Curated topic

frontend

Posts tagged with frontend

Cloudflare BlogApr 17, 2026

Shared Dictionaries: compression that keeps up with the agentic web

Why it matters: As web pages grow heavier and deployment cycles shorten, traditional caching fails. Shared dictionaries enable delta compression, sending only file diffs to clients. This drastically reduces bandwidth and improves load times for returning users and bots in an increasingly automated web.

Web page weight is increasing 6-9% annually, while frequent AI-assisted deployments are making traditional caching less effective.
Shared dictionaries allow servers to use previously cached resources as a reference, sending only the differences (delta compression) to the client.
The mechanism utilizes new HTTP headers like Use-As-Dictionary and Available-Dictionary to coordinate diff-based transfers.
This approach can reduce large JavaScript bundle transfers to just a few kilobytes, significantly saving bandwidth and CPU.
Modern implementations aim to solve historical security issues like CRIME and BREACH side-channel attacks that hindered earlier versions.
Cloudflare is introducing support for these dictionaries to handle the rise of agentic web traffic and high-frequency deployment cycles.

#dist #frontend #security

Read original

GitHub EngineeringApr 15, 2026

Build a personal organization command center with GitHub Copilot CLI

Why it matters: This highlights how AI-driven workflows and the Model Context Protocol (MCP) enable engineers to rapidly build custom productivity tools. It showcases a shift toward 'plan-then-implement' development, allowing developers to focus on architecture while AI handles the implementation details.

Staff Engineer Brittany Ellich built a centralized personal command center to solve digital fragmentation using GitHub Copilot CLI and Agent Mode.
The project utilizes a 'plan-then-implement' workflow where Copilot interviews the developer to refine requirements before generating the implementation.
The technical stack features Electron for the desktop framework, React for UI management, and Vite for fast build tooling.
Integration with Microsoft 365 data is achieved through the Model Context Protocol (MCP) using the WorkIQ server.
The development process combined synchronous work in VS Code Agent Mode with asynchronous tasks handled by Copilot Cloud Agent.
The project demonstrates how AI tools allow engineers to successfully build in unfamiliar frameworks like Electron with minimal manual boilerplate.

#mlp #frontend #culture

Read original

Cloudflare BlogApr 15, 2026

Add voice to your agent

Why it matters: This allows engineers to add voice capabilities to AI agents without re-architecting their stack. By leveraging Durable Objects and Workers AI, it ensures state consistency across text and voice while providing a unified, low-latency pipeline for real-time interactions.

Cloudflare introduced @cloudflare/voice, an experimental extension for the Agents SDK to enable real-time voice interactions.
The package integrates voice directly into existing Durable Object architectures, sharing the same state, tools, and persistence.
Provides high-level wrappers like withVoice for full conversations and withVoiceInput for speech-to-text tasks.
Includes built-in support for Workers AI models, including Deepgram Flux and Nova 3 for STT and Aura for TTS.
Offers React hooks (useVoiceAgent) and a framework-agnostic VoiceClient for easy client-side implementation.
Uses a single WebSocket connection for streaming 16 kHz mono PCM audio, maintaining SQLite-backed conversation history.

#mlp #dist #frontend

Read original

Cloudflare BlogApr 15, 2026

Browser Run: give your agents a browser

Why it matters: Cloudflare's Browser Run provides a scalable, serverless Chrome environment optimized for AI agents. By exposing CDP and adding human-in-the-loop capabilities, it solves the reliability and observability challenges inherent in building complex, autonomous web-browsing agents.

Cloudflare rebrands Browser Rendering to Browser Run, optimizing the service as a dedicated infrastructure for agentic AI.
Direct Chrome DevTools Protocol (CDP) access allows agents and existing automation scripts to control browsers with low-level precision.
The Human-in-the-Loop feature enables agents to hand off complex tasks, such as CAPTCHAs or logins, to humans in real-time.
Live View and Session Recordings provide critical observability, allowing developers to monitor and debug agent actions as they happen.
Native support for Model Context Protocol (MCP) and WebMCP facilitates better discovery and interaction between AI assistants and websites.
Scaling capabilities have been expanded to support 120 concurrent browser sessions per account on Cloudflare's global network.

#mlp #dist #frontend

Read original

GitHub EngineeringApr 13, 2026

GitHub for Beginners: Getting started with GitHub Pages

Why it matters: GitHub Pages offers engineers a zero-cost, integrated solution for hosting documentation, portfolios, and static web apps. It simplifies the deployment pipeline by leveraging existing Git workflows and GitHub Actions, removing the overhead of managing external hosting infrastructure.

GitHub Pages provides free, secure hosting for static websites directly from any GitHub repository.
Users can deploy sites using two primary methods: the simple 'Deploy from a branch' option or automated GitHub Actions workflows.
The platform supports modern frameworks like Next.js through pre-configured GitHub Actions templates.
Custom domains can be integrated by configuring DNS records and verifying domain ownership at the profile or organization level.
Security is managed through an 'Enforce HTTPS' setting that provides free SSL certificates for all hosted sites.
Even if a repository is private, the published GitHub Pages site remains public, allowing for easy project sharing.

