SShortSingh.
0
ProgrammingDEV Community ·

Flutter_skin lets developers update app themes remotely without App Store resubmission

A developer has built flutter_skin, an open-source runtime skin engine for Flutter apps that allows UI color themes to be updated remotely without requiring a new app release. The tool replaces Flutter's compile-time theming system with named color tokens managed via a web dashboard at app.fskin.dev. When a new skin is published, changes are pushed to all connected devices in approximately one to two seconds using a server-sent events connection backed by Supabase Realtime and a Node.js backend. Currently in alpha, the package supports full Material ColorScheme color tokens and offers team collaboration, version history, and API key management through its dashboard. The package is available on pub.dev and the source code is hosted on GitHub.

0
ProgrammingDEV Community ·

NVIDIA Releases LocateAnything-3B Vision Model for Open-Ended Object Localization

NVIDIA has released LocateAnything-3B, a vision-language model designed to locate objects in images based on open-ended natural language queries rather than predefined categories. Unlike traditional detectors such as YOLO, the model returns precise bounding boxes for objects described in conversational prompts, including complex attributes and spatial relationships. The model gained attention through a demo in which it successfully identified densely packed, heavily overlapping objects individually, highlighting its spatial reasoning capabilities. LocateAnything-3B combines a language backbone, a vision encoder, and spatial reasoning components to interpret both what a user is looking for and where matching objects appear. NVIDIA positions the model as particularly relevant for developers working on AI agents, robotics, autonomous systems, and document intelligence applications.

0
ProgrammingDEV Community ·

How Microsoft Entra ID Authentication Works in ASP.NET Core Apps

Microsoft Entra ID is a cloud-based Identity and Access Management service that lets ASP.NET Core applications delegate user authentication to Microsoft, so the app never handles passwords directly. The authentication flow relies on OpenID Connect for verifying user identity and OAuth 2.0 for authorizing API access, with users receiving an ID Token and an Access Token after signing in. Developers must register their application in Microsoft Entra ID to obtain a Client ID, Tenant ID, Redirect URI, and Client Secret before configuring the app. The Microsoft.Identity.Web NuGet package simplifies implementation by handling the authorization code flow, token acquisition, and caching automatically. Most common issues encountered during setup stem from configuration mistakes such as redirect URI mismatches or incorrect tenant settings rather than coding errors.

0
ProgrammingDEV Community ·

Developer shares burnout struggle after shifting from learning to social media dependency

A developer on DEV Community has shared a candid, unstructured post describing deep burnout after eight months of increasingly intense online activity. What began as casual exploration of developer communities and Godot game engine tutorials gradually consumed most of their time and focus. The author realized they had lost genuine interest in coding itself, discovering that what they truly enjoyed was the process of learning new things rather than building projects. Overreliance on AI assistance, Discord, and social media validation — including fixating on follower counts and game jam rankings — contributed to a sense of mental exhaustion. The post concludes with the author acknowledging that social media dependency, more than development itself, may be the root cause of their burnout.

0
ProgrammingDEV Community ·

Claude Code agents can hard-lock on 401 errors even when auth token stays valid

Developers running headless Claude Code instances on Linux have documented a recurring authentication failure where agents return HTTP 401 errors despite the underlying OAuth token remaining fully valid. Testing confirmed that raw API calls using the identical token succeed with HTTP 200 at the very moment a wedged instance rejects requests, pointing to a server-side session identity issue rather than a token problem. Across 412 sessions and 153 distinct 401 events logged between June 13–28, 2026, not a single instance recovered without a full process restart. Existing Claude Code fixes for token refresh and stale configuration, present since versions 2.1.117 and 2.1.178, did not prevent the latch. The key operational takeaway is that external token-validity probes are structurally blind to this failure mode, and recovery can only be confirmed by observing a successful response from the affected instance itself.

0
ScienceWIRED ·

How to Maximize Your Ebike's Cargo and Passenger Carrying Capacity

Electric bikes on their own offer limited storage and carrying capability out of the box. However, with the right accessories and add-ons, riders can significantly expand what their ebike can haul. A range of attachments — from cargo racks and panniers to child seats — can transform a basic ebike into a versatile transport tool. Choosing the right combination of accessories depends on the rider's specific hauling needs, whether for groceries, gear, or passengers.

