Arcjet
LightNews LightNews
banner
arcjet.com
Arcjet
@arcjet.com
36 followers 120 following 15 posts
The security platform that ships with your code. Bot detection. Rate limiting. Email validation. Attack protection. Data redaction. A developer-first approach to security.
Posts Replies Media Videos
arcjet.com
Historically, the deal was fair:

1. You allow Google to crawl your site.
2. Google shows snippets in search results.
3. You get traffic in return.

Sometimes, algorithm changes hurt, but overall, the traffic upside made it worth it.

The equation may be shifting.

blog.arcjet.com/how-long-unt...
How long until we need to block Google?
Google AI Overviews are causing fewer clicks for some site owners. If this is a fundamental shift in the web's traffic economy, how can site owners control where their content appears?
blog.arcjet.com
August 11, 2025 at 12:37 PM
Reposted by Arcjet
lirantal.com
I found a vulnerability in Nuxt MDC: www.nodejs-security.com/blog/nuxt-md...

Are you using the Nuxt MDC library to render LLM generated content in your Nuxt.js apps? You want to read this article to understand how I came to find a XSS vulnerability identified today as CVE-2025-24981
How I found an XSS in the Nuxt MDC Library for Markdown Content
Are you using the Nuxt MDC library to render LLM generated content in your Nuxt.js apps? You want to read this article to understand how I came to find a Cross-site Scripting vulnerability identified today as CVE-2025-24981
www.nodejs-security.com
May 28, 2025 at 9:00 AM
Reposted by Arcjet
sveltesociety.dev
If you want to build Web Components with Svelte this Svelte Summit talk from @theosteiner.de is for you — Ultimate Guide to Building Web Components with Svelte.
www.youtube.com/watch?v=lDWf...
Ultimate Guide to Building Web Components with Svelte, Theodor Steiner — Svelte Summit Spring 2025
YouTube video by Svelte Society
www.youtube.com
May 28, 2025 at 9:37 AM
arcjet.com
Watching this code walkthrough of 6 vibe coding security risks...can you guess what they are?

www.youtube.com/watch?v=5kWL...
When Vibe Coding, Avoid These 6 Security Risks!
YouTube video by ByteGrad
www.youtube.com
May 28, 2025 at 1:57 PM
arcjet.com
To meet our end-to-end p50 latency SLA of 20–30ms: we deploy globally, use persistent HTTP/2 connections, and rely on anycast to ensure routing to the nearest healthy region.

All via AWS's Global Accelerator...

blog.arcjet.com/low-latency-...
Low latency global routing with AWS Global Accelerator
How Arcjet uses AWS Global Accelerator to route API requests via low-latency private networking to meet our end-to-end p50 latency SLA of 20–30ms.
blog.arcjet.com
May 27, 2025 at 12:36 PM
Reposted by Arcjet
antirez.bsky.social
If you read the post about O3 finding a SMB bug in the Linux Kernel, I did a few tests and I what I suspected looks true: Gemini 2.5 PRO can more easily identify the vulnerability. My success rate is so high that running the following prompt a few times is enough: gist.github.com/antirez/8b76...
linux_smb_vunlerability_prompt.txt
linux_smb_vunlerability_prompt.txt. GitHub Gist: instantly share code, notes, and snippets.
gist.github.com
May 25, 2025 at 10:06 AM
Reposted by Arcjet
simonwillison.net
Nice clear explanation of how GitHub roll out new implementations of features out that get 2,000 queries a second - including dark-shipping to 1% of users where the new implementation is invisibly compared with the production one via a background job
github.com GitHub @github.com · May 25
We rebuilt GitHub Issues search to make it faster, more flexible, and now powerful with nested queries and boolean operators! 🔎

Take a look at the engineering behind this revamp and then try out the advanced search syntax for yourself to find exactly what you need. ⬇️
GitHub Issues search now supports nested queries and boolean operators: Here's how we (re)built it
Building this feature presented significant challenges. We're excited to take you behind the scenes.
github.blog
May 25, 2025 at 10:04 PM
Reposted by Arcjet
danielroe.dev
thank you for the kind words! ❤️

I've spent some time updating the gist with settings, extensions + keybindings

👉 you can find it here: gist.github.com/danielroe/5...

hope it helps!

roe.dev/ama

#ama
[...] I just need a small favor. Could you please share your latest settings.json, keybindings.json, and your current list of VS Code extensions? I know you had shared a Gist earlier, but it seems a bit outdated and some things aren’t working as expected.
May 25, 2025 at 8:56 PM
Reposted by Arcjet
lirantal.com
Wonderful talk by Ariel Shulman about the role TypeScript plays in development and how to avoid type safety mistakes in runtime
Ariel Shulman @ NodeTLV '23 | Typescript. Runtime. And In Between.
NodeTLV 2023 www.nodetlv.com Israel's Annual Node.js conference Powered by EventHandler and Node.js-IL Typescript. Runtime. And In Between. English | Intermediate Typescript has become a code of conduct in the industry in the last few years, and for a pretty good reason. However, if you want to really cover type validation in runtime- TypeScript alone isn’t enough. In this session we're going to go under TypeScript’s hood and understand the difference between compile-time and runtime. We will see where are the places where can’t trust TypeScript to validate our types. We will explore Zod and see some cool tricks and best practices we can apply to improve runtime type safety to any code base Ariel Shulman Full Stack Developer @ Illumex Full Stack developer for Illumex, in my last position I was doing Full Stack in Sisense. My stack includes Nestjs, Typerscript, React, Neo4j, PostgreSQL, FastAPI.
www.youtube.com
May 22, 2025 at 9:00 AM
Reposted by Arcjet
joaorochaon.bsky.social
It has all these features:
- Auth management by @clerk.com
- payments by Stripe
- database by @prisma.io
- security by @arcjet.com
- emails
- api app
- web app for landing page
- app for the main app
- docs app for documentation
- and so much more!
November 26, 2024 at 6:30 PM
arcjet.com
After a short internal Rust vs Go bake off, we chose Go + Gin to reimplement our REST API.

Our low-latency gRPC API is also implemented in Go, which gets called from our JS SDK.
November 19, 2024 at 2:08 PM
arcjet.com
Implementing request parsers in Rust allows us to take advantage of its inherent memory safety, correctness, and performance. That's why we used Nom to build our email validation.
November 15, 2024 at 10:56 AM
arcjet.com
There are various attack techniques that all aim to overload a GraphQL with queries to achieve a Denial of Service (DoS) outage at the application level

Query Batch DoS Attack, alias DoS Attacks, Duplication DoS Attacks, Circular Query DoS Attacks...
November 12, 2024 at 9:46 AM
arcjet.com
The ultimate Next.js SaaS template: next-forge.com

ORM, auth, billing, analytics, website, blog, cron jobs, dark mode, email, testing.

Built with @nextjs.org @vercel.com @prisma.io and a great set of amazing tools
Production-grade Turborepo template for Next.js apps
A monorepo template designed to have everything you need to build your new SaaS app as quick as possible. Authentication, billing, analytics, SEO, database ORM and more — it's all here.
next-forge.com
November 11, 2024 at 1:37 PM