Skip to main content

Digest 02/2026

· 6 min read
Ivan Barlog
Ivan Barlog
AWS Solutions Architect @ BeeSolve

As always here are some links which I found interesting and I want to share with the world.

Security

When you build your project around security from day one not even the most dangerous LLMs can scare you. Here is the story of Mythos finding single vulnerability in the cURL codebase.

On the other hand, much more scarier story is the one where the attacker can escalate root privilege on all major linux distributions.

I find pattern of "cryptographic erasure" particularly interesting. It solves many security issues and many "soft delete" issues. But it is not that cheap so before introducing it to your code make sure your product is viable and it can pay for it or you have very patient sponsors.

AI & LLM

Before you use any tool, you should probably learn how the tool works, what are its limits and what it is good at. Here is an article about how the AI Agents works - after reading it it should be clear to you that there is no magic behind AI tools you use daily.

Agentic Coding is a Trap - I couldn't agree more. It does not mean you shouldn't use AI agents or that if you didn't understand code before you cannot code now. That's not the point. We are in this business for a long run, you still need to upskill yourself and understand how things work. Or you just simply do not care.

LLMs are now being used for migrating really old codebases. This is not just an "old" project which uses React before hooks were cool, this is the ancient codebase with ancient infrastructure.

The history repeats itself more than we care to accept. Instead of complaining some people are trying to understand what next steps might be.

AI still sucks at CSS (and frontend in general).

Building a voice agent is not that simple. In this article you can see there are lot of edge cases which needs to be handled. It also needs to feel like you are speaking to someone so the latency is your enemy.

If you want to try to run LLM locally for whatever reason, you should try llmfit - it will tell you which models will run smoothly on your machine so you don't need to experiment too much.

Frontend & CSS

Will TSRX replace React? Not sure but who can tell in this new AI generated world anyway... Nevertheless I would like to think that instead SvelteKit or maybe even new Remix 3 will have the honor of dethroning React.

Speaking of React, very interesting thing happened - TanStack author Tanner Linsey just created his own version of React for TanStack Start. This does not mean that TanStack Start will ship with slimmer React, but the article on it's own is very interesting.

useEffect is and always was one of the hooks I've heard too many times developers complain about. I like the idea to name them in order to reveal their intent. This also may help you with realizing you don't need some of them.

I am always fascinated when I read about what else could you do with modern CSS.

AWS & Cloud

If you want to try DSQL but you are not sure how it works or even how much it will cost, you can try playground.dsql.demo.aws - sandboxed playground where you can try the DSQL capabilities which will show you exactly how much would you be charged for every query.

When you want to know more about Lambda Managed Instances (LMI) here is very exhausting breakdown of LMI with comparison to other AWS solutions.

Since LocalStack updated its pricing, new tools are here to give you an alternative. I like how this always happens, the new tools focus on some pain points to win users over and everyone is happy. I have never used LocalStack unfortunatelly but I might try to use floci or MiniStack as they looks promising. I just really hope they will run on Apple Containers as I am not willing to install docker on my machine.

Infrastructure & Ecosystem

From now on, you can use Zero in production. I've been following this project from start - originally it supposed to be something which would solve local first but it ended up realizing that's too much of a task settling for being "just" sync engine.

If you want to know more about the Docker and its infrastructure, read A Decade of Docker Containers.

Proudly found elsewhere principle is the oposite of "not invented here" principle. I like both and I have fallen for both many times throughout my career. Nevertheless for me AI changes almost nothing 🙃 at least so far.

Interesting projects

AI & agents

  • graphify - queryable knowledge graph for your AI agent
  • memtrace-public - structural memory for your agents
  • airllm - I am more than ever interested in running LLMs locally, hence I have my eye on such projects like airllm - no luck trying it yet though

Frontend & tooling

  • datatype - a variable font that turns text into charts (that's exactly what it does)
  • Sugar High - super tiny syntax highlighter
  • fallow - super quick static analysis for your TypeScript/JavaScript projects

AWS

  • aws-nuke - removes all resources from your AWS account

Conclusion

That's all for today. I hope you enjoy my pick of the articles. It seems that even in my digest now we can see more AI than ever - and it seems like this is how it is going to be in future as well.