Jim Manico of Manicode Security showed OWASP London a disciplined approach to bootstrapping projects with Claude Code using scripted prompts that generate ARCHITECTURE, SECURITY, and CLAUDE files in sequence, each reviewed and committed before the next. His core rule: Claude never writes code directly - every change becomes a tracked GitHub issue first, giving developers review points and audit trails throughout.
Miasma is a new project in Rust that creates a maze of twisty passages, all alike, for AI scrapers. It's got documentation to protect "good" scrapers, and creates nonsense for "bad" scrapers, but the problem isn't as simple as "punish AI for existing."
Anderson FariΓ±a tagged a release candidate of Kotauth, a "docker-oriented full authentication service inspired by keycloak." It could fulfill a very real gap: authorization and authentication services tend to be very low-ceiling until they're not. If you've had to wrestle with Keycloak or are dreading the Auth0 renewal quote, this project might be very interesting.
I've been trying to think about access control and data access patterns for ByteCode.news. One of the initial designs was based around having pluggable UIs. The actual app is a set of REST endpoints...