TIL

`git bisect` does a binary search through commit history to find which commit introduced a bug. The interactive version asks you to mark each commit as `good` or `bad`. `git bisect run` accepts a script: if the script exits 0 the commit is good; if it exits non-zero the commit is bad. This lets the bisect run completely automatically: crucial when you need to check 50 commits and each build takes 30 seconds.

The `animation-fill-mode` property controls what styles apply to an element outside its active animation period. `forwards` retains the final keyframe state after the animation ends. `backwards` applies the first keyframe state during the `animation-delay` period, so the element does not flash its pre-animation style while waiting to start. `both` does both: the most useful value for entrance animations where you set `opacity: 0` in the first keyframe and want the element to be invisible during the delay.

AMD launched the AMD Developer Cloud to let developers try Instinct accelerators (MI300X) with ROCm already set up, hosted via DigitalOcean. The pricing is $1.99/hr for a single MI300X and $15.92/hr for 8x. New signups get 25 free GPU hours (~$50 credit) valid for 10 days. The important takeaway: AMD is making it possible to test ROCm GPU code without owning hardware, which matters because the biggest barrier to CUDA alternatives has always been hardware access.

Claude Mythos 5 was released on June 9, 2026 alongside Claude Fable 5, but unlike Fable it is not available to the general public. It sits above the Opus class in capability, is purpose-built for finding software vulnerabilities and has no safety classifiers that can decline requests. Anthropic restricts it to vetted partners through Project Glasswing. What struck me: we now have a two-tier model landscape where the most capable systems are deliberately gatekept, not because Anthropic could not ship them but because they chose not to. The pace of capability improvement has outrun the pace of safe deployment: and the gap is now structural.

In TLS 1.2, the client sends ClientHello, waits for ServerHello and certificate, sends its key exchange, then waits for the server Finished before sending its own Finished: two round trips before any application data flows. TLS 1.3 redesigned the handshake: the client sends a key share speculatively in ClientHello. If the server supports it, it responds with certificate, key share and Finished in one message. The client can send application data immediately after its Finished. One round trip total.

On a bare-metal MCU there is no terminal, no stdout and no file system. But you can retarget the low-level write function that `printf` calls internally: on GCC/Newlib this is `_write()`, on Keil/armcc it is `fputc()`. Once you override it to transmit via UART HAL, any `printf` call anywhere in the firmware goes out over the serial port. This is faster to set up than a dedicated logging library and uses the standard format specifiers you already know.

FreeRTOS timing functions take ticks, not milliseconds. If you hardcode `vTaskDelay(100)` you get 100 ticks, whose real-time duration depends on `configTICK_RATE_HZ`. At 1000 Hz that is 100 ms; at 100 Hz it is 1000 ms. `pdMS_TO_TICKS(ms)` does the conversion correctly regardless of the tick rate, so the same source code produces the same real-time delay on any configuration. Always use it instead of a bare integer literal.

When you operate on two NumPy arrays with different shapes, broadcasting determines what happens. The rule: align shapes right-to-left; a dimension is compatible if it is equal or one of them is 1. Size-1 dimensions are stretched to match the other without copying memory. A `(3, 1)` column vector and a `(1, 4)` row vector broadcast to `(3, 4)`. This is not a loop: it is a zero-copy view processed with SIMD instructions.

The standard CSRF double-submit cookie pattern: generate a random token, set it as a non-HttpOnly cookie and require the same value in a request header or form field. A cross-origin attacker cannot read the cookie value (same-origin policy blocks it), so they cannot reproduce the header value. The server checks cookie value equals header value: no session lookup needed. This makes it easy to implement in stateless API servers.

GNU `grep` uses the Boyer-Moore-Horspool algorithm, not a naive left-to-right scan. For a pattern of length m, it pre-computes a skip table: for each possible byte value, how many characters it can safely skip. This lets grep skip m characters at a time in the best case, scanning far less than 100% of the input. On large files with rare or long patterns, grep is faster than mmap reads of the same data because the algorithm skips huge chunks entirely.