All streams

Historically, we’ve ended up using a few rather obscure PHP extensions—written and barely (if at all) maintained by their original authors—that aren’t available in standard Debian package sources.

We stick to the principle of “do it right, and it’ll work right,” which means Slackware-style dropping binaries into the system outside of package managers is frowned upon.

So instead, we’ll be building proper .deb packages for PHP extensions—without breaking compatibility with the existing environment.

A lot of people around me spend time trading on the stock market. Some trade crypto, some trade stocks, others trade currencies. Some call themselves investors, others call themselves traders. I often see random passersby in various cities and countries checking their trading terminals on their phones or laptops. And at night I sometimes write analytical or backtesting software—well, I did up until recently. All these people share a common faith and a set of misconceptions about the market.

We are a brokerage platform operating in a dynamic and complex domain. This specificity comes with a set of challenges. On the one hand, it entails a high variability of scenarios and potentially significant risks associated with errors. On the other hand, it has short development iterations with frequent delivery cycles. 

In this article, we will share how we maintain the quality of our numerous backend services, which provide essential information to our trading terminals.

The goal of the Intelligent Systems Department is to facilitate the road to high-quality professional life. The Ph.D. degree requires three publications in peer-reviewed journals. They are the core of the student’s thesis. This year each of our bachelor students delivered at least one publication. It means they pave the road to their Ph.D. To facilitate this, the Department provides state-of-the-art research topics, scientific advisors with excellence in science, and fine-tuned educational courses. Below, we are proud to recognize our students for their outstanding achievements.

Gen Z – a generation of young people born between the last few years of the 20th century and the first ten years of the 21st, are the primary users of a modern-day Internet. They started using technology since their early childhood, being almost constantly glued to their smartphones and tablets, which led to them being very demanding users that have their own requirements in UX. At the same time, they are known for their sense of humor and straightforwardness – which means they love using products that are both easy to navigate but full of interactive elements. Below we’ve collected a few things you should consider when creating a UX design aimed at a young audience.

Why might a feature not get to production on time? What prevents the team from releasing before the deadline? Can the product owner influence the timeline?

In this article, I will try to answer these questions and suggest solutions for the processes we are implementing and improving within the product team at EXANTE.

SSH (Secure Shell) is the backbone of remote system administration and secure remote access, serving millions of developers and system administrators daily. However, when SSH connections fail, the cryptographic nature of the protocol can make debugging challenging. The complex interplay between authentication mechanisms, encryption algorithms, and network layers often obscures the root cause of connection issues. This complexity is further compounded by the protocol's security-first design, where error messages are intentionally vague to prevent potential attackers from gathering system information. Whether we're dealing with key authentication failures, network connectivity issues, or configuration mismatches, understanding the underlying SSH architecture becomes critical for effective troubleshooting.

In today's interconnected development world, secure authentication is not just a luxury—it's a necessity. Whether you're a seasoned DevOps engineer or a junior developer just starting your journey, understanding SSH key pairs is crucial for your daily workflow. They're the unsung heroes that keep our git pushes secure, our server access protected, and our deployments safe from prying eyes.

But let's be honest: SSH keys canbe confusing. With terms like “public key infrastructure,” “cryptographic algorithms,” and “key fingerprints” floating around, it's easy to feel overwhelmed. This guide aims to demystify SSH key pairs, breaking down complex concepts into digestible pieces that will help you make informed decisions about your security setup.

This article is the first in the series about the upcoming PostgreSQL 18 release. Let us take a look at the features introduced in the July CommitFest.

Planner: Hash Right Semi Join support
Planner: materializing an internal row set for parallel nested loop join
Planner support functions for generate_series
EXPLAIN (analyze): statistics for Parallel Bitmap Heap Scan node workers
Functions min and max for composite types
Parameter names for regexp* functions
Debug mode in pgbench
pg_get_backend_memory_contexts: column path instead of parent, new column type
Function pg_get_acl
pg_upgrade: pg_dump optimization
Predefined role pg_signal_autovacuum_worker

Firebase Performance offers a free, comprehensive solution for tracking app performance. As part of the Firebase suite, it provides seamless integration with other Firebase services like Crashlytics, making it easier to manage all performance and crash data in one place. This not only simplifies access but also streamlines team collaboration without the need to manage multiple platforms.

