HackerTrans
トップ新着トレンドコメント過去質問紹介求人

thefreeman

no profile record

投稿

TeamPCP Campaign Spreads to NPM via a Hijacked Bitwarden CLI

research.jfrog.com
3 ポイント·投稿者 thefreeman·3 か月前·0 コメント

コメント

thefreeman
·23 日前·議論
Can you share more information on the post-LLM processing and the prompt you use? I would like to try this out but don't see any post-LLM options in Handy.

edit: nevermind, found info on the docs about how to enable post processing. Would still be interested in your prompt though if you don't mind sharing!
thefreeman
·先月·議論
How can you make this comment before even having a chance to try the new major model revision?
thefreeman
·先月·議論
Redis is not a database. It’s a key / value store.
thefreeman
·2 か月前·議論
I think that was his point
thefreeman
·2 か月前·議論
My money is on unauthed mongodb or public s3 bucket
thefreeman
·2 か月前·議論
Well trump mobile almost definitely doesn't have a network, systems, or infrastructure to begin with. So I guess they are technically correct.
thefreeman
·2 か月前·議論
You can also define required dependencies in a doc block at the top of the file and then just “uv run main” and it will automatically install and cache any dependencies and run. https://docs.astral.sh/uv/guides/scripts/
thefreeman
·4 か月前·議論
yes, there were a large number of AWS products and features that were only available with a subscription
thefreeman
·4 か月前·議論
You can just start claude with the —chrome flag too and it will connect to the chrome extension.
thefreeman
·4 か月前·議論
don't you get a tax penalty if you aren't insured for 100% of the year?
thefreeman
·5 か月前·議論
the emdash is right there for all to see
thefreeman
·6 か月前·議論
I think this is what the Ralph Wiggum plugin is for. It just repeatedly reprompts the llm with the same prompt until it is fully complete or something along those lines.
thefreeman
·8 か月前·議論
You put a CDN in front of it and heavily cache when serving to external customers
thefreeman
·10 か月前·議論
No, it says it is restricted. You need to set a private attribute on the webview to enable it. And if you interact with private APIs your app will be rejected in review.
thefreeman
·10 か月前·議論
It also barely meets the definition of "a vulnerability report". He basically just nmap scanned the server and googled the apache version. The "critical" vulnerability he linked requires controlling a backend server being reverse proxied through apache... so completely irrelevant. I didn't read every CVE for the apache version but I am doubtful there is anything that actually allows taking over the server there.