Posted by colesantiago 12 hours ago
Both have been changing as people realize it's rarely the right tool for the job, and as LLMs also become more intelligent and better at suggesting other, better options depending on what is asked for (especially Claude Opus).
nextjs is also powerful due to AI. But the value is a robust interactive front-end, easily iterated, with maybe SSR backing, nothing specific to nextjs (it's routing semantics + React).
So much complexity has gone into SSR. I hate 5MB client runtime just to read text as much as anyone, but not if the tradeoff is isomorphic env with magic file first-line incantations.
Recent Claude models do well with it, especially after adding the official skill.
I have only recently started using it, so would love to hear about anyone else's experience.
I guess they should have put some of that marketing money into hiring someone to manage the security of their systems. It's pretty telling that they had to hire an "incident response provider" just to figure out what happened and clean up after the hack. If you treat security like something you don't have to worry about until after you've been hacked you're probably going to get hacked.
Plenty to criticize them for, but that's totally standard and not something to ding them for. Probably something their cyber insurance has in their contract.
Forensics is its own set of skills, different from appsec and general blue team duties. You really want to make sure no backdoors got left in.
This is why most open source landing pages used nextjs, and if most FOSS landing pages use it, then most LLM’s have been trained on it, which means LLM’s are more familiar with that framework and choose it
There must be a term for this kind of LLM driven adoption flywheel…
My impression is Next started becoming popular mostly as a reaction against create-react-app.
Everything runs fine locally until you try to deploy it, and bam you need 4g ram machine to run the thing.
So you host it on Vercel for free cause it's easy!
Then you want to check for more than 30 seconds of analytics, and it's pay time.
But the argument is if you’re using Vercel for production, you’re paying 5-10x what you’d pay for a VM, with 4gb.
So then what’s the rationale? You can’t be a hobbyist but also “it’s pay time” for production?
I’m still planning to move elsewhere though, the vendor lock-in is not worth it and I’d like to keep our infra in the EU.
That's for the free plan.
Limits are documented here:
https://developers.cloudflare.com/workers/platform/limits/#w...
Good work on workers though, maybe the next generation of sandstorm will be built on CloudFlare in a decade or so after all the bugs have been hammered out.
Knowing how to operate a basic server is perceived as hard and dangerous by many, especially the generation that didn’t have a chance to play with Linux for fun when growing up
I am always feeling like I'm doing something wrong running bare metal based on modern advice, but it's low latency, simple, and reliable.
Probably because I've been using linux since Slackware in the 90s so it's second nature. And now with the CLI-based coding tools, I have a co-sysadmin to help me keep things tidy and secure. It's great and I highly recommend more people try it.
They regularly try to get me to join an enterprise plan but no service cutoff threats yet.
They have a free tier plan for non-commercial usage and a very very good UX for just deploying your website.
Many companies start using Vercel for the convenience and, as they grow, they continue paying for it because migrating to a cheaper provider is inconvenient.
Meaning since 2015, you’ve got an 8.2% chance of having someone walk out with that box. Hopefully there’s nothing precious on it.
Thieves probably look for small stuff like jewelry, cash, laptops, not some big old server.
The chance of being burglarized is not the same as the chance that when you are hit, they decide to take your webserver. Think it through.