Go

Articles

Pokemon Emerald in WebAssembly(https://github.com/tripplyons/pokeemerald-wasm) Github wxt: Next-gen Web Extension Framework Skills for threat modeling, scanning, triage, patching, plus an autonomous scanning harness you can /customize A curated list of awesome 3D printing resources hermes-agent: It’s the only agent with a built-in learning loop - it creates skills from experience, improves them during use, nudges itself to persist knowledge, searches its own past conversations, and builds a deepening model of who you are across sessions. Run it on a $5 VPS, a GPU cluster, or serverless infrastructure that costs nearly nothing when idle. It’s not tied to your laptop - talk to it from Telegram while it works on a cloud VM. loupe: A privacy-focused iOS app that raises awareness about what native apps can see(https://apps.apple.com/cn/app/loupe-app%E8%83%BD%E7%9C%8B%E5%88%B0%E4%BB%80%E4%B9%88/id6766152470) LaunchNext: Bring your Launchpad back in MacOS26+ ,highly customizable, powerful, free. endlessh: SSH tarpit that slowly sends an endless banner iptables-tracer: Trace packets as they go through iptables chains serverless-dns: The RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io ouch: stands for Obvious Unified Compression Helper. It’s a CLI tool for compressing and decompressing various formats.(https://github.com/ouch-org/ouch#supported-formats) shpool: shpool is a service that enables session persistence by allowing the creation of named shell sessions owned by shpool so that the session is not lost if the connection drops. shpool can be thought of as a lighter weight alternative to tmux or GNU screen. While tmux and screen take over the whole terminal and provide window splitting and tiling features, shpool only provides persistent sessions. The biggest advantage of this approach is that shpool does not break native scrollback or copy-paste. capslock: is a capability analysis CLI for Go packages that informs users of which privileged operations a given package can access. This works by classifying the capabilities of Go packages by following transitive calls to privileged standard library operations. unregistry: Push docker images directly to remote servers without an external registry NetNewsWire is a free and open-source feed reader for macOS and iOS. It supports RSS, Atom, JSON Feed, and RSS-in-JSON formats. K4YT3X’s Hardened & Optimized Linux Kernel Parameters Turso is an in-process SQL database, compatible with SQLite. zizmor is a static analysis tool for GitHub Actions. RustFS is a high-performance, distributed object storage system built in Rust. Usage: is a spec and CLI for defining CLI tools. Arguments, flags, environment variables, and config files can all be defined in a Usage spec. It can be thought of like OpenAPI (swagger) for CLIs. SurfSense: An open source, privacy focused alternative to NotebookLM for teams with no data limits. ICANN implementation of the Registry Data Access Protocol (RDAP) OpenRDAP is a command line RDAP client implementation in Go. Article 1-Click GitHub Token Stealing via a VSCode Bug Linux 系统误将 chmod 权限改成了 000，如何恢复? Laptops all have built-in security tokens these days Tailscale and RustDesk: Secure remote access to all your desktops Unexpected security footguns in Go’s parsers 君子慎讀辭典中標注的「讀音」和「語音」是什麼？拜託別再「我汗你」了！ Linux 系统误将 chmod 权限改成了 000，如何恢复? #include <sys/stat.h> int main() { chmod("/usr/bin/chmod", 0755); return 0; } ubuntu@ubuntu:~$ which chmod /usr/bin/chmod ubuntu@ubuntu:~$ ls -lh /usr/bin/chmod lrwxrwxrwx 1 root root 8 Sep 27 2025 /usr/bin/chmod -> gnuchmod ubuntu@ubuntu:~$ ls -lh /usr/bin/gnuchmod -rwxr-xr-x 1 root root 67K Jan 23 21:34 /usr/bin/gnuchmod ubuntu@ubuntu:~$ sudo chmod 000 /usr/bin/chmod ubuntu@ubuntu:~$ ls -lh /usr/bin/chmod lrwxrwxrwx 1 root root 8 Sep 27 2025 /usr/bin/chmod -> gnuchmod ubuntu@ubuntu:~$ ls -lh /usr/bin/gnuchmod ---------- 1 root root 67K Jan 23 21:34 /usr/bin/gnuchmod ubuntu@ubuntu:~$ cat main.c #include <sys/stat.h> int main() { chmod("/usr/bin/chmod", 0755); return 0; } ubuntu@ubuntu:~$ gcc ./main.c ubuntu@ubuntu:~$ sudo ./a.out ubuntu@ubuntu:~$ ls -lh /usr/bin/chmod lrwxrwxrwx 1 root root 8 Sep 27 2025 /usr/bin/chmod -> gnuchmod ubuntu@ubuntu:~$ ls -lh /usr/bin/gnuchmod -rwxr-xr-x 1 root root 67K Jan 23 21:34 /usr/bin/gnuchmod Laptops all have built-in security tokens these days macOS https://github.com/yubico/libfido2

