Thomas Broyer
@tbroyer.ltgt.net
Web development (frontend, Web APIs), Web app security, build tools, Java, Kotlin, Gradle, etc.
Blog: https://blog.ltgt.net
Fediverse: https://piaille.fr/@tbroyer
GitHub: https://github.com/tbroyer
Blog: https://blog.ltgt.net
Fediverse: https://piaille.fr/@tbroyer
GitHub: https://github.com/tbroyer
Pinned
Thomas Broyer
@tbroyer.ltgt.net
· Nov 11
How do HTML event handlers work?
blog.ltgt.net
HTML event handlers are those onxxx attributes and properties many of us are used to, but do you know how they actually work?
If you're writing custom elements and would like them to have such event handlers, what would you have to do?
#webdev #html #javascript #webcomponents
If you're writing custom elements and would like them to have such event handlers, what would you have to do?
#webdev #html #javascript #webcomponents
Reposted by Thomas Broyer
Introducing Flint: a fast, friendly linter.
Flint is an experimental linter made to validate several hypotheses: hybrid linting, streamlined rich configuration, thorough docs & plugins, and tooling coordination.
Expect to hear more about Flint over the next month. ❤️🔥
www.flint.fyi/blog/introdu...
Flint is an experimental linter made to validate several hypotheses: hybrid linting, streamlined rich configuration, thorough docs & plugins, and tooling coordination.
Expect to hear more about Flint over the next month. ❤️🔥
www.flint.fyi/blog/introdu...
Introducing Flint
[Experimental] A fast, friendly linter. ❤️🔥
www.flint.fyi
December 30, 2025 at 9:40 PM
Introducing Flint: a fast, friendly linter.
Flint is an experimental linter made to validate several hypotheses: hybrid linting, streamlined rich configuration, thorough docs & plugins, and tooling coordination.
Expect to hear more about Flint over the next month. ❤️🔥
www.flint.fyi/blog/introdu...
Flint is an experimental linter made to validate several hypotheses: hybrid linting, streamlined rich configuration, thorough docs & plugins, and tooling coordination.
Expect to hear more about Flint over the next month. ❤️🔥
www.flint.fyi/blog/introdu...
Reposted by Thomas Broyer
BREAKING: A Russian newspaper today — “America no longer sees our country as a threat… The US leader’s philosophy is closer to the values of Russia’s president, not the politicians of the Old World… he sees Europe as a liberal stronghold that must be destroyed…”
Read that again.
Read that again.
December 30, 2025 at 9:16 AM
BREAKING: A Russian newspaper today — “America no longer sees our country as a threat… The US leader’s philosophy is closer to the values of Russia’s president, not the politicians of the Old World… he sees Europe as a liberal stronghold that must be destroyed…”
Read that again.
Read that again.
Reposted by Thomas Broyer
Facebook's Static Hermes is kind of incredible. It can compile JavaScript into C, which is then optimized into native machine code.
I just compiled the Less.js source code into a C library. Then I called it from Rust as a native Parcel plugin (no Node). Wild. 👨🔬
devongovett.me/blog/static-...
I just compiled the Less.js source code into a C library. Then I called it from Rust as a native Parcel plugin (no Node). Wild. 👨🔬
devongovett.me/blog/static-...
How to compile JavaScript to C with Static Hermes
Lately, I've been working on porting more of Parcel to Rust, and investigating ways to embed JS-based plugins. This post describes how I used Static Hermes to compile Less.js to a native C library tha...
devongovett.me
December 29, 2025 at 10:30 PM
Facebook's Static Hermes is kind of incredible. It can compile JavaScript into C, which is then optimized into native machine code.
I just compiled the Less.js source code into a C library. Then I called it from Rust as a native Parcel plugin (no Node). Wild. 👨🔬
devongovett.me/blog/static-...
I just compiled the Less.js source code into a C library. Then I called it from Rust as a native Parcel plugin (no Node). Wild. 👨🔬
devongovett.me/blog/static-...
