Andrew Johnston
@billywhizz.bsky.social
https://billywhizz.io/
pushing bits @bloomberg.com
hacking on a js runtime at https://github.com/just-js
opinions are my own
pushing bits @bloomberg.com
hacking on a js runtime at https://github.com/just-js
opinions are my own
"the security issues in the XSLT library used in Chrome were nothing more than excuses to give the final blow to RSS and any other XML format that is still the backbone of an independent web" wok.oblomov.eu/tecnologia/g...
Google is killing the open web, part 2
Do not comply in advance.
wok.oblomov.eu
November 17, 2025 at 9:50 PM
"the security issues in the XSLT library used in Chrome were nothing more than excuses to give the final blow to RSS and any other XML format that is still the backbone of an independent web" wok.oblomov.eu/tecnologia/g...
"Brimstone chooses to implement almost all components of the engine from scratch with minimal dependencies"👀
github.com/Hans-Halvers...
github.com/Hans-Halvers...
GitHub - Hans-Halverson/brimstone: New JavaScript engine written in Rust
New JavaScript engine written in Rust. Contribute to Hans-Halverson/brimstone development by creating an account on GitHub.
github.com
November 16, 2025 at 6:44 PM
"Brimstone chooses to implement almost all components of the engine from scratch with minimal dependencies"👀
github.com/Hans-Halvers...
github.com/Hans-Halvers...
"For medium and large changes, the rollback rate of Rust changes in Android is ~4x lower than C++" security.googleblog.com/2025/11/rust...
Rust in Android: move fast and fix things
Posted by Jeff Vander Stoep, Android Last year, we wrote about why a memory safety strategy that focuses on vulnerability prevention in ...
security.googleblog.com
November 13, 2025 at 7:58 PM
"For medium and large changes, the rollback rate of Rust changes in Android is ~4x lower than C++" security.googleblog.com/2025/11/rust...
"It is clear from the performance of software-based schemes, such as address sanitizers, that hardware acceleration will be needed for enabling memory safety checking in production code." community.intel.com/t5/Blogs/Tec...
ChkTag: x86 Memory Safety
ChkTag: x86 Memory Safety Memory safety violations due to programming errors have long afflicted software. Industry and academia have been searching for solutions to this problem. As first noted in ...
community.intel.com
October 20, 2025 at 9:45 PM
"It is clear from the performance of software-based schemes, such as address sanitizers, that hardware acceleration will be needed for enabling memory safety checking in production code." community.intel.com/t5/Blogs/Tec...
"The sovereignty issue is not going to go away. As Carrez said in a press conference: "It's extremely top of mind in the EU right now, it's what everyone is just talking about, and it's what everybody is doing.""
www.zdnet.com/article/euro...
www.zdnet.com/article/euro...
Europe's plan to ditch US tech giants is built on open source - and it's gaining steam
One topic dominated the recent 2025 OpenInfra Summit Europe, and it wasn't AI.
www.zdnet.com
October 20, 2025 at 8:51 PM
"The sovereignty issue is not going to go away. As Carrez said in a press conference: "It's extremely top of mind in the EU right now, it's what everyone is just talking about, and it's what everybody is doing.""
www.zdnet.com/article/euro...
www.zdnet.com/article/euro...
"The result is raw hardware capable of millions of writes per second, but etcd delivering orders of magnitude less due to the interfaces and guarantees it must uphold" bchess.github.io/k8s-1m/
October 19, 2025 at 2:53 PM
"The result is raw hardware capable of millions of writes per second, but etcd delivering orders of magnitude less due to the interfaces and guarantees it must uphold" bchess.github.io/k8s-1m/
October 15, 2025 at 10:21 PM
"He should be up there with Bill Gates and Steve Jobs and all the rest of them, one of the great figures of the history of computing" www.theguardian.com/world/2025/o...
