Web frameworks

Web frameworks

The Swift for Visual Studio Code extension adds first-class language support for projects built with Swift Package Manager, enabling seamless cross-platform development on macOS, Linux, and Windows.

I got a degree from Douglas College in programming and business management. I understood the business side more and was better at that than at being a coder.

Version 6.3 debuts the @c attribute for exposing Swift functions and enums to C code in a project, allowing for seamless integration.

New overloads on TarFile.CreateFromDirectory accept a TarEntryFormat parameter, giving direct control over the archive format. Previously, CreateFromDirectory produced Pax archives. The new overloads support all four tar formats—Pax, Ustar, GNU, and V7—for compatibility with specific tools and environments.

One of the most significant changes is the move to integrate CSS module support directly into webpack's core. Currently available behind the experimental.css option, this feature eliminates the need for mini-css-extract-plugin. The team expects to complete integration into core around early 2026, with the feature remaining experimental until webpack 6, at which point plugin-based CSS handling will no longer be necessary.

One of the reasons I've been digging Astro so much is that it nicely straddles the SSG world and Node.js server worlds. When building your app, you can make logical decisions about what should be done at build time versus what should be done dynamically. It's like having Express and Eleventy rolled into one solution.

Modern web applications are no longer just "sites." They are long-lived, highly interactive systems that span multiple runtimes, global content delivery networks, edge caches, background workers, and increasingly complex data pipelines. They are expected to load instantly, remain responsive under poor network conditions, and degrade gracefully when something goes wrong.

Building APIs is so simple. Caveat, it's not. Actually, working with tools with no security, you've got a consumer and an API service, you can pretty much get that up and running on your laptop in two or three minutes with some modern frameworks. Then, authentication and authorization comes in. You need a way to model this.

I'm currently building a web app using NuxtJS 2 for the frontend and NestJS for the backend, relying on third-party APIs (like Replicate) for the heavy lifting. I'm using Cloudflare R2 to store the generated output images. I'm running into some performance bottlenecks when rendering specific landing pages that contain heavy, dynamic image galleries. For instance, I'm trying to optimize the SEO and load speed for my AI Pet Portrait Generator free tool page.

The component also provides features for columns (sort, hide, resize), rows (select), cells (keyboard navigation, pointer interactions, custom rendering). Feel free to ask and look at the code if you're interested in knowing more. The <HighTable> component is developed at hyparam/hightable. It was created by Kenny Daniel for Hyperparam, and I've had the chance to contribute to its development for one year now.

For a long time I wanted to document something I have done many times in production systems but never explained clearly: using Django ORM as a standalone module to connect to an existing database. In my work I have often dealt with legacy systems where the only reliable source of truth was the database itself. In those situations, Django ORM became my Swiss army knife.

Waku, a minimal React framework has released version 1.0 alpha, marking its public API surface area as stable as the project shifts focus towards bug fixes and compatibility improvements. Waku 1.0 alpha represents a significant milestone for the lightweight framework, which has been in development for nearly three years. The release stabilises the framework's public APIs and signals a transition from feature development to refinement and stability.

What's happening here: Type-safe - Your editor knows repo is a SnippetRepository. Full autocomplete, type checking works. Automatic cleanup - The context manager ensures the database session closes, even if an exception occurs. No global state - Every request gets its own session. No risk of one request interfering with another. Testable - Here's the magic: You override the dependency with an in-memory implementation. Your test doesn't hit the database.

We also patched two potential denial-of-service vulnerabilities when handling large, malformed inputs. One exploits inefficient string concatenation in header parsing under ASGI ( CVE 2025-14550). Concatenating strings in a loop is known to be slow, and we've done fixes in public where the impact is low. The other one ( CVE 2026-1285) exploits deeply nested entities. December's vulnerability in the XML serializer ( CVE 2025-64460) was about those very two themes.