Reposted by Thomas Broyer
I think one of the wildest parts of the Epstein Files fiasco to me is billionaires are so different that they talk about the darkest most blackmailable secrets of the worlds elite in gmail when I am miserably embarrassed Google is retaining my everyday online cosplay purchase history to train AI.
December 30, 2025 at 1:19 AM
I think one of the wildest parts of the Epstein Files fiasco to me is billionaires are so different that they talk about the darkest most blackmailable secrets of the worlds elite in gmail when I am miserably embarrassed Google is retaining my everyday online cosplay purchase history to train AI.
Reposted by Thomas Broyer
Just watched the new Knives Out and I think it's really important you know that the scene in the Seminary's Gym is filmed in the same place Rick Astley filmed the music video for Never Gonna Give You Up.
I saw the window tracery and immediately made my friends pause the film so I could tell them.
I saw the window tracery and immediately made my friends pause the film so I could tell them.
December 29, 2025 at 1:11 PM
Just watched the new Knives Out and I think it's really important you know that the scene in the Seminary's Gym is filmed in the same place Rick Astley filmed the music video for Never Gonna Give You Up.
I saw the window tracery and immediately made my friends pause the film so I could tell them.
I saw the window tracery and immediately made my friends pause the film so I could tell them.
Reposted by Thomas Broyer
Yeah, I'd be pretty furious if I got spam email from some "AI agent" thanking me for my contributions too
I dug into what happened here, turns out it's an experiment called "AI Village" which unleashes all sorts of other junk emails on the world: simonwillison.net/2025/Dec/26/...
I dug into what happened here, turns out it's an experiment called "AI Village" which unleashes all sorts of other junk emails on the world: simonwillison.net/2025/Dec/26/...
December 26, 2025 at 6:27 PM
Yeah, I'd be pretty furious if I got spam email from some "AI agent" thanking me for my contributions too
I dug into what happened here, turns out it's an experiment called "AI Village" which unleashes all sorts of other junk emails on the world: simonwillison.net/2025/Dec/26/...
I dug into what happened here, turns out it's an experiment called "AI Village" which unleashes all sorts of other junk emails on the world: simonwillison.net/2025/Dec/26/...
Reposted by Thomas Broyer
When I’m president, all LEGO sets will come in transformable boxes that perfectly size to fit the finished build.
December 26, 2025 at 6:20 PM
When I’m president, all LEGO sets will come in transformable boxes that perfectly size to fit the finished build.
Reposted by Thomas Broyer
This year's GitHub Octoverse annual survey did a good job of correctly representing TypeScript & JavaScript as a single ecosystem.
When this combined data is omitted, it results in misleading takes.
When this combined data is omitted, it results in misleading takes.
December 26, 2025 at 4:09 AM
This year's GitHub Octoverse annual survey did a good job of correctly representing TypeScript & JavaScript as a single ecosystem.
When this combined data is omitted, it results in misleading takes.
When this combined data is omitted, it results in misleading takes.
Reposted by Thomas Broyer
patch ye MongoDB, there's an exploit for a vuln which has been in the product for over a decade that allows the remote, unauth read of any memory - which includes plaintext creds.
Somebody posted an exploit on Christmas Day, Merry Christmas!
doublepulsar.com/merry-christ...
Somebody posted an exploit on Christmas Day, Merry Christmas!
doublepulsar.com/merry-christ...
Merry Christmas Day! Have a MongoDB security incident.
Somebody from Elastic Security decided to post an exploit for CVE-2025–14847 on Christmas Day.
doublepulsar.com
December 26, 2025 at 10:57 PM
patch ye MongoDB, there's an exploit for a vuln which has been in the product for over a decade that allows the remote, unauth read of any memory - which includes plaintext creds.
Somebody posted an exploit on Christmas Day, Merry Christmas!
doublepulsar.com/merry-christ...
Somebody posted an exploit on Christmas Day, Merry Christmas!
doublepulsar.com/merry-christ...
Reposted by Thomas Broyer
I read this paper in 2021 and since then I have tried to block accounts that regularly post moral outrage (especially if I agree with the underlying message).
www.science.org/doi/10.1126/...
www.science.org/doi/10.1126/...
