2026-06-08 20:19:00
Hi all,
We’re back for another issue. I’m still trying my time to make this news letter become a weekly again :(.
If you enjoy BetterDev, please spread the word by sharing it with your friends. And if you’d like to support my work, buying me a coffee would be much appreciated.
Spring Spotlight 2026 is live and we’ve rounded up the top updates for developers here. Featuring:
• AI-Assisted Development: Developer MCP Server lets you build apps faster with AI coding tools like Cursor, Claude Code, and Codex.
• Modern API Infrastructure: Date-based versioned APIs and versioned docs for predictable releases.
• MCP: Unlock HubSpot data via the HubSpot MCP Server (remote) to connect any compatible MCP client and create custom workflows and integrations.
• Projects 2026.03: Includes serverless functions, UI extension support, and migration from 2025.1 and 2023.2.
Turn any Android phone into a programmable SMS gateway for your SaaS — no per-message fees, no carrier contracts, no vendor lock-in.
A researcher find that the Creative Sound Blaster Katana V2X accept unsigned firmware over Bluetooth without auth. Since the speaker already register itself as a HID device for volume control, an attacker can flash it remotely and turn it into a Rubber Ducky, injecting keystroke into ur PC from ~50 feet away. Vendor refuse to patch.
Linear feel fast not because of one trick, but a lot of small one compound together. The big idea: treat the browser DB as the source of truth, and the server is just a sync target. Mutation apply locally first, reconcile async. Add to that aggressive code-split with service worker precaching, granular MobX observables to keep re-render small, and animation only on GPU-composited properties.
A basic introduction to USB for people that don’t need to know what happens on the wire. If u ever want to talk to a USB device from ur own app without diving into kernel land, this is a nice starting point.
Postgres planner can make bad estimate when columns are correlated. Extended statistics let u tell the planner about those relationship. The post walk through the three flavor - dependencies, mcv, and ndistinct - with real example showing how each one fix a different kind of wrong row estimate.
Sourcemaps unlock some observability benefits but might expose your codebase. Check out how they work, and how to protect yourself.
A Go specific article, but it present a methodlogical though of process. We had a 4 GiB file that’s almost entirely zeros, exactly one non-zero int64 is hiding at offset Size - 8 (the last aligned slot). The task: find that offset, as fast as possible, in Go on Linux.
Have u ever feel annoying with the useless Music app on macOS, u would love this tool. Typically it will be under Tool, but this is require deep understand on how everything works. Strongly recommend to learn its code, especially about the rcd(short for Remote Control Daemon)
This is a fresh reading of RFC 9111 (2022), the latest iteration of the HTTP Caching standard. The standard defines the Cache-Control HTTP header as a way to prescribe how caches should store and reuse HTTP responses, with regard to not just the browser cache, but to any other intermediary caches, such as proxies and content delivery networks, that may exist between the client and the origin server.
Use the ss command as a modern, faster replacement for netstat to inspect IPv4 TCP and UDP sockets, listening ports, and connection states.
A tiny (~1KB) & modern library for keybindings.
A literal credit-card sized computer with E-Paper display, ESP32 and NFC.
A CSS 3D engine for the DOM. Renders polygon meshes in HTML by leveraging matrix3d transforms.
A nice tool to let us know which AI Model can be run locally with a given GPU
a suite of tools to bring collaboration to your application. It’s based on Y.js (by Kevin Jahns), which is amazing to sync and merge changes from clients in real-time
A very swift way to encrypt secret, and commit it to the git repository. The sweetness come on how to onboard new team member, simply add their public key, do a re-encrypt and commit the change. Every team member now share the same secrets
A small, feature-rich, and robust Cloudflare DDNS updater
Open-source terminal SSH manager that keeps ~/.ssh/config in sync with your cloud infra across 16 cloud providers.
Animate your SVGs. Without losing your mind
2026-05-11 20:19:00
Hi all,
We’re back for another issue. I’m still trying my time to make this news letter become a weekly again :(.
