<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Thomas Hansen</title>
    <description>The latest articles on DEV Community by Thomas Hansen (@polterguy).</description>
    <link>https://dev.to/polterguy</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F829923%2F04782b3f-244f-42af-a2bb-cd3277828def.png</url>
      <title>DEV Community: Thomas Hansen</title>
      <link>https://dev.to/polterguy</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/polterguy"/>
    <language>en</language>
    <item>
      <title>Your 20-Year-Old SQL Server Database is a Better AI Agent Than Anything OpenAI Sells You</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Sat, 18 Jul 2026 08:25:37 +0000</pubDate>
      <link>https://dev.to/polterguy/your-20-year-old-sql-server-database-is-a-better-ai-agent-than-anything-openai-sells-you-574i</link>
      <guid>https://dev.to/polterguy/your-20-year-old-sql-server-database-is-a-better-ai-agent-than-anything-openai-sells-you-574i</guid>
      <description>&lt;p&gt;Your ERP runs on SQL Server. Your line-of-business app runs on MySQL. Your data is clean, your uptime is measured in years, and your DBA could restore the whole thing blindfolded. And every AI vendor on earth is telling you the first step towards &lt;em&gt;"AI transformation"&lt;/em&gt; is migrating away from all of it.&lt;/p&gt;

&lt;p&gt;That's not a technical requirement. That's a sales tactic.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;They don't want your database in the AI conversation, because your database doesn't pay them rent&lt;/p&gt;
&lt;/blockquote&gt;

&lt;h2&gt;
  
  
  The Migration Industrial Complex
&lt;/h2&gt;

&lt;p&gt;Watch any AI agent demo from the last two years. It runs on fresh Postgres, in somebody else's cloud, on a schema that was created 45 seconds before the recording started. Nobody demos on the SQL Server 2008 instance that's been running your order flow since before the iPhone existed - because their tooling &lt;em&gt;can't&lt;/em&gt;, and admitting that would ruin the pitch.&lt;/p&gt;

&lt;p&gt;So instead they've built an entire industry around convincing you that your database is the problem. The consultants call it &lt;em&gt;"data modernization"&lt;/em&gt;. The SaaS vendors call it &lt;em&gt;"onboarding"&lt;/em&gt;, which is a cute word for &lt;em&gt;"upload your customer records to our servers and pray"&lt;/em&gt;. The system integrators call it a &lt;em&gt;"6 to 18 month transformation project"&lt;/em&gt;, and they invoice accordingly.&lt;/p&gt;

&lt;p&gt;A typical migration project for a real production database runs anywhere from &lt;strong&gt;$250,000 to $1.2 million&lt;/strong&gt;, takes 9 to 18 months, and carries genuine risk of breaking the business it was supposed to &lt;em&gt;"transform"&lt;/em&gt;. And here's the punchline: at the end of it, you still don't have an AI agent. You have the same data in a different database, and a fresh invoice.&lt;/p&gt;

&lt;p&gt;Meanwhile, the actual thing you wanted - an AI agent that can answer questions about your customers, your orders, and your tickets - never required moving anything at all.&lt;/p&gt;

&lt;h2&gt;
  
  
  Prompts are not permissions
&lt;/h2&gt;

&lt;p&gt;Now, the other camp will tell you migration is unnecessary because you can &lt;em&gt;"just let the LLM write SQL against production"&lt;/em&gt;. These people are even more dangerous than the consultants, because at least the consultants only steal your money.&lt;/p&gt;

&lt;p&gt;Handing a language model a raw database connection and a system prompt saying &lt;em&gt;"please only read, don't drop anything"&lt;/em&gt; is not security. It's a horoscope. Prompts are suggestions. The model can be confused, jailbroken, or simply wrong - and your production database will happily execute whatever it produces, because your production database was never asked for its opinion.&lt;/p&gt;

&lt;p&gt;The correct answer is the one your database has been screaming at you since the 90s.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;RBAC, not prompts. Permissions, not vibes.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;With &lt;a href="https://ainiro.io/magic-cloud" rel="noopener noreferrer"&gt;Magic Cloud&lt;/a&gt;, the architecture is boring on purpose. You create a scoped database user - ordinary DBA hygiene, enforced by SQL Server or MySQL itself. Magic connects as one more client, reads your schema, and generates secured CRUD endpoints for exactly the tables you select, each one wired with authentication and role-based access control. Its native MCP server then exposes those endpoints as tools to Claude, or any MCP-capable agent.&lt;/p&gt;

&lt;p&gt;The agent never sees a connection string. It never writes SQL. It gets a toolbox, filtered by the roles it authenticated with, and an endpoint outside its roles doesn't refuse politely - it &lt;em&gt;does not execute&lt;/em&gt;. Underneath even that sits the scoped database user, enforced by the one component in your stack you already trust completely.&lt;/p&gt;

&lt;p&gt;Three layers of enforcement, zero layers of prompt engineering. If you want the full step-by-step - scoped user, connection, CRUD generation, MCP - I wrote a &lt;a href="https://hyperlambda.dev/blog/create-an-ai-agent-from-your-sql-server-or-mysql-database-step-by-step" rel="noopener noreferrer"&gt;detailed practical guide over at hyperlambda.dev&lt;/a&gt;. The whole path is an afternoon, and your database remains completely unchanged throughout.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Hyperlambda Generator, or why hallucinations bounce off
&lt;/h2&gt;

&lt;p&gt;Generated CRUD covers 80% of what an agent needs. For the rest - the weird reporting join, the custom workflow, the endpoint nobody predicted - you use the &lt;a href="https://ainiro.io/natural-language-api" rel="noopener noreferrer"&gt;Hyperlambda Generator&lt;/a&gt;. Describe the endpoint in plain English, and a fine-tuned LLM writes the Hyperlambda for you.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;"But LLMs hallucinate!"&lt;/em&gt; Yes, they do. Which is exactly why we didn't build this the way everybody else builds it.&lt;/p&gt;

&lt;p&gt;First, the model isn't guessing at some general-purpose language with a billion Stack Overflow answers of varying quality. Hyperlambda is a small, constrained runtime, and the generator was fine-tuned specifically for it. Smaller surface, radically fewer ways to be wrong.&lt;/p&gt;

&lt;p&gt;Second - and this is the part the &lt;em&gt;"agentic coding"&lt;/em&gt; crowd hasn't figured out yet - the platform is self-describing at runtime. Every capability the runtime has can be enumerated and queried as ground truth on the actual server the code will run on. The generator doesn't &lt;em&gt;recall&lt;/em&gt; what the platform can do from training data that might be stale; the platform &lt;em&gt;tells&lt;/em&gt; it. Hallucinated capabilities become structurally impossible to ship, because a capability that doesn't exist has nowhere to execute.&lt;/p&gt;

&lt;p&gt;Third, generated code runs inside the whitelisting system. The runtime maintains an explicit list of what code in a given context is allowed to touch, enforced at the interpreter level. So even in the worst case - a confused generation, a hostile prompt, whatever - the code physically cannot reach beyond its whitelist. It can't hand the &lt;code&gt;guest&lt;/code&gt; role your PII, because the interpreter refuses to execute the attempt.&lt;/p&gt;

&lt;p&gt;Compare that to a coding agent free-styling Python against your production connection string, and tell me again which database is &lt;em&gt;"legacy"&lt;/em&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  The numbers
&lt;/h2&gt;

&lt;p&gt;Let's put the two paths side by side, for the identical outcome - an AI agent operating on your existing business data:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The migration path:&lt;/strong&gt; $250K to $1.2M, 9 to 18 months, a rewritten integration landscape, retrained staff, and a risk profile that keeps your CTO awake. And the agent work hasn't even started yet.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The Magic path:&lt;/strong&gt; $0 to start. &lt;a href="https://github.com/polterguy/magic" rel="noopener noreferrer"&gt;Magic is open source&lt;/a&gt; - clone it, Docker it, run it forever, including fully on-premise behind the same firewall your auditors already approved. One container next to your database, one afternoon of work, and the data never leaves your network. No per-seat tax, no per-row upload pricing, no rent.&lt;/p&gt;

&lt;p&gt;That's not a 10% optimization. That's an entire budget line evaporating, plus a year of calendar time you get back.&lt;/p&gt;

&lt;h2&gt;
  
  
  The honest version
&lt;/h2&gt;

&lt;p&gt;I'm not going to pretend this makes every database problem disappear. If your schema is genuinely rotten, an AI agent on top of it will give you fast, well-secured answers derived from rotten data - garbage in, garbage out, now with better latency. And start read-only. A read-only agent over real business data is already massively useful, and it turns &lt;em&gt;"what if the agent writes something wrong"&lt;/em&gt; into a non-question for day one. Grant writes table by table, when you're ready, as deliberate decisions - the same way your DBA has granted everything else for twenty years.&lt;/p&gt;

&lt;p&gt;Which is really the whole point. The security model that protects your business from an over-eager AI agent isn't some new invention you need to learn. It's the one sitting in your database already, ignored by every vendor whose business model depends on you abandoning it.&lt;/p&gt;

&lt;p&gt;Your &lt;em&gt;"legacy"&lt;/em&gt; database isn't the thing holding your AI strategy back. It's the only part of your AI strategy that was finished before you started.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://ainiro.io/magic-cloud" rel="noopener noreferrer"&gt;Get started with Magic Cloud&lt;/a&gt;, or &lt;a href="https://ainiro.io/contact-us" rel="noopener noreferrer"&gt;talk to us&lt;/a&gt; if you'd rather we show you on your own stack.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>database</category>
      <category>sql</category>
      <category>opensource</category>
    </item>
    <item>
      <title>Create an AI Agent From Your SQL Server or MySQL Database, Step by Step</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Fri, 17 Jul 2026 09:56:29 +0000</pubDate>
      <link>https://dev.to/polterguy/create-an-ai-agent-from-your-sql-server-or-mysql-database-step-by-step-239i</link>
      <guid>https://dev.to/polterguy/create-an-ai-agent-from-your-sql-server-or-mysql-database-step-by-step-239i</guid>
      <description>&lt;p&gt;&lt;strong&gt;Keep the database. Add the agent.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;If your data lives in SQL Server or MySQL, you have mostly been left out of the AI agent conversation. The demos run on fresh Postgres in someone's cloud. The tooling assumes a greenfield stack. And the databases that actually run your business — the ERP on SQL Server, the line-of-business MySQL nobody is allowed to touch — get treated as a problem to migrate away from rather than an asset to build on.&lt;/p&gt;

