boosting the "latlearn" toot upthread, so it is visible via its related topic tags:
I also worked on an intriguing project involving interfacing a CMS with business #APIs to fully integrate the website's power into a digital ecosystem.
☝️ Just 1 day to go!
Join this live #DDoS attack simulation with Karthik Krishnamoorthy, CTO at Indusface, as he demonstrates a wide variety of attacks and mitigation measures.
- The limitations of host-based rate-limits
- Building multi-pronged mitigation measures ranging from alerts to captchas to blocks
- How Unmetered DDoS mitigation works
Unfold all the findings in detail - reserve your seat now: https://bit.ly/3PPPRWH
a simple latency instrumentation and reporting lib for Golang
bunch of upgrades pushed up tonight
life? what life?
[blog] Comics : notes de développement
Oracle unveils its API-led generative AI service with Cohere’s LLMs - Just months after unveiling its three-tier generative AI strategy across multiple prod... - https://www.infoworld.com/article/3706878/oracle-unveils-its-api-led-generative-ai-service-with-cohere-s-llms.html#tk.rss_all #generativeai #apis
Oracle unveils its API-led generative AI service with Cohere’s LLMs
Have you heard of #fastapi the #Python framework that helps you build, well, fast #APIs? We're proud sponsors!
In "How Domain-Driven Design Benefits APIs", José Haro Peralta presents some nice tips on using #DomainDrivenDesign and bounded contexts to avoid coupling and create better #APIs and schemas https://nordicapis.com/how-domain-driven-design-benefits-apis/
El lado del mal - Todo sobre Telefónica Open Gateway en la nueva newsletter mensual: APIs, Casos de Uso, Trainings, Docs, Events. https://elladodelmal.com/2023/09/todo-sobre-telefonica-open-gateway-en.html #OpenGateway #CAMARA #APIs
And that's another of our APIs moved into our API console! This places API can be used to grab lists of countries and administrative regions up to 5 levels deep, and includes lat/lon data for over 300,000 regions, and ISO 3166 country codes. Useful for populating address fields or plotting places on maps.
Check out SmartBear's YouTube series on the new 2023 #OWASPTop10 for Secure #APIs: https://www.youtube.com/watch?v=nIWBp_nvzq4&list=PLrA5ciulugn8nydmfvt9cGBgDFqg8XbEt
And here's the first guest blog post, by none other than one of the few people who I follow on Twitter because of his great content, Stefano Fago.
In the post, Stefano details RFC 9457, the successor of 7807. Great read!
I didn't try it but it's a great idea and the documentation looks solid
It is the programmer’s responsibility to pass an appropriately η-expanded function.
Furthermore, the current style generalises branching/selection to convey payloads within labels. For example, if a web
server receives a URL payload with a _GET label, one can write
match%lin branch _n with
| ‘_GET(W url, #s) -> ..
The syntax extension requires W constructor pattern right before variable pattern url. Similarly, on the selecting side, the
payload can be sent along with a label:
select (fun p -> ‘_GET(W "http://www.example.com", p)) _n
where the payload must be wrapped with W constructor, as in the receiver side.
revise type signature of monad in Listing and refer to this as linearity monad. only difference
from slot monad is that >>= (line 4) requires that the right-hand function argument must be %lin
function of type lbind, as we have implied above. Thus, the linearity monad is a restricted (or constrained ) monad.
The constructor of W has type data . signature of _lbind and _put are given . it's shown- type signatures of Gay–Vasconcelos-style primitives. The second type argument of each slot specifier
type (slot) is empty, indicating that the session channel is “consumed” according to the linearity typing discipline
Distributed implementation with ad hoc polymorphism
implementation of communications between processes over the network stack such as #TCP, messages need to
be treated uniformly as packets in order to use existing communication #APIs. Thus, communicating messages are converted
to a fixed type at sending and the type information is recovered when received. This issue is solved via ad hoc polymorphism.