If you enjoy BetterDev, please spread the word by sharing it with your friends. And if you’d like to support my work, buying me a coffee would be much appreciated.
Spring Spotlight 2026 is live and we’ve rounded up the top updates for developers here. Featuring:
• AI-Assisted Development: Developer MCP Server lets you build apps faster with AI coding tools like Cursor, Claude Code, and Codex.
• Modern API Infrastructure: Date-based versioned APIs and versioned docs for predictable releases.
• MCP: Unlock HubSpot data via the HubSpot MCP Server (remote) to connect any compatible MCP client and create custom workflows and integrations.
• Projects 2026.03: Includes serverless functions, UI extension support, and migration from 2025.1 and 2023.2.
decode and understand all the thing behind these cryptic number.
In the United States, the National Institute of Standards and Technology (NIST) maintains the official U.S. time reference. On a recent project I needed a trustworthy clock and time.gov was a convenient option. To validate that the provided reference was accurate, I opened time.gov in two browser windows side-by-side, but found that the provided clock offset estimates disagreed by a margin larger than I could tolerate. When I compared to another source, an NTP client, I found even more disagreement.
In famous problem. 0.1 + 0.2 is equal 0.30000000000000004. Best way to to understand is to re-implement them from the first principle, the hard way.
From page faults to NUMA topology: how the Linux kernel manages memory, and what that means for the performance of data-intensive systems
Ever wondered how regex works under the hood? How does it understand an incantation like “<\/?[\w\s]*>|<.+[\W]>” and magically produces a desired result? This series is going to describe exactly how it works and how to implement a feature-rich regex engine.
that MacOS Tahoe can generate and use secure-enclave backed SSH keys! This replaces projects like secretive
Most programmers dream of their own perfect programming language.
Without vacuum, deadtuple (dead row) are accumulate in Postgres, the engine needs to scan them and exclude them, vacuum suppose to delete them. Here are many tip and tricks to monitor that process
Figma outgrow pgbouncer and share experience writing their own Postgres connection pooling.
cheatsheet covers several npm security best practices and productivity tips, useful for JavaScript and Node.js developers. This list was originally based on the 10 npm security best practices from the Snyk blog.
a book written for engineers who need Git to stay fast as repositories, histories, and teams get larger: build and CI engineers, monorepo owners, devprod teams, and anyone tasked with figuring out Git beyond the usual four commands.
MacOS Web Server written entirely in ARM64 assembly
SQLite extension + bindings for Postgres NOTIFY/LISTEN semantics with durable queues, streams, pub/sub, and scheduler
A simple command line SSH tunnel manager that just works.
Prioritized semaphore/rate-limiter/adaptive throttle for load management.
A high-performance HTTP benchmarking tool that includes a real-time web UI and terminal display
A PostgreSQL extension that can enforce optimal column alignment to minimize row padding waste.
Cloud-native continuous backup for PostgreSQL - WAL/base-backup streaming, compression, encryption, retention, and monitoring in a single binary.
a pure SQL / PL/pgSQL control plane for conservative autonomous reindexing, in the same extension-avoidance spirit as pg_ash and PgQue. It installs into a separate control database, talks to target databases through postgres_fdw user mappings and dblink, and rebuilds only with reindex index concurrently. No schema is installed into target databases. No C extension, no shared_preload_libraries, no sidecar worker, no restart.
HyperFrames lets AI agents compose videos by writing HTML, CSS & JS.
Have u ever has to write some cronjob to refresh materialized view? this tool handle all of that, natively inside Postgres
Create real MP4 videos with React. Parametrize content, render server-side and build applications.
aggregates CloudTrail logs to simplify analysis for AI agents
A terminal workbench for AI-driven vulnerability discovery and live validation.
2026-03-30 20:19:00
Hi all,
Trivy is a security scanner to find vulnerabilities, misconfigurations, secrets and very widely used. Imagine, Trivy got under attack itself. Attackers compromised Trivy GitHub Actions by force-updating tags to deliver malware, exposing CI/CD secrets across affected pipelines.
