Flux
Toutes les catégories

Programmation

1004 articles

★ Generate Apple and Google Wallet passes from Laravel
Programmation Web

★ Generate Apple and Google Wallet passes from Laravel

A mobile pass is that thing in your iPhone's Wallet app. A boarding pass, a concert ticket, a coffee loyalty card, a gym membership. Apple calls them passes. Google calls them objects. Both Wallet apps let you generate them, hand them out, and push live updates to the copy that's already on someone's device. We just released Laravel Mobile Pass, a package that lets you generate those Apple and Google passes from a Laravel app and send updates to already issues passes. Together with the package,…

Freek Van der Herten
Quoting Maggie Appleton
IA Programmation

Quoting Maggie Appleton

[...] if you ever needed another reason to learn in public by digital gardening or podcasting or streaming or whathaveyou, add on that people will assume you’re more competent than you are. This will get you invites to very cool exclusive events filled with high-achieving, interesting people, even though you have no right to be there. A+ side benefit. — Maggie Appleton, Gathering Structures (via) Tags: blogging, maggie-appleton

Simon Willison's Weblog
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Cybersécurité Programmation

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Socket researchers discovered that the Bitwarden CLI was compromised as part of the ongoing Checkmarx supply chain campaign. The open source password manager serves more than 10 million users and over 50,000 businesses, and ranks among among the top three password managers by enterprise adoption. The affected package version appears to be @bitwarden/cli2026.4.0, and the malicious code was published in bw1.js, a file included in the package contents. The attack appears to have leveraged a…

Socket
Community Corner: The AI Refactor with Kumuda Sreenivasa
Programmation Web

Community Corner: The AI Refactor with Kumuda Sreenivasa

In this episode, Scott talks Kumuda Sreenivasa about her talk on using AI to help with refactoring/replacing legacy system that she’s be presenting at JStek 2026. Links: Our Discord – https://discord.gg/aMTxunVx Buy our shirts – https://store.phparch.com/products/community-corner-podcast-t-shirt Kumuda’s Links: LinkedIn – https://www.linkedin.com/in/kumudas/ Scott’s Links: Website – https://scott.keck-warren.com/ Bluesky – https://bsky.app/profile/scottkeckwarren.bsky.social LinkedIn –…

PHP Architect
Qwen3.6-27B: Flagship-Level Coding in a 27B Dense Model
IA Programmation

Qwen3.6-27B: Flagship-Level Coding in a 27B Dense Model

Qwen3.6-27B: Flagship-Level Coding in a 27B Dense Model Big claims from Qwen about their latest open weight model: Qwen3.6-27B delivers flagship-level agentic coding performance, surpassing the previous-generation open-source flagship Qwen3.5-397B-A17B (397B total / 17B active MoE) across all major coding benchmarks. On Hugging Face Qwen3.5-397B-A17B is 807GB, this new Qwen3.6-27B is 55.6GB. I tried it out with the 16.8GB Unsloth Qwen3.6-27B-GGUF:Q4_K_M quantized version and llama-server using…

Simon Willison's Weblog
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions
Cybersécurité Programmation

Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions

Docker alerted Socket to malicious images pushed to the official checkmarx/kics Docker Hub repository after internal monitoring flagged suspicious new activity around KICS image tags. Our investigation found that attackers appear to have overwritten existing tags, including v2.1.20 and alpine, while also introducing a new v2.1.21 tag that does not correspond to a legitimate upstream release. Analysis of the poisoned image indicates that the bundled KICS binary was modified to include data…

Socket
Introducing Organization Notifications in Socket
Cybersécurité Programmation

Introducing Organization Notifications in Socket

Today, we’re excited to launch Organization Notifications in Socket. This new feature gives teams a direct way to stay on top of organization alert activity without relying on someone to constantly watch the dashboard. With Organization Notifications, you can subscribe to organization-level alert events, filter the kinds of alerts you care about, and send batched updates to a configured destination. We're launching the email channel type first, and Slack and Microsoft Teams support are planned…

Socket
Quoting Bobby Holley
IA Programmation

Quoting Bobby Holley

As part of our continued collaboration with Anthropic, we had the opportunity to apply an early version of Claude Mythos Preview to Firefox. This week’s release of Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation. [...] Our experience is a hopeful one for teams who shake off the vertigo and get to work. You may need to reprioritize everything else to bring relentless and single-minded focus to the task, but there is light at the end of the tunnel. We…

Simon Willison's Weblog
Changes to GitHub Copilot Individual plans
IA Programmation

Changes to GitHub Copilot Individual plans

Changes to GitHub Copilot Individual plans On the same day as Claude Code's temporary will-they-won't-they $100/month kerfuffle (for the moment, they won't), here's the latest on GitHub Copilot pricing. Unlike Anthropic, GitHub put up an official announcement about their changes, which include tightening usage limits, pausing signups for individual plans (!), restricting Claude Opus 4.7 to the more expensive $39/month "Pro+" plan, and dropping the previous Opus models entirely. The key…

Simon Willison's Weblog
Is Claude Code going to cost $100/month? Probably not - it's all very confusing
IA Programmation

Is Claude Code going to cost $100/month? Probably not - it's all very confusing

Anthropic today quietly (as in silently, no announcement anywhere at all) updated their claude.com/pricing page (but not their Choosing a Claude plan page, which shows up first for me on Google) to add this tiny but significant detail (arrow is mine, and it's already reverted): The Internet Archive copy from yesterday shows a checkbox there. Claude Code used to be a feature of the $20/month Pro plan, but according to the new pricing page it is now exclusive to the $100/month or $200/month Max…

Simon Willison's Weblog
Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware
Cybersécurité Programmation

Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware

Last month, we responded to CanisterWorm, a worm-enabled npm supply chain campaign that compromised legitimate publisher space, replaced package contents with install-time malware, used stolen publishing access to republish malicious versions, and relied on an Internet Computer Protocol (ICP) canister as a dead-drop command and control (C2) channel. This campaign was attributed to a set of TeamPCP supply chain attacks. In this newly discovered npm incident, the malware uses the same core…

Socket
Announcing Plans for a PHP Ecosystem Survey and Report
Programmation Web

Announcing Plans for a PHP Ecosystem Survey and Report

This year, The PHP Foundation, in collaboration with PhpStorm, a JetBrains IDE, will release an official ecosystem report with data-driven insights into the current state and the future of PHP development. The report will be based on data collected from a PHP developer survey, where we’ll ask developers about their experience with the language and ecosystem. Our goal is to capture perspectives from across the PHP community – we want as many voices as possible to be included. To make that…

The PHP Foundation
Where's the raccoon with the ham radio? (ChatGPT Images 2.0)
IA Programmation

Where's the raccoon with the ham radio? (ChatGPT Images 2.0)

OpenAI released ChatGPT Images 2.0 today, their latest image generation model. On the livestream Sam Altman said that the leap from gpt-image-1 to gpt-image-2 was equivalent to jumping from GPT-3 to GPT-5. Here's how I put it to the test. My prompt: Do a where's Waldo style image but it's where is the raccoon holding a ham radio gpt-image-1 First as a baseline here's what I got from the older gpt-image-1 using ChatGPT directly: I wasn't able to spot the raccoon - I quickly realized that testing…

Simon Willison's Weblog
Esc