Next.js just got its worst vulnerability ever, CVSS 8.6.
→ affects versions 13.4.13+, 14.x, 15.x, and 16.0.0–16.2.4
→ attackers can access your internal services, cloud credentials, API keys, and admin panels
→ no authentication needed
→ one crafted request is all it takes
→ roughly 79,000 instances are exploitable right now
→ vercel-hosted apps are safe, self-hosted are not
upgrade to 15.5.16 or 16.2.5 immediately.
The more I replace plans with prototypes, the better the outputs
Who'd have thought that low fidelity prototypes were better than walls of spec
Oh yeah, the entire industry for 20 years
Stop going against decades of knowledge because someone in SF shipped it as a 'mode'
My dear front-end developers (and anyone who’s interested in the future of interfaces):
I have crawled through depths of hell to bring you, for the foreseeable years, one of the more important foundational pieces of UI engineering (if not in implementation then certainly at least in concept):
Fast, accurate and comprehensive userland text measurement algorithm in pure TypeScript, usable for laying out entire web pages without CSS, bypassing DOM measurements and reflow
This commit most likely just saved us $800-$1000 a month
Vercel wtf, why is your optimization 100x more expensive then CloudFlare lol
Its easy to not see this when following docs
Ok hold the phone. ☎️
This @figma AI feature is a game changer! 🤯 Research synthesis is something I struggle with. This gives you synthesized insights in seconds!!
Although I will still do it manually, this at least provides me with a second opinion to compare against ❤️