Then last week, two versions of the litellm Python package on PyPI were found to contain malicious code.
All of that just mean we need to be extra triple careful when dealing with any external dependenies. Any external dep is a liability. In this issue we had included 2 tools that hopefully will allow us to run those app in sandbox instead.
If you enjoy BetterDev, please spread the word by sharing it with your friends. And if you’d like to support my work, buying me a coffee would be much appreciated.
Let’s be honest: your test suite is probably lying to you. You’ve got green checkmarks in CI, 80% coverage, and your last deploy still broke the checkout flow on mobile.
The problem isn’t that you’re bad at testing. It’s that test maintenance is a full-time job nobody wants, and the coverage you think you have is mostly happy paths you already tested manually. Meanwhile, your users are the ones discovering the real bugs.
Autonoma takes a different approach. Instead of making you write and maintain test scripts, it runs AI agents that navigate your web and mobile apps like real users: clicking through forms, testing edge cases, handling state transitions, all in parallel across hundreds of browsers and devices.
The best thing? If after 30 days a bug reaches production, we will refund you the money.
An incredible story of someone dived into electronics design with almost zero prior experience. Their goal was ambitious: build an FPGA-based device capable of booting Linux, connecting to a screen and keyboard, and allowing me to write and compile code directly on the machine itself.
Most people who work with PostgreSQL eventually learn two commands for query tuning: EXPLAIN and EXPLAIN ANALYZE. In this post we’ll take a look at a few of those lesser-known options.
When you run PostgreSQL on a high-performance server with a lot of RAM, one of the most overlooked performance tunings is Huge Pages. Understanding and configuring Huge Pages correctly can significantly improve performance, especially for databases with large shared memory requirements.
Anyone who operate Postgres with high write will need to handle and optimize WAL and AutoVacuum. We can defer these job to AI, but it’s better to understand all the knowledge.
Whatever the reason, if you’re a psql command-line user, Ctrl-C is in your muscle memory. So now you’re looking at the words Cancel request sent, followed shortly after by the not-really-an-error message ERROR: cancelling statement due to user request. But what’s going on behind the scenes?
In 2024, the Online Data Stores team at Netflix conducted a comprehensive review of the relational database technologies used across the company, and decide to standardize on Amazon Aurora PostgreSQL as the primary relational database offering for Netflix teams.
Switching from Rust to TypeScript make the code faster. Not because Rust is slow, or TypeScript is fast. But simply the code to serialize/unserialize the object back and forth when passing between both world outweight the performance gain.
Developers have never been shy about disliking certain React APIs. They feel awkward, restrictive, or just plain counterintuitive. But the reality is that the two most complained‑about design choices in React weren’t arbitrary at all — they were early signs of deeper constraints that every UI model eventually runs into
Imagine the ability to inject the JS code, and run it on any webpage whenever you click a bookmark, and it acts on the urrent page? That’s what Bookmarklet is
A difference algorithm module for Go
Get the main content of any page as Markdown.
drop-in replacement for Nokogiri. It’s 4.7x faster at parsing HTML and up to 1352x faster at CSS selectors.
Sandbox your local AI agents so they can read/write only what they need
Running Node apps inside a WebAssembly Sandbox
Pure-Go implementation of JSONata 2.x for high-throughput streaming evaluation. And the story of re-impelment it in Go with AI saves the compnay $500k USD per year
Pluggable linting tool to prevent committing credential.
A Postgres TUI client that utilizes your terminal text editor for inserts & updates
SQL static analyzer for performance, security, compliance and cost. 272 rules. Completely offline. Works in CI pipelines.
A PostgreSQL extension that captures per-query execution telemetry and exports it to ClickHouse in real-time. Unlike pg_stat_statements which aggregates statistics in PostgreSQL, pg_stat_ch exports raw events to ClickHouse where aggregation happens via ClickHouse’s powerful analytical engine.
