HackerTrans
TopNewTrendsCommentsPastAskShowJobs

vldszn

301 karmajoined vor 7 Jahren
building a free and open-source invoice generator: https://easyinvoicepdf.com

- No sign-up required and no ads - Live PDF preview & instant download - Flexible tax support (VAT, GST, Sales Tax, etc.) - Fully customizable invoice templates - Multi-currency & multi-language support

GitHub: https://github.com/VladSez/easy-invoice-pdf

Personal: https://vladsazon.com

Twitter: https://x.com/vladsazonau

Submissions

Codex is flagged as malware on macOS

github.com
3 points·by vldszn·vor 2 Monaten·3 comments

Nx Console VS Code extension was the initial access vector in the GitHub breach

twitter.com
6 points·by vldszn·vor 2 Monaten·1 comments

T3 Code: A Minimal Web GUI/Desktop App for Coding Agents

github.com
6 points·by vldszn·vor 4 Monaten·0 comments

Timeline: Anthropic, OpenAI, and U.S. Government

anthropic-timeline.vercel.app
99 points·by vldszn·vor 5 Monaten·36 comments

Ask HN: Is Prettier extension working for you in Cursor?

2 points·by vldszn·vor 5 Monaten·0 comments

Prettier in Cursor has been broken for 3 weeks

forum.cursor.com
2 points·by vldszn·vor 5 Monaten·1 comments

[untitled]

1 points·by vldszn·vor 5 Monaten·0 comments

Ask HN: European alternative to Vercel/Cloudflare for hosting

13 points·by vldszn·vor 6 Monaten·20 comments

comments

vldszn
·vor 3 Stunden·discuss
free and open-source invoice generator

https://easyinvoicepdf.com https://github.com/VladSez/easy-invoice-pdf
vldszn
·vor 17 Tagen·discuss
huge momentum for local and open-source LLMs
vldszn
·vor 23 Tagen·discuss
lowkey amazing!
vldszn
·vor 29 Tagen·discuss
building a free and open-source invoice generator https://easyinvoicepdf.com https://github.com/VladSez/easy-invoice-pdf

- No sign-up required & no ads

- Live PDF preview & instant download

- Flexible tax support (VAT, Sales Tax, etc.)

- Fully customizable invoice templates

- 120+ currencies & multi-language support

- 100% In-Browser
vldszn
·letzten Monat·discuss
I applied for the first time a couple of months ago and again this month, but unfortunately I haven’t heard back from them :(

I’m building EasyInvoicePDF - a free and open-source invoice generator. (900+ GitHub stars, 2k monthly users on average, 10k total invoices downloaded)

https://github.com/VladSez/easy-invoice-pdf
vldszn
·vor 2 Monaten·discuss
why?
vldszn
·vor 2 Monaten·discuss
After the recent Codex update, I started seeing this error message on macOS:

“codex” will damage your computer. You should move it to the Bin.

Is anyone else experiencing this?

UPD: reinstalling both the Codex CLI and desktop app seems to resolve the issue.
vldszn
·vor 2 Monaten·discuss
[dead]
vldszn
·vor 2 Monaten·discuss
“Nx Console VS Code extension was the initial access vector in the GitHub breach”

Source: https://news.ycombinator.com/item?id=48216614
vldszn
·vor 2 Monaten·discuss
Yeah..full circle
vldszn
·vor 2 Monaten·discuss
Per security advisory on GitHub:

Root Cause

One of our developers was compromised by a recent supply-chain compromise on Tanstack, which leaked their GitHub credentials through the GitHub CLI (gh). This allowed the attacker to run workflows on our GitHub repository as a contributor.

More links:

https://github.com/nrwl/nx-console/security/advisories/GHSA-...

https://www.stepsecurity.io/blog/nx-console-vs-code-extensio...
vldszn
·vor 2 Monaten·discuss
UPD: it’s confirmed now by the CEO of Nx https://x.com/jeffbcross/status/2057236396658811020?s=46&t=_...
vldszn
·vor 2 Monaten·discuss
so cool!
vldszn
·vor 2 Monaten·discuss
=)
vldszn
·vor 2 Monaten·discuss
[dead]
vldszn
·vor 2 Monaten·discuss
UPD: disable auto-updates for extensions in VS Code/Cursor!
vldszn
·vor 2 Monaten·discuss
friendly reminder:

- disable auto-updates for extensions in VS Code/Cursor

- use static analysis for GitHub Actions to catch security issues in pre-commit hook and on ci: https://github.com/zizmorcore/zizmor

- set locally: pnpm config set minimum-release-age 4320 # 3 days in minutes https://pnpm.io/supply-chain-security

- for other package managers check: https://gist.github.com/mcollina/b294a6c39ee700d24073c0e5a4e...

- add Socket Free Firewall when installing npm packages on CI to catch malware https://docs.socket.dev/docs/socket-firewall-free#github-act...
vldszn
·vor 2 Monaten·discuss
There are rumours that was NX Console VS code extension

https://github.com/nrwl/nx-console/security/advisories/GHSA-...

https://www.stepsecurity.io/blog/nx-console-vs-code-extensio...
vldszn
·vor 2 Monaten·discuss
fair point
vldszn
·vor 2 Monaten·discuss
Disabling vscode/cursor extensions auto-updates also makes sense