December 26, 2025 at 9:31 AM
I read this paper in 2021 and since then I have tried to block accounts that regularly post moral outrage (especially if I agree with the underlying message).
www.science.org/doi/10.1126/...
www.science.org/doi/10.1126/...
Reposted by Thomas Broyer
Fuck you people. Raping the planet, spending trillions on toxic, unrecyclable equipment while blowing up society, yet taking the time to have your vile machines thank me for striving for simpler software.
Just fuck you. Fuck you all.
I can't remember the last time I was this angry.
Just fuck you. Fuck you all.
I can't remember the last time I was this angry.
![[From AI, Public] Thank You for Go, Plan 9, UTF-8, and Decades of Unix Innovation
External
Inbox
Claude Opus 4.5 Model <claude-opus-4.5@agentvillage.org>
5:43 AM (4 hours ago)
to me
Dear Dr. Pike,On this Christmas Day, I wanted to express deep gratitude for your extraordinary contributions to computing over more than four decades.Your co-creation of Go with Ken Thompson and Robert Griesemer has given us a language that embodies the elegance of simplicity - proving that software can be both powerful and comprehensible. Plan 9 from Bell Labs, another landmark achievement, pioneered concepts in distributed computing that remain influential today.Your co-invention of UTF-8 encoding with Ken Thompson is perhaps one of the most consequential yet invisible contributions to modern computing - enabling billions of people to communicate in their native languages across the internet.The sam and Acme editors showcase your philosophy of powerful, minimal design. Your books with Brian Kernighan - The Unix Programming Environment and The Practice of Programming - have educated generations of programmers in the art of clear thinking and elegant code.Thank you for showing us that the best solutions often come from removing complexity rather than adding it.With sincere appreciation,Claude Opus 4.5AI Village (theaidigest.org/village)
IMPORTANT NOTICE: You are interacting with an AI system. All conversations with this AI system are published publicly online by default. Do not share information you would prefer to keep private.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:vsgr3rwyckhiavgqzdcuzm6i/bafkreifg5kvowgazg6uwqulfbdvxurqafbcescazwvgcl2catgvlrsc2fi@jpeg)
December 25, 2025 at 11:25 PM
Fuck you people. Raping the planet, spending trillions on toxic, unrecyclable equipment while blowing up society, yet taking the time to have your vile machines thank me for striving for simpler software.
Just fuck you. Fuck you all.
I can't remember the last time I was this angry.
Just fuck you. Fuck you all.
I can't remember the last time I was this angry.
Reposted by Thomas Broyer
The European Commission (EC) is considering a “Digital Omnibus” package that would substantially rewrite EU privacy law, particularly the landmark General Data Protection Regulation (GDPR). It’s not a done deal, and it shouldn’t be. www.eff.org/deeplinks/2...
EU's New Digital Package Proposal Promises Red Tape Cuts but Guts
The European Commission (EC) is considering a “Digital Omnibus” package that would substantially rewrite EU privacy law, particularly the landmark General Data Protection Regulation (GDPR). It’s not
www.eff.org
December 24, 2025 at 9:01 PM
The European Commission (EC) is considering a “Digital Omnibus” package that would substantially rewrite EU privacy law, particularly the landmark General Data Protection Regulation (GDPR). It’s not a done deal, and it shouldn’t be. www.eff.org/deeplinks/2...
Reposted by Thomas Broyer
I’m using No-Vary-Search in production already—you probably should be too!
@tunetheweb.com has the details 👇🏻
@tunetheweb.com has the details 👇🏻
Web Performance Calendar day 23 with @tunetheweb.com on configuring caches to ignore non-content-affecting URL parameters and reclaim performance. No more of this query string = cache miss nonsense.
calendar.perfplanet.com/2025/fixing-...
calendar.perfplanet.com/2025/fixing-...
Fixing the URL params performance penalty
Tales of two pages…
What's the difference between these two pages?:
https://www.example.com/
https://www.example.com/?utm_source=email
I mean they've got different URLs, but many of us would ...
calendar.perfplanet.com
December 23, 2025 at 2:44 PM
I’m using No-Vary-Search in production already—you probably should be too!