#frontend #security

Read original

GitHub EngineeringApr 8, 2026

GitHub Universe is back: We want you to take the stage

Why it matters: GitHub Universe is a premier event for engineers to showcase technical achievements and learn about the latest in AI-driven development and security. It offers a unique opportunity to influence the community and discover tools that accelerate the software development lifecycle.

GitHub Universe returns to San Francisco on October 28–29, focusing on developer learning and technical innovation.
The Call for Sessions is open until May 1, inviting engineers to submit proposals on their builds and lessons learned.
Past highlights include deep dives into advanced Git features like sparse checkouts, partial clones, and reflog rescues.
Technical themes emphasize CI/CD automation using GitHub Actions and AI-assisted security with Copilot.
The event showcases creative ways to teach complex topics, such as using roleplay to explain Kubernetes security and clusters.
A major focus remains on improving Developer Experience (DevEx) and accelerating the path from idea to shipped product.

#culture #security #frontend

Read original

Pinterest EngineeringApr 8, 2026

Performance for Everyone

Why it matters: Automating performance metrics lowers the barrier for product teams to prioritize speed. By making Visually Complete latency a default feature, engineers can focus on optimization rather than instrumentation, ensuring a consistently fast user experience across all app surfaces.

Pinterest automated the measurement of Visually Complete latency by integrating tracking logic directly into base UI classes.
The system reduces engineering effort from two weeks per surface to zero by automatically measuring any feature built on the BaseSurface class.
Measurement is achieved by walking the Android view tree to verify the rendering status of visible media components like images, text, and video.
Standardized interfaces such as PerfImageView and PerfTextView provide methods like isDrawn() to report precise rendering timestamps.
The solution currently monitors over 60 surfaces on Android and has been successfully ported to iOS and Web platforms for cross-platform consistency.

#mobile #frontend

Read original

GitHub EngineeringApr 3, 2026

The uphill climb of making diff lines performant

Why it matters: Optimizing diff rendering is critical for developer productivity at scale. This engineering deep dive shows how reducing per-unit overhead in React components can prevent browser crashes and high input lag when handling massive datasets in the DOM.

GitHub optimized its React-based 'Files changed' tab to handle extreme pull request sizes, targeting high memory usage and interaction latency.
The v1 architecture suffered from excessive overhead, requiring up to 15 DOM elements and 20+ event handlers per single diff line.
Performance bottlenecks included JavaScript heaps exceeding 1GB and DOM node counts surpassing 400,000 in large-scale reviews.
Optimization strategies focused on reducing React component depth, minimizing event handlers, and removing redundant HTML tags like <code>.
The team implemented virtualization to gracefully degrade performance for massive PRs while maintaining native browser behaviors for smaller ones.
Key metrics improved include Interaction to Next Paint (INP) and overall memory pressure across the p95 and p99 percentiles.

#frontend

Read original

Cloudflare BlogApr 1, 2026

Introducing EmDash — the spiritual successor to WordPress that solves plugin security

Why it matters: EmDash modernizes CMS architecture by replacing insecure PHP-based plugin hooks with isolated serverless environments. This shift to capability-based security and modern TypeScript tooling solves decades-old security vulnerabilities while maintaining the extensibility of the WordPress model.

EmDash is an open-source, MIT-licensed CMS built from scratch using TypeScript and the Astro framework.
It addresses WordPress's fundamental security flaws by sandboxing plugins within isolated Dynamic Workers.
Plugins utilize a capability-based security model, requiring explicit declarations of permissions like database access or network calls in a manifest.
The architecture is serverless-first but portable, allowing deployment on Cloudflare, Node.js, or private hardware.
By using static declarations for plugin needs, administrators can audit and restrict plugin behavior at install time rather than relying on allowlists.

#security #frontend #dist

Read original

Cloudflare BlogMar 30, 2026

Cloudflare Client-Side Security: smarter detection, now open to everyone

Why it matters: Client-side attacks like skimming are hard to detect because they don't break site functionality. Cloudflare's use of GNNs and LLMs to analyze script intent at scale allows engineers to secure front-end dependencies and meet PCI DSS v4 compliance without manual overhead or performance lag.

Cloudflare has expanded access to Client-Side Security Advanced for self-serve customers and made domain-based threat intelligence free for all users.
The system uses browser reporting and Content Security Policy (CSP) to monitor scripts with zero latency impact on web applications.
Detection logic utilizes Graph Neural Networks (GNN) to analyze Abstract Syntax Trees (AST), identifying malicious intent rather than relying on static signatures.
A new LLM-based triage layer has been integrated to reduce false positives by distinguishing between malicious code and benign but obfuscated scripts like ad-tech bundles.
The platform automates code change monitoring and proactive blocking, assisting organizations in meeting PCI DSS v4 compliance requirements.

#security #frontend #mlp

Read original

Page 1 of 5

Prev1 2 3...5 Next