It’s Labor Day here in America, a day where we honor the American labor movement.

While the history of labor here in the US is important, today I really want you, no matter where you live, to consider just one thing.

If you’re employed by someone else, you contribute a majority of your waking hours each week to building wealth and equity for someone else.

You get little to show for it. A small fraction of the value you create, and the ability to be fired at any time, for any reason (or no reason at all).

You need money to have a home and food, which means employers have immense power of you. No job means no money means you very well might die. This coercive looming threat is the linchpin of work under capitalism.

In America, we have enough for everyone, but a few have too much and most have not enough.

We generate enough food to feed everyone. We have enough homes and apartments to house everyone. We have enough clothes to clothe everyone.

But instead of giving people what they need, we destroy surplus crops and let homes sit empty and destroy unsold clothes.

I believe that if you need something to live, it should be free.

A modest home should be free. Nutritious food should be free. Clothing should be free. Education should be free. Medical care should be free.

I don’t want state-controlled capitalism (what Americans often incorrectly call or think of as communism). I believe people should be free to do the kind of work they want to and work harder to get have more if they want them.

But it is unfathomably immoral that we allow a few to collect more wealth than they could spend in multiple lifetimes while many spend their whole lives toiling and never having enough.

If you had $1 billion, you could spend $25k a day, every single day, for 100 years, and still have money left over!

But minimum wage doesn’t even cover an apartment in most cities, let alone everything else you need to live.

If you’re a consultant, working your own terms, you at least have some ownership in your business. But most freelancers I know are working really hard to make other people rich while living rather modest lives themselves.

Work-for-hire means the company owns your labor, not you.

One of capitalism’s greatest successes is that it’s robbed us of imagination.

We struggle to imagine what life could look like under a different system. How it would be better. How it would be worse. How it would be different.

Utopias don’t exist. They never will. But I refuse to accept this system we toil under—while better than monarchies and fiefdoms—is as good as it gets.

Want to learn more? I highly recommend…

• Andrew Sage’s YouTube channel for some amazing decolonial/indigenous perspectives on socialism and anarchy
• Our Changing Climate for a deconstruction of capitalist toxic traits we accept as normal
• Thought Slime’s early work
• Solarpunk as a genre
• Pop Culture Detective’s videos on solarpunk and Disney’s Strange World

Like this? A Lean Web Club membership is the best way to support my work and help me create more free content.

In case you missed it, the main Svelte blog covered how to use SvelteKit’s new OpenTelemetry traces to reliably set up observability instrumentation using instrumentation.server.ts. This month’s round up covers that release and a few other features that rolled out before and after it.

Plenty in the showcase, as well, so let’s dive in!

What’s new in Svelte and Svelte CLI (sv)

• await is now allowed inside @const declarations (svelte@5.38.0, Docs, #16542)
• The sv add command has been updated to remove the --no-preconditions and add --no-git-check. With this new flag, even if some files are dirty, no prompt will be shown (sv@0.9.0, Docs, #650)

What’s new in SvelteKit and its adapters

• Deno is now supported as a supported package manager (sveltejs/adapter-auto@6.1.0, #14163)
• A new instrumentation.server.ts adds tracing and observability setup (sveltejs/adapter-node@5.3.0, Docs, #13899)
• The --preserve-output flag prevents deletion of the output directory before packaging (sveltejs/package@2.5.0, Docs, #13055)

For a full list of bug fixes in Svelte, SvelteKit and its adapters, check out their CHANGELOGs here and here.

---

Community Showcase

Apps & Sites built with Svelte

• Pollinate provides accurate forecasts designed for allergy sufferers who want to plan their day, or vacation, around pollen levels (Check out the Reddit post on how it was built)
• Ferndesk is a help center that is kept up to date automatically (the creator shared their demo on the Svelte Reddit)
• Wplace lets you paint whatever you want on a map of the world
• Domain Watcher is a domain availability monitor and expiration tracker built with SvelteKit & Cloudflare Workers
• Motley is a local-first bookmarking/moodboard app
• TallyHo is a simple time tracking for freelancers
• MenuScan lets you take a picture of any restuarant menu and get access to the calorie and macro counts for each item
• Vibe Check provides quick, honest diagnostics for AI‑built apps
• Joyful is a simple way to write, design, and send beautiful newsletters
• Eagle Cite lets you highlight, organize, and search your citations in one place
• Volkara is a set of ADHD-Friendly Productivity Tools
• Simple Man Archive is an ASCII art archive where anyone can contribute by creating unique ASCII art
• Thirty is an open-source AI calendar built on familiar foundations
• Timezones quickly shows and converts timezones across many locations

Learning Resources

Featuring Svelte Contributors and Ambassadors

• Compile Svelte 5 in your head by Tan Li Hau
• Introducing SvelteKit Remote Functions by Simon Holthausen
• The Svelte MCP server now allows you to directly reference documentation sections, and prompt templates