It offers a way to specify different behaviours depending on the type of arguments, and widely utilised in functional programming, as in the type classes in #Haskell and implicit parameters in #Scala , two implementations
has been proposed for ad hoc polymorphism in OCaml as follows: (1) Modular-implicits ; and (2) Ppx_implicits
Although Modular-implicits is planned to be finally integrated into mainstream #OCaml, but does not currently work in the
latest #OCaml equipped with #Flambda optimiser. On the other hand, Ppx_implicits works with Flambda optimiser. In what
follows, we use Ppx_implicits.
Ppx_implicits is a type-aware preprocessor of OCaml, which provides ad hoc polymorphism based on the implicit parameters. It exploits optional arguments in vanilla OCaml rather than extending the current syntax and types. Implicit values
are of type (τ, [%imp module]) Ppx_implicits.t where τ is the type of a function to be passed and module is the
name of the module where the implicit values are defined. Followings are the types for such implicit values
@Natanox @Pabamiti @nomain @netzpolitik_feed Alle #zentralisiert|en #SingleVendor/ #SingleProvider-Lösungen sind Mist.
Deshalb nutzt auch keiner mehr #AIM, #MSN o. #ICQ!
Hinzu kommt, dass @signalapp / #Signal nicht nur unnötige Daten erfasst und speichert (u.a. #Telefonnummer) und die #Notification-#APIs von #Google und #Apple nutzt sondern ausschließlich über deren Plattformen verteilt wird und aktiv #Sideloading verbietet.
Für mich stinkt das nach #Honeypot alla #ANØM!
THE COMPLETE NODE.JS DEVELOPER COURSE
Learn Node.js by building real-world applications with Node JS, Express, MongoDB, Jest, and more!
Visit Website: https://thetech24online.com/video-courses/
#NodeJS #NodeJSDeveloper #NodeJSCourse #WebDevelopment #FullStack #Coding #Programming #TechEducation #OnlineLearning #WebDev #NodeJSProgramming #ExpressJS #MongoDB #APIs #AsyncProgramming #NodeJSProjects #LearnToCode #NodeJSSkills #NodeJSCertification #NodeJSTraining #NodeJSCommunity #NodeJSEngine
How to improve API security in ASP.NET Core - Because our APIs handle private and sensitive data, it is imperative that we adopt pro... - https://www.infoworld.com/article/3705948/how-to-improve-api-security-in-aspnet-core.html#tk.rss_all #developmentlibrariesandframeworks #softwaredevelopment #webdevelopment #microsoft.net #apis #c#
Thanks to Erik Wilde for letting me join him on his Getting APIs to Work YouTube channel. I hope you enjoy it and will continue the conversation! #LanguageOfAPIDesign #APIDesignMatters #APIs https://www.linkedin.com/feed/update/urn:li:activity:7102266311681916928/
How to succeed with GraphQL APIs
How to succeed with GraphQL APIs - As our software-based business has gotten deeper into the GraphQL API ecosystem, we’ve... - https://www.infoworld.com/article/3705052/how-to-succeed-with-graphql-apis.html#tk.rss_all #softwaredevelopment #webdevelopment #cloudcomputing #apis
I just revisited #Dapr (Distributed Application Runtime):
* The standardization of #APIs around #microservice interactions is a key point.
* The state management API seems solid for abstracting the persistence layer, including a vendor-agnostic Query Languange.
* I was intrigued by the Metadata API and how it enables the discovery of the different capabilities supported by the runtime.
Feel free to try out the public workspace:
"Getting Creative with OpenAPI" -- my next article in the #LanguageOfAPIDesign series in #APIDesignMatters, where I walk through many aspects of defining a resource creation operation in #OpenAPI https://apidesignmatters.substack.com/p/getting-creative-with-openapi #APIs
Get started with FastAPI
#APIs #BigTech #Transparency #Cybersecurity: "To demand transparency from tech platforms, we need a platform-independent transparency framework, something that I like to call an inspectability API. Such a framework would empower even the most vulnerable populations to capture evidence of harm from their devices while minimizing the risk of their data being used in research or reporting without their consent.
