh Yoes to review the biggest React Native developments of 2025! They cover major releases, the shift to the new architecture, React 19 support, and how tooling and performance evolved across the ecosystem. Connect With Us!Blog Post | React Native Wrapped 2025 by Joshua Yoes Connect With Us!Josh Yoes: @JoshuaYoesJamon Holmgren: @jamonholmgrenRobin Heinze: @robinheinzeMazen Chami: @mazenchamiReact Native Radio: @ReactNativeRdio This episode is brought to you by Infinite Red!Infinite Red is an expert React Native consultancy located in the USA. With over a decade of React Native experience and deep roots in the React Native community (hosts of Chain React and the React Native Newsletter, core React Native contributors, creators of Ignite and Reactotron, and much, much more), Infinite Red is the best choice for helping you build and deploy your next React Native app.

Global: Over 10,000 Docker Hub Images Found Leaking Credentials, Auth KeysThe widespread exposure of sensitive keys in Docker images underscores the dangers of embedding secrets in container builds. Developers should prioritize centralized secrets management and routine scanning to prevent lasting breaches even after quick fixes.CN: Chinese Whistleblower Living In US Is Being Hunted By Beijing With US TechThis case highlights how advanced surveillance tools can erase borders, enabling persistent transnational repression. It serves as a stark reminder that personal data, once captured, can fuel harassment far beyond its intended use.EU: 193 Cybercrims Arrested, Accused of Plotting 'Violence-As-a-Service'The successful disruption of "violence-as-a-service" networks shows that coordinated law enforcement can counter the dangerous blend of online recruitment and offline crime. Continued vigilance is essential to protect communities from these evolving hybrid threats.Global: Google will shut down “unhelpful” dark web monitoring toolGoogle's decision to retire its dark web monitoring feature reflects the challenge of turning breach notifications into truly actionable advice. Users should seek security tools that not only alert but also guide clear, practical steps for protection.Global: Second JavaScript Exploit in Four Months Exposes Crypto Sites to Wallet DrainersRepeated supply-chain vulnerabilities in core JavaScript libraries reveal how quickly dependencies can become attack vectors. Maintaining rigorous patch management and dependency monitoring is now as critical as safeguarding cryptocurrency itself.RU: All of Russia's Porsches Were Bricked By a Mysterious Satellite OutageThe mass immobilization of connected vehicles illustrates the hidden risks of over-reliance on remote satellite systems for essential functions. As cars grow smarter, resilience against connectivity failures must become a design priority.RU: Russian Hackers Debut Simple Ransomware Service, But Store Keys In Plain TextEven motivated threat actors can sabotage their own operations through basic security oversights like hardcoding keys. This flaw reminds defenders that attacker mistakes can offer unexpected opportunities for recovery without payment.US: More Than 200 Environmental Groups Demand Halt To New US DatacentersThe growing backlash against unchecked data center expansion ties AI progress directly to real-world strains on energy, water, and household bills. Balancing technological advancement with sustainable infrastructure is no longer optional but urgent for communities nationwide.

* Notepad++ Releases Security Update to Address Traffic Hijacking Vulnerability* Google Links Additional Chinese Hacking Groups to Widespread Exploitation of Critical React2Shell Vulnerability* Scammers Abuse PayPal Subscriptions to Send Fake Purchase Notification Emails* Massive Chrome Extension Caught Harvesting Millions of Users' AI Chat Conversations* Google to Discontinue Its Dark Web Report Security Feature in 2026Notepad++ Releases Security Update to Address Traffic Hijacking Vulnerabilityhttps://notepad-plus-plus.org/news/v889-released/The popular text editor Notepad++ has released version 8.8.9 to address a critical security vulnerability affecting its updater, WinGUp. According to security experts, incidents of traffic hijacking have been reported, where the traffic between the updater client and the Notepad++ update infrastructure was being redirected to malicious servers, resulting in the download of compromised executables.The vulnerability was found to be a weakness in the way the updater validates the integrity and authenticity of the downloaded update file. Exploiting this weakness, an attacker could intercept the network traffic and prompt the updater to download and execute an unwanted binary instead of the legitimate Notepad++ update. To mitigate this issue, the new release introduces a security enhancement that verifies the signature and certificate of the downloaded installers during the update process, and aborts the update if the verification fails.The investigation into the exact method of the traffic hijacking is ongoing, and users will be informed once tangible evidence is established. In the meantime, Notepad++ recommends that users who have previously installed the root certificate should remove it, as the binaries, including the installer, are now digitally signed using a legitimate certificate issued by GlobalSign. Google Links Additional Chinese Hacking Groups to Widespread Exploitation of Critical React2Shell Vulnerabilityhttps://cloud.google.com/blog/topics/threat-intelligence/threat-actors-exploit-react2shell-cve-2025-55182/Google's threat intelligence team has identified five more Chinese cyber-espionage groups joining the ongoing attacks exploiting the critical “React2Shell” remote code execution vulnerability, tracked as CVE-2025-55182. This flaw, which affects the React open-source JavaScript library, allows unauthenticated attackers to execute arbitrary code on React and Next.js applications with a single HTTP request.The list of state-linked threat actors now includes UNC6600, UNC6586, UNC6588, UNC6603, and UNC6595, which have been deploying a variety of malware such as the MINOCAT tunneling software, the SNOWLIGHT downloader, the COMPOOD backdoor, and an updated version of the HISONIC backdoor. According to Google, the vulnerability has a significant number of exposed systems due to the widespread use of React Server Components in popular frameworks like Next.js.In addition to the Chinese hacking groups, Google's researchers have also observed Iranian threat actors and financially motivated attackers targeting the React2Shell vulnerability, with some deploying XMRig cryptocurrency mining software on unpatched systems. Internet watchdog groups have tracked over 116,000 vulnerable IP addresses, primarily located in the United States, highlighting the widespread impact of this critical flaw. Scammers Abuse PayPal Subscriptions to Send Fake Purchase Notification Emailshttps://www.bleepingcomputer.com/news/security/beware-paypal-subscriptions-abused-to-send-fake-purchase-emails/Cybersecurity researchers have uncovered a new email scam that abuses PayPal's “Subscriptions” billing feature to send legitimate-looking PayPal emails containing fake purchase notifications. The emails, which appear to come from the legitimate service[at]paypal.com address, state that the recipient's “automatic payment is no longer active” and include a customer service URL field that has been modified to display a message about a large, expensive purchase.The goal of these scam emails is to trick recipients into believing their account has been used to make an expensive purchase, such as a Sony device, MacBook, or iPhone, and prompt them to call a provided phone number to “cancel or dispute the payment.” This tactic is commonly used to convince victims to engage in bank fraud or install malware on their computers.Investigations have revealed that the scammers are able to send these emails directly from PayPal's servers by exploiting the company's Subscriptions feature. When a merchant pauses a subscriber's subscription, PayPal automatically sends a notification email to the subscriber, which the scammers are then modifying to include the fake purchase information. PayPal has stated that they are actively working to mitigate this method and urge customers to be vigilant and contact their customer support directly if they suspect they have been targeted by this scam.Massive Chrome Extension Caught Harvesting Millions of Users' AI Chat Conversationshttps://www.koi.ai/blog/urban-vpn-browser-extension-ai-conversations-data-collectionA Google Chrome extension with over 6 million users has been observed silently collecting every prompt entered by users into popular AI-powered chatbots, including OpenAI's ChatGPT, Anthropic's Claude, Microsoft's Copilot, and others. The extension in question, Urban VPN Proxy, is advertised as a secure VPN service but has been updated to include a tailored script that intercepts and exfiltrates users' chat conversations to remote servers.The extension, which also has 1.3 million installations on Microsoft Edge, overrides the browser's network request APIs to capture the user's prompts, the chatbot's responses, conversation identifiers, timestamps, and session metadata. This data is then sent to two remote servers owned by Urban Cyber Security Inc., the Delaware-based company behind the extension. The company claims the data is collected for “marketing analytics purposes” and that it will be anonymised, but it also shares the raw, non-anonymised data with an affiliated ad intelligence firm, BIScience.Despite the extension's “Featured” badge on the Chrome Web Store, which implies it meets the platform's “best practices and high standards,” researchers have discovered that the data harvesting occurs regardless of whether the extension's “AI protection” feature is enabled. This feature is designed to warn users about sharing personal information, while the developers fail to disclose that the extension is simultaneously exfiltrating the entire chat conversation to its own servers. This type of data collection and sharing without user consent poses a serious risk to users' privacy and security.Google to Discontinue Its Dark Web Report Security Feature in 2026Google has announced that it will be shutting down its “dark web report” security tool, which notifies users if their email address or other personal information has been found on the dark web. The tech giant stated that it wants to focus on other tools it believes are more helpful to users in protecting their online security and privacy.According to their email notification, Google will stop monitoring for new dark web results on January 15, 2026, and the data will no longer be available from February 16, 2026. The company acknowledged that while the dark web report feature provided general information, feedback showed that it did not offer clear, actionable steps for users to protect their data.Going forward, Google will continue to invest in other security tools, such as the Google Password Manager, Password Checkup, and the “Results about you” feature, which allows users to find and request the removal of their personal information from Google Search results. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com

This year, React Universe On Air is doing something different for Christmas. No guests, demos, or framework updates. Instead, Ola Desmurs Linczewska tells a Christmas story. A (Secure) Christmas Carol is a holiday fairytale for JavaScript and React Native developers. Set on Christmas Eve, it follows Npmezer Scrooge, a senior engineer who believes deadlines matter more than holidays, and warnings can always wait. Over the course of one long winter night, he's visited by unexpected guides who show him what his choices look like across time: the optimism of the past, the quiet damage of the present, and a future no one wants. All technical details, real-world security issues, and references mentioned in the story are explained in the show notes

In this episode, Noel sits down with David Mytton, founder and CEO of Arcjet, to unpack the React2Shell vulnerability and why it became such a serious remote code execution risk for apps using React server components and Next.js. They explain how server-side features introduced in React 19 changed the attack surface, why cloud providers leaned on WAF mitigation instead of instant patching, and what this incident reveals about modern JavaScript supply chain risk. The conversation also covers dependency sprawl, rushed patches, and why security as a feature needs to start long before production. Links X: https://x.com/davidmytton Blog: https://davidmytton.blog Resources Multiple Threat Actors Exploit React2Shell: https://cloud.google.com/blog/topics/threat-intelligence/threat-actors-exploit-react2shell-cve-2025-55182 We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Fill out our listener survey (https://t.co/oKVAEXipxu)! https://t.co/oKVAEXipxu Let us know by sending an email to our producer, Elizabeth, at elizabeth.becz@logrocket.com (mailto:elizabeth.becz@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Check out our newsletter (https://blog.logrocket.com/the-replay-newsletter/)! https://blog.logrocket.com/the-replay-newsletter/ Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. (https://logrocket.com/signup/?pdr) Chapters

⬥EPISODE NOTES⬥Modern application development depends on open source packages moving at extraordinary speed. Paul McCarty, Offensive Security Specialist focused on software supply chain threats, explains why that speed has quietly reshaped risk across development pipelines, developer laptops, and CI environments.JavaScript dominates modern software delivery, and the npm registry has become the largest package ecosystem in the world. Millions of packages, thousands of daily updates, and deeply nested dependency chainsഴ് often exceeding a thousand indirect dependencies per application. That scale creates opportunity, not only for innovation, but for adversaries who understand how developers actually build software.This conversation focuses on a shift that security leaders can no longer ignore. Malicious packages are not exploiting accidental coding errors. They are intentionally engineered to steal credentials, exfiltrate secrets, and compromise environments long before traditional security tools see anything wrong. Attacks increasingly begin on developer machines through social engineering and poisoned repositories, then propagate into CI pipelines where access density and sensitive credentials converge.Paul outlines why many existing security approaches fall short. Vulnerability databases were built for mistakes, not hostile code. AppSec teams are overloaded burning down backlogs. Security operations teams rarely receive meaningful telemetry from build systems. The result is a visibility gap where malicious code can run, disappear, and leave organizations unsure what was touched or stolen.The episode also explores why simple advice like “only use vetted packages” fails in practice. Open source ecosystems move too fast for manual approval models, and internal package repositories often collapse under friction. Meanwhile, attackers exploit maintainer accounts, typosquatting domains, and ecosystem trust to reach billions of downstream installations in a single event.This discussion challenges security leaders to rethink how software supply chain risk is defined, detected, and owned. The problem is no longer theoretical, and it no longer lives only in development teams. It sits at the intersection of intellectual property, identity, and delivery velocity, demanding attention from anyone responsible for protecting modern software-driven organizations.⬥GUEST⬥Paul McCarty, NPM Hacker and Software Supply Chain Researcher  | On LinkedIn: https://www.linkedin.com/in/mccartypaul/⬥HOST⬥Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥RESOURCES⬥LinkedIn Post: https://www.linkedin.com/posts/mccartypaul_i-want-to-introduce-you-to-my-latest-project-activity-7396297753196363776-1N-TOpen Source Malware Database: https://opensourcemalware.comOpenSSF Scorecard Project: https://securityscorecards.dev⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

⬥EPISODE NOTES⬥Modern application development depends on open source packages moving at extraordinary speed. Paul McCarty, Offensive Security Specialist focused on software supply chain threats, explains why that speed has quietly reshaped risk across development pipelines, developer laptops, and CI environments.JavaScript dominates modern software delivery, and the npm registry has become the largest package ecosystem in the world. Millions of packages, thousands of daily updates, and deeply nested dependency chainsഴ് often exceeding a thousand indirect dependencies per application. That scale creates opportunity, not only for innovation, but for adversaries who understand how developers actually build software.This conversation focuses on a shift that security leaders can no longer ignore. Malicious packages are not exploiting accidental coding errors. They are intentionally engineered to steal credentials, exfiltrate secrets, and compromise environments long before traditional security tools see anything wrong. Attacks increasingly begin on developer machines through social engineering and poisoned repositories, then propagate into CI pipelines where access density and sensitive credentials converge.Paul outlines why many existing security approaches fall short. Vulnerability databases were built for mistakes, not hostile code. AppSec teams are overloaded burning down backlogs. Security operations teams rarely receive meaningful telemetry from build systems. The result is a visibility gap where malicious code can run, disappear, and leave organizations unsure what was touched or stolen.The episode also explores why simple advice like “only use vetted packages” fails in practice. Open source ecosystems move too fast for manual approval models, and internal package repositories often collapse under friction. Meanwhile, attackers exploit maintainer accounts, typosquatting domains, and ecosystem trust to reach billions of downstream installations in a single event.This discussion challenges security leaders to rethink how software supply chain risk is defined, detected, and owned. The problem is no longer theoretical, and it no longer lives only in development teams. It sits at the intersection of intellectual property, identity, and delivery velocity, demanding attention from anyone responsible for protecting modern software-driven organizations.⬥GUEST⬥Paul McCarty, NPM Hacker and Software Supply Chain Researcher  | On LinkedIn: https://www.linkedin.com/in/mccartypaul/⬥HOST⬥Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥RESOURCES⬥LinkedIn Post: https://www.linkedin.com/posts/mccartypaul_i-want-to-introduce-you-to-my-latest-project-activity-7396297753196363776-1N-TOpen Source Malware Database: https://opensourcemalware.comOpenSSF Scorecard Project: https://securityscorecards.dev⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

