Beyond the README: Enforcing Application Guardrails at Runtime
https://www.reddit.com/r/programming/comments/1safpp2/beyond_the_readme_enforcing_application/
submitted by /u/aijan1 (https://www.reddit.com/user/aijan1)
[link] (https://lackofimagination.org/2026/03/beyond-the-readme-enforcing-application-guardrails-at-runtime/) [comments] (https://www.reddit.com/r/programming/comments/1safpp2/beyond_the_readme_enforcing_application/)
https://www.reddit.com/r/programming/comments/1safpp2/beyond_the_readme_enforcing_application/
submitted by /u/aijan1 (https://www.reddit.com/user/aijan1)
[link] (https://lackofimagination.org/2026/03/beyond-the-readme-enforcing-application-guardrails-at-runtime/) [comments] (https://www.reddit.com/r/programming/comments/1safpp2/beyond_the_readme_enforcing_application/)
Learning API Styles • Lukasz Dynowski & Sam Newman
https://www.reddit.com/r/programming/comments/1safthb/learning_api_styles_lukasz_dynowski_sam_newman/
submitted by /u/goto-con (https://www.reddit.com/user/goto-con)
[link] (https://youtu.be/cTdhPZA_CJk?list=PLEx5khR4g7PJbSLmADahf0LOpTLifiCra) [comments] (https://www.reddit.com/r/programming/comments/1safthb/learning_api_styles_lukasz_dynowski_sam_newman/)
https://www.reddit.com/r/programming/comments/1safthb/learning_api_styles_lukasz_dynowski_sam_newman/
submitted by /u/goto-con (https://www.reddit.com/user/goto-con)
[link] (https://youtu.be/cTdhPZA_CJk?list=PLEx5khR4g7PJbSLmADahf0LOpTLifiCra) [comments] (https://www.reddit.com/r/programming/comments/1safthb/learning_api_styles_lukasz_dynowski_sam_newman/)
What Would You See Changed in Haskell?
https://www.reddit.com/r/programming/comments/1sah9jz/what_would_you_see_changed_in_haskell/
submitted by /u/Successful_Bowl2564 (https://www.reddit.com/user/Successful_Bowl2564)
[link] (https://blog.haskell.org/what-would-you-see-changed-in-haskell/) [comments] (https://www.reddit.com/r/programming/comments/1sah9jz/what_would_you_see_changed_in_haskell/)
https://www.reddit.com/r/programming/comments/1sah9jz/what_would_you_see_changed_in_haskell/
submitted by /u/Successful_Bowl2564 (https://www.reddit.com/user/Successful_Bowl2564)
[link] (https://blog.haskell.org/what-would-you-see-changed-in-haskell/) [comments] (https://www.reddit.com/r/programming/comments/1sah9jz/what_would_you_see_changed_in_haskell/)
Tried to buy a pint, Finding a Trojan: My First Malware Analysis
https://www.reddit.com/r/programming/comments/1sahywo/tried_to_buy_a_pint_finding_a_trojan_my_first/
submitted by /u/im_the_tea_drinker_ (https://www.reddit.com/user/im_the_tea_drinker_)
[link] (https://blog.michaelrbparker.com/post/17) [comments] (https://www.reddit.com/r/programming/comments/1sahywo/tried_to_buy_a_pint_finding_a_trojan_my_first/)
https://www.reddit.com/r/programming/comments/1sahywo/tried_to_buy_a_pint_finding_a_trojan_my_first/
submitted by /u/im_the_tea_drinker_ (https://www.reddit.com/user/im_the_tea_drinker_)
[link] (https://blog.michaelrbparker.com/post/17) [comments] (https://www.reddit.com/r/programming/comments/1sahywo/tried_to_buy_a_pint_finding_a_trojan_my_first/)
Trial By Fire
https://www.reddit.com/r/programming/comments/1sajb12/trial_by_fire/
submitted by /u/SpecialistLady (https://www.reddit.com/user/SpecialistLady)
[link] (https://yusufaytas.com/trial-by-fire/) [comments] (https://www.reddit.com/r/programming/comments/1sajb12/trial_by_fire/)
https://www.reddit.com/r/programming/comments/1sajb12/trial_by_fire/
submitted by /u/SpecialistLady (https://www.reddit.com/user/SpecialistLady)
[link] (https://yusufaytas.com/trial-by-fire/) [comments] (https://www.reddit.com/r/programming/comments/1sajb12/trial_by_fire/)