An application programming interface (API) is a way for companies to make their services or data available to other developers. For example, if you’re building a mobile app and want to use the phone’s camera for a specific feature, you would use the iOS or Android Camera API. Another common example is an accessibility API, which allows developers to make their applications accessible to people with disabilities by making the user interface legible to screen readers and other accessibility tools commonly found on modern smartphones and computers. An inspectability API would allow individuals to export data from the apps they use every day and share it with researchers, journalists, and advocates in their communities. Companies could be required to implement this API to adhere to transparency best practices, much as they are required to implement accessibility features to make their apps and websites usable for people with disabilities."
@jaapio I also hope the #workflows project at #OAI will also lead to its adoption as a standard for documenting API flows (sequences of chained API calls) that demonstrate higher level business cases solved with #APIs https://github.com/OAI/sig-workflows/blob/main/versions/1.0.0.md
Big news in the #APIs tooling arena: SmartBear acquires Stoplight https://smartbear.com/news/news-releases/smartbear-to-acquire-stoplight/
👉 API attacks have risen 400% in the last six months (as per Security Boulevard)
This has caused 59% of organizations to delay the release of new applications due to concerns about #APIsecurity.
As industries look to integrate with third-party software more often to improve their business operations, the security of #OpenAPIs has become critical.
In the upcoming webinar, join Vivekanand Gopalan (VP of Products) as he discusses:
- API Vulnerability Scanning: Identify #OWASPAPI Top 10 vulnerabilities
- Positive Security Models: How to automate the creation of positive security models for #APIs
- Protection from API Attacks: Utilize WAAP to protect APIs from vulnerability, DDoS, account takeover, credential stuffing, and other bot attacks
To unfold all the above findings in detail, reserve your seat now. https://bit.ly/3OYLmZw
- Resource is named RPC-style
- API key in the query string
- HTTP status code (also) included in response body
- Validation errors returned with 200 OK
- Some server-side errors yield the text "null"
Not sure what else they could break with it still being "functional". LOL
Check out this article I contributed for BAI's executive summary on #OpenBanking !
"APIs have opened up new possibilities for banks and credit unions to embed financial capabilities within third-party partner software. By adding various banking services—such as opening an account, viewing balances or making transfers—to nonfinancial websites or apps, institutions can reach users digitally and grow these relationships through an entirely new channel." Apiture #APIs https://info.bai.org/executive-report-creating-new-opportunities-through-open-banking.html
Google launches Pricing API to help enterprises optimize cloud costs - Google Cloud has released Pricing API for its cloud services in order to help enterpri... - https://www.infoworld.com/article/3704496/google-launches-pricing-api-to-help-enterprises-optimize-cloud-costs.html#tk.rss_all #cloudcomputing #google #apis
👉 API attacks have risen by 400% in the last six months.
This has caused 59% of organizations to delay the release of new apps due to #apisecurity concerns.
As industries look to integrate with more 3rd party apps, the security of #OpenAPIs has become critical.
Join Vivek Gopalan in the upcoming webinar, where he discusses:
- Best practices for API discovery & documentation
- Identifying OWASP API Top 10 vulnerabilities
- Automating the creation of positive security models
- Protecting APIs from vulnerabilities, #DDoS, and #botattacks
Book your seat now! https://bit.ly/47lLLMN
Pretty unsure about generating the idempotency key on the server, which requires an additional roundtrip. Better use the client for it.
So for any #CCSS that isn't locked to a specific #LTS #Distro and -Version if not Hardware (i.e. #Linux Version of #Autodesk #Maya required proof of eligible System [i.e. HP z-Series] & Supported OS [Subscription] [i.e. #RedHat #RHEL Workstation 5.0]) before you can even purchase any #License the most stable #APIs are those supported by #Proton (#Wine + #DXVK)...