0
ProgrammingDEV Community ·

Go patterns built for fintech production: reliability over elegance

A software engineer writing Go for regulated financial platforms has outlined battle-tested coding patterns drawn from real production incidents, post-mortems, and code reviews. The core principle is that services must shut down cleanly within Kubernetes's 30-second SIGTERM window, especially when mid-transaction operations like fund transfers or ledger entries are in progress. The author recommends using errgroup with a shared context to manage multiple service components — HTTP, gRPC, Kafka consumers — so that a failure in one triggers an orderly shutdown of all others. A strict middleware chain ordering (metrics, logging, panic recovery, request ID, then auth) is also emphasized, with recovery middleware highlighted as critical to preventing a single handler panic from killing the entire process. These patterns are described not as theoretical best practices but as solutions that have run without surprises in a fintech environment for over two years.

0
ScienceWIRED ·

China Builds World's Fastest Supercomputer Without US-Restricted GPUs

China has developed a supercomputer named LineShine, which has been ranked the fastest in the world. The machine achieved this distinction without relying on graphics processing units (GPUs), which are subject to US export restrictions on China. This marks a significant milestone as it demonstrates China's ability to advance its supercomputing capabilities despite American technology curbs. The achievement signals that US chip restrictions may not be fully preventing China from progressing in high-performance computing.

0
IndiaTimes of India ·

Biocon's Kiran Mazumdar-Shaw slams Bengaluru's urban decay, triggers online debate

Biocon founder Kiran Mazumdar-Shaw publicly criticised Bengaluru's urban development, saying the city has lost its historic 'garden city' identity. She posted a visual comparison on social media contrasting the city's current concrete-heavy infrastructure with a greener, more pedestrian-friendly model. Her remarks quickly gained traction online, with many users agreeing that the city's decline stems from poor urban planning and corruption. Residents and netizens also pointed to a lack of accountability among local administrators and politicians as key factors behind the deterioration.

0
IndiaNDTV ·

Indian Consumers Overpay for K-Beauty Products Ill-Suited to Tropical Climate

Indian consumers are spending heavily on Korean beauty products despite dermatologists warning they may not be effective in India's tropical climate. The 'glass skin' trend, popularized by K-beauty culture, has gained significant traction among Indian buyers. Dermatologists describe this as an economic irony, as products formulated for Korea's temperate conditions may not deliver the same results in India's heat and humidity. Experts suggest that the high premium paid for these imported products may not be justified given the climatic mismatch.

0
ProgrammingDEV Community ·

webmcp-gen Converts TypeScript Interfaces Into Chrome WebMCP Tool Definitions

A new open-source CLI tool called webmcp-gen allows developers to generate spec-compliant Chrome WebMCP tool definitions directly from existing TypeScript interfaces, eliminating the need to manually rewrite them as Zod schemas. Chrome 149 introduced WebMCP, a browser-native API that enables web pages to expose structured tools to AI agents. webmcp-gen uses ts-morph to parse TypeScript, maps types to JSON Schema, and produces both a .webmcp.json definition and a handler stub with security best practices included. The tool incorporates Google's recommended human-in-the-loop guidance, adding requestUserInteraction() reminders and input sanitisation warnings to generated stubs by default. Released as v1.2.0 under the MIT license, the package underwent a four-agent security audit that identified and resolved ten issues before public release.

0
ProgrammingDEV Community ·

CSS-only point-and-click adventure game built using radio buttons and checkboxes

A developer on DEV Community has demonstrated how to build a functional point-and-click adventure game using only HTML and CSS, with no JavaScript involved. The game features room-based navigation, a collectible inventory, and conditional logic, all driven by the checked state of radio buttons and checkboxes. Radio inputs handle mutually exclusive room states, while checkboxes track cumulative inventory items such as an apple or a mysterious note. Navigation works by linking label clicks to input state changes, which then trigger CSS rules that shift a viewport wrapper using transform: translateX. The technique, considered a long-standing CSS trick, shows how complex UI logic and state management can be achieved purely through selector-based styling.