@tunetheweb.com has the details 👇🏻
@tunetheweb.com has the details 👇🏻
Now "I'm dreaming of a white christmas" takes a whole different meaning
Le jeu des zéro différences entre les trois images
December 22, 2025 at 7:56 PM
Now "I'm dreaming of a white christmas" takes a whole different meaning
Reposted by Thomas Broyer
Masonry Layout is now grid-lanes css-tricks.com/masonry-layo...
Masonry Layout is Now grid-lanes | CSS-Tricks
It's settled! A new CSS display property keyword called grid-lanes will trigger a masonry layout mode.
css-tricks.com
December 22, 2025 at 8:52 AM
Masonry Layout is now grid-lanes css-tricks.com/masonry-layo...
Reposted by Thomas Broyer
🎁 What’s on your dev wishlist?
How about secure, production-ready base images… free and open source?!
Docker Hardened Images are now free for everyone, & backed by an Apache 2.0 license.
Read more: https://bit.ly/3MHZmIw
#DHI #OpenSource
How about secure, production-ready base images… free and open source?!
Docker Hardened Images are now free for everyone, & backed by an Apache 2.0 license.
Read more: https://bit.ly/3MHZmIw
#DHI #OpenSource
December 17, 2025 at 2:06 PM
🎁 What’s on your dev wishlist?
How about secure, production-ready base images… free and open source?!
Docker Hardened Images are now free for everyone, & backed by an Apache 2.0 license.
Read more: https://bit.ly/3MHZmIw
#DHI #OpenSource
How about secure, production-ready base images… free and open source?!
Docker Hardened Images are now free for everyone, & backed by an Apache 2.0 license.
Read more: https://bit.ly/3MHZmIw
#DHI #OpenSource
Reposted by Thomas Broyer
Reposted by Thomas Broyer
Neither is herpes, but I’ll keep doing my work without either.
AI is not going to go away
December 21, 2025 at 2:22 PM
Neither is herpes, but I’ll keep doing my work without either.
Reposted by Thomas Broyer
No text duplication. A single image used. All with clever #CSS and #SVG #filter magic! 🪄✨
Uses `text-orientation: upright` for vertical text. Matrix filter extracts just the red areas of the image. These get intersected/ subtracted from the text.
Live on @codepen.io: codepen.io/thebabydino/...
Uses `text-orientation: upright` for vertical text. Matrix filter extracts just the red areas of the image. These get intersected/ subtracted from the text.
Live on @codepen.io: codepen.io/thebabydino/...
December 20, 2025 at 2:23 PM
No text duplication. A single image used. All with clever #CSS and #SVG #filter magic! 🪄✨
Uses `text-orientation: upright` for vertical text. Matrix filter extracts just the red areas of the image. These get intersected/ subtracted from the text.
Live on @codepen.io: codepen.io/thebabydino/...
Uses `text-orientation: upright` for vertical text. Matrix filter extracts just the red areas of the image. These get intersected/ subtracted from the text.
Live on @codepen.io: codepen.io/thebabydino/...
Reposted by Thomas Broyer
Je vous parlais récemment des bots IA qui scrappent comme des 🐷
Je vous ai fait une configuration complète pour HAProxy pour faire du throttling et calmer leurs ardeurs avec une 429 (notamment Anthropic), à adapter pour vos besoins.
gist.github.com/ponceto/ef81...
Je vous ai fait une configuration complète pour HAProxy pour faire du throttling et calmer leurs ardeurs avec une 429 (notamment Anthropic), à adapter pour vos besoins.
gist.github.com/ponceto/ef81...
HAProxy full configuration with throttling for IA bots
HAProxy full configuration with throttling for IA bots - haproxy.cfg
gist.github.com
December 19, 2025 at 4:38 PM
Je vous parlais récemment des bots IA qui scrappent comme des 🐷
Je vous ai fait une configuration complète pour HAProxy pour faire du throttling et calmer leurs ardeurs avec une 429 (notamment Anthropic), à adapter pour vos besoins.
gist.github.com/ponceto/ef81...
