Gildas
@gildasg.bsky.social
Developer at @marmelab.bsky.social
@react-admin.bsky.social core team
@react-admin.bsky.social core team
Reposted by Gildas
I've finished my report on burnout in OSS and how to reduce it! Read more (and find the link to the full report) on the Open Source Pledge blog!
Huge thanks to all the OSS devs who shared their perspectives 💜 Let's keep shining a light on this under-recognised issue!
Huge thanks to all the OSS devs who shared their perspectives 💜 Let's keep shining a light on this under-recognised issue!
Burnout in Open Source: A Structural Problem We Can Fix Together | Open Source Pledge
Burnout is affecting the entire Open Source ecosystem. Here's what we could do to make things better.
opensourcepledge.com
November 18, 2025 at 5:01 PM
I've finished my report on burnout in OSS and how to reduce it! Read more (and find the link to the full report) on the Open Source Pledge blog!
Huge thanks to all the OSS devs who shared their perspectives 💜 Let's keep shining a light on this under-recognised issue!
Huge thanks to all the OSS devs who shared their perspectives 💜 Let's keep shining a light on this under-recognised issue!
Reposted by Gildas
Hello @ec.europa.eu , or whoever is responsible for enforcing the rules, X's AI, Grok, is denying the Holocaust. Holocaust denial is illegal in France. Please don't make an exception when it comes to a billionaire, as usual.
Please take concrete and firm action against this cruel disinformation.
Please take concrete and firm action against this cruel disinformation.
November 19, 2025 at 11:24 AM
Hello @ec.europa.eu , or whoever is responsible for enforcing the rules, X's AI, Grok, is denying the Holocaust. Holocaust denial is illegal in France. Please don't make an exception when it comes to a billionaire, as usual.
Please take concrete and firm action against this cruel disinformation.
Please take concrete and firm action against this cruel disinformation.
Reposted by Gildas
❌ If you unit-test a React 19 app, there’s a good chance a chunk of your CI time is being wasted on… 😴 setTimeout.
Wait, what? Yes!
React 19 introduced a minimum delay for showing a Suspense fallback, and hardcoded (!) it to 300ms.
Just 3 tests can waste almost 1 second on absolutely nothing!
Wait, what? Yes!
React 19 introduced a minimum delay for showing a Suspense fallback, and hardcoded (!) it to 300ms.
Just 3 tests can waste almost 1 second on absolutely nothing!
November 17, 2025 at 2:15 PM
❌ If you unit-test a React 19 app, there’s a good chance a chunk of your CI time is being wasted on… 😴 setTimeout.
Wait, what? Yes!
React 19 introduced a minimum delay for showing a Suspense fallback, and hardcoded (!) it to 300ms.
Just 3 tests can waste almost 1 second on absolutely nothing!
Wait, what? Yes!
React 19 introduced a minimum delay for showing a Suspense fallback, and hardcoded (!) it to 300ms.
Just 3 tests can waste almost 1 second on absolutely nothing!
Reposted by Gildas
En à peine douze ans, la capacité des forêts européennes à absorber le carbone atmosphérique a chuté de 27 %. Je ne sais pas si vous vous rendez compte des conséquences de ce que je viens d'écrire.
1/9
1/9
November 8, 2025 at 9:02 AM
En à peine douze ans, la capacité des forêts européennes à absorber le carbone atmosphérique a chuté de 27 %. Je ne sais pas si vous vous rendez compte des conséquences de ce que je viens d'écrire.
1/9
1/9
Reposted by Gildas
6 years ago I started a side project to build a web accessibility tool that prioritises simple reporting and quick feedback loops so that teams can fix a11y regressions before they affect users.
I am so proud to say that side project is now finished, and A11y Pulse is live.
www.a11ypulse.com
I am so proud to say that side project is now finished, and A11y Pulse is live.
www.a11ypulse.com
A11y Pulse
A11y Pulse: Automated accessibility testing for your website. Improve your site's accessibility and compliance with ease.
www.a11ypulse.com
November 7, 2025 at 10:22 PM
6 years ago I started a side project to build a web accessibility tool that prioritises simple reporting and quick feedback loops so that teams can fix a11y regressions before they affect users.
I am so proud to say that side project is now finished, and A11y Pulse is live.
www.a11ypulse.com
I am so proud to say that side project is now finished, and A11y Pulse is live.
www.a11ypulse.com
Reposted by Gildas
Vitest 4 is out!
