惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

B
Blog RSS Feed
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
G
GRAHAM CLULEY
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
Cybersecurity and Infrastructure Security Agency CISA
Simon Willison's Weblog
Simon Willison's Weblog
Latest news
Latest news
C
CERT Recently Published Vulnerability Notes
T
Threatpost
V
Vulnerabilities – Threatpost
AWS News Blog
AWS News Blog
Blog — PlanetScale
Blog — PlanetScale
C
Cisco Blogs
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
U
Unit 42
The Register - Security
The Register - Security
T
The Blog of Author Tim Ferriss
Stack Overflow Blog
Stack Overflow Blog
The Hacker News
The Hacker News
AI
AI
Project Zero
Project Zero
Scott Helme
Scott Helme
S
Securelist
Vercel News
Vercel News
GbyAI
GbyAI
S
Security @ Cisco Blogs
I
InfoQ
aimingoo的专栏
aimingoo的专栏
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
C
Check Point Blog
Forbes - Security
Forbes - Security
Google Online Security Blog
Google Online Security Blog
W
WeLiveSecurity
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
H
Heimdal Security Blog
G
Google Developers Blog
D
DataBreaches.Net
The Last Watchdog
The Last Watchdog
D
Docker
MyScale Blog
MyScale Blog
T
Tor Project blog
Cyberwarzone
Cyberwarzone
Recent Announcements
Recent Announcements
Microsoft Security Blog
Microsoft Security Blog
T
Tenable Blog
T
Threat Research - Cisco Blogs
Cisco Talos Blog
Cisco Talos Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
博客园 - 聂微东
月光博客
月光博客

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
Porting Libraries to Crystal with AI
kojix2 · 2026-05-02 · via DEV Community

This post was originally written in Japanese and translated into English by the author using ChatGPT. The original post is available here.

Introduction

AI coding tools have become much better, and I now write code by hand far less often than before. I use GitHub Copilot in VSCode through the OSS benefit program, and recently I have also been trying Claude Code and Codex.

Porting libraries to the Crystal language

Compared with other programming languages, Crystal does not have a very large library ecosystem.

However, many open source libraries have licenses that allow porting, and AI can provide a lot of help with porting work. Because of this, when a library is missing, it is becoming realistic to consider porting as an option.

In this article, I want to put into words and record what I actually do when porting libraries.

Choosing a reference library

The first step is to choose the library to use as a reference.

In Crystal, compared with C or Go, a higher level of abstraction is often expected. On the other hand, Crystal cannot use metaprogramming as freely as Ruby or Python.

In that sense, Crystal is a language somewhere in the middle, and it is not always possible to choose a single reference library. Sometimes it is necessary to look at multiple libraries and think about what would be best. In my case, I often look at active Rust and Go projects, while using Ruby and Python APIs as references. When the reference is written in Rust, binding to it may sometimes be better than porting it.

That kind of separation is the first step. If I decide that porting is the right approach, I move on. There may also be cases where porting and bindings are mixed.

Checking the license

The most important point is the license. I check whether the original library is under a license that allows porting, such as MIT, BSD, Apache-2.0, or another license whose conditions I can comply with. I try to make the new library inherit the license terms of the original.

I also clearly state where the original project came from. In my case, I add the reference repository as a whole using git submodule. This also fixes the version of the code that Coding Agents refer to. It helps avoid unnecessary misunderstandings and trouble.

When creating a final "tool", it may be reasonable to have multiple reference sources. But when creating a "library" by porting or binding, I think it is easier to maintain the project later if the main reference source is kept to one.

Making an overall plan with the web version of ChatGPT

First, I upload an archive of the source library, either a tarball or a zip file, to ChatGPT and ask for an overall policy for porting the whole library to Crystal. I upload an archive simply because there is a limit on the number of files that can be uploaded.

Why do I start with the web version of ChatGPT instead of a Coding Agent?

The reason is based on experience: I tend to get better results when I first discuss the whole thing with the web version. This is only a guess, but I think there are probably two reasons.

The first is the efficient use of internet search. Compared with local Coding Agents, the web version of ChatGPT is better at search. It can look through websites, technical blogs, and GitHub, and explore the policy from a wider point of view. When something is vague or unknown, it can search on its own and refine the plan.

The second reason is probably that the cloud environment has more efficient access to documentation. Compared with searching a codebase locally while spending tokens, searching code in the cloud seems to work better, at least in my experience.

Once the overall policy is produced, I ask additional questions about unclear points or my own requirements. At this stage, it may be useful to limit the amount of information by saying something like, "Please answer in three lines or less," so that ChatGPT's responses do not become too long or go off on a tangent.

When building a Crystal library as a binding to a static language such as C, C++, or Rust, it is important to discuss the boundary of the binding, the build system, and the infrastructure, and to make sure the understanding is aligned.

The desirable Crystal API design is often different from the language of the original library, such as Rust or Go. In such cases, I may also upload Ruby libraries as reference material and ask what kind of API would be desirable. However, Crystal is not Ruby, so simply making the API the same as Ruby is not necessarily the right answer. If I really want to make something good, I have to check it myself.

Once the architecture and design are agreed on, I ask ChatGPT to write it down as a self-contained and executable plan, usually in a file such as PLAN.md. I often have PLAN.md written in Japanese so that I can read it easily.

