OpenResty

Just noticed Anthropic’s new "Fast Mode" for Opus. It boosts response times by 2.5x with zero quality loss, but the token price skyrocketed by 6x! I guess some people really have money to burn and are willing to pay a massive premium just for speed. AI profits are definitely flowing back to the big tech giants now, thanks to all those agents burning through tokens 24/7...

🚀 OpenResty 1.29.2.4 is officially out! This is a critical security-focused release designed to address recent vulnerabilities and harden your infrastructure. Here are the key updates in this version: 1️⃣ Upstream Nginx Security Patches: Fully synced with the latest Nginx security fixes. This includes a critical fix for a buffer overflow vulnerability in ngx_http_rewrite_module (CVE-2026-42945), alongside multiple out-of-bounds read fixes in the charset, SCGI, and uwsgi modules. 2️⃣ HTTP/3 & OCSP Security Hardening: Resolved a key HTTP/3 address spoofing vulnerability (CVE-2026-40460) and a use-after-free risk within the OCSP resolver (CVE-2026-40701), significantly boosting system robustness under complex network protocols. 3️⃣ Dedicated Security Maintenance: This release is a rapid response to recently disclosed core Nginx vulnerabilities. We strongly recommend that all users on the 1.29.2.x series upgrade immediately to mitigate potential exploit risks. 🔗 Relevant links can be found in the comments below. #OpenResty #WebServer #Nginx

That trending AI Time Horizon chart is insane—it actually gives us an objective, unified benchmark to evaluate all LLMs, even the oldest ones. AI capability is still growing exponentially over time. Have to admit, Anthropic’s Claude 4.6 Opus and Mythos models are seriously impressive... Too bad it doesn't include data points for the latest Opus 4.7 and GPT-5.5 models yet. Looks like late 2024 was the exact moment LLM capabilities really started taking off. 🚀

Wild to see Musk’s SpaceX/xAI providing compute to Anthropic. Guess Grok isn’t using all that capacity? Anthropic just doubled their subscription token limits—lol! They’re even planning "space-based compute" together...OpenAI is in a tough spot now that the world’s richest man is backing their biggest rival. All this while Musk’s lawsuit against them is still ongoing. The irony of him being an early investor is just wild.

Meta is tracking US employees' mouse movements, clicks, and keystrokes — to train AI that will replace them. The ones who haven't been laid off yet aren't safe. They're just still useful. The golden age of Big Tech jobs is likely over. Employees are now raw material. There's no going back.

Meta and Microsoft have recently kicked off another round of massive layoffs. This is exactly what Ilya called it — if these tech giants don't slash headcount, where else are they going to find the money to cover the hundreds of billions of dollars in AI infrastructure spending? Not long ago, Oracle did the same thing, laying off workers specifically to free up cash for GPU compute. The message couldn't be clearer: these companies would rather pour money into chips and compute than pay their own employees — and this is happening even as their profits and revenues continue to grow at a rapid clip. Anyone still pushing the line that "they just over-hired during the pandemic" really needs to give it a rest.

We recently released version 26.5.11 of OpenResty XRay. The full release announcement can be found in the comments section. The three major highlights are: 1) Major upgrade to enterprise-grade identity authentication and multi-tenant management — the cloud version now officially supports OIDC login, enabling seamless integration with enterprise unified identity systems; the self-hosted version adds the ability to modify customer names and configure tenant names during initialization, making multi-tenant scenario management more flexible. 2) New support for D language application analysis, along with the introduction of the `d-newgco` and `d-newgco-size` flame graphs, which can precisely analyze the count and size of newly allocated GC objects in D language applications, helping developers quickly pinpoint memory performance bottlenecks. 3) Continued deepening of system-level diagnostic capabilities — new `lj-gc-state` for retrieving the configuration and current state of the LuaJIT garbage collector; new `sys-nf-conntrack` for monitoring the configuration and state of nf_conntrack; and new `sys-softirq-stats` for obtaining softirq status information along with configuration recommendations. OpenResty XRay is our online application analysis platform based on dynamic tracing technology. It can non-intrusively analyze, in real time, a wide variety of issues across different types of applications — including high CPU usage, CPU underutilization, excessive memory consumption or leaks, high disk I/O, long latency, exceptions, crashes, network issues, and security vulnerabilities — without touching the source code or making any modifications to the target application. #OpenRestyXRay #OpenResty

Recently, while chatting with the Claude Opus model, she recommended a niche programming language called Crystal, saying it feels even better to use than D and suits my taste perfectly. It’s a statically typed language with a Ruby-style syntax and is also based on the LLVM toolchain. The only downside is that the compilation speed is quite slow (especially compared to D's dmd, which is incredibly fast!). She also introduced me to Nim, a static language with a syntax style reminiscent of Python or Haskell. However, I’ve never really been a fan of Python. I’m a bit wary of indentation-sensitive languages; writing them by hand is one thing, but I’m mostly afraid of using my own programs to auto-generate code. Having to precisely track the indentation level of every single line is just too tedious and fragile. I had never heard of these two languages before. This is exactly why I need to chat with AI more often—to broaden my horizons and learn new things...

We're excited to announce the release of OpenResty Edge 26.6.8! Here are the core highlights of this update: - Kernel-level IP Blocking: Intercept malicious traffic directly at the OS kernel layer for higher performance and lower overhead. - SSL JA4 Fingerprinting: Retrieve client JA4 fingerprints via page rule conditions to enable more precise security policies. - LDAPS Support: More secure and reliable data transmission for enterprise identity authentication scenarios. - AWS EKS Dynamic Tokens: Simplified K8s cluster integration and authentication in cloud-native environments. - WAF Paranoia Level Control: Flexibly tune rule inspection intensity to strike the right balance between security and business compatibility. We also optimized IP address matching performance (upgraded from trie to radix tree), reduced domain update latency, added auto-restart support for the oredge-node systemd service, and fixed several bugs. Full release notes in the comments. #OpenRestyEdge #APIGateway #WAF #OpenResty

Last month, the industry was buzzing with a technical disaster: PocketOS, a US-based car rental SaaS provider, suffered a total system collapse. Their AI agent accidentally triggered a maximum-privilege API, wiping the production database in an instant. Because the backups were stored on the same volume as the primary database, they were also destroyed, rendering the data completely unrecoverable. This incident proves once again that in today’s highly automated world, disaster strikes in milliseconds. This is especially true for gateway systems, where routing rules, security policies, and application configurations are all stored in the database; once lost, no business system can help you reverse-engineer them. While this was not an OpenResty Edge customer case, the automation risks it exposed are universal. To help users completely avoid such extreme risks, OpenResty Edge was designed from the ground up with built-in multi-layer security isolation and data redundancy mechanisms. To this end, we have released the new "OpenResty Edge Data Protection Guide: From Scheduled Backups to Automatic Failover," detailing three levels of data protection for OpenResty Edge: - Scheduled Backups (Cold Backup) – The absolute bottom line against misoperation and malicious destruction; a must for all environments. - Primary-Secondary Streaming Replication – Guards against single points of failure to ensure service continuity; recommended for all production environments. - Automatic Failover Cluster – Achieves automatic switching within seconds; ideal for mission-critical services with the highest availability requirements. In this article, we systematically compare scheduled backups, streaming replication, and failover clusters, providing pragmatic selection advice. Link to the full article is in the comments section. #OpenRestyEdge #DatabaseBackup #AISecurity