Move over, Alan Turing: meet the working-class hero of Bletchley Park you didn’t see in the movies
The Oxbridge-educated boffin is feted as the codebreaking genius who helped Britain win the war. But should a little-known Post Office engineer named Tommy Flowers be seen as the real father of comput...
www.theguardian.com
October 12, 2025 at 9:06 PM
"He should be up there with Bill Gates and Steve Jobs and all the rest of them, one of the great figures of the history of computing" www.theguardian.com/world/2025/o...
"These changes may cause temporary friction, but they’re essential for protecting our ecosystem from increasingly sophisticated attacks."
github.blog/changelog/20...
github.blog/changelog/20...
Strengthening npm security: Important changes to authentication and token management - GitHub Changelog
As part of our ongoing commitment to securing the npm ecosystem, we’re implementing the first phase of security improvements outlined in our recent announcement. These changes will roll out over…
github.blog
October 12, 2025 at 2:47 PM
"These changes may cause temporary friction, but they’re essential for protecting our ecosystem from increasingly sophisticated attacks."
github.blog/changelog/20...
github.blog/changelog/20...
"The phones are too fiddly now, and pressing random things as they try to hold the phone meant the phone got lost in a sea of opening stuff up" 💯
forums.macrumors.com/threads/i-sp...
forums.macrumors.com/threads/i-sp...
I spent the day trying to teach seniors how to use an iPhone and it was a nightmare.
Honestly, I think Apple really needs to simplify the iPhone for the elderly. I know there are accessibility modes, but you don’t want to have to go through all that and spend hours trying to customize...
forums.macrumors.com
October 4, 2025 at 8:18 PM
"The phones are too fiddly now, and pressing random things as they try to hold the phone meant the phone got lost in a sea of opening stuff up" 💯
forums.macrumors.com/threads/i-sp...
forums.macrumors.com/threads/i-sp...
Reposted by Andrew Johnston
ECMAScript excitement 😉
@jason-williams.co.uk from TechAtBloomberg announces the release of Boa's Rust-based implementation of TC39 Stage 3 Temporal 🎉
Chrome estimates this will ship in Chromium 143 🎉🎉
Temporal is the shiny replacement for the broken JS Date API ✨
@jason-williams.co.uk from TechAtBloomberg announces the release of Boa's Rust-based implementation of TC39 Stage 3 Temporal 🎉
Chrome estimates this will ship in Chromium 143 🎉🎉
Temporal is the shiny replacement for the broken JS Date API ✨
Temporal_rs has been released!!!
This is the first public release of Temporal_rs, a Rust implementation of the Temporal API powering Boa, Kiesel, V8 plus other engines.
This will be shipping in Chromium soon
More info in our blog post: boajs.dev/blog/2025/09...
This is the first public release of Temporal_rs, a Rust implementation of the Temporal API powering Boa, Kiesel, V8 plus other engines.
This will be shipping in Chromium soon
More info in our blog post: boajs.dev/blog/2025/09...
Temporal_rs is here! The datetime library powering Temporal in Boa, Kiesel, and V8 | Boa JS
clock banner
boajs.dev
September 24, 2025 at 3:40 PM
ECMAScript excitement 😉
@jason-williams.co.uk from TechAtBloomberg announces the release of Boa's Rust-based implementation of TC39 Stage 3 Temporal 🎉
Chrome estimates this will ship in Chromium 143 🎉🎉
Temporal is the shiny replacement for the broken JS Date API ✨
@jason-williams.co.uk from TechAtBloomberg announces the release of Boa's Rust-based implementation of TC39 Stage 3 Temporal 🎉
Chrome estimates this will ship in Chromium 143 🎉🎉
Temporal is the shiny replacement for the broken JS Date API ✨
"Upgradable graphics in a laptop is basically the holy grail" 🏆
spectrum.ieee.org/upgrade-lapt...
spectrum.ieee.org/upgrade-lapt...
