HackerTrans
TopNewTrendsCommentsPastAskShowJobs

duriantaco

3 karmajoined ano passado
github.com/duriantaco

Submissions

[untitled]

1 points·by duriantaco·há 2 meses·0 comments

Why so many tools getting hacked? Tanstack, Mistral, Grafana?

techcrunch.com
1 points·by duriantaco·há 2 meses·1 comments

[untitled]

1 points·by duriantaco·há 2 meses·0 comments

[untitled]

1 points·by duriantaco·há 2 meses·0 comments

[untitled]

1 points·by duriantaco·há 2 meses·0 comments

[untitled]

1 points·by duriantaco·há 3 meses·0 comments

[untitled]

1 points·by duriantaco·há 4 meses·0 comments

[untitled]

1 points·by duriantaco·há 4 meses·0 comments

Show HN: Skylos – A Python dead code finder benchmarked against 9 libraries

skylos.dev
3 points·by duriantaco·há 4 meses·1 comments

[untitled]

1 points·by duriantaco·há 5 meses·0 comments

Ask HN: Why dead code detection in Python is harder than most tools admit

6 points·by duriantaco·há 5 meses·3 comments

[untitled]

1 points·by duriantaco·há 7 meses·0 comments

[untitled]

1 points·by duriantaco·há 8 meses·0 comments

[untitled]

1 points·by duriantaco·há 8 meses·0 comments

[untitled]

1 points·by duriantaco·há 9 meses·0 comments

[untitled]

1 points·by duriantaco·há 9 meses·0 comments

[untitled]

1 points·by duriantaco·há 10 meses·0 comments

comments

duriantaco
·há 17 horas·discuss
https://github.com/duriantaco/ravage. Working on an autonomous pentester!
duriantaco
·há 2 meses·discuss
[dead]
duriantaco
·há 2 meses·discuss
[dead]
duriantaco
·há 3 meses·discuss
should log the journey down and os it!
duriantaco
·há 3 meses·discuss
cool. did you test it on a 4090? how does it stack up?
duriantaco
·há 4 meses·discuss
Hi HN, im the author of Skylos. We built it because traditional static analyzers (like Vulture) fall apart on modern, dynamic Python frameworks like FastAPI and Pydantic. Don't get me wrong, vulture is really really good. However, in some frameworks, they either miss a ton of dead code or throw you a lot of false positives.

So.. built a hybrid AST + LLM analyzer. We just benchmarked it against 9 popular open-source libraries to see how the data actually compares in the real world.

This is our github: github.com/duriantaco/skylos and https://github.com/duriantaco/skylos-demo this is to our benchmark. the blog post above is essentially the summary

Happy to answer any questions or hear your critiques on the methodology!
duriantaco
·há 5 meses·discuss
First off, thanks a lot for taking the time to run Skylos against its own repo! Getting those flagged at confidence=60 is why deeper framework awareness is an immediate priority for us.

The 2 pass approach with Swynx is cool! Doing a BFS for file-level reachability first to sidestep the AST dynamic dispatch nightmare makes sense. If the module isnt even in the import graph then the confidence is practically 100%. And great callout on `__getattr__` and `importlib`.. Those dynamic edge cases are really sleeper problems for Python static analysis.

Thanks for the check on the pytest hooks and for sharing the Swynx architecture! It’s great to see how you guys tackled the dynamic nature of Python.