Bringing Clojure programming to Enterprise
https://www.reddit.com/r/programming/comments/1sajbks/bringing_clojure_programming_to_enterprise/
submitted by /u/SpecialistLady (https://www.reddit.com/user/SpecialistLady)
[link] (https://blogit.michelin.io/clojure-programming/) [comments] (https://www.reddit.com/r/programming/comments/1sajbks/bringing_clojure_programming_to_enterprise/)
https://www.reddit.com/r/programming/comments/1sajbks/bringing_clojure_programming_to_enterprise/
submitted by /u/SpecialistLady (https://www.reddit.com/user/SpecialistLady)
[link] (https://blogit.michelin.io/clojure-programming/) [comments] (https://www.reddit.com/r/programming/comments/1sajbks/bringing_clojure_programming_to_enterprise/)
I Explained 30 Spring Annotations You MUST Know in 2026 (with Code Examples)
https://www.reddit.com/r/programming/comments/1sal5q9/i_explained_30_spring_annotations_you_must_know/
submitted by /u/huseyinbabal (https://www.reddit.com/user/huseyinbabal)
[link] (https://youtube.com/watch?v=HRi-Vild2Ck&si=cALey0Nekas9GYpa) [comments] (https://www.reddit.com/r/programming/comments/1sal5q9/i_explained_30_spring_annotations_you_must_know/)
https://www.reddit.com/r/programming/comments/1sal5q9/i_explained_30_spring_annotations_you_must_know/
submitted by /u/huseyinbabal (https://www.reddit.com/user/huseyinbabal)
[link] (https://youtube.com/watch?v=HRi-Vild2Ck&si=cALey0Nekas9GYpa) [comments] (https://www.reddit.com/r/programming/comments/1sal5q9/i_explained_30_spring_annotations_you_must_know/)
soak testing a desktop app in zig
https://www.reddit.com/r/programming/comments/1sarq5y/soak_testing_a_desktop_app_in_zig/
submitted by /u/Positive-Bell-9675 (https://www.reddit.com/user/Positive-Bell-9675)
[link] (https://enopdf.com/blog/searching-for-unknown-unknowns/) [comments] (https://www.reddit.com/r/programming/comments/1sarq5y/soak_testing_a_desktop_app_in_zig/)
https://www.reddit.com/r/programming/comments/1sarq5y/soak_testing_a_desktop_app_in_zig/
submitted by /u/Positive-Bell-9675 (https://www.reddit.com/user/Positive-Bell-9675)
[link] (https://enopdf.com/blog/searching-for-unknown-unknowns/) [comments] (https://www.reddit.com/r/programming/comments/1sarq5y/soak_testing_a_desktop_app_in_zig/)
chronex - an Open-source social media scheduler
https://www.reddit.com/r/programming/comments/1sb4hwt/chronex_an_opensource_social_media_scheduler/
<!-- SC_OFF -->Over the past few weeks, I've been building a platform where users can connect their social accounts and automate content posting. So I built Chronex, an open-source alternative to paid content schedulers. Tech Stack Web/Platform: Next.js, tRPC, Drizzle, Better Auth Media Storage: Backblaze B2 Scheduling & Posting: Cloudflare Workers & Queues Github (https://github.com/prncexe/chronex) <!-- SC_ON --> submitted by /u/_Introvert_boi (https://www.reddit.com/user/_Introvert_boi)
[link] (https://chronex.princecodes.tech/) [comments] (https://www.reddit.com/r/programming/comments/1sb4hwt/chronex_an_opensource_social_media_scheduler/)
https://www.reddit.com/r/programming/comments/1sb4hwt/chronex_an_opensource_social_media_scheduler/
<!-- SC_OFF -->Over the past few weeks, I've been building a platform where users can connect their social accounts and automate content posting. So I built Chronex, an open-source alternative to paid content schedulers. Tech Stack Web/Platform: Next.js, tRPC, Drizzle, Better Auth Media Storage: Backblaze B2 Scheduling & Posting: Cloudflare Workers & Queues Github (https://github.com/prncexe/chronex) <!-- SC_ON --> submitted by /u/_Introvert_boi (https://www.reddit.com/user/_Introvert_boi)