&lt;p&gt;This article is the practical counter to that. By the end of it, you will have a working AI agent that can read and operate on your existing SQL Server or MySQL database — through secured, generated endpoints, with the database itself completely unchanged.&lt;/p&gt;

&lt;p&gt;No migration. No schema changes. Nothing installed inside the database. The whole path is: scope a database user, connect Magic, generate endpoints, connect the agent over MCP. Each step takes minutes.&lt;/p&gt;

&lt;h2&gt;
  
  
  The architecture in one paragraph
&lt;/h2&gt;

&lt;p&gt;Magic connects to your existing database as one more client — the same way any application would. On top of that connection, its CRUD generator reads the schema and generates HTTP endpoints per table, each with authentication and role-based access control wired in. Magic's native MCP server then exposes those endpoints as tools, and any MCP-capable agent — Claude, Codex, Qoder — operates on your data through them. The agent never touches the database directly. Between it and your tables sit three enforced layers: the scoped database user, the runtime's role checks on every endpoint, and the whitelisting system underneath. All of it runs wherever you need it to — including fully on-premise, on the same network segment as the database.&lt;/p&gt;

&lt;p&gt;Now the steps.&lt;/p&gt;

&lt;h2&gt;
  
  
  Step 1. Create a scoped database user for Magic
&lt;/h2&gt;

&lt;p&gt;Do this first, not eventually. It is the layer everything else stands on, and it is enforced by the database engine itself — the one component in this whole stack you already trust completely.&lt;/p&gt;

&lt;p&gt;On SQL Server, create a login and a database user for Magic, and grant it exactly the access the agent layer should have. If the agent should only work with three tables, grant SELECT on three tables and nothing else. Add INSERT or UPDATE per table when you are ready for writes.&lt;/p&gt;

&lt;p&gt;On MySQL, same idea: create a dedicated user and GRANT it the specific privileges on the specific tables.&lt;/p&gt;

&lt;p&gt;One practical caveat before you lock this down completely: the endpoint generation in step three depends on reading the schema — tables, columns, types, and keys, the metadata your database exposes through its information schema views. A user scoped down to SELECT on three tables may not be able to see enough of that metadata for the generator to do its job. The pragmatic answer is a temporary, less restricted user with metadata read access, used only while generating the endpoints — then switch Magic's connection to the tightly scoped user for everything that runs afterwards. Generation is a one-time act you perform deliberately; the scoped user is what the agent lives with.&lt;/p&gt;

&lt;p&gt;This is ordinary DBA hygiene, and that is precisely the point. You are not learning a new security model to give an agent access to your data — you are using the one your database has had for decades. If Magic's credentials can only read three tables, nothing generated on top of them can do more than that, no matter how confused any layer above ever gets.&lt;/p&gt;

&lt;p&gt;Starting read-only is the conservative default, and I recommend it. A read-only agent over real business data is already genuinely useful — and it turns the scariest question in this whole exercise ("what if the agent writes something wrong?") into a non-question for day one.&lt;/p&gt;

&lt;h2&gt;
  
  
  Step 2. Connect the database to Magic
&lt;/h2&gt;

&lt;p&gt;Magic deploys as one Docker container for the backend and one for the dashboard. For an on-premise database, run them inside the same network perimeter — the connection never has to cross your firewall.&lt;/p&gt;

&lt;p&gt;Add your database as a connection in Magic, using the credentials from step one. Magic speaks to SQL Server and MySQL through the standard .NET data providers, so the connection string is the same shape your existing applications already use.&lt;/p&gt;

&lt;p&gt;That is the entire integration. Magic is now a client of your database — nothing more. Your existing applications, integrations, and reports continue exactly as before, because nothing about the database changed.&lt;/p&gt;

&lt;h2&gt;
  
  
  Step 3. Generate CRUD endpoints for the tables that matter
&lt;/h2&gt;

&lt;p&gt;Point Magic's CRUD generator at the connected database and it reads the schema — tables, columns, types, keys — and generates Hyperlambda HTTP endpoints for the tables you select: read, create, update, delete, and count, each as its own endpoint, each with authentication and role-based access control already in place.&lt;/p&gt;

&lt;p&gt;Two decisions are worth actual thought here, and they are both decisions a DBA is well equipped to make.&lt;/p&gt;

&lt;p&gt;Which tables become capabilities. Not the whole schema. The agent needs the tables that answer real questions and support real workflows — customers, orders, tickets. Internal bookkeeping tables can stay unexposed.&lt;/p&gt;

&lt;p&gt;Which operations each table gets. If you scoped the database user read-only in step one, generate read and count endpoints and the two layers agree with each other. When you later grant writes at the database level, generate the matching endpoints then.&lt;/p&gt;

&lt;p&gt;If your database carries queries that do not fit CRUD — the reporting join across six tables, the aggregate someone runs every Monday — wrap them with the SQL endpoint generator: you write the SQL, define its arguments, and it becomes one more secured endpoint. Legacy databases have earned their weird queries; this is how they become tools instead of tribal knowledge.&lt;/p&gt;

&lt;p&gt;Then test the endpoints the ordinary way, over HTTP, before any AI enters the picture. List records. Fetch one. If something about the exposure feels wrong — a field that should not be visible, a table that should not be writable — this is where the correction costs nothing.&lt;/p&gt;

&lt;h2&gt;
  
  
  Step 4. Connect your agent over MCP
&lt;/h2&gt;

&lt;p&gt;Magic includes a native MCP server. Connect Claude — or any MCP-capable agent — to it, authenticating as a Magic user with specific roles.&lt;/p&gt;

&lt;p&gt;This step is where the earlier decisions pay off. The agent does not receive a database connection, and it does not receive a SQL surface. It receives tools: the endpoints you generated, filtered by the roles of the user it authenticated as. An endpoint outside its roles does not execute. Not "is instructed not to" — does not.&lt;/p&gt;

&lt;p&gt;That distinction is the difference between this architecture and the "just let the model write SQL against production" demos. Prompts are not permissions. A runtime that refuses to execute is a permission. I have written about this at length in &lt;a href="https://hyperlambda.dev/blog/why-secure-ai-code-execution-requires-runtime-whitelisting-not-prompt-filtering" rel="noopener noreferrer"&gt;the runtime whitelisting article&lt;/a&gt;, so here I will just note what it means practically: the worst a confused agent produces on this stack is a failed call, and underneath even that failure sits the scoped database user from step one, enforced by SQL Server or MySQL itself.&lt;/p&gt;

&lt;h2&gt;
  
  
  Step 5. Give it real work
&lt;/h2&gt;

&lt;p&gt;The agent is now connected to your actual business data, so test it with actual business tasks — not trivia.&lt;/p&gt;

&lt;p&gt;Ask it to look up a customer and summarise their order history. Ask which tickets are open past their deadline. Ask it to cross-reference two tables the way a colleague would ask a DBA. If you exposed writes, have it create a record, then verify the row in the database yourself.&lt;/p&gt;

&lt;p&gt;Two things tend to happen in this phase. First, the agent is more useful than expected, because it is grounded in real data rather than improvising. Second, you immediately get ideas for the two or three custom SQL endpoints that would make it dramatically better — which is exactly the right feedback loop. Add them, and the agent's toolbox grows without its permissions growing.&lt;/p&gt;

&lt;h2&gt;
  
  
  What you have at the end
&lt;/h2&gt;

&lt;p&gt;A twenty-year-old database, unchanged, now has: a secured HTTP API over the tables that matter, an AI agent that operates through that API inside role boundaries, and a clean growth path — more tables, more custom endpoints, writes when you are ready — where every expansion is a deliberate grant rather than an accident.&lt;/p&gt;

&lt;p&gt;And because every layer of this runs in containers you place yourself, the entire stack — database, API layer, MCP server — can live on-premise, behind the same firewall, in the same network segment the auditors already approved. The agent connects in; the data never leaves.&lt;/p&gt;

&lt;p&gt;The pattern generalises past the first agent, too. The same endpoints serve embeddable chatbots, scheduled tasks that run against the data and send email, and — through the Hyperlambda Generator — agents that describe new endpoints in plain language and have them generated inside the same permission model. The first agent is rarely the last thing you build on this surface.&lt;/p&gt;

&lt;p&gt;Magic is MIT-licensed and open source — the repository is at &lt;a href="https://github.com/polterguy/magic" rel="noopener noreferrer"&gt;github.com/polterguy/magic&lt;/a&gt;, with documentation at &lt;a href="https://docs.ainiro.io" rel="noopener noreferrer"&gt;docs.ainiro.io&lt;/a&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  FAQ
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Does the AI agent get direct access to my SQL Server or MySQL database?
&lt;/h3&gt;

&lt;p&gt;No, and that is the core of the design. The agent talks to Magic over MCP and only ever invokes generated endpoints, each gated by roles at execution time. The database only ever sees Magic's scoped credentials from step one.&lt;/p&gt;

&lt;h3&gt;
  
  
  Can I do this without allowing any writes?
&lt;/h3&gt;

&lt;p&gt;Yes — and it is the recommended starting point. A read-only database user plus read-only generated endpoints gives you a useful question-answering agent over live business data with no write path at all.&lt;/p&gt;

&lt;h3&gt;
  
  
  Does my database need to be reachable from the internet?
&lt;/h3&gt;

&lt;p&gt;No. Run Magic's containers inside the same network as the database. The database port never needs external exposure — the MCP surface is the only thing you choose to make reachable, and it sits behind authentication.&lt;/p&gt;

&lt;h3&gt;
  
  
  Do I have to write Hyperlambda?
&lt;/h3&gt;

&lt;p&gt;No. The CRUD generator emits it, and the SQL endpoint generator wraps SQL you already know how to write. The generated code is readable and editable when you want to customise, but the path in this article involves authoring none of it by hand.&lt;/p&gt;

&lt;h2&gt;
  