"As with the new Reddit, [Twitter's] inflated fees for accessing the API are not really about passing real world costs onto developers who have been effectively subsidized in the past. It's the DJ turning on all the lights and playing a certain song at maximum volume."
It's a pretty sophisticated analysis in near-real-time. Blessedly, the company doesn't use the uber-over-hyped #AI description for this capabilitiy.
👎 GraphQL: From Excitement to Deception
| Better Programming
"It’s really easy to understand how GraphQL solves Facebook problems. The remaining question is, “Does it solve yours?”
Mike Amundsen (@mamund) is the master of hypermedia. I "faked it 'til I made it" about REST until I heard his talk on hypermedia. Every talk - indeed, every conversation we have - is a fascinating journey connecting the history of digital communication to the now. And that's why I'm a Mike Amundsen fanboy. We talked about all this on the Compiling! Podcast, then dove into his history as a professional musician - which is connected! #podcast #hypermedia #apis #music
'Discussing Library of Congress API documentation with Laura Wrubel and Patrick Rourke' by Eileen J Manchester https://blogs.loc.gov/thesignal/2023/06/discussing-library-of-congress-api-documentation-with-laura-wrubel-and-patrick-rourke/
A lovely reminder of the difference good APIs can make for cultural organisations (in a week when API access is in the news)
On this episode of APIs You Won't Hate (the podcast), Or Weis from
Permit.io talks to mike about permissions, authentication, authorization, and the challenges facing developers building out products for real people.
Listen here, or subscribe wherever you get your podcasts:
We are exploiters by nature, of nature.
I swear that we are evolved to look at the world, see a tree, crab, bird or rock and imagine how it can be used.
So we make social systems which look like exploitable systems. Post offices, power lines, dependable social subscriptions in the built environment which use our evolved sense for natural exploitation at the guideline.
It is everywhere and therefore everyones.
Remember “Open APIs?” How Tim O’Reilly told us they were how we would build the “open web” in “Web 2.0?”
Turns out an Open API is open in the sense that a gate owned by someone else is open. In that it can just as easily be closed and locked at their whim.
API providers, repeat after me:
*The only license to apply to example code is CC0 (no rights reserved, public domain declaration).*
Developers should not have declare a license dependency for copying/pasting boilerplate for using your API.
🎙️ A Fresh episode of APIs You Wont' Hate (the podcast) is live!
Constantin Schreiber, co-founder of @fastgenhq, sat down with me to talk about Fastgen's no-code API and workflow product. Constantin talks about what it's like to build a company as a repeat founder, as well as the experience of going through Y Combinator as a founder.
Refresh your feed or give it a listen at https://apisyouwonthate.com/podcast/no-code-apis-and-automation-with-constantin-schreiber-from-fastgen/
In practice you have a runner process which interacts with the chatbot set in-between the user/client and the #chatbot, and it does three things:
1. Explains to the chatbot where it is and to which parties it can communicate with, typically the runner process and the user. It prompts the chatbot to be aware of all the relevant #API commands it can use.
2. Intercepts the API commands used by the chatbot and calls the APIs on its behalf, transforming the parameters from chatbot output and the results into a prose text which is easily usable by the chatbot.
3. Control the flow of the discourse process, typically dividing a single call by user/client into multiple interactions with the chatbot where the ultimate results are navigated to, evaluated and aggregated, and the chatbot can call several APIs including itself.
So, the chatbot APIs, which will form the most important service provisioning channel in the future need:
- A short description of what the API is and when and how to engage with it. This is laid out to the chatbot along with all the other API descriptions so it cannot be very long.
- A more detailed description of the syntax of the API if it is non-trivial which is given to the chatbot only if it decides it needs to engage with that API. Saving precious context length, only giving this to the chatbot if it needs it.
- Need to be very, very graceful in what they accept. Need to return something maximally useful even for incorrect calls.