[link] (https://chronex.princecodes.tech/) [comments] (https://www.reddit.com/r/programming/comments/1sb4hwt/chronex_an_opensource_social_media_scheduler/)
SQL notebooks into an open source database client
https://www.reddit.com/r/programming/comments/1sb510k/sql_notebooks_into_an_open_source_database_client/
submitted by /u/debba_ (https://www.reddit.com/user/debba_)
[link] (https://tabularis.dev/blog/notebooks-sql-analysis-reimagined) [comments] (https://www.reddit.com/r/programming/comments/1sb510k/sql_notebooks_into_an_open_source_database_client/)
https://www.reddit.com/r/programming/comments/1sb510k/sql_notebooks_into_an_open_source_database_client/
submitted by /u/debba_ (https://www.reddit.com/user/debba_)
[link] (https://tabularis.dev/blog/notebooks-sql-analysis-reimagined) [comments] (https://www.reddit.com/r/programming/comments/1sb510k/sql_notebooks_into_an_open_source_database_client/)
Idiomatic Lisp and the nbody benchmark
https://www.reddit.com/r/programming/comments/1sb5xqx/idiomatic_lisp_and_the_nbody_benchmark/
submitted by /u/self (https://www.reddit.com/user/self)
[link] (https://www.stylewarning.com/posts/nbody/) [comments] (https://www.reddit.com/r/programming/comments/1sb5xqx/idiomatic_lisp_and_the_nbody_benchmark/)
https://www.reddit.com/r/programming/comments/1sb5xqx/idiomatic_lisp_and_the_nbody_benchmark/
submitted by /u/self (https://www.reddit.com/user/self)
[link] (https://www.stylewarning.com/posts/nbody/) [comments] (https://www.reddit.com/r/programming/comments/1sb5xqx/idiomatic_lisp_and_the_nbody_benchmark/)
Engineering a Better Java Build Tool
https://www.reddit.com/r/programming/comments/1sb6e05/engineering_a_better_java_build_tool/
submitted by /u/lihaoyi (https://www.reddit.com/user/lihaoyi)
[link] (https://www.youtube.com/watch?v=OtsJ902k458) [comments] (https://www.reddit.com/r/programming/comments/1sb6e05/engineering_a_better_java_build_tool/)
https://www.reddit.com/r/programming/comments/1sb6e05/engineering_a_better_java_build_tool/
submitted by /u/lihaoyi (https://www.reddit.com/user/lihaoyi)
[link] (https://www.youtube.com/watch?v=OtsJ902k458) [comments] (https://www.reddit.com/r/programming/comments/1sb6e05/engineering_a_better_java_build_tool/)
Building DNS query tool from scratch using C
https://www.reddit.com/r/programming/comments/1sbawir/building_dns_query_tool_from_scratch_using_c/
submitted by /u/its_justme27 (https://www.reddit.com/user/its_justme27)
[link] (https://prayush.hashnode.dev/from-log-reader-to-packet-crafter-building-dns-from-scratch-in-c) [comments] (https://www.reddit.com/r/programming/comments/1sbawir/building_dns_query_tool_from_scratch_using_c/)
https://www.reddit.com/r/programming/comments/1sbawir/building_dns_query_tool_from_scratch_using_c/
submitted by /u/its_justme27 (https://www.reddit.com/user/its_justme27)
[link] (https://prayush.hashnode.dev/from-log-reader-to-packet-crafter-building-dns-from-scratch-in-c) [comments] (https://www.reddit.com/r/programming/comments/1sbawir/building_dns_query_tool_from_scratch_using_c/)
Using CEL's now() to enforce dependency cooldown periods - block packages published in the last N hours
https://www.reddit.com/r/programming/comments/1sbb7jv/using_cels_now_to_enforce_dependency_cooldown/