  
  Related reading
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://hyperlambda.dev/blog/supabase-for-sql-server-and-mysql-magic-brings-the-supabase-experience-to-legacy-databases-on-premise" rel="noopener noreferrer"&gt;Supabase for SQL Server and MySQL: Magic Brings the Supabase Experience to Legacy Databases, On-Premise&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://hyperlambda.dev/blog/from-sql-database-to-ai-agent-in-minutes" rel="noopener noreferrer"&gt;From SQL Database to AI Agent in Minutes&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://hyperlambda.dev/blog/how-to-run-ai-agents-on-your-existing-supabase-database-without-migrating-anything" rel="noopener noreferrer"&gt;How to Run AI Agents on Your Existing Supabase Database (Without Migrating Anything)&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://hyperlambda.dev/blog/magic-now-supports-mcp-server-integration-for-ai-agents" rel="noopener noreferrer"&gt;Magic now supports MCP server integration for AI agents&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>ai</category>
      <category>database</category>
      <category>sql</category>
      <category>tutorial</category>
    </item>
    <item>
      <title>The first LLM on earth that cannot hallucinate</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Tue, 14 Jul 2026 14:02:22 +0000</pubDate>
      <link>https://dev.to/polterguy/the-first-llm-on-earth-that-cannot-hallucinate-44cj</link>
      <guid>https://dev.to/polterguy/the-first-llm-on-earth-that-cannot-hallucinate-44cj</guid>
      <description>&lt;p&gt;Yes, the headline is bait. No, it's not a lie.&lt;/p&gt;

&lt;p&gt;Every AI vendor on the planet claims their model "reduces hallucinations." Reduction is a percentage. &lt;em&gt;Cannot&lt;/em&gt; is an architecture. This article is about the architecture.&lt;/p&gt;

&lt;h2&gt;
  
  
  What a hallucination actually is when a model writes code
&lt;/h2&gt;

&lt;p&gt;When an LLM writes Python or JavaScript, an invented API call is syntactically perfect. &lt;code&gt;pandas.read_excel_fast()&lt;/code&gt;, &lt;code&gt;express.validateJWT()&lt;/code&gt;, a package that never existed — the model produces them with total confidence, and the language happily accepts them. The code compiles. It passes a glance-level review. It fails at the worst possible moment: at runtime, in production, against real data.&lt;/p&gt;

&lt;p&gt;This is the dirty secret of free-form code generation: &lt;strong&gt;a general-purpose language has an infinite vocabulary.&lt;/strong&gt; Any name the model dreams up is grammatically valid code, indistinguishable from the real thing until it runs.&lt;/p&gt;

&lt;p&gt;The industry's answer? Review everything, trust nothing. Every generated line gets a human pass before production — which quietly hands back the time the AI was supposed to save you.&lt;/p&gt;

&lt;h2&gt;
  
  
  Step 1: Close the vocabulary
&lt;/h2&gt;

&lt;p&gt;Our generator doesn't emit free-form source code. It emits Hyperlambda — a language where code &lt;em&gt;is&lt;/em&gt; an execution tree, and every executable node is an invocation of a &lt;strong&gt;slot&lt;/strong&gt;: a named capability registered in the runtime.&lt;/p&gt;

&lt;p&gt;The crucial property: &lt;strong&gt;the set of slots is finite.&lt;/strong&gt; There is a registry. A capability either exists in it or it doesn't. The model cannot invent a capability — it can only &lt;em&gt;name&lt;/em&gt; one. And names are checkable.&lt;/p&gt;

&lt;p&gt;In a free-form language, a hallucinated function is valid code. In a closed-vocabulary language, a hallucinated slot is a &lt;em&gt;detectable lie&lt;/em&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  Step 2: Statically prove every instruction exists
&lt;/h2&gt;

&lt;p&gt;Detection is a slot called &lt;code&gt;[hyperlambda.verify-slots]&lt;/code&gt;. You hand it a piece of Hyperlambda, and it walks &lt;strong&gt;every node in executable statement position&lt;/strong&gt; — the root level, plus the body of every body-bearing slot it encounters, resolved from slot &lt;em&gt;signature metadata&lt;/em&gt; rather than hardcoded names, to any nesting depth — and checks each invocation against the registry.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;hyperlambda.verify-slots:@"strings.reverse:Hello world"
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The model made &lt;code&gt;strings.reverse&lt;/code&gt; up. The verdict:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;hyperlambda.verify-slots:bool:false
   :strings.reverse
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;code&gt;false&lt;/code&gt;, plus the &lt;em&gt;exact names&lt;/em&gt; of everything that doesn't exist, as structured data. Not a stack trace three weeks later. Not an incident report. A named, mechanical, pre-execution verdict, delivered in milliseconds.&lt;/p&gt;

&lt;h2&gt;
  
  
  Step 3: The model never gets a vote
&lt;/h2&gt;

&lt;p&gt;Now wire the two together. Our Hyperlambda generator runs inside a loop:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Generate&lt;/strong&gt; — the model produces an execution tree from a natural-language prompt.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Prove&lt;/strong&gt; — &lt;code&gt;verify-slots&lt;/code&gt; walks every executable statement and checks it against the registry.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Reject and retry&lt;/strong&gt; — if anything doesn't exist, the &lt;em&gt;exact missing names&lt;/em&gt; go straight back into the generation context, and the model tries again.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Ship only on &lt;code&gt;true&lt;/code&gt;&lt;/strong&gt; — code leaves the loop only when the verdict is a mechanical, binary yes.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Nothing about this depends on the model behaving. The model can hallucinate all it wants &lt;em&gt;inside&lt;/em&gt; the loop — what comes &lt;em&gt;out&lt;/em&gt; of the loop provably invokes only capabilities that exist. Hallucinated code is structurally unable to ship.&lt;/p&gt;

&lt;p&gt;You don't have to trust the model. The machine checks its homework.&lt;/p&gt;

&lt;p&gt;If you'd rather watch than read, here's the whole thing in action:&lt;/p&gt;

&lt;p&gt;  &lt;iframe src="https://www.youtube.com/embed/SiR9rszmZXk"&gt;
  &lt;/iframe&gt;
&lt;/p&gt;

&lt;h2&gt;
  
  
  The fine print, up front
&lt;/h2&gt;

&lt;p&gt;Big claims deserve precise edges, so here's exactly where this one begins and ends.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Guaranteed:&lt;/strong&gt; no invented capability ever executes. Every instruction in production logic provably exists on the runtime it runs on. This entire &lt;em&gt;class&lt;/em&gt; of failure — the hallucinated API, the phantom package, the made-up function — is eliminated, not reduced.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Not claimed:&lt;/strong&gt; proven-to-exist is not proven-to-be-wise. Whether logic &lt;em&gt;should&lt;/em&gt; run is a separate question, and it gets a separate answer: a per-role whitelist enforced at the execution boundary itself, so even perfectly valid code can only touch the capabilities your RBAC policy explicitly names. And whether the logic is &lt;em&gt;correct&lt;/em&gt; for your business is what tests are for — same as code written by humans, who, it should be said, also occasionally invoke functions that don't exist.&lt;/p&gt;

&lt;p&gt;The point isn't that generated code becomes magically perfect. The point is that the trust boundary moves from the prompt to the runtime — from "hope the model behaved" to "the runtime refuses everything else."&lt;/p&gt;

&lt;h2&gt;
  
  
  Why I think this is the actual answer
&lt;/h2&gt;

&lt;p&gt;The whole industry is trying to fix hallucination inside the model: better training, better prompts, better RAG. That's fighting probability with probability. A model is a sampler; you can shrink the error rate, but you can't sample your way to &lt;em&gt;cannot&lt;/em&gt;.&lt;/p&gt;

&lt;p&gt;A closed vocabulary plus a static proof gets you &lt;em&gt;cannot&lt;/em&gt; — with boring, deterministic, thirty-year-old computer science. No new model required.&lt;/p&gt;

&lt;p&gt;The runtime underneath all of this is &lt;a href="https://github.com/polterguy/magic" rel="noopener noreferrer"&gt;Magic Cloud&lt;/a&gt; — MIT-licensed, open source, self-hostable. Audit the verifier yourself; it's a couple hundred lines of C# that walks a tree and asks a &lt;code&gt;HashSet&lt;/code&gt; some questions. The best security arguments are the ones you can read.&lt;/p&gt;

&lt;p&gt;And that's the whole trick, honestly. The first LLM on earth that cannot hallucinate isn't a smarter LLM.&lt;/p&gt;

&lt;p&gt;It's a dumber runtime that refuses to be impressed.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>llm</category>
      <category>opensource</category>
      <category>programming</category>
    </item>
    <item>
      <title>Magic Cloud vs Supabase: what an MIT-licensed backend does differently</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Sat, 11 Jul 2026 19:41:42 +0000</pubDate>
      <link>https://dev.to/polterguy/magic-cloud-vs-supabase-what-an-mit-licensed-backend-does-differently-1go3</link>
      <guid>https://dev.to/polterguy/magic-cloud-vs-supabase-what-an-mit-licensed-backend-does-differently-1go3</guid>
      <description>&lt;p&gt;I want to say this up front: Supabase is a good product. This is not a takedown. But I keep meeting developers who like Supabase's model and still can't use it — because of one of a handful of hard constraints that no amount of Supabase configuration removes.&lt;/p&gt;

&lt;p&gt;I build &lt;a href="https://github.com/polterguy/magic" rel="noopener noreferrer"&gt;Magic Cloud&lt;/a&gt;, an MIT-licensed, self-hosted backend platform. Below are the differences that actually matter — specifically the things Supabase users ask for and structurally can't get, and honestly, the places where Supabase remains the better pick.&lt;/p&gt;

&lt;h2&gt;
  
  
  The quick comparison
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;&lt;/th&gt;
&lt;th&gt;Supabase&lt;/th&gt;
&lt;th&gt;Magic Cloud&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;License&lt;/td&gt;
&lt;td&gt;Open-core, some features hosted-only&lt;/td&gt;
&lt;td&gt;
&lt;a href="https://github.com/polterguy/magic/blob/master/LICENSE" rel="noopener noreferrer"&gt;MIT&lt;/a&gt;, everything included&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Self-hosting&lt;/td&gt;
&lt;td&gt;&lt;a href="https://supabase.com/docs/guides/self-hosting" rel="noopener noreferrer"&gt;Community-supported compose stack&lt;/a&gt;&lt;/td&gt;
&lt;td&gt;First-class, one backend + one dashboard container&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Database&lt;/td&gt;
&lt;td&gt;PostgreSQL (theirs)&lt;/td&gt;
&lt;td&gt;SQLite default; connects to &lt;em&gt;your existing&lt;/em&gt; MySQL, PostgreSQL, MSSQL&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Server-side logic&lt;/td&gt;
&lt;td&gt;
&lt;a href="https://supabase.com/docs/guides/functions" rel="noopener noreferrer"&gt;Deno edge functions&lt;/a&gt;, separate deploy&lt;/td&gt;
&lt;td&gt;Generated endpoints, live instantly, no build step&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;Access control&lt;/td&gt;
&lt;td&gt;Postgres RLS, written per app&lt;/td&gt;
&lt;td&gt;Execution-time RBAC enforced by the runtime&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;AI story&lt;/td&gt;
&lt;td&gt;pgvector + client libraries&lt;/td&gt;
&lt;td&gt;Native RAG, chatbots, MCP server, endpoint generator&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;Now the parts a table can't capture.&lt;/p&gt;

