Understanding Kubernetes Gateway API: A Modern Approach to Traffic Management
Traffic management in Kubernetes can be complex, especially with modern applications composed of multiple services like frontends, APIs, and backends spread across hybrid and multi-cloud environments. As these environments grow, ensuring secure, efficient, and reliable communication… ⌘ Read more
** From JS File to Jackpot: How I Found API Keys and Secrets Hidden in Production Code**
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/from-js-file-to- … ⌘ Read more
Lab: Finding and exploiting an unused API endpoint
Art of exploiting using an unused API endpoint
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lab-finding-and-exploiting-an-unused-api-endpoint-79fa6744f21e?source=rss—-7b72 … ⌘ Read more
↳
In-reply-to
»
gah i've been so busy working on love4eva! TL;DR i switched image backends from the test/dev only module i was using to the S3 one, but with a catch - i'm not using S3 or cloud shit!!! i instead got it to work with minio, so it's a middle ground between self hosting the image uploads & being compatible with the highly efficient S3 module. i'm super happy with it :)
⤋ Read More
@kat@yarn.girlonthemoon.xyz MinIO is a good choice for a self-hosted Object Storage (compatible with S3 APIs) 👌
**Master Spring Boot APIs Like a Pro: Skills That Distinguish Good Developers from Great Ones **
In the fast-moving world of backend development, it’s no longer enough to … ⌘ Read more
GitHub for Beginners: Building a REST API with Copilot
See how you can use GitHub Copilot to build an API.
The post GitHub for Beginners: Building a REST API with Copilot appeared first on The GitHub Blog. ⌘ Read more
4 大類 AI Agent 協議框架全面綜述
對現有的 LLM AI Agent 通信協議進行了系統性的概述,並將其分爲四大類,以幫助用戶和開發者爲特定應用場景選擇最適合的協議。一、AI Agent 協議的發展AI Agent 協議的定義:代理協議是標準化框架,定義了代理之間以及代理與外部系統之間結構化通信的規則、格式和程序。與傳統交互機制(如 API、GUI 或 XML)相比,協議在效率、操作範圍、標準化和 AI 原生性方面具有顯著優勢。代 ⌘ Read more
使用 Go 進行 HTTP 流量重放測試
在 Web 安全測試、API 調試、流量回歸測試中,HTTP 流量重放(HTTP Traffic Replay)是一項重要的技術。它可以幫助我們復現問題、測試系統兼容性、進行安全研究等。在這篇文章中,我們將簡單探討 HTTP 流量重放的原理,並通過 Go 語言實現不同的流量重放方案,同時介紹常見的開源工具。(身爲一個在小公司裏的網安牛馬,總得幹些雜活🐂🐎)HTTP 流量重放的原理HTTP 流量重放 ⌘ Read more
使用 Go 進行 HTTP 流量重放測試
在 Web 安全測試、API 調試、流量回歸測試中,HTTP 流量重放(HTTP Traffic Replay)是一項重要的技術。它可以幫助我們復現問題、測試系統兼容性、進行安全研究等。在這篇文章中,我們將簡單探討 HTTP 流量重放的原理,並通過 Go 語言實現不同的流量重放方案,同時介紹常見的開源工具。(身爲一個在小公司裏的網安牛馬,總得幹些雜活🐂🐎)HTTP 流量重放的原理HTTP 流量重放 ⌘ Read more
Unrestricted Access to All User Information | REST API Oversharing ⌘ Read more
Exploring GitHub CLI: How to interact with GitHub’s GraphQL API endpoint
Discover practical tips and tricks for forming effective GraphQL queries and mutations.
The post Exploring GitHub CLI: How to interact with GitHub’s GraphQL API endpoint appeared first on The GitHub Blog. ⌘ Read more
Deep Dive into the Gateway API Inference Extension
Running AI inference workloads on Kubernetes has some unique characteristics and challenges, and the Gateway API Inference Extension project aims to solve some of those challenges. I recently wrote about these new capabilities in the kgateway… ⌘ Read more
Lab: Exploiting an API endpoint using documentation
We will solve this lab based on the API documentation exposed to delete Carlos’s user.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lab-exploiting-an-api-endpoint-using-d … ⌘ Read more
**CORSplay of the Century: How I Hijacked APIs with One Misconfigured Header **
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/corsplay-of-the-century-how-i-hijacked-apis- … ⌘ Read more
I asked ChatGPT what it knows about Twtxt 😂 And surprisingly it’s rather accurate:
Twtxt is a minimalist, decentralized microblogging format introduced by John Downey in 2016. It uses plain text files served over HTTP—no accounts, databases, or APIs.