Wednesday, June 10, 2026 Read

Articles

https://medium.com/@0050211 精通比特幣 https://virtualosmuseum.org/ mathematical playground 台灣資料的 MCP Hub 幼園通：幼兒園地圖查詢系統 Github 小林 x 图解计算机基础 Awesome Docker Compose Examples Golang-Concurrency-Pattern-Demo Learn Go with Tests SystemDesign Prometheus Notes Rust算法题解 📝 Today I Learned golang-samples Golang 面试题搜集打造超人學習能力单机百万级别QPS 网络传输 AI 编程的测试用例 whichllm: Find the best local LLM that actually runs on your hardware. NeuTTS: On-device TTS model by Neuphonic OpenNutriTracker is a free and open source calorie tracker with a focus on simplicity and privacy. Algorithm powering the For You feed on X DigitalPlat FreeDomain: Free Domain For Everyone forge: A Python framework for self-hosted LLM tool-calling and multi-step agentic workflows.: Three ways to use it: Proxy server, WorkflowRunner, Guardrails middleware. Shannon Lite is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production. cmux: Ghostty-based macOS terminal with vertical tabs and notifications for AI coding agents superset: Code Editor for the AI Agents Era - Run an army of Claude Code, Codex, etc. on your machine Maigret collects a dossier on a person by username only, checking for accounts on a huge number of sites and gathering all the available information from web pages. No API keys required. VoxCPM2: Tokenizer-Free TTS for Multilingual Speech Generation, Creative Voice Design, and True-to-Life Cloning Turn Claude Code into a full game dev studio — 49 AI agents, 72 workflow skills, and a complete coordination system mirroring real studio hierarchy. https://github.com/alistaitsacle/free-llm-api-keys Ian Xiaohei Illustrations 是一个 Codex Skill，用来指导 AI Agent 为中文文章、帖子、博客、Notion 文档和方法论内容生成正文配图。 odysseus: A self-hosted AI workspace – meant to be the self-hosted version of the UI experience you get from ChatGPT and Claude. But with more jank and fun. Running on your own hardware, with your own data – local-first, privacy-first, and no trojan. 🐸 Read Frog - Open Source Immersive Translate | 🐸 陪读蛙 - 开源沉浸式翻译 LiveContainer is an app launcher (not emulator or hypervisor) that allows you to run iOS apps inside it.: Allows you to install unlimited apps (3 app/10 app id free developer account limit does not apply here) with only one app & app id. You can also have multiple versions of an app installed with multiple data containers. Image Toolbox is a powerful app for advanced image manipulation. It offers dozens of features, from basic tools like crop and draw to filters, OCR, and a wide range of image processing options Nyx (goddess of the night in Greek mythology) is a self-contained script for cleaning forensic traces on Linux, macOS, and Windows. Open source games groupcache groupcache-go PEER.AS — explore global BGP routing, IP prefixes, ASNs, AS_PATH, origins and peering. The whole thing runs in your browser: there is no backend, no API, and no database server. The site is just a bundle of static files you can host, fork, or mirror anywhere. Tool ec2instances.info https://imagefree.net/zh-Hant Article XDG Base Directory Spec Zig vs Rust in 2026 Your Clippy Config Should Be Stricter 部落卷卷 HN Popularity Contest Tracing HTTP Requests with Go’s net/http/httptrace 免費 3D 列印模型網站 MakerWorld: Bambu Lab 官方模型平台。很多模型已經附好列印參數（3MF），下載後可直接列印。適合新手。 Printables: Prusa 官方社群平台。高品質免費模型很多，分類清楚。實用工具、收納、機械零件特別豐富。 Thingiverse: 歷史最悠久的 3D 模型網站之一。免費模型數量非常大。 Thangs: 兼具模型搜尋引擎與模型平台。可以搜尋多個模型網站的內容。有免費也有付費模型。 Cults3D: 設計師作品較多。公仔、模型、Cosplay 道具品質高。付費模型比例較高，但也有免費下載區。 XDG Base Directory Spec Category Environment Variable Default Value FHS Approximation Configuration $XDG_CONFIG_HOME $HOME/.config /etc Data $XDG_DATA_HOME $HOME/.local/share /usr/share State $XDG_STATE_HOME $HOME/.local/state /var/lib Cache $XDG_CACHE_HOME $HOME/.cache /var/cache package main import ( "os" "fmt" "log" "path/filepath" ) func getConfigDir() (string, error) { configDir := os.Getenv("XDG_CONFIG_HOME") // If the value of the environment variable is unset, empty, or not an absolute path, use the default if configDir == "" || configDir[0:1] != "/" { homeDir, err := os.UserHomeDir() if err != nil { return "", err } return filepath.Join(homeDir, ".config", "my-application-name"), nil } // The value of the environment variable is valid; use it return filepath.Join(configDir, "my-application-name"), nil } func main() { config_dir, err := getConfigDir() if err != nil { panic(err) } fmt.Println(config_dir) } whichllm uvx whichllm@latest

