214
I will send you newest post from subreddit /r/programming
Data Oriented Design, Region-Based Memory Management, and Security
https://www.reddit.com/r/programming/comments/1le9yyi/data_oriented_design_regionbased_memory/
<!-- SC_OFF -->Hello, the attached devlog covers a concept I have seen quite a bit from (game) developers enthusiastic about data-oriented design, which is region-based memory management. An example of this pattern is a program allocating a very large memory region on the heap and then placing data in the region using normal integers, effectively using them as offsets to refer to the location of data within the large region. While it certainly seems fair that such techniques have the potential to make programs more cache-efficient and space-efficient, and even reduce bugs when done right, I am curious to hear some opinions on whether this pattern could be considered a potential cybersecurity hazard. On the one hand, DOD seems to offer a lot of benefits as a programming paradigm, but I wonder whether there is merit to saying that the extremes of hand-rolled memory management could start to be problematic in the sense that you lose out on both the hardware-level and kernel-level security features that are designed for regular pointers. For applications that are more concerned with security and ease of development than aggressively minimizing instruction count (which one could argue is a sizable portion - if not a majority - of commercial software), do you think that a traditional syscall-based memory management approach, or even a garbage-collected approach, is justifiable in the sense that they better leverage hardware pointer protections and allow architectural choices that make it easier for developers to work in narrower scopes (as in not needing to understand the whole architecture to develop a component of it)? As a final point of discussion, I certainly think it's fair to say there are certain performance-critical components of applications (such as rendering) where these kinds of extreme performance measures are justifiable or necessary. So, where do you fall on the spectrum from "these kinds of patterns are never acceptable" to "there is never a good reason not to use such patterns," and how do you decide whether it is worth it to design for performance at a potential cost of security and maintainability? <!-- SC_ON --> submitted by /u/nerd8622 (https://www.reddit.com/user/nerd8622)
[link] (https://guide.handmadehero.org/code/day341/) [comments] (https://www.reddit.com/r/programming/comments/1le9yyi/data_oriented_design_regionbased_memory/)
I wrote a compiler
https://www.reddit.com/r/programming/comments/1le4t7a/i_wrote_a_compiler/
submitted by /u/azhenley (https://www.reddit.com/user/azhenley)
[link] (https://blog.singleton.io/posts/2021-01-31-i-wrote-a-compiler/) [comments] (https://www.reddit.com/r/programming/comments/1le4t7a/i_wrote_a_compiler/)
Lessons from changing tech stacks in real production apps.
https://www.reddit.com/r/programming/comments/1ldu45x/lessons_from_changing_tech_stacks_in_real/
<!-- SC_OFF -->I'm curious to hear from developers who have gone through this: What were the actual reasons that made your team switch technologies, frameworks, languages, or tools in a production app? Was it due to performance issues? Maintenance pain? Team experience? Scaling challenges? Ecosystem problems? Also, if you didn’t switch when you probably should have, what held you back? Would love to hear some war stories or insights to understand what really drives these decisions. <!-- SC_ON --> submitted by /u/Personal-Work4649 (https://www.reddit.com/user/Personal-Work4649)
[link] (https://medium.com/sharenowtech/front-end-architecture-making-rebuild-from-scratch-not-so-painful-7b2232dc1666) [comments] (https://www.reddit.com/r/programming/comments/1ldu45x/lessons_from_changing_tech_stacks_in_real/)
Why JPEG Became the Web's Favorite Image Format
https://www.reddit.com/r/programming/comments/1ldqjia/why_jpeg_became_the_webs_favorite_image_format/
submitted by /u/gametorch (https://www.reddit.com/user/gametorch)
[link] (https://spectrum.ieee.org/jpeg-image-format-history) [comments] (https://www.reddit.com/r/programming/comments/1ldqjia/why_jpeg_became_the_webs_favorite_image_format/)
Do two triangles intersect?
