5 Practical Defenses for Prompt Injection in LLMs
...explained visually, with usage.
Lire
/
pnpm 11 Adds Supply Chain Protection Defaults for Minimum Release Age and Exotic Subdependencies
pnpm 11 has been released with new supply chain protections in place, making safer install behavior the default while still allowing teams to override those settings. The release sets Minimum Release Age to 24 hours by default, blocks exotic subdependencies by default, and introduces a new Allow Builds model for controlling dependency build scripts. pnpm 11 arrived as the JavaScript, Python, and PHP ecosystems were responding to Mini Shai-Hulud, a fresh supply chain campaign that compromised…
Lire
TRE Python binding — ReDoS robustness demo
TRE Python binding — ReDoS robustness demo
Research: TRE Python binding — ReDoS robustness demo If it's good enough for antirez to add to Redis I figured Ville Laurikari's TRE regular expression engine was worth exploring in a little more detail. I had Claude Code build an experimental Python binding (it used ctypes) and try some malicious regular expression attacks against the library. TRE handles those much better than Python's standard library implementation, thanks mainly to the lack of support for backtracking. Tags: security,…
Lire
Redis Array Playground
Tool: Redis Array Playground Salvatore Sanfilippo submitted a PR adding a new data type - arrays - to Redis. The new commands are ARCOUNT, ARDEL, ARDELRANGE, ARGET, ARGETRANGE, ARGREP, ARINFO, ARINSERT, ARLASTITEMS, ARLEN, ARMGET, ARMSET, ARNEXT, AROP, ARRING, ARSCAN, ARSEEK, ARSET. The implementation is currently available in a branch, so I had Claude Code for web build this interactive playground for trying out the new commands in a WASM-compiled build of a subset of Redis running in the…
Lire
Splitting Laravel Boost guidelines across multiple files
Laravel Boost only reads a single core.blade.php per package, so extra sibling files get silently dropped. Here is the minimal pattern for splitting your guidelines into organized partials using a Blade view namespace. Read more
Lire
How AI Swarms Are Disrupting Democracy
Every day, millions of pieces of fake content are produced. Videos, audio clips, posts, articles, generated by artificial intelligence, distributed at industrial scale, aimed at shifting public opinion across entire countries. The people producing them are often outside the country being targeted. The people receiving them almost never know they’re fake. And they have no […]
Lire
★ Searching multiple columns with one URL parameter in laravel-query-builder
We just released v7.3.0 of laravel-query-builder, which adds a new way to group multiple filters under a single URL parameter. Before getting into the new feature, let me show you how the basics work, so the new bit makes sense in context. The basics Here's a typical setup in a controller: use Spatie\QueryBuilder\AllowedFilter; use Spatie\QueryBuilder\QueryBuilder; $users = QueryBuilder::for(User::class) ->allowedFilters( AllowedFilter::partial('name'), AllowedFilter::exact('status'), )…
Lire
Markov Decision Processes and Value Functions in RL
The full RL nanodegree, covered with implementation.
Lire
Quoting Anthropic
Quoting Anthropic
We used an automatic classifier which judged sycophancy by looking at whether Claude showed a willingness to push back, maintain positions when challenged, give praise proportional to the merit of ideas, and speak frankly regardless of what a person wants to hear. Most of the time in these situations, Claude expressed no sycophancy—only 9% of conversations included sycophantic behavior (Figure 2). But two domains were exceptions: we saw sycophantic behavior in 38% of conversations focused on…
Lire
A Week of Symfony #1009 (April 27 – May 3, 2026)
This week, Symfony released the maintained versions 6.4.37, 7.4.9, and 8.0.9. Meanwhile, we continued merging new features for the upcoming Symfony 8.1 version, such as the new TUI component. Lastly, we published an update about the recent SymfonyInsight…
Lire
Sightings
/elsewhere/sightings/ I have a new camera (a Canon R6 Mark II) so I'm taking a lot more photos of birds. I share my best wildlife photos on iNaturalist, and based on yesterday's successful prototype I decided to add those to my blog. I built this feature on my phone using Claude Code for web, as an extension of my beats system for syndicating external content. Here's the PR and prompt. As with my other forms of incoming syndicated content sightings show up on the homepage, the date archive…
Lire
On pricing
Seth Godin shares a compact set of pricing truths about value, story, and perception. It is especially good on why the right answer to "that's too expensive" is often a better story, not a lower price. Read more
Lire
How to Beat GRPO Without Touching Model Weights
Berkeley beat GRPO by 10 points with 35× fewer rollouts and no GPU training,
Lire
PyPI Fixes High-Severity Access Control Issues Found in Security Audit
PyPI has fixed two high-severity flaws found during its second external security audit, addressing access control issues that could have allowed organization members to invite new owners and stale team permissions to persist after project transfers. The audit was performed by Trail of Bits and funded by the Sovereign Tech Agency. It reviewed Warehouse, the open source Python application that powers PyPI and handles package uploads, metadata validation, storage, and downloads for pip and other…
Lire
TRE Python binding — ReDoS robustness demo
★ Searching multiple columns with one URL parameter in laravel-query-builder
Freek Van der Herten •
Quoting Anthropic
5 Practical Defenses for Prompt Injection in LLMs
pnpm 11 Adds Supply Chain Protection Defaults for Minimum Release Age and Exotic Subdependencies
TRE Python binding — ReDoS robustness demo
Redis Array Playground
Splitting Laravel Boost guidelines across multiple files
How AI Swarms Are Disrupting Democracy
★ Searching multiple columns with one URL parameter in laravel-query-builder
Markov Decision Processes and Value Functions in RL
Quoting Anthropic
A Week of Symfony #1009 (April 27 – May 3, 2026)
Sightings
Richard Dawkins and The Claude Delusion
On pricing
How to Beat GRPO Without Touching Model Weights
PyPI Fixes High-Severity Access Control Issues Found in Security Audit
Aucun résultat
Essayez avec d'autres termes de recherche.