&lt;h2&gt;
  
  
  1. It connects to the database you already have
&lt;/h2&gt;

&lt;p&gt;This is the difference that decides most evaluations, so it goes first.&lt;/p&gt;

&lt;p&gt;Supabase &lt;em&gt;is&lt;/em&gt; a managed Postgres. You don't connect Supabase to your database — you migrate your data into theirs. If your data lives in a fifteen-year-old SQL Server, or a MySQL instance three other systems depend on, that migration is somewhere between painful and impossible.&lt;/p&gt;

&lt;p&gt;Magic points at any existing MySQL, PostgreSQL, SQL Server, or SQLite database and generates a complete, secured CRUD API on top of it. The data stays where it is. Nothing migrates. The CRUD generator reads your schema and emits one endpoint per operation per table, each with authentication and role checks already wired in.&lt;/p&gt;

&lt;p&gt;For teams with legacy databases, this isn't a feature comparison — it's the whole decision.&lt;/p&gt;

&lt;h2&gt;
  
  
  2. Backend logic without a separate runtime
&lt;/h2&gt;

&lt;p&gt;Supabase's answer to "I need server-side logic" is edge functions: Deno, a separate deploy artifact, its own toolchain, and cold starts. It works, but it's a second system bolted onto the first.&lt;/p&gt;

&lt;p&gt;In Magic, an endpoint is a file on the server. Create the file, the endpoint is live. No build, no deploy pipeline, no cold start — after first execution the compiled AST is cached and subsequent calls execute in roughly 100–200 milliseconds.&lt;/p&gt;

&lt;p&gt;The runtime language is &lt;a href="https://hyperlambda.dev" rel="noopener noreferrer"&gt;Hyperlambda&lt;/a&gt;, and before that triggers an objection: you're not expected to write it. It's generated — by the CRUD generator, or by the Hyperlambda Generator, which compiles plain-English prompts into working endpoints. Think of it like the SQL your ORM emits. Readable, editable, rarely hand-authored.&lt;/p&gt;

&lt;p&gt;A side effect worth more than it sounds: since every endpoint is a plain-text file, &lt;strong&gt;your entire backend is version-controllable with git, as-is&lt;/strong&gt;. Supabase's server-side logic lives inside the database as RLS policies and triggers, and extracting it into reviewable migrations is its own discipline. Magic's answer is &lt;code&gt;git add&lt;/code&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  3. Sending email is a platform primitive
&lt;/h2&gt;

&lt;p&gt;Small one, but it's a perennial forum question: "how do I send email from Supabase?" The answer is always the same — you can't, beyond auth emails; go sign up for Resend or SendGrid and write an edge function.&lt;/p&gt;

&lt;p&gt;Magic has SMTP built in. Endpoints send mail, with MIME attachments, as a one-liner of generated code. Same story for task scheduling: where Supabase offers &lt;a href="https://supabase.com/docs/guides/database/extensions/pg_cron" rel="noopener noreferrer"&gt;pg_cron&lt;/a&gt; (which runs SQL), Magic has persisted, schedulable tasks that execute arbitrary backend logic — the "every Monday, call this API and email the report" job that SQL-only cron can't express.&lt;/p&gt;

&lt;h2&gt;
  
  
  4. The AI layer is a platform, not a column type
&lt;/h2&gt;

&lt;p&gt;Supabase's AI story is pgvector plus client libraries: here's a vector column, build your RAG pipeline yourself.&lt;/p&gt;

&lt;p&gt;Magic ships the pipeline. Website crawling, vectorization, RAG-backed machine-learning types, an embeddable chatbot widget, and AI functions — configured from the dashboard, no glue code. If the goal is "a chatbot trained on our docs, on our infrastructure," that's a dashboard task, not a sprint.&lt;/p&gt;

&lt;h2&gt;
  
  
  5. The part I think matters most: agents can safely operate it
&lt;/h2&gt;

&lt;p&gt;Both platforms now have &lt;a href="https://modelcontextprotocol.io" rel="noopener noreferrer"&gt;MCP&lt;/a&gt; servers, so both let AI agents &lt;em&gt;talk to&lt;/em&gt; the backend. The difference is what happens when agents &lt;em&gt;build on&lt;/em&gt; it.&lt;/p&gt;

&lt;p&gt;Supabase's security model is row-level security: SQL policies, written per application. When a human writes the app, RLS works well. When an AI agent generates the app, every generated endpoint and query has to correctly respect those policies — the security boundary lives inside the generated code, and every generation is a fresh chance to get it wrong. A service-role key where an anon key belonged. A query that sidesteps a policy. The model doesn't have to be malicious, just wrong once.&lt;/p&gt;

&lt;p&gt;Magic inverts this. Hyperlambda executes as an AST, and every node must bind to a slot the runtime exposes. Permissions are enforced at execution time: endpoints declare which roles may invoke them, and the whitelisting system controls which slots code in a given context can bind to &lt;em&gt;at all&lt;/em&gt;. If a capability isn't whitelisted, generated code cannot call it — not "is instructed not to," but structurally cannot. The worst a bad generation can do is fail.&lt;/p&gt;

&lt;p&gt;That means an agent connected over MCP can generate new endpoints, create databases, and wire up logic — and everything it produces runs inside the same runtime-enforced boundaries as human-written code. Security is a property of the platform, implemented once in C#, instead of a property each generated app has to reimplement. I've written up the architecture in detail &lt;a href="https://hyperlambda.dev/blog/why-secure-ai-code-execution-requires-runtime-whitelisting-not-prompt-filtering" rel="noopener noreferrer"&gt;here&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;In one reproducible session, an agent given a single natural-language prompt created a database, generated a public API, wired email notifications, deployed a chatbot widget and landing page, and verified every step over HTTP — and when the platform rejected a malformed widget, the agent read the built-in guides over MCP and fixed its own mistake. No human in the loop between prompt and working system.&lt;/p&gt;

&lt;h2&gt;
  
  
  6. Nothing is gated
&lt;/h2&gt;

&lt;p&gt;Magic is MIT-licensed end to end. There's no enterprise edition, no hosted-only dashboard features, no open-core split where the self-hosted version quietly lacks SSO or log drains. The hosted &lt;a href="https://ainiro.io" rel="noopener noreferrer"&gt;cloudlets at AINIRO&lt;/a&gt; run the same code you can deploy yourself from the &lt;a href="https://github.com/polterguy/magic" rel="noopener noreferrer"&gt;GitHub repo&lt;/a&gt; — because there's nothing to gate.&lt;/p&gt;

&lt;p&gt;Self-hosting is the primary deployment model, not a community afterthought: one Docker container for the backend, one for the dashboard.&lt;/p&gt;

&lt;h2&gt;
  
  
  Where Supabase is still the right choice
&lt;/h2&gt;

&lt;p&gt;Credibility requires this section, so here it is, unhedged.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;You need Postgres specifically.&lt;/strong&gt; Extensions, replication, a team fluent in it. Supabase's all-in bet on Postgres is a genuine strength; Magic treats databases as pluggable, which is more flexible but less deep on any single engine.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;You rely on the ecosystem.&lt;/strong&gt; Client SDKs for every framework, enormous community, a tutorial for everything. Magic's community is smaller. If your velocity comes from copy-pasting battle-tested Supabase snippets, weigh that honestly.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;You want realtime and storage-with-CDN out of the box.&lt;/strong&gt; Realtime subscriptions and storage buckets are Supabase strengths without a direct Magic equivalent.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;You want a managed service and were never going to self-host.&lt;/strong&gt; Supabase's hosted product is genuinely good. Most of this article's argument is about the self-hosted path.&lt;/p&gt;

&lt;h2&gt;
  
  
  Summing up
&lt;/h2&gt;

&lt;p&gt;If your constraints include an existing database, real self-hosting, MIT licensing, or AI agents building and operating backend functionality, Magic Cloud solves problems Supabase structurally can't. If your constraints are Postgres depth and ecosystem gravity, stay with Supabase — sincerely.&lt;/p&gt;

&lt;p&gt;The repo is at &lt;a href="https://github.com/polterguy/magic" rel="noopener noreferrer"&gt;github.com/polterguy/magic&lt;/a&gt;, the docs at &lt;a href="https://docs.ainiro.io" rel="noopener noreferrer"&gt;docs.ainiro.io&lt;/a&gt;, and a longer evaluation-focused comparison at &lt;a href="https://hyperlambda.dev/blog/magic-cloud-the-self-hosted-supabase-alternative-built-for-ai-agents" rel="noopener noreferrer"&gt;hyperlambda.dev&lt;/a&gt;. Spin it up in Docker and point it at a database you already have — that first CRUD generation is the moment the difference clicks.&lt;/p&gt;

</description>
      <category>opensource</category>
      <category>backend</category>
      <category>ai</category>
      <category>supabase</category>
    </item>
    <item>
      <title>Save $171,032 Annually on your Company's Claude subscription!</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Fri, 10 Jul 2026 05:28:57 +0000</pubDate>
      <link>https://dev.to/polterguy/save-171032-annually-on-your-companys-claude-subscription-5epo</link>
      <guid>https://dev.to/polterguy/save-171032-annually-on-your-companys-claude-subscription-5epo</guid>
      <description>&lt;p&gt;I used &lt;a href="https://github.com/polterguy/magic" rel="noopener noreferrer"&gt;Magic Cloud&lt;/a&gt; to generate a simple CRUD API, with an SQLite database, two tables, allowing me to manage tasks and clients. Basically a micro "Jira" thing.&lt;/p&gt;

&lt;p&gt;Then I asked it how much more tokens it would have used if it didn't have Magic, and its price estimate increased from ~$0.53 to ~$2.60, implying Magic saved me 82% of my tokens on one simple task. Notice, this was a 5 minute job ...&lt;/p&gt;

