HackerTrans
トップ新着トレンドコメント過去質問紹介求人

avdept

109 カルマ登録 3 年前

投稿

I've been fixing AI slop for 6 months and here's my observations

aislopfix.dev
2 ポイント·投稿者 avdept·20 時間前·3 コメント

[untitled]

1 ポイント·投稿者 avdept·2 か月前·0 コメント

Show HN: Linkshor.tr – free, ad-free, anonymous link shornener with API support

linkshor.tr
1 ポイント·投稿者 avdept·6 か月前·0 コメント

I switched from Ruby to elixir and built a product to learn new tool

alexsinelnikov.blog
3 ポイント·投稿者 avdept·9 か月前·0 コメント

I turned feature into full featured product

old.reddit.com
3 ポイント·投稿者 avdept·9 か月前·0 コメント

Why release notes important for your product?

medium.com
1 ポイント·投稿者 avdept·10 か月前·1 コメント

Show HN: Updatify – release notes and changelog tool

updatify.io
2 ポイント·投稿者 avdept·10 か月前·0 コメント

コメント

avdept
·20 時間前·議論
developers do(but honestly devs are much more rarely do these mistakes)

non-devs have no idea about security at all, except that they need login page lol
avdept
·20 時間前·議論
I've been fixing Ai slop code for last 6 months and here's my observations(yeah I saw that thread where folks charge $10k to fix/refactor code by reducing its size and I think its wrong approach, but this inspired me to write this post)

Few words about me so I could gain more trust before you read all text below: I'm softtare engineer, 17 years in industry, worked with pretty much any technology and language, including embedded development(had a project related to bmw kafas system) and had positions at few relatively big enterprise corpos

The first customers - I found few folks on reddit complaining about their project code quality and suggested to fix them for some fixed price. I charged $500 per project(they all were pretty small).

Alot of projects suffer from one issue - no data scoping, you could request somebody's data by just passing different id in url - be it order id, profile id, etc. Somehow all those projects were built in same manner/way. This still an issue even on modern LLMs in cases when original author isnt a technical.

Another issue was(much rarer now) - exposed private keys directly on frontend.

One more thing - a lot of apps suffer from absence of backend and passing all requests to database directly from frontend, basically opening database to everyone(you could see creds in frontend js bundle)

The most dangerous one I saw - billing related, when on error the app would swallow the error in try-catch block and basically even failed payments were treated as succesful, so one of customers(yeah it was LLM wrapper) lost some good money on failed payments by granting subscription to those folks. In fact, billing-related issues are taking a big part of fixes and refactors. For these things I usually add extensive test coverage with proper VCR cassettes, so that tests are run against real requests/responses and having VCRs I can actually have response with needed data(failure, etc)

Recently I hired a guy to help me with this work, so if you want someone to help with your app, I'm happy to assist.

Sorry for all typos, no AI used to create this text, all manually typed and edited(im not native speaker)
avdept
·10 か月前·議論
Any chance to compile it for macOS ARM?