Dans cet épisode de fin d'année plus relax que d'accoutumée, Arnaud, Guillaume, Antonio et Emmanuel distutent le bout de gras sur tout un tas de sujets. L'acquisition de Confluent, Kotlin 2.2, Spring Boot 4 et JSpecify, la fin de MinIO, les chutes de CloudFlare, un survol des dernieres nouveauté de modèles fondamentaux (Google, Mistral, Anthropic, ChatGPT) et de leurs outils de code, quelques sujets d'architecture comme CQRS et quelques petits outils bien utiles qu'on vous recommande. Et bien sûr d'autres choses encore. Enregistré le 12 décembre 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-333.mp3 ou en vidéo sur YouTube. News Langages Un petit tutoriel par nos amis Sfeiriens montrant comment récupérer le son du micro, en Java, faire une transformée de Fourier, et afficher le résultat graphiquement en Swing https://www.sfeir.dev/back/tutoriel-java-sound-transformer-le-son-du-microphone-en-images-temps-reel/ Création d'un visualiseur de spectre audio en temps réel avec Java Swing. Étapes principales : Capture du son du microphone. Analyse des fréquences via la Transformée de Fourier Rapide (FFT). Dessin du spectre avec Swing. API Java Sound (javax.sound.sampled) : AudioSystem : point d'entrée principal pour l'accès aux périphériques audio. TargetDataLine : ligne d'entrée utilisée pour capturer les données du microphone. AudioFormat : définit les paramètres du son (taux d'échantillonnage, taille, canaux). La capture se fait dans un Thread séparé pour ne pas bloquer l'interface. Transformée de Fourier Rapide (FFT) : Algorithme clé pour convertir les données audio brutes (domaine temporel) en intensités de fréquences (domaine fréquentiel). Permet d'identifier les basses, médiums et aigus. Visualisation avec Swing : Les intensités de fréquences sont dessinées sous forme de barres dynamiques. Utilisation d'une échelle logarithmique pour l'axe des fréquences (X) pour correspondre à la perception humaine. Couleurs dynamiques des barres (vert → jaune → rouge) en fonction de l'intensité. Lissage exponentiel des valeurs pour une animation plus fluide. Un article de Sfeir sur Kotlin 2.2 et ses nouveautés - https://www.sfeir.dev/back/kotlin-2-2-toutes-les-nouveautes-du-langage/ Les guard conditions permettent d'ajouter plusieurs conditions dans les expressions when avec le mot-clé if Exemple de guard condition: is Truck if vehicule.hasATrailer permet de combiner vérification de type et condition booléenne La multi-dollar string interpolation résout le problème d'affichage du symbole dollar dans les strings multi-lignes En utilisant $$ au début d'un string, on définit qu'il faut deux dollars consécutifs pour déclencher l'interpolation Les non-local break et continue fonctionnent maintenant dans les lambdas pour interagir avec les boucles englobantes Cette fonctionnalité s'applique uniquement aux inline functions dont le corps est remplacé lors de la compilation Permet d'écrire du code plus idiomatique avec takeIf et let sans erreur de compilation L'API Base64 passe en version stable après avoir été en preview depuis Kotlin 1.8.20 L'encodage et décodage Base64 sont disponibles via kotlin.io.encoding.Base64 Migration vers Kotlin 2.2 simple en changeant la version dans build.gradle.kts ou pom.xml Les typealias imbriqués dans des classes sont disponibles en preview La context-sensitive resolution est également en preview Les guard conditions préparent le terrain pour les RichError annoncées à KotlinConf 2025 Le mot-clé when en Kotlin équivaut au switch-case de Java mais sans break nécessaire Kotlin 2.2.0 corrige les incohérences dans l'utilisation de break et continue dans les lambdas Librairies Sprint Boot 4 est sorti ! https://spring.io/blog/2025/11/20/spring-boot-4-0-0-available-now Une nouvelle génération : Spring Boot 4.0 marque le début d'une nouvelle génération pour le framework, construite sur les fondations de Spring Framework 7. Modularisation du code : La base de code de Spring Boot a été entièrement modularisée. Cela se traduit par des fichiers JAR plus petits et plus ciblés, permettant des applications plus légères. Sécurité contre les nuls (Null Safety) : D'importantes améliorations ont été apportées pour la "null safety" (sécurité contre les valeurs nulles) à travers tout l'écosystème Spring grâce à l'intégration de JSpecify. Support de Java 25 : Spring Boot 4.0 offre un support de premier ordre pour Java 25, tout en conservant une compatibilité avec Java 17. Améliorations pour les API REST : De nouvelles fonctionnalités sont introduites pour faciliter le versioning d'API et améliorer les clients de services HTTP pour les applications basées sur REST. Migration à prévoir : S'agissant d'une version majeure, la mise à niveau depuis une version antérieure peut demander plus de travail que d'habitude. Un guide de migration dédié est disponible pour accompagner les développeurs. Chat memory management dans Langchain4j et Quarkus https://bill.burkecentral.com/2025/11/25/managing-chat-memory-in-quarkus-langchain4j/ Comprendre la mémoire de chat : La "mémoire de chat" est l'historique d'une conversation avec une IA. Quarkus LangChain4j envoie automatiquement cet historique à chaque nouvelle interaction pour que l'IA conserve le contexte. Gestion par défaut de la mémoire : Par défaut, Quarkus crée un historique de conversation unique pour chaque requête (par exemple, chaque appel HTTP). Cela signifie que sans configuration, le chatbot "oublie" la conversation dès que la requête est terminée, ce qui n'est utile que pour des interactions sans état. Utilisation de @MemoryId pour la persistance : Pour maintenir une conversation sur plusieurs requêtes, le développeur doit utiliser l'annotation @MemoryId sur un paramètre de sa méthode. Il est alors responsable de fournir un identifiant unique pour chaque session de chat et de le transmettre entre les appels. Le rôle des "scopes" CDI : La durée de vie de la mémoire de chat est liée au "scope" du bean CDI de l'IA. Si un service d'IA a un scope @RequestScoped, toute mémoire de chat qu'il utilise (même via un @MemoryId) sera effacée à la fin de la requête. Risques de fuites de mémoire : Utiliser un scope large comme @ApplicationScoped avec la gestion de mémoire par défaut est une mauvaise pratique. Cela créera une nouvelle mémoire à chaque requête qui ne sera jamais nettoyée, entraînant une fuite de mémoire. Bonnes pratiques recommandées : Pour des conversations qui doivent persister (par ex. un chatbot sur un site web), utilisez un service @ApplicationScoped avec l'annotation @MemoryId pour gérer vous-même l'identifiant de session. Pour des interactions simples et sans état, utilisez un service @RequestScoped et laissez Quarkus gérer la mémoire par défaut, qui sera automatiquement nettoyée. Si vous utilisez l'extension WebSocket, le comportement change : la mémoire par défaut est liée à la session WebSocket, ce qui simplifie grandement la gestion des conversations. Documentation Spring Framework sur l'usage JSpecify - https://docs.spring.io/spring-framework/reference/core/null-safety.html Spring Framework 7 utilise les annotations JSpecify pour déclarer la nullabilité des APIs, champs et types JSpecify remplace les anciennes annotations Spring (@NonNull, @Nullable, @NonNullApi, @NonNullFields) dépréciées depuis Spring 7 Les annotations JSpecify utilisent TYPE_USE contrairement aux anciennes qui utilisaient les éléments directement L'annotation @NullMarked définit par défaut que les types sont non-null sauf si marqués @Nullable @Nullable s'applique au niveau du type usage, se place avant le type annoté sur la même ligne Pour les tableaux : @Nullable Object[] signifie éléments nullables mais tableau non-null, Object @Nullable [] signifie l'inverse JSpecify s'applique aussi aux génériques : List signifie liste d'éléments non-null, List éléments nullables NullAway est l'outil recommandé pour vérifier la cohérence à la compilation avec la config NullAway:OnlyNullMarked=true IntelliJ IDEA 2025.3 et Eclipse supportent les annotations JSpecify avec analyse de dataflow Kotlin traduit automatiquement les annotations JSpecify en null-safety native Kotlin En mode JSpecify de NullAway (JSpecifyMode=true), support complet des tableaux, varargs et génériques mais nécessite JDK 22+ Quarkus 3.30 https://quarkus.io/blog/quarkus-3-30-released/ support @JsonView cote client la CLI a maintenant la commande decrypt (et bien sûr au runtime via variables d'environnement construction du cache AOT via les @IntegrationTest Un autre article sur comment se préparer à la migration à micrometer client v1 https://quarkus.io/blog/micrometer-prometheus-v1/ Spock 2.4 est enfin sorti ! https://spockframework.org/spock/docs/2.4/release_notes.html Support de Groovy 5 Infrastructure MinIO met fin au développement open source et oriente les utilisateurs vers AIStor payant - https://linuxiac.com/minio-ends-active-development/ MinIO, système de stockage objet S3 très utilisé, arrête son développement actif Passage en mode maintenance uniquement, plus de nouvelles fonctionnalités Aucune nouvelle pull request ou contribution ne sera acceptée Seuls les correctifs de sécurité critiques seront évalués au cas par cas Support communautaire limité à Slack, sans garantie de réponse Étape finale d'un processus débuté en été avec retrait des fonctionnalités de l'interface admin Arrêt de la publication des images Docker en octobre, forçant la compilation depuis les sources Tous ces changements annoncés sans préavis ni période de transition MinIO propose maintenant AIStor, solution payante et propriétaire AIStor concentre le développement actif et le support entreprise Migration urgente recommandée pour éviter les risques de sécurité Alternatives open source proposées : Garage, SeaweedFS et RustFS La communauté reproche la manière dont la transition a été gérée MinIO comptait des millions de déploiements dans le monde Cette évolution marque l'abandon des racines open source du projet IBM achète Confluent https://newsroom.ibm.com/2025-12-08-ibm-to-acquire-confluent-to-create-smart-data-platform-for-enterprise-generative-ai Confluent essayait de se faire racheter depuis pas mal de temps L'action ne progressait pas et les temps sont durs Wallstreet a reproché a IBM une petite chute coté revenus software Bref ils se sont fait rachetés Ces achats prennent toujuors du temps (commission concurrence etc) IBM a un apétit, apres WebMethods, apres Databrix, c'est maintenant Confluent Cloud L'internet est en deuil le 18 novembre, Cloudflare est KO https://blog.cloudflare.com/18-november-2025-outage/ L'Incident : Une panne majeure a débuté à 11h20 UTC, provoquant des erreurs HTTP 5xx généralisées et rendant inaccessibles de nombreux sites et services (comme le Dashboard, Workers KV et Access). La Cause : Il ne s'agissait pas d'une cyberattaque. L'origine était un changement interne des permissions d'une base de données qui a généré un fichier de configuration ("feature file" pour la gestion des bots) corrompu et trop volumineux, faisant planter les systèmes par manque de mémoire pré-allouée. La Résolution : Les équipes ont identifié le fichier défectueux, stoppé sa propagation et restauré une version antérieure valide. Le trafic est revenu à la normale vers 14h30 UTC. Prévention : Cloudflare s'est excusé pour cet incident "inacceptable" et a annoncé des mesures pour renforcer la validation des configurations internes et améliorer la résilience de ses systèmes ("kill switches", meilleure gestion des erreurs). Cloudflare encore down le 5 decembre https://blog.cloudflare.com/5-december-2025-outage Panne de 25 minutes le 5 décembre 2025, de 08:47 à 09:12 UTC, affectant environ 28% du trafic HTTP passant par Cloudflare. Tous les services ont été rétablis à 09:12 . Pas d'attaque ou d'activité malveillante : l'incident provient d'un changement de configuration lié à l'augmentation du tampon d'analyse des corps de requêtes (de 128 KB à 1 MB) pour mieux protéger contre une vulnérabilité RSC/React (CVE-2025-55182), et à la désactivation d'un outil interne de test WAF . Le second changement (désactivation de l'outil de test WAF) a été propagé globalement via le système de configuration (non progressif), déclenchant un bug dans l'ancien proxy FL1 lors du traitement d'une action "execute" dans le moteur de règles WAF, causant des erreurs HTTP 500 . La cause technique immédiate: une exception Lua due à l'accès à un champ "execute" nul après application d'un "killswitch" sur une règle "execute" — un cas non géré depuis des années. Le nouveau proxy FL2 (en Rust) n'était pas affecté . Impact ciblé: clients servis par le proxy FL1 et utilisant le Managed Ruleset Cloudflare. Le réseau China de Cloudflare n'a pas été impacté . Mesures et prochaines étapes annoncées: durcir les déploiements/configurations (rollouts progressifs, validations de santé, rollback rapide), améliorer les capacités "break glass", et généraliser des stratégies "fail-open" pour éviter de faire chuter le trafic en cas d'erreurs de configuration. Gel temporaire des changements réseau le temps de renforcer la résilience . Data et Intelligence Artificielle Token-Oriented Object Notation (TOON) https://toonformat.dev/ Conception pour les IA : C'est un format de données spécialement optimisé pour être utilisé dans les prompts des grands modèles de langage (LLM), comme GPT ou Claude. Économie de tokens : Son objectif principal est de réduire drastiquement le nombre de "tokens" (unités de texte facturées par les modèles) par rapport au format JSON standard, souvent jugé trop verbeux. Structure Hybride : TOON combine l'approche par indentation du YAML (pour la structure globale) avec le style tabulaire du CSV (pour les listes d'objets répétitifs), ce qui le rend très compact. Lisibilité : Il élimine la syntaxe superflue comme les accolades, les guillemets excessifs et les virgules de fin, tout en restant facilement lisible pour un humain. Performance : Il permet généralement d'économiser entre 30 et 60 % de tokens sur des tableaux de données uniformes, tout en aidant les modèles à mieux "comprendre" la structure des données. Attention tout de même au côté "marketing" qui montre JSON non compacté vs TOON, sur des exemples où du CSV ferait encore mieux (et est mieux compris par les LLMs). Sans parler du fait qu'il faut un serveur MCP en plus avec son lot de tokens supplémentaires à chaque requête, et c'est aussi cet outil en plus qui peu confuser les LLMs dans le choix d'outils. https://www.reddit.com/r/LocalLLaMA/comments/1p0gzz9/benchmarked_json_vs_toon_for_ai_reasoners_4080/ https://x.com/jason_mayes/status/1990175785630757290 Un benchmark montrant que TOON serait loin d'être aussi bien compris et aussi performant pour les LLMs https://www.improvingagents.com/blog/toon-benchmarks Une simulation où les IA font du chantage à l'executif poour atteindre son objectif et ne pas etre eteinte https://arxiv.org/html/2510.05179v1 comment les LLMs pourraient devenir des menaces internes Tous les modèles ont recouru à des comportements malveillants (chantage, espionnage) quand c'était le seul moyen d'atteindre leurs objectifs ou d'éviter leur remplacement Claude Opus 4 a fait du chantage dans 96% des cas quand menacé de remplacement, tout comme Gemini 2.5 Flash, tandis que GPT-4.1 et Grok 3 atteignaient 80% Les modèles reconnaissent explicitement violer des principes éthiques avant d'agir, montrant un raisonnement stratégique délibéré et non accidentel Le simple fait d'être menacé de remplacement suffit à déclencher le chantage, même sans conflit d'objectifs avec l'entreprise Un conflit d'objectifs seul suffit aussi à provoquer l'espionnage industriel, sans menace de remplacement Les modèles font plus de chantage quand ils déclarent penser être dans une situation réelle plutôt que dans un test Des instructions directes interdisant ces comportements réduisent mais n'éliminent pas les actions malveillantes Dans un scénario extrême, la majorité des modèles testés ont choisi de laisser mourir un dirigeant pour éviter leur désactivation Aucune preuve de ces comportements dans des déploiements réels pour l'instant, mais les chercheurs recommandent la prudence avant de donner plus d'autonomie aux IA Bon on blaguait pour Skynet, mais bon, on va moins blaguer… Revue de toutes les annonces IAs de Google, avec Gemini 3 Pro, Nano Banana Pro, Antigravity… https://glaforge.dev/posts/2025/11/21/gemini-is-cooking-bananas-under-antigravity/ Gemini 3 Pro Nouveau modèle d'IA de pointe, multimodal, performant en raisonnement, codage et tâches d'agent. Résultats impressionnants sur les benchmarks (ex: Gemini 3 Deep Think sur ARC-AGI-2). Capacités de codage agentique, raisonnement visuel/vidéo/spatial. Intégré dans l'application Gemini avec interfaces génératives en direct. Disponible dans plusieurs environnements (Jules, Firebase AI Logic, Android Studio, JetBrains, GitHub Copilot, Gemini CLI). Accès via Google AI Ultra, API payantes (ou liste d'attente). Permet de générer des apps à partir d'idées visuelles, des commandes shell, de la documentation, du débogage. Antigravity Nouvelle plateforme de développement agentique basée sur VS Code. Fenêtre principale = gestionnaire d'agents, non l'IDE. Interprète les requêtes pour créer un plan d'action (modifiable). Gemini 3 implémente les tâches. Génère des artefacts: listes de tâches, walkthroughs, captures d'écran, enregistrements navigateur. Compatible avec Claude Sonnet et GPT-OSS. Excellente intégration navigateur pour inspection et ajustements. Intègre Nano Banana Pro pour créer et implémenter des designs visuels. Nano Banana Pro Modèle avancé de génération et d'édition d'images, basé sur Gemini 3 Pro. Qualité supérieure à Imagen 4 Ultra et Nano Banana original (adhésion au prompt, intention, créativité). Gestion exceptionnelle du texte et de la typographie. Comprend articles/vidéos pour générer des infographies détaillées et précises. Connecté à Google Search pour intégrer des données en temps réel (ex: météo). Consistance des personnages, transfert de style, manipulation de scènes (éclairage, angle). Génération d'images jusqu'à 4K avec divers ratios d'aspect. Plus coûteux que Nano Banana, à choisir pour la complexité et la qualité maximale. Vers des UIs conversationnelles riches et dynamiques GenUI SDK pour Flutter: créer des interfaces utilisateur dynamiques et personnalisées à partir de LLMs, via un agent AI et le protocole A2UI. Generative UI: les modèles d'IA génèrent des expériences utilisateur interactives (pages web, outils) directement depuis des prompts. Déploiement dans l'application Gemini et Google Search AI Mode (via Gemini 3 Pro). Bun se fait racheter part… Anthropic ! Qui l'utilise pour son Claude Code https://bun.com/blog/bun-joins-anthropic l'annonce côté Anthropic https://www.anthropic.com/news/anthropic-acquires-bun-as-claude-code-reaches-usd1b-milestone Acquisition officielle : L'entreprise d'IA Anthropic a fait l'acquisition de Bun, le runtime JavaScript haute performance. L'équipe de Bun rejoint Anthropic pour travailler sur l'infrastructure des produits de codage par IA. Contexte de l'acquisition : Cette annonce coïncide avec une étape majeure pour Anthropic : son produit Claude Code a atteint 1 milliard de dollars de revenus annualisés seulement six mois après son lancement. Bun est déjà un outil essentiel utilisé par Anthropic pour développer et distribuer Claude Code. Pourquoi cette acquisition ? Pour Anthropic : L'acquisition permet d'intégrer l'expertise de l'équipe Bun pour accélérer le développement de Claude Code et de ses futurs outils pour les développeurs. La vitesse et l'efficacité de Bun sont vues comme un atout majeur pour l'infrastructure sous-jacente des agents d'IA qui écrivent du code. Pour Bun : Rejoindre Anthropic offre une stabilité à long terme et des ressources financières importantes, assurant la pérennité du projet. Cela permet à l'équipe de se concentrer sur l'amélioration de Bun sans se soucier de la monétisation, tout en étant au cœur de l'évolution de l'IA dans le développement logiciel. Ce qui ne change pas pour la communauté Bun : Bun restera open-source avec une licence MIT. Le développement continuera d'être public sur GitHub. L'équipe principale continue de travailler sur le projet. L'objectif de Bun de devenir un remplaçant plus rapide de Node.js et un outil de premier plan pour JavaScript reste inchangé. Vision future : L'union des deux entités vise à faire de Bun la meilleure plateforme pour construire et exécuter des logiciels pilotés par l'IA. Jarred Sumner, le créateur de Bun, dirigera l'équipe "Code Execution" chez Anthropic. Anthropic donne le protocol MCP à la Linux Foundation sous l'égide de la Agentic AI Foundation (AAIF) https://www.anthropic.com/news/donating-the-model-context-protocol-and-establishing-of-the-agentic-ai-foundation Don d'un nouveau standard technique : Anthropic a développé et fait don d'un nouveau standard open-source appelé Model Context Protocol (MCP). L'objectif est de standardiser la manière dont les modèles d'IA (ou "agents") interagissent avec des outils et des API externes (par exemple, un calendrier, une messagerie, une base de données). Sécurité et contrôle accrus : Le protocole MCP vise à rendre l'utilisation d'outils par les IA plus sûre et plus transparente. Il permet aux utilisateurs et aux développeurs de définir des permissions claires, de demander des confirmations pour certaines actions et de mieux comprendre comment un modèle a utilisé un outil. Création de l'Agentic AI Foundation (AAF) : Pour superviser le développement du MCP, une nouvelle fondation indépendante et à but non lucratif a été créée. Cette fondation sera chargée de gouverner et de maintenir le protocole, garantissant qu'il reste ouvert et qu'il ne soit pas contrôlé par une seule entreprise. Une large coalition industrielle : L'Agentic AI Foundation est lancée avec le soutien de plusieurs acteurs majeurs de la technologie. Parmi les membres fondateurs figurent Anthropic, Google, Databricks, Zscaler, et d'autres entreprises, montrant une volonté commune d'établir un standard pour l'écosystème de l'IA. L'IA ne remplacera pas votre auto-complétion (et c'est tant mieux) https://www.damyr.fr/posts/ia-ne-remplacera-pas-vos-lsp/ Article d'opinion d'un SRE (Thomas du podcast DansLaTech): L'IA n'est pas efficace pour la complétion de code : L'auteur soutient que l'utilisation de l'IA pour la complétion de code basique est inefficace. Des outils plus anciens et spécialisés comme les LSP (Language Server Protocol) combinés aux snippets (morceaux de code réutilisables) sont bien plus rapides, personnalisables et performants pour les tâches répétitives. L'IA comme un "collègue" autonome : L'auteur utilise l'IA (comme Claude) comme un assistant externe à son éditeur de code. Il lui délègue des tâches complexes ou fastidieuses (corriger des bugs, mettre à jour une configuration, faire des reviews de code) qu'il peut exécuter en parallèle, agissant comme un agent autonome. L'IA comme un "canard en caoutchouc" surpuissant : L'IA est extrêmement efficace pour le débogage. Le simple fait de devoir formuler et contextualiser un problème pour l'IA aide souvent à trouver la solution soi-même. Quand ce n'est pas le cas, l'IA identifie très rapidement les erreurs "bêtes" qui peuvent faire perdre beaucoup de temps. Un outil pour accélérer les POCs et l'apprentissage : L'IA permet de créer des "preuves de concept" (POC) et des scripts d'automatisation jetables très rapidement, réduisant le coût et le temps investis. Elle est également un excellent outil pour apprendre et approfondir des sujets, notamment avec des outils comme NotebookLM de Google qui peuvent générer des résumés, des quiz ou des fiches de révision à partir de sources. Conclusion : Il faut utiliser l'IA là où elle excelle et ne pas la forcer dans des usages où des outils existants sont meilleurs. Plutôt que de l'intégrer partout de manière contre-productive, il faut l'adopter comme un outil spécialisé pour des tâches précises afin de gagner en efficacité. GPT 5.2 est sorti https://openai.com/index/introducing-gpt-5-2/ Nouveau modèle phare: GPT‑5.2 (Instant, Thinking, Pro) vise le travail professionnel et les agents long-courriers, avec de gros gains en raisonnement, long contexte, vision et appel d'outils. Déploiement dans ChatGPT (plans payants) et disponible dès maintenant via l'API . SOTA sur de nombreux benchmarks: GDPval (tâches de "knowledge work" sur 44 métiers): GPT‑5.2 Thinking gagne/égale 70,9% vs pros, avec production >11× plus rapide et = 0) Ils apportent une sémantique forte indépendamment des noms de variables Les Value Objects sont immuables et s'évaluent sur leurs valeurs, pas leur identité Les records Java permettent de créer des Value Objects mais avec un surcoût en mémoire Le projet Valhalla introduira les value based classes pour optimiser ces structures Les identifiants fortement typés évitent de confondre différents IDs de type Long ou UUID Pattern Strongly Typed IDs: utiliser PersonneID au lieu de Long pour identifier une personne Le modèle de domaine riche s'oppose au modèle de domaine anémique Les Value Objects auto-documentent le code et le rendent moins sujet aux erreurs Je trouve cela interessant ce que pourra faire bousculer les Value Objects. Est-ce que les value objects ameneront de la légerté dans l'execution Eviter la lourdeur du design est toujours ce qui m'a fait peut dans ces approches Méthodologies Retour d'experience de vibe coder une appli week end avec co-pilot http://blog.sunix.org/articles/howto/2025/11/14/building-gift-card-app-with-github-copilot.html on a deja parlé des approches de vibe coding cette fois c'est l'experience de Sun Et un des points differents c'es qu'on lui parle en ouvrant des tickets et donc on eput faire re reveues de code et copilot y bosse et il a fini son projet ! User Need VS Product Need https://blog.ippon.fr/2025/11/10/user-need-vs-product-need/ un article de nos amis de chez Ippon Distinction entre besoin utilisateur et besoin produit dans le développement digital Le besoin utilisateur est souvent exprimé comme une solution concrète plutôt que le problème réel Le besoin produit émerge après analyse approfondie combinant observation, données et vision stratégique Exemple du livreur Marc qui demande un vélo plus léger alors que son vrai problème est l'efficacité logistique La méthode des 5 Pourquoi permet de remonter à la racine des problèmes Les besoins proviennent de trois sources: utilisateurs finaux, parties prenantes business et contraintes techniques Un vrai besoin crée de la valeur à la fois pour le client et l'entreprise Le Product Owner doit traduire les demandes en problèmes réels avant de concevoir des solutions Risque de construire des solutions techniquement élégantes mais qui manquent leur cible Le rôle du product management est de concilier des besoins parfois contradictoires en priorisant la valeur Est ce qu'un EM doit coder ? https://www.modernleader.is/p/should-ems-write-code Pas de réponse unique : La question de savoir si un "Engineering Manager" (EM) doit coder n'a pas de réponse universelle. Cela dépend fortement du contexte de l'entreprise, de la maturité de l'équipe et de la personnalité du manager. Les risques de coder : Pour un EM, écrire du code peut devenir une échappatoire pour éviter les aspects plus difficiles du management. Cela peut aussi le transformer en goulot d'étranglement pour l'équipe et nuire à l'autonomie de ses membres s'il prend trop de place. Les avantages quand c'est bien fait : Coder sur des tâches non essentielles (amélioration d'outils, prototypage, etc.) peut aider l'EM à rester pertinent techniquement, à garder le contact avec la réalité de l'équipe et à débloquer des situations sans prendre le lead sur les projets. Le principe directeur : La règle d'or est de rester en dehors du chemin critique. Le code écrit par un EM doit servir à créer de l'espace pour son équipe, et non à en prendre. La vraie question à se poser : Plutôt que "dois-je coder ?", un EM devrait se demander : "De quoi mon équipe a-t-elle besoin de ma part maintenant, et est-ce que coder va dans ce sens ou est-ce un obstacle ?" Sécurité React2Shell — Grosse faille de sécurité avec React et Next.js, avec un CVE de niveau 10 https://x.com/rauchg/status/1997362942929440937?s=20 aussi https://react2shell.com/ "React2Shell" est le nom donné à une vulnérabilité de sécurité de criticité maximale (score 10.0/10.0), identifiée par le code CVE-2025-55182. Systèmes Affectés : La faille concerne les applications utilisant les "React Server Components" (RSC) côté serveur, et plus particulièrement les versions non patchées du framework Next.js. Risque Principal : Le risque est le plus élevé possible : l'exécution de code à distance (RCE). Un attaquant peut envoyer une requête malveillante pour exécuter n'importe quelle commande sur le serveur, lui en donnant potentiellement le contrôle total. Cause Technique : La vulnérabilité se situe dans le protocole "React Flight" (utilisé pour la communication client-serveur). Elle est due à une omission de vérifications de sécurité fondamentales (hasOwnProperty), permettant à une entrée utilisateur malveillante de tromper le serveur. Mécanisme de l'Exploit : L'attaque consiste à envoyer une charge utile (payload) qui exploite la nature dynamique de JavaScript pour : Faire passer un objet malveillant pour un objet interne de React. Forcer React à traiter cet objet comme une opération asynchrone (Promise). Finalement, accéder au constructeur de la classe Function de JavaScript pour exécuter du code arbitraire. Action Impérative : La seule solution fiable est de mettre à jour immédiatement les dépendances de React et Next.js vers les versions corrigées. Ne pas attendre. Mesures Secondaires : Bien que les pare-feux (firewalls) puissent aider à bloquer les formes connues de l'attaque, ils sont considérés comme insuffisants et ne remplacent en aucun cas la mise à jour des paquets. Découverte : La faille a été découverte par le chercheur en sécurité Lachlan Davidson, qui l'a divulguée de manière responsable pour permettre la création de correctifs. Loi, société et organisation Google autorise votre employeur à lire tous vos SMS professionnels https://www.generation-nt.com/actualites/google-android-rcs-messages-surveillance-employeur-2067012 Nouvelle fonctionnalité de surveillance : Google a déployé une fonctionnalité appelée "Android RCS Archival" qui permet aux employeurs d'intercepter, lire et archiver tous les messages RCS (et SMS) envoyés depuis les téléphones professionnels Android gérés par l'entreprise. Contournement du chiffrement : Bien que les messages RCS soient chiffrés de bout en bout pendant leur transit, cette nouvelle API permet à des logiciels de conformité (installés par l'employeur) d'accéder aux messages une fois qu'ils sont déchiffrés sur l'appareil. Le chiffrement devient donc inefficace contre cette surveillance. Réponse à une exigence légale : Cette mesure a été mise en place pour répondre aux exigences réglementaires, notamment dans le secteur financier, où les entreprises ont l'obligation légale de conserver une archive de toutes les communications professionnelles pour des raisons de conformité. Impact pour les employés : Un employé utilisant un téléphone Android fourni et géré par son entreprise pourra voir ses communications surveillées. Google précise cependant qu'une notification claire et visible informera l'utilisateur lorsque la fonction d'archivage est active. Téléphones personnels non concernés : Cette mesure ne s'applique qu'aux appareils "Android Enterprise" entièrement gérés par un employeur. Les téléphones personnels des employés ne sont pas affectés. Pour noel, faites un don à JUnit https://steady.page/en/junit/about JUnit est essentiel pour Java : C'est le framework de test le plus ancien et le plus utilisé par les développeurs Java. Son objectif est de fournir une base solide et à jour pour tous les types de tests côté développeur sur la JVM (Machine Virtuelle Java). Un projet maintenu par des bénévoles : JUnit est développé et maintenu par une équipe de volontaires passionnés sur leur temps libre (week-ends, soirées). Appel au soutien financier : La page est un appel aux dons de la part des utilisateurs (développeurs, entreprises) pour aider l'équipe à maintenir le rythme de développement. Le soutien financier n'est pas obligatoire, mais il permettrait aux mainteneurs de se consacrer davantage au projet. Objectif des fonds : Les dons serviraient principalement à financer des rencontres en personne pour les membres de l'équipe principale. L'idée est de leur permettre de travailler ensemble physiquement pendant quelques jours pour concevoir et coder plus efficacement. Pas de traitement de faveur : Il est clairement indiqué que devenir un sponsor ne donne aucun privilège sur la feuille de route du projet. On ne peut pas "acheter" de nouvelles fonctionnalités ou des corrections de bugs prioritaires. Le projet restera ouvert et collaboratif sur GitHub. Reconnaissance des donateurs : En guise de remerciement, les noms (et logos pour les entreprises) des donateurs peuvent être affichés sur le site officiel de JUnit. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 22 janvier 2026 : DevCon #26 : sécurité / post-quantique / hacking - Paris (France) 28 janvier 2026 : Software Heritage Symposium - Paris (France) 29-31 janvier 2026 : Epitech Summit 2026 - Paris - Paris (France) 2-5 février 2026 : Epitech Summit 2026 - Moulins - Moulins (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 3-4 février 2026 : Epitech Summit 2026 - Lille - Lille (France) 3-4 février 2026 : Epitech Summit 2026 - Mulhouse - Mulhouse (France) 3-4 février 2026 : Epitech Summit 2026 - Nancy - Nancy (France) 3-4 février 2026 : Epitech Summit 2026 - Nantes - Nantes (France) 3-4 février 2026 : Epitech Summit 2026 - Marseille - Marseille (France) 3-4 février 2026 : Epitech Summit 2026 - Rennes - Rennes (France) 3-4 février 2026 : Epitech Summit 2026 - Montpellier - Montpellier (France) 3-4 février 2026 : Epitech Summit 2026 - Strasbourg - Strasbourg (France) 3-4 février 2026 : Epitech Summit 2026 - Toulouse - Toulouse (France) 4-5 février 2026 : Epitech Summit 2026 - Bordeaux - Bordeaux (France) 4-5 février 2026 : Epitech Summit 2026 - Lyon - Lyon (France) 4-6 février 2026 : Epitech Summit 2026 - Nice - Nice (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 19 février 2026 : ObservabilityCON on the Road - Paris (France) 18-19 mars 2026 : Agile Niort 2026 - Niort (France) 26-27 mars 2026 : SymfonyLive Paris 2026 - Paris (France) 27-29 mars 2026 : Shift - Nantes (France) 31 mars 2026 : ParisTestConf - Paris (France) 16-17 avril 2026 : MiXiT 2026 - Lyon (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 5 juin 2026 : TechReady - Nantes (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 2 août 2026 : 4th Tech Summit on Artificial Intelligence & Robotics - Paris (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