&lt;p&gt;Then I asked it how much this would translate into for a company with 25 employees, where each employee actively uses Claude, and the company is heavily using agentic AI. Its answer ...&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;A company with 25 employees, would save $171,072 annually on average. That's a cost reduction of $570 per month, for every single employee you have.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Frresjsl3x2fsbr3o535j.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Frresjsl3x2fsbr3o535j.png" alt="Claude savings" width="799" height="558"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;In addition to this, comes 80% time savings, since Claude becomes 5x faster with Magic, new capabilities (Magic allows for direct deployment of solutions), etc, etc, etc.&lt;/p&gt;

&lt;p&gt;Psst, Magic is Open Source, can be installed on your own infra in 10 minutes, and you can find at at GitHub (link in the first paragraph).&lt;/p&gt;

</description>
      <category>ai</category>
      <category>productivity</category>
      <category>opensource</category>
    </item>
    <item>
      <title>Creating Full Stack Apps with Mythos and Magic</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Wed, 01 Jul 2026 06:58:40 +0000</pubDate>
      <link>https://dev.to/polterguy/creating-full-stack-apps-with-mythos-and-magic-449f</link>
      <guid>https://dev.to/polterguy/creating-full-stack-apps-with-mythos-and-magic-449f</guid>
      <description>&lt;p&gt;I wanted to see how far an AI agent could get building a real, deployed full-stack app against &lt;a href="https://ainiro.io" rel="noopener noreferrer"&gt;Magic Cloud&lt;/a&gt; using nothing but MCP tool calls — no hand-written code. Here's what came out of one session.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Stack
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Backend&lt;/strong&gt;: Hyperlambda, generated entirely via the &lt;code&gt;generate-hyperlambda&lt;/code&gt; MCP tool (never hand-written — the platform enforces this)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Database&lt;/strong&gt;: SQLite, &lt;code&gt;crm&lt;/code&gt; database, single &lt;code&gt;contacts&lt;/code&gt; table&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Frontend&lt;/strong&gt;: Vanilla HTML/CSS/JS SPA served from &lt;code&gt;/etc/www/&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Auth&lt;/strong&gt;: Magic Auth (built-in RBAC/JWT)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Orchestrator&lt;/strong&gt;: Claude, via the Magic MCP connector (~105 tools across 14 namespaces)&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  What Got Built
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Schema&lt;/strong&gt;: a &lt;code&gt;contacts&lt;/code&gt; table (name, email, phone, company, notes) via &lt;code&gt;execute-sql&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;CRUD API&lt;/strong&gt;: four separate Hyperlambda endpoints — &lt;code&gt;create&lt;/code&gt;, &lt;code&gt;read&lt;/code&gt; (paged/sorted/filtered), &lt;code&gt;update&lt;/code&gt;, &lt;code&gt;delete&lt;/code&gt; — each generated as its own &lt;code&gt;generate-hyperlambda&lt;/code&gt; call and auto-exposed as an MCP tool the moment it's saved&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Frontend&lt;/strong&gt;: login-gated SPA, JWT stored in &lt;code&gt;localStorage&lt;/code&gt;, auto-refreshing the ticket every 10 minutes, classic/corporate visual theme&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Seed data&lt;/strong&gt;: 10 example contacts inserted directly via SQL&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Total build time: minutes, not hours.&lt;/p&gt;

&lt;h2&gt;
  
  
  Two Bugs Worth Knowing About
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;1. GET/DELETE requests can't carry a &lt;code&gt;Content-Type&lt;/code&gt; header.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Hyperlambda's HTTP layer throws if you decorate a GET or DELETE request with a content-type header. You cannot decorate an HTTP GET or DELETE request with content type of headers.&lt;/p&gt;

&lt;p&gt;This bit both the MCP &lt;code&gt;invoke-http&lt;/code&gt; tool (which defaults to &lt;code&gt;application/json&lt;/code&gt; unless you override with an empty &lt;code&gt;headers&lt;/code&gt; object) and would have bitten the frontend if I hadn't special-cased it — &lt;code&gt;app.js&lt;/code&gt; only attaches &lt;code&gt;Content-Type&lt;/code&gt; on &lt;code&gt;POST&lt;/code&gt;/&lt;code&gt;PUT&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Relative asset paths break without a trailing slash.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;code&gt;/etc/www/crm-contacts/index.html&lt;/code&gt; serves at &lt;code&gt;/crm-contacts/&lt;/code&gt;. But if a user hits &lt;code&gt;/crm-contacts&lt;/code&gt; (no trailing slash), the browser resolves &lt;code&gt;&amp;lt;link href="style.css"&amp;gt;&lt;/code&gt; against domain root, not the folder — instant 404. Fix: use absolute paths (&lt;code&gt;/crm-contacts/style.css&lt;/code&gt;) in every asset reference. Easy to miss, annoying to debug from a screenshot of a 404.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Interesting Part
&lt;/h2&gt;

&lt;p&gt;The Hyperlambda generator refuses to be hand-debugged — the platform's own tooling actively pushes you toward &lt;code&gt;invoke-http&lt;/code&gt; and the OpenAPI spec instead of trying to read/patch the generated &lt;code&gt;.hl&lt;/code&gt; files directly. That constraint, combined with checking &lt;code&gt;log_entries&lt;/code&gt; in the &lt;code&gt;magic&lt;/code&gt; SQLite database for the actual exception text, was faster for root-causing both bugs above than staring at HTTP status codes would have been.&lt;/p&gt;

&lt;h2&gt;
  
  
  Takeaway
&lt;/h2&gt;

&lt;p&gt;Framework-enforced constraints (no hand-written Hyperlambda, RBAC at execution time, generator-only codegen) slow down the "just let me fix this one line" instinct — but they're also what made a zero-manual-code CRM buildable in a single sitting without the usual pile of copy-pasted, unreviewed AI-generated backend code.&lt;/p&gt;

&lt;p&gt;You can watch me going through the whole process below ...&lt;/p&gt;

&lt;p&gt;  &lt;iframe src="https://www.youtube.com/embed/4TNnjQFKQO0"&gt;
  &lt;/iframe&gt;
&lt;/p&gt;

</description>
    </item>
    <item>
      <title>A practical guide to headless browser automation in Hyperlambda</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Thu, 19 Mar 2026 10:56:14 +0000</pubDate>
      <link>https://dev.to/polterguy/a-practical-guide-to-headless-browser-automation-in-hyperlambda-182g</link>
      <guid>https://dev.to/polterguy/a-practical-guide-to-headless-browser-automation-in-hyperlambda-182g</guid>
      <description>&lt;p&gt;A lot of browser automation tooling feels like it was designed for its own ecosystem first and for your application second.&lt;/p&gt;

&lt;p&gt;You end up learning a separate mental model, a separate lifecycle, and usually some kind of invisible context that makes simple things harder to reason about than they should be.&lt;/p&gt;

&lt;p&gt;I did not want that.&lt;/p&gt;

&lt;p&gt;When I added headless browser support to Hyperlambda, I wanted it to feel like the rest of the language. I wanted a small set of explicit operations that I could combine in predictable ways. Connect to a browser. Navigate somewhere. Wait for the page to become usable. Click, type, inspect, screenshot, close.&lt;/p&gt;

&lt;p&gt;That is basically it.&lt;/p&gt;

&lt;p&gt;This article is a practical walkthrough of how I use the headless browser slots in Hyperlambda.&lt;/p&gt;

&lt;h2&gt;
  
  
  The core idea
&lt;/h2&gt;

&lt;p&gt;The model is intentionally simple.&lt;/p&gt;

&lt;p&gt;You start by opening a browser session. That returns a &lt;code&gt;session_id&lt;/code&gt;. Then you pass that &lt;code&gt;session_id&lt;/code&gt; into every other browser-related slot.&lt;/p&gt;

&lt;p&gt;I like this because there is no hidden browser object, no ambient scope, and no guessing about where state lives.&lt;/p&gt;

&lt;p&gt;The flow is visible.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Connect&lt;/li&gt;
&lt;li&gt;Navigate&lt;/li&gt;
&lt;li&gt;Wait&lt;/li&gt;
&lt;li&gt;Interact&lt;/li&gt;
&lt;li&gt;Read state&lt;/li&gt;
&lt;li&gt;Save a screenshot if needed&lt;/li&gt;
&lt;li&gt;Close&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Here is the smallest possible example.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;.session_id
set-value:x:@.session_id
   puppeteer.connect

puppeteer.goto:x:@.session_id
   url:"https://ainiro.io"

puppeteer.title:x:@.session_id

puppeteer.close:x:@.session_id
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;If you understand that pattern, everything else builds on top of it.&lt;/p&gt;

&lt;h2&gt;
  
  
  How I start a browser session
&lt;/h2&gt;

&lt;p&gt;The first slot I use is &lt;code&gt;puppeteer.connect&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;Minimal version:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;.session_id
set-value:x:@.session_id
   puppeteer.connect
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That launches Chromium and returns a session identifier.&lt;/p&gt;

&lt;p&gt;If I need more control, I can add configuration such as headless mode, executable path, launch timeout, extra Chromium flags, or lifetime settings.&lt;/p&gt;

&lt;p&gt;For example:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;.session_id
set-value:x:@.session_id
   puppeteer.connect
      headless:true
      timeout:30000
      args
         .:--no-sandbox
         .:--disable-dev-shm-usage
      timeout-minutes:30
      max-lifetime-minutes:120
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Most of the time, I do not need anything beyond the default call. But it is useful to know I can tune launch behavior when I need to.&lt;/p&gt;

&lt;h2&gt;
  
  
  How I navigate to a page
&lt;/h2&gt;

&lt;p&gt;Once I have a &lt;code&gt;session_id&lt;/code&gt;, I can send the browser somewhere with &lt;code&gt;puppeteer.goto&lt;/code&gt;.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.goto:x:@.session_id
   url:"https://ainiro.io"
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That is enough for simple flows.&lt;/p&gt;

&lt;p&gt;If I want more deterministic behavior, I add timeout and a wait strategy.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.goto:x:@.session_id
   url:"https://ainiro.io"
   timeout:30000
   wait-until:networkidle2
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The &lt;code&gt;wait-until&lt;/code&gt; argument matters more than people think.&lt;/p&gt;

&lt;p&gt;Some pages are usable as soon as the DOM exists.&lt;br&gt;
Some keep loading assets after initial render.&lt;br&gt;
Some populate important UI elements after async JavaScript completes.&lt;/p&gt;

