<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR Dev</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">The React team has disclosed new high-severity Denial of Service and medium-severity Source Code Exposure vulnerabilities in React Server Components </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Fdev%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/a4TQv_Sb4TYMVWQUDZyaHish5_y2OZyDXnM87MSdLYQ=435" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrdev%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/bLYNCuttkB_p383tFUwmCdMvXjo_FqtS4H4JgNkmhB8=435" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156b9020-84b7-11f0-a976-55fc1d40139c%26p=db4ca0bc-d738-11f0-9373-aba62206822c%26pt=campaign%26t=1765541307%26s=7cef285623253cd71dd5fad26fa7965f3ff665cefc7a4386ed8d037a6c6472ab/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/HQuNdBqAKJPmpSv2eEycybxJAzURdMiLzjuPt6VroAQ=435"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Feu1.hubs.ly%2FH0qhBSq0/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/qxQifM6YVPdZLFvXNyGytNRUfR-URULTDDaMA57P3P4=435"><img src="https://images.tldr.tech/qovery.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Qovery"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong> TLDR Dev <span id="date">2025-12-12</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Feu1.hubs.ly%2FH0qhBSq0/2/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/yoKd4wpeU4NJ1S9i1P_32soQs9rPrBTNQJHBKivMPVQ=435">
<span>
<strong>Engineering teams are wasting 70% of their cloud budget on K8. Are you? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Overprovisioning Kubernetes? If you're spending more than 30% of your cloud resources on inefficient, overly complex Kubernetes deployments, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.qovery.com%2Fguide%2Fkubernetes-best-practices%3Futm_campaign=253663441-Guide%2520-%2520Kubernetes%2520Best%2520Practices%25202026%26utm_source=Paid%2520Sponsor%26utm_medium=TLDR%26utm_content=Dev%2520Primary/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/TomPy5M9Tn30CaimSkS9X90QpivbFCBZdfG_xwfMr14=435" rel="noopener noreferrer nofollow" target="_blank"><span>this Qovery guide</span></a> is for you.
<p></p>
<p>Read <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.qovery.com%2Fguide%2Fkubernetes-best-practices%3Futm_campaign=253663441-Guide%2520-%2520Kubernetes%2520Best%2520Practices%25202026%26utm_source=Paid%2520Sponsor%26utm_medium=TLDR%26utm_content=Dev%2520Primary/2/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/UFuXzrrMqACeJFLPWakGAqmqHAfrQrJ3LhVvBsItKp8=435" rel="noopener noreferrer nofollow" target="_blank"><span>Kubernetes Best Practices for Production in 2026</span></a><strong> </strong>to learn:</p>
<p>1️⃣ How to implement specific resource management configurations and AI-powered operations to cut cloud costs.</p>
<p>2️⃣ What Pod Disruption Budgets (PDBs) and liveness/readiness probes can do to prevent downtime.</p>
<p>3️⃣ Which HPA, VPA, and Cluster Autoscaler configs will help you adapt to any traffic spike.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.qovery.com%2Fguide%2Fkubernetes-best-practices%3Futm_campaign=253663441-Guide%2520-%2520Kubernetes%2520Best%2520Practices%25202026%26utm_source=Paid%2520Sponsor%26utm_medium=TLDR%26utm_content=Dev%2520Primary/3/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/R9jdJePv1Eb-a8gxR1rohdey9W3YvjI3bTZCpIe4Oy8=435" rel="noopener noreferrer nofollow" target="_blank"><span>Get the guide ↗️</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑💻</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Articles & Tutorials</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Freact.dev%2Fblog%2F2025%2F12%2F11%2Fdenial-of-service-and-source-code-exposure-in-react-server-components%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/XpQSfr-lWjf9lKTsXc5GTOLoVxalTIB5hM_oOUgOd7w=435">
<span>
<strong>Denial of Service and Source Code Exposure in React Server Components (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The React team has disclosed new high-severity Denial of Service (DoS) and medium-severity Source Code Exposure vulnerabilities in React Server Components. The DoS allows malicious requests to hang servers, while the exposure can leak hardcoded secrets from server functions, though neither enables Remote Code Execution. These issues are follow-ups to the recent React2Shell vulnerability. Previous patches (19.0.2, 19.1.3, and 19.2.2) were incomplete.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.miggo.io%2Fpost%2Fred-herrings-and-ai-slop-debunking-react2shell-misinformation%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/zkxEOnnwI_f4V1F7FYNEiVgqk660cZw5Szjk9K1AWcA=435">
<span>