<!-- SC_OFF -->Supply chain attacks often rely on speed that is publish a malicious version, let automated builds pull it before detection catches up. One defense is a cooldown period : refuse any dependency published within the last N hours. CEL (Common Expression Language) doesn't expose now() by default since it's designed to be hermetic. This article actually walks through registering a custom now() function binding that returns the current UTC timestamp, using duration arithmetic to compare against package_published_at, and using the has() macro to handle packages so new they haven't been indexed yet - which is the edge case that will bite you if you miss it. <!-- SC_ON --> submitted by /u/BattleRemote3157 (https://www.reddit.com/user/BattleRemote3157)
[link] (https://safedep.io/writing-time-based-policies-in-vet-cel/) [comments] (https://www.reddit.com/r/programming/comments/1sbb7jv/using_cels_now_to_enforce_dependency_cooldown/)
https://www.reddit.com/r/programming/comments/1sbb7jv/using_cels_now_to_enforce_dependency_cooldown/
<!-- SC_OFF -->Supply chain attacks often rely on speed that is publish a malicious version, let automated builds pull it before detection catches up. One defense is a cooldown period : refuse any dependency published within the last N hours. CEL (Common Expression Language) doesn't expose now() by default since it's designed to be hermetic. This article actually walks through registering a custom now() function binding that returns the current UTC timestamp, using duration arithmetic to compare against package_published_at, and using the has() macro to handle packages so new they haven't been indexed yet - which is the edge case that will bite you if you miss it. <!-- SC_ON --> submitted by /u/BattleRemote3157 (https://www.reddit.com/user/BattleRemote3157)
[link] (https://safedep.io/writing-time-based-policies-in-vet-cel/) [comments] (https://www.reddit.com/r/programming/comments/1sbb7jv/using_cels_now_to_enforce_dependency_cooldown/)
Baby’s Second Garbage Collector
https://www.reddit.com/r/programming/comments/1sbc9yu/babys_second_garbage_collector/
submitted by /u/matheusmoreira (https://www.reddit.com/user/matheusmoreira)
[link] (https://www.matheusmoreira.com/articles/babys-second-garbage-collector) [comments] (https://www.reddit.com/r/programming/comments/1sbc9yu/babys_second_garbage_collector/)
https://www.reddit.com/r/programming/comments/1sbc9yu/babys_second_garbage_collector/
submitted by /u/matheusmoreira (https://www.reddit.com/user/matheusmoreira)
[link] (https://www.matheusmoreira.com/articles/babys-second-garbage-collector) [comments] (https://www.reddit.com/r/programming/comments/1sbc9yu/babys_second_garbage_collector/)
I implemented Raft, a KV store, and a sharded system in Go (MIT 6.5840)
https://www.reddit.com/r/programming/comments/1sbdk50/i_implemented_raft_a_kv_store_and_a_sharded/
<!-- SC_OFF -->I recently completed the labs from MIT 6.5840 Distributed Systems and implemented everything in Go, including: Raft consensus algorithm A replicated Key/Value store A sharded KV system with dynamic reconfiguration The implementation focuses a lot on concurrency and failure handling: goroutines for RPC handling and background tasks channels for coordination between Raft and the state machine dealing with unreliable networks (dropped / delayed / out-of-order RPCs) Some interesting challenges: ensuring commitIndex never goes backward under out-of-order RPC responses handling retries safely with client/request IDs (idempotency) keeping deduplication state consistent across snapshots and shard transfers I wrote a detailed README explaining both the design and the tricky edge cases I encountered. <!-- SC_ON --> submitted by /u/am0123 (https://www.reddit.com/user/am0123)
[link] (https://github.com/abdellani/mit-6.5840-labs) [comments] (https://www.reddit.com/r/programming/comments/1sbdk50/i_implemented_raft_a_kv_store_and_a_sharded/)