&lt;p&gt;That is why I usually treat &lt;code&gt;goto&lt;/code&gt; as navigation, not as proof that the page is ready for the next action.&lt;/p&gt;
&lt;h2&gt;
  
  
  How I wait for the page to become usable
&lt;/h2&gt;

&lt;p&gt;In practice, I rarely rely on navigation alone.&lt;/p&gt;

&lt;p&gt;If I know I need a specific element before continuing, I wait for that element explicitly.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.wait-for-selector:x:@.session_id
   selector:"#name"
   visible:true
   timeout:10000
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That makes the automation more stable because I am waiting for the thing I actually care about.&lt;/p&gt;

&lt;p&gt;If I expect the page URL itself to change after some action, I can wait for that too.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.wait-for-url:x:@.session_id
   url:"https://ainiro.io/contact-us"
   timeout:10000
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;I think this is one of the biggest differences between browser automation that mostly works and browser automation that keeps breaking in annoying ways.&lt;/p&gt;

&lt;p&gt;Do not wait for abstract readiness if your next step depends on something concrete.&lt;/p&gt;

&lt;p&gt;Wait for the concrete thing.&lt;/p&gt;

&lt;h2&gt;
  
  
  How I click buttons and links
&lt;/h2&gt;

&lt;p&gt;For clicks, I use &lt;code&gt;puppeteer.click&lt;/code&gt;.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.click:x:@.session_id
   selector:"#submit_contact_form_button"
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;If I need to adjust how the click happens, I can add options.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.click:x:@.session_id
   selector:"#submit_contact_form_button"
   click-count:2
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;It is intentionally straightforward.&lt;/p&gt;

&lt;p&gt;Find the selector. Click the selector. Move on.&lt;/p&gt;

&lt;p&gt;That is exactly the kind of browser automation API I prefer.&lt;/p&gt;

&lt;h2&gt;
  
  
  How I type and fill form fields
&lt;/h2&gt;

&lt;p&gt;There are two useful variants here.&lt;/p&gt;

&lt;p&gt;If I want to type text into a field without clearing it first, I use &lt;code&gt;puppeteer.type&lt;/code&gt;.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.type:x:@.session_id
   selector:"#name"
   text:"Thomas Hansen"
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;If I want to replace whatever is already there, I use &lt;code&gt;puppeteer.fill&lt;/code&gt;.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.fill:x:@.session_id
   selector:"#email"
   text:"thomas@gaiasoul.com"
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;If I want a more human-looking typing pace, I can add delay.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.type:x:@.session_id
   selector:"#info"
   text:"Hello from Hyperlambda"
   delay:25
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That covers most form automation I need.&lt;/p&gt;

&lt;p&gt;And if I need keyboard-level interaction rather than button clicks, I can use &lt;code&gt;puppeteer.press&lt;/code&gt;.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.press:x:@.session_id
   selector:"#submit_contact_form_button"
   key:Enter
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h2&gt;
  
  
  How I work with selects
&lt;/h2&gt;

&lt;p&gt;Dropdowns use &lt;code&gt;puppeteer.select&lt;/code&gt;.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.select:x:@.session_id
   selector:"#plan"
   values
      .:basic
      .:pro
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That is especially useful when automating admin panels, onboarding forms, or internal tools where select controls are common.&lt;/p&gt;

&lt;h2&gt;
  
  
  How I inspect the page
&lt;/h2&gt;

&lt;p&gt;Not every browser session is about clicking through forms.&lt;/p&gt;

&lt;p&gt;Sometimes I just want to inspect what the browser sees after the page has fully rendered.&lt;/p&gt;

&lt;p&gt;For that, I typically use these slots:&lt;/p&gt;

&lt;h3&gt;
  
  
  Read the title
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.title:x:@.session_id
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  Read the current URL
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.url:x:@.session_id
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  Read the rendered HTML
&lt;/h3&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.content:x:@.session_id
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That last one is particularly useful because it gives me the page as the browser sees it after JavaScript execution, not just the original raw server response.&lt;/p&gt;

&lt;p&gt;If I need something even more targeted, I can evaluate JavaScript directly in the page.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.evaluate:x:@.session_id
   expression:"document.title"
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Or:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.evaluate:x:@.session_id
   expression:"typeof window.mcaptcha"
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That gives me a quick way to inspect runtime state without building a bigger extraction flow.&lt;/p&gt;

&lt;h2&gt;
  
  
  How I save screenshots
&lt;/h2&gt;

&lt;p&gt;Screenshots are useful for debugging, documentation, and simple verification.&lt;/p&gt;

&lt;p&gt;Here is the basic PNG example.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.screenshot:x:@.session_id
   filename:"/etc/tmp/example.png"
   full-page:true
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;And here is a JPEG version.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.screenshot:x:@.session_id
   filename:"/etc/tmp/example.jpg"
   type:jpeg
   quality:85
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This is one of those features I end up using more than I expect.&lt;/p&gt;

&lt;p&gt;If something fails in an automated flow, a screenshot often gives me the answer much faster than logs alone.&lt;/p&gt;

&lt;h2&gt;
  
  
  How I close the session
&lt;/h2&gt;

&lt;p&gt;When I am done, I close the browser.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;puppeteer.close:x:@.session_id
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;I know that sounds obvious, but I still think it matters to treat connect and close as part of the actual program design.&lt;/p&gt;

&lt;p&gt;Open the resource.&lt;br&gt;
Use the resource.&lt;br&gt;
Close the resource.&lt;/p&gt;

&lt;p&gt;That keeps the flow readable and avoids unnecessary browser sessions hanging around.&lt;/p&gt;
&lt;h2&gt;
  
  
  A full example
&lt;/h2&gt;

&lt;p&gt;Here is a simple end-to-end example.&lt;/p&gt;

&lt;p&gt;It opens Chromium, goes to a page, waits for network activity to calm down, reads title and URL, takes a screenshot, and closes the session.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;.session_id
set-value:x:@.session_id
   puppeteer.connect

puppeteer.goto:x:@.session_id
   url:"https://ainiro.io"
   timeout:30000
   wait-until:networkidle2

puppeteer.title:x:@.session_id
puppeteer.url:x:@.session_id

puppeteer.screenshot:x:@.session_id
   filename:"/etc/tmp/ainiro-homepage.png"
   full-page:true

puppeteer.close:x:@.session_id
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;And here is a form-oriented example.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;.session_id
set-value:x:@.session_id
   puppeteer.connect

puppeteer.goto:x:@.session_id
   url:"https://ainiro.io/contact-us"
   timeout:30000
   wait-until:networkidle2

puppeteer.wait-for-selector:x:@.session_id
   selector:"#name"
   visible:true
   timeout:10000

puppeteer.fill:x:@.session_id
   selector:"#name"
   text:"Thomas Hansen"

puppeteer.fill:x:@.session_id
   selector:"#email"
   text:"thomas@gaiasoul.com"

puppeteer.type:x:@.session_id
   selector:"#info"
   text:"Hello from Hyperlambda"

puppeteer.click:x:@.session_id
   selector:"#submit_contact_form_button"

puppeteer.close:x:@.session_id
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h2&gt;
  
  
  What I think makes this approach nice
&lt;/h2&gt;

&lt;p&gt;What I like about these slots is not that they are flashy.&lt;/p&gt;

&lt;p&gt;It is that they are predictable.&lt;/p&gt;

&lt;p&gt;They do not try to invent a second programming model inside Hyperlambda.&lt;br&gt;
They do not hide the browser lifecycle behind clever abstractions.&lt;br&gt;
They do not require me to guess where state comes from.&lt;/p&gt;

&lt;p&gt;Everything important is explicit.&lt;/p&gt;

&lt;p&gt;You can read the flow from top to bottom and understand exactly what the browser is doing.&lt;/p&gt;

&lt;p&gt;That is a huge advantage when the automation grows from a toy example into something that actually matters.&lt;/p&gt;

&lt;h2&gt;
  
  
  Final thoughts
&lt;/h2&gt;

&lt;p&gt;I think browser automation should feel boring in the best possible way.&lt;/p&gt;

&lt;p&gt;You should be able to connect, navigate, wait, interact, inspect, screenshot, and close without learning a separate philosophy just to click a button on a web page.&lt;/p&gt;

&lt;p&gt;That is why I like the headless browser slots in Hyperlambda.&lt;/p&gt;

&lt;p&gt;They give me enough power to automate real workflows, but they stay small and direct enough that the code remains readable.&lt;/p&gt;

&lt;p&gt;And for me, that is usually the difference between a browser automation API I try once and a browser automation API I actually keep using.&lt;/p&gt;

&lt;p&gt;If you want to get started with Hyperlambda you can &lt;a href="https://hyperlambda.dev" rel="noopener noreferrer"&gt;clone Magic Cloud and Hyperlambda here&lt;/a&gt;.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>hyperlambda</category>
      <category>webdev</category>
      <category>tutorial</category>
    </item>
    <item>
      <title>Natural Language based DSL AST Compilers</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Fri, 13 Mar 2026 16:03:56 +0000</pubDate>
      <link>https://dev.to/polterguy/natural-language-based-dsl-ast-compilers-3fl4</link>
      <guid>https://dev.to/polterguy/natural-language-based-dsl-ast-compilers-3fl4</guid>
      <description>&lt;p&gt;I've tried this 5 times, with 3 different LLMs, and the exercise is as follows.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;I go to a publicly available AI chatbot, such as ChatGPT for instance&lt;/li&gt;
&lt;li&gt;I explain it what training material I have, what process I'm following, and other details about how I fine tune&lt;/li&gt;
&lt;li&gt;I explain Hyperlambda's syntax, by pointing it at articles and code parts&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;And every single time it comes back and tells me the following ...&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;You're beyond code-generation, what you're building is an AST compiler, based upon AI, that's almost &lt;em&gt;"deterministic"&lt;/em&gt; in nature&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Same answer every single time. Interestingly, I don't disagree. To understand why that's such a big thing, let's go through the semantics of how I am working, and with what.&lt;/p&gt;

&lt;h2&gt;
  
  
  Hyperlambda, the DSL
&lt;/h2&gt;