<strong>Red Herrings and AI Slop: Debunking React2Shell Misinformation (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This article debunks widespread misinformation about the React2Shell vulnerability, explaining how React's 700-line obfuscated patch led researchers and AI tools to chase false leads like the $F primitive and property traversal gadgets that couldn't actually be exploited. The real vulnerability occurs much earlier in the RSC request lifecycle than expected, affecting any server processing RSC requests through multipart/form-data payloads with specific Flight protocol operators.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Opinions & Advice</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flarr.net%2Fp%2Fnamings.html%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/rKw40Ay4Kw6b3uKQoAoctWsG2NGer-UhpSAZ8-lg1kg=435">
<span>
<strong>Programmers and software developers lost the plot on naming their tools (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Modern software development increasingly uses obscure or "fun" names for tools and libraries, rather than descriptive ones, causing a cognitive burden for developers. This is different from other engineering fields and earlier programming practices, which prioritize clarity and function in their naming.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frapha.land%2Fcraft-software-that-makes-people-feel-something%2F%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/C6AGgOeJemJZqDT5fQGOz1X7O_XsBkrTmOmk5IN1XRo=435">
<span>
<strong>Craft software that makes people feel something (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This dev paused his development on Boo, a personal code editor they built solely for themselves, to work on a new programming language. Boo was never intended for mainstream use or open-sourcing, and the repetitive work of it ruined their joy and ability to create inspiring software.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🚀</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.shopify.com%2Fnews%2Fwinter-26-edition-dev%3Futm_source=comms_paid%26utm_medium=newsletter%26utm_campaign=winter26edition-launch_Q425BACADO%26utm_content=tldrdev-v1/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/a-eKjQOmQ9etXD-Uc9EDgBeEi9_4Yo7cPmfoZBKHt3E=435">
<span>
<strong>Shopify's Winter '26 Edition puts AI agents in the driver's seat (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Shopify's developer platform is now <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.shopify.com%2Fnews%2Fwinter-26-edition-dev%3Futm_source=comms_paid%26utm_medium=newsletter%26utm_campaign=winter26edition-launch_Q425BACADO%26utm_content=tldrdev-v1/2/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/MpzPIRMdwH4Qlv6RBf2c98oaHg5CHB6ygLam0aWSdSM=435" rel="noopener noreferrer nofollow" target="_blank"><span>AI-native</span></a>. Your AI agents can create dev stores, scaffold apps, run GraphQL operations, and generate validated code across Shopify. The shopify.dev docs now render for LLM access on the server side - allowing agents to deliver more accurate code and answers. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.shopify.com%2Fnews%2Fwinter-26-edition-dev%3Futm_source=comms_paid%26utm_medium=newsletter%26utm_campaign=winter26edition-launch_Q425BACADO%26utm_content=tldrdev-v1/3/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/IN48XhYbrekuFffu-DYsOIebymIKngA9tt17nlUChPM=435" rel="noopener noreferrer nofollow" target="_blank"><span>See all the new developer features</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F5L8cZI/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/j92LeCPOjD5JK3mtuelsEY9O5JGt0sX_5wibQ60jR_g=435">
<span>
<strong>Introducing GPT-5.2 (20 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OpenAI has launched GPT-5.2, its most advanced frontier model, designed for professional knowledge work and long-running agents. This new model sets state-of-the-art benchmarks across various areas, including coding, long-context understanding, vision, tool-calling, and factuality, performing at or above human expert levels in knowledge tasks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fweb.dev%2Fblog%2Fupvote-features%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/Fn-2mmddbHYElJ3rmHi5o71_nm4x-oPuMb4888FrEJI=435">
<span>
<strong>Vote for the web features you want to see (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A new upvote system has been launched across web platforms like web.dev and caniuse.com for devs to directly vote for which web features are most important to them for browser vendors to prioritize.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjon.recoil.org%2Fblog%2F2025%2F12%2Fan-svg-is-all-you-need.html%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/kw0VUFiWacbcKEHfD5mihljqwKP6wM2yZg2BCEtDrOk=435">
<span>