Go LSP helper library support 3.17 of the LSP specification
2025-12-15 20:19:00
Hi all,
Merry Christmas everyone. It’s the end of years, take sometime off and enjoy the season.
If you enjoy BetterDev, please spread the word by sharing it with your friends. And if you’d like to support my work, buying me a coffee would be much appreciated.
What’s actually working for engineering teams — and what’s not? Hear from Benjamin Stice (Salesforce VP Engineering), Clinton Herget (Snyk Field CTO), Yonatan Boguslavsky (Port CTO), and Dedy Kredo (Qodo Co-Founder) in this candid panel discussion. Three fast, honest segments: What we’re leaving behind: practices, tools, or org habits that no longer serve the team (and how we’re unwinding them without chaos). What we’re doubling down on: the investments that produced real outcomes in quality, delivery, and developer experience, and how we’re scaling them. What we’re betting on next: the experiments and measured risks we’ll run in 2026 to meet reliability, security, and growth goals. No platitudes. Just real lessons from leaders who’ve steered teams through a year of AI transformation.
One of the most massive AWS incidents transpired on October 20th. The long story short is that the DNS for DynamoDB was impacted for us-east-1, which created a health event for the entire region. It’s the worst incident we’ve seen in a decade. authress shares with us how they maintain a high SLI to match our SLA reliability commitment even when the infrastructure and services we use don’t.
Part 12 of “How to Scale Your Model”, an free ebook that aim to demystify the science of scaling language models: how TPUs (and GPUs) work and how they communicate with each other, how LLMs run on real hardware, and how to parallelize your models during training and inference so they run efficiently at massive scale.
Memory maps are a modern Unix mechanism where you can take a file and make it part of the virtual memory. In Unix context, modern means that it was introduced in the 1980s or later. You have a file, containing data, you mmap it and you’ll get a pointer to where this resides. Now, instead of seeking and reading, you just read from this pointer, adjusting the offset to get to the right data.
The original motivation for the creation of Bloom filters is efficient set membership, using a probabilistic approach to significantly reduce the time and space required to reject items that are not members in a certain set.
It stands for “Authenticated Encryption with Associated Data” but if you are struggling to remember what is it. This post sumarize nicely.
There are many SQL JOINs guides and tutorials, but this one takes a different approach. We try to avoid misleading wording and imagery, and we structure the material in a different way. The goal of this article is to clarify your mental model
The secret to unlocking performance gains often lies not just in what you ask in a query, but in how Postgres finds the answer. The Postgres EXPLAIN system is great for understanding how data is being queried. One of secretes to reading EXPLAIN plans is understanding the type of scan done to retrieve the data. The scan type can be the difference between a lightning-fast response or a slow quey
Addy Osmani is a legendary engineer. In his own words: “When I joined Google ~14 years ago, I thought the job was about writing great code. I was partly right. But the longer I’ve stayed, the more I’ve realized that the engineers who thrive aren’t necessarily the best programmers - they’re the ones who’ve figured out how to navigate everything around the code: the people, the politics, the alignment, the ambiguity.”
WebPerformance Report was designed around that principle. Although its underlying data comes from automated performance tests, the report itself is intentionally high-level. It is structured to help anyone, developers, designers, marketers, and executives, understand what happened, why it matters, and where the opportunities lie. This article walks through the anatomy of a Web Performance Report, explaining each section, why it exists, and what decisions it enables.
To implement accessibility, Chrome has this pipeline DOM mutation -> AXEvent -> Accessibility tree -> OS accessibility API -> Screen reader. But here’s the strange part: Chrome doesn’t have one accessibility tree, it has two. This article traces the full lifecycle of an accessibility event. From the moment the DOM changes, through Blink’s internal systems, through its internal accessibility tree, and finally back out into the BrowserAccessibility tree that screen readers query.
37signals release this kanban style app. A good opportunity to dive into the source and see how DHH write user facing code.
A lightweight JavaScript library that generates customizable heat maps, charts, and statistics to visualize date-based activity and trends.
The simplest way to protect your apps with a login screen.
