2025-09-12

38 篇热帖

1. The treasury is expanding the Patriot Act to attack Bitcoin self custody (www.tftc.io)

We shouldn't have to cater to the lowest common denominator.

2. Why our website looks like an operating system (posthog.com)

I have a problem with many large, technical websites. Often times, I’ll want to refer to different pages at the same time. So I’ll CMD + click “a…

3. Many hard LeetCode problems are easy constraint problems (buttondown.com)

本文探讨了如何利用约束求解器(如MiniZinc)来解决许多在传统算法面试中被视为“困难”的LeetCode问题。作者认为,这类问题本质上是数学优化问题,涉及在约束条件下寻找最大或最小值,而约束求解器正是为此设计的,能以更简洁直观的方式求解。

文章通过几个例子说明:

  1. 硬币找零问题:传统贪心算法在非标准币值(如10、9、1)下失效,而使用约束求解器只需几行代码建模,即可找到最少硬币数。
  2. 股票交易最大利润问题:求解器可以轻松处理基本问题,且更易于扩展到更复杂的变体(如限制交易次数和持股数),而传统算法需要完全重写。
  3. 三数之和为零问题:这是一个可满足性问题,约束求解器能直接给出一个有效解。
  4. 柱状图最大矩形面积问题:无需复杂的状态跟踪算法,通过约束建模并让求解器最大化矩形面积即可。

作者也承认约束求解器的缺点:运行时间不可预测,通常比精心设计的最优算法慢,这是“能力/易处理性权衡”的体现。然而,其主要优势在于灵活性——当问题约束发生变化或增加时,只需对模型进行小幅调整,无需重构算法。

总结来说,许多经典的算法难题可以更简单地通过约束建模和求解来解决,这种方法在处理复杂或变化的约束时尤其有效,为算法问题提供了另一种实用视角。

5. Top model scores may be skewed by Git history leaks in SWE-bench (github.com)

We've identified multiple loopholes with SWE Bench Verified where agents may look at future repository state (by querying it directly or through a variety of methods), and cases in which future repository state includes either solutions ...

6. Qwen3-Next (qwen.ai)

Qwen Studio offers comprehensive functionality spanning chatbot, image and video understanding, image generation, document processing, web search integration, tool utilization, and artifacts.

7. Float Exposed (float.exposed)

Floating point format explorer – binary representations of common floating point formats.

8. 3D modeling with paper (www.arvinpoddar.com)

Exploring the process of designing and assembling 3D models from paper.

9. Claude's memory architecture is the opposite of ChatGPT's (www.shloked.com)

A breakdown of Claude's memory implementation, how it differs from ChatGPT, and what these opposite approaches reveal about each company's philosophy.

10. Ships are sailing with fake insurance from the Norwegian Ro Marine (www.nrk.no)

­

11. Nano Banana image examples (github.com)

A curated collection of fun and creative examples generated with Nano Banana & Nano Banana Pro🍌, Gemini-2.5-flash-image based model. We also release Nano-consistent-150K openly to support the community's development of image generation and unified models(click to website to see our blog) - Awesome-Nano-Banana-images/README_en.md at main · PicoTrex/Awesome-Nano-Banana-images

12. Becoming the person who does the thing (www.fredrivett.com)

Bad news: your internal identity dictates everything you do. Good news: you can change it

13. Native ACME support comes to Nginx (letsencrypt.org)

NGINX and Let's Encrypt share a common vision of an open and secure web. Now, with built-in support for ACME, the world's most popular web server, reverse proxy and ingress controller for Kubernetes can simplify certificate management for everyone. From the home lab to scaled-out, mission-critical enterprise deployments. — Liam Crilly, Sr Dir, Product Management, F5 NGINX Our ideal has always been that server software could get and renew Let’s Encrypt certificates automatically, with minimal human intervention.

14. Show HN: I made a generative online drum machine with ClojureScript (dopeloop.ai)

Beat Maker 是一个在线鼓机应用,旨在帮助用户轻松制作节奏。它使用 ClojureScript 构建,这是一种将 Clojure 语言编译成 JavaScript 的 Web 开发工具。该应用允许用户生成无限的独特且免版税的节奏,并提供了编辑和下载功能,使用户可以根据自己的喜好自定义鼓样本。这个项目是通过 Hacker News 的 Show HN 分享的,展示了开发者的技术实现和创意。

15. Rails on SQLite: new ways to cause outages (andre.arko.net)

摘要:Rails on SQLite:引发故障的新方式

本文基于作者在Ruby大会上分享的经验,探讨在Ruby on Rails应用中使用SQLite作为数据库时可能遇到的新挑战、潜在风险及其优势。

SQLite的核心优势与根本差异 SQLite的核心特点是它作为嵌入式数据库,直接存在于Web服务器进程内,通过单一文件(或文件集)管理数据,无需独立的数据库服务。这带来了连接简单、无连接错误、部署简便及成本低廉等巨大优势。作者通过自己的项目Feed Your Email(每月百万请求,月费约14美元)为例,展示了SQLite如何极大降低构建和维护此类服务的复杂性与成本。