&lt;p&gt;The DSL is called &lt;a href="https://ainiro.io/hyperlambda" rel="noopener noreferrer"&gt;Hyperlambda&lt;/a&gt;, and it's got some pretty unique traits. For one, it's &lt;em&gt;"homoiconic"&lt;/em&gt;. That's just a fancy word for saying its execution structure is the exact same as the code format, which is true.&lt;/p&gt;

&lt;p&gt;To understand why that's such a bloody big deal, you must realise that this implies there is no AST layer in Hyperlambda. Hyperlambda &lt;em&gt;is&lt;/em&gt; the AST layer. Hence technically, we're simply removing several layers of complexity from traditional programming language, since Hyperlambda is simply the ability to &lt;a href="https://learn.microsoft.com/en-us/archive/msdn-magazine/2017/march/patterns-active-events-one-design-pattern-instead-of-a-dozen" rel="noopener noreferrer"&gt;raise events&lt;/a&gt;, combined with the ability to recursively traverse tree structures, passing in dynamically created recursive tree structures to said events.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;One simple design pattern! Resulting in an entirely new axiom for software development as a profession ...&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Since this structure is recursive in nature, this implies among other things that every complex piece of Hyperlambda, can be broken down by pruning its parent node, and the end result is &lt;em&gt;valid Hyperlambda&lt;/em&gt;! For instance, imagine the following code ...&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;if
   eq:x:@.arguments/*/name
      .:Thomas
   .lambda
      log.info:Thomas was here!
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The above is easily understood by most I presume, but it's basically the following in natural language; &lt;em&gt;"If the name argument equals 'Thomas', log the value 'Thomas was here!'"&lt;/em&gt;.&lt;/p&gt;

&lt;p&gt;However, the place where it gets &lt;em&gt;"weird"&lt;/em&gt;, is that I can take any parts of the above structure, and simply &lt;em&gt;"chop it up"&lt;/em&gt; into multiple smaller snippets, and they would all be considered value Hyperlambda. Below is an example.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;eq:x:@.arguments/*/name
   .:Thomas
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Then I can even modify it, and add stuff such as the following to it ...&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;eq:x:@.arguments/*/name
   .:Thomas
return:x:-
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Which basically implies; &lt;em&gt;"Compare name argument to 'Thomas' and return true if they're the same, otherwise false."&lt;/em&gt; And I can continue &lt;em&gt;"chopping up"&lt;/em&gt; Hyperlambda snippets using the above technique, over and over again.&lt;/p&gt;

&lt;p&gt;Ignoring the fact of that this has a dramatic effect on my personal ability to produce 100% correct training snippets, partially by even automating the process - LLMs happens to be &lt;em&gt;"a bajillion"&lt;/em&gt; times better at understanding recursive structures such as the above, where everything is a function - Touch OOP! FP wins!&lt;/p&gt;

&lt;p&gt;Sorry, I don't mean to be touchy here, but it's a known fact! LLMs can deal with functional programming languages a bajillion times better than OOP ...&lt;/p&gt;

&lt;p&gt;And Hyperlambda is, you guessed it, &lt;strong&gt;FP&lt;/strong&gt;!&lt;/p&gt;

&lt;p&gt;Hence Hyperlambda &lt;em&gt;is&lt;/em&gt; an AST layer, or an &lt;em&gt;"Abstract Syntax Tree"&lt;/em&gt; - Which also might explain my difficulties explaining it to other members of the homo sapiens branch. However, more importantly, LLMs are &lt;em&gt;"a bajillion"&lt;/em&gt; times better at understanding recursive AST layers, such as Hyperlambda, than - &lt;em&gt;"traditional code"&lt;/em&gt;.&lt;/p&gt;

&lt;p&gt;Basically, the recursive nature of functional programming, combined with the recursive nature of Hyperlambda, due to its simple &lt;em&gt;"node structure"&lt;/em&gt;, which is basically just a graph object - Results in a &lt;em&gt;"double whammy"&lt;/em&gt; from a fine tuning perspective and LLM perspective.&lt;/p&gt;

&lt;p&gt;Every single time I explain my language to an LLM, they consistently comes back and refers to it as &lt;em&gt;"the 100% correct way to build an AI-based 'compiler platform'"&lt;/em&gt; - Also a lot due to its security mechanisms may I add ...&lt;/p&gt;

&lt;h3&gt;
  
  
  Declarative
&lt;/h3&gt;

&lt;p&gt;Hyperlambda is &lt;em&gt;declarative&lt;/em&gt;, in addition to being homoiconic and functional. This reduces token count when dealing with LLMs by a factor of between 95% and 80%. 95% compared to C++ and 80% compared to Python. In addition, there's typically only a handful of correct ways to achieve something in a declarative language. With an imperative language like Python, there's a billion different ways to solve the same problem.&lt;/p&gt;

&lt;p&gt;This implies you'll need millions of example of Python code to teach the same you only need 50,000 to teach in a declarative language. Simply because the &lt;em&gt;"knowledge graph"&lt;/em&gt; is smaller, and hence the connections are reduced by &lt;strong&gt;a lot&lt;/strong&gt;!&lt;/p&gt;

&lt;p&gt;I've got 59,300 Hyperlambda training files, in a ridiculously strict training regime, of superb quality. According to ChatGPT that makes my LLM roughly on pair currently with SOTA models such as Claude Code or OpenAI's Codex.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;Basically, 59,300 Hyperlambda examples is equivalent to 10 million Python examples!&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Because it's not about sheer size of training material, it's about percentage covered of possible structures. In Python there are easily 20 million different structures, just combining two different concepts. In Hyperlambda that number is reduced down to maybe 100,000.&lt;/p&gt;

&lt;p&gt;And assuming you ask it to actually do something it knows how to do, and you don't give it bananas prompts - I can pretty much guarantee you that it's easily on pair with both Claude Code and Codex!&lt;/p&gt;

&lt;h2&gt;
  
  
  Meta programming
&lt;/h2&gt;

&lt;p&gt;The funny thing was, I started out with an extreme rush towards meta programming about 13 years ago - Realising it was something unique. To have a working meta programming language, you need to be both declarative in nature, homoiconic, and functional. Meta programming rests on these 3 pillars.&lt;/p&gt;

&lt;p&gt;Today I don't care about its meta programming capabilities much more, since my LLM is getting so bloody good at generating code, I barely think about it. Hence the 3 bi products I barely cared about in the first place, became its most interesting traits in the long run - And my reasons for originally building it the way I did, is almost completely uninteresting at this point in time ...&lt;/p&gt;

&lt;p&gt;Anyways, thx for reading - Both of you ... ;)&lt;/p&gt;

</description>
      <category>ai</category>
    </item>
    <item>
      <title>Create your Own Private DIY Silicon Valley</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Sun, 01 Mar 2026 11:11:30 +0000</pubDate>
      <link>https://dev.to/polterguy/create-your-own-private-diy-silicon-valley-18e6</link>
      <guid>https://dev.to/polterguy/create-your-own-private-diy-silicon-valley-18e6</guid>
      <description>&lt;p&gt;It's not exactly a secret that Facebook, Google, Reddit, and others are censoring you and spying on you I presume. Personally, I've got an entire army at Reddit so passionately hating me, they've subscribed to my YouTube videos for 6 years, with the sole purpose of down voting my videos. And of course, anything I post over there, is censored in &lt;strong&gt;seconds&lt;/strong&gt; ...&lt;/p&gt;

&lt;p&gt;I got so tired of this, I figured somebody just have to solve it. Since the nature of the web is that who ever owns the box, gets to decide what gets published - I &lt;strong&gt;created my own box&lt;/strong&gt;!&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9wqoigasxy2g5rn7moiv.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F9wqoigasxy2g5rn7moiv.png" alt="My web server" width="800" height="491"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The above MacMini is running &lt;em&gt;out of my living room&lt;/em&gt;. You can visit it at &lt;a href="https://home.ainiro.io" rel="noopener noreferrer"&gt;home.ainiro.io&lt;/a&gt;. I have even created a dummy little app (30 minutes job) that I deployed on to it. You can find my app below.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://home.ainiro.io/analytics-crm" rel="noopener noreferrer"&gt;Dumb CRM system&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  HOWTO
&lt;/h2&gt;

&lt;p&gt;The process is dead simple.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Get a MacMini&lt;/li&gt;
&lt;li&gt;Install Docker on it&lt;/li&gt;
&lt;li&gt;Use &lt;code&gt;docker compose up&lt;/code&gt; in the same folder you've got the file below saved as &lt;em&gt;"docker-compose.yaml"&lt;/em&gt;
&lt;/li&gt;
&lt;li&gt;Paste the docker compose file below into ChatGPT and tell it to expose both sites using Cloudflare tunnels&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;The docker compose file can be found here ...&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;version&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;3.8"&lt;/span&gt;

&lt;span class="na"&gt;services&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;backend&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
    &lt;span class="na"&gt;image&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;servergardens/magic-backend:latest&lt;/span&gt;
    &lt;span class="na"&gt;platform&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;linux/amd64&lt;/span&gt;
    &lt;span class="na"&gt;container_name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;magic_backend&lt;/span&gt;
    &lt;span class="na"&gt;restart&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;unless-stopped&lt;/span&gt;

    &lt;span class="na"&gt;ports&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;4444:4444"&lt;/span&gt;

    &lt;span class="na"&gt;volumes&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="s"&gt;magic_files_etc:/magic/files/etc&lt;/span&gt;
      &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="s"&gt;magic_files_data:/magic/files/data&lt;/span&gt;
      &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="s"&gt;magic_files_config:/magic/files/config&lt;/span&gt;
      &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="s"&gt;magic_files_modules:/magic/files/modules&lt;/span&gt;

  &lt;span class="na"&gt;frontend&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
    &lt;span class="na"&gt;image&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;servergardens/magic-frontend:latest&lt;/span&gt;
    &lt;span class="na"&gt;container_name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;magic_frontend&lt;/span&gt;
    &lt;span class="na"&gt;restart&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;unless-stopped&lt;/span&gt;

    &lt;span class="na"&gt;depends_on&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="s"&gt;backend&lt;/span&gt;

    &lt;span class="na"&gt;ports&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;5555:80"&lt;/span&gt;

