HackerTrans
TopNewTrendsCommentsPastAskShowJobs

duriantaco

3 karmajoined anno scorso
github.com/duriantaco

Submissions

[untitled]

1 points·by duriantaco·2 mesi fa·0 comments

Why so many tools getting hacked? Tanstack, Mistral, Grafana?

techcrunch.com
1 points·by duriantaco·2 mesi fa·1 comments

[untitled]

1 points·by duriantaco·2 mesi fa·0 comments

[untitled]

1 points·by duriantaco·2 mesi fa·0 comments

[untitled]

1 points·by duriantaco·3 mesi fa·0 comments

[untitled]

1 points·by duriantaco·3 mesi fa·0 comments

[untitled]

1 points·by duriantaco·4 mesi fa·0 comments

[untitled]

1 points·by duriantaco·4 mesi fa·0 comments

Show HN: Skylos – A Python dead code finder benchmarked against 9 libraries

skylos.dev
3 points·by duriantaco·4 mesi fa·1 comments

[untitled]

1 points·by duriantaco·5 mesi fa·0 comments

Ask HN: Why dead code detection in Python is harder than most tools admit

6 points·by duriantaco·5 mesi fa·3 comments

[untitled]

1 points·by duriantaco·7 mesi fa·0 comments

[untitled]

1 points·by duriantaco·8 mesi fa·0 comments

[untitled]

1 points·by duriantaco·8 mesi fa·0 comments

[untitled]

1 points·by duriantaco·9 mesi fa·0 comments

[untitled]

1 points·by duriantaco·9 mesi fa·0 comments

[untitled]

1 points·by duriantaco·10 mesi fa·0 comments

[untitled]

1 points·by duriantaco·11 mesi fa·0 comments

[untitled]

1 points·by duriantaco·11 mesi fa·0 comments

comments

duriantaco
·21 ore fa·discuss
https://github.com/duriantaco/ravage. Working on an autonomous pentester!
duriantaco
·2 mesi fa·discuss
[dead]
duriantaco
·2 mesi fa·discuss
[dead]
duriantaco
·3 mesi fa·discuss
should log the journey down and os it!
duriantaco
·3 mesi fa·discuss
cool. did you test it on a 4090? how does it stack up?
duriantaco
·4 mesi fa·discuss
Hi HN, im the author of Skylos. We built it because traditional static analyzers (like Vulture) fall apart on modern, dynamic Python frameworks like FastAPI and Pydantic. Don't get me wrong, vulture is really really good. However, in some frameworks, they either miss a ton of dead code or throw you a lot of false positives.

So.. built a hybrid AST + LLM analyzer. We just benchmarked it against 9 popular open-source libraries to see how the data actually compares in the real world.

This is our github: github.com/duriantaco/skylos and https://github.com/duriantaco/skylos-demo this is to our benchmark. the blog post above is essentially the summary

Happy to answer any questions or hear your critiques on the methodology!
duriantaco
·5 mesi fa·discuss
First off, thanks a lot for taking the time to run Skylos against its own repo! Getting those flagged at confidence=60 is why deeper framework awareness is an immediate priority for us.

The 2 pass approach with Swynx is cool! Doing a BFS for file-level reachability first to sidestep the AST dynamic dispatch nightmare makes sense. If the module isnt even in the import graph then the confidence is practically 100%. And great callout on `__getattr__` and `importlib`.. Those dynamic edge cases are really sleeper problems for Python static analysis.

Thanks for the check on the pytest hooks and for sharing the Swynx architecture! It’s great to see how you guys tackled the dynamic nature of Python.