惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

大猫的无限游戏
大猫的无限游戏
博客园 - 【当耐特】
Cloudbric
Cloudbric
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Attack and Defense Labs
Attack and Defense Labs
爱范儿
爱范儿
The Cloudflare Blog
腾讯CDC
Security Archives - TechRepublic
Security Archives - TechRepublic
TaoSecurity Blog
TaoSecurity Blog
云风的 BLOG
云风的 BLOG
Recent Announcements
Recent Announcements
C
Check Point Blog
Schneier on Security
Schneier on Security
S
Schneier on Security
J
Java Code Geeks
B
Blog RSS Feed
Cisco Talos Blog
Cisco Talos Blog
Vercel News
Vercel News
Stack Overflow Blog
Stack Overflow Blog
博客园_首页
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
A
About on SuperTechFans
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Google DeepMind News
Google DeepMind News
阮一峰的网络日志
阮一峰的网络日志
罗磊的独立博客
A
Arctic Wolf
S
Secure Thoughts
P
Palo Alto Networks Blog
The Last Watchdog
The Last Watchdog
SecWiki News
SecWiki News
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
博客园 - 三生石上(FineUI控件)
D
Darknet – Hacking Tools, Hacker News & Cyber Security
量子位
U
Unit 42
I
InfoQ
D
DataBreaches.Net
P
Privacy International News Feed
T
Troy Hunt's Blog
博客园 - 叶小钗
T
Threatpost
博客园 - Franky
K
Kaspersky official blog
Hugging Face - Blog
Hugging Face - Blog
IT之家
IT之家
www.infosecurity-magazine.com
www.infosecurity-magazine.com
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
C
Cisco Blogs

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
Anvil
Anthony Humphreys · 2026-06-20 · via DEV Community

Cross post

Building Anvil

Anvil did not start as a 'stack'. It still isn't, really, it is three independent projects that have a bunch in common and compliment each other quite nicely, so I decided to bundle them in a monorepo. This also makes it easier to keep the shared pieces in sync, and to make sure the projects are actually useful together.

The Anvil app started as a custom agentic coding harness inspired by T3Code: a practical way to run agents
inside real projects without pretending a chat window was the whole development environment. I wanted something that
could understand a repository, stay attached to a work item, preserve context across a delivery
loop, and help me move from intent to implementation without scattering the important details
across terminals, tabs, issue trackers, and whatever note I had optimistically named
plan-final-2.md.

That first version was deliberately narrow. It was built around the job I needed it to do: help
agents work inside software projects with enough grounding to be useful and enough structure to be
reviewable.

Over time, that narrow tool started pulling in more of the surrounding workflow. Not scope creep for the fun of it,
but because the lines between what counts as workflow, productivity and context all blurred into one, so having one place
where the work is planned, defined, implemented, checked, and reviewed became more useful than a tool that only ran agents.
I also really liked seeing the development of Claude's code review and codex similar features too. Only...they felt a bit lacking?
And in Claude's case, extremely expensive. So I built things like the code review feature which runs customisable rubrics against the codebase,
a PR or a commit, and has a pleasant UI to either post the feedback to the PR or action it.

Code does not happen in isolation. It sits inside tickets, docs, branches, pull requests, design
notes, deployment constraints, production incidents, and the tiny archaeological record of decisions
that live in a repo. If an agent only sees the current prompt, it is under-informed. If a developer
has to manually reconstruct context every time, the tool is not carrying enough weight.

From harness to ADE

The name I keep coming back to is an ADE: an agentic development environment.

That sounds a bit grand, so the useful definition is simpler: Anvil is becoming the place where the
work item, repository, agent session, and development context sit together.

The original harness was about running agents. The ADE shape is about supporting the whole path from
problem to reviewed change:

  • understand the work item
  • inspect the relevant repository state
  • plan the change against real constraints
  • make the implementation
  • run checks
  • review the diff
  • capture the reasoning
  • connect the output back to the work item system

That loop is useful for developers, obviously. But the target is wider than developers.

A product person should be able to understand what changed and why. A tester should be able to see
the acceptance criteria, the affected area, and the risks worth checking. A technical lead should be
able to review the work without piecing the story together from five separate systems. A support
person should be able to connect a customer issue to the code path that actually changed.