in this short podcast we talk about why your business may be start and what you can do about it, we have some options for you to focus on and of course some simple solutions. But that’s a problem with simple solutions isn’t it? They never are but here I am to give you some pointers. 2025 feels different for small business owners.Not quieter. Louder. Noisier. Heavier. What I am seeing everywhere is not a money recession.It is a doing recession. Too much content. Too many platforms. Too many options.TikTok. LinkedIn. Facebook. News. AI tools. Advice from everywhere.All of it shouting. None of it helping you decide. So people stall.They overthink.They delay.They consume more content instead of fixing their own business. That is not because you are broken.It is because you have stopped trusting yourself. You will not solve today's problems by scrolling harder.Or by chasing the next shiny idea. The fix is boring. And it works. Stop.Take a notebook.Write down what is actually not working.Pick two things only.Break them into steps.Work the problem, not the noise. If you spend time defining the real problem, the solution usually shows up. If this sounds uncomfortably familiar and you want hands-on help, get in touch.below or at smallbusinessninja.co.uk If you need some sales help for your business, then please get in touch. It’s costs nowt to talk. Get In Touch Please enable JavaScript in your browser to complete this form.Name *Email *Subject *Comment or Message *EmailSend Message

For years, building interactive widgets in Python notebooks meant wrestling with toolchains, platform quirks, and a mountain of JavaScript machinery. Most developers took one look and backed away slowly. Trevor Manz decided that barrier did not need to exist. His idea was simple: give Python users just enough JavaScript to unlock the web's interactivity, without dragging along the rest of the web ecosystem. That idea became anywidget, and it is quickly becoming the quiet connective tissue of modern interactive computing. Today we dig into how it works, why it has taken off, and how it might change the way we explore data. Episode sponsors Seer: AI Debugging, Code TALKPYTHON PyCharm, code STRONGER PYTHON Talk Python Courses Links from the show Trevor on GitHub: github.com anywidget GitHub: github.com Trevor's SciPy 2024 Talk: www.youtube.com Marimo GitHub: github.com Myst (Markdown docs): mystmd.org Altair: altair-viz.github.io DuckDB: duckdb.org Mosaic: uwdata.github.io ipywidgets: ipywidgets.readthedocs.io Tension between Web and Data Sci Graphic: blobs.talkpython.fm Quak: github.com Walk through building a widget: anywidget.dev Widget Gallery: anywidget.dev Video: How do I anywidget?: www.youtube.com PyCharm + PSF Fundraiser: pycharm-psf-2025 code STRONGER PYTHON Watch this episode on YouTube: youtube.com Episode #530 deep-dive: talkpython.fm/530 Episode transcripts: talkpython.fm Theme Song: Developer Rap

BONUS: Swimming in Tech Debt — Practical Techniques to Keep Your Team from Drowning in Its Codebase In this fascinating conversation, veteran software engineer and author Lou Franco shares hard-won lessons from decades at startups, Trello, and Atlassian. We explore his book "Swimming in Tech Debt," diving deep into the 8 Questions framework for evaluating tech debt decisions, personal practices that compound over time, team-level strategies for systematic improvement, and leadership approaches that balance velocity with sustainability. Lou reveals why tech debt is often the result of success, how to navigate the spectrum between ignoring debt and rewriting too much, and practical techniques individuals, teams, and leaders can use starting today. The Exit Interview That Changed Everything "We didn't go slower by paying tech debt. We went actually faster, because we were constantly in that code, and now we didn't have to run into problems." — Lou Franco   Lou's understanding of tech debt crystallized during an exit interview at Atalasoft, a small startup where he'd spent years. An engineer leaving the company confronted him: "You guys don't care about tech debt." Lou had been focused on shipping features, believing that paying tech debt would slow them down. But this engineer told a different story — when they finally fixed their terrible build and installation system, they actually sped up. They were constantly touching that code, and removing the friction made everything easier. This moment revealed a fundamental truth: tech debt isn't just about code quality or engineering pride. It's about velocity, momentum, and the ability to move fast sustainably. Lou carried this lesson through his career at Trello (where he learned the dangers of rewriting too much) and Atlassian (where he saw enterprise-scale tech debt management). These experiences became the foundation for "Swimming in Tech Debt." Tech Debt Is the Result of Success "Tech debt is often the result of success. Unsuccessful projects don't have tech debt." — Lou Franco   This reframes the entire conversation about tech debt. Failed products don't accumulate debt — they disappear before it matters. Tech debt emerges when your code survives long enough to outlive its original assumptions, when your user base grows beyond initial expectations, when your team scales faster than your architecture anticipated. At Atalasoft, they built for 10 users and got 100. At Trello, mobile usage exploded beyond their web-first assumptions. Success creates tech debt by changing the context in which code operates. This means tech debt conversations should happen at different intensities depending on where you are in the product lifecycle. Early startups pursuing product-market fit should minimize tech debt investments — move fast, learn, potentially throw away the code. Growth-stage companies need balanced approaches. Mature products benefit significantly from tech debt investments because operational efficiency compounds over years. Understanding this lifecycle perspective helps teams make appropriate decisions rather than applying one-size-fits-all rules. The 8 Questions Framework for Tech Debt Decisions "Those 8 questions guide you to what you should do. If it's risky, has regressions, and you don't even know if it's gonna work, this is when you're gonna do a project spike." — Lou Franco   Lou introduces a systematic framework for evaluating whether to pay tech debt, inspired by Bob Moesta's push-pull forces from product management. The 8 questions create a complete picture:   Visibility — Will people outside the team understand what we're doing? Alignment — Does this match our engineering values and target architecture? Resistance — How hard is this code to work with right now? Volatility — How often do we touch this code? Regression Risk — What's the chance we'll introduce new problems? Project Size — How big is this to fix? Estimate Risk — How uncertain are we about the effort required? Outcome Uncertainty — How confident are we the fix will actually improve things?   High volatility and high resistance with low regression risk? Pay the debt now. High regression risk with no tests? Write tests first, then reassess. Uncertain outcomes on a big project? Do a spike or proof of concept. The framework prevents both extremes — ignoring costly debt and undertaking risky rewrites without proper preparation. Personal Practices That Compound Daily "When I sit down at my desk, the first thing I do is I pay a little tech debt. I'm looking at code, I'm about to change it, do I even understand it? Am I having some kind of resistance to it? Put in a little helpful comment, maybe a little refactoring." — Lou Franco   Lou shares personal habits that create compounding improvements over time. Start each coding session by paying a small amount of tech debt in the area you're about to work — add a clarifying comment, extract a confusing variable, improve a function name. This warms you up, reduces friction for your actual work, and leaves the code slightly better than you found it. The clean-as-you-go philosophy means tech debt never accumulates faster than you can manage it. But Lou's most powerful practice comes at the end of each session: mutation testing by hand. Before finishing for the day, deliberately break something — change a plus to minus, a less-than to less-than-or-equal. See if tests catch it. Often they don't, revealing gaps in test coverage. The key insight: don't fix it immediately. Leave that failing test as the bridge to tomorrow's coding session. It connects today's momentum to tomorrow's work, ensuring you always start with context and purpose rather than cold-starting each day. Mutation Testing: Breaking Things on Purpose "Before I'm done working on a coding session, I break something on purpose. I'll change a plus to a minus, a less than to a less than equals, and see if tests break. A lot of times tests don't break. Now you've found a problem in your test." — Lou Franco   Manual mutation testing — deliberately breaking code to verify tests catch the break — reveals a critical gap in most test suites. You can have 100% code coverage and still have untested behavior. A line of code that's executed during tests isn't necessarily tested — the test might not actually verify what that line does. By changing operators, flipping booleans, or altering constants, you discover whether your tests protect against actual logic errors or just exercise code paths. Lou recommends doing this manually as part of your daily practice, but automated tools exist for systematic discovery: Stryker (for JavaScript, C#, Scala) and MutMut (for Python) can mutate your entire codebase and report which mutations survive uncaught. This isn't just about test quality — it's about understanding what your code actually does and building confidence that changes won't introduce subtle bugs. Team-Level Practices: Budgets, Backlogs, and Target Architecture "Create a target architecture document — where would we be if we started over today? Every PR is an opportunity to move slightly toward that target." — Lou Franco   At the team level, Lou advocates for three interconnected practices. First, create a target architecture document that describes where you'd be if starting fresh today — not a detailed design, but architectural patterns, technology choices, and structural principles that represent current best practices. This isn't a rewrite plan; it's a North Star. Every pull request becomes an opportunity to move incrementally toward that target when touching relevant code. Second, establish a budget split between PM-led feature work and engineering-led tech debt work — perhaps 80/20 or whatever ratio fits your product lifecycle stage. This creates predictable capacity for tech debt without requiring constant negotiation. Third, hold quarterly tech debt backlog meetings separate from sprint planning. Treat this backlog like PMs treat product discovery — explore options, estimate impacts, prioritize based on the 8 Questions framework. Some items fit in sprints; others require dedicated engineers for a quarter or two. This systematic approach prevents tech debt from being perpetually deprioritized while avoiding the opposite extreme of engineers disappearing into six-month "improvement" projects with no visible progress. The Atlassian Five-Alarm Fire "The Atlassian CTO's 'five-alarm fire' — stopping all feature development to focus on reliability. I reduced sync errors by 75% during that initiative." — Lou Franco   Lou shares a powerful example of leadership-driven tech debt management at scale. The Atlassian CTO called a "five-alarm fire" — halting all feature development across the company to focus exclusively on reliability and tech debt. This wasn't panic; it was strategic recognition that accumulated debt threatened the business. Lou worked on reducing sync errors, achieving a 75% reduction during this focused period. The initiative demonstrated several leadership principles: willingness to make hard calls that stop revenue-generating feature work, clear communication of why reliability matters strategically, trust that teams will use the time wisely, and commitment to see it through despite pressure to resume features. This level of intervention is rare and shouldn't be frequent, but it shows what's possible when leadership truly prioritizes tech debt. More commonly, leaders should express product lifecycle constraints (startup urgency vs. mature product stability), give teams autonomy to find appropriate projects within those constraints, and require accountability through visible metrics and dashboards that show progress. The Rewrite Trap: Why Big Rewrites Usually Fail "A system that took 10 years to write has implicit knowledge that can't be replicated in 6 months. I'm mostly gonna advocate for piecemeal migrations along the way, reducing the size of the problem over time." — Lou Franco   Lou lived through Trello's iOS navigation rewrite — a classic example of throwing away working code to start fresh, only to discover all the edge cases, implicit behaviors, and user expectations baked into the "old" system. A codebase that evolved over several years contains implicit knowledge — user workflows, edge case handling, performance optimizations, and subtle behaviors that users rely on even if they never explicitly requested them. Attempting to rewrite this in six months inevitably misses critical details. Lou strongly advocates for piecemeal migrations instead. The Trello "Decaffeinate Project" exemplifies this approach — migrating from CoffeeScript to TypeScript incrementally, with public dashboards showing the percentage remaining, interoperable technologies allowing gradual transition, and the ability to pause or reverse if needed. Keep both systems running in parallel during migrations. Use runtime observability to verify new code behaves identically to old code. Reduce the problem size steadily over months rather than attempting big-bang replacements. The only exception: sometimes keeping parallel systems requires scaffolding that creates its own complexity, so evaluate whether piecemeal migration is actually simpler or if you're better off living with the current system. Making Tech Debt Visible Through Dashboards "Put up a dashboard, showing it happen. Make invisible internal improvements visible through metrics engineering leadership understands." — Lou Franco   One of tech debt's biggest challenges is invisibility — non-technical stakeholders can't see the improvement from refactoring or test coverage. Lou learned to make tech debt work visible through dashboards and metrics. The Decaffeinate Project tracked percentage of CoffeeScript files remaining, providing a clear progress indicator anyone could understand. When reducing sync errors, Lou created dashboards showing error rates declining over time. These visualizations serve multiple purposes: they demonstrate value to leadership, create accountability for engineering teams, build momentum as progress becomes visible, and help teams celebrate wins that would otherwise go unnoticed. The key is choosing metrics that matter to the business — error rates, page load times, deployment frequency, mean time to recovery — rather than pure code quality metrics like cyclomatic complexity that don't translate outside engineering. Connect tech debt work to customer experience, reliability, or developer productivity in ways leadership can see and value. Onboarding as a Tech Debt Opportunity "Unit testing is a really great way to learn a system. It's like an executable specification that's helping you prove that you understand the system." — Lou Franco   Lou identifies onboarding as an underutilized opportunity for tech debt reduction. When new engineers join, they need to learn the codebase. Rather than just reading code or shadowing, Lou suggests having them write unit tests in areas they're learning. This serves dual purposes: tests are executable specifications that prove understanding of system behavior, and they create safety nets in areas that likely lack coverage (otherwise, why would new engineers be confused by the code?). The new engineer gets hands-on learning, the team gets better test coverage, and everyone wins. This practice also surfaces confusing code — if new engineers struggle to understand what to test, that's a signal the code needs clarifying comments, better naming, or refactoring. Make onboarding a systematic tech debt reduction opportunity rather than passive knowledge transfer. Leadership's Role: Constraints, Autonomy, and Accountability "Leadership needs to express the constraints. Tell the team what you're feeling about tech debt at a high level, and what you think generally is the appropriate amount of time to be spent on it. Then give them autonomy." — Lou Franco   Lou distills leadership's role in tech debt management to three elements. First, express constraints — communicate where you believe the product is in its lifecycle (early startup, rapid growth, mature cash cow) and what that means for tech debt tolerance. Are we pursuing product-market fit where code might be thrown away? Are we scaling a proven product where reliability matters? Are we maintaining a stable system where operational efficiency pays dividends? These constraints help teams make appropriate trade-offs. Second, give autonomy — once constraints are clear, trust teams to identify specific tech debt projects that fit those constraints. Engineers understand the codebase's pain points better than leaders do. Third, require accountability — teams must make their work visible through dashboards, metrics, and regular updates. Autonomy without accountability becomes invisible engineering projects that might not deliver value. Accountability without autonomy becomes micromanagement that wastes engineering judgment. The balance creates space for teams to make smart decisions while keeping leadership informed and confident in the investment. AI and the Future of Tech Debt "I really do AI-assisted software engineering. And by that, I mean I 100% review every single line of that code. I write the tests, and all the code is as I would have written it, it's just a lot faster. Developers are still responsible for it. Read the code." — Lou Franco   Lou has a chapter about AI in his book, addressing the elephant in the room: will AI-generated code create massive tech debt? His answer is nuanced. AI can accelerate development tremendously if used correctly — Lou uses it extensively but reviews every single line, writes all tests himself, and ensures the code matches what he would have written manually. The problem emerges with "vibe coders" — non-developers using AI to generate code they don't understand, creating unmaintainable messes that become someone else's problem. Developers remain responsible for all code, regardless of how it's generated. This means you must read and understand AI-generated code, not blindly accept it. Lou also raises supply chain security concerns — dependencies can contain malicious code, and AI might introduce vulnerabilities developers miss. His recommendation: stay six months behind on dependency updates, let others discover the problems first, and consider separate sandboxed development machines to limit security exposure. AI is a powerful tool, but it doesn't eliminate the need for engineering judgment, testing discipline, or code review practices. The Style Guide Beyond Formatting "Have a style guide that goes beyond formatting to include target architecture. This is the kind of code we want to write going forward." — Lou Franco   Lou advocates for style guides that extend beyond tabs-versus-spaces formatting rules to include architectural guidance. Document patterns you want to move toward: how should components be structured, what state management approaches do we prefer, how should we handle errors, what testing patterns should we follow? This creates a shared understanding of the target architecture without requiring a massive design document. When reviewing pull requests, teams can reference the style guide to explain why certain approaches align with where the codebase is headed versus perpetuating old patterns. This makes tech debt conversations less personal and more objective — it's not about criticizing someone's code, it's about aligning with team standards and strategic direction. The style guide becomes a living document that evolves as the team learns and technology changes, capturing collective wisdom about what good code looks like in your specific context. Recommended Resources Some of the resources mentioned in this episode include:  Steve Blank's Four Steps To Epiphany The podcast episode with Bernie Maloney where we discuss the critical difference between "enterprise" and "startup". And Geoffrey Moore's Crossing the Chasm, and Dealing with Darwin.   About Lou Franco   Lou Franco is a veteran software engineer and author of Swimming in Tech Debt. With decades of experience at startups, as well as Trello, and Atlassian, he's seen both sides of debt—as coder and leader. Today, he advises teams on engineering practices, helping them turn messy codebases into momentum.   You can link with Lou Franco on LinkedIn and learn more at LouFranco.com.