In 2020, James Mills (@prologic@twtxt.net) launched Yarn.social, an extended, federated implementation with user discovery, threads, mentions, and a full web UI.
Both share the same .twtxt.txt format but differ in complexity and social features.
**I asked ChatGPT what it knows about Twtxt 😂 And surprisingly it’s rather accurate:
Twtxt is a minimalist, decentralized microblogging form …**
I asked ChatGPT what it knows about Twtxt 😂 And surprisingly it’s rather accurate:Twtxt is a minimalist, decentralized microblogging format introduced by John Downey in 2016. It uses plain text files served over HTTP—no accounts, databases, or APIs.
In 2020, James Mills ( @prologic @twtxt.net) launched Yarn.social, an extended, federated implementat … ⌘ Read more
ProcessOne: ejabberd 25.04
Just a few weeks after previous release, ejabberd 25.04 is published with an important security fix, several bug fixes and a new API command.
Release Highlights:
If you are upgrading from a previous version, there are no change … ⌘ Read more
European AI
To reduce my dependence on USA-based products, I switched from using the OpenAI API to Scaleway’s Generative API for my blog. Not only is it cheaper, but it’s based on open-source models, hosted in Europe. 🇪🇺 ⌘ Read more
** Uncovering Hidden APIs: How One Forgotten Endpoint Made Me $500**
🚀Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/uncovering-hidden-apis-how-one-forgotten-endpoint-made-me-500-424e6388c … ⌘ Read more
MacSSL: a port of Mbed-TLS for the classic Mac OS 7/8/9
Yesterday we had SDL2 for the classic Mac OS, today we have modern SSL/TLS for the classic Mac OS. This is a C89/C90 port of MbedTLS for Mac System 7/8/9. It works, and compiles under Metrowerks Codewarrior Pro 4. This is a basic app that performs a GET request on whatever is in api.h, and prints the result out to the text box (with a lot of debug information, of course). The idea of this project was to build an ‘app’ of … ⌘ Read more
極簡 HTTP 客戶端,Resty 如何讓 Golang 請求效率翻倍?
Resty 是一個基於 Golang 標準庫 net/http 構建的高效、易用的 HTTP 客戶端庫。它通過鏈式調用、自動化處理和豐富的擴展功能,極大簡化了 HTTP 請求的發送與響應處理流程,尤其適合與 RESTful API 交互的場景。Resty 的核心優勢———–鏈式調用:支持直觀的鏈式語法,提升代碼可讀性。自動序列化:輕鬆將結構體轉爲 JSON/XML,自動解析響應內容。 ⌘ Read more
Go API 中的上下文取消機制
在分佈式系統和微服務架構中,高併發請求和資源管理是每個開發者必須面對的挑戰。尤其是在處理長時間運行的任務時,如何實現優雅的取消和超時控制,直接關係到系統的穩定性和用戶體驗。Go 語言通過context包提供了一套標準化的解決方案,本文將深入探討其核心用法與最佳實踐。 上下文(Context)的本質與作用——————context.Context是 Go 語言中用於傳遞請求範 ⌘ Read more
@eapl.me@eapl.me I am currently working on Implementing a registry that is also a crawler. It finds any feeds that are mentioned or in the follows header.
https://watcher.sour.is/api/plain/twt
https://watcher.sour.is/api/plain/users
I think @prologic@twtxt.net is also working on one.
ProcessOne: ejabberd 25.03
Release Highlights:
- Matrix Gateway Gets Room Support
- Multiple Simultaneous Password Types
- Execute API Commands Using XMPP Client
If you are upgrading from a previous version, please check the [changes in SQL schemas](https://www.process-one … ⌘ Read more
@eapl.me@eapl.me this “directory” is actually named registry. You can see users at https://registry.twtxt.org/api/plain/users and his twts at https://registry.twtxt.org/api/plain/tweets
golang 每日一庫之 base64Captcha
今天要介紹的庫 mojocn/base64Captcha 是一個用於 Go 語言的高效驗證碼生成庫,支持圖片、音頻等多種驗證碼格式,並且可以通過 base64 編碼輸出,方便前端直接使用。該庫廣泛用於 Web 應用、REST API 以及需要身份驗證的系統中,以增強安全性。主要功能——–支持多種驗證碼類型數字驗證碼 (DriverDigit):僅包含數字,適用於一般驗證碼場 ⌘ Read more
PEP 782: Add PyBytesWriter C API
Add a new PyBytesWriter C API to create bytes objects. ⌘ Read more
↳
In-reply-to
»
When will the flat UI craze end? Can I get my buttons, scrollbars, and toolbars back, please?