The point is not to make everyone write code. The point is to make the development context less
fragmented.

Repository awareness is the grounding layer

The most important Anvil idea is still repo awareness.

Agentic coding gets much better when the agent can read the project before making claims about it.
That sounds obvious, but a lot of AI tooling still behaves as if a confident answer is roughly
equivalent to an inspected codebase. It is not. Confidence without repo context is just a well-lit
guess.

Anvil treats the repository as the grounding layer. The agent should know the file tree, current
diff, conventions, scripts, tests, docs, and local project rules. It should understand whether a
change belongs in an existing module or whether the new abstraction it is about to invent is solving
a real problem.

That grounding matters because the work item alone is not enough. Tickets are useful, but they are
usually compressed versions of reality. The repo contains the real constraints: the old migration,
the wrapper nobody wants to touch, the half-finished test helper, the auth boundary that has to
remain a real boundary.

Anvil works best when the work item and repository context are held together. The ticket says what
the change is for. The repo says how it can actually fit.

The workspace idea

The workspace concept borrows heavily from VS Code.

That is intentional. VS Code got something very right: a workspace is not just a folder. It is the
local operating context for a piece of work. Files, settings, extensions, terminals, tasks, source
control, and developer habits all gather around that boundary.

Anvil uses a similar idea, but aims it at development context rather than only editing context. A
workspace can hold the repo, linked work items, agent sessions, notes, checks, and eventually more
of the surrounding SDLC state.

That matters because software teams rarely work on "a repo" in the abstract. They work on a
workspace shaped by the current project, product area, branch, issue, environment, and release
target. If Anvil can preserve that shape, agents can do more than answer prompts. They can work
inside the same frame as the people around them.

Then came Anvil Registry

Anvil Registry came from a different but related concern: supply-chain security.

npm install is a lot of trust hidden behind a short command. It can run lifecycle scripts. It can
pull hundreds of packages into a project before anyone has looked at what changed. It can turn a
typo, a compromised maintainer account, a package-confusion mistake, or a suspicious new release
into executable code on a developer machine or CI runner.

That problem exists with or without agents. Most teams already rely on a huge amount of third-party
code, and the install path is one of the places where trust becomes execution very quickly. Anvil
Registry started as a set of countermeasures for that problem: put a deliberate control point in
front of dependency installs, make package decisions inspectable, and avoid treating upstream
registry traffic as harmless just because it is normal.

Anvil Registry puts a controlled gateway between package managers and upstream registries. The
gateway speaks the npm registry shape that existing tools already understand, then applies policy
before tarballs are handed over. In practical terms, it is trying to solve a few connected problems:

  • make install traffic inspectable instead of invisible
  • cache package metadata and tarballs so decisions are tied to the artefact that was actually seen
  • apply deterministic policy before code reaches the project
  • queue deeper analysis outside the hot install path
  • give humans explainable decisions, reports, and override controls
  • provide a safer local path for unknown repositories through the Node Base devcontainer image

The architecture is deliberately boring in the places where boring is a virtue. Package managers
ask Registry for metadata and tarballs. Registry checks policy and package identity, proxies and
caches upstream artefacts, records decisions, and hands work to an analysis worker. The worker can
inspect manifests, package contents, provenance signals, file trees, lifecycle script usage, and
other risk indicators. The CLI and admin surfaces then give people a way to explain a decision,
scan packages, warm caches, review reports, and manage overrides.

The important line is authority. AI-assisted review can help summarize suspicious patterns or point
at things worth checking, but it does not get to be the enforcement layer. Deterministic policy owns
the gate. Humans own the judgement.

That makes Registry useful on its own, even if there is no agent anywhere near the repo. It gives
developers and teams a more inspectable install path, a place to encode policy, and a way to review
exceptions without pretending every dependency decision can live in someone's head.

That project pushed Anvil beyond "how do agents edit code?" into "what infrastructure does agentic
development need around it?"

The agentic angle is a bonus, but it is a real one. Agents can move quickly through unfamiliar
repositories, which means dependency changes can become part of a larger automated edit loop. In
that world, having a checkpoint in front of install traffic matters even more. "The model probably
noticed" is not a security boundary.