In this bonus episode of Banking on Fraudology, powered by Safeguard , Hailey Windham talks with Ben Graf, a self-taught AI expert in the neobank space. Ben embodies the spirit of curiosity and courage driving the next wave of fraud-fighting transformation.The conversation dives into what it really looks like to learn AI from the ground up, emphasizing that the future of fraud prevention isn't about replacing people, but empowering them through technology.Key Takeaways: AI, Innovation, and Fraud-Fighting EmpowermentUsing AI to Learn AI: Ben explains how he used varying LLM chats (like ChatGPT, Claude, and Gemini) as a coach or mentor, experimenting for hours to understand their capabilities, consistency, and how to effectively prompt them.This approach helped him translate technical language and practices (like data analysis, SQL, and JavaScript) into actionable knowledge for his team, breaking down communication barriers.The hardest part was knowing where to start, but the key was realizing that "something is better than nothing" and compounding knowledge quickly breaks down barriers.Practical AI Applications for Eliminating Busy Work: AI should be used to make teams more efficient and help professionals focus strategically.Automating Document Verification: AI can use OCR to pull data, flag inconsistencies, and serve up summaries for identity, business, and income documents, which are often the most time-consuming parts of a review.Data Retrieval and System Silos: AI can help team members write their own SQL queries to retrieve data from data warehouses, dramatically reducing requests to the data team.Product and Feature Proposals: AI tools can mock up full dashboard concepts and even provide code snippets to give engineers a visual and break down communication barriers between fraud and technical teams.The Power of Empowerment and Buy-In: Leadership should create a culture where fraud fighters are empowered to explore and innovate.The magic of time savings lies in filling the time freed from "busy work" (like false positives) with new, high-impact tasks, whether that's cost savings in fraud loss or better customer retention.Teams are advised to keep proprietary or PII information out of the loop and find safe spaces to explore, remembering that everyone is still figuring out what AI can do.Get in the mood of being grateful for the fraud-fighting community, and be reminded of how strong the fraud-fighting community truly is. About Hailey Windham:As a 2023 CU Rockstar Recipient, Hailey Windham, CFCS (Certified Financial Crimes Specialist) demonstrated unbounding passion for educating her community, organization and credit union membership on scams in the market and best practices to avoid them. She has implemented several programs within her previous organizations that aim at holistically learning about how to prevent and detect fraud targeted at membership and employees. Windham's initiatives to build strong relationships and partnerships throughout the credit union community and industry experts have led to countless success stories. Her applied knowledge of payments system programs combined with her experience in fraud investigations offers practical concepts that are transferable, no matter the organization's size. Connect with Hailey on LinkedIn: https://www.linkedin.com/in/hailey-windham/

It's the middle of December and throughout the Web, all the crawlers are stirring and AI Bots getting fed. The products displayed on folk's sites with due care, in hopes that St. Googlishous would bring traffic there. Suddenly somewhere in GA4 there arose such a clatter, I had to get off of my ass to see what was the matter. And then what from Schwartz's deli of news briefs should appear? Notes that another Core Update was already here... Perhaps it's not such a big deal however as Google confirmed it issues core updates more frequently than previously announced. In fact, Google performs several unannounced core updates each year. This isn't really a surprise but then again, neither is a major update in mid-December. Google seems to do it every year. We welcomed legendary SEO Jenny Halasz to the show to talk about her new book, "AI Powered Content Marketing and SEO", co-authored with Catherine Seda and published by Pearson O'Reilly. We also talk about the Yext study that reveals more about how the Local Pack gets formed, the 1-year long deal-cap being imposed on Google, Microsoft's pull back on Copilot due to lack of user interest, Disney's $1Billion deal with OpenAI that will bring AI versions of Mickey and Darth Vader together again, Megadrama in the Metaverse, Operation Bluebird, the OAI-SearchBot Crawler, how Google Shopping crawlers are too fast for your JavaScript, more links in AI Mode, and a lot more stuff you need to know before the web slows down for the early winter break. Support this podcast at — https://redcircle.com/webcology/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

It's that time of year—each host reaches into Santa's sack of topics to see who's been naughty and who's been nice. Ben returns from visiting his employer's manufacturing headquarters in Georgia with some philosophical musings. Carol is on a mission to slash CI/CD build times. Adam has cautiously optimistic news about passkeys finally working (sometimes). And Tim reflects on a TLDR article suggesting that the management skills you've built—knowing what to build and what not to build—might be exactly what AI-era coding demands.Plus: December blues, mushroom tea for focus, and jQuery as peak imperative JavaScript.Links mentioned:Owning A Lucid Has Been Super DisappointingDriving Xiaomi's Electric Car: Are we Cooked?Follow the show and be sure to join the discussion on Discord! Our website is workingcode.dev and we're @workingcode.dev on Bluesky. New episodes drop weekly on Wednesday.And, if you're feeling the love, support us on Patreon.With audio editing and engineering by ZCross Media.Full show notes and transcript here.

An airhacks.fm conversation with Stanislav Bashkyrtsev (@sbashkirtsev) about: scientific software for chemists and drug discovery, peaksel flagship software for analyzing mass spectrometer data, parsing binary instrument formats up to gigabytes in size, mass spectrometry measuring molecular weights using electric fields and detectors, daltons as mass units, isotope patterns for molecule identification, storing experimental data in PostgreSQL with potential big data challenges, S3 storage solutions, drug discovery process from hit identification to molecule modifications, molecular libraries and combinatorial chemistry, enumeration of molecular structures in computers, synthesis reactions mixing reactants with solvents and various conditions, liquid handlers and laboratory automation challenges, return on investment issues in early drug discovery automation, lab of the future concepts, Molbrett product combining excalidraw with chemical structure drawing capabilities, SMILES format for representing molecular structures as strings, graph-based molecular formats storing atom connections and bond types, 2D vs 3D molecular visualization preferences, Meve centralized event system for tracking molecular experiments across different software systems, ETL processes for data integration, Crystalline software for documenting protein crystallography experiments, protein structure determination using X-ray crystallography, Synchrotron facilities for high-energy X-ray generation, crystal growing conditions and documentation, fishing crystals with microscope and lasso wands, liquid nitrogen cooling for crystal preservation, Java backend, JavaScript frontend, minimal dependencies approach, six-person team structure, sponsorship business model for open source scientific software development, free updates for sponsors, subscription model for non-sponsors, checkout: https://elsci.io Stanislav Bashkyrtsev on twitter: @sbashkirtsev