- Browser Mode is Stable
- Visual Regression Testing
- Improved Debugging
- Pool Stabilization
- New APIs
- Bug Fixes
Stay updated with our blog post:
vitest.dev/blog/vitest-4
- Browser Mode is Stable
- Visual Regression Testing
- Improved Debugging
- Pool Stabilization
- New APIs
- Bug Fixes
Stay updated with our blog post:
vitest.dev/blog/vitest-4
Announcing Vitest 4.0
Vitest 4.0 Release Announcement
vitest.dev
October 22, 2025 at 3:43 PM
Vitest 4 is out!
- Browser Mode is Stable
- Visual Regression Testing
- Improved Debugging
- Pool Stabilization
- New APIs
- Bug Fixes
Stay updated with our blog post:
vitest.dev/blog/vitest-4
- Browser Mode is Stable
- Visual Regression Testing
- Improved Debugging
- Pool Stabilization
- New APIs
- Bug Fixes
Stay updated with our blog post:
vitest.dev/blog/vitest-4
Reposted by Gildas
SafeLine est un WAF (Web Application Firewall) open source sous licence GPL v3. Il est conçu pour protéger contre des attaques type xss, injection sql, injection crlf, etc ... Et dispose de tout ce qui est nécessaire (gui, plugins, ...) ⬇️
github.com/chaitin/Safe...
github.com/chaitin/Safe...
GitHub - chaitin/SafeLine: SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits. - chaitin/SafeLine
github.com
October 19, 2025 at 6:32 AM
SafeLine est un WAF (Web Application Firewall) open source sous licence GPL v3. Il est conçu pour protéger contre des attaques type xss, injection sql, injection crlf, etc ... Et dispose de tout ce qui est nécessaire (gui, plugins, ...) ⬇️
github.com/chaitin/Safe...
github.com/chaitin/Safe...
Reposted by Gildas
Sora Proves the AI Bubble Is Going to Burst So Hard
YouTube video by Adam Conover
youtu.be
October 18, 2025 at 9:09 AM
Reposted by Gildas
⚠️ Attention ! ⚠️
Une attaque semble en cours sur les banques BPCE (Banque Populaire, Caisse d'Épargne, Crédit Coop...).
Évitez de vous connecter à votre espace client jusqu'à correction.
undercodetesting.com/the-bpce-bre...
Une attaque semble en cours sur les banques BPCE (Banque Populaire, Caisse d'Épargne, Crédit Coop...).
Évitez de vous connecter à votre espace client jusqu'à correction.
undercodetesting.com/the-bpce-bre...
The BPCE Breach: How A Single JavaScript Infection Can Steal Your Banking Session - Undercode Testing
The BPCE Breach: How a Single JavaScript Infection Can Steal Your Banking Session - "Undercode Testing": Monitor hackers like a pro. Get real-time updates,
undercodetesting.com
October 18, 2025 at 7:05 AM
⚠️ Attention ! ⚠️
Une attaque semble en cours sur les banques BPCE (Banque Populaire, Caisse d'Épargne, Crédit Coop...).
Évitez de vous connecter à votre espace client jusqu'à correction.
undercodetesting.com/the-bpce-bre...
Une attaque semble en cours sur les banques BPCE (Banque Populaire, Caisse d'Épargne, Crédit Coop...).
Évitez de vous connecter à votre espace client jusqu'à correction.
undercodetesting.com/the-bpce-bre...
Reposted by Gildas
Building secure web apps means managing who can do what, both on the client & server-side.🔐
While frameworks like react-admin make client-side Role-Based Access Control (RBAC) a breeze, devs often end up reimplementing the same logic server-side.
The solution?💡: A generic RBAC proxy server👇
While frameworks like react-admin make client-side Role-Based Access Control (RBAC) a breeze, devs often end up reimplementing the same logic server-side.
The solution?💡: A generic RBAC proxy server👇
🔐 Simplify auth in your app: Add role-based access control (RBAC) on top of your REST API
React-admin already handles client-side RBAC. But what about the backend?🤔
We’ve built a generic RBAC proxy server that reuses your RBAC roles to enforce permissions server-side.
marmelab.com/blog/2025/10...
React-admin already handles client-side RBAC. But what about the backend?🤔
We’ve built a generic RBAC proxy server that reuses your RBAC roles to enforce permissions server-side.
marmelab.com/blog/2025/10...