It was also the first time I built a substantial project using Codex /goal. That became its
own post because the process mattered: write the spec first, let Codex work against a concrete
target, keep running checks, and keep the human decision-making where it belongs. I wrote more about
that build in Building Anvil Registry With Codex.

Registry is part of the same larger bet as Anvil Desktop: better delivery requires better context.
Sometimes that context is a work item and a diff. Sometimes it is package identity, provenance,
tarball contents, and install policy.

Now Anvil Cloud

Anvil Cloud is the piece I was slowest to describe properly, because it sounds like a hosted-agent
story if you say it too quickly.

It is not that.

The motivation is more specific: agents work best when the world they are editing is small,
explicit, and inspectable. Cloud infrastructure is usually the opposite. A useful app quickly runs
into auth, data, files, jobs, logs, queues, environment variables, deploy state, gateways, IAM, and
provider-specific defaults. Those are awkward enough for humans. They are a very sharp surface for
generated code.

There are a few interesting projects circling this problem from different directions. SST
makes full-stack infrastructure much more approachable by defining app resources in code and keeping
those resources linked to the application. Lakebed pushes toward an
agent-native shape: small TypeScript apps with a CLI/runtime that an agent can create, inspect, and
deploy without wandering through a cloud console.

I found SST to be amazing, but agents constantly trip over nuance as soon as you get to any sort of level of
complexity. Lakebed is a very interesting approach, and I really love the pitch of 'a shitty cloud for shitty apps'.
But I wanted something that could be used for production apps, not just a playground. I wanted a shape that could be used
for real work, but still small enough to be inspectable, testable, and reviewable before it becomes real infrastructure.

Anvil Cloud is my version of that problem space, built around the Cell contract rather than
raw infrastructure.

An Anvil Cell is a small TypeScript app unit. It can contain server handlers, client UI, schema,
endpoints, jobs, workflows, services, mounted agents, and declared capabilities. The important bit is
the boundary: Cell code should use Anvil runtime primitives like ctx.db, ctx.files, ctx.env,
ctx.log, jobs, and workflows. It should not import AWS SDKs, SST, CDK, Terraform, Pulumi, or raw
provider resources just to build a small app.

The platform pieces exist to make that boundary useful:

  • Runtime runs the same request contract locally, in tests, and behind deployment adapters.
  • Builder emits the server bundle, client bundle, manifest, generated client metadata, and build output.
  • Guard checks imports, direct environment access, outbound fetches, and undeclared capabilities before the app turns into provider work.
  • Lens and the CLI expose manifests, logs, auth state, database state, workflows, services, and diagnostics in forms humans and agents can inspect.
  • Deployment adapters map the Cell's capabilities to provider resources. AWS is the first adapter, but AWS is not the app contract.

Cloud's job is not to "run an agent somewhere". It is to give agents and developers a smaller
application model that can become real infrastructure without making the app author hand-roll the
provider machinery.

Cloud is early alpha. The local runtime, builder, Lens, CLI, auth, workflow, service, agent, and AWS
preview work are moving together, but the important thing is the contract. If a Cell can
be built, checked, inspected, and planned before it touches a provider, the system has a fighting
chance of being useful without becoming a very confident infrastructure accident. This feels like a solved
problem with terraform and SST, but those tools are not designed for agentic development. How many times have
you deployed using terraform only to later find your lambda is missing a permission that is only needed at runtime?
Or your SST app is failing because the agent generated a resource that is not actually supported by the provider?

Where this is going

The direction is clear enough now.

Anvil started as an agentic coding harness because that was the immediate problem. It is becoming an
ADE because the real problem is broader: development with agents needs clear boundaries around the
work, the code, the dependencies, and the runtime.

Anvil Registry added a boundary around dependency ingress.

Anvil Cloud adds a boundary around the apps agents and developers build: the Cell contract, the
runtime, the manifest, the checks, the inspection surface, and the adapter path to real providers.

Together, they point at a more complete environment for building software with agents involved, but
not with judgement outsourced to them. Developers should get deeper repo-aware assistance. Product,
QA, support, and technical leadership should get clearer context. Teams should get a delivery loop
with fewer mystery steps and more things you can inspect before they matter.

The aim is to keep the useful parts of agentic development grounded: tied to the repo, checked
against the work, explicit about risk, and boring enough to review before it reaches production.