关键挑战与故障风险

  1. 数据持久性:在容器化环境(如Heroku, Fly.io)中,默认的临时文件系统会在重启或重新部署时导致数据库文件丢失。首要规则是必须将数据库文件放置于持久化存储卷中。
  2. 数据集中:默认情况下,模型数据、缓存和后台作业队列可能都存储在同一个SQLite文件中,便于管理但也带来相互干扰的风险。
  3. 进程与扩展模式:由于数据库是本地文件,Web进程和后台工作进程必须能访问同一文件。这限制了传统的水平扩展(增加更多服务器),转而需要采用垂直扩展(使用更强大的单机)或在单机内使用多进程/多线程。
  4. 并发与性能:SQLite默认使用文件系统级锁,整个数据库在同一时间只能进行一个读写操作,高并发下易形成队列。启用WAL(Write-Ahead Logging)模式可以改善此问题,允许读写并发,但会增加备份的复杂性(需备份多个文件)。
  5. 单点故障与部署:整个应用依赖单台服务器,若服务器宕机则服务完全中断。容器化部署时通常无法实现零停机部署。

应对策略与最佳实践

  1. 分离数据库文件:针对不同的用途(如模型数据、缓存、作业队列)使用独立的SQLite文件,以避免相互间的性能干扰。甚至可以为每个客户分片数据库以极致优化性能。
  2. 合理选择工作模型:小型应用可在Web进程内使用线程处理后台作业以节省资源。大型应用则需要垂直扩展。
  3. 备份与复制
    • Litestream:可将SQLite的WAL日志流式传输到S3兼容存储,用于灾难恢复,配置相对简单。
    • LiteFS:更高级的解决方案,通过创建FUSE文件系统,实现了SQLite的多位置、多写入者复制,但引入了分布式系统的复杂性(如可能的数据过时和丢失风险)。
  4. 部署与迁移:仅能进行单地理位置部署。使用如sequel gem或duckdb工具可以帮助在SQLite与其他数据库(如MySQL, PostgreSQL)之间进行迁移。

总结 使用SQLite构建Rails应用能显著简化架构、降低成本,尤其适合中小型项目。然而,开发者必须清醒认识其与传统客户端-服务器数据库的根本差异,妥善管理数据持久性、并发访问、扩展模式和备份策略,才能避免由此引发的故障。随着Litestream和LiteFS等工具的发展,SQLite在生产环境中的可靠性正在不断提升。

17. The effects of algorithms on the public discourse (tekhne.dev)

Emir'in dijital bahçesi: özgür yazılım, dijital mahremiyet ve teknoloji üzerine yazılar, düşünceler ve notlar.

18. The challenge of maintaining curl (lwn.net)

Keynote sessions at Open Source Summit events tend not to allow much time for detailed talks, a [...]

20. How Palantir is mapping the nation’s data (theconversation.com)

Government agencies are contracting with Palantir to correlate disparate pieces of data, promising efficiency but raising civil liberties concerns.

21. Bulletproof host Stark Industries evades EU sanctions (krebsonsecurity.com)

In May 2025, the European Union levied financial sanctions on the owners of Stark Industries Solutions Ltd., a bulletproof hosting provider that materialized two weeks before Russia invaded Ukraine and quickly became a top source of Kremlin-linked cyberattacks and disinformation campaigns.…

22. Crates.io phishing attempt (fasterthanli.me)

Earlier this week, an npm supply chain attack. It’s turn for crates.io, the main public repository for Rust crates (packages). The phishing e-mail looks like this: And it leads to a GitHub login pa...

23. PythonBPF – Writing eBPF Programs in Pure Python (xeon.me)

I brag about my newest obsession.

24. A beginner's guide to extending Emacs (blog.tjll.net)

How to build a custom completion backend for emacs from scratch.

25. Fartscroll-Lid: An app that plays fart sounds when opening or closing a MacBook (github.com)

A hilarious macOS app that plays fart sounds as you open and close your MacBook lid - iannuttall/fartscroll-lid

26. A Web Framework for Zig (www.jetzig.dev)

Jetzig is a batteries-included web framework written in Zig

27. 'Robber bees' invade apiarist's shop in attempted honey heist (www.cbc.ca)

"Robber bees" hunt for dwindling resources in the late summer and early fall, but they usually only attack other beehives. So the owner of Rushing River Apiaries in Terrace, B.C., was shocked to find found thousands of the pollinators in her shop.

28. Toddlerbot: Open-Source Humanoid Robot (toddlerbot.github.io)

ToddlerBot: Open-Source ML-Compatible Humanoid Platform for Loco-Manipulation.

29. Death to type classes (jappie.me)

img[src="/images/2025/death-2.jpg"]{ height: 20em; width:unset; } figure { float: right; margin: 2em; margin-top: 0em; width: 15em; } @media (max-

31. Oq: Terminal OpenAPI Spec Viewer (github.com)

Terminal OpenAPI Spec viewer. Contribute to plutov/oq development by creating an account on GitHub.