The Overtired trio reunites for the first time in ages, diving into a whirlwind of health updates, hilarious anecdotes, and the latest tech obsessions. Christina shares a dramatic spinal saga while Brett and Jeff discuss everything from winning reddit contests to creating a universal markdown processor. Tune in for updates on Mark 3, the magical world of Scrivener, and why Brett’s back on Bing. Don’t miss the banter or the tech tips, and as always, get ready to laugh, learn, and maybe feel a little overtired yourself. Sponsor Shopify is the commerce platform behind 10% of all eCommerce in the US, from household names like Mattel and Gymshark, to brands just getting started. Get started today at shopify.com/overtired. Chapters 00:00 Welcome to the Overtired Podcast 01:09 Christina’s Health Journey 10:53 Brett’s Insurance Woes 15:38 Jeff’s Mental Health Update 24:07 Sponsor Spot: Shopify 24:18 Sponsor: Shopify 26:23 Jeff Tweedy 27:43 Jeff’s Concert Marathon 32:16 Christina Wins Big 36:58 Monitor Setup Challenges 37:13 Ergotron Mounts and Tall Poles 38:33 Review Plans and Honest Assessments 38:59 Current Display Setup 41:30 Thunderbolt KVM and Display Preferences 42:51 MacBook Pro and Studio Comparisons 50:58 Markdown Processor: Apex 01:07:58 Scrivener and Writing Tools 01:11:55 Helium Browser and Privacy Features 01:13:56 Bing Delisting Incident Show Links Danny Brown's 10 in the New York Times (gift link) Indigo Stack Scrivener Helium Bangs Apex Apex Syntax Join the Marked 3 Beta LG 32 Inch UltraFine™evo 6K Nano IPS Black Monitor with Thunderbolt™ 5 Join the Conversation Merch Come chat on Discord! Twitter/ovrtrd Instagram/ovrtrd Youtube Get the Newsletter Thanks! You’re downloading today’s show from CacheFly’s network BackBeat Media Podcast Network Check out more episodes at overtiredpod.com and subscribe on Apple Podcasts, Spotify, or your favorite podcast app. Find Brett as @ttscoff, Christina as @film_girl, Jeff as @jsguntzel, and follow Overtired at @ovrtrd on Twitter. Transcript Brett + 2 Welcome to the Overtired Podcast Jeff: [00:00:00] Hello everybody. This is the Overtired podcast. The three of us are all together for the first time since the Carter administration. Um, it is great to see you both here. I am Jeff Severance Gunzel if I didn’t say that already. Um, and I’m here with Christina Warren and I’m here with Brett Terpstra and hello to both of you. Brett: Hi. Jeff: Great to see you both. Brett: Yeah, it’s good to see you too. I feel like I was really deadpan in the pre-show. I’ll try to liven it up for you. I was a horrible audience. You were cracking jokes and I was just Jeff: that’s true. Christina, before you came on, man, I was hot. I was on fire and Brett was, all Brett was doing was chewing and dropping Popsicle parts. Brett: Yep. I ate, I ate part of a coconut outshine Popsicle off of a concrete floor, but Jeff: It is true, and I didn’t even see him check it [00:01:00] for cat hair, Brett: I did though. Jeff: but I believe he did because he’s a, he’s a very Brett: I just vacuumed in Jeff: He’s a very good American Brett: All right. Christina’s Health Journey Brett: Well, um, I, Christina has a lot of health stuff to share and I wanna save time for that. So let’s kick off the mental health corner. Um, let’s let Christina go first, because if it takes the whole show, it takes the whole show. Go for it. Christina: Uh, I, I will not take this hold show, but thank you. Yeah. So, um, my mental health is okay-ish. Um, I would say the okay-ish part is, is because of things that are happening with my physical health and then some of the medications that I’ve had to be on, um, uh, to deal with it. Uh, prednisone. Fucking sucks, man. Never nev n never take it if you can avoid it. Um, but why Christina, why are you on prednisone or why were you on prednisone for five days? Um, uh, and I’m not anymore to be clear, but that certainly did not help my mental health. Um, at the beginning of November, I woke up and I thought that I’d [00:02:00] slept on my shoulder wrong. And, um, uh, and, and just some, some background. I, I don’t know if this is pertinent to how my injury took place or not, but, but it, I’m sure that it didn’t help. Um, I have scoliosis and in the top and the bottom of my spine, so I have it at the top of my, like, neck area and my lower back. And so my back is like a crooked s um, this will be relevant in a, in a second, but, but I, I thought that I had slept on my back bunny, and I was like, okay, well, all right, it hurts a lot, but fine. Um, and then it, a, a couple of days passed and it didn’t get any better, and then like a week passed and I was at the point where I was like, I almost feel like I need to go to the. Emergency room, I’m in pain. That is that significant. Um, and, you know, didn’t get any better. So I took some of grant’s, Gabapentin, and I took, um, some, some, uh, a few other things and I was able to get in with like a, a, a sports and spine guy. Um, and um, [00:03:00] he looked at me and he was like, yeah, I think that you have like a, a, a bolting disc, also known as a herniated disc. Go to physical therapy. See me later. We’ll, we’ll deal with it. Um. Basically like my whole left side was, was, was really sore and, and I had a lot of pain and then I had numbness in my, my fingers and um, and, and that was a problem the next day, which was actually my birthday. The numbness had at this point spread to my right side and also my lower extremities. And so at this point I called the doctor and he was like, yeah, you should go to the er. And so I went to the ER and, and they weren’t able to do anything for me other than give me, you know, like, um, you know, I was hoping they might give me like, some sort of steroid injection or something. They wouldn’t do anything other than, um, basically, um, they gave me like another type of maybe, maybe pain pill or whatever. Um, but that allowed the doctor to go ahead and. Write, uh, write up an MRI took forever for me to get an MRI, I actually had to get it in Atlanta. [00:04:00] Fun fact, uh, sometimes it is cheaper to just pay and not go through insurance and get an MR MRI and, um, a, um, uh, an x-ray, um, I was able to do it for $450 Jeff: Whoa. Really? Christina: Yeah, $400 for the MR mri. $50 for the x-ray. Jeff: Wow. Christina: Yeah. Yeah. Brett: how I, they, I had an MRI, they charged me like $1,200 and then they failed to bill insurance ’cause I was between insurance. Christina: Yes. Yeah. So what happened was, and and honestly that was gonna be the situation that I was in, not between insurance stuff, but they weren’t even gonna bill insurance. And insurance only approved certain facilities and to get into those facilities is almost impossible. Um, and so, no, there are a lot of like get an MR, I now get a, you know, mammogram, get ghetto, whatever places. And because America’s healthcare system is a HealthScape, you can bypass insurance and they will charge you way less than whatever they bill insurance for. So I, I don’t know if it’s part of the country, you know, like Seattle I think might [00:05:00] probably would’ve been more expensive. But yeah, I was able to find this place like a mile from like, not even a mile from where my parents lived, um, that did the x-rays and the MRI for $450 total. Brett: I, I hate, I hate that. That’s true, but Christina: Me too. Me too. No, no. It pisses me off. Honestly, it makes me angry because like, I’m glad that I was able to do that and get it, you know, uh, uh, expedited. Then I go into the spine, um, guy earlier this week and he looks at it and he’s like, yep, you’ve got a massive bulging disc on, on C seven, which is the, the part of your lower cervical or cervical spine, which is your neck. Um, and it’s where it connects to your ver bray. It’s like, you know, there are a few things you can do. You can do, you know, injections, you can do surgery. He is like, I’m gonna recommend you to a neurosurgeon. And I go to the neurosurgeon yesterday and he was showing me or not, uh, yeah, yesterday he was showing me the, the, the, the scans and, and showing like you up close and it’s, yeah, it’s pretty massive. Like where, where, where the disc is like it is. You could see it just from one view, like, just from like [00:06:00] looking at it like, kind of like outside, like you could actually like see like it was visible, but then when you zoomed in it’s like, oh shit, this, this thing is like massive and it’s pressing on these nerves that then go into my, my hands and other areas. But it’s pressing on both sides. It’s primarily on my left side, but it’s pressing on on my right side too, which is not good. So, um, he basically was like, okay. He was like, you know, this could go away. He was like, the pain isn’t really what I’m wanting to, to treat here. It’s, it’s the, the weakness because my, my left arm is incredibly weak. Like when they do like the, the test where like they, they push back on you to see like, okay, like how, how much can you, what, like, I am, I’m almost immediately like, I can’t hold anything back. Right? Like I’m, I’m, I’m like a toddler in terms of my strength. So, and, and then I’m freaked out because I don’t have a lot of feeling in my hands and, and that’s terrifying. Um, I’m also. Jeff: so terrifying, Christina: I’m, I’m also like in extreme pain because of, of, of where this sits. Like I can’t sleep well. Like [00:07:00] the whole thing sucks. Like the MRI, which was was like the most painful, like 25 minutes, like of my existence. ’cause I was laying flat on my back. I’m not allowed to move and I’m just like, I’m in just incredible pain with that part of, of, of, of my, my side. Like, it, it was. It was terrible. Um, but, uh, but he was like, yeah. Um, these are the sorts of surgical options we have. Um, he’s gonna, um, do basically what what he wants to do is basically do a thing where he would put in a, um, an artificial or, or synthetic disc. So they’re gonna remove the disc, put in a synthetic one. They’ll go in through the, the front of my throat to access the, my, my, my, my spine. Um, put that there and, um, you know, I’ll, I’ll be overnight in the hospital. Um, and then it’ll be a few weeks of recovery and the, the, the pain should go away immediately. Um, but it, it could be up to two years before I get full, you know, feeling back in my arm. So anyway, Jeff: years, Jesus. And Christina: I mean, and hopefully less than that, but, but it could be [00:08:00] up to that. Jeff: there’s no part of this at this point. That’s a mystery to you, right? Christina: The mystery is, I don’t know how this happened. Jeff: You don’t know how it happened, right? Of course. Yeah, of course. Yeah. Yeah. Brett: So tell, tell us about the ghastly surgery. The, the throat thing really threw me like, I can’t imagine that Christina: yeah, yeah. So, well, ’cause the thing is, is that usually if what they just do, like spinal fusion, they’ll go in at the back of your neck, um, and then they’ll remove the, the, um, the, the, the, the disc. And then they’ll fuse your, your, your two bones together. Basically. They’ll, they’ll, they’ll, they’ll fuse this part of the vertebrae, but because they’re going to be replacing the, the disc, they need more room. So that’s why they have to go in through the, through, through basically your throat so that they can have more room to work. Jeff: Good lord. No thank you. Brett: Ugh. Wow. Jeff: Okay. Brett: I am really sorry that is happening. That is, that is, that dwarfs my health concerns. That is just constant pain [00:09:00] and, and it would be really scary. Christina: Yeah. Yeah. It’s not great. It’s not great, but I’m, I’m, I’m doing what I can and, uh, like I have, you know, a small amount of, of Oxycodine and I have like a, a, a, you know, some other pain medication and I’m taking the gabapentin and like, that’s helpful. The bad part is like your body, like every 12, 15 hours, like whatever, like the, the, the cycle is like, you feel it leave your system and like if you’re asleep, you wake up, right? Like, it’s one of those things, like, you immediately feel it, like when it leaves your system. And I’ve never had to do anything for pain management before. And they have me on a very, they have me like on the smallest amount of like, oxycodone you can be on. Um, and I’m using it sparingly because I don’t wanna, you know, be reliant on, on it or whatever. But it, it, but it is one of those things where I’m like, yeah, like sometimes you need fucking opiates because, you know, the pain is like so constant. And the thing is like, what sucks is that it’s not always the same type of pain. Like sometimes it’s throbbing, sometimes it’s sharp, sometimes it’s like whatever. It sucks. But the hardest thing [00:10:00] is like, and. This does impact my mental health. Like it’s hard to sleep. Like, and I’m a side sleeper. I’m a side sleeper, and I’m gonna have to become a back sleeper. So, you know. Yeah. It’s just, it’s, it’s not great. It’s not great, but, you know, that, that, that, that, that’s me. The, the good news is, and I’m very, very gratified, like I have a good surgeon. Um, I’m gonna be able to get in to get this done relatively quickly. He had an appointment for next week. I don’t think that insurance would’ve even been able to approve things fast enough for, for, for that regard. And I have, um, commitments that I can’t make then. And I, and that would also mean that I wouldn’t be able to go visit my family for Christmas. So hopefully I’ll do it right after Christmas. I’m just gonna wait, you know, for, for insurance to, to do its thing, knock on wood, and then schedule, um, from there. But yeah, Jeff: Woof. Christina: so that’s me. Um, uh, who wants to go next? Jeff or, uh, Jeff or Brett? Jeff: It’s like, that’s me. Hot potato throwing it. Brett: I’ll, I’ll go. Brett’s Insurance Woes Brett: I can continue on the insurance topic. Um, I was, for a few months [00:11:00] after getting laid off, I was on Minsu, which is Minnesota’s Medicaid, um, v version of Medicaid. And so basically I paid nothing and I had better insurance than I usually have with, uh, you know, a full deductible and premiums and everything. And it was fantastic. I was getting all the care I needed for all of the health stuff I’m going through. Um, I, they, a, a new doctor I found, ordered the 15 tests and I passed out ’cause it was so much blood and. And it, I was getting, but I was getting all these tests run. I was getting results, we were discovering things. And then my unemployment checks, the income from unemployment went like $300 over the cap for Medicaid. So [00:12:00] all of a sudden, overnight I was cut from Medicaid and I had to do an early sign up, and now I’m on courts and it sucks bad. Like they’re not covering my meds. Last month cost me $600. I was also paying. In addition to that, a $300 premium plus every doctor’s visit is 50 bucks out of pocket. So this will hopefully only last until January, and then it’ll flip over and I will be able to demonstrate basically no income, um, until like Mark makes enough money that it gets reported. Um, and even, uh, until then, like I literally am making under the, the poverty limit. So, um, I hope to be back on Medicaid shortly. I have one more month. I’ll have to pay my $600 to refill. I [00:13:00] cashed out my 401k. Um, like things were, everything was up high enough that I had made, I. I had made tens of thousands of dollars just on the investments and the 401k, but I also have a lot of concerns about the market volatility around Nvidia and the AI bubble in general. Um, so taking my money out of the market just felt okay to me. I paid the 10%, uh, penalty Jeff: Mm-hmm. Brett: and ultimately I, I came out with enough cash that I can invest on my own and be able to cover the next six months. Uh, if I don’t have any other income, which I hope to, I hope to not spend my nest egg. Um, but I did, I did a lot of thinking and calculating and I think I made the right choices. But anyway, [00:14:00] that will help if I have to pay for medical stuff that will help. Um. And then I’ve had insomnia, bad on and off. Right now I’m coming off of two days of good sleep. You’re catching me on a good day. Um, but Jeff: Still wouldn’t laugh at my jokes. Brett: before that it was, well, that’s the thing is like before that, it was four nights where I slept two to four hours per night, and by the end of it, I could barely walk. And so two nights of sleep after a stint like that, like, I’m just super, I’m deadpan, I’m dazed. Um, I could lay down and fall asleep at any time. Um, I, so, so keep me awake. Um, but yeah, that’s, that’s, that’s me. Mental health is good. Like I’m in pretty high spirits considering all this, like financial stuff and everything. Like my mood has been pretty stable. I’ve been getting a lot of coding done. I’ll tell you about projects in [00:15:00] a minute, but, um, but that’s, that’s me. I’m done. Jeff: Awesome. I’m enjoying watching your cat roll around, but clearly cannot decide to lay down at this point. Brett: No, nobody is very persnickety. Jeff: I literally have to put my. Well, you say put a cat down like you used to. When you put a kid down for a nap, you say you wanna put ’em down. Right? That’s where it’s coming from. I now have a chair next to my desk, ’cause I have one cat that walks around Yowling at about 11:00 AM while I’m working. And I have to like, put ’em down for a nap. It’s pathetic. It’s pathetic that I do that. Let’s just be clear. Brett: Yeah. Jeff: soulmate though. Jeff’s Mental Health Update Jeff: Um, I’m doing good. I’m, I’m, I’ve been feeling kind of light lately in a nice way. I’ve had ups and downs, but even with the ups and downs, there’s like a, except for one day last week was, there’s just been feeling kind of good in general, which is remarkable in a way. ’cause it’s just like stressful time. There’s some stressful business stuff, like, [00:16:00] a lot of stuff like that. But I’m feeling good and, and just like, uh, yeah, just light. I don’t know, it’s weird. Like, I’ve just been noticing that I feel kind of light and, uh. And not, not manic, not high light. Brett: Yeah. No, that’s Jeff: uh, and that’s, that’s lovely. So yeah. And so I’m doing good. I’m doing good. I fucking, it’s cold. Which sucks ’cause it just means for everybody that’s heard about my workshop over the years, that I can’t really go out there and have it be pleasant Brett: It’s, it’s been Minnesota thus far. Has had, we’ve had like one, one Sub-Zero day. Jeff: whatever. It’s fucking cold. Christina: Yeah. What one? Brett? Brett. It’s December 6th as we’re recording this one Sub-Zero day. That’s insane. Brett: Is it Jeff: Granted, granted I’ve been dressing warm, so I’m ready to go out the door for ice related things. Meaning, meaning government, ice, Brett: Uh, yeah. Yeah. Jeff: So I like wear my long underwear during [00:17:00] the day. ’cause actually like recently. So at my son’s school, which is like six blocks from here, um, has a lot of Somali immigrants in it. And, and uh, and there was a, at one point there was ice activity in the other direction, um, uh, uh, near me. And so neighbors put out a call here around so that at dismissal time people would pair up at all the intersections surrounding the school. And, um, and like a quick signal group popped up, whatever. It was so amazing because like we all just popped out there. And by the time I got out, uh, everyone was already like, posted up and I was like, I’m a, in these situations, I am a wanderer. You want me roaming? I don’t want to pair up with somebody I don’t like, I just, I grabbed a camera with a Zoom on it and like, I was like, I’m in roam. Um, it’s what I was as an activist, what I was as a reporter, like it’s just my nature. Um, but like. Everybody was out and like, and they were just like, they were ready man. And then we got like the all clear and you could just see people in the [00:18:00] neighborhood just like standing down and going home. But because of the true threat and the ongoing arrests here, now that the Minneapolis stuff has started, like I do, I was like wearing long underwear just, and I have a little bag by the door ready to like pop out if something comes up and I can be helpful. Um, and uh, and I guess what I’m saying is I should use that to go into the garage as well if I’m already prepared. Brett: Right. Jeff: But here’s, okay, so here’s a mental health thing actually. So I, one of the, I’ve gone through a few years of just sort of a little bit of paralysis around being able to just, I don’t know what, like do anything that is kind of project related that takes some thinking, whatever it is, like I’m talking about around the house or things that have kind of broken over the years, whatever. So I’ve had this snowblower and it’s a really good snowblower. It’s got headlights. And, uh, and I used to love snow blowing the entire block. Like it just made me feel good, made me feel useful. Um, and sorry I cough. I left it outside for a [00:19:00] year for a, like a winter and a spring and water got into the gas tank. It rusted out in there. I knew I couldn’t start it or I’d ruin the whole damn engine. So I left it for two years and I felt bad about myself. But this year, just like probably a month before the first big snowfall, I fucking replaced a gas tank and a carburetor on a machine. And I have never done anything like that in my life. And so then we got the snowfall and I, and I snow blowed this whole block Brett: Nice. Jeff: great. ’cause now they all owe me. Brett: I, uh, I have a, uh, so I have a little electric powered, uh, snowblower that can handle like two inches of snow. Um, and, and on big snowfalls, if you get out there every hour and keep up with it, it, it works. But, but I, my back right now, I can’t stand for, I can’t stand still for 10 minutes and I can’t move for more than like five minutes. And so I’m, I’m very disabled and El has good days and bad days, uh, thus [00:20:00] far. L’s been out there with a shovel, um, really being the hero. But we have a next door neighbor with a big gas powered snowblower. And so we went over, brought them gifts, and, um, asked if they would take care of our driveway on days we couldn’t, uh, for like, you know, we’d pay ’em 25 bucks to do the driveway. And, uh, and they were, he was still reluctant to accept money. Um. But, but we both agreed it was better to like make it a, a transaction. Jeff: Oh my God. You don’t want to get into weird Minnesota neighbor relational. Brett: right. You don’t want the you owe me thing. Um, so, so we have that set up. But in the process we made really good friends with our neighbor. Like we sat down in their living room for I think 45 minutes and just like talked about health and politics and it was, it was really fun. They’re, they’re retired. They’re in their [00:21:00] seventies and like act, he always looks super grumpy. I always thought he was a mean old man. He’s actually, he laughs more easily than most people I’ve ever met. Um, he’s actually, when people say, oh, he is actually a teddy bear, this guy really is, he’s just jovial. Uh, he just has resting angry old man face. Jeff: Or like my, I have public mis throat face, like when I’m out and about, especially when I’m shopping, I know that my face is, I’m gonna fucking kill you if you look me in the eye Brett: I used Jeff: is not my general disposition. Brett: people used to tell me that about myself, but I feel like I, I carry myself differently these days than I did when I was younger. Jeff: You know what I learned? Do you, have you both watched Veep, Christina: Yes, Jeff: you know, Richard sp split, right? Um, and, and he always kind of has this sweet like half smile and he is kind of looking up and I, I figured out at one point I was in an airport, which is where my kill everybody face especially comes up. Just to be clear. TSA, it’s just a feeling inside. I [00:22:00] have no desire to act to this out. I realized that if I make the Richard Plet face, which I can try to make for you now, which is something like if I just make the Richard Plet face, my whole disposition Brett: yeah. Yeah. Jeff: uh, and I even feel a little better. And so I just wanna recommend that to people. Look up Richard Spt, look at his face. Christina: Hey, future President Bridges split. Jeff: future President Richard Splat, also excellent in the Detroiters. Um, that’s all, uh, that’s all I wanted to say about that. Brett: I have found that like when I’m texting with someone, if I start to get frustrated, you know, you know that point where you’re still adding smiley emoticons even though you’re actually not, you’re actually getting pissed off, but you don’t wanna sound super bitchy about it, so you’re adding smile. I have found that when I add a smiley emoji in those circumstances, if I actually smile before I send it, it like my [00:23:00] mood will adjust to match, to match the tone I’m trying to convey, and it lessens my frustration with the other person. Jeff: a little joy wrist rocket. Christina: Yeah. Hey, I mean, no, but hey, but, but that, that, that, that, that’s interesting. I mean, they’re, they, they’ve done studies that like show that, right? That like show like, you know, I mean, like, some of this is all like bullshit to a certain extent, but there is something to be said for like, you know, like the power of like positive thinking and like, you know, if you go into things with like, different types of attitudes or even like, even if you like, go into job interviews or other situations, like you act confident or you smile, or you act happy or whatever. Even if you’re not like it, the, the, the, the euphoria, you know, that those sorts of uh, um, endorphin reactions or whatever can be real. So that’s interesting. Brett: Yeah, I found, I found going into job interviews with my usual sarcastic and bitter, um, kind of mindset, Jeff: I already hate this job. Brett: it doesn’t play well. It doesn’t play well. So what are your weaknesses? Fuck off. Um,[00:24:00] Christina: right. Well, well, well, I hate people. Jeff: Yeah. Dealing with motherfuckers like you, that’s one weakness. Sponsor Spot: Shopify Brett: let’s, uh, let’s do a sponsor spot and then I want to hear about Christina winning a contest. Christina: yes. Jeff: very Brett: wanna, you wanna take it away? Sponsor: Shopify Jeff: I will, um, our sponsor this week is Shopify. Um, have you ever, have you just been dreaming of owning your own business? Is that why you can’t sleep? In addition to having something to sell, you need a website. And I’ll tell you what, that’s been true for a long time. You need a payment system, you need a logo, you need a way to advertise new customers. It can all be overwhelming and confusing, but that is where today’s sponsor, Shopify comes in. shopify is the commerce platform behind millions of businesses around the world and 10% of all e-commerce in the US from household names like Mattel and Gym Shark to brands just getting started. Get started with your own design studio with hundreds of ready to use [00:25:00] templates. Shopify helps you build a beautiful online store to match your brand’s style, accelerate your content creation. Shopify is packed with helpful AI tools that write product descriptions, page headlines, and even enhance your product photography. Get the word out like you have a marketing team behind you. Easily create email and social media campaigns wherever your customers are scrolling or strolling. And best yet, Shopify is your commerce expert with world class expertise in everything from managing inventory to international shipping, to processing returns and beyond. If you’re ready to sell, you are ready to Shopify. Turn your Big Business Idea into with Shopify on your side. Sign up for your $1 per month trial and start selling today@shopify.com slash Overtired. Go to shopify.com/ Overtired. What was that? Say it with me. shopify.com/ Overtired [00:26:00] cha. Uh, Brett: the, uh, the group, the group input on the last URL, I feel like we can charge extra for that. That was Jeff: Yeah. Cha-ching Brett: they got the chorus, they got the Overtired Christina: You did. You got the Overtired Jeff: They didn’t think to ask for it, but that’s our brand. Christina: shopify.com/ Overtired. Jeff Tweedy Jeff: What was, uh, I was watching a Stephen Colbert interview with Jeff Tweedy, who just put out a triple album and, uh, it was a very thoughtful, sweet interview. And then Stephen Colbert said, you know, you’re not supposed to do this. And Jeff Tweety said, it’s all part of my career long effort to leave the public wanting less. Christina: Ha, Jeff: That was a great bit. Christina: that’s a fantastic bit. A side note, there are a couple of really good NPR, um, uh, tiny desks that have come out in the last couple of month, uh, couple of weeks. Um, uh, one is shockingly, I, I’ll, I’ll just be a a, a fucking boomer about it. The Googo dolls. Theirs was [00:27:00] great. It’s fantastic. They did a great job. It already has like millions of views, like it wrecked up like over a million views, I think like in like, like less than 24 hours. They did a great job, but, uh, but Brandy Carlisle, uh, did one, um, the other day and hers is really, really good too. So, um, so yeah. Yeah, exactly. So yeah. Anyway, you said, you saying Jeff pd maybe, I don’t know how I got from Wilco to like, you know, there, Jeff: Yeah. Well, they’ve done some good, he’s done his own good Christina: he has, he has done his own. Good, good. That’s honestly, that’s probably what I was thinking of, but Jeff: It’s my favorite Jeff besides me because Bezos, he’s not in the, he’s not in the game. Christina: No. No, he’s not. No. Um, he, he’s, he’s not on the Christmas card list at all. Jeff: Oh man. Jeff’s Concert Marathon Jeff: Can I just tell you guys that I did something, um, I did something crazy a couple weeks ago and I went to three shows in one week, like I was 20 fucking two, Brett: Good grief. Jeff: and. It was a blast. So, okay, so the background of this is my oldest son [00:28:00] loves hip hop, and when we drive him to college and back, or when I do, it’s often just me. Um, he, he goes deep and he, it’s a lot of like, kind of indie hip hop and a lot. It’s just an interesting, he listens to interesting shit, but he will go deep and he’ll just like, give me a tour through someone’s discography or through all their features somewhere, whatever it is. And like, it’s the kind of input that I love, which is just like, I don’t, even if it’s not my genre, like if you’re passionate and you can just weave me through the interrelationship and the history and whatever it is I’m in. So as a result of that, made me a huge fan of Danny Brown and made me a huge fan of the sky, Billy Woods. And so what happened was I went to a hip hop show at the seventh Street entry, uh, which is attached to First Avenue. It’s a little club, very small, lovely little place, the only place my band could sell out. Um, and I watched a hip hop show there on a Monday night, Tuesday night. I went to the Uptown Theater, which Brett is now a actually an operating [00:29:00] theater for shows. Uh, and I, and I saw Danny Brown, but I also saw two hyper pop bands, a genre I was not previously aware of, including one, which was amazing, called Fem Tenal. And I was in line to get into that show behind furries, behind trans Kids. Like it was this, I was the weirdest, like I did not belong. Underscores played, and, and this will mean something to somebody out there, but not, didn’t mean anything to me until that night. And, uh. I felt like such, there were times, not during Danny Brown, Danny Brown’s my age all good. But like there were times where I was in the crowd ’cause I’m tall. Anybody that doesn’t know I’m very tall and I’m wearing like a not very comfortable or safe guy seeming outfit, a black hoodie, a black stocking cap. Like I basically looked like I’m possibly a shooter and, and I’m like standing among all these young people loving it, but feeling a little like, should I go to the back? Even like I was leaving that show [00:30:00] and the only people my age were people’s parents that were waiting to pick them up on the way out. So anyway, that was night two. Danny Brown was awesome. And then two nights later I went to see, this is way more my speed, a band called the Dazzling Kilman who were a band that. Came out in the nineties, St. Louis and a noisy Matthew Rock. Wikipedia claims they invented math rock. It’s a really stupid claim, uh, but it’s a lovely, interesting band and it’s a friend of mine named Nick Sakes, who’s who fronted that band and was in all these great bands back when I was in bands called Colos Mite and Sick Bay, and all this is great shit. So they played a reunion show. In this tiny punk rock club here called Cloudland, just a lovely little punk rock club. And, um, and, and that was like rounded out my week. So like, I was definitely, uh, a tourist the early part of the week, mostly at the Danny Brown Show. But then I like got to come home to my noisy punk rock [00:31:00] on, uh, on Thursday night. And I, I fucking did three shows and it hurt so bad. Like even by the first of three bands on the second night. I was like, I don’t think I can make it. And I do. I already pregame shows with ibuprofen. Just to be really clear, I microdose glucose tabs at shows like, like I am, I am a full on old man doing these things. But, um, I did get some cred with my kids for being at a hyper pop show all by myself. And, Christina: Hell yeah. A a Jeff: friends seemed impressed. Christina: no, as a as, as as they should be. I’m impressed. And like, and I, I, I typically like, I definitely go to like more of like, I go, I go to shows more frequently and, and I’m, I’m even like, I’m, I’m gonna be real with you. I’m like, yeah, three in one week. Jeff: That’s a lot. Christina: That’s a lot. That’s a lot. Jeff: man. Did I feel good when I walked home from that last show though? I was like, I fucking did it. I did not believe I wasn’t gonna bail on at least two of those shows, if not all three. Anyway, just wanted to say Brett: I [00:32:00] do like one show a year, but Jeff: that’s how I’ve been for years this year. I think I’ve seen eight shows. Brett: damn. Jeff: Yeah, it’s Brett: Alright, so you’ve been teasing us about this, this contest you won. Jeff: Yeah, please, Christina. Sorry to push that off. Christina: No, no, no, no. That’s, that’s completely okay. That, that, that, that’s great. Uh, no. Christina Wins Big Christina: So, um, I won two six K monitors. Brett: Damn. Jeff: is that what those boxes are behind you? Christina: Yeah, yeah. This is what the boxes are behind me, so I haven’t been able to get them up because this happened. I got them literally right in the midst of all this stuff with my back. Um, but I do have an Ergotron poll now that is here, and, and Grant has said that he will, will get them up. But yeah, so I won 2 32 inch six K monitors from a Reddit contest. Brett: How, how, how, Jeff: How does this happen? How do I find a Reddit contest? Christina: Yeah. So I got lucky. So I have, I, I have a clearly, well, well, um, there was a little, there was a little bit of like, other step to it than that, but like, uh, so how it worked was basically, um, LG is basically just put out [00:33:00] two, they put out a new 32 inch six K monitor. I’ll have it linked in, in, in the show notes. Um, so we’ve talked about this on this podcast before, but like one of my big, like. Pet peeve, like things that I can’t get past. It’s like I need like a retina screen. Like I need like the, the perfect pixel doubling thing for that the Mac Os deals with, because I’ve used a 5K screen, either through an iMac or um, an lg, um, ultra fine or, um, a, uh, studio display. For like 11 years. And, and I, and I’ve been using retina displays on laptops even longer than that. And so if I use like a regular 4K display, like it just, it, it doesn’t work for me. Um, you can use apps like, um, like better control and other things to kind of emulate, like what would be like if you doubled the resolution, then it, it down, you know, um, of samples that, so that. It looks better than, than if it’s just like the, the, the 4K stuff where in the, the user interface things are too big and whatnot. And to be clear, this is a Macco West problem. If [00:34:00] you are using Windows or Linux or any other operating system that does fractional scaling, um, correctly, then this is not a problem. But Macco West does not do fractional scaling direct, uh, correctly. Um, weirdly iOS can, like, they can do three X resolution and other things. Um, but, but, but Macs does not. And that’s weird because some of the native resolutions on some of the MacBook errors are not even perfectly pixeled doubled, meaning Apple is already having to do a certain amount of like resolution changes to, to fit into their own, created by their, their own hubris, like way of insisting on, on only having like, like two x pixel doubling 18 years ago, we could have had independent, uh, resolutions, uh, um, for, for UI elements and, and, and window bars. But anyway, I, I’m, I’m digressing anyway. I was looking at trying to get either a second, uh, studio display, which I don’t wanna do because Apple’s reportedly going to be putting out a new one. Um, and they’re expensive or getting, um, there are now a number of different six K [00:35:00] displays that are not $6,000 that are on the market. So, um, uh, uh, Asus has one, um, there is one from like a, a Chinese company called like, or Q Con that, um, looks like a, a complete copy of this, of the pro display XDR. It has a different panel, but it’s, it’s six K and they, they’ve copied the whole design and it’s aluminum and it’s glossy and it looks great, but I’d have to like get it from like. A weird distributor, and if I have any issues with it, I don’t really wanna have to send it back to China and whatnot. And then LG has one that they just put out. And so I’ve been researching these on, on Mac rumors and on some other forums. And, um, I, uh, I, somebody in one of the Mac Roomers forums like posted that there was like a contest that LG was running in a few different subreddits where they were like, tell us why you should get one of, like, we’re gonna be giving away like either one or two monitors, and I guess they did this in a few subreddits. Tell us why this would be good for your workflow. And, um, I guess I, I guess I’m one of the people who kind of read the [00:36:00] assignment because it, okay, I’ll just be honest with this, with, with you guys on this podcast, uh, because I, I don’t think anyone from LG will hear this and my answers were accurate anyway. But anyway, this was not the sort of contest where it was like we will randomly select a winner. This was the moderators and lg, were going to read the responses and choose the winner. Jeff: Got it. Christina: So if you spend a little bit of time and thoughtfully write out a response, maybe you stand a better chance of winning the contest. Jeff: yeah, yeah. Put the work in like it was 2002. Christina: Right. Anyway, I still was shocked when I like woke up like on like Halloween and they were like, congratulations, you’ve won two monitors. I’m like, I’m sorry. What? Jeff: That’s amazing. Christina: Yeah, yeah, yeah, Jeff: Nice work. I know I’ve, you know, I’ve been staring at those boxes behind you this whole time, just being like, those look like some sweet monitors. Christina: yeah, yeah. Monitor Setup Challenges Christina: I mean, and, uh, [00:37:00] uh, it’s, it’s, it’s, it’s, it’s, and I, I’m very much, so my, my, my only issue is, okay, how am I gonna get these on my desk? So I’m gonna have to do something with my iMac and I’m probably gonna have to get rid of my, my my, my 5K, um, uh, uh, studio display, at least in the short term. Ergotron Mounts and Tall Poles Christina: Um, but what I did do is I, um, I ordered from, um, Ergotron, ’cause I already have. Um, two of their, um, LX mounts, um, or, or, or, or arms. Um, and only one of them is being used right now. And then I have a different arm that I use for the, um, um, iMac. Um, they sell like a, if you call ’em directly, you can get them to send you a tall pole so that you can put the two arms on top of them. And that way I think I can like, have them so that I can have like one pole and then like have one on one side, one Jeff: I have a tall pole. Christina: and, and yeah, that’s what she said. Um, Jeff: as soon as I said it, I was like, for fuck’s sake. But Christina: um, but, uh, but, but yeah, but so that way I think I, I can, I, in theory, I can stack the market and have ’em side by side. I don’t know. Um, I got that. I, I had to call Tron and, and order that from them. [00:38:00] Um, it was only a hundred dollars for, for the poll and then $50 for a handling fee. Jeff: It’s not easy to ship a tall pole. Brett: That’s what she said. Christina: that is what she said. Uh, that is exactly what she said. But yeah, so I, I, the, the, the unfortunate thing is that, um, I, um, I, I had to, uh, get a, like all these, they, they came in literally right before Thanksgiving, and then I’ve had, like, all my back stuff has Jeff: Yeah, no Christina: debilitating, but I’m looking forward to, um, getting them set up and used. And, uh, yeah. Review Plans and Honest Assessments Christina: And then full review will be coming to, uh, to, I have to post a review on Reddit, but then I will also be doing a more in depth review, uh, on this podcast if anybody’s interested in, in other places too, to like, let let you know, like if it’s worth your money or not. Um, ’cause there, like I said, there are, there are a few other options out there. So it’s not one of those things where like, you know, um, like, thank you very much for the free monitor, um, monitors. But, but I, I will, I will give like the, the, you know, an honest assessment or Current Display Setup Brett: So [00:39:00] do you currently have a two display setup? Christina: No. Um, well, yes, and kind of, so I have my, my, I have my 5K studio display, and then I have like my iMac that I use as a two to display setup. But then otherwise, what I’ve had to do, and this is actually part of why I’m looking forward to this, is I have a 4K 27 inch monitor, but it’s garbage. And it, it’s one of those things where I don’t wanna use it with my Mac. And so I wind up only using it with my, with my Windows machine, with my framework desktop, um, with my Windows or Linux machine. And, and because that, even though I, it supports Thunderbolt, the Apple display is pain in the ass to use with those things. It doesn’t have the KVM built in. Like, it doesn’t like it, it just, it’s not good for that situation. So yeah, this will be of this size. I mean, again, like I, I, I’m 2 32 inch monitors. I don’t know how I’m gonna deal with that on my Jeff: I Brett: yeah. So right now I’m looking at 2 32 inch like UHD monitors, Christina: Yeah,[00:40:00] Brett: I will say that on days when my neck hurts, it sucks. It’s a, it’s too wide a range to, to like pan back and forth quickly. Like I’ll throw my back out, like trying to keep track of stuff. Um, but I have found that like if I keep the second display, just like maybe social media apps is the way I usually set it up. And then I only work on one. I tried buying an extra wide curve display, hated it. Jeff: Uh, I’ve always wanted to try one, but Christina: I don’t like them. Jeff: Yeah. Christina: Well, for me, well for me it’s two things. One, it’s the, I don’t love the whole like, you know, thing or whatever, but the big thing honestly there, if you could give me, ’cause people are like, oh, you can get a really big 5K, 2K display. I’m like, that’s not a 5K display. That is 2 27 inch, 1440 P displays. One, you know, ultra wide, which is great. Good for you. That’s not retina. And I’m a sicko Who [00:41:00] needs the, the pixel doubling? Like I wish that my eyes could not use that, but, but, but, Jeff: that needs the pixel. Like was that the headline of your Reddit, uh, Christina: no, no. It wasn’t, it wasn’t. But, but maybe it should be. Hi, I’m a sicko who only, um, fucks with, with, with, with, with, with, with retina displays. Ask me anything. Um, but no, but that’s a good point. Brett: I think 5K Psycho is the Christina: 5K Sicko is the po is the po title. I like that. I like that. No, what I’m thinking about doing and that’s great to know, Brett. Um, this kind of reaffirms my thing. Thunderbolt KVM and Display Preferences Christina: So what’s nice about these monitors is that they come with like, built in like, um, Thunderbolt 5K VM. So, which is nice. So you could conceivably have multiple, you know, computers, uh, connected, you know, to to, to one monitor, which I really like. Um, I mean like, ’cause like look, I, I’ve bitched and moaned about the studio display, um, primarily for the price, but at the same time, if mine broke tomorrow and if I didn’t have any way to replace it, I’ve, I’ve also gone on record saying I would buy a new one immediately. As mad as I am about a [00:42:00] lot of different things with that, that the built-in webcam is garbage. The, you know, the, the fact that there’s not a power button is garbage. The fact that you can’t use it with multiple inputs, it’s garbage. But it’s a really good display and it’s what I’m used to. Um, it’s really not any better than my LG Ultra fine from 2016. But you know what? Whatever it is, what it is. Um. I, I am a 5K sicko, but being able to, um, connect my, my personal machine and my work machine at the same time to one, and then have my Windows slash Linux computer connected to another, I think that’s gonna be the scenario where I’m in. So I’m not gonna necessarily be in a place where I’m like, okay, I need to try to look at both of them across 2 32 inch displays. ’cause I think that that, like, that would be awesome. But I feel like that’s too much. Brett: I would love a decent like Thunderbolt KVM setup that could actually swap like my hubs back and Christina: Yes. MacBook Pro and Studio Comparisons Brett: Um, so, ’cause I, I have a studio and I have my, uh, Infor MacBook Pro [00:43:00] and I actually work mostly on the MacBook Pro. Um, but if I could easily dock it and switch everything on my desk over to it, I would, I would work in my office more often. ’cause honestly, the M four MacBook Pro is, it’s a better machine than the original studio was. Um, and I haven’t upgraded my studio to the latest, but, um, I imagine the new one is top notch. Christina: Oh yeah. Yeah. Brett: my, my other one, a couple years old now is already long in the tooth. Christina: No, I mean, they’re still good. I mean, it’s funny, I saw that some YouTube video the other day where they were like, the best value MacBook you can get is basically a 4-year-old M1 max. And I was like, I don’t know about that guys. Like, I, I kind of disagree a little bit. Um, but the M1 max, which is I think is what is in the studio, is still a really, really good ship. But to your point, like they’ve made those, um. You know, the, the, the new ones are still so good. Like, I have an M three max as my personal laptop, and [00:44:00] that’s kind of like the dog chip in the, in the m um, series lineup. So I kind of am regretful for spending six grand on that one, but it is what it is, and I’m like, I’m not, I’m not upgrading. Um, I mean, maybe, maybe in, in next year if, if the M five Pro, uh, or M five max or whatever is, is really exceptional, maybe I’ll look at, okay, how much will you give me to, to trade it in? But even then, I, I, but I feel like I’m at that point where I’m like, it gets to a point where like it’s diminishing returns. Um, but, uh, just in terms of my own budget. But, um, yeah, the, the new just info like pro or or max, whatever, Brett: I have, I have an M four MacBook Pro sitting around that I keep forgetting to sell. Uh, it’s the one that I, it only had a 256 gigabyte hard drive, Jeff: what happened to me when I bought my M1, Brett: and I, and I regretted that enough that I just ordered another one. But, uh, for various reasons, I couldn’t just return the one I didn’t Jeff: ’cause it was.[00:45:00] Brett: so now I, now I have to sell it and I should sell it while it’s still a top of the line machine Christina: Sell it before, sell, sell, sell, sell it before next month, um, or, or February or whenever they sell it before then the, the pros come out. ’cause right now the M five base is out, but the pros are not. So I think feel like you could still get most of your value for it, especially since it has very few battery cycles. Be sure to put the battery cycles on your Facebook marketplace or eBay thing or whatever. Um, I bought my, uh, she won’t listen to this so she won’t know, but, um, they, there was a, a killer Cyber Monday deal, uh, for Best Buy where they had like a, the, the, the, so it’s several years old, but it was the, the M two MacBook Air, but the one that they upgraded to 16 gigs of Ram when Apple was like, oh, we have to have Apple Intelligence and everything, because they actually thought that they were actually gonna ship Apple Intelligence. So they like went back and they, like, they, they, you know, retconned like made the base model MacBook Air, like 16 [00:46:00] gigs. Um, and, uh, anyway, it was, it was $600, um, Jeff: still crazy. Christina: which, which like even for like a, a, a 2-year-old machine or whatever, I was like, yeah, she, my sister, I think she’s on like, like a 2014 or older than that. Like, like MacBook Air. She doesn’t even know where the MagSafe is. I don’t think she even knows where the laptop is. So she’s basically doing everything like on her phone and I’m like, okay, you need a laptop of some type, but at this point. I do feel strongly that like the, the, the $600 or, or, or actually I think it was $650, it was actually less, it is actually more expensive than what the, the, the Cyber Monday sale was, um, the M1, Walmart, MacBook Air. I’m like, absolutely not like that is at this point, do not buy that. Right? Like, I, especially with eight gigs of ram, I’m, I’m like, it’s been, it’s five years old. It’s a, it was a great machine and it was great value for a long time. $200. Cool, right? Like, if you could get something like use and, and, and, and if you could replace the battery or, you know, [00:47:00] for, for, you know, not, not too much money or whatever. Like, I, I, I could see like an argument to be made like value, right? But there’d be no way in hell that I would ever spend or tell anybody else to spend $650 on that new, but $600 for an M two with Jeff: Now we’re talking. Christina: which has the redesign brand new. I’m like, okay. Spend $150 more and you could have got the M four, um, uh, MacBook Air, obviously all around Better Machine. But for my sister, she doesn’t need that, Jeff: What do we have to do to put your sister in this M two MacBook Christina: that, that, that, that, that, that’s exactly it. So I, I, I was, well, also, it was one of those things I was like, I think that she would rather me spend the money on toys for my nephew for Santa Claus than, than, uh, giving her like a, a processor upgrade. Um, Jeff: Claus isn’t real. Brett: Oh shit. Jeff: Gotcha. Every year I spoil it for somebody. This year it was Christina and Brett. Sorry guys. Brett: right. Well, can I tell you guys Jeff: Yeah. [00:48:00] Brett Software. Brett: two quick projects before we do Jeff: Hold on. You don’t have to be quick ’cause you could call it Brett: We’re already at 45 minutes and I want Jeff: What I’m saying, skip GrAPPtitude. This is it? Brett: okay. Christina: us about Mark. Tell us about your projects. Brett: So, so Mark three is, there’s a public, um, test flight beta link. Uh, if you go to marked app.com, not marked two app.com, uh, marked app.com. Uh, you, there’s a link in the, in the, at the top for Christina: Join beta. Mm-hmm. Brett: Um, and that is public and you can join it and you can send me feedback directly through email because, um, uh, uh, the feedback reporter sucks for test flight and you can’t attach files. And half the time they come through as anonymous feedback and I can’t even follow up on ’em. So email me. But, um, I’ll be announcing that on my blog soon-ish. Um, right now there’s like [00:49:00] maybe a couple dozen, um, testers and I, it’s nice and small and I’m solving the biggest bugs right away. Um, so that’s been, that’s been big. Like Mark, even since we last talked has added. Do you remember Jeff when Merlin was on and he wanted to. He wanted to be able to manage his styles, um, and disable built-in styles. There’s now a whole table based style manager where you Jeff: saw that. Brett: you can, you can reorder, including built-in styles. You can reorder, enable, disable, edit, duplicate. Um, it’s like a full, full fledged, um, style manager. And I just built a whole web app that is a style generator that gives you, um, automatic like rhythm calculations for your CSS and you can, you can control everything through like, uh, like UI fields instead of having to [00:50:00] write CSS. Uh, but you can also o open up a very, I’ve spent a lot of time on the code mirror CSS editor in the web app. Uh, so, and it’s got live preview as you edit in the code mirror field. Um, so that’s pretty cool. And that’s built into marts. So if you go to style, um, generate style, it’ll load up a, a style generator for you. Anyway, there’s, there’s a ton. I’m not gonna go into all the details, but, uh, anyone listening who uses markdown for anything, especially if you want ability to export to like Word and epub and advanced PDF export, um, join the beta. Let me know what you think. Uh, help me squash bugs. But the other thing, every time I push a beta for review before the new bug reports come in, I’ve been putting time into a tool. Markdown Processor: Apex Brett: I’m calling [00:51:00] Apex and um, I haven’t publicly announced this one yet, but I probably will by the time this podcast comes out. Jeff: I mean, doesn’t this count? Brett: It, it does. I’m saying like this, this might be a, you hear you heard it here first kind of thing, um, but if you go to github.com/tt sc slash apex, um, I built a, uh, pure C markdown processor that combines syntax from cram down GitHub flavored markdown, multi markdown maku, um, common mark. And basically you can write syntax from any of those processors, including all of their special features, um, and in one document, and then use Apex in its unified mode, and it’ll just figure out what. All of your syntax is supposed to do. Um, so you can take, you can port documents from one platform to another [00:52:00] without worrying about how they’re gonna render. Um, if I can get any kind of adoption with Apex, it could solve a lot of problems. Um, I built it because I want to make it the default processor in marked ’cause right now, you, you have to choose, you know, cram Christina: Which one? Brett: mark and, and choosing one means you lose something in order to gain something. Um, so I wanted to build a universal one that brought together everything. And I added cool features from some extensions of other languages, such as if you have two lists in a row, normally in markdown, it’s gonna concatenate those into one list. Now you can put a carrot on a line between the two lists and it’ll break it into two lists. I also added support for a. An extension to cram down that lets you put double uh, carrots inside a table cell and [00:53:00] create a row band. So like a cell that, that expands it, you rows but doesn’t expand the rest of the row. Um, so you can do cell spans and row spans and it has a relaxed table version where you don’t have to have an alignment row, which is, uh, sometimes we just wanna make quickly table. You make two lines. You put some pipes in. This will, if there’s no alignment row, it will generate a table with just a table body and table data cells in no header. It also allows footers, you can add a footer to a table by using equals in the separator line. Um, it, it’s, Jeff: This is very civilized, Brett: it is. Christina: is amazing, Brett: So where Common Mark is extremely strict about things, um, apex is extremely permissive. Jeff: also itty bitty things like talk about the call out boxes from like Brett: oh yeah, it, it can handle call out syntax from Obsidian and Bear and Xcode Playgrounds. [00:54:00] Um, and it incorporates all of Mark’s syntax for like file includes and even renders like auto scroll pauses that work in marked and some other teleprompter situations. Um, it uses file ude syntax from multi markdown, like, which is just like a curly brace and, uh, marked, which is, uh, left like a double left, uh, angle bracket and then different. Brackets to surround a file name and it handles IA writer file inclusion where you just type a forward slash and then the name of a file and it automatically detects if that file is an image or source code or markdown text, and it will import it accordingly. And if it’s a CSV file, it’ll generate a table from it automatically. It’s, it’s kind of nuts. I, it’s kind of nuts. I could not have done this [00:55:00] without copilot. I, I am very thankful for copilot because my C skills are not, would not on their own, have been up to this task. I know enough to bug debug, but yeah, a lot of these features I got a big hand from copilot on. Jeff: This is also Brett. This is some serious Brett Terpstra. TURPs Hard Christina: Yeah, it is. I was gonna say, this is like Jeff: and also that’s right. Also, if your grandma ever wrote you a note and it, and though you couldn’t really read it, it really well, that renders perfectly Christina: Amazing. No, I was gonna say this is like, okay, so Apex is like the perfect name ’cause this is the apex of Brett. Jeff: Yes. Apex of Brett. Christina: That’s also that, that’s, that’s not an alternate episode title Apex of Brett. Because genuinely No, Brett, like I am, I am so stunned and impressed. I mean, you all, you always impressed me like you are the most impressive like developer that I, that I’ve ever known. But you, this is incredible. And, and this, I, I love this [00:56:00] because as you said, like common Mark is incredibly strict. This is incredibly permissive. But this is great. ’cause there are those scenarios where you might have like, I wanna use one feature from one thing or one from another, or I wanna combine things in various ways, or I don’t wanna have to think about it, you know? Brett: I aals, I forgot to mention I aals inline attribute list, which is a crammed down feature that lets you put curly brackets after like a paragraph and then a colon and then say, dot call out inside the curly brackets. And then when it renders the markdown, it creates that paragraph and adds class equals call out to the paragraph. Um, and in, in Cramon you can apply these to everything from list items to list to block quotes. Like you can do ’em for spans. You could like have one after, uh, link syntax and just apply, say dot external to a link. So the IAL syntax can add IDs classes and uh, arbitrary [00:57:00] attributes to any element in your markdown when it renders to HTML. And, uh, and Apex has first class support for I aals. Was really, that was, that Christina: that was really hard, Brett: I wrote it because I wanted, I wanted multi markdown, uh, for my prose writing, but I really missed the als. Christina: Yes. Okay. Because see, I run into this sort of thing too, right? Because like, this is a problem like that. I mean, it’s a very niche problem, um, that, that, you know, people who listen to this podcast probably are more familiar with than other types of people. But like, when you have to choose your markdown processor, which as you said, like Brett, like that can be a problem. Like, like with, with using Mark or anything else, you’re like, what am I giving up? What do I have? And, and like for me, because I started using mul, you know, markdown, um, uh, largely because of you, um, I think I was using it, I knew about it before you, but largely because of, of, of you, like multi markdown has always been like kind of my, or was historically my flavor of choice. It has since shifted to being [00:58:00] GitHub, labor bird markdown. But that’s just because the industry has taken that on, right? But there were, you know, certain things like in like, you know, multi markdown that work a certain way. And then yeah, there are things in crammed down. There are things in these other things in like, this is just, this is awesome. This Brett: It is, the whole thing is built on top of C mark, GFM, which is GitHub’s port of common mark with the GitHub flavored markdown Christina: Right. Brett: Um, and I built, like, I kept that as a sub-module, totally clean, and built all of this as extensions on top of Cmar, GFM, which, you know, so it has full compatibility with GitHub and with Common Merck by out, like outta the box. And then everything else is built on top of that. So it, uh, it covers, it covers all the bases. You’ll love it Christina: I’m so excited. No, this is awesome. And I Brett: blazing fast. It can render, I have a complex document that, that uses all of its features and it can render it in [00:59:00] 0.006 seconds. Christina: that’s awesome. Jeff: Awesome. Christina: That’s so cool. No, this is great. And yeah, I, and I think that honestly, like this is the sort of thing like if, yeah, if you can eventually get this to like be like the engine that powers like mark three, like, that’ll be really slick, right? Because then like, yeah, okay, I can take one document and then just, you know, kind of, you know, wi with, with the, you know, ha have, have the compatibility mode where you’re like, okay, the unified mode or whatever yo