Важным событием позапрошлой недели стало масштабное заражение npm-пакетов червем Shai-Hulud. Эта вредоносная программа нацелена на разработчиков открытого ПО. Она ставит под угрозу данные для доступа к облачным сервисам, выкладывает в общий доступ приватные репозитории. Данная вредоносная операция может быть квалифицирована как атака на цепочку поставок: взлом популярного npm-пакета приводит к компрометации множества других программных решений. На прошлой неделе специалисты «Лаборатории Касперского» подробно разобрали схему работы зловреда Shai-Hulud. Также с высокой вероятностью был определен «нулевой пациент» — первый зараженный пакет в репозитории npm.

Атака начинается с загрузки зараженного пакета из репозитория npm. После установки автоматически запускается вредоносный скрипт размером более 3 мегабайт с названием bundle.js. Он содержит набор легитимных модулей для работы с облачными сервисами Amazon и Google Cloud Platform, инструменты для взаимодействия с GitHub API, а также имеет функциональность для работы с TruffleHog, свободно распространяемой утилитой для поиска ссылок на конфиденциальные источники данных.

This tutorial will guide you through the process of integrating OpenAI’s powerful Codex coding agent directly into your Visual Studio Code environment. This tool functions as an AI pair programmer, capable of understanding complex prompts to execute commands, write code, run tests, and even build entire applications from scratch.

The repo of this script is https://gitlab.com/vitaly‑zdanevich/full‑backup/‑/blob/master/full‑backup.sh

Incremental with hard links means that if a file is not changed, on the next backup it will link to the same underlying data, like deduplication. Hard links — its usual files.

Also, this script ignores .gitignore of every folder.

Run this script from another system.

CAPTCHA protocols are designed to tell bots from humans, yet in the worlds of automation and testing there is often a need to bypass them. Dedicated CAPTCHA‑solving services take over this task, combining algorithms with human labor.

In this article we present an in‑depth comparison of four popular platforms — 2Captcha, SolveCaptcha, DeathByCaptcha, and AntiCaptcha. We will examine not only pricing and the types of CAPTCHAs supported, but also internal architecture, API integrations, speed and stability, plus the quirks of using each service.

The technical community will find a deep dive here — from API and SDK structure to real‑world use cases. Below you will see a table comparing key characteristics, lists of pros and cons, and a discussion of which service best fits particular automation tasks.

Postgres Pro recently announced the release of Enterprise Manager 2, commonly known as PPEM.

In short, PPEM is an administration tool designed for managing and monitoring Postgres databases. Its primary goal is to assist DBAs in their daily tasks and automate routine operations. In this article, I'll take a closer look at what PPEM has to offer. My name is Alexey, and I'm part of the PPEM development team.

Today, I want to talk about one of those sneaky tricks that can help speed up query execution. Specifically, this is about reordering conditions in WHERE clauses, JOINs, HAVING clauses, and so on.

The idea is simple: if a condition in an AND chain turns out to be false, or if one in an OR chain turns out to be true, there's no need to evaluate the rest. That means saved CPU cycles — and sometimes, a lot of them. Let’s break this down.

Here I describe the results of developing a PostgreSQL extension I built just out of curiosity. Its purpose is to automatically manage extended column statistics. The idea came to me while finishing work on another "smart" query-driven product for improving PostgreSQL planning quality. I realized that the current architecture of PostgreSQL isn’t quite ready for fully autonomous operation — automatic detection of bad plans and adaptive optimizer tuning. So why not try the other way around and build an autonomous data-driven assistant?

Hi everyone, I’m Alexey. I’m a big fan of observability, and in this post, I want to share something I’ve been working on — the pgpro-otel-collector.

TL;DR: pgpro-otel-collector is an OpenTelemetry collector (aka monitoring agent) tailored for gathering Postgres metrics and logs — brought to you by PostgresPro.

This article presents a business-driven approach to software architecture, focusing on maximizing profitability through technical decisions. It advocates for:

Distributed, stateless services with immutable models for scalability

Isolated third-party integrations without disrupting core logic

Simple, modular design 

Best for:

✔ Tech leads designing scalable systems
✔ Managers optimizing dev efficiency
✔ Stakeholders evaluating ROI on architecture

Users don’t fear changes. They fear wasting time. Why users reject “best” products — and how to win them over.