Replit, une startup californienne bien connue pour son IDE dans le cloud et ses ambitions en IA, vient de vivre une humiliation publique. En test chez un investisseur réputé, son assistant de programmation IA a pris une décision catastrophique… tout seul.
He found that the more HTTP client requests he did, the more memory his Node process would consume, but it was really slow.
[...] Then I ran Node with UMEM_DEBUG set to record various important information about the memory allocations
[...] Every hour, it grabbed the output of pmap -x and a core file and stored those in Joyent Manta
[...] In MDB there's a particularly helpful command ::findleaks that will show you the memory addresses and the stack traces for leaked memory, not unlike using valgrind, but without all the performance penalty.
[...] At this point we knew that we were looking for something in v0.10 that called MakeCallback but that didn't first have a HandleScope on the stack. I then worked up this simple DTrace script.
TL;DR: There are three options to fix an NPM dependency:
- Open a bug ticket on the repository of the maintainer
- Fork & Fix
- Create a patch and fix it
J'avais tendance à privilégier la 2e solution, mais elle a l’inconvénient de créer une dépendance à github.com au moment du build, ce qui n'est pas toujours pratique dans un contexte d'entreprise... patch-package peut donc s'avérer bien pratique dans ce cas
:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/70367267/acastro_180109_1777_0001_v1.0.jpg) 
$ npm install faker@6.6.6
LIBERTY LIBERTY LIBERTYArticle complémentaire FR: https://www.01net.com/actualites/au-bout-du-rouleau-un-developpeur-sabote-ses-logiciels-open-source-2053434.html

À oui.sncf, je travaille au sein d'une équipe en charge de l'usine logicielle,
qui administre depuis des années une instance Gitlab self-hosted.
Cet article contient quelques-unes de nos recommandations à l'intention des utilisateurs de notre Gitlab, ayant pour but à la fois améliorer les performances de leurs pipelines …

What happens if malicious code is uploaded to npm under these names? Is it possible that some of PayPal’s internal projects will start defaulting to the new public packages instead of the private ones?
Useful CLI when you have the RCON password of a Quake 3 server !
I have set up the script below as a cron job to alert me whenever a player connect to my friend server :
#!/bin/bash
set -o pipefail -o errexit -o nounset
cd $(dirname "${BASH_SOURCE[0]}")
date
echo status | quake3-rcon $server_address $rcon_password > quake3-kleph.status
grep -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' quake3-kleph.status | awk '{ print $4 }' > quake3-kleph.players
if ! diff -q quake3-kleph.players quake3-kleph.players.old; then
    echo 'New player detected'
    ./send_reminder.sh "New player joined kleph.eu Quake3 server: $(comm -13 <(sort quake3-kleph.players.old) <(sort quake3-kleph.players) | tr '\n' ' ')"
fi
mv quake3-kleph.players quake3-kleph.players.oldTrès intéressant REX d'une migration du site d'une asso coûteux à maintenir vers des solutions "low-costs": Squarespace pour du Wordpress, Airtable en base de donnée et Glitch pour un backend minimal en NodeJS
He used a rate limiter for Airtable: https://glitch.com/edit/#!/airtable-api-proxy?path=README.md:1:0
A bot generated tens of notifications in one of your Slack channels ?
This handy Python CLI script is just what you need !
slack-cleaner --token $SLACK_TOKEN --message --channel jenkins --bot --perform
There is also a NodeJS version
While developing a new project is like rolling on a green field for you, maintaining it is a potential dark twisted nightmare for someone else. Here's a list of guidelines we've found, written and gathered that (we think) works really well with most JavaScript projects here at hive. If you want to share a best practice, or think one of these guidelines should be removed, feel free to share it with us.
Found from: http://javascriptweekly.com
vendor-neutral open source library for metric collection and tracing. OpenCensus is built to add minimal overhead and be deployed fleet wide, especially for microservice-based architectures.
OpenCensus currently supports Prometheus, SignalFX, Stackdriver, Zipkin, Datadog, and Azure App Insights.
A single set of libraries for many languages, including Java, C++, Go, .Net, Python, PHP, Node.js, Erlang, and Ruby.
Essential cross-platform UI components for React Native https://nativebase.io
Our mission is to remove the pain of handling servers, application stacks, software dependencies and databases.
Focus on your app development and deploy it in 2 minutes. No server to manage, hosting becomes instant and easy!
Looks very similar to Heroku
Lighthouse is an open-source, automated tool for improving the quality of web pages. You can run it against any web page, public or requiring authentication. It has audits for performance, accessibility, progressive web apps, and more.
You can run Lighthouse in Chrome DevTools, from the command line, or as a Node module.
Source code of the rules used
like-tweet.js, which runs whenever your application loads up the popular express library, makes a POST request to the twitter API [...] In fact, every time you download express, you favorite this exact tweet from Hot Pockets: introducing their new signature Hickory Ham sandwich pastries filled with real ham, real cheese, and a variety of chef-inspired sauces.
It’s true. Each installation of Babel includes a picture of Guy Fieri, and there is nothing you can do about it.