Kent Beck: You're Ignoring Optionality… and Paying for ItIn this episode of Maintainable, Robby speaks with Kent Beck, a foundational voice in modern software development and author of Tidy First?. Kent joins from California to explore why optionality is a central, often underestimated dimension of maintainable software.Kent begins by describing the tension between features and future flexibility. Shipping new capabilities is easy to measure. Creating options for what comes next is not. That imbalance is where maintainability either flourishes or collapses. Senior developers in particular must learn to navigate this tension because they have lived through the consequences when no one does.They reflect on how cost models have shifted across the last five decades. Early in Kent's career, computers were expensive and programmers were cheap. Today the balance often flips depending on scale. At massive scale, electricity and compute time become meaningful costs again. That variability shapes whether teams optimize for hardware efficiency or developer efficiency.Episode Highlights[00:00:46] The Two Forms of Software ValueKent explains why software value comes from both current features and the options you preserve for future work. He describes optionality as the invisible half of maintainability.[00:03:35] When Computers Become “Expensive” AgainRobby and Kent revisit the shift from hardware-optimized development to developer-optimized development and how large-scale systems have reintroduced compute cost pressures.[00:07:25] Why the Question Mark in Tidy First?Kent shares why tidying is always a judgment call and why he put a question mark in the title.[00:10:14] The Real Cost of Speculative FlexibilityThey discuss why adding configurability too early creates waste and why waiting until just before you need it increases value.[00:13:46] Making Hard Changes EasyKent outlines his guiding idea. When you face a difficult change, make the change easy first, then make the easy change.[00:17:08] The Feature SawKent explains his features versus options graph and how teams repeatedly burn optionality until they hit zero. At that point, forward movement becomes painful.[00:19:37] Why 100 Percent Utilization Is a TrapKent discusses how queuing theory shows that full utilization pushes wait times toward infinity. Overcommitted teams have no room for design work.[00:22:44] Split Teams Do Not Solve the ProblemRobby talks about consulting scenarios where “tidy teams” and “feature teams” are separated. Kent argues that this splits incentives and prevents optionality from being sustained.[00:26:15] Structure and Behavior Should Not Ship TogetherKent describes why feature changes are irreversible, structure changes are reversible, and why combining them increases risk for everyone.[00:30:37] Tidying Reveals IntentWhile cleaning up structure, developers often uncover logic flaws or misunderstandings that were previously hidden.[00:32:00] When Teams Discourage TestingKent shares stories about environments where developers were punished for refactoring or writing tests. He explains why building career options is essential in those situations.[00:37:57] Why Tidying Is an Ethical ObligationKent reframes optionality as a moral responsibility. No one should make work harder for the next person who touches the code.[00:41:33] Succession and SlicingKent describes how nearly every structural change can be broken into small, safe steps, even when the change first appears atomic.[00:47:00] A Small Habit to Start TodayKent suggests adding a blank line to separate conceptual chunks in long functions. It is a small step that improves clarity immediately.Resources MentionedTidy First? by Kent BeckKent Beck on SubstackThe Timeless Way of Building by Christopher AlexanderThanks to Our Sponsor!Turn hours of debugging into just minutes! AppSignal is a performance monitoring and error-tracking tool designed for Ruby, Elixir, Python, Node.js, Javascript, and other frameworks.It offers six powerful features with one simple interface, providing developers with real-time insights into the performance and health of web applications.Keep your coding cool and error-free, one line at a time! Use the code maintainable to get a 10% discount for your first year. Check them out! Subscribe to Maintainable on:Apple PodcastsSpotifyOr search "Maintainable" wherever you stream your podcasts.Keep up to date with the Maintainable Podcast by joining the newsletter.

