Off-topic but is there an effort to test AI models against code versions with major historic bugs (Heartbleed, GHOST, log4j, etc)? Seems like the kind of thing that would be relevant in security-related AI benchmarks.
For those looking for help with SOC2 compliance, I had a good experience with another YC company, Vanta. That was some years ago so not sure if anything has changed since then but I would recommend checking them out.
One tool I've found useful in low-power/low-bandwidth situations is the Lynx web browser [1]. Used to be installed by default in most Linux distributions but I think that's probably not the case anymore. Wikipedia says its also available on OSX and Windows.
Regarding feedback on whether sandboxing would be useful, yes, please! Including something like Docker sandboxes would make isolating the agent env’s much less of a hassle.
As an aside, I’m curious how others are handling this now… Mostly just creating dedicated user accounts?
Google’s efforts there seem laudable. They have an internal db for tracking issues that employees identify, resolve them promptly (according to the notes in the db and their response to the article authors), and generally seem to be taking the issues reported seriously.
I have more trust for google after reading that, which is not what I expected
`node --experimental-transform-types example.ts`
As for whether this matches your definition of "native support" or not...
Source: https://nodejs.org/en/blog/release/v22.7.0