https://www.reddit.com/r/programming/comments/1sbdk50/i_implemented_raft_a_kv_store_and_a_sharded/
<!-- SC_OFF -->I recently completed the labs from MIT 6.5840 Distributed Systems and implemented everything in Go, including: Raft consensus algorithm A replicated Key/Value store A sharded KV system with dynamic reconfiguration The implementation focuses a lot on concurrency and failure handling: goroutines for RPC handling and background tasks channels for coordination between Raft and the state machine dealing with unreliable networks (dropped / delayed / out-of-order RPCs) Some interesting challenges: ensuring commitIndex never goes backward under out-of-order RPC responses handling retries safely with client/request IDs (idempotency) keeping deduplication state consistent across snapshots and shard transfers I wrote a detailed README explaining both the design and the tricky edge cases I encountered. <!-- SC_ON --> submitted by /u/am0123 (https://www.reddit.com/user/am0123)
[link] (https://github.com/abdellani/mit-6.5840-labs) [comments] (https://www.reddit.com/r/programming/comments/1sbdk50/i_implemented_raft_a_kv_store_and_a_sharded/)
Where is every byte?
https://www.reddit.com/r/programming/comments/1sbggsw/where_is_every_byte/
submitted by /u/andreiross (https://www.reddit.com/user/andreiross)
[link] (https://frn.sh/smaps/) [comments] (https://www.reddit.com/r/programming/comments/1sbggsw/where_is_every_byte/)
https://www.reddit.com/r/programming/comments/1sbggsw/where_is_every_byte/
submitted by /u/andreiross (https://www.reddit.com/user/andreiross)
[link] (https://frn.sh/smaps/) [comments] (https://www.reddit.com/r/programming/comments/1sbggsw/where_is_every_byte/)
How Microsoft Vaporized a Trillion Dollars
https://www.reddit.com/r/programming/comments/1sbir8j/how_microsoft_vaporized_a_trillion_dollars/
submitted by /u/Aaronontheweb (https://www.reddit.com/user/Aaronontheweb)
[link] (https://isolveproblems.substack.com/p/how-microsoft-vaporized-a-trillion) [comments] (https://www.reddit.com/r/programming/comments/1sbir8j/how_microsoft_vaporized_a_trillion_dollars/)
https://www.reddit.com/r/programming/comments/1sbir8j/how_microsoft_vaporized_a_trillion_dollars/
submitted by /u/Aaronontheweb (https://www.reddit.com/user/Aaronontheweb)
[link] (https://isolveproblems.substack.com/p/how-microsoft-vaporized-a-trillion) [comments] (https://www.reddit.com/r/programming/comments/1sbir8j/how_microsoft_vaporized_a_trillion_dollars/)
Someone is actively publishing malicious packages targeting the Strapi plugin ecosystem right now
https://www.reddit.com/r/programming/comments/1sbkx3b/someone_is_actively_publishing_malicious_packages/
<!-- SC_OFF -->strapi-plugin-events dropped on npm today. Three files. Looks like a legitimate community Strapi plugin - version 3.6.8, named to blend in with real plugins like strapi-plugin-comments and strapi-plugin-upload. On npm install it runs an 11-phase attack with zero user interaction: Steals all .env files, JWT secrets, database credentials Dumps Redis keys, Docker and Kubernetes secrets, private keys Opens a 5-minute live C2 session for arbitrary shell command execution The publisher account kekylf12 on npm is actively pushing multiple malicious packages right now and all targeting the Strapi ecosystem. Check the account: npmjs.com/~kekylf12 (http://npmjs.com/~kekylf12) If you work with Strapi or have any community plugins installed that aren't scoped under strapi/ - audit your dependencies now. Legitimate Strapi plugins are always scoped. Anything unscoped claiming to be a Strapi plugin is a red flag. Full technical breakdown with IoCs is in the blog. <!-- SC_ON --> submitted by /u/BattleRemote3157 (https://www.reddit.com/user/BattleRemote3157)