Wednesday, June 3, 2026 Read

Articles

SingleFlight macOS 奇怪的安全扫码机制 Agentic Design Patterns 你不知道的 Claude Code：架构、治理与工程实践你不知道的 Agent：原理、架构与工程实践 rtk: CLI proxy that reduces LLM token consumption by 60-90% on common dev commands. Single Rust binary, zero dependencies difftastic: a structural diff that understands syntax I Ditched Elasticsearch for Meilisearch. Here’s What Nobody Tells You. 策展島嶼的深度敘事: https://github.com/frank890417/taiwan-md Linux 中网络包的一生 Gitingest: Turn any Git repository into a prompt-friendly text ingest for LLMs. 7 More Common Mistakes in Architecture Diagrams Use Cases Superpowers: Superpowers is a complete software development workflow for your coding agents, built on top of a set of composable “skills” and some initial instructions that make sure your agent uses them. everything-claude-code: The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond. Agency Agents: A complete AI agency at your fingertips - From frontend wizards to Reddit community ninjas, from whimsy injectors to reality checkers. Each agent is a specialized expert with personality, processes, and proven deliverables. MiroFish: A Simple and Universal Swarm Intelligence Engine, Predicting Anything. Lightpanda Browser: the headless browser designed for AI and automation Anatomy of the .claude/ Folder Cocoa-Way: Native macOS Wayland Compositor written in Rust using Smithay. Experience seamless Linux app streaming on macOS without XQuartz. Pretext: Fast, accurate & comprehensive text measurement & layout Ghostmoon.app: A Swiss Army Knife for your macOS menu bar CodingFont: A game to help you pick a coding font The Git Commands I Run Before Reading Any Code Winhance: Application designed to optimize, customize and enhance your Windows experience. Native Instant Space Switching on MacOS FluidCAD: Write CAD models in JavaScript. See the result in real time. Awesome DESIGN.md: Copy a DESIGN.md into your project, tell your AI agent “build me a page that looks like this” and get pixel-perfect UI that actually matches. graphify: AI coding assistant skill (Claude Code, Codex, OpenCode, Cursor, Gemini CLI, GitHub Copilot CLI, OpenClaw, Factory Droid, Trae, Google Antigravity). Turn any folder of code, docs, papers, images, or videos into a queryable knowledge graph SingleFlight package analyzer import ( "context" "sync" "golang.org/x/sync/singleflight" "github.com/nathan/stock_bot/internal/storage" ) type AnalysisService struct { genai *GenAIClient d1Client *storage.D1Client stockCache map[string]*StockAnalysisResult mu sync.RWMutex sf singleflight.Group } func (s *AnalysisService) analyzeStock(ctx context.Context, code, name string) (*StockAnalysisResult, error) { // 1. 