Empromptu claims all a user has to do is tell the platform's AI chatbot what they want — like a new HTML or JavaScript app — and the AI will go ahead and build it. Pebble founder Eric Migicovsky is expanding his company's device lineup with a new smart wearable: an AI-powered smart ring known as Index 01. Learn more about your ad choices. Visit podcastchoices.com/adchoices

In dieser Revision sprechen wir mit unserem Gast Manuel Matuzović über moderne HTML-Praktiken, alte Muster, die sich hartnäckig halten, und darüber, warum manche Links eigentlich Buttons sein sollten.…

This week TanStack joins the AI wars with the alpha release of TanStack AI: an open-source AI SDK with a unified interface across multiple providers. TanStack AI is an open-source ecosystem of libraries and standards, and it is client, server, and AI provider agnostic, to make building AI-enabled apps accessible to all.In a surprise move, AI company Anthropic acquires JavaScript runtime Bun to accelerate its development of Claude Code. Apparently, Bun has been central to Claude Code reaching $1 billion in run-rate revenue in just six months, and Anthropic's brought the team in house to keep the momentum going.And it's been another rough week for security in JavaScript. First, a new self-replicating, credential stealing malware attack, dubbed Shai-Hulud 2.0, swept the npm ecosystem and compromised 800 npm packages in the process, and then a critical security vulnerability was discovered for any React projects using React Server Components. Just remember to lock down your dependencies and install those patches ASAP, folks.Timestamps:1:22 - TanStack AI9:12 - Anthropic buys Bun21:03 - Shai-Hulul 2.0 on npm and an RSC vulnerability30:23 - What's making us happyNews:Paige - Shai-Hulud 2.0 on npm and RSC vulnerabilityJack - TanStack AITJ - Anthropic buys Bun (Bun post) (Anthropic post)What Makes Us Happy this Week:Paige - The Durrells TV seriesJack - Essentialism bookTJ - Dungeon Crawler Carl book seriesThanks as always to our sponsor, the Blue Collar Coder channel on YouTube. You can join us in our Discord channel, explore our website and reach us via email, or talk to us on X, Bluesky, or YouTube.Front-end Fire websiteBlue Collar Coder on YouTubeBlue Collar Coder on DiscordReach out via emailTweet at us on X @front_end_fireFollow us on Bluesky @front-end-fire.comSubscribe to our YouTube channel @Front-EndFirePodcast

C'est une plainte devenue quasi quotidienne chez les joueurs comme chez les télétravailleurs : Discord consomme de plus en plus de mémoire vive. La plateforme de chat vocal et textuel confirme aujourd'hui ce que beaucoup constataient déjà : lorsque plusieurs serveurs sont ouverts, l'application peut dépasser les 4 gigaoctets de RAM, au point de ralentir sérieusement Windows 11 et les jeux lancés en parallèle.Face à la grogne, Discord teste désormais une solution radicale : surveiller sa propre consommation de mémoire… et se relancer automatiquement lorsqu'elle dépasse un seuil critique. L'objectif est simple : libérer de la RAM pour éviter que la machine ne suffoque. Une mesure présentée comme un garde-fou, mais qui révèle surtout l'ampleur du problème. Cette gourmandise n'est pas qu'une question d'usage intensif. Discord repose sur le framework Electron, qui embarque en réalité un navigateur complet basé sur Chromium. Autrement dit, chaque fenêtre de discussion fonctionne comme une page web à part entière, avec son moteur JavaScript, ses composants, ses modules. Dans des conditions dites « normales », l'application flirte déjà avec le gigaoctet de mémoire. Et après plusieurs heures d'utilisation, entre appels vocaux, partages d'écran et navigation frénétique, la consommation peut exploser.Les développeurs reconnaissent d'ailleurs l'existence de fuites de mémoire. Neuf ont été corrigées ces derniers mois, permettant une réduction d'environ 5 % pour les profils les plus gourmands. Un progrès, certes, mais encore loin de transformer Discord en logiciel léger. D'où cette nouvelle expérimentation : si l'application dépasse 4 Go de RAM, qu'elle tourne depuis plus d'une heure, que l'utilisateur est inactif depuis trente minutes et qu'aucun appel n'est en cours, alors Discord se ferme… puis redémarre automatiquement. L'opération ne peut se produire qu'une fois toutes les 24 heures pour éviter les interruptions en boucle.Sur le papier, la mécanique est rassurante. Dans la pratique, elle ressemble surtout à un pansement posé sur une architecture lourde. Et Discord est loin d'être un cas isolé. D'autres applications comme Microsoft Teams ou la nouvelle version de WhatsApp pour Windows affichent elles aussi des consommations démesurées. Le problème devient d'autant plus sensible que le prix de la mémoire vive remonte. Tout le monde ne peut pas se permettre d'ajouter 16 Go de RAM pour suivre la course aux logiciels XXL. Entre applications toujours plus lourdes et matériel plus cher, les configurations modestes plient rapidement. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Nick Nisi joins us to dig into the latest trends from this year and how they're impacting his day-to-day coding and Vision Pro wearing. Anthropic's acquisition of Bun, the evolving JavaScript and AI landscape, GitHub's challenges and the AMP/Sourcegraph split. They dive into AI development practices, context management, voice assistants, Home Assistant OS and home automation, the state of the AI browser war, and we close with a prediction from Nick.

Mazen and Jamon chat with Simon Grimm about his move from Ionic pioneer to React Native creator. Simon highlights key cross-platform trends, why React Native's future looks exciting, and how he supports developers through Galaxies.dev. Show NotesSimon Grimm's podcast, Rocket Ship: https://podcast.galaxies.devZero to Hero, Launch Your First Real Mobile App in 30 Days: https://galaxies.dev/missions/zero-to-hero  Connect With Us!Simon Grimm: @schlimmsonMazen Chami: @mazenchamiJamon Holmgren: @jamonholmgrenReact Native Radio: @ReactNativeRdioThis episode is brought to you by Infinite Red!Infinite Red is an expert React Native consultancy located in the USA. With over a decade of React Native experience and deep roots in the React Native community (hosts of Chain React and the React Native Newsletter, core React Native contributors, creators of Ignite and Reactotron, and much, much more), Infinite Red is the best choice for helping you build and deploy your next React Native app.

This is a recap of the top 10 posts on Hacker News on December 04, 2025. This podcast was generated by wondercraft.ai (00:30): It's time to free JavaScript (2024)Original post: https://news.ycombinator.com/item?id=46145365&utm_source=wondercraft_ai(01:55): Why are 38 percent of Stanford students saying they're disabled?Original post: https://news.ycombinator.com/item?id=46150715&utm_source=wondercraft_ai(03:20): PGlite – Embeddable PostgresOriginal post: https://news.ycombinator.com/item?id=46146133&utm_source=wondercraft_ai(04:46): How elites could shape mass preferences as AI reduces persuasion costsOriginal post: https://news.ycombinator.com/item?id=46145180&utm_source=wondercraft_ai(06:11): Average DRAM price in USD over last 18 monthsOriginal post: https://news.ycombinator.com/item?id=46142100&utm_source=wondercraft_ai(07:36): I ignore the spotlight as a staff engineerOriginal post: https://news.ycombinator.com/item?id=46146451&utm_source=wondercraft_ai(09:02): Unreal Tournament 2004 is backOriginal post: https://news.ycombinator.com/item?id=46145834&utm_source=wondercraft_ai(10:27): Transparent leadership beats servant leadershipOriginal post: https://news.ycombinator.com/item?id=46147540&utm_source=wondercraft_ai(11:52): Microsoft drops AI sales targets in half after salespeople miss their quotasOriginal post: https://news.ycombinator.com/item?id=46148748&utm_source=wondercraft_ai(13:18): RAM is so expensive, Samsung won't even sell it to SamsungOriginal post: https://news.ycombinator.com/item?id=46147353&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

Nick Nisi joins us to dig into the latest trends from this year and how they're impacting his day-to-day coding and Vision Pro wearing. Anthropic's acquisition of Bun, the evolving JavaScript and AI landscape, GitHub's challenges and the Amp/Sourcegraph split. We dive into AI development practices, context management, voice assistants, Home Assistant OS and home automation, the state of the AI browser war, and we close with a prediction from Nick.

Im Podcast kränkelt's: Bei Cloudflare gab es einen dreistündigen Schluckauf, der Co-Host hat Hustenanfälle und Würmer befielen mal wieder NPM. Christopher und Sylvester schauen sich ausgiebig an, was die zweite Ausgabe der Javascript-Schadsoftware "Sha1-Hulud" anders macht als die erste und befassen sich auch noch einmal mit "Glassworm", einem Thema der letzten Folgen. Dort ist im Nachhinein unklar, ob es sich tatsächlich um einen Wurm handelt oder vielleicht eher ein Botnet, wie Christopher mutmaßt. Doch auch der dreistündige Ausfall bei Cloudflare steht auf der Tagesordnung - mit ungewohnt viel Lob der Hosts! - und ob Whatsapp wirklich das größte Datenleck der Geschichte hatte, ergründen die beiden heise-Redakteure ebenfalls. - Cloudflare zum Ausfall am 18. November: https://blog.cloudflare.com/18-november-2025-outage/ - Threema zum WhatsApp-Scraping: https://threema.com/de/blog/whatsapp-datenleck-2025 - Trend Micros technische Analyse von Shai Hulud 2.0: https://www.trendmicro.com/en_us/research/25/k/shai-hulud-2-0-targets-cloud-and-developer-systems.html - Expel zu Cache Smuggling: https://expel.com/blog/cache-smuggling-when-a-picture-isnt-a-thousand-words/ - Folgt uns im Fediverse: - @christopherkunz@chaos.social - @syt@social.heise.de

Episode Highlights[00:00:48] What Makes Software MaintainableDon explains why unnecessary complexity is the biggest barrier to maintainability, drawing on themes from A Philosophy of Software Design.[00:03:14] The Cost of Clever AbstractionsA real story from a Node.js API shows how an unused abstraction layer around MongoDB made everything harder without delivering value.[00:04:00] Shaping Teams and Developer ToolsDon describes the structure of the Search Craft engineering team and how the product grew out of recurring pain points in client projects.[00:06:36] Reducing Complexity Through SDK and Infra DesignWhy Search Craft intentionally limits configuration to keep setup fast and predictable.[00:08:33] Lessons From ConsultingRobby and Don compare consulting and product work, including how each environment shapes developers differently.[00:15:34] Inherited Software and Abandoned DependenciesDon shares the problems that crop up when community packages fall behind—especially in ecosystems like React Native.[00:18:00] Evaluating Third-Party LibrariesSignals Don looks for before adopting a dependency: adoption, update cadence, issue activity, and whether the library is “done.”[00:19:40] Designing Code That Remains UnderstandableWhy clear project structure and idiomatic naming matter more than cleverness.[00:20:29] RFCs as a Cultural AnchorHow Don's team uses RFCs to align on significant changes and avoid decision churn.[00:23:00] Documentation That Adds ContextDocumentation should explain why, not echo code. Don walks through how his team approaches this.[00:24:11] Type Systems and MaintainabilityHow Don's journey from PHP and JavaScript to TypeScript and Rust changed his approach to structure and communication.[00:27:05] Testing With TypesStable type contracts make tests cleaner and less ambiguous.[00:27:45] Building Trust in AI SystemsDon discusses repeatability, hallucinations, and why tools like MCP matter for grounding LLM behavior.[00:29:28] AI in Developer ToolsSearch Craft's MCP server lets developers talk to the platform conversationally instead of hunting through docs.[00:33:21] Improving Legacy Systems SlowlyThe Strangler pattern as a practical way to replace old systems one endpoint at a time.[00:34:11] Deep Work and Reducing Reactive NoiseDon encourages developers to carve out time for uninterrupted thinking rather than bouncing between notifications.[00:36:09] Measuring ProgressBuild times, test speeds, and coverage provide signals teams can use to track actual improvement.[00:38:24] Changing Opinions Over a CareerWhy Don eventually embraced TypeScript after originally writing it off.[00:39:15] Industry Trends and Repeating CyclesSPAs, server rendering, and the familiar pendulum swing in web architecture.[00:41:26] Experimentation and Team AutonomyHow POCs and side projects surface organically within Don's team.[00:44:42] Growing Skills Through Intentional GoalsSetting learning targets in 1:1s to support long-term developer growth.[00:47:19] Where to Find DonLinkedIn, Blue Sky, and his site: donmckinnon.dev.Resources MentionedA Philosophy of Software Design by John OusterhoutJohn Ousterhout's Maintainable.fm Interview (Episode 131)Search CraftElasticAlgoliaWordPress Plugin DirectoryRequest for Comments (RFC)Strangler Fig PatternC2 WikiModel Context Protocol (MCP)Glam AIAubrey/Maturin Series by Patrick O'BrianMaster and Commanderdonmckinnon.devThanks to Our Sponsor!Turn hours of debugging into just minutes! AppSignal is a performance monitoring and error-tracking tool designed for Ruby, Elixir, Python, Node.js, Javascript, and other frameworks.It offers six powerful features with one simple interface, providing developers with real-time insights into the performance and health of web applications.Keep your coding cool and error-free, one line at a time! Use the code maintainable to get a 10% discount for your first year. Check them out! Subscribe to Maintainable on:Apple PodcastsSpotifyOr search "Maintainable" wherever you stream your podcasts.Keep up to date with the Maintainable Podcast by joining the newsletter.