Framework’s New GPU Module Changes Laptop Upgrades Forever
Upgrade your laptop's graphics with ease: Framework's new module brings Nvidia RTX 5070 power to your fingertips.
spectrum.ieee.org
September 25, 2025 at 10:12 PM
"Upgradable graphics in a laptop is basically the holy grail" 🏆
spectrum.ieee.org/upgrade-lapt...
spectrum.ieee.org/upgrade-lapt...
"Since Cap'n Web is a symmetric protocol, there is no well-defined "client" or "server" at the protocol level. There are just two parties exchanging messages across a connection. Every kind of interaction can happen in either direction"
blog.cloudflare.com/capnweb-java...
blog.cloudflare.com/capnweb-java...
Cap'n Web: A new RPC system for browsers and web servers
Cap'n Web is a new open source, JavaScript-native RPC protocol for use in browsers and web servers. It provides the expressive power of Cap'n Proto, but with no schemas and no boilerplate.
blog.cloudflare.com
September 22, 2025 at 7:31 PM
"Since Cap'n Web is a symmetric protocol, there is no well-defined "client" or "server" at the protocol level. There are just two parties exchanging messages across a connection. Every kind of interaction can happen in either direction"
blog.cloudflare.com/capnweb-java...
blog.cloudflare.com/capnweb-java...
Reposted by Andrew Johnston
I'm grateful that TechAtBloomberg folk get to meet in-person whilst living around the globe. Travel is a privilege.
We just wrapped up a week in London that brought together our JS Infra & Performance/Observability teams who power the Terminal.
Day 1 was at the National Maritime Museum, Greenwich.
We just wrapped up a week in London that brought together our JS Infra & Performance/Observability teams who power the Terminal.
Day 1 was at the National Maritime Museum, Greenwich.
September 21, 2025 at 1:07 PM
I'm grateful that TechAtBloomberg folk get to meet in-person whilst living around the globe. Travel is a privilege.
We just wrapped up a week in London that brought together our JS Infra & Performance/Observability teams who power the Terminal.
Day 1 was at the National Maritime Museum, Greenwich.
We just wrapped up a week in London that brought together our JS Infra & Performance/Observability teams who power the Terminal.
Day 1 was at the National Maritime Museum, Greenwich.
"CRAN’s approach clearly puts a burden on package developers... But it results in an excellent workflow for R’s central user base: the researchers and data scientists who want to spend as much time as possible on the details of data analysis"
jtibs.substack.com/p/if-all-the...
jtibs.substack.com/p/if-all-the...
If all the world were a monorepo
The R ecosystem and the case for extreme empathy in software maintenance
jtibs.substack.com
September 21, 2025 at 12:07 AM
"CRAN’s approach clearly puts a burden on package developers... But it results in an excellent workflow for R’s central user base: the researchers and data scientists who want to spend as much time as possible on the details of data analysis"
jtibs.substack.com/p/if-all-the...
jtibs.substack.com/p/if-all-the...
why is there no marketplace for "killer" "AI" prompts? i.e. ones people have developed that work well repeatedly in a range of specific contexts.
does such a thing already exist? or is it just not possible with the current state of the tech?
does such a thing already exist? or is it just not possible with the current state of the tech?
September 18, 2025 at 6:51 PM
why is there no marketplace for "killer" "AI" prompts? i.e. ones people have developed that work well repeatedly in a range of specific contexts.
does such a thing already exist? or is it just not possible with the current state of the tech?
does such a thing already exist? or is it just not possible with the current state of the tech?
"That expands the available address space of Wasm applications from 4 gigabytes to (theoretically) 16 exabytes"
that should be enough i reckon.
webassembly.org/news/2025-09...
that should be enough i reckon.
webassembly.org/news/2025-09...
Wasm 3.0 Completed - WebAssembly
WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the...
webassembly.org
September 17, 2025 at 7:18 PM
"That expands the available address space of Wasm applications from 4 gigabytes to (theoretically) 16 exabytes"
that should be enough i reckon.
webassembly.org/news/2025-09...
that should be enough i reckon.
webassembly.org/news/2025-09...