Add Role-Based Access Control On Top Of Your REST API
We built a Caddy module to control access to REST resources based on the user's role and a set of permissions.
marmelab.com
October 17, 2025 at 8:49 AM
Building secure web apps means managing who can do what, both on the client & server-side.🔐
While frameworks like react-admin make client-side Role-Based Access Control (RBAC) a breeze, devs often end up reimplementing the same logic server-side.
The solution?💡: A generic RBAC proxy server👇
While frameworks like react-admin make client-side Role-Based Access Control (RBAC) a breeze, devs often end up reimplementing the same logic server-side.
The solution?💡: A generic RBAC proxy server👇
Reposted by Gildas
AI coding sucks
CJ just one-shotted a 15 min rant and it's incredibly refreshing.
www.youtube.com/watch?v=0ZUk...
CJ just one-shotted a 15 min rant and it's incredibly refreshing.
www.youtube.com/watch?v=0ZUk...
AI Coding Sucks
YouTube video by Syntax
www.youtube.com
October 9, 2025 at 4:33 PM
AI coding sucks
CJ just one-shotted a 15 min rant and it's incredibly refreshing.
www.youtube.com/watch?v=0ZUk...
CJ just one-shotted a 15 min rant and it's incredibly refreshing.
www.youtube.com/watch?v=0ZUk...
Reposted by Gildas
Excited to officially launch renoun.dev 🚀
This has been years in the making to deliver a focused set of components, hooks, and utilities in React for building great documentation exactly to your standards that always stay in sync.
This has been years in the making to deliver a focused set of components, hooks, and utilities in React for building great documentation exactly to your standards that always stay in sync.
renoun - The Documentation Toolkit for React
The renoun toolkit uses your React framework to keep documentation polished, in sync, and on brand.
renoun.dev
October 8, 2025 at 5:50 PM
Excited to officially launch renoun.dev 🚀
This has been years in the making to deliver a focused set of components, hooks, and utilities in React for building great documentation exactly to your standards that always stay in sync.
This has been years in the making to deliver a focused set of components, hooks, and utilities in React for building great documentation exactly to your standards that always stay in sync.
Reposted by Gildas
React-Admin v5.11.4 is out! 🎉
This release includes:
✅ Fixes for useGetManyAggregate, useDeleteController &
🎨 now has a default background
🔗 always returns at least the currently selected reference
& more
🔗 Full changelog: github.com/marmelab/rea...
This release includes:
✅ Fixes for useGetManyAggregate, useDeleteController &
🎨
🔗
& more
🔗 Full changelog: github.com/marmelab/rea...
Release 5.11.4 · marmelab/react-admin
Fix useGetManyAggregate merge queries with different meta (#10969) (djhi)
Fix useDeleteController should get the record from closest RecordContext (#10967) (djhi)
Fix incompatibility with latest @t...
github.com
September 26, 2025 at 1:13 PM
React-Admin v5.11.4 is out! 🎉
This release includes:
✅ Fixes for useGetManyAggregate, useDeleteController &
🎨 now has a default background
🔗 always returns at least the currently selected reference
& more
🔗 Full changelog: github.com/marmelab/rea...
This release includes:
✅ Fixes for useGetManyAggregate, useDeleteController &
🎨
🔗
& more
🔗 Full changelog: github.com/marmelab/rea...
Reposted by Gildas
When teams produce code faster than they can understand it, it creates what I’ve been calling “comprehension debt”. [...] When we have to edit the code ourselves, this debt is the extra time it’s going to take us to understand it first. #AI #Coding codemanship.wordpress.com/2025/09/30/c...
Comprehension Debt: The Ticking Time Bomb of LLM-Generated Code
An effect that’s being more and more widely reported is the increase in time it’s taking developers to modify or fix code that was generated by Large Language Models. If you’ve wo…
codemanship.wordpress.com
October 1, 2025 at 8:48 AM
When teams produce code faster than they can understand it, it creates what I’ve been calling “comprehension debt”. [...] When we have to edit the code ourselves, this debt is the extra time it’s going to take us to understand it first. #AI #Coding codemanship.wordpress.com/2025/09/30/c...
Reposted by Gildas
MCP servers make LLM-powered agents super powerful, but also super vulnerable to all kinds of new attacks. The core vulnerability, prompt injection, is still way too easy to trigger. #Security #AI simonwillison.net/2025/Apr/9/m...
