Last week
- The Problem Vite SPA serves one index.html for all routes. Social crawlers (X, Discord, Slack, LinkedIn, etc.) read the first HTML response and don't run JavaScript. So every shared link shows the sam...
- I originally posted this as a Twitter thread in March 2018. It went viral, probably because Charles Stross quote-tweeted it with the comment “This thread. You read!” - yes, _that _Charles Stross. 😮 It was at https://twitter.com/i/web/status/976852582084808704, and I bookmarked...
Two weeks ago
- A JavaScript engine (e.g. V8, JavaScriptCore) executes JavaScript code. It doesn't know about things like files, HTTP requests, or timers.On the other hand, a JavaScript runtime (e.g. Node.js, Bun) is a more complete environment where JavaScript runs. It contains a JavaScript...
about 1 month ago
- I like pie. And I’ve learned that if I want a pie done right, I gotta do it myself. Somewhere along my pilgrimage to pie perfection, I began taking a photo of each bake — pic or it didn’t happen. Despite all my rhetoric for “owning your own content”, I’ve hypocritically used...
- Introduction You built a thing. You want people to pay once and use it forever. Here is exactly how to do that with Convex and @convex-dev/stripe. Install npm install @convex-dev/stripe stripe npx c...
2 months ago
- I upgraded kentcdodds.com from Remix v2 to React Router v7 in a day with over 17k lines of code changed. Here's how I did it....
3 months ago
- Mcp-cli is a lightweight CLI that allows dynamic discovery of MCP, reducing token consumption while making tool interactions more efficient for AI coding agents....
4 months ago
- A couple of months ago, I received a request from a random Internet user to add CSRF protection to my little web framework Microdot, and I thought it was a fantastic idea. When I set off to do this work in early November I expected I was going to have to deal with anti-CSRF...
5 months ago
- I enjoyed listening to Feross Aboukhadijeh, founder and CEO of the security firm Socket, on the Changelog podcast “npm under siege”. The cat-and-mouse nature of security is a kind of infinite source of novel content, like a series of heist movies that never produces the same...
- I recently added a bunch of app icons from macOS Tahoe to my collection. Afterwards, I realized some of them were missing relational metadata. For example, I have a collection of iMove icons through the years which are related in my collection by their App Store ID. However, the...
6 months ago
- I was 30 seconds away from running malware, Here's how a sophisticated scam operation almost got me, and why every developer needs to read this....
7 months ago
- I love a good look at modern practices around semantic versioning and dependency management (Rick Hickey’s talk “Spec-ulation” is the canonical one I think of). Niki recently wrote a good ‘un at tonsky.me called “We shouldn’t have needed lockfiles”. What struck me was this point...
- There was a time when I could ask, “Did you see the latest NPM attack?” And your answer would be either “Yes” or “No”. But now if I ask, “Did you see the latest NPM attack?” You’ll probably answer with a question of your own: “Which one?” In this post, I’m talking about the Qix...
- What if every website you visited didn't actually exist until the moment you asked for it? What if the entire web was a unique, AI-generated experience, created just for you, on the fly? That's the core idea behind my latest project, Fauxmium. Fauxmium is a proof-of-concept that...
- In the wake of the largest supply-chain attack in history, the JavaScript community could have a moment of reckoning and decide: never again. As the panic and shame subsides, after compromised developers finish re-provisioning their workstations and rotating their keys, the...
- I normally skip presentations because I prefer reading, but Building the Hundred-Year Web Service (YouTube) was worth the time.1 Note that despite “htmx” featuring in the title, very little of the presentation is actually about htmx. It is about choosing and using technology in...
- Watch me build Arena live - a real-time collaborative coding session exploring AI-powered development workflows....
8 months ago
- Imagine you’re writing a project and need a library. Let’s call it libpupa. You look up its current version, which is 1.2.3, and add it to your dependencies: "libpupa": "1.2.3" In turn, the developer of libpupa, when writing its version 1.2.3, needed another library: liblupa. So...
Rows per page
