惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Jina AI
Jina AI
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Troy Hunt's Blog
T
The Exploit Database - CXSecurity.com
Microsoft Security Blog
Microsoft Security Blog
V
Visual Studio Blog
F
Fortinet All Blogs
博客园_首页
P
Proofpoint News Feed
V
Vulnerabilities – Threatpost
The Cloudflare Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
H
Heimdal Security Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
A
About on SuperTechFans
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
AI
AI
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
S
Security Affairs
The Register - Security
The Register - Security
S
Security @ Cisco Blogs
Hugging Face - Blog
Hugging Face - Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 聂微东
Schneier on Security
Schneier on Security
WordPress大学
WordPress大学
Google DeepMind News
Google DeepMind News
GbyAI
GbyAI
T
Tailwind CSS Blog
Hacker News: Ask HN
Hacker News: Ask HN
W
WeLiveSecurity
D
Docker
L
LangChain Blog
B
Blog RSS Feed
The Last Watchdog
The Last Watchdog
Cloudbric
Cloudbric
TaoSecurity Blog
TaoSecurity Blog
N
Netflix TechBlog - Medium
酷 壳 – CoolShell
酷 壳 – CoolShell
I
InfoQ
The Hacker News
The Hacker News
AWS News Blog
AWS News Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
宝玉的分享
宝玉的分享
I
Intezer
云风的 BLOG
云风的 BLOG
V2EX - 技术
V2EX - 技术
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
Karpathy's "Autoresearch" Just Went Viral — Here's How Software Engineers Can Actually Use the Pattern at Work
Mohan Paramasivam · 2026-06-16 · via DEV Community

Forget neural networks for a second. The real idea inside this repo is a blueprint for letting AI agents run unattended overnight — and it maps onto problems you already have on your team.

If you've been anywhere near tech Twitter or LinkedIn this week, you've probably seen people losing their minds over a small GitHub repo called autoresearch, published by Andrej Karpathy — former Tesla AI director and OpenAI founding member.

The framing is dramatic: an AI agent that runs machine learning experiments on its own, overnight, while you sleep. Tweak the code, train for five minutes, check if it got better, keep it or throw it away, repeat. Wake up to a log of a hundred experiments and a model that's quietly improved itself.

If you're not an ML researcher, your instinct might be to scroll past. "Cool, but I don't train neural networks. How does this apply to me?"

Here's the thing — the neural network part is almost incidental. What Karpathy actually open-sourced is a pattern for structuring AI-agent work: a specific way of dividing responsibility between human and AI that happens to generalize to a huge range of engineering problems. Once you see the pattern, you start noticing places in your own job where it fits.


What's Actually in This Repo

The repo itself is intentionally tiny — and that's the point. There are really only three files that matter:

The evaluator (untouchable). A file containing the fixed constants, data preparation, and the scoring logic. The agent is never allowed to modify this. It's the ruler everything else gets measured against.

The implementation (the agent's playground). A single file containing the actual model, training loop, and hyperparameters. This is the only file the agent is allowed to change. Architecture, batch size, optimizer — all fair game.

The instructions (the human's only job). A plain Markdown file describing what the agent should try, what the constraints are, how to interpret results, and what to do when something breaks. Karpathy calls this "programming the research org in Markdown."

The loop itself is almost embarrassingly simple: the agent reads the instructions, forms a hypothesis, edits the implementation file, runs a fixed time-boxed experiment (exactly 5 minutes), checks a single number, and decides — keep the change or revert it with git. Then it does it again. Roughly 12 times an hour. Around 100 times overnight.

One detail that's easy to miss but matters a lot: the philosophy baked into the instructions explicitly favors deleting code while maintaining performance as a win, and treats tiny improvements that add complexity as not worth keeping. That's a value judgment a human encoded once — and the agent now applies it autonomously, every cycle, for as long as it runs.


The Pattern Behind the Pattern

Strip away the machine learning context, and what you're left with is this:

Evaluator (fixed, automatic, trustworthy) + Implementation (the thing being improved) + Direction (human-authored intent and constraints) = a loop an AI agent can run unattended, with a built-in safety mechanism — revert if it didn't help.

This is exactly the shape of a huge number of problems that already exist on software teams — we just don't usually frame them this way. Anywhere you have something that can be objectively measured, something that can be changed, and a clear sense of what "better" means, this pattern applies.

The biggest shift this represents isn't technical. It's about where your effort goes. In the old model, you spend your time editing the implementation — writing the code, tweaking the config, trying the next idea yourself. In this model, you spend your time writing and refining the instructions — the evaluator and the direction file. The agent burns through the implementation iterations. You define what "good" means and let volume do the work.

Karpathy's own phrase for this is "programming the programmer." You're not writing the training script anymore. You're writing the thing that writes it, over and over, faster than you ever could by hand.


6 Ways to Apply This Pattern in Your Actual Job

1. Performance Optimization Loops

If you've ever had a slow function, query, or API endpoint that "could probably be faster" but nobody has time to dig into — this is the cleanest possible fit.

The evaluator: A benchmark script that runs the function with realistic inputs and reports a number — latency, throughput, memory.

The implementation: The function or module itself.

The direction file might say:

Your goal is to reduce p95 latency of the batch processing function without changing its public interface or breaking any existing tests. Run the benchmark after every change. If latency improves and all tests pass, commit the change. If not, revert. Prefer simpler implementations — if two versions perform similarly, keep the one with less code. Stop after 15 attempts or once you've had 3 consecutive attempts with less than 1% improvement.

