Lightnews — Scholar-powered news

Stijn Willems @doozmen.bsky.social · 4h

Just discovered Universal Control by accident. My MacBook's trackpad suddenly controlled my Mac Studio - no cables. Turns out Apple built this years ago. One keyboard, two Macs, cursor flows between screens. Works perfectly once you get it.

Stijn Willems @doozmen.bsky.social · 8h

Of course, this means it only works for tree-structured operations—if work escapes the tree, I fall back to safer global patterns (like actors or explicit context passing)

1 2

Stijn Willems @doozmen.bsky.social · 8h

I now use TaskLocal wherever possible for shared state in async workflows, since it keeps context neatly scoped to the structured concurrency tree and avoids many post-suspension surprises.

1 2

Stijn Willems @doozmen.bsky.social · 1d

ServerSide Swift 2025 showed: Vapor, Hummingbird, Swift NIO, type-safe APIs, AWS integration, sub-200ms Lambda cold starts. The ecosystem is ready.

Now build MCP servers, not AI search clones.

serversideswift.info #swiftlang #srrversideswift2025

Home | ServerSide.swift Conference

ServerSide.swift - the conference for server-side Swift developers

serversideswift.info

2

Stijn Willems @doozmen.bsky.social · 1d

The opportunity: companies need MCP servers that connect their internal systems—CRM, calendars, accounting, knowledge bases. Not public search. Private context engineering.

Server-side Swift is production-ready for this.

1

Stijn Willems @doozmen.bsky.social · 1d

Building MCP servers means handling private data, real-time integration, type-safe protocols. Swift gives you: memory safety, async/await, C++ interop for existing systems, shared code with iOS, Android and Wasm clients.

#swiftlang

1

Stijn Willems @doozmen.bsky.social · 1d

MCP isn't "connect AI to more sources." It's AI becoming contextually aware of YOUR ecosystem. Your calendar + email + docs + code. The value is synthesis, not retrieval.

This is where server-side Swift matters. #swiftlang #serversideSwiff2025

1

Stijn Willems @doozmen.bsky.social · 1d

The AI bubble: everyone building "better search" because that's the frame people understand.

The actual shift: AI as context engineering—understanding YOUR data, YOUR work, creating value from what you already have.

That's not search. That's different.

1

Reposted by Stijn Willems

ServerSide.swift @serversideswift.info · 2d

An Introduction to Valkey-Swift by Adam Fowler

youtu.be/RNVMM1p7jgU

Introduction to Valkey-Swift - Adam Fowler

🎥 Recorded at the ServerSide.swift conference in London in 2025. 🙌 Sponsored by Broken Hands: https://www.brokenhands.io 🐥 Twitter: https://twitter.com/swiftserverconf 🐘 Mastodon:…

youtu.be

4 6

Reposted by Stijn Willems

Hacker News 50 @betterhn50.e-work.xyz · 2d

Apps SDK https://developers.openai.com/apps-sdk/ (https://news.ycombinator.com/item?id=45494558)

Apps SDK

Learn how to use Apps SDK by OpenAI. Our framework to build apps for ChatGPT.

developers.openai.com

1

Reposted by Stijn Willems

Swift Language @swift.org · 2d

New tooling for profiling performance-critical services with Swift -- introducing the Swift Profile Recorder. More here: www.swift.org/blog/swift-p...

16 58

Stijn Willems @doozmen.bsky.social · 3d

Consider swift with c++ interop. Like ladybird browser did. Very interesting post about why here linuxiac.com/ladybird-bro...

Ladybird Browser Team Selects Swift as Preferred Language

Andreas Kling announces Swift as Ladybird's future language for better safety and ergonomics. Full transition awaits Swift 6.

linuxiac.com

Stijn Willems @doozmen.bsky.social · 4d

Sadly also the Belgium gov has shifted on this subject. www.techradar.com/computing/cy... I wonder what @jbaert.bsky.social thinks of this?

Chat Control: The list of countries opposing the law grows, but support remains strong

Germany, Belgium, Italy, Latvia, and Sweden shift their positions ahead of the October 14 meeting

www.techradar.com

1

Reposted by Stijn Willems

Jaleel Akbashev @jaleel.bsky.social · 4d

Just double checked temporal, looks interesting. „Pure“ workflows and activities like effect operations, they even have a SideEffect term in their docs. 🙃
Replaying workflows and blocking them indefinitely also looks nice, and it’s language agnostic. 🤔

1 1

Stijn Willems @doozmen.bsky.social · 5d

Do you have it on GitHub? I could try and help …

Reposted by Stijn Willems

TelemetryDeck App Analytics @telemetrydeck.com · 6d

Fall is a great season for another founder update. @meetlisa.bsky.social shares a few thoughts on #GermanUnityDay, has gathered some figures (transparency!!!), and reflects on participating (and skipping) business events.
telemetrydeck.com/blog/fall-update-2025/?source=bluesky

TelemetryDeck Fall Update 2025 | TelemetryDeck

Learn what's new with your favorite app analytics solution.

telemetrydeck.com

3 3

Reposted by Stijn Willems

Daniel Jay @breakth-esystem.bsky.social · 6d

Fantastic! @mikaelacaron.com just announced learnswift.space, a new blog about leaning swift 😍

3 9

Stijn Willems @doozmen.bsky.social · 5d

Validation flow: Parse CBOR attestation objects, verify Apple's certificate chain against root CA, validate nonce/challenge, extract and store public keys, implement assertion verification with counter checks, add request signing validation.

Stijn Willems @doozmen.bsky.social · 5d

Resources for implementation:
• Apple: developer.apple.com/documentation/devicecheck/validating-apps-that-connect-to-your-server
• WebAuthn spec: w3.org/TR/webauthn-2
• swift-server/swift-webauthn: github.com/swift-server/swift-webauthn

Validating apps that connect to your server | Apple Developer Documentation

Verify that connections to your server come from legitimate instances of your app.

developer.apple.com

1

Stijn Willems @doozmen.bsky.social · 5d

WebAuthn connection: App Attest uses similar patterns. CBOR parsing, COSE key formats (RFC 8812), certificate chain verification. The swift-server/swift-webauthn library shows how to handle these patterns in Swift.

1

Stijn Willems @doozmen.bsky.social · 5d

Cross-platform: Play Integrity API for Android serves the same purpose. Firebase App Check wraps both if you need unified validation. Your Swift backend can handle both attestation formats with different validation paths. Check official Android docs.

1

Stijn Willems @doozmen.bsky.social · 5d

Key libraries: swift-crypto for key handling, async-http-client for Apple API requests. Structure your routes: POST /device/validate gets token from client, validates with Apple, returns trust status. Keep it stateless where possible.

1

Stijn Willems @doozmen.bsky.social · 5d

Integration with Fluent/PostgreSQL: Store device states in your DB alongside the Apple bits. Query Apple's API only when needed—it's rate limited. Cache validation results. Use middleware to check device trust before expensive operations.

1

Stijn Willems @doozmen.bsky.social · 5d

The key never touches client code. Download from App Store Connect → Keys → Device Check. Keep the .p8 file on your server only. Reference it in your Swift backend config. Rotate keys periodically using Apple's key management.

1

Stijn Willems @doozmen.bsky.social · 5d

Architecture: Client app calls DCDevice.current.generateToken(), sends to your server. Server signs JWT with ES256 + your key, queries Apple's API with device token. You get/set 2 bits per device. Use for rate limiting, fraud detection. #swiftlang #serversideSwift2025

1