Explore the latest engineering posts and summaries

Search by topic, company, or concept and scan results quickly.

Posts indexed431

Last indexedMar 14, 2026

Cloudflare BlogFeb 27, 2026

Bringing more transparency to post-quantum usage, encrypted messaging, and routing security

Why it matters: As quantum computing threats loom, transitioning to post-quantum cryptography and securing BGP routing are critical for long-term data integrity. These tools provide the transparency needed to audit infrastructure readiness and verify the security of encrypted communication channels.

Cloudflare Radar now monitors post-quantum (PQ) encryption support for origin-facing connections, complementing existing client-side tracking.
A new public tool allows users to verify if specific hostnames support PQ-secure hybrid key exchange algorithms like X25519MLKEM768.
The Key Transparency dashboard provides real-time verification status of logs for encrypted messaging services, ensuring public key integrity.
Routing security insights now include data on ASPA (Autonomous System Provider Authorization) deployment to mitigate BGP route leaks.
Origin-side PQ support has seen a 10x increase over the past year, driven by default enablement in libraries like OpenSSL 3.5.0 and Go 1.24.

#security #data #dist

Read original

Cloudflare BlogFeb 27, 2026

The most-seen UI on the Internet? Redesigning Turnstile and Challenge Pages

Why it matters: Redesigning a UI served billions of times daily requires balancing security, accessibility, and performance. This case study shows how to handle massive-scale deployments while reducing user friction in critical security checkpoints, ensuring a better experience for a global audience.

Cloudflare redesigned its Turnstile and Challenge Pages to improve the user experience for 7.67 billion daily security verifications.
A comprehensive design audit revealed fragmented error states and overly technical messaging that increased user frustration.
The team mapped complex user journeys to identify 'unhappy paths' and replaced technical jargon with actionable, human-readable guidance.
The redesign addresses a 58% year-over-year increase in security challenges driven by the rise of AI-powered bot attacks.
Engineering efforts focused on maintaining performance and accessibility at an unprecedented global scale while ensuring backward compatibility.

#security #frontend #culture

Read original

Cloudflare BlogFeb 27, 2026

We deserve a better streams API for JavaScript

Why it matters: Modern web apps rely on streaming data, yet the current Web Streams API is plagued by performance bottlenecks and a complex locking model. Understanding these flaws is crucial for engineers building high-performance runtimes or handling large-scale data processing in JavaScript.

The WHATWG Streams Standard was designed before async iteration (ES2018), leading to an API that relies on complex reader/writer acquisition instead of idiomatic language primitives.
Web streams use a restrictive locking model where forgetting to call releaseLock() can permanently break a stream, creating significant debugging hurdles.
The current API requires excessive boilerplate for common operations, such as manually managing reader locks and the { value, done } protocol.
Retrofitting async iteration onto Web streams hides but does not solve underlying complexity, and it fails to support advanced features like BYOB (Bring Your Own Buffer) reads.
Benchmarks show that alternative stream implementations leveraging modern JS features can be 2x to 120x faster than the current standard across various runtimes.
The author advocates for a new streaming standard that aligns with modern JavaScript development patterns to improve both performance and developer experience.

#data #frontend #dist

Read original

PlanetScale Tech BlogFeb 27, 2026

Video Conferencing with Postgres

Why it matters: This experiment showcases the power of PostgreSQL's logical replication for real-time data streaming. It challenges the boundaries of traditional database use cases, proving that WAL-based change data capture can serve as a high-throughput alternative to dedicated message brokers.

Implements video conferencing by using PostgreSQL as a real-time message broker via logical replication.
Captures browser media as JPEG frames and PCM audio, inserting them into BYTEA columns in a standard Postgres table.
Uses a Node.js relay to consume the logical replication stream (WAL) and forward updates to clients via WebSockets.
Achieves 15fps at 640x360 resolution by leveraging the ordered nature of commit logs instead of polling with SELECT.
Evaluates and rejects LISTEN/NOTIFY due to its 8KB payload limit, which is insufficient for video frame sizes.
Maintains database performance by running a cleanup job every two seconds to prune frames older than five seconds.
Demonstrates that PostgreSQL can handle high-throughput binary data streams while ensuring durability and crash recovery.

#data #dist

Read original

GitHub EngineeringFeb 26, 2026

What’s new with GitHub Copilot coding agent

Why it matters: These updates transform AI from a simple autocomplete tool into a sophisticated background agent that handles end-to-end tasks. By automating code review and security checks, it reduces manual toil and ensures higher quality PRs with significantly less human intervention.

GitHub Copilot coding agent now allows users to select specific AI models for tasks, choosing faster models for routine work or more robust ones for complex refactoring.
The agent performs automated self-reviews to catch logic errors and improve code style before submitting a pull request.
Integrated security scanning checks for vulnerabilities, secrets, and dependency issues for free within the agent workflow.
Custom agents can be defined in .github/agents/ to enforce team-specific processes, such as mandatory benchmarking.
Seamless handoff between cloud sessions and the local CLI allows developers to move work between environments without losing context.