A character-level language diffusion model trained on Tiny Shakespeare
Minimalist, dependency-free virtual machine sandbox for microcontrollers and other resource-constrained devices. Single C file, no dynamic memory allocations, asynchronous design, pure C99
A cross-platform network monitoring terminal UI tool built with Rust
Lightweight JavaScript library for product tours, highlights, and contextual help to guide users through your product
This project lets you chat with a Large Language Model (LLM) using just your voice, receiving spoken responses in near real-time. Think of it as your own digital conversation partner.
Edit PDF files with Nano Banana
Use mkslides to easily turn markdown files into beautiful slides using the power of Reveal.js!
Enterprise-grade PostgreSQL backup and restore. Beautiful CLI with real-time progress tracking.
powerful management tool for PostgreSQL. You can use it to monitor, optimize or configure multiple PostgreSQL instances.
Interfaces to query ClickHouse databases from PostgreSQL
(Tiny Redis Desktop Manager) - A modern, colorful, super lightweight Redis GUI client for Mac, Windows, and Linux.
2025-11-16 20:19:00
Hi all,
Sometime when my though wandering the world, I just wonder how amazing TCP was design. The world all connect together because of it. Sometime you disconnect your VPN, then re-connect, and your SSH connection just resume. How amazing resilient it is. Today we discover that by learning about TCP protocol.
If you enjoy BetterDev, please spread the word by sharing it with your friends. And if you’d like to support my work, buying me a coffee would be much appreciated.
Developers earned $563K in September alone building automation tools on Apify. Now there’s $1M more in prizes through January 31. Build web scrapers, API wrappers, MCP servers for AI agents. Earn up to $2K per tool based on monthly active users, compete for $30K/$20K/$10K grand prizes, plus $2K weekly spotlight prizes. Ongoing marketplace revenue continues after the challenge ends.
The internet is incredible. It’s nearly impossible to keep people away from. But it can also be unreliable: packets drop, links congest, bits mangle, and data corrupts. Oh, it’s dangerous out there! (I’m writing this in Kramer’s tone)
Sometimes you just want something that: Works with your existing database, Doesn’t require external services, Is easy to understand and debug. That’s what the OP built. A search engine that uses your existing database, respects your current architecture, and gives you full control over how it works.
Marginalia is an experimental search engine. The Marginalia Search index has been partially rewritten to perform much better, using new data structures designed to make better use of modern hardware. This post will cover the new design, and will also touch upon some of the unexpected and unintuitive performance characteristics of NVMe SSDs when it comes to read sizes.
As a computer engineer who has spent half a decade working with caches at Intel and Sun, I’ve learnt a thing or two about cache-coherency. This was one of the hardest concepts to learn back in college – but once you’ve truly understood it, it gives you a great appreciation for system design principles.
I decided to experiment with writing an object store from scratch as a fun learning exercise, and to see how much I could get out of NVMe disks I had on my bare metal machines. Specifically, I wanted to really optimize for random reads and small objects — serving user content where the lower the latency, the better. This would not focus on other features; S3 is bottomless, distributed, and managed for example.
Postgres has an awesome amount of data collected in its own internal tables. Postgres hackers know all about this - but software developers and folks working with day to day Postgres tasks often miss out the good stuff. Today I want to walk through some of the most important Postgres internal data catalog details. What they are, what is in them, and how they might help you understand more about what is happening inside your database.
This could be a cheap way to have a Kafka-like consumer out of the box by consuming your Postgres WAL log. WAL log is like a stream of change happen to your database (update/create/delete) and you can decode them to JSON to see the change and act on them
A deep dive into how JavaScript source maps work under the hood, with examples showing how all the pieces fit together.
Beside the usualy way of await fetch to load JSON API, we now can also use import directly. We had this in NodeJS with build tool already but now it’s natively available in the browser too. Lets see when we should use what.
Easy-to-deploy, open source PostgreSQL function that provides a prioritized list of actions to improve database stability and performance.
Filter sensitive information from free text before sending it to external services or APIs, such as chatbots and LLMs.