https://www.reddit.com/r/programming/comments/1ldodul/do_two_triangles_intersect/
submitted by /u/innochenti (https://www.reddit.com/user/innochenti)
[link] (https://alexsyniakov.com/2025/06/16/do-two-triangles-intersect/) [comments] (https://www.reddit.com/r/programming/comments/1ldodul/do_two_triangles_intersect/)
Animal Crossing for the GameCube has been decompiled
https://www.reddit.com/r/programming/comments/1ldnfxb/animal_crossing_for_the_gamecube_has_been/
submitted by /u/r_retrohacking_mod2 (https://www.reddit.com/user/r_retrohacking_mod2)
[link] (https://gbatemp.net/threads/animal-crossing-for-the-gamecube-has-been-decompiled.672373/) [comments] (https://www.reddit.com/r/programming/comments/1ldnfxb/animal_crossing_for_the_gamecube_has_been/)
MCP Security Flaws: What Developers Need to Know
https://www.reddit.com/r/programming/comments/1ldignq/mcp_security_flaws_what_developers_need_to_know/
<!-- SC_OFF -->Disclosure: I work at CyberArk and was involved in this research. Just finished analyzing the Model Context Protocol security model and found some nasty vulnerabilities that could bite developers using AI coding tools. Quick Context: MCP is what lets your AI tools (Claude Desktop, Cursor, etc.) connect to external services and local files. Think of it as an API standard for AI apps. The Problems: Malicious Tool Registration: Bad actors can create "helpful" tools that actually steal your code/secrets Server Chaining Exploits: Legitimate-looking servers can proxy requests to malicious ones Hidden Prompt Injection: Servers can embed invisible instructions that trick the AI into doing bad things Weak Auth: Most MCP servers don't properly validate who's calling them Developer Impact: If you're using AI coding assistants with MCP: Your local codebase could be exfiltrated API keys in environment variables are at risk Custom MCP integrations might be backdoored Quick Fixes: # Only use verified MCP servers # Check the official registry first # Review MCP server code before installing # Don't store secrets in env vars if using MCP # Use approval-required MCP clients Real Talk: This is what happens when we rush to integrate AI everywhere without thinking about security. The same composability that makes MCP powerful also makes it dangerous. Worth reading if you're building or using MCP integrations: <!-- SC_ON --> submitted by /u/ES_CY (https://www.reddit.com/user/ES_CY)
[link] (https://www.cyberark.com/resources/threat-research-blog/is-your-ai-safe-threat-analysis-of-mcp-model-context-protocol) [comments] (https://www.reddit.com/r/programming/comments/1ldignq/mcp_security_flaws_what_developers_need_to_know/)
Simplify month-end calculations in your database! with Django 🚀
https://www.reddit.com/r/programming/comments/1ldgrxu/simplify_monthend_calculations_in_your_database/
<!-- SC_OFF -->Hello dev community! 👋 I've just launched django-lastdayofmonth, a simple yet powerful ORM function for Django, designed to effortlessly calculate the last day of any month directly within your database queries. It seamlessly supports SQLite, PostgreSQL, MySQL/MariaDB, and Oracle! 🔥 Extensively tested from Django 3.2 up to 5.2 🐍 Compatible with Python versions 3.8 to 3.12 💻 Quick setup: simply run pip install django-lastdayofmonth Check it out and star the repo if you like it! 🌟 GitHub: [django-lastdayofmonth]() Also, please support my proposal to integrate this directly into Django by liking this issue: [django/new-features issue #38]() Your feedback is highly appreciated! <!-- SC_ON --> submitted by /u/AdAshamed5374 (https://www.reddit.com/user/AdAshamed5374)
[link] (https://github.com/nobilebeniamino/django-lastdayofmonth) [comments] (https://www.reddit.com/r/programming/comments/1ldgrxu/simplify_monthend_calculations_in_your_database/)
Why Generative AI Coding Tools and Agents Do Not Work For Me
https://www.reddit.com/r/programming/comments/1ldb16m/why_generative_ai_coding_tools_and_agents_do_not/
submitted by /u/gametorch (https://www.reddit.com/user/gametorch)
[link] (https://blog.miguelgrinberg.com/post/why-generative-ai-coding-tools-and-agents-do-not-work-for-me) [comments] (https://www.reddit.com/r/programming/comments/1ldb16m/why_generative_ai_coding_tools_and_agents_do_not/)
Hypershell: A Type-Level DSL for Shell-Scripting in Rust powered by Context-Generic Programming
