HackerLangs
TopNewTrendsCommentsPastAskShowJobs

ebfe1

no profile record

Submissions

Show HN: Yes, I vibed coded something But not sure what to do with it

trustenvelope.com
2 points·by ebfe1·قبل شهرين·2 comments

Ask HN: Do you use your phone as hotel/free WiFi condom for laptops?

4 points·by ebfe1·قبل 8 أشهر·5 comments

S1ngularity/nx attackers strike again

aikido.dev
1 points·by ebfe1·قبل 10 أشهر·1 comments

comments

ebfe1
·قبل 8 أشهر·discuss
I will look into that, thanks for the recommendation!
ebfe1
·قبل 8 أشهر·discuss
TIL! Thank you!
ebfe1
·قبل 10 أشهر·discuss
Anyone know if there is a public events feed/firehouse for npm ecosystem system? Similar to GitHub public events feed?

We, at ClickHouse, love big data and it would be super cool download and analyse patterns of all these data & provide some tooling to help with combatting this wide spread issue.
ebfe1
·قبل 10 أشهر·discuss
I found there are many links from stepsecuritiy, socket.dev but aikido seems to have the most up to date information about this ongoing npm hack.
ebfe1
·قبل 10 أشهر·discuss
Is it just me who think this could have been prevented if npm admins put in some sort of cool off period to only allow new versions or packages to be downloaded after being published by "x" amount of hours? This way the npm maintainer would get notifications on their email and react immediately? And if it is urgent fix, perhaps there can be a process to allow npm admin to approve and bypass publication cool off period.

Disclaimer: I don't know enough of npm/nodejs community so I might be completely off the mark here
ebfe1
·قبل سنتين·discuss
clickhouse has pretty good github_events dataset on playground that folks can use to do some research - some info on the dataset https://ghe.clickhouse.tech/

Example of what this user JiaT75 did so far:

https://play.clickhouse.com/play?user=play#U0VMRUNUICogRlJPT...

pull requests mentioning xz, 5.6 without downgrade, cve being mentioned in the last 60 days:

https://play.clickhouse.com/play?user=play#U0VMRUNUIGNyZWF0Z...