第一層防護：檢查記憶體快取 (L1 Cache) s.mu.RLock() if result, ok := s.stockCache[code]; ok { s.mu.RUnlock() return result, nil } s.mu.RUnlock() // 2. 第二層防護：Singleflight (請求合併) key := "stock:" + code v, err, _ := s.sf.Do(key, func() (interface{}, error) { // 3. 執行昂貴的邏輯 (DB + Gemini API) result, err := s.doAnalyzeStock(ctx, code, name) if err != nil { return nil, err } // 4. 寫入快取 (務必在 singleflight 內部完成，防止下一波瞬間擊穿) s.mu.Lock() s.stockCache[code] = result s.mu.Unlock() return result, nil }) if err != nil { return nil, err } return v.(*StockAnalysisResult), nil } func (s *AnalysisService) doAnalyzeStock(ctx context.Context, code, name string) (*StockAnalysisResult, error) { // 建立一個子 Context 用於內部的多個非同步任務 g, ctx := errgroup.WithContext(ctx) var dbData string var aiResult string // 任務 1：查資料庫 g.Go(func() error { // 隨時檢查 Context 是否已取消 select { case <-ctx.Done(): return ctx.Err() default: // 模擬資料庫查詢 dbData = "Historical Data" return nil } }) // 任務 2：呼叫 Gemini API g.Go(func() error { // 將 ctx 傳入 API 客戶端，讓它能跟隨整體的超時控制 res, err := s.genai.Generate(ctx, "Analyze this: "+code) if err != nil { return err } aiResult = res return nil }) // 等待所有任務完成或其中一個出錯 if err := g.Wait(); err != nil { return nil, err } return &StockAnalysisResult{Data: dbData, Analysis: aiResult}, nil } func (s *AnalysisService) analyzeStockWithMetrics(ctx context.Context, code string) (*StockAnalysisResult, error) { key := "stock:" + code v, err, shared := s.sf.Do(key, func() (interface{}, error) { return s.doAnalyzeStock(ctx, code, "Name") }) // 紀錄監控指標：分辨是「原始呼叫」還是「共享結果」 status := "original" if shared { status = "shared" } s.sfCounter.Add(ctx, 1, metric.WithAttributes( attribute.String("stock_code", code), attribute.String("type", status), )) if err != nil { return nil, err } return v.(*StockAnalysisResult), nil } macOS 奇怪的安全扫码机制 # 查看最近的 syspolicyd 扫描记录 log show --predicate 'subsystem == "com.apple.syspolicy.exec"' --last 5m --style compact | grep performScan System Settings → Privacy & Security → Full Disk Access，给 VS Code 完全磁盘访问权限有效

Wednesday, April 15, 2026 Read

Articles

You don’t need Kafka: Building a message queue with only two UNIX signals It’s 2026, Just Use Postgres What canceled my Go context? Notes on Writing Wasm Go 1.26 interactive tour It’s 2026, Just Use Postgres The “Use the Right Tool” Trap You’ve heard the advice: “Use the right tool for the right job.” Sounds wise. So you end up with: Elasticsearch for search Pinecone for vectors Redis for caching MongoDB for documents Kafka for queues InfluxDB for time-series PostgreSQL for… the stuff that’s left Here’s what most people don’t realize: Postgres extensions use the same or better algorithms as specialized databases (in many cases).