&lt;span class="na"&gt;volumes&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;magic_files_etc&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;magic_files_data&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;magic_files_config&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;magic_files_modules&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;All in all, the process took me 30 minutes, after which I had a fully functioning (and &lt;strong&gt;secure&lt;/strong&gt;) web server, serving my own apps, out of my own living room. Get the source to Magic below, or read more about it on my website.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://github.com/polterguy/magic" rel="noopener noreferrer"&gt;Magic's code&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://ainiro.io" rel="noopener noreferrer"&gt;My website&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>ai</category>
      <category>tutorial</category>
      <category>discuss</category>
      <category>showdev</category>
    </item>
    <item>
      <title>Setup Magic Cloud on your own Development Machine</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Tue, 17 Feb 2026 06:55:25 +0000</pubDate>
      <link>https://dev.to/polterguy/setup-magic-cloud-on-your-own-development-machine-22il</link>
      <guid>https://dev.to/polterguy/setup-magic-cloud-on-your-own-development-machine-22il</guid>
      <description>&lt;p&gt;&lt;a href="https://github.com/polterguy/magic" rel="noopener noreferrer"&gt;Magic Cloud&lt;/a&gt; is an open source full stack &lt;em&gt;"vibe coding platform"&lt;/em&gt;. What I mean by that, is that you can create full stack apps using AI without coding. Below is an example of what you can create.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvrcmb16o2z6z91stvxjy.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvrcmb16o2z6z91stvxjy.png" alt="Example AI generated full stack app" width="800" height="420"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The above is a simple CRM system that was created in about 10 minutes. The system, created my database, my API, and my frontend. 100% without coding. In addition, it added Google SSO, and secured my app 100% automatically. You can watch a video below of how to setup Magic.&lt;/p&gt;

&lt;p&gt;&lt;iframe width="710" height="399" src="https://www.youtube.com/embed/k6eSKxc6oM8"&gt;
&lt;/iframe&gt;
&lt;/p&gt;

&lt;h2&gt;
  
  
  Magic's Unique Value Proposition
&lt;/h2&gt;

&lt;p&gt;There exists &lt;em&gt;"a bajillion"&lt;/em&gt; similar platforms out there. However, most of these are focused on &lt;em&gt;"citizen"&lt;/em&gt;. Personally, I love the idea of arming citizen, but for me it's much more interesting solving &lt;strong&gt;real problems&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Hence, I created a vibe coding platform for &lt;em&gt;professionals&lt;/em&gt; instead. What I mean by that is that Magic Cloud is a vibe coding platform specifically created for the SMB and Enterprise market, and not &lt;em&gt;"citizen"&lt;/em&gt;.&lt;/p&gt;

&lt;p&gt;It's got security built-in as the standard, coming out of the box. It's got zero lockins, allowing you to host it anywhere you wish. It's easily deployed into Kubernetes, allowing you to &lt;em&gt;"scale it to the moon"&lt;/em&gt; if required. And it (of course), features everything you'd need from a modern AI automation platform; Such as for instance ...&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Git integrations.&lt;/li&gt;
&lt;li&gt;Terminal integrations.&lt;/li&gt;
&lt;li&gt;100+ functions, for everything from saving files, to creating databases, and to searching your files.&lt;/li&gt;
&lt;li&gt;Connect it to PostgreSQL, MySQL, SQL Server, and any database you might have from before.&lt;/li&gt;
&lt;li&gt;Run your backend on anything, not only Supabase&lt;/li&gt;
&lt;li&gt;Run your frontend from anything, including inside your LAN&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;And of course, it helps having a platform that's literally so blistering fast and optimal, you could probably deploy it on a Raspberry PI if required ...&lt;/p&gt;

&lt;p&gt;If you want to read more about Magic, you can find my website below.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://ainiro.io" rel="noopener noreferrer"&gt;AINIRO Magic Cloud&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>ai</category>
      <category>productivity</category>
      <category>lowcode</category>
      <category>nocode</category>
    </item>
    <item>
      <title>Why I Built Magic Cloud for Real Enterprise Teams (Not Demo Land)</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Sun, 15 Feb 2026 18:27:46 +0000</pubDate>
      <link>https://dev.to/polterguy/why-i-built-magic-cloud-for-real-enterprise-teams-not-demo-land-62a</link>
      <guid>https://dev.to/polterguy/why-i-built-magic-cloud-for-real-enterprise-teams-not-demo-land-62a</guid>
      <description>&lt;p&gt;There’s a recurring pattern I’ve seen for years in enterprise software: We keep piling tools on top of tools, hoping the stack will somehow solve the bottleneck.&lt;/p&gt;

&lt;p&gt;But the bottleneck isn’t the stack. It’s &lt;strong&gt;the loop&lt;/strong&gt;: idea, backlog, spec, implementation, deployment, maintenance. I built &lt;strong&gt;Magic Cloud&lt;/strong&gt; to collapse that loop into something radically simpler — without sacrificing control, security, or performance.&lt;/p&gt;

&lt;h2&gt;
  
  
  The problem isn’t developers — it’s the system around them
&lt;/h2&gt;

&lt;p&gt;I’ve led and supported teams with real constraints: security reviews, compliance, internal policies, and delivery deadlines that don’t move.&lt;/p&gt;

&lt;p&gt;In those environments, most “AI dev tools” feel like &lt;strong&gt;good demos&lt;/strong&gt; but &lt;strong&gt;bad foundations&lt;/strong&gt;. They generate code, sure — but the surrounding system is fragile:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Too many external dependencies
&lt;/li&gt;
&lt;li&gt;Too many leaky integrations
&lt;/li&gt;
&lt;li&gt;Too little security built into the core
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;That’s where Magic Cloud is different. It was built from the inside out for &lt;strong&gt;enterprise reality&lt;/strong&gt;, not just a product launch demo.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Magic Cloud actually changes
&lt;/h2&gt;

&lt;p&gt;Magic Cloud combines two layers that usually live apart:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Execution&lt;/strong&gt; — the runtime for your app
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Development&lt;/strong&gt; — the AI-driven creation process
&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;By fusing these, you can generate full-stack apps and AI agents using natural language &lt;strong&gt;and&lt;/strong&gt; deploy them with an enterprise-grade security model built in.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;No disconnected toolchains.&lt;/li&gt;
&lt;li&gt;No vendor lock-in.&lt;/li&gt;
&lt;li&gt;No magic “connectors” that break at the worst time.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  A different security philosophy
&lt;/h2&gt;

&lt;p&gt;Most platforms hope security can be &lt;em&gt;added later&lt;/em&gt;.&lt;br&gt;&lt;br&gt;
I designed Magic Cloud to treat security as the default, not an optional upgrade. Here are a few core principles:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;RBAC at the foundation&lt;/strong&gt; — not as an afterthought&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Tool usage constrained by authenticated user permissions&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;No MCP protocol&lt;/strong&gt; — Magic uses a custom tool bridge designed to be safer&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;No hidden data access&lt;/strong&gt; — sensitive info leaves only if you explicitly allow it&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;This isn’t a theoretical posture. It’s practical. It matters.&lt;/p&gt;
&lt;h2&gt;
  
  
  Performance and control, not just AI novelty
&lt;/h2&gt;

&lt;p&gt;I love fast iterations, but I also care about:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Performance under real load&lt;/li&gt;
&lt;li&gt;Long-term maintainability&lt;/li&gt;
&lt;li&gt;Stack visibility when things break&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Magic Cloud is built on modern &lt;strong&gt;C#/.NET Core&lt;/strong&gt; for performance and stability. It’s &lt;strong&gt;open source&lt;/strong&gt;, self-hostable, and designed for &lt;strong&gt;long-term operational control&lt;/strong&gt;.&lt;/p&gt;
&lt;h2&gt;
  
  
  I built it for teams like mine
&lt;/h2&gt;

&lt;p&gt;This wasn’t built for hype. It was built because I kept watching teams get buried under their own process. Magic Cloud isn’t a “toy.” It’s a system for teams who want &lt;strong&gt;real leverage&lt;/strong&gt;, without losing their security posture or their autonomy.&lt;/p&gt;

&lt;p&gt;&lt;iframe width="710" height="399" src="https://www.youtube.com/embed/k6eSKxc6oM8"&gt;
&lt;/iframe&gt;
&lt;/p&gt;

&lt;p&gt;Read the original article &lt;a href="https://ainiro.io/blog/magic-cloud-the-enterprise-vibe-coding-platform" rel="noopener noreferrer"&gt;here&lt;/a&gt;.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>productivity</category>
      <category>lowcode</category>
      <category>nocode</category>
    </item>
    <item>
      <title>Magic Cloud has Git Support</title>
      <dc:creator>Thomas Hansen</dc:creator>
      <pubDate>Thu, 12 Feb 2026 18:45:09 +0000</pubDate>
      <link>https://dev.to/polterguy/magic-cloud-has-git-support-4d22</link>
      <guid>https://dev.to/polterguy/magic-cloud-has-git-support-4d22</guid>
      <description>&lt;p&gt;&lt;a href="https://ainiro.io" rel="noopener noreferrer"&gt;Magic Cloud&lt;/a&gt; is our flagship product. Being a fairly outspoken guy related to Git, most have believed you can't use Git in Magic.&lt;/p&gt;

&lt;p&gt;That's not true. I personally use Git on both Hyperlambda projects, and Magic itself (obviously!) - However, I guess I'm to take some blame here myself, if I'm to be objective about it. I have been known to have one or two controversial opinions ... 😂&lt;/p&gt;

&lt;p&gt;Anyways, as of today, Magic has 100% perfectly implemented Git support. In fact, there are as of today 10 new slots related to Git and GitHub, and these are as follows;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;[git.clone-repo]&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;[git.create-repo]&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;[git.delete-repo]&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;[git.commit]&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;[git.push]&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;[git.checkout]&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;[git.remote.add]&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;[github.repo.create]&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;[github.repo.delete]&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;[github.repo.list]&lt;/strong&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Git AI Agent
&lt;/h2&gt;

&lt;p&gt;Not only did we implement Git support, but as a bonus we added it to our AI agent - Allowing you to create branches, push, commit, etc, directly from the integrated AI agent. Below is a video of me demonstrating it.&lt;/p&gt;

&lt;p&gt;&lt;iframe width="710" height="399" src="https://www.youtube.com/embed/nLm2zRBexFc"&gt;
&lt;/iframe&gt;
&lt;/p&gt;

&lt;p&gt;So starting from today, not only can you use Git directly from &lt;a href="https://ainiro.io/hyperlambda" rel="noopener noreferrer"&gt;Hyperlambda&lt;/a&gt; - But you can frikkin' vibe code with it ... 😊&lt;/p&gt;

</description>
    </item>
  </channel>
</rss>
