Engineering notes from the trenches.
Reverse-engineering APIs, automation that survives production, security research, and honest takes on the tools I ship with.
Reverse-engineering APIs, automation that survives production, security research, and honest takes on the tools I ship with.
3 posts ← reset filters
Google's antigravity Python module redirects to a comic instead of doing anything useful — but the real story is what happens when trusted namespaces get weaponized and developers stop reading import statements.
The Go team just shipped an official API for pkg.go.dev. Here's what it exposes, how to use it for automation, and why this matters for anyone building tooling around the Go ecosystem.
A subtle interaction between setup-php and pinned Composer versions can expose your GitHub tokens to dependency mirrors. Here's how it works, who's affected, and what to do right now.