⤋ Read More
Although, most software I use is decentish in that regard.
Is that because you mostly use Qt programs? 🤔
I wish Qt had a C API. Programming in C++ is pain. 😢
Extending my Komoot export script
I’ve taken another look at my export script for Komoot (original post), now that Bending Spoons has acquired Komoot. I’ve extended the script to also download cover images and, if available, an image of the map – I found that in the API responses. ⌘ Read more
golang 每日一庫之 gopsutil
shirou/gopsutil 是一個用 Go 語言實現的跨平臺系統信息採集庫,其設計靈感來源於 Python 的 psutil。它爲開發者提供了一套統一、簡潔的 API,用於獲取底層操作系統的各項指標數據,如 CPU、內存、磁盤、網絡、主機信息以及進程狀態等。下面我們將從多個方面詳細介紹這個庫的功能、設計特點、使用示例以及應用場景。庫簡介——跨平臺支持 gopsutil ⌘ Read more
i love everything pico.sh i wish i had more of a use for their services but the paste service is SUPER handy omg i finally had a reason to use it (to send a friend my unfinished failed marvel API bash program lol) and it’s epic. i love SSH i love TUI apps they are the best
Building Scalable, Agile, and Secure APIs with Kubernetes and Microservices
The dawn of APIs across the digital ecosystem has fundamentally disrupted standard business models and software development. And enhancing these approaches with intelligent, data-driven, and real-time insights allows your organization to dynamically scale. However traditional monolithic… ⌘ Read more
Google makes Vulkan the official graphics API for Android
Google’s biggest announcement today, at least as it pertains to Android, is that the Vulkan graphics API is now the official graphics API for Android. Vulkan is a modern, low-overhead, cross-platform 3D graphics and compute API that provides developers with more direct control over the GPU than older APIs like OpenGL. This increased control allows for significantly improved performance, especially in multi-threaded a … ⌘ Read more
Expose the Kubernetes API and access it anywhere
Accessing the Kubernetes API for your clusters from anywhere or across any network is a powerful lever. It’s even better if you can do so without shipping or extending more messy networks, like VPCs or VPNs…. ⌘ Read more
Dapr in Two Minutes: Simplifying Distributed Application Development
Dapr (Distributed Application Runtime) takes the pain out of building distributed applications by offering developers simple “building block” APIs to manage the challenges of connecting with complex infrastructure. Developers can use these APIs to interact with… ⌘ Read more
Golang 實現 IP 全球定位
在 Golang 開發中,如何快速獲取 IP 地址的地理位置?無論是安全審計、日誌分析,訪問控制,還是資產測繪,網絡空間搜索等等都可能需要 IP 定位。本篇文章將介紹常見幾種 Golang IP 定位方案,幫助你選擇最合適的方法。IP 全球定位系統IP 定位系統是利用多種數據庫,如全球城市數據庫、多語言支持庫、IP 地址數據庫以及地圖服務等資源來精準確定用戶位置。藉助於 IP 地理定位 API,我 ⌘ Read more
golang 每日一庫之 concurrent-map
概述orcaman/concurrent-map/v2 是一個 Go 語言的高性能併發安全哈希表實現。它通過分片鎖(shard locking)策略減少鎖競爭,適用於高併發讀寫場景。與標準庫的 sync.Map 不同,該庫針對通用鍵值類型優化,提供更靈活的 API 和更高性能。項目地址GitHub 倉庫 : https://github.com/orcaman/concurrent- ⌘ Read more
使用 Golang 編寫 2D 遊戲
Ebitengine 是一款基於 Go 語言的 2D 遊戲開發引擎,提供了簡單易用的 API 和跨平臺的支持,開發者可以通過它輕鬆構建遊戲項目。核心特性——-跨平臺支持 Ebitengine 支持多個平臺,包括 Windows、macOS、Linux,以及 WebAssembly(可運行於瀏覽器中)。這使得開發者可以在不同設備上運行同一個遊戲項目,而無需編寫額外的代碼。易用的 API ⌘ Read more
context-Context - 構建高可用的 Go 應用