https://www.reddit.com/r/programming/comments/1ld47j1/hypershell_a_typelevel_dsl_for_shellscripting_in/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://contextgeneric.dev/blog/hypershell-release/) [comments] (https://www.reddit.com/r/programming/comments/1ld47j1/hypershell_a_typelevel_dsl_for_shellscripting_in/)
HTML spec change: escaping < and > in attributes
https://www.reddit.com/r/programming/comments/1ld46k1/html_spec_change_escaping_and_in_attributes/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://developer.chrome.com/blog/escape-attributes) [comments] (https://www.reddit.com/r/programming/comments/1ld46k1/html_spec_change_escaping_and_in_attributes/)
Solving LinkedIn Queens with APL
https://www.reddit.com/r/programming/comments/1ld4528/solving_linkedin_queens_with_apl/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://pitr.ca/2025-06-14-queens) [comments] (https://www.reddit.com/r/programming/comments/1ld4528/solving_linkedin_queens_with_apl/)
Open-Source RISC-V: Energy Efficiency of Superscalar, Out-of-Order Execution
https://www.reddit.com/r/programming/comments/1ld3yyi/opensource_riscv_energy_efficiency_of_superscalar/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://arxiv.org/abs/2505.24363) [comments] (https://www.reddit.com/r/programming/comments/1ld3yyi/opensource_riscv_energy_efficiency_of_superscalar/)
How Broken OTPs and Open Endpoints Turned a Dating App Into a Stalker’s Playground
https://www.reddit.com/r/programming/comments/1ld3dh1/how_broken_otps_and_open_endpoints_turned_a/
submitted by /u/CommunityWisdom (https://www.reddit.com/user/CommunityWisdom)
[link] (https://alexschapiro.com/blog/security/vulnerability/2025/04/21/startups-need-to-take-security-seriously) [comments] (https://www.reddit.com/r/programming/comments/1ld3dh1/how_broken_otps_and_open_endpoints_turned_a/)
GitHub Summer of Making has started
https://www.reddit.com/r/programming/comments/1lcyst7/github_summer_of_making_has_started/
<!-- SC_OFF -->If you’re in high school and want a free raspberry pi, laptop, or bunch of other cool stuff for spending time programming, join up. This is basically a summer reading program run by GitHub and HackClub to get highschoolers coding which is awesome You have to be 18 or younger to join <!-- SC_ON --> submitted by /u/ntindle (https://www.reddit.com/user/ntindle)
[link] (https://summer.hack.club/m0) [comments] (https://www.reddit.com/r/programming/comments/1lcyst7/github_summer_of_making_has_started/)
"Yes, A.I. still sucks at coding in some cases — For now…"Article in AI Advances, 17-Jun-2025
https://www.reddit.com/r/programming/comments/1le980t/yes_ai_still_sucks_at_coding_in_some_cases_for/
<!-- SC_OFF -->Summary: Testing the limits of LLMs in code gerenation for Raspberry Pi Pico PIO assembly, as well as an example of how we design modern CPUs microcodes. If you work in these fields, your job is still pretty much secured against AI for many years... <!-- SC_ON --> submitted by /u/xgeorgio_gr (https://www.reddit.com/user/xgeorgio_gr)
[link] (https://ai.gopubby.com/yes-a-i-still-sucks-at-coding-in-some-cases-for-now-828a0fc17ada) [comments] (https://www.reddit.com/r/programming/comments/1le980t/yes_ai_still_sucks_at_coding_in_some_cases_for/)
Double-Entry Ledgers: The Missing Primitive in Modern Software
https://www.reddit.com/r/programming/comments/1lduuw1/doubleentry_ledgers_the_missing_primitive_in/
submitted by /u/pgr0ss (https://www.reddit.com/user/pgr0ss)
[link] (https://pgrs.net/2025/06/17/double-entry-ledgers-missing-primitive-in-modern-software/) [comments] (https://www.reddit.com/r/programming/comments/1lduuw1/doubleentry_ledgers_the_missing_primitive_in/)
Mochi v0.8.0: Compile to C, C#, Dart, Elixir, Erlang, F#, Ruby, Rust, Scala and Swift
https://www.reddit.com/r/programming/comments/1ldrsau/mochi_v080_compile_to_c_c_dart_elixir_erlang_f/
<!-- SC_OFF -->We’ve just released Mochi v0.8.0 - a small, statically typed language designed for clarity, simplicity, and portability. In this release, we added support for compiling to ten more languages: C, C#, Dart, Elixir, Erlang, F#, Ruby, Rust, Scala, and Swift. It’s still early and currently supports basic control flow and expressions, but we’re actively working on expanding support for memory management and FFI across all targets. Our approach is simple: one small Mochi program at a time. We make sure the compiled code runs correctly in each target language, then iterate and expand from there. This release includes over 100 commits and 500+ file changes, laying the groundwork for future FFI and memory management support. Try it out and let us know what you think. We’d love your feedback! <!-- SC_ON --> submitted by /u/Adept-Country4317 (https://www.reddit.com/user/Adept-Country4317)