Model Context Protocol has prompt injection security problems
As more people start hacking around with implementations of MCP (the Model Context Protocol, a new standard for making tools available to LLM-powered systems) the security implications of tools built…
simonwillison.net
October 2, 2025 at 8:48 AM
MCP servers make LLM-powered agents super powerful, but also super vulnerable to all kinds of new attacks. The core vulnerability, prompt injection, is still way too easy to trigger. #Security #AI simonwillison.net/2025/Apr/9/m...
Reposted by Gildas
"Again and again, accessibility as a topic in web standards is treated as simultaneously too trivial for specialists' technical opinions to be given weight, but also too difficult to get right without a specialist volunteering to tackle the tricky details." alice.boxhall.au/articles/a-t...
A threat model for accessibility on the web - Alice
A explanation of the primary threat to accessibility on the web, and a call to action for the web standards community
alice.boxhall.au
October 2, 2025 at 5:03 PM
"Again and again, accessibility as a topic in web standards is treated as simultaneously too trivial for specialists' technical opinions to be given weight, but also too difficult to get right without a specialist volunteering to tackle the tricky details." alice.boxhall.au/articles/a-t...
Reposted by Gildas
Is your frontend team making 10+ API calls per screen and waiting weeks for backend changes?
New article: When you need a Backend-for-Frontend (and when you don't) 🧵
Real examples from Netflix, SoundCloud + implementation strategies
marmelab.com/blog/2025/10...
New article: When you need a Backend-for-Frontend (and when you don't) 🧵
Real examples from Netflix, SoundCloud + implementation strategies
marmelab.com/blog/2025/10...
Do you need a Backend For Frontend?
When your frontend teams are drowning in API complexity and your backend team is overwhelmed with frontend-specific requests, the BFF pattern might be your lifeline. But is it always the right choice?
marmelab.com
October 1, 2025 at 10:02 AM
Is your frontend team making 10+ API calls per screen and waiting weeks for backend changes?
New article: When you need a Backend-for-Frontend (and when you don't) 🧵
Real examples from Netflix, SoundCloud + implementation strategies
marmelab.com/blog/2025/10...
New article: When you need a Backend-for-Frontend (and when you don't) 🧵
Real examples from Netflix, SoundCloud + implementation strategies
marmelab.com/blog/2025/10...
Reposted by Gildas
We just published a step-by-step guide on building a simple scheduling application with ra-scheduler.
In this tutorial, you’ll learn how to:
✅ Set everything up
✅ Convert existing data
✅ Customize events edition
🔗 Check it out now!👇
marmelab.com/blog/2025/09...
#react #opensource
In this tutorial, you’ll learn how to:
✅ Set everything up
✅ Convert existing data
✅ Customize events edition
🔗 Check it out now!👇
marmelab.com/blog/2025/09...
#react #opensource
Build a Drag-and-Drop Scheduler in React with Bryntum
Integrate Bryntum Scheduler into React Admin: drag-and-drop, zoom, infinite scroll, custom forms, and data converters - step by step.
marmelab.com
September 29, 2025 at 2:42 PM
We just published a step-by-step guide on building a simple scheduling application with ra-scheduler.
In this tutorial, you’ll learn how to:
✅ Set everything up
✅ Convert existing data
✅ Customize events edition
🔗 Check it out now!👇
marmelab.com/blog/2025/09...
#react #opensource
In this tutorial, you’ll learn how to:
✅ Set everything up
✅ Convert existing data
✅ Customize events edition
🔗 Check it out now!👇
marmelab.com/blog/2025/09...
#react #opensource
Reposted by Gildas
The public preview of Github Copilot CLI launched today, and if you install it, you'll be welcomed by little ASCII art welcome banner that I animated. Creating it ended up being great example of how vibe-coding has entered my toolbelt. Nerdy deets in 🧵...
September 25, 2025 at 11:35 PM
The public preview of Github Copilot CLI launched today, and if you install it, you'll be welcomed by little ASCII art welcome banner that I animated. Creating it ended up being great example of how vibe-coding has entered my toolbelt. Nerdy deets in 🧵...
Reposted by Gildas
The COSMIC Beta has arrived. Fully update the Alpha to use the Beta, or download on your favorite distro: s76.co/FnfKcbYD
COSMIC is a desktop environment that centers around user preference so you can work faster, be more focused, and have more fun.
COSMIC is a desktop environment that centers around user preference so you can work faster, be more focused, and have more fun.
September 26, 2025 at 3:33 AM
The COSMIC Beta has arrived. Fully update the Alpha to use the Beta, or download on your favorite distro: s76.co/FnfKcbYD
COSMIC is a desktop environment that centers around user preference so you can work faster, be more focused, and have more fun.