32. Orange rivers signal toxic shift in Arctic wilderness (news.ucr.edu)

[Scientists say the warming climate is triggering chemical reactions that leach toxic metals into once-pristine Arctic waters, degrading fish habitat, water quality, and life for local people.]

33. NT OS Kernel Information Disclosure Vulnerability (www.crowdfense.com)

Bidding farewell to one of the last kernel address leaks, CVE-2025-53136. Even patches can open new doors for exploitation.

34. UK launches Project Octopus to deliver interceptor drones to Ukraine (www.shephardmedia.com)

The programme will work to build and deploy the drones to Ukraine to support its fight against Russia, coming a day after Poland shot down 19 Russian drones in its airspace.

35. Rust: A quest for performant, reliable software [video] (www.youtube.com)

Title: How Rust won: the quest for performant, reliable softwareAbstract: For a long time, high performance has been in tension with reliability. In particul...

36. Advanced Scheme Techniques (2004) [pdf] (people.csail.mit.edu)

高级Scheme技术:续体专题总结

核心概念

1. 闭包基础

  • Scheme中的过程是闭包,包含代码指针环境指针
  • 示例:((lambda (n) (lambda (x) (+ x n))) 5) 创建了一个绑定n=5的闭包

2. 续体本质

  • 续体代表程序从某点开始的未来计算路径
  • 本质上是接受单个参数永不返回的闭包
  • 通过call-with-current-continuation(call/cc)将续体作为一等值显式提供

3. 尾调用优化

  • Scheme要求支持无限活跃尾调用
  • 尾调用无需保存当前环境和返回信息
  • 示例:(lambda (x y) (y x))(y x)是尾调用

续体传递风格

1. CPS变换

  • 将显式返回转换为显式续体调用
  • 示例:CPS版阶乘函数通过嵌套续体实现
  • 所有调用都成为尾调用,结构"由内向外"

2. call/cc实现

  • 语言原语(call/cc (lambda (k) ...))
  • CPS版本(define (cps-call/cc k func) (func k k))
  • 可用于实现提前返回等控制流

控制流结构实现

1. 异常处理

  • 简单实现:通过动态绑定top-exception-handlerthrow
  • try宏:使用call/cc保存和恢复异常处理器
  • SRFI-34:提供了更完善的异常处理机制

2. 回溯搜索

  • amb操作符:非确定性选择,自动回溯寻找可行解
  • assert宏:用于约束条件检查
  • bag-of宏:收集所有满足条件的解
  • 底层通过续体栈和回溯点实现

3. 迭代器/遍历

  • 列表迭代器:使用闭包维护遍历状态
  • 树迭代器:通过续体和宏实现无需显式状态管理
  • with-caller/send宏:简化续体的保存和恢复

4. 协作式多线程

  • 三个基本操作
    • start-scheduling:启动调度器
    • spawn:创建新线程
    • yield:主动让出控制权
  • 实现原理
    • 维护线程集合thread-set
    • 使用call/cc保存和恢复线程状态
    • 线程完成后自动返回调度器

关键技术特点

1. 续体作为一等公民

  • 可存储、传递、多次调用
  • 可构建任意控制流结构

2. 多返回值支持

  • values原语返回多个值
  • call-with-values提供对应的续体
  • SRFI-11的let-values简化绑定

3. 动态环境管理

  • dynamic-wind确保进入/退出时的清理操作
  • fluid-let实现动态作用域绑定

示例应用

1. 提前返回

(let ((test 17))
  (call/cc (lambda (return)
    (if (odd? test) (return 5))
    7)))
; 结果为5

2. 回溯搜索

(define (three-dice sumto)
  (let ((die1 (amb 1 2 3 4 5 6))
        (die2 (amb 1 2 3 4 5 6))
        (die3 (amb 1 2 3 4 5 6)))
    (assert (= sumto (+ die1 die2 die3)))
    (list die1 die2 die3)))

3. 多线程执行

(start-scheduling
  (lambda ()
    (spawn (lambda () (display "子线程") (yield)))
    (display "主线程") (yield)))
; 输出:主线程 → 子线程 → ... 交替执行

总结

本幻灯片系统介绍了Scheme中续体的理论基础和实际应用,展示了如何利用续体这一强大特性实现异常处理、回溯搜索、迭代器和协作式多线程等高级控制流结构。续体作为Scheme的核心特性,使得程序员能够以声明式的方式表达复杂的控制逻辑。

37. Danish supermarket chain is setting up "Emergency Stores" (swiss.social)

Interesting: a Danish supermarket chain is setting up "Emergency Stores" that can keep open for up to three days without power or telecom and store an expanded stock of non-perishable food and essentials. The idea is that no one should be more than 50 km from such a store and it should prevent hoarding/panic buying as people will know basic food will be available in an emergency. Should be rolled out in 2028 at the latest.

Article in Danish: https://www.dr.dk/nyheder/penge/se-kortet-her-kan-du-krise-handle