This data structure seems efficient and interesting

The maintainer retires, so there are many projects going unmaintained without help

Paste the raw source of an email into the form on the front page. The email will then be parsed, decoded, separated into its various MIME parts, and displayed in an easy to view fashion. Image attachments will be displayed as images. HTML parts will be rendered in Chromium (with javascript and plugins, disabled) and then also displayed as an image. IP addresses in headers and message bodies will be identified, classified, and highlighted along with a flag representing their origin country. Hostnames and email addresses will also be identified and highlighted.

A single authentication layer for your entire platform. Integrate any identity provider through OpenID Connect — without touching your application code.

his web app will send you a confirmation email to make sure you own the email address. In that email there will be another link. Click that link and you will be taken to a page where you can trigger test emails to be sent to you. Those test emails are specially crafted to use a variety of techniques, to attempt to send information back to this server when read. It will then display the results for you.

The project is available at https://gitlab.com/grepular/ept3

Whether you are a software engineer, a lawyer, a manager, or an entrepreneur, your value is directly correlated with how efficiently you can process new information to stay relevant in your field in an ever-accelerating world.

But there are two problems.

The first one is that today, there is simply too much information available and it's hard to extract signal from the noise.

The second problem is that knowledge ("white collar") jobs are evolving faster than the capacity of most people to learn new things. For example, today, you are a software engineer developing backend applications, and you may want to move into machine learning with all the recent and exciting advancements.

Good news: Knowledge follows the law of diminishing returns. By spending two weeks studying a topic really hard, you can assimilate the most important principles and become better than maybe 90% of the people on this plane

JavaScript Patterns Patterns focused on plain Javascript and Node.js

Why benchmarks should be carefully used as arguments

"stateless" authentication simply is not feasible in a secure way. You must have some state to handle tokens securely, and if you must have a data store, it's better to just store all the data.

The reason to avoid JWTs comes down to a couple different points:

• The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions need to have longer lifespans than that.
• "stateless" authentication simply is not feasible in a secure way. You must have some state to handle tokens securely, and if you must have a data store, it's better to just store all the data. Most of this article and the followup it links to describes the specific issues: http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/
• (Yes, people are doing it, and yes, their applications are flawed, and you should not repeat that mistake.)
• JWTs which just store a simple session token are inefficient and less flexible than a regular session cookie, and don't gain you any advantage.
• The JWT specification itself is not trusted by security experts. This should preclude all usage of them for anything related to security and authentication. The original spec specifically made it possible to create fake tokens, and is likely to contain other mistakes. This article delves deeper into the problems with the JWT (family) specification.

Not updated anymore, but still relevant

Une revue du logiciel par Korben

It completes my post "Where to find blogs to follow?".

1. Personal recommendations

2. Aggregations

   • Bear Blog Discover: https://bearblog.dev/discover/
   • Blogosphere: https://blogosphere.app/
   • Blogroll: https://blogroll.org/
   • Bubbles: https://bubbles.town/
   • Kagi Small Web: https://kagi.com/smallweb
   • PowRSS: https://powrss.com/

3. Social media

Many people on the fediverse have blogs and share common interests with hastags. Hashtags can be followed to get content by the way.

I came to this way of thinking by sheer accident. I was traditionally a desktop business app developer, and by the time I saw the writing on the wall, SPA frameworks were the dominant meta in front end. As I started getting contracts, I worked on one project with such a tight deadline that I simply had no time to bring a critical library into the cinematic React universe. So I just... wrote JS. I modified the DOM. And you know what? It was fine. Not only was it fine, it was easier. I wrote a little stream object in ~50 LoC to react to user inputs, and it worked flawlessly. I felt lied to. I thought making a web page interactive was an insanely difficult task only SPA framework authors were qualified to do? Yet here I was just... scripting the page.

The only cases to use framework is for project maintainability as I've found so far.

Typo-squatting: using URLs is a false solution. "By making crate IDs longer, whether by namespacing within crates.io, GitHub organizations, or via domains, you only make it harder for users to remember them precisely, and thus harder to recognize typo-squatting."

Sandboxing can not be handled by the language itself.

It's the developer responsability to use crates on crates.io. It's an audit to make. Rust provides tool for it: cargo-vet, crates.io 90 day download plot, cargo chef or Nix to build isolation.

Also Rust itself does not have the resources for it at the moment. They simply can't. The compiler and std are primarily developed by volunteers, who don’t get anything out of it except for rare donations from other members of the community. The Rust project is not the same as GitHub or Linux. They don't have the same support.

We’re not nearly close to the level of security a centralized registry can provide. On the software side, in 2025 Rust teams made or piloted tools for typo squatting detection, dynamic build script analysis, and real-time code scanning. On the personal side, Rust Foundation hired on-call engineers in 2025 and a second infrastructure engineer in 2026. If that sounds overdue, well, they had net loss in 2023 – software isn’t cheap.

Summary of the changes in the kernel 7.0