This Week in Svelte

• Ep. 112 — Storybook for Svelte Part 1
• Ep. 113 — Storybook for Svelte Part 2 - Docs
• Ep. 114 — Changelog Review

To Read

• Securing the supply chain at scale: Starting with 71 important open source projects by GitHub
• Epicenter (YC S25) is sponsoring Svelte maintainers to spend their time half pushing local-first OSS forward with Epicenter and half building their dream projects
• Project Two: Creating Mobile app using Tauri + Svelte by Kaspar Minosiants
• Ways to use Anime.js with Svelte by Brandon Ma
• Svelte, Markdown, and the Magic of Web Components by Shajid Hasan

To Watch

• SvelteKit Remote Functions are INSANE! Type-Safe Full Stack in Minutes by Tyler Codes
• Deploy a SvelteKit Application to Cloudflare Workers with Drizzle & D1 by Jilles Soeters

Libraries, Tools & Components

• EXE is a build tool to distribute your full-stack web app as a single executable binary with zero runtime dependencies
• Svelte Sortable List is a comprehensive package for creating accessible, sortable lists in Svelte applications
• Markdown UI turns static docs into interactive experiences - instantly
• Tark UI provides beautiful UI components built with Ark UI and Tailwind
• Uniface Element is a comprehensive enterprise-grade UI component library built with Svelte 5, designed for modern web applications
• microfolio is a modern static portfolio generator featuring a file-based content management system using folders and Markdown files
• Keycloakify is a tool for creating custom Keycloak themes, enabling you to modify the appearance and behavior of Keycloak’s user interfaces
• PDJsonEditor is a powerful JSON visualization and editing tool with both a code editor and interactive graph views
• Show & Svelte lets you create fully interactive presentations with Svelte
• wuchale is a compile-time internationalization (i18n) toolkit that requires zero code changes
• svelte-overflow-fade is a Svelte action and attachment for adding beautiful fade effects to overflowing content
• formshape is a type-safe form validation for SvelteKit Remote Functions using Standard Schema compatible validators
• vite-plugin-svelte-inline-component lets you write tiny Svelte components straight inside your JavaScript / TypeScript tests using tagged‑template literals.
• vite-plugin-sveltekit-decorators is a Vite plugin that automatically decorates SvelteKit functions with customizable wrappers for logging, analytics, error handling, and more
• jetbrains-svelte-templates is a compact collection of Live Templates for JetBrains IDEs (like WebStorm and IntelliJ IDEA Ultimate) designed to speed up your Svelte & SvelteKit development

That’s it for this month! Let us know if we missed anything on Reddit or Discord.

Until next time 👋🏼!

.NET Aspire provides an ideal environment for orchestrating microservices and dependencies, making it a great fit for hosting a simulated OPC UA server. For the server simulation, I use the free and open-source OPC PLC provided by Microsoft. While it’s possible to run the server from source, I prefer using the containerized version published on the Microsoft Container Registry (MCR), which integrates more easily into an Aspire-based solution.

Building a Proof of Concept and Teaching Developers How to Master Modern ASP.NET Core, Aspire, and Azure Development

---

Guest:

• Rick Correa,Uber TL Google SecOps, Google Cloud

Topics:

• On the 3rd anniversary of Curated Detections, you've grown from 70 rules to over 4700. Can you walk us through that journey? What were some of the key inflection points and what have been the biggest lessons learned in scaling a detection portfolio so massively?
• Historically the SecOps Curated Detection content was opaque, which led to, understandably, a bit of customer friction. We’ve recently made nearly all of that content transparent and editable by users. What were the challenges in that transition?
• You make a distinction between "Detection-as-Code" and a more mature "Software Engineering" paradigm. What gets better for a security team when they move beyond just version control and a CI/CD pipeline and start incorporating things like unit testing, readability reviews, and performance testing for their detections?
• The idea of a "Goldilocks Zone" for detections is intriguing – not too many, not too few. How do you find that balance, and what are the metrics that matter when measuring the effectiveness of a detection program? You mentioned customer feedback is important, but a confusion matrix isn't possible, why is that?
• You talk about enabling customers to use your "building blocks" to create their own detections. Can you give us a practical example of how a customer might use a building block for something like detecting VPN and Tor traffic to augment their security?
• You have started using LLMs for reviewing the explainability of human-generated metadata. Can you expand on that? What have you found are the ripe areas for AI in detection engineering, and can you share any anecdotes of where AI has succeeded and where it has failed?

   Resources

• EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective
• EP231 Beyond the Buzzword: Practical Detection as Code in the Enterprise
• EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams
• EP139 What is Chronicle? Beyond XDR and into the Next Generation of Security Operations
• EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther
• “Back to Cooking: Detection Engineer vs Detection Consumer, Again?” blog
• “On Trust and Transparency in Detection” blog
• “Detection Engineering Weekly” newsletter
• “Practical Threat Detection Engineering” book

Download audio: https://traffic.libsyn.com/secure/cloudsecuritypodcast/EP241_not235_CloudSecPodcast.mp3?dest-id=2641814