Easily setup logical replication and switchover to new database with minimal downtime
a handy JavaScript plugin for generating and animating nice & clean dashboard gauges. It is based on Raphaël library for vector drawing
javascript navigation mesh construction and querying library for 3D floor-based navigation
Minimal neofetch-like weather CLI. Just fun code to read.
Public Open Relay To Access Localhost
A lightweight vLLM implementation built from scratch.
A modern static site generator by the creators of Material for MkDocs
OCR model that handles complex tables, forms, handwriting with full layout.
Perspective is an interactive analytics and data visualization component, which is especially well-suited for large and/or streaming datasets. Use it to create user-configurable reports, dashboards, notebooks and applications, then deploy stand-alone in the browser, or in concert with Python and/or Jupyterlab.
A minimalist extension and utility pair for time series analysis and visualization of PostgreSQL internal statistics.
Nagios check_postgres plugin for checking status of PostgreSQL databases. You probably cannot use this as it’s because it’s for Nagios but the script can adopt to any monitoring system.
Minimal RFC 5424 syslog collector and viewer based on DuckDB. Runs as a single, resource-friendly process
Advanced select dropdown without any dependencies
HTTP & OAuth Gateway and Web Application Firewall (WAF) based on ModSecurity
Lightweight status page for home infrastructure
2025-10-20 20:19:00
Hi all,
It’s already autumn and we will continue to get more issue moving forward. Hope everyone have a great haloween ahead. I also shared a story about someone almost got hack by being trick into running code for an interview. Remind so stay safe these day, never run untrusted code on your machine.
If you enjoy BetterDev, please spread the word by sharing it with your friends. And if you’d like to support my work, buying me a coffee would be much appreciated.
The HubSpot Developer Platform gives you the tools to build, extend, and scale with confidence. Create AI-ready apps, integrations, and workflows faster with a unified platform designed to grow alongside your business.
May sound overwhelm but it’s very approachable with step by step building from previous foundation. Eg to write the initial boot loader you just need: loop: jmp loop
times 510-($-$$) db 0 dw 0xaa55
A very detail setup so you can prepare emulator to start learning these.
Every time you use a computer, caches work to ensure your experience is fast. Everything a computer does from executing an instruction on the CPU, to requesting your X.com feed, to loading this very webpage, relies heavily on caching. You are about to enjoy a guided, interactive tour of caching: the most elegant, powerful, and pervasive innovation in computing.
A visual introduction to big O notation.
This post is an introduction to consistent hashing, an algorithm for designing a hash table such that only a small portion of keys has to be recomputed when the table’s size changes.
By default all of the Postgres data stay in the same directory, under the same path and therefore the same volume. This limit our scale, many cloud provider has a max volume size, and they all share same IO. What can we do to put the database at different location instead?
Be careful out there with sophisicated phishing attempt nowadays. Bottom line is never ever run untrusted code directly on your machine.
Maybe you’re debugging a network request, but the stack trace has been laundered away by a batching mechanism. Maybe you have an enormous React codebase with kilometers of prop drilling, and you can’t be bothered to hit Go To References all morning. In any case, sometimes you just wish you could see where that specific object in the debugger was created.
Once you get into the business of starting threads, you’re probably also in the business of stopping them. However the former is much easier than the latter. With “stopping” I mean stopping the thread while giving it a chance to run some cleanup operations before fully terminating. Or in other words, we want to terminate a thread while ensuring that memory is freed, locks are released, logs are flushed, and so on
Rack middleware for blocking & throttling
A lightweight terminal UI for displaying Go tests
♪ A low-level library to play sound on multiple platforms ♪
keeps PostgreSQL/MySQL/MariaDB as your source of truth and publishes denormalized documents to Elasticsearch/OpenSearch—continuously and transactionally.
A PostgreSQL extension that provides infinite calendar functionality for recurring schedules with exceptions
Fast & free browser trusted HTTPS certificates
Visual Development for React, Vue, Svelte, Qwik, and more