COSMIC is a desktop environment that centers around user preference so you can work faster, be more focused, and have more fun.
Reposted by Gildas
Reposted by Gildas
ARTE 🤝 Marmelab : Depuis 2016, nous avons la chance de collaborer avec ARTE pour développer des briques essentielles de la plateforme ARTE. tv.
Aujourd'hui, nous vous emmenons dans les coulisses de ce partenariat ! 😉👇
marmelab.com/blog/2025/09...
Aujourd'hui, nous vous emmenons dans les coulisses de ce partenariat ! 😉👇
marmelab.com/blog/2025/09...
ARTE x Marmelab : Dans les coulisses d’ARTE.tv
Interview croisée avec Agathe Michalski, Responsable Technique, et Virginie Rieber, Product Owner chez ARTE, sur la collaboration avec Marmelab.
marmelab.com
September 23, 2025 at 9:22 AM
ARTE 🤝 Marmelab : Depuis 2016, nous avons la chance de collaborer avec ARTE pour développer des briques essentielles de la plateforme ARTE. tv.
Aujourd'hui, nous vous emmenons dans les coulisses de ce partenariat ! 😉👇
marmelab.com/blog/2025/09...
Aujourd'hui, nous vous emmenons dans les coulisses de ce partenariat ! 😉👇
marmelab.com/blog/2025/09...
Reposted by Gildas
l have a blog again. New post. olliewilliams.xyz/blog/html-re...
Frontend complexity and the HTML renaissance
Why I'm rooting for HTML.
olliewilliams.xyz
September 20, 2025 at 10:07 AM
l have a blog again. New post. olliewilliams.xyz/blog/html-re...
Reposted by Gildas
React-admin 5.11.3 has been released! 🎉
This version fixes:
✅ an issue affecting the priority of redirections between logout and checkAuth &
✅ an issue in the DataTable documentation regarding sorting
Check out the full changelog at 👇
github.com/marmelab/rea...
This version fixes:
✅ an issue affecting the priority of redirections between logout and checkAuth &
✅ an issue in the DataTable documentation regarding sorting
Check out the full changelog at 👇
github.com/marmelab/rea...
Release 5.11.3 · marmelab/react-admin
Fix useLogout does not redirect to the checkAuth call redirectTo property (#10949) (djhi)
[Doc] Update disableSort property in <DataTable> documentation (#10947) (johannchopin-buyco)
github.com
September 19, 2025 at 9:24 AM
React-admin 5.11.3 has been released! 🎉
This version fixes:
✅ an issue affecting the priority of redirections between logout and checkAuth &
✅ an issue in the DataTable documentation regarding sorting
Check out the full changelog at 👇
github.com/marmelab/rea...
This version fixes:
✅ an issue affecting the priority of redirections between logout and checkAuth &
✅ an issue in the DataTable documentation regarding sorting
Check out the full changelog at 👇
github.com/marmelab/rea...
Reposted by Gildas
📣 Big news: Atomic CRM just got a makeover!
It now uses @shadcn.com as part of its updated tech stack.
Why @shadcn.com?
✅ You own your code
✅ 100% customizable
✅ Semantic design tokens
👉 Perfect for modern React devs
🔗 Check out Atomic CRM’s new look:
marmelab.com/atomic-crm/
#React #OSS #shadcn
It now uses @shadcn.com as part of its updated tech stack.
Why @shadcn.com?
✅ You own your code
✅ 100% customizable
✅ Semantic design tokens
👉 Perfect for modern React devs
🔗 Check out Atomic CRM’s new look:
marmelab.com/atomic-crm/
#React #OSS #shadcn
September 19, 2025 at 2:23 PM
📣 Big news: Atomic CRM just got a makeover!
It now uses @shadcn.com as part of its updated tech stack.
Why @shadcn.com?
✅ You own your code
✅ 100% customizable
✅ Semantic design tokens
👉 Perfect for modern React devs
🔗 Check out Atomic CRM’s new look:
marmelab.com/atomic-crm/
#React #OSS #shadcn
It now uses @shadcn.com as part of its updated tech stack.
Why @shadcn.com?
✅ You own your code
✅ 100% customizable
✅ Semantic design tokens
👉 Perfect for modern React devs
🔗 Check out Atomic CRM’s new look:
marmelab.com/atomic-crm/
#React #OSS #shadcn