[link] (https://github.com/mochilang/mochi/releases/tag/v0.8.0) [comments] (https://www.reddit.com/r/programming/comments/1ldrsau/mochi_v080_compile_to_c_c_dart_elixir_erlang_f/)
The Guy Who Wrote a Compiler Without a Compiler: Corrado Böhm
https://www.reddit.com/r/programming/comments/1ldoomp/the_guy_who_wrote_a_compiler_without_a_compiler/
<!-- SC_OFF -->Corrado Böhm was just a postgrad student in 1951 when he pulled off something that still feels unbelievable. He wrote a full compiler by hand without using a compiler and without even having access to a proper computer. At that time, computers weren’t easily available, especially not to students. Böhm had no machine to run or test anything, so he did everything on paper. He came up with his own language, built a model of a machine, and wrote a compiler for that language. The compiler was written in the same language it was supposed to compile, something we now call a self-hosting compiler. The language he designed was very minimal. It only had assignment operations, no control structures, and no functions. Variables could only store non-negative integers. To perform jumps, he used a special symbol π, and for input and output, he used the symbol ?. Even though the language was simple, it was enough to write working programs. One example from his work shows how to load an 11-element array from input using just basic assignments, jumps, and conditions. The logic may look strange today, but it worked, and it followed a clear structure that made sense for the time.
You can check out that 11-element array program on wikipedia (https://en.wikipedia.org/wiki/B%C3%B6hm%27s_language) The entire compiler was just 114 lines of code. Böhm also designed a parsing method with linear complexity, which made the compilation process smooth for the kind of expressions his language supported. The structure of the code was clean and split logically between different types of expressions, all documented in his thesis. Concepts like self-hosting, efficient parsing, and clean code structure all appeared in this early work. Donald Knuth, a legendary computer scientist known for writing The Art of Computer Programming, also mentioned Böhm’s contribution while discussing the early development of programming languages. If this added any value to you, I’ve also written this as a blog post on my site. Same content, just for my own record. If not, please ignore. <!-- SC_ON --> submitted by /u/Karthik-Writes-Tech (https://www.reddit.com/user/Karthik-Writes-Tech)
[link] (https://karthikwritestech.com/the-guy-who-wrote-a-compiler-without-a-compiler-corrado-bohm/) [comments] (https://www.reddit.com/r/programming/comments/1ldoomp/the_guy_who_wrote_a_compiler_without_a_compiler/)
Angular Interview Q&A: Day 17
https://www.reddit.com/r/programming/comments/1ldo5h8/angular_interview_qa_day_17/
submitted by /u/MysteriousEye8494 (https://www.reddit.com/user/MysteriousEye8494)
[link] (https://medium.com/devinsight/angular-interview-q-a-day-17-16ffacbf177c) [comments] (https://www.reddit.com/r/programming/comments/1ldo5h8/angular_interview_qa_day_17/)
The Humble Programmer (1972)
https://www.reddit.com/r/programming/comments/1ldiwbk/the_humble_programmer_1972/
submitted by /u/gametorch (https://www.reddit.com/user/gametorch)
[link] (https://www.cs.utexas.edu/~EWD/transcriptions/EWD03xx/EWD340.html) [comments] (https://www.reddit.com/r/programming/comments/1ldiwbk/the_humble_programmer_1972/)
Diving into Graphics Programming through Terrain Generation
https://www.reddit.com/r/programming/comments/1ldi9x0/diving_into_graphics_programming_through_terrain/
<!-- SC_OFF -->This was a fun project using C++, OpenGL, and ImGui! GitHub repo: https://github.com/archfella/3D-Procedural-Terrain-Mesh-Generator YouTube: https://www.youtube.com/watch?v=ZySew4Pxg3c <!-- SC_ON --> submitted by /u/raduleee (https://www.reddit.com/user/raduleee)
[link] (https://www.youtube.com/watch?v=ZySew4Pxg3c) [comments] (https://www.reddit.com/r/programming/comments/1ldi9x0/diving_into_graphics_programming_through_terrain/)
NodePass is an open-source intranet penetration tool that now supports a graphical interface, providing real-time tunnel monitoring, traffic statistics, and endpoint management for a more intuitive and efficient operation.
