TLDR Dev 2025-10-16

This dev created a Swift package called WorkKit to directly parse iWork files (.key, .numbers, and .pages) without requiring export to other formats or server-side processing. This involved reverse engineering the iWork binary format, which uses Google's Protocol Buffers, and extracting the schemas from the application executables. WorkKit maps type IDs to Swift classes, decompresses the Snappy-compressed data, and uses a two-pass system to load and merge document content, which is then exposed to provide decoded data.

TanStack Router's context inheritance feature allows state and type information to flow from parent routes to child routes in a type-safe manner. Path parameters, search parameters, and router context can be defined on parent routes and automatically become available to all child routes with full TypeScript inference. This creates a system where child components gain access to all accumulated state throughout their parent route hierarchy.

A Turkish software engineer reported a mysterious Kotlin compiler error in 2016, which was eventually traced to a locale-sensitive bug in the `toLowerCase()` function that affected Turkish users. The issue happened because Turkish has two forms of the letter 'i' (dotted and dotless), so when the compiler converted XML message tags like "INFO" to lowercase for lookup, it produced "ınfo" (with dotless ı) instead of "info" on Turkish systems, causing the lookup to fail. This seemingly minor bug took five years to properly identify and fix.

This dev narrowly avoided being hacked through a sophisticated scam disguised as a legitimate job interview with a blockchain company. The scam had a fake coding challenge containing obfuscated malware designed to steal sensitive data like crypto wallets and passwords. He was saved by using AI to scan the codebase for suspicious activity before running it.

Current AI hype focuses too much on simple API calls, while the real value lies in trivializing hard problems and boosting internal productivity. While LLMs may be plateauing in improvement, current capabilities are enough for certain use cases, like internal tools development. Also, AI should not be an entire product, but rather should work as a feature or a tool under the surface.

WAHA is an HTTP API (REST API) for WhatsApp designed for easy installation and operation on your own server, with capabilities like sending text messages. To start using WAHA, you need Docker installed, after which you can download the WAHA image, run the API, start a new session by scanning a QR code with your phone, and then send messages via the API using the provided Swagger documentation.

Anthropic has released Claude Haiku 4.5, a new small AI model that offers near-frontier performance with greater cost-efficiency and speed. This model surpasses its predecessor and even Claude Sonnet 4 in certain tasks like computer use, making it ideal for real-time applications like chat assistants and pair programming.

Apple's M5 chip will be featured in the new 14-inch MacBook Pro, iPad Pro, and Apple Vision Pro. It provides a jump in AI performance, with a next-generation GPU architecture with Neural Accelerators in each core and over 4x the peak GPU compute for AI compared to M4. It also has better graphics, a faster CPU and Neural Engine, and increased unified memory bandwidth.

Core Web Vitals was launched by Google in May 2020 as a set of standardized metrics that measure user experience by assessing website loading speed, interactivity, and visual stability. The initiative was meant to be a more open approach to improve web performance, and has reportedly saved Chrome users over 30,000 years of waiting time through 2024 by encouraging website optimization. These metrics were developed based on research showing that pages meeting the Core Web Vitals thresholds see 24% fewer user abandonments.

Anthropic's new Claude Haiku 4.5 model was tested on a WebSocket refactoring task. While it produced the most code compared to other models, its quality was much lower than Claude Sonnet 4.5. Haiku 4.5 over-engineered the solution, prioritizing thoroughness at the expense of code quality, correctness, and maintainability.

An investigation uncovered a massive archive of data showing the global phone-tracking activities of a company called First Wap. First Wap's tool, Altamides, exploits vulnerabilities in the SS7 telecom protocol to track phone locations worldwide without detection on the device itself. The data showed that First Wap tracked thousands of individuals, including journalists, dissidents, and even individuals like Anne Wojcicki, using this method.

Backblaze's analysis of its hard drive data shows that hard drives are improving in reliability and lasting longer, challenging the traditional "bathtub curve" model of failure rates over time.

Embedding models are necessary for AI applications like search and recommendations, but upgrading to newer models can be costly and disruptive due to incompatible vector spaces.

Researchers found and reported two vulnerabilities in Nixpkgs GitHub Actions related to pull request targets that allowed potential code injection and unauthorized access via command injection and local file inclusion - they were quickly fixed by maintainers.

Mandatory AI code generation tools during work are turning devs from creators into mere approvers of AI-generated code.