你是否有遇到過這樣的情況:意外的流量激增導致數據庫掛起 系統掛掉,用戶無法訪問 做爲開發人員,你忙於調試問題,事後還會被扣除績效和獎金 不受控制的 goroutines,長時間運行的任務,無響應的 API 這些都會對構建一個高可用的應用造成嚴重影響。這些問題通常源於缺乏適當的上下文管理。無論您是在處理 API 請求、管理數據庫操作,還是構建分佈式系統,掌握上下文都是每個 Go ⌘ Read more
Understanding surrogate pairs: why some Windows filenames can’t be read
Windows was an early adopter of Unicode, and its file APIs use UTF‑16 internally since Windows 2000-used to be UCS-2 in Windows 95 era, when Unicode standard was only a draft on paper, but that’s another topic. Using UTF-16 means that filenames, text strings, and other data are stored as sequences of 16‑bit units. For Windows, a properly formed surrogate pair is perfectly acceptable. However … ⌘ Read more
zlib-rs is faster than C
I’m sure we can all have a calm, rational discussion about this, so here it goes: zlib-rs, the Rust re-implementation of the zlib library, is now faster than its C counterparts in both decompression and compression. We’ve released version 0.4.2 of zlib-rs, featuring a number of substantial performance improvements. We are now (to our knowledge) the fastest api-compatible zlib implementation for decompression, and beat the competition in the most important compression cases too. ↫ F … ⌘ Read more
Go 項目目錄結構指南
擁有一個井然有序的目錄結構非常重要,原因有幾個:層次分離:它將項目的不同部分——如業務邏輯、數據訪問和 API 處理——放在各自的文件夾中。這樣,開發人員可以專注於特定領域,而不會感到不知所措或困惑。 更好的組織: 通過整齊地整理你的代碼及其依賴項,較大的項目變得更容易導航。你總是知道在哪裏找到你需要的東西! 可重用性: 一個良好的結構讓你可以創建可以在項目不同部分使用的組件或包,從而 ⌘ Read more
golang 每日一庫之 swaggo
Go Swagger(Swaggo)是一個用於 Go 語言的開源工具集,它幫助開發者自動生成 API 文檔。它利用 Go 的註釋和結構體信息,通過解析代碼,生成符合 OpenAPI 規範的文檔。OpenAPI(也稱爲 Swagger)是一個廣泛使用的 API 規範,它使得 API 文檔更加標準化、易於理解和交互。Swaggo 主要的功能包括:1. 自動生成 OpenAPI 文檔Swaggo 通過解 ⌘ Read more
Creating an API with authentication using Encore.go
1 points posted by Elton Minetto ⌘ Read more
Show HN: I built an app to stop me doomscrolling by touching grass
i wanted to change the habit of reaching for my phone in the morning and doomscrolling away an hour so i built an app to help me. now i have to literally touch grass before accessing my most distracting apps
the app is built in swiftui, uses the screen time apis provided by apple and google vision to recognise grass or not
i’d love to get your thoughts on the concept.
Comments URL: [https://news.ycombinator.com/item?id=43158660](https://news.ycombinator.com/item?id=43 … ⌘ Read more
golang 每日一庫之 govalidator
govalidator 是一個用 Go 語言編寫的輕量級的驗證庫,提供了豐富的驗證和清理功能,主要用於驗證和清理用戶輸入的數據(如表單數據、API 請求的 JSON 數據等)。它支持常見的數據驗證功能,如電子郵件、URL、IP 地址、信用卡號等的驗證,同時也支持自定義驗證規則。1. 安裝你可以通過 go get 來安裝 govalidator:go get github.com/asaskevic ⌘ Read more
Go 項目裏的 API 對接,這樣做 Mock 測試才舒服
我們在開發項目的過程中總會遇到要調用依賴方接口的情況,如果依賴方的 API 接口還沒有開發好,通常我們會先約定好 API 接口的請求參數、響應結構和各類錯誤對應的響應碼,再按照約定好請求和響應進行開發。除了上面說的情況外,還有一種就是當你開發的功能需要與微信支付類的 API 進行對接時,因爲各種訂單、簽名、證書等的限制你在開發階段也不能直接去調用支付的 API 來驗證自己開發的程序是否能成功完成對 ⌘ Read more
Run Linux inside a PDF file via a RISC-V emulator
You might expect PDF files to only be comprised of static documents, but surprisingly, the PDF file format supports Javascript with its own separate standard library. Modern browsers (Chromium, Firefox) implement this as part of their PDF engines. However, the APIs that are available in the browser are much more limited. The full specfication for the JS in PDFs was only ever implemented by Adobe Acrobat, and it contains some ridicul … ⌘ Read more