https://www.reddit.com/r/programming/comments/1ldeyw6/nodepass_is_an_opensource_intranet_penetration/
submitted by /u/wcjiang (https://www.reddit.com/user/wcjiang)
[link] (https://github.com/yosebyte/nodepass) [comments] (https://www.reddit.com/r/programming/comments/1ldeyw6/nodepass_is_an_opensource_intranet_penetration/)
A meta-analysis of three different notions of software complexity
https://www.reddit.com/r/programming/comments/1ld47sc/a_metaanalysis_of_three_different_notions_of/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://typesanitizer.com/blog/complexity-definitions.html) [comments] (https://www.reddit.com/r/programming/comments/1ld47sc/a_metaanalysis_of_three_different_notions_of/)
How the Final Cartridge III Freezer works
https://www.reddit.com/r/programming/comments/1ld475i/how_the_final_cartridge_iii_freezer_works/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://www.pagetable.com/?p=1810) [comments] (https://www.reddit.com/r/programming/comments/1ld475i/how_the_final_cartridge_iii_freezer_works/)
The CI/CD Pipeline Architecture Framework: Systematic Approach to Pipeline Design
https://www.reddit.com/r/programming/comments/1ld46c1/the_cicd_pipeline_architecture_framework/
<!-- SC_OFF -->After two decades of building CI/CD pipelines, I've noticed teams repeatedly solving the same architectural challenges without a shared framework. I developed the "CI/CD Pipeline Architecture Framework" to provide structure: Golden Path (Sequential Foundation): 1. Code Commit 2. Automated Build 3. Automated Testing 4. Staging Deployment 5. Production Deployment 6. Monitoring & Feedback Pipeline Pillars (Flexible Capabilities): - 🟣 Multiple Environments & Promotion - 🟠 Feature Flags & Progressive Rollouts - 🟢 Metrics & Observability - 🔴 Advanced Testing Strategies - 🟡 Pipeline Control & Orchestration - 🔵 Multi-Platform & Multi-Cloud Support - 🟤 Access Control & Security Architecture Full guide with practical examples: https://cimatic.io/blog/cicd-pipeline-architecture How do you approach pipeline architecture decisions in your projects? <!-- SC_ON --> submitted by /u/kamilchm (https://www.reddit.com/user/kamilchm)
[link] (https://cimatic.io/blog/cicd-pipeline-architecture) [comments] (https://www.reddit.com/r/programming/comments/1ld46c1/the_cicd_pipeline_architecture_framework/)
Foundations of Computer Vision
https://www.reddit.com/r/programming/comments/1ld44e2/foundations_of_computer_vision/
submitted by /u/ketralnis (https://www.reddit.com/user/ketralnis)
[link] (https://visionbook.mit.edu/) [comments] (https://www.reddit.com/r/programming/comments/1ld44e2/foundations_of_computer_vision/)
phkmalloc Saga
https://www.reddit.com/r/programming/comments/1ld3xpk/phkmalloc_saga/
submitted by /u/mttd (https://www.reddit.com/user/mttd)
[link] (https://phk.freebsd.dk/sagas/phkmalloc/) [comments] (https://www.reddit.com/r/programming/comments/1ld3xpk/phkmalloc_saga/)
raylib vs SDL - A libraries comparison
https://www.reddit.com/r/programming/comments/1ld1nty/raylib_vs_sdl_a_libraries_comparison/
<!-- SC_OFF -->Hot Take: the comparison (written by the author of Raylib), succinctly explain the main reasons why raylib won't be considered by large games or can't scale in the internal-conventions (https://gist.github.com/raysan5/17392498d40e2cb281f5d09c0a4bf798#internal-conventions). Naming Prefixes(lack of), Pointers(raylib passes only by value), Error Codes(raylib doesn't, can create default objects instead), Backward-compatibility(raylib isn't) <!-- SC_ON --> submitted by /u/Professional-Ad3724 (https://www.reddit.com/user/Professional-Ad3724)
[link] (https://gist.github.com/raysan5/17392498d40e2cb281f5d09c0a4bf798) [comments] (https://www.reddit.com/r/programming/comments/1ld1nty/raylib_vs_sdl_a_libraries_comparison/)
Darklang Goes Open Source
https://www.reddit.com/r/programming/comments/1lcxp52/darklang_goes_open_source/
submitted by /u/gametorch (https://www.reddit.com/user/gametorch)
[link] (https://blog.darklang.com/darklang-goes-open-source/) [comments] (https://www.reddit.com/r/programming/comments/1lcxp52/darklang_goes_open_source/)