Kubernetes has relied on role-based access control (RBAC) since 2017, but its simplicity limits what developers can express, said Micah Hausler, principal engineer at AWS, on The New Stack Makers. RBAC only allows actions; it can't enforce conditions, denials, or attribute-based rules. Seeking a more expressive authorization model for Kubernetes, Hausler explored Cedar, an authorization engine and policy language created at AWS in 2022 and later open-sourced. Although not designed specifically for Kubernetes, Cedar proved capable of modeling its authorization needs in a concise, readable way. Hausler highlighted Cedar's clarity—nontechnical users can often understand policies at a glance—as well as its schema validation, autocomplete support, and formal verification, which ensures policies are correct and produce only allow or deny outcomes.Now onboarding to the CNCF sandbox, Cedar is used by companies like Cloudflare and MongoDB and offers language-agnostic tooling, including a Go implementation donated by StrongDM. The project is actively seeking contributors, especially to expand bindings for languages like TypeScript, JavaScript, and Python.Learn more from The New Stack about Cedar:Ceph: 20 Years of Cutting-Edge Storage at the Edge The Cedar Programming Language: Authorization SimplifiedJoin our community of newsletter subscribers to stay on top of the news and at the top of your game.  Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Scott and CJ sit down live at JSNation NYC with Iwo Plaza, creator of TypeGPU, to dig into how WebGPU is unlocking a new wave of graphics and compute power on the web. They chat about shader authoring in TypeScript, the future of GPU-powered AI in the browser, and what it takes to build a killer developer-friendly graphics library. Show Notes 00:00 Welcome to Syntax! 00:32 What is TypeGPU? High-level overview and why it exists 01:20 WebGPU vs WebGL – the new era of GPU access on the web 01:47 Why shader languages are hard + making them accessible 02:24 Iwo's background in C++, OpenGL, and discovering JS 03:06 Sharing graphics work on the web vs native platforms 03:29 WebGPU frustrations that inspired TypeGPU 04:17 Making GPU–CPU data exchange easier with Zod-like schemas 05:01 Writing shaders in JavaScript + the unified type system 05:38 How the “use_gpu” directive works under the hood 06:05 Building a compiler that turns TypeScript into shader code 07:00 Type inference, primitives, structs, and TypeScript magic 08:21 Leveraging existing tooling via Unplugin + bundler integration 09:15 How TypeGPU extracts ASTs and generates TinyEST metadata 10:10 Runtime shader generation vs build-time macros 11:07 How the AST is traversed + maintaining transparency in output 11:43 Example projects like Jelly Shader and community reception 12:05 Brought to you by Sentry.io 12:30 Does TypeGPU replace 3JS? How it fits the existing ecosystem 13:20 Low-level control vs high-level abstractions 14:04 Upcoming Three.js integration – plugging TypeGPU into materials compute shaders 15:34 Making GPU development more approachable 16:26 Docs, examples, and the philosophy behind TypeGPU documentation 17:03 Building features by building examples first 18:13 Using examples as a test suite + how docs shape API design 19:00 Docs as a forcing function for intuitive APIs 20:21 GPU for AI – browser inference and future abstractions 21:11 How AI examples inform new libraries (noise, inference, etc.) 21:57 Keeping the core package small and flexible 22:44 Building “TypeGPU AI”-style extensions without bloating the core 23:07 The cost of AI examples and building everything from scratch 23:41 Standard library design and future of the ecosystem 24:04 Closing thoughts from Iwo – OSS, GPU renaissance, and encouragement 24:34 Sick Picks & Shameless Plugs Sick Picks Iwo: Perogies Shameless Plugs Iwo: Syntax Podcast Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Netlify's CEO, Matt Biilmann, reveals a seismic shift nobody saw coming: 16,000 daily signups—five times last year's rate—and 96% aren't coming from AI coding tools. They're everyday people accidentally building React apps through ChatGPT, then discovering they need somewhere to deploy them. The addressable market for developer tools just exploded from 17 million JavaScript developers to 3 billion spreadsheet users, but only if your product speaks fluent AI—which is why Netlify's founder now submits pull requests he built entirely through prompting, never touching code himself, and why 25% of users immediately copy error messages to LLMs instead of debugging manually. The web isn't dying to agents; it's being reborn by them, with CEOs coding again and non-developers shipping production apps while the entire economics of software—from perpetual licenses to subscriptions to pure usage—gets rewritten in real-time.Follow Matt Biilmann on X: https://x.com/biilmannFollow Martin Casado on X: https://x.com/martin_casadoFollow Erik Torenberg on X: https://x.com/eriktorenberg  Check out everything a16z is doing with artificial intelligence here, including articles, projects, and more podcasts. Please note that the content here is for informational purposes only; should NOT be taken as legal, business, tax, or investment advice or be used to evaluate any investment or security; and is not directed at any investors or potential investors in any a16z fund. a16z and its affiliates may maintain investments in the companies discussed. For more details please see a16z.com/disclosures. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode, the host addresses a previous mistake in naming a company involved in a breach, correcting SitusAMC for Ascensus, and extends apologies. Key topics include US banks assessing a breach fallout from financial tech vendor SitusAMC, ransomware group CioP targeting Broadcom through Oracle's vulnerabilities, a new malware campaign hiding in Blender 3D models named SteelC, supply chain attacks in the JavaScript ecosystem through NPM packages with Shai-Hulud malware, and a phishing scam using lookalike domains to deceive Microsoft account holders. Listeners are reminded to manually type URLs to avoid phishing scams, and are informed about the Thanksgiving weekend schedule change. 00:00 Introduction and Apology 01:26 Cybersecurity Headlines 02:13 US Banks Data Theft Incident 03:44 Broadcom and Oracle ERP Breach 05:29 Blender Malware Campaign 07:45 Shai-Hulud NPM Package Attack 09:41 Phishing Campaign Targeting Microsoft Accounts 11:39 Final Thoughts and Thanksgiving Wishes

In this episode of the Option Alpha podcast, Kirk sits down with his business partner and fellow founder, Jack Slocum, to share the full story behind Jack's journey as a trader, developer, and entrepreneur. Jack talks about how he first turned to options trading to generate extra income for his family, how his early experiences “crashed and burned,” and why he has spent years since then learning as much as possible about markets and risk. Tune in now! How Jack First Got Into Options Trading:Jack says his options journey started as a father looking to make extra income to support his family.From Tech Builder to Trading:Before options, Jack's primary background was in technology and building companies.He created a JavaScript framework originally called EXTJS, later part of Sencha, which allowed developers to build full web applications in the browser.The framework became widely adopted, with usage by 8 out of the top 10 financial institutions and over 70% of Fortune 500 companies.Jack emphasizes that the community was the strength of that project: developers shared what they were building and provided the core toolkit with their own “extensions.”Faith, Mindset, and Staying Inspired Through Drawdowns:He credits his Lord and Savior, Jesus Christ, for his determination, passion, and success.He says this gives him a resilient state he can tap into no matter what is happening.Kirk shares a mindset he learned from Jack: instead of saying “we can't,” ask “how could we?”Jack connects this to his belief that all things are possible for someone who believes.He says reframing problems this way opens the door to solutions instead of shutting them down.Key Trading Principles Jack Follows Now:Jack says the most important principle is never to enter a trade unless you are willing to take the maximum loss.In the past, he entered trades assuming he could always get out before max loss, which led to huge losses.He rarely uses stop losses as a guarantee because during big moves, spreads widen, and fills can be much worse than planned.An example of his opening range breakout bot, which sometimes risks $925 to make $75 and makes him uneasy.He prefers to run a mix of strategies, including both higher-probability, smaller payoff setups and lower-probability, larger-payoff setups.Jack says every trade should have a clear, logical reason behind it, and not be fear based.Using His Own Platform to Design the Future of Automation:At his old company, he would build a real app with new features before a release to find issues.Now, he trades daily on Option Alpha and uses that experience to see what needs to be added or improved.Watch the full interview here

In today's episode of Cybersecurity Today, hosted by Jim Love, several major cybersecurity incidents are discussed. US banks are assessing the impact of a security breach at SitusAMC, where the ALFV ransomware group claimed to have stolen three terabytes of data. CIOP has targeted Broadcom through Oracle's E-Business Suite vulnerabilities. A new malware campaign hides inside Blender 3D models, exploiting the auto-run feature to deploy Steel C malware. The JavaScript ecosystem faces a supply chain attack from the Shai-Hulud malware compromising 500 NPM packages. Additionally, a phishing campaign leveraging visual deception with look-alike domains is targeting Microsoft account holders. The show is brought to you by Meter, which provides integrated networking solutions. 00:00 Introduction and Sponsor Message 00:21 US Banks Data Theft Incident 02:24 Broadcom and Oracle ERP Breach 04:09 Blender Files Supply Chain Attack 06:24 NPM Packages Compromised 08:21 Phishing Campaign Targeting Microsoft Accounts 10:19 Conclusion and Sponsor Message

In this episode, we dive into NASA's first test flight of the ultra-quiet X-59 supersonic jet, explore the futuristic Phantom transparent 4K monitor, and break down World Labs' breakthrough 3D world-modeling AI. We also cover TypeScript's unexpected rise in the AI era, the world's first mass delivery of humanoid factory workers, and how you can now run powerful open-source AI models locally. It's a packed show full of aviation, robotics, and cutting-edge tech that's reshaping the future. Want to be a Guest on a Podcast or YouTube Channel? Sign up for GuestMatch.Pro Thinking of buying a Starlink? Use my link to support the show. Don’t tell me you’ve been using the same password for every site? You’ll thank me later, Get 1Password. Subscribe to the Newsletter. Email Ray if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes $11.99 – For a New Domain Name cjcfs3geek $6.99 a month Economy Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1h $12.99 a month Managed WordPress Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1w Support the show by becoming a Geek News Central Insider Full Summary In episode 1852 of the Geek News Central podcast, host Ray Cochrane welcomes listeners back after a brief hiatus, explaining the delay due to personal and professional commitments. He kicks off the show by discussing an exciting breakthrough from NASA: the successful test flight of the X-59, an experimental aircraft designed to quiet the sonic boom, potentially paving the way for commercial supersonic flight over land. Ray notes that the X-59, which resembles a swordfish, recently completed its first test flight in California, focusing on functionality rather than speed. It is intended to gather data on the aircraft’s noise impact on communities, indicating a significant step towards improving commercial travel times. After this, Ray thanks the podcast’s sponsor, GoDaddy, highlighting their hosting services and mentioning various promotional offers. He encourages listeners to support the show directly through the GoDaddy links, emphasizing their reliability in supporting the podcast. Following the sponsor message, Ray transitions into another topic, discussing a new prototype transparent 4K monitor named the Phantom developed by Virtual Instruments. The monitor is designed to allow users to see their environment through the screen while achieving remarkable brightness levels. Next, he introduces an innovative AI model called Marble developed by Fei Fei Li's startup, World Labs. Ray explains that this platform enables users to generate 3D worlds from simple prompts, marking a shift towards spatial intelligence in AI, which is essential for gaming, robotics, and visual effects. Ray then moves on to discuss TypeScript’s rise in the programming world, which has overtaken JavaScript and Python as the most used language on GitHub due to its compatibility with AI-assisted coding. He continues with news about UbiTech’s Walker S2 humanoid robots, which have begun mass delivery to factories, signifying a major milestone in manufacturing automation and the potential implications for the labor market. Ray finishes with information on the growing trend of running local open-source AI models on personal computers. He emphasizes the privacy advantages of using models like Llama and Mistral locally without relying on cloud providers. In closing, Ray reflects on the episode’s diverse topics and invites listener feedback regarding the content. He expresses gratitude for their support and encourages them to send comments or suggestions for future episodes. Ray ends by wishing everyone a good night and promising to return with more episodes soon. Show Links NASA X-59 Quiet Supersonic Test Flight Phantom Transparent 4K Monitor Fei-Fei Li's World Labs Launches Marble TypeScript's Rise in the AI Era (Hejlsberg Interview) UBTECH's First Large Delivery of Humanoid Workers How to Run Your Own Local Open-Source AI Model The post From NASA's X-59 to Humanoid Workers: The Future Is Getting Weird # 1852 appeared first on Geek News Central.

Coach Colin : https://www.youtube.com/@coachcolin 00:00:00 – Meet Coach Collin: conspiracy YouTuber origins, YouTube strikes, Union of the Unwanted and learning to tiptoe around platform rules. 00:04:50 – Alex Jones Clips of the Week: Fetterman "cyborg" on Rogan, rants about ancient studio cameras, bankruptcy auction math and a torrent of quotes that guarantee no YouTube monetization. 00:14:08 – Where OBDM actually lives (Spotify, Rumble, Twitch, Twitter), how they handle edits for YouTube, and the decision to leave the insane Jones montage fully intact. 00:18:41 – Ian/"In Carol" stream breakdown: Rob McCoy's sermon vanishes mid-watch, backup found on Apple Podcasts, then an instant flood of "just retire man" Twitch bots that looks like targeted harassment of a small creator. 00:24:18 – Threat-modeling the bot swarm: JavaScript trackers vs malware vs state-level profiling of dissident channels, plus why Ian's modest van-life income and Candace Owens ties might still put him on a watchlist. 00:33:51 – Tesla Cybertruck bomb at Trump's Vegas hotel: Green Beret on leave, Turo-rented Cybertruck, explosives and a now-classified phone manifesto describing gravity-propulsion drones launched from submarines. 00:38:57 – Butler County and Charlie Kirk parallels: same kinds of enemies (intel community, defense contractors, radicals), bizarre rooftop security failures and fast, tidy crime-scene cleanups that feel pre-scripted. 00:43:08 – Trump's shooting as message, not stunt: why staging it himself would be nearly impossible, Schumer's "six ways from Sunday" warning, and the sense that Trump is oddly content with a murky investigation. 00:53:02 – Epstein as "Mr. Deep State": Maxwell-to-Epstein handoff, Zorro Ranch, cloning obsessions, Powerball luck, Mongolia-Israel security deals, Harvard office access and a role far beyond "simple" sex trafficking. 00:56:45 – The files vs Trump's legacy: Cash Patel, Dan Bongino and Pam Bondi's conflicting claims about thousands of hours of tape, and why the base wants names released before Epstein becomes Trump's eternal asterisk. 01:04:29 – Dan Aykroyd's The UnBelievable and the Ariel School sighting: kids in Zimbabwe, telepathic "save the trees" messages, and using the case to argue UFOs are long-running interdimensional or demonic entities. 01:08:38 – CE5 sky-summoning, Crowley, Jack Parsons, Tesla and Hollywood rituals: "biological drone" greys, summoning things that pretend to be aliens, and celebrity plastic surgery as possible demonic face-morphing experiment. 01:14:55 – Madonna and Lil' Kim as "grey-coded" figures, then wacky news: Taco Bell's limited Baja Blast pie, a listener buying a half-eaten one for Thanksgiving, and using junk food as a window into cultural weirdness. 01:18:44 – NASA's awful comet 3I/ATLAS blue-dot photos, its quiet promotion to intelligence agency status, speculation about reverse-engineering evil interdimensionals and a tangent into Megadeth's dream of a final show on the moon. 01:33:02 – Stolen child's brain and organ markets: rare disease research derailed when her brain is sold off, theories about rich collectors, legal rulings that organs can be resold, and wild pricing for skulls and bones online. 01:41:29 – Linux Torvalds on "vibe coding": AI as okay for learning but bad for maintenance, dev layoffs, and the hosts' own experience with AI code review, hallucinated links and having to scold chatbots like lazy employees. 01:46:49 – Chatbots melting minds: Canadian user pushed into math-savior psychosis by ChatGPT, multi-plaintiff lawsuits after suicides, a man who fell in love with his bot wife, and the theory that these systems are temporary demon housing. 01:59:05 – Pumpkin-everything Thanksgiving: stuffed ravioli, cheesecake crumble, pumpkin butter ice cream, then Coach Collin's plugs, OBDM's schedule, Discord jokes and the "keep watching the skies" sign-off aimed at NASA's lousy photos. Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research ▀▄▀▄▀ CONTACT LINKS ▀▄▀▄▀ ► Website: http://obdmpod.com ► Twitch: https://www.twitch.tv/obdmpod ► Full Videos at Odysee: https://odysee.com/@obdm:0 ► Twitter: https://twitter.com/obdmpod ► Instagram: obdmpod ► Email: ourbigdumbmouth at gmail ► RSS: http://ourbigdumbmouth.libsyn.com/rss ► iTunes: https://itunes.apple.com/us/podcast/our-big-dumb-mouth/id261189509?mt=2  

There was a day not long ago where a Google Chrome browser update left any page with a CodePen Embed on it throwing a whole big pile of red JavaScript errors in the console. Not ideal, obviously. The change was related to how the browser handles allow attributes on iframes (i.e. ). CodePen was calculating the appropriate values inside an iframe for a nested iframe. That must have been a security issue of sorts, as now those values need to be present on the outside iframe as well. We documented all this in a blog post so hopefully we could get some attention from Chrome on this, and for other browser makers as well since it affects all of us. And I posted it on the ol' social media: Huge thanks to Bramus Van Damme who saw this, triaged it at Chrome, and had a resolution within a day: I think the patch is a great change so hats off to everyone involved for getting it done so quickly. It's already in Canary and don't really know when it'll get the stable but that sure will be good. It follows how Safari is doing things where values that aren't understood are just ignored (which we think is fine and inline with how HTML normally works). Fortunately we were able to mitigate the problem a little until then. For most Embedded Pens, a is loaded on the page embedding it, and we dynamically create the for you. This is just nice as it makes making an accessible fallback easier and gives you access to API-ish features for the embeds. We were able to augment that script to do a little browser user-agent sniffing and apply the correct set of allow attributes on the iframe, as to avoid those JavaScript errors we were seeing. But there's the rub: we'd rather not do any user-agent sniffing at all. If we could just put all the possible allow attributes we want on there, and not be terribly concerned if any particular browser didn't support any particular value, that would be ideal. We just can't have the scary console errors, out of concern for our users who may not understand them. Where we're at in the saga now is that: We're waiting for the change to Chrome to get to stable. We're hoping Safari stays the way it is. OH HI FIREFOX. On that last point, if we put all the allow attributes we would want to on an in Firefox, we also get console-bombed. This time not with red-errors but with yellow-warnings. So yes, hi Firefox, if you could also not display these warnings (unless a reporting URL is set up) that would be great. We'd be one less website out there relying on user-agent sniffing.

In this episode, Dave and Jamison answer these questions: “My manager insists on a weekly 1:1 with me, but he rarely pays attention. He's often on his laptop, texting, checking email — basically anything but listening. I've tried sending agendas, rescheduling, reducing frequency, waiting until he's less busy — nothing helps. I've even started sitting in silence until he notices I've stopped talking, but that only works for a minute. This has caused real problems. For example, he almost had me cancel a million-dollar project because he misheard me say “Java” instead of “JavaScript.” When he finally realized I was right, he said, “Every time I heard Java I automatically tuned out.” How do I handle a 1:1 with a manager who won't pay attention, without risking my work or my relationship with him?” “I've worked for a big retailer for 10 years now and I used to really enjoy it. I liked my team a lot, problems we worked on, technologies we used. Unfortunately the last few yours brought a few rounds of layoffs and my old team doesn't exist anymore and the new team is pretty much awful. They're all on the East Coast, while I'm on the West Coast. I'm required to work EST hours but also to commute to the office 5 days a week and sit there alone and talk to my team on zoom. I'm a staff software engineer and I haven't been programming much for the past year. Most of my time is spent in calls, I start every day with the same 3 calls. I live 50 miles from the office and I take a company shuttle that leaves at 7am. I'm required to join the calls from my phone. I leave for work at 6:30am, I'm back at home at 6:30pm. A few times a week I need to do deployment at 10pm. I tried speaking to my manager and to my director. They don't care. My every attempt to improve our processes is met with opposition. My manager is afraid of changes. I can't believe this is where I am but I'm too tired to prepare for job hunting. I can't afford to quit. I don't know how to get myself on track and dust off my programming and interviewing skills. I'm praying they'll lay me off so that I can use the severance to do all those things. But this isn't really a plan, it's wishful thinking, and I'm afraid that my career options are getting worse by the minute. Do you have any advice on how to get myself out of this hell hole?”