However, PLAN.md may contain rough notes, wrong assumptions, or unorganized working context. For that reason, I usually do not publish this file as-is. Instead, I try to preserve important design decisions and caveats in a form that can be read later, such as in the README, issues, or commit messages.

That said, if the tool is not just for myself and I want many people to use it, I may ask for PLAN.md to be written in English from the beginning.

Doing the porting work locally

Because I want to make use of Copilot's free quota, I use VSCode locally. Recently, however, CLI agents have also become more capable, and it is becoming possible to use editors of one's choice, such as Zed.

First, I initialize the project repository.

I decide the Crystal project name, create a skeleton with crystal init lib piyo, add the reference repository as a submodule, and place PLAN.md in the repository.

I still do not know whether PLAN.md should be made more like a TODO list.

I do not want to lose the work, so I create a new private repository on GitHub and prepare to push the project there. After that, I ask the Coding Agent to proceed with the project while looking at PLAN.md.

During the work cycle, I periodically run crystal tool format for formatting and crystal spec for tests.

In my case, I run the linter, ameba --no-color, by myself later, and then pass the result to the Agent and ask it to fix the issues in a batch.

I also periodically ask it to review the plan, update it, or delete parts that have been completed.

Coding agents make rapid progress at first, but at some point they often start taking very small steps, and the work stops moving forward.

In such cases, I stop the agent for a while and ask questions such as: "What is the current problem?", "Are there places that should be refactored before continuing?", "Is there anything unrealistic in the plan itself?", or "Is there anything you want me to do, such as setting up the environment?"

In some cases, I make a tarball of the current state, upload it to ChatGPT again, ask it to evaluate the whole situation from a broader perspective, and have it create PLAN2.md.

However, this kind of workflow is only possible because I am working alone and will eventually publish everything on GitHub. I do not think this is a possible workflow when multiple people are coding for work.

Writing tests with fixtures

Some reference libraries provide fixtures for tests. When the original repository is added as a submodule, those fixtures can also be referenced, so they can be used in the Crystal-side tests as well.

However, my honest impression is that aiming for parity is not easy, because of differences caused by floating point errors, random numbers, race conditions, and so on.

To absorb differences in random numbers, one possible method is to prepare a small piece of code in the original language that generates random numbers, save those generated numbers as a kind of fixture in JSON or another format, and use those values in Crystal tests. This method does not always work, but there are cases where it does.

Adding GitHub Actions

Once the project has taken some shape, I add several GitHub Actions workflows.

  • docs.yml for generating documentation
  • build.yml for building and releasing CLI tools
  • test.yml for tests
  • dependabot.yml, or Renovate, for updating GitHub Actions

I end up adding these almost every time. In my case, I have a toy project called lolcat.cr, and I often copy workflows from it and then modify them.

After adding them, I adjust things until the tests and builds pass, and then add badges to the README.

Keeping README.md simple

This depends on the purpose. In my case, most of the AI-ported libraries I create are for my own use. Compared with the time when I wrote libraries by hand, my feeling has changed a little: I do not really think that I want the library to become widely used. Maybe I instinctively want to avoid losing time to maintenance or spending more money on tokens.

If README.md is too decorated, it starts to look like it was made by AI. A project with a gorgeous README but no maintenance feels, to me, like the ruins of a theme park with no afterglow. It does not leave a good impression.

So I usually ask for README.md to be written in a "simple, plain, and purely practical" style.

Deciding the granularity of commits

As a general principle, in order to run a trustworthy project, it is desirable to avoid force push and leave a transparent commit log. This is especially true when developing together in an open source community. Through pull requests and reviews, you can interact with people around the world and come to know what kind of people they are. I think this is one of the pleasures of participating in an open source community.

However, best practices for Git workflows in solo personal development that depends heavily on AI have not yet been established. It is necessary to record why a certain piece of code was included, but I think it is better to lean on Git than to attach a separate memory system only for AI.

That said, Git is chronological. When reordering commits, even if the final state of the code is the same, force push becomes necessary. In the AI era, I feel that we may need a version control method based on semantics, one that can rebase without depending so strongly on chronological order.

For now, personally, I ask AI to write commit messages, and then I manually commit them myself.

I think this works as a minimal check to confirm that the human goal and the AI's work target are aligned. But there is also criticism that this is laundering or hiding AI-written code as if it had been written by a human, and I do not think it can be called a best practice.

Embarrassingly, I also use force push a lot.

Especially in the early stage of a private repository where I am progressing through a plan, I repeatedly use --amend and force push, effectively using Git as a kind of "overwrite save" without leaving much history.

Of course, this is mainly about private repositories before publication. The same thing should not be done on a shared public branch.

Conclusion

What I have written here reflects the situation as of April 2026.

I hope that when I reread this later, I will be able to think, "So that was what things were like at that time."

Coding Agents have made it possible to ask for explanations of algorithms and ideas that were previously difficult to understand, at any desired level of detail. They have also made it easy to quickly implement and try out ideas that come to mind. This really is revolutionary.

At the same time, I sometimes get too absorbed in AI coding, work for too many hours, and feel that it may harm my health. I think I need to be a little careful about that. Health comes first.

At the beginning, I wrote that this article was written by hand, not by AI.

Note added for the English version: This refers to the original Japanese version. This English translation was made with ChatGPT.

I wrote that on purpose because these days I often generate text with AI too, and I wanted to deliberately do something different this time.

That is all for this article.