Je vous ai fait une configuration complète pour HAProxy pour faire du throttling et calmer leurs ardeurs avec une 429 (notamment Anthropic), à adapter pour vos besoins.
gist.github.com/ponceto/ef81...
Reposted by Thomas Broyer
Not-really-hot take:
Thinking `<button role="link">` is ever acceptable in place of `<a href>` is dogmatic transubstantiation belief nonsense.
Does not…
• fire on Space;
• show URL in status bar;
• have right-click options;
• etc.
It is never meat. Er, I mean, a link.
Thinking `<button role="link">` is ever acceptable in place of `<a href>` is dogmatic transubstantiation belief nonsense.
Does not…
• fire on Space;
• show URL in status bar;
• have right-click options;
• etc.
It is never meat. Er, I mean, a link.
December 19, 2025 at 9:41 PM
Not-really-hot take:
Thinking `<button role="link">` is ever acceptable in place of `<a href>` is dogmatic transubstantiation belief nonsense.
Does not…
• fire on Space;
• show URL in status bar;
• have right-click options;
• etc.
It is never meat. Er, I mean, a link.
Thinking `<button role="link">` is ever acceptable in place of `<a href>` is dogmatic transubstantiation belief nonsense.
Does not…
• fire on Space;
• show URL in status bar;
• have right-click options;
• etc.
It is never meat. Er, I mean, a link.
Reposted by Thomas Broyer
Have you been wishing masonry layouts would just hurry up and arrive in CSS?? Well, happy holidays!
webkit.org/blog/17660/i...
webkit.org/blog/17660/i...
Introducing CSS Grid Lanes
It’s here!
webkit.org
December 19, 2025 at 9:33 PM
Have you been wishing masonry layouts would just hurry up and arrive in CSS?? Well, happy holidays!
webkit.org/blog/17660/i...
webkit.org/blog/17660/i...
Reposted by Thomas Broyer
Reposted by Thomas Broyer
we released the new @e18e.dev ESLint plugin today! 🎉
this comes with 3 categories of rules: modernisation, performance, replacements
it also works with oxlint and most of the rules have auto-fixes 🛠️
try it out and let us know any feedback/rule suggestions in discord/bsky/github!
this comes with 3 categories of rules: modernisation, performance, replacements
it also works with oxlint and most of the rules have auto-fixes 🛠️
try it out and let us know any feedback/rule suggestions in discord/bsky/github!
GitHub - e18e/eslint-plugin: The official e18e ESLint plugin for code modernization and performance best practices
The official e18e ESLint plugin for code modernization and performance best practices - e18e/eslint-plugin
github.com
December 19, 2025 at 7:44 PM
we released the new @e18e.dev ESLint plugin today! 🎉
this comes with 3 categories of rules: modernisation, performance, replacements
it also works with oxlint and most of the rules have auto-fixes 🛠️
try it out and let us know any feedback/rule suggestions in discord/bsky/github!
this comes with 3 categories of rules: modernisation, performance, replacements
it also works with oxlint and most of the rules have auto-fixes 🛠️
try it out and let us know any feedback/rule suggestions in discord/bsky/github!
Reposted by Thomas Broyer
Well this is good news for #a11y
Germany rejects Accessibility overlays for EAA compliance and says regulators won’t audit any website that uses an accessibility widget
chrisyoong.com/blog/germany...
Germany rejects Accessibility overlays for EAA compliance and says regulators won’t audit any website that uses an accessibility widget
chrisyoong.com/blog/germany...
Germany rejects Accessibility overlays for EAA compliance
Regulators won’t audit any website that uses an accessibility widget
chrisyoong.com
December 17, 2025 at 4:19 PM
Well this is good news for #a11y
Germany rejects Accessibility overlays for EAA compliance and says regulators won’t audit any website that uses an accessibility widget
chrisyoong.com/blog/germany...
Germany rejects Accessibility overlays for EAA compliance and says regulators won’t audit any website that uses an accessibility widget
chrisyoong.com/blog/germany...