<strong>An SVG is all you need (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SVG files can be used to create interactive, permanent, and shareable environments for scientific papers. They are powerful vector graphics that can embed data, be processed client-side to generate visualizations, and have interactive controls without server-side support. This makes them durable and easily shareable.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.hyperact.co.uk%2Fblog%2Fproduct-engineering-teams-must-own-supply-chain-risk%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/0TnMpqaFtMuGDdBMf2DGRDPcBxusXDbpAQsNB2ObGR8=435">
<span>
<strong>Product engineering teams must own supply chain risk (12 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Modern software products are assembled from various third-party components, creating a complex "software supply chain" that is an easy target for attacks due to historically implicit trust. This vulnerability leads to risks like credential theft and widespread compromise, negatively impacting product outcomes, customer trust, and business revenue. The solution is to make trust explicit and verifiable using cryptographic attestations and frameworks to prove the origin and integrity of dependencies.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fvictorpoughon.github.io%2Fbidicalc%2F%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/r4YHrr0_JwtyFSUTnlRMO0qefuMietdISK57ORwJP0A=435">
<span>
<strong>bidicalc (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
bidicalc is a bidirectional calculator that can change variable cells so that formula results match changes made.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Facusti.ca%2Fblog%2F2025%2F12%2F09%2Fhow-ai-coding-agents-hid-a-timebomb-in-our-app%2F%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/cGOwaIvHqXSvthKLzYiw6pwQbkUq1GG3DJMYgqdDWMY=435">
<span>
<strong>How AI Coding Agents Hid a Timebomb in Our App (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
If something matters, you have to encode it as a test, not just write a comment about it.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fentropicthoughts.com%2Fdeprecate-like-you-mean-it%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/-TFB-p2DBiO8yB9ehrDKqQUC0b4A5YMo_LSMP6F9ibg=435">
<span>
<strong>Deprecate Like You Mean It (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Traditional deprecation warnings are ineffective, so a funny way to force migration to newer versions is to make deprecated functions progressively return incorrect results.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.google%2Ftechnology%2Fdevelopers%2Fdeep-research-agent-gemini-api%2F%3Futm_source=tldrdev/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/B4gTbrX8ehXlwpTCGaCGI3R4sNnppwBSth4fT3SrNTc=435">
<span>
<strong>Build with Gemini Deep Research (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Gemini Deep Research is now available to developers via the new Interactions API.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F8770c80a%2F3/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/IE6TC6D5Cucm7VrUQmU-21vyco8wivCqNjsztwiipRc=435" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/8770c80a/3</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_7383e7653c81%2F3/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/ZY1Q2R2ifn6RZT91qMAu5VZ7LbdODLuXBEO5IXXBrwA=435" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of web developers and engineering decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrdev%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/aVmkQmRafC1DKfAAAkJrOkYhmHrUuPGLrGSm_bxgjKU=435"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/0_-BHq4SQdiWvRfKMgwEvSFAVumPB5zobE32lBVb2lI=435" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/qEtzDfR1VJsbSOjmK9yrzuDJL24eFC7cNRAntjE1eBA=435" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/uo4BJ4Dedq-Mcul1-GTfQ2etr3iS0EInKANw0Wqy-6w=435" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<span>Priyam Mohanty</span>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fxu-jenny%2F/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/kiLxZXKGvHV42LxssmaTye6iBWfrckaP91lNXHfJbnA=435"><span>Jenny Xu</span></a> & <span>Ceora Ford</span>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Fdev%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/p7S0FUctFkFP-TsznrTK1gWztR62phOxZQxb34kcYu0=435">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Dev isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=e8d201ca-3e93-11ed-9a32-0241b9615763%26lc=156b9020-84b7-11f0-a976-55fc1d40139c%26p=db4ca0bc-d738-11f0-9373-aba62206822c%26pt=campaign%26pv=4%26spa=1765540924%26t=1765541307%26s=053e0f6f5d3b1a7543eba8d27c7363de34f9871fcc2f7e9175e893d83d1f1014/1/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/kb7zkUe5oW64T2JLhiVrZ6OrqB0VaAhNFwt5aAs5H5U=435">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019b127665a0-277886e5-040a-4c61-bb56-08e171222713-000000/j6FcpRBKGTNuwNfIkmiyZ8DdKb_SfqwPbMvys6Rr2bc=435" style="display: none; width: 1px; height: 1px;">
</body></html>