Set this running against a non-critical service, come back in an hour, and review the diff and the experiment log — not just the final code.


2. Hunting Down Flaky Tests

Every team has that one test that fails 1 in 20 runs and nobody has gotten around to fixing. This is a perfect "run it 50 times and see" problem.

The evaluator: Run the flaky test repeatedly (say, 30 times) and report the pass rate.

The implementation: The test file and the code it's testing.

The direction file might say:

This test fails intermittently. Form a hypothesis about why — race condition, timing assumption, shared state, or something else — make a targeted fix, then run the test suite 30 times. If the pass rate improves and no other tests regress, keep the change. If not, revert and try a different hypothesis. Log your reasoning for each attempt, including failed ones, so a human can review the investigation afterward.

Even if the agent doesn't fully fix it, the log of hypotheses it tried and ruled out is often more valuable than starting from scratch yourself.


3. Refactoring Under a Safety Net

"This module needs cleanup" is a sentence every engineer has said and almost nobody has time for. The autoresearch pattern turns your existing test suite into the evaluator.

The evaluator: Your existing test suite, which must stay green, plus a complexity metric such as lines of code or cyclomatic complexity.

The implementation: The module being refactored.

The direction file might say:

Reduce the complexity of this module while keeping all tests passing. Favor deleting code over adding it — a change that removes 20 lines and keeps tests green is more valuable than one that adds a new abstraction. After each change, run the full test suite. If anything breaks, revert immediately. Stop after 10 attempts or when you can no longer find a simplification that doesn't break a test.

This directly borrows Karpathy's "deletion is a win" philosophy — which most engineering teams say they hold but rarely enforce systematically.


4. Tuning Configuration Against a Cost or Latency Metric

Thread pool sizes, cache TTLs, retry and backoff settings, connection pool limits, batch sizes for background jobs — most teams set these once, based on a guess, and never revisit them.

The evaluator: A load-testing script that reports your target metric — cost per request, p99 latency, error rate — under a fixed, repeatable load.

The implementation: The configuration file.

The direction file might say:

Your goal is to minimize average cost per request without increasing p99 latency above 400ms or error rate above 0.1%. Change one configuration value at a time. Run the load test after each change. Keep changes that improve cost without violating the constraints; revert everything else. Try at least 20 configurations before stopping.

This is the closest analog to the original repo — fixed time budget, single metric, lots of small experiments, git-based keep or revert.


5. Prompt and Eval Iteration for AI Features

If your product has any AI-powered features — and increasingly, most products do — this is arguably the most natural application of the entire pattern, because it maps almost one-to-one.

The evaluator: A fixed evaluation set of inputs with known-good expected outputs, scored automatically through exact match, similarity score, or a rubric-based judge.

The implementation: Your prompt template, system instructions, or few-shot examples.

The direction file might say:

Your goal is to improve the accuracy score on the evaluation set without increasing average token usage by more than 10%. You may modify the prompt template, instructions, and examples — but not the evaluation set itself. Run the evaluation after every change. Keep improvements, revert regressions. Prefer shorter prompts when scores are equivalent.

This is literally the same three-file contract — the eval set as the untouchable evaluator, the prompt as the implementation, and your instructions as the direction file.


6. Build and CI Pipeline Optimization

Slow CI pipelines are a tax every team pays daily, and "someone should really look at why the build takes 18 minutes" is a perennial backlog item that never gets prioritized.

The evaluator: Total CI run time, reported automatically by your pipeline.

The implementation: Your CI configuration, caching strategy, and parallelization setup.

The direction file might say:

Your goal is to reduce total CI run time while keeping the pipeline green and not removing any test coverage. Try caching strategies, parallelization, and dependency optimization one change at a time. Run the full pipeline after each change. Keep improvements, revert if the pipeline fails or coverage drops. Try at least 10 distinct approaches.


The Guardrails That Make This Safe — and Where It Breaks Down

The original setup works because the scope is extremely tight: one file can be changed, one machine is affected, one metric decides success, and every change is either committed or instantly reverted with git. Nothing the agent does is irreversible, and nothing it does affects anything outside a sandboxed environment.

The moment you widen that scope, the calculus changes. So when you apply this pattern at work, keep these non-negotiables:

  • Always run on a branch, never on main. Git revert is your entire safety net.
  • Always run in an isolated environment. A local machine, a sandbox, or a disposable container — never shared infrastructure.
  • Make the evaluator genuinely untouchable. If the agent can edit the thing that scores its own work, the loop becomes meaningless.
  • Put a hard cap on attempts. "Run until diminishing returns" needs an explicit number attached.
  • Review the log, not just the final diff. The sequence of hypotheses tried — including the failed ones — is often the most useful artifact.

Used within these boundaries, this isn't reckless automation. It's closer to setting up a very thorough, very patient junior engineer with a clear rubric and walking away for a few hours.


How to Try This This Week

You don't need a GPU or a research budget to test this pattern. Pick the smallest, lowest-stakes version of one of the ideas above — something on a branch, in a sandbox, with a test suite or benchmark you already trust.

A good starting point: take a function with an existing unit test, write a short direction file describing the goal and constraints, point your coding agent at it, and ask it to run a handful of iterations — committing improvements and reverting regressions as it goes.

Then do the part that actually matters: read the log of what it tried. Not the final code — the reasoning trail. That's where you'll find out whether this pattern earns a permanent spot in your workflow.


Want to go straight to the source? The original repo is here: github.com/karpathy/autoresearch


Part of the **AI for Everyone* series — practical AI guides for engineers and professionals. Follow for more.*