Friday, March 13, 2026 Read

Go Tool Trace

淺談 Go Tool Trace - 1 淺談 Go Tool Trace - 2 Go Trace 與使用者自訂追蹤分析淺談 Go Tool Trace - 3 實際分析 Goroutine Analysis Go Tool Trace - 4 從分析到實戰：最佳化 Goroutine 數量 trace Trace is an “event timeline”, not “sampling statistics” go tool trace: used to inspect runtime traces. Its essence is a time-ordered event stream, including: goroutine lifecycle/states: create / runnable / running / waiting / syscall scheduler (G/M/P) related events, scheduling latency blocking time distribution (net / sync / syscall) GC events, STW, heap changes (visible in the trace viewer) Use pprof to find hot spots: who burns CPU, who allocates a lot Use trace to find latency causes: why it’s stuck (scheduling? locks? network? syscalls? GC?) Quick intuition:

Tuesday, January 27, 2026 Read

Why is this running?

Tuesday, December 30, 2025 Read

Mosdns-X

Mosdns-X Make DNS faster and cleaner on Linux: Deploy Mosdns-X install bash <(curl -sL https://raw.githubusercontent.com/lidebyte/bashshell/refs/heads/main/mosdns-x-manager.sh) config sudo tee /etc/mosdns-x/config.yaml > /dev/null <<'EOF' # mosdns-x concurrent query (no split routing) config log: level: info file: /var/log/mosdns-x/mosdns-x.log plugins: # Cache plugin - tag: cache type: cache args: size: 1024 lazy_cache_ttl: 1800 # Concurrent upstreams: take the first usable answer - tag: forward_all type: fast_forward args: upstream: # AliDNS - addr: "udp://223.5.5.5" - addr: "tls://dns.alidns.com" # DNSPod / doh.pub - addr: "udp://119.29.29.29" - addr: "tls://dot.pub" # Cloudflare - addr: "udp://1.1.1.1" - addr: "tls://cloudflare-dns.com" # Google - addr: "udp://8.8.8.8" - addr: "tls://dns.google" # Main pipeline: small cache -> concurrent selection - tag: main type: sequence args: exec: - cache - forward_all # Listen on dual-stack UDP/TCP 53 servers: - exec: main listeners: - addr: :53 protocol: udp - addr: :53 protocol: tcp EOF systemd sudo tee /etc/systemd/system/mosdns.service > /dev/null <<'EOF' [Unit] Description=Mosdns-X DNS Accelerator After=network.target [Service] Type=simple User=root Group=root ExecStart=/usr/local/bin/mosdns-x start --as-service -d /usr/local/bin -c /etc/mosdns-x/config.yaml Restart=always RestartSec=5 StandardOutput=journal StandardError=journal SyslogIdentifier=mosdns [Install] WantedBy=multi-user.target EOF sudo systemctl daemon-reload sudo systemctl enable --now mosdns # Backup system DNS sudo cp -n /etc/resolv.conf /etc/resolv.conf.mosdns-backup # Switch to local Mosdns-X echo -e "nameserver 127.0.0.1\noptions edns0" | sudo tee /etc/resolv.conf # If port 53 is occupied by systemd-resolved, disable it sudo systemctl disable --now systemd-resolved 2>/dev/null || true # If you also want to lock it (prevent DHCP changes), run chattr too: echo -e "nameserver 127.0.0.1\n" > /etc/resolv.conf && chattr +i /etc/resolv.conf # Check process status sudo systemctl status mosdns --no-pager # Test resolution speed (second run should hit cache) dig +stats www.google.com dig +stats www.baidu.com # View logs in real time tail -f /var/log/mosdns-x/mosdns-x.log

Sunday, November 9, 2025 Read

go-synctest

go-synctest func TestAfterFunc(t *testing.T) { synctest.Test(t, func(*testing.T) { ctx, cancel := context.WithCancel(context.Background()) called := false context.AfterFunc(ctx, func() { called = true }) synctest.Wait() // Wait until all goroutines are blocked if called { t.Fatal("AfterFunc was called before cancel") } cancel() synctest.Wait() // Wait again if !called { t.Fatal("AfterFunc was not called after cancel") } }) }

Friday, November 7, 2025 Read

Articles

Articles

Articles

Articles

Go Tool Trace

Why is this running?

Mosdns-X

go-synctest

Go Practical Guide: Execute Lua Scripts with go-redis

Go Protobuf: The New Opaque API

GitLab CI Can Automatically Check Code Quality! How to Use SonarQube for Code Quality Checks?

Supply chain attack