[link] (https://safedep.io/malicious-npm-strapi-plugin-events-c2-agent/) [comments] (https://www.reddit.com/r/programming/comments/1sbkx3b/someone_is_actively_publishing_malicious_packages/)
https://www.reddit.com/r/programming/comments/1sbkx3b/someone_is_actively_publishing_malicious_packages/
<!-- SC_OFF -->strapi-plugin-events dropped on npm today. Three files. Looks like a legitimate community Strapi plugin - version 3.6.8, named to blend in with real plugins like strapi-plugin-comments and strapi-plugin-upload. On npm install it runs an 11-phase attack with zero user interaction: Steals all .env files, JWT secrets, database credentials Dumps Redis keys, Docker and Kubernetes secrets, private keys Opens a 5-minute live C2 session for arbitrary shell command execution The publisher account kekylf12 on npm is actively pushing multiple malicious packages right now and all targeting the Strapi ecosystem. Check the account: npmjs.com/~kekylf12 (http://npmjs.com/~kekylf12) If you work with Strapi or have any community plugins installed that aren't scoped under strapi/ - audit your dependencies now. Legitimate Strapi plugins are always scoped. Anything unscoped claiming to be a Strapi plugin is a red flag. Full technical breakdown with IoCs is in the blog. <!-- SC_ON --> submitted by /u/BattleRemote3157 (https://www.reddit.com/user/BattleRemote3157)
[link] (https://safedep.io/malicious-npm-strapi-plugin-events-c2-agent/) [comments] (https://www.reddit.com/r/programming/comments/1sbkx3b/someone_is_actively_publishing_malicious_packages/)
Are web apps really slower than native? It’s a defaults problem, not a speed problem
https://www.reddit.com/r/programming/comments/1sblmfz/are_web_apps_really_slower_than_native_its_a/
submitted by /u/zappygami (https://www.reddit.com/user/zappygami)
[link] (https://atfzl.com/are-web-apps-really-slower-than-native/) [comments] (https://www.reddit.com/r/programming/comments/1sblmfz/are_web_apps_really_slower_than_native_its_a/)
https://www.reddit.com/r/programming/comments/1sblmfz/are_web_apps_really_slower_than_native_its_a/
submitted by /u/zappygami (https://www.reddit.com/user/zappygami)
[link] (https://atfzl.com/are-web-apps-really-slower-than-native/) [comments] (https://www.reddit.com/r/programming/comments/1sblmfz/are_web_apps_really_slower_than_native_its_a/)
Domain-Driven Design: Lean Aggregates
https://www.reddit.com/r/programming/comments/1scjod7/domaindriven_design_lean_aggregates/
<!-- SC_OFF -->In DDD, an aggregate is a consistency boundary, not just a container for related data. If you find yourself loading massive object graphs for simple updates, you might be falling into a common trap. <!-- SC_ON --> submitted by /u/deniskyashif (https://www.reddit.com/user/deniskyashif)
[link] (https://deniskyashif.com/2026/04/04/domain-driven-design-lean-aggregates/) [comments] (https://www.reddit.com/r/programming/comments/1scjod7/domaindriven_design_lean_aggregates/)
https://www.reddit.com/r/programming/comments/1scjod7/domaindriven_design_lean_aggregates/
<!-- SC_OFF -->In DDD, an aggregate is a consistency boundary, not just a container for related data. If you find yourself loading massive object graphs for simple updates, you might be falling into a common trap. <!-- SC_ON --> submitted by /u/deniskyashif (https://www.reddit.com/user/deniskyashif)
[link] (https://deniskyashif.com/2026/04/04/domain-driven-design-lean-aggregates/) [comments] (https://www.reddit.com/r/programming/comments/1scjod7/domaindriven_design_lean_aggregates/)