Hybrid search runs a vector query and a keyword query in parallel against the same documents and merges the two...
Version 1.18.0 of irb introduced a welcome banner. Here is how to disable it, or how to add it to...
Getting parseable output back from an LLM has two halves: shaping the request, then parsing the response. Even with Ollama...
RAG is often equated with vector databases, embeddings, and semantic search. But RAG ("Retrieval-Augmented Generation") really is just 'put...
A page scanned upside down or sideways has the potential to confuse OCR engines and vision LLMs. While both are...
When an LLM is part of a request, you want to keep track of how much of the runtime was...
When an LLM model has vision capabilities, you can attach Base64-encoded images to chat messages, and it will load...
When testing Ollama vision requests with VCR, the recorded cassettes will contain the full base64-encoded image payloads. A single...
I recently ran into this issue when processing a massive backlog of documents. The server completely stalled, sometimes taking up...
I find it annoying to iterate on a spec that relies on a recorded VCR casette. You constantly have to...
It's quite frustrating to come back to a coding agent after a while only to see that it needed...
When you load a with a nonce, that script can await import() additional sources from any hostname. The nonce is propagated automatically for the one purpose of importing more scripts. This is not related to strict-dynamic, which propagates nonces for any propose not limited to imports (e.g. inserting elements). Example We have a restrictive CSP that only allows nonces: Content-Security-Policy: default-src 'none'; script-src 'nonce-secret123' Our HTML loads script.js using that nonce: Our script.js imports other.js without a nonce: let other = await import('other.js') console.log("Look, script.js has imported %o", other) The import succeeds without a nonce, due to implicit nonce propagation. Why this is useful In modern build pipelines, code splitting (chunking) is implemented using dynamic imports. Nonce propagation allows us to use automatic chunking with restrictive, nonce-based CSPs without using strict-dynamic. E.g. esbuild automatically groups dynamically imported modules into chunks, and writes that chunk to disk. The compiled build has an await import('assets/chunk-NAXSMFJV.js'). There's no way to inject a nonce into that import(), but implicit nonce propagation still allows the request. Should I worry about this? It would require some truly strange code for user input to make it into an import() argument. I wouldn't lose sleep over this. Is this a browser bug? It is by design. Here are some sources: HTML Spec Section 8 (Web Application APIs) (search for "descendant script fetch options") Chromium test ensuring none propagation Firefox bug implementing nonce propagation CSP issue: Someone concerned about propagation being a vulnerability CSP issue: Proposal for import-src that went nowhere Are other CSP sources also propagated? No, only nonces. In particular host-based CSPs do not propagate trust. For example, you only allow scripts from our own host (no nonces): Content-Security-Policy: default-src 'none'; script-src 'self' Our HTML loads script.js from our own host: Our script.js imports other.js from a different host: let other = await import('https://other-host.com/other.js') This fails with a CSP violation: Executing inline script violates the following Content Security Policy directive 'script-src 'self''
You may remember to use the || operator with caution to set defaults. We'll see that && and other conditionals come...
TypeScript basically uses structural typing, which is conceptually quite similar to duck typing, but with static compile-time type checking...
In some projects we have issues with flaky tests. The best default is to fix them all. But in some...
I use the Gemini web chat interface quite extensively. One thing that is tedious is giving it all the context...
Knapsack allows you to rerun a specific job locally. This is helpful to run specs in the exactly same order...
If your rubocop run fails with a stack like rubocop-1.61.0/lib/rubocop/server/socket_reader.rb:36:in `ensure in read!': undefined method `string...
The :test adapter doesn't respect limits_concurrency configuration. Switch to :solid_queue adapter in your test to verify blocking...
Short reference on how to quickly debug the vanilla Rails job adapters. Queue Adapters by Environment Environment Adapter
Sometimes you have a maintenance script where you want to iterate over all ActiveRecord models. Rails provides this out of...
Finding changes When you're looking for a specific change in Git, there are multiple axes you can choose:
When you replace parts of the DOM with new HTML, using .innerHTML = newHtml is usually the simplest and fastest option...
Compatibility: Angular 20+ with Jasmine 5.x and Karma 6.x As a default Angular CLI auto-generates test bootstrap...