"GitHub Environments — or equivalent workflow protections — should be available without a Pro subscription, or else integrated directly into Trusted Publishing so that security doesn’t depend on the pricing tier"
sigh.dev/posts/ctrl-t...
sigh.dev/posts/ctrl-t...
@ctrl/tinycolor Supply Chain Attack Post-mortem
Lessons learned from becoming the unexpected face of a npm supply-chain attack.
sigh.dev
September 17, 2025 at 7:16 PM
"GitHub Environments — or equivalent workflow protections — should be available without a Pro subscription, or else integrated directly into Trusted Publishing so that security doesn’t depend on the pricing tier"
sigh.dev/posts/ctrl-t...
sigh.dev/posts/ctrl-t...
"Hey there (maybe again)! In this book, you'll learn how to build a minimal RISC-V hypervisor which can boot Linux-based operating systems."
1000hv.seiya.me/en/
1000hv.seiya.me/en/
Hypervisor in 1,000 Lines
Write your first hypervisor from scratch, in 1K LoC.
1000hv.seiya.me
September 10, 2025 at 9:47 PM
"Hey there (maybe again)! In this book, you'll learn how to build a minimal RISC-V hypervisor which can boot Linux-based operating systems."
1000hv.seiya.me/en/
1000hv.seiya.me/en/
"bake is a Linux CLI tool that can embed microVM resources into itself. It also implements bidirectional communication between VM and host - including networking and directory sharing - entirely in userspace, without requiring root privilege." 🔥 github.com/losfair/bake
GitHub - losfair/bake: Bake microVMs into standalone executables
Bake microVMs into standalone executables. Contribute to losfair/bake development by creating an account on GitHub.
github.com
September 10, 2025 at 9:45 PM
"bake is a Linux CLI tool that can embed microVM resources into itself. It also implements bidirectional communication between VM and host - including networking and directory sharing - entirely in userspace, without requiring root privilege." 🔥 github.com/losfair/bake
"Ion takes a layered & compositional approach to building a runtime. The first brick is a solid core runtime that contains everything a growing project needs needed to build a complete runtime." 🫡
github.com/alshdavid/ion
github.com/alshdavid/ion
GitHub - alshdavid/ion: A Positively charged JavaScript Runtime
A Positively charged JavaScript Runtime . Contribute to alshdavid/ion development by creating an account on GitHub.
github.com
September 10, 2025 at 9:26 PM
"Ion takes a layered & compositional approach to building a runtime. The first brick is a solid core runtime that contains everything a growing project needs needed to build a complete runtime." 🫡
github.com/alshdavid/ion
github.com/alshdavid/ion
"The suggestion someone who wants to make a website should learn a programming language & frameworks or how to set up a server processing pipeline seems to me to hammer home the idea that individuals are simply no longer relevant to 'the web platform'" github.com/whatwg/html/...
Should the web platform adopt XSLT 3.0? · Issue #11578 · whatwg/html
What is the issue with the HTML Standard? Background This is a follow-up to #11523. That issue raises concerns regarding security issues, code maintainability, and the complexity of aging browser c...
github.com
August 22, 2025 at 10:46 PM
"The suggestion someone who wants to make a website should learn a programming language & frameworks or how to set up a server processing pipeline seems to me to hammer home the idea that individuals are simply no longer relevant to 'the web platform'" github.com/whatwg/html/...
"The name reflects the power of the abstraction: it's a generic transport for any real-time data that needs to be delivered efficiently and at scale."
blog.cloudflare.com/moq/
blog.cloudflare.com/moq/
MoQ: Refactoring the Internet's real-time media stack
For years, developers have been stitching together multiple protocols for real-time media, trading latency for scale and simplicity. Media over QUIC (MoQ) is a new IETF standard that resolves this con...
blog.cloudflare.com
August 22, 2025 at 8:40 PM
"The name reflects the power of the abstraction: it's a generic transport for any real-time data that needs to be delivered efficiently and at scale."
blog.cloudflare.com/moq/
blog.cloudflare.com/moq/