- Need to return results in a short, prosaic form, where e.g. long lists of numbers are summarized.
It is not necessarily smart to give chatbot an API to the web, because of prompt injection attacks from arbitrary untrusted web sites. However, giving it access to your internal APIs is very powerful indeed.
Chatbots typically need a prompt database of sorts which allows it to navigate knowledge it needs based on keywords. Each set of keywords fetches the most relevant document, or an exact match by id, which can explain more things to the chatbot, for example about APIs. These documents can include hyperlinks in a bot-convenient format so that the bot can navigate to other information if it needs to. They can also include API descriptions to enable the bot to utilize APIs through the runner process.
These bot APIs can be exposed to external bots as well in the style of OpenAI plug-ins. In the near future most of your users might be bots.
Most #SearchEngines have paid #APIs one can use to retrieve results but there are also #metasearch engines which seem to pull these results without paying for them (e.g., on the small scale, independent #seeks instances). I'm curious about the #legal issues surrounding metasearch. Who pays for the #API? And who uses other methods and why?
🎙️ APIs You Won't Hate (the podcast) - Learnin' about webhooks, with Tom Haconen from @svix
Webhooks: A featureset that is often seen as a roadblock by developers building their skills. Svix is helping to lower the barrier to entry, by building world-class developer tools for deploying and consuming webhooks.
Sound interesting? Give it a listen. I think you'll like this one.
🎙️ Jazzed about API client library codegen with Danny Sheridan from Fern
A fresh episode of APIs You Won't Hate (the podcast)
I sat down with co-founder and CEO of Fern, Danny Sheridan to talk about what his team is building. Fern is helping engineering teams scale their output with API Client Library code-generation.
Danny's team is building some seriously cool tech, and my man knows how to bring the energy to a podcast interview. Thanks, Danny!
First of all, there's no unfair advantage. Someone easily builds an open source clone which makes exactly the same thing. There is no way these businesses can become profitable before becoming redundant.
Also, let's appreciate the fact that we will get #AGI in months. That is important, and business plans should be evaluated against that.
Think where you will be in that new world. It doesn't matter if you have a small app which calls OpenAI API, that's all obsolete instantly. It doesn't even matter if you have a stable stream of revenue, that will almost certainly dry up.
Things that matter are:
- Who you have in your trusted circle (who you trust, who trust you, who have capacity to see, understand and act fast and correctly);
- what capacity you have to utilize or support AGI for (#industrial, #medical, #military, #scientific, #social, #chips, #power, #internet connectivity, #data, ...);
- what #compute you have available under your own control, not rented (we will have a sudden scarcity of compute at the start, and all cloud rents will go sky high);
- will you have the latest models or not? They won't be published, to get such you need to be in the "game".
This is more important than the internet and the electricity combined. Put your money where it matters, not into gold and derivatives. Remember what "capital" is.
Excellent article from #NYTimes by @bxchen, @email@example.com,
@KYWeise@twitter.com which articulates why #VoiceAssistants have struggled to find product-market fit: their internal designs are cumbersome to extend, and in the words of #SatyaNadella, they're "dumb as a rock".
I'm not so sure.
That is, for a given command - an #utterance - there will be a deterministic response. They might be dumb as a rock but I trust what a rock does.
Voice assistants are interfaces. Interfaces to content, to news, to entertainment, to data. Voice assistants are a door. And right now, they can gatekeep what comes through.
Hmm, #IFTTT support going away for #Netatmo products, I wonder what is behind this - one side or the other most have changed their position or thinking, I guess. I barely use IFTTT at all now, and never did with these products, but it was an exciting potential “universal switching hub” concept a number of years back… #IoT #APIs
🎙️ A fresh episode of APIs You Won't Hate (the podcast)!
I had the chance to catch up with Anton Zagrebelny from https://stigg.io. We had a great discussion about pricing strategy and structures for SaaS products, and the API libraries that Stigg has built to make it easier for developers to experiment.