#mlp #security

Read original

Dropbox Tech BlogFeb 26, 2026

Using LLMs to amplify human labeling and improve Dash search relevance

Why it matters: Effective RAG systems depend on high-quality search ranking. Using LLMs to scale relevance labeling allows engineers to train more accurate models faster, overcoming the scalability and privacy limitations of traditional human-only labeling workflows.

Dropbox Dash uses a Retrieval-Augmented Generation (RAG) pattern, where search ranking quality is critical for grounding LLM responses.
Ranking models are trained using XGBoost on query-document pairs scored on a 1-5 relevance scale.
While human labeling provides a high-quality gold standard, it is expensive, slow, and poses privacy risks with proprietary data.
LLMs amplify human efforts by generating relevance labels at scale, significantly increasing the volume of training data available.
The hybrid labeling approach combines a small set of human-labeled data with LLM-assisted evaluation to improve model accuracy.
LLM-based labeling effectively addresses the cold-start problem for new search features where user behavior data is sparse.

#mlp #data

Read original

Salesforce EngineeringFeb 26, 2026

Hyperforce Migration at Scale: How Deterministic Automation Replaced Manual Spreadsheets Across 95,000 Organizations

Why it matters: Automating large-scale infrastructure migrations is critical for reducing operational risk. MIPS demonstrates how to build a deterministic decision engine that maintains auditability and customer trust while scaling to handle tens of thousands of complex organization moves.

Salesforce developed the Migration Intake and Processing Service (MIPS) to automate the migration of 95,000 organizations to Hyperforce.
The platform replaced manual spreadsheets and email-based coordination with a deterministic decision engine for eligibility and capacity.
MIPS consolidates distributed sources of truth into a centralized layer using well-defined APIs and explicit data contracts.
The system achieves a 90%+ auto-approval rate while escalating complex exceptions for human review to maintain throughput.
Every migration decision is fully traceable and auditable, ensuring customer trust and data residency requirements are met.
The architecture utilizes continuous data quality checks to prevent misinterpretations of regional capacity or scheduling windows.

#sre #dist #data

Read original

Engineering at MetaFeb 24, 2026

RCCLX: Innovating GPU communications on AMD platforms

Why it matters: RCCLX optimizes GPU communication on AMD platforms, addressing bottlenecks in LLM inference and training. By reducing AllReduce latency and using FP8 quantization, it significantly improves performance for decoding and prefill stages on modern AMD hardware.

Meta open-sourced RCCLX, an enhanced version of the ROCm Communication Collective Library (RCCL) optimized for AMD GPU platforms.
Integrated with Torchcomms, RCCLX includes CTran features like AllToAllvDynamic to enable GPU-resident collectives.
Introduces Direct Data Access (DDA) algorithms that reduce AllReduce latency by 10-50% for LLM decoding and 10-30% for prefill on MI300X GPUs.
DDA flat and tree algorithms optimize small and medium message sizes by allowing ranks to load memory directly from other ranks.
Supports low-precision collectives using FP8 quantization to achieve up to 4:1 compression, significantly reducing communication overhead for large messages.
Leverages AMD Infinity Fabric for high-bandwidth peer-to-peer mesh communication while maintaining numerical stability through FP32 compute steps.

#dist #mlp

Read original

Cloudflare BlogFeb 24, 2026

How we rebuilt Next.js with AI in one week

Why it matters: vinext solves the 'deployment problem' for Next.js on non-Vercel platforms by replacing the bespoke Turbopack toolchain with Vite. This offers engineers faster builds, smaller bundles, and native compatibility with Cloudflare Workers without sacrificing the familiar Next.js developer experience.

Cloudflare introduced vinext, a Vite-based, drop-in replacement for Next.js developed in one week using AI models.
The framework reimplements Next.js APIs like RSC and Server Actions directly on Vite, bypassing fragile build-output adapters like OpenNext.
Benchmarks show production builds up to 4.4x faster and client bundle sizes reduced by 57% using the Rolldown bundler.
It features first-class support for Cloudflare Workers, including single-command deployment and built-in ISR via Cloudflare KV.
By using the Vite Environment API, vinext ensures the development server and production output run natively on target runtimes.

#frontend #dist

Read original

Airbnb EngineeringFeb 24, 2026

Academic Publications & Airbnb Tech: 2025 Year in Review

Why it matters: Airbnb's research demonstrates how to bridge the gap between academic theory and production-scale systems. By using bimodal embeddings and specialized ranking metrics, they solve complex marketplace challenges, providing a blueprint for driving revenue through advanced machine learning.

Airbnb expanded its 2025 research footprint across major conferences including KDD, CIKM, and VLDB, focusing on ML, NLP, and optimization.
Developed rapid pre-A/B assessment techniques using interleaving and counterfactual evaluation to streamline search ranking experiments.
Introduced BiListing embeddings which leverage LLMs and language-image models to unify unstructured text and photo data into ranking signals.
Optimized map-based search by creating a map-specific NDCG metric that better models user attention compared to traditional list-based metrics.
Implemented extreme classification for high-precision audience expansion and location retrieval within a two-sided marketplace.
Enhanced pairwise learning-to-rank algorithms by capturing item interactions during comparisons to more accurately reflect user intent.

#mlp #data

Read original

Page 7 of 44

Prev 1...5 6 7 8 9...44 Next