0
ProgrammingDEV Community ·

Prodiam builds WebGL scroll visualiser to illustrate diamonds' billion-year age

South African diamond trader Prodiam Trading CC has released a small browser-based visualiser designed to help users intuitively grasp how old natural diamonds truly are. The tool is built using Three.js and WebGL for 3D rendering, GSAP for timeline control, and smooth scroll handling to guide the narrative. The project is openly available, with both a live demo and source code published on GitHub. Prodiam's intent is educational rather than commercial, aiming to show buyers that a diamond's value encompasses its age, formation, cutting, certification, and provenance — not just its product specifications.

0
ProgrammingDEV Community ·

Developer launches WebhookBox, a free disposable webhook testing API on RapidAPI

A developer has built and released WebhookBox, a free API designed to simplify webhook testing during software development. The tool generates instant, disposable webhook URLs that automatically expire after 24 hours, eliminating the need for tools like ngrok or temporary deployments. It supports all HTTP methods and allows developers to inspect full payloads including headers, body, query parameters, and timestamps, as well as replay captured payloads to a target URL. WebhookBox is built with Node.js, Express, and Upstash Redis, and is deployed on Railway's free tier. The API is publicly listed on RapidAPI with a free tier and was completed in a single day.

0
ProgrammingDEV Community ·

AI Code Editors Routinely Hardcode API Keys and Secrets, Posing Security Risk

AI coding tools like Cursor, Copilot, and Claude Code frequently embed live API keys, JWT secrets, and database credentials directly into generated code, a vulnerability classified as CWE-798. This happens because their training data is heavily drawn from tutorials and sample code that hardcode secrets for illustrative purposes, leaving models unable to distinguish sensitive values from ordinary arguments. A developer recently discovered Cursor had inserted a live Stripe key and JWT secret into working code that was nearly pushed to a public GitHub repository. Exposed secrets in git history are considered permanently compromised, as bots are known to scrape public repositories and exploit credentials like AWS keys within minutes of a commit. Developers are advised to move all secrets to environment variables, add .env files to .gitignore, and use tools like Gitleaks in a pre-commit hook to intercept secrets before they ever reach version control.

0
ProgrammingDEV Community ·

LangChain agents can now verify email deliverability before sending using Verifly

Developers building LangChain agents that send emails or process signups face a recurring problem: agents act on invalid, mistyped, or disposable email addresses without any awareness of deliverability. A new integration called langchain-verifly provides a ready-made LangChain tool that lets agents verify an email address mid-workflow via the Verifly API. The tool returns structured signals including a recommendation field and a suggested correction when a typo is detected, allowing the agent to autonomously skip bad addresses or flag fixable ones. Setup requires installing the package, registering for a free API key with 100 credits, and passing the VeriflyEmailVerifier tool to a standard LangChain agent executor. This approach eliminates the need for developers to write custom bounce-handling logic by embedding deliverability checks directly into the agent's decision loop.

0
ProgrammingDEV Community ·

Swift Structs: How Computed Properties Work and When to Use Them

Swift structs support two kinds of properties: stored properties, which hold data directly in memory, and computed properties, which recalculate their value each time they are accessed. A computed property is defined using a code block inside the struct and derives its result from other stored values rather than holding one itself. By default, computed properties are read-only, but developers can make them writable by explicitly defining both a getter and a setter within the property block. Swift automatically provides a `newValue` constant inside the setter, representing the value being assigned. The choice between stored and computed properties depends on whether the value is independent and frequently set, or derived from other properties and expected to stay dynamically accurate.

0
IndiaTimes of India ·

Sonam Wangchuk joins indefinite hunger strike at Jantar Mantar over education reforms

Climate activist Sonam Wangchuk has launched an indefinite hunger strike at Jantar Mantar in New Delhi. He joined a protest organised by the Cockroach Janata Party, which is demanding the resignation of Education Minister Dharmendra Pradhan. The demonstration centres on alleged irregularities in examinations and calls for greater transparency and accountability in India's education system. Students and farmer leaders have also lent their support to the ongoing protest. Reports suggest that some farmer leaders attempting to participate were potentially placed under house arrest.

← NewerPage 111 of 183Older →