HackerTrans
TopNewTrendsCommentsPastAskShowJobs

drob

no profile record

Submissions

What kinds of bugs does AI generate?

blog.detail.dev
5 points·by drob·hace 11 días·4 comments

Benchmarking a Bug Scanner

blog.detail.dev
17 points·by drob·hace 2 meses·9 comments

Show HN: Detail, a Bug Finder

detail.dev
67 points·by drob·hace 7 meses·28 comments

comments

drob
·hace 7 meses·discuss
Should work fine. Ping me [email protected] or @danlovesproofs with your account info so we can look into it?
drob
·hace 7 meses·discuss
We've been thinking about this too. We have some ideas. Thanks for the comment, in any case – gave us a lot to chew on.
drob
·hace 7 meses·discuss
Other auth providers for sure. We'll be adding shortly.

Using an alternate auth provider won't even prevent you from scanning non-public GitHub code. There's a GitHub OAuth App just for auth (which is what you're seeing here), and a separate GitHub App that you need to install either way to give Detail access to the right repos. We can swap out the former for Google/Okta/pw if you want to avoid this warning. GitHub Apps (the half that manages repo access) have a much finer grained permissions model.
drob
·hace 7 meses·discuss
As far as we can tell this is a github-ism, and any OAuth permission is a form of "acting on your behalf": https://dappling.medium.com/a-github-app-would-like-to-act-o...
drob
·hace 7 meses·discuss
Hi bflesch, fair point – our About Us page has a lot about what we think and not about... us!

I'm the founder. Previously I was at Heap for nine years. There's a company LinkedIn with the rest of the team: https://www.linkedin.com/company/detail-dev/

We're located in SF. The About Us page lists some of our angel investors at the bottom.

Regarding security in particular, there's a lot more info in our Trust Center: https://trust.detail.dev/

If anything else seems conspicuously missing, please flag. In all likelihood it's omitted without intent.
drob
·hace 7 meses·discuss
We've run it on a few firmware repos and gotten good results. A lot of firmware code tends to have really poor type-safety which means lots of low-hanging bugs.

We should be able to handle cross-compilation. Want to try it? Ping me in any direct channel ([email protected] / @danlovesproofs) and we can keep an eye on your repo.
drob
·hace 7 meses·discuss
Just github for now, but purely for reasons of plumbing. We'll add gitlab and others.

We support java, c/c++, kotlin, ruby, and swift as well. Did you have something specific in mind?
drob
·hace 7 meses·discuss
Github only for now. Out of curiosity, is yours on gitlab? Something else?

We should be able to find something interesting in most codebases, as long as there's some plausible way to build and test the code and the codebase is big enough. (Below ~250 files the results get iffy.) We've just tested it a lot more thoroughly on app backends, because that's what we know best.
drob
·hace 7 meses·discuss
Fix is deploying, sorry about that!