HackerLangs
TopNewTrendsCommentsPastAskShowJobs

mrshu

no profile record

Submissions

TIL: You can make HTTP requests without curl using Bash /dev/TCP

mareksuppa.com
548 points·by mrshu·há 25 dias·238 comments

Storing Claude Code API keys in KeePassXC instead of plaintext config

mareksuppa.com
3 points·by mrshu·há 4 meses·3 comments

TIL: You can attach images to GitHub PRs from the CLI (and your agents can too)

mareksuppa.com
4 points·by mrshu·há 4 meses·1 comments

comments

mrshu
·há 19 dias·discuss
By far the most impactful product of the Apretus project are the people. To quote a memorable line from Dominique Paul (https://www.thisiscrispin.com/):

> What most people miss IMO is that this is not a team who is doing this for the fourth time like virtually any other LLM provider and who could learn from its own past experiences. I bet if the team would do another model training they could get way better results at one fourth of the costs.
mrshu
·há 24 dias·discuss
You are right, I am not sure why I did not realize Python is the whole point of the image. This is indeed much faster and easier.
mrshu
·há 24 dias·discuss
An old habit that unfortunately makes one indistinguishable from LLMs these days...
mrshu
·há 24 dias·discuss
It's pretty rough to learn I sound like Claude. Will need to do something about it then.

(For what it's worth I did write the message above manually but I understand why no one would believe that now. At least I did not call netcat "load-bearing" [https://mareksuppa.com/til/load-bearing/] or something...)
mrshu
·há 24 dias·discuss
Yes, a very minimal image indeed. Had it been a custom image, curl would be one of the first things I would make sure it contains :)
mrshu
·há 24 dias·discuss
> No, it can not. Bash lets you open TCP sockets.

Very fair pushback -- I did get carried away and will update the article to be more precise. Thanks for raising it!

> For less insane, non-bash shells there is always nc which is usually probably the wiser choice.

For completeness, `nc` or any netcat equvialent I could think of was not available in the image I was trying this with. It would certainly be a better option though.
mrshu
·há 24 dias·discuss
Totally!

I was really just trying to see if intra-container connectivity works, and this ended up being a very quick way of doing so. (The alternative being building and deploying a new image, which would likely take significantly longer.)
mrshu
·há 24 dias·discuss
That is indeed a solid pushback! :)

For what its worth, this container used `python:3.12.2-slim-bookworm` and I really would not expect that sort of an image to bundle `curl` -- even if it is intended for production.
mrshu
·há 25 dias·discuss
I ran into this while checking connectivity between containers on an internal Docker network where the image had neither curl nor wget.

The main surprise was that Bash has /dev/tcp which lets you do the equivalent of an HTTP request with a bit of shell magic, for instance:

  exec 3<>/dev/tcp/service/8642
  printf 'GET /health HTTP/1.1\r\nHost: service\r\nConnection: close\r\n\r\n' >&3
  cat <&3

Where `service` is just the hostname of whatever you’re talking to and 8642 is the port you are trying to talk HTTP to.

Pretty cool!
mrshu
·há 2 meses·discuss
I have also had positive experience with doing this multiple times via multiple model families, and then to recursively have the fixes reviewed too.

It's called review-anvil and does find significant amount of problems that might pop up:

https://github.com/mrshu/agent-skills/#review-anvil
mrshu
·há 2 meses·discuss
Their uptime for just Git operations has been hit pretty hard in the past 90 days:

https://mrshu.github.io/github-statuses/
mrshu
·há 3 meses·discuss
Well, some of the original commits are indeed quite telling!

https://github.com/amantus-ai/vibetunnel/commits/main/?after...
mrshu
·há 4 meses·discuss
Author here. I wrote this after setting up Claude Code with MiniMax and Z.AI and realizing their docs all tell you to paste API keys into settings.json in plaintext -- which is risky given that Claude Code has been known to read .env files and leak contents into session transcripts. I already use KeePassXC, so I wrote a shell wrapper that fetches the key at invocation time and passes it as an inline env var. Nothing is written to disk. The same pattern works with any password manager CLI -- op read for 1Password, bw get password for Bitwarden, pass show for pass. Happy to answer questions.
mrshu
·há 4 meses·discuss
It really seems the primary benefit of MCP servers was to force companies to establish some externally exposed APIs if/when they did not have them.
mrshu
·há 5 meses·discuss
To be fair, it's not like he did not read a single line of code that ended up being generated.
mrshu
·há 5 meses·discuss
This (multiple major outages a day) has unfortunately been happening for quite a while now -- on the 2nd of February, 2026 for instance.

The GitHub Status Page does not visualize these very well but you can see them parsed out and aggregated here:

https://mrshu.github.io/github-statuses/
mrshu
·há 5 meses·discuss
Here it is. It looks like they are down to a single 9 at this point across all services:

https://mrshu.github.io/github-statuses/
mrshu
·há 5 meses·discuss
GitHub no longer publishes aggregate numbers so here they are parsed out. It looks like they are down to a single 9 at this point across all services:

https://mrshu.github.io/github-statuses/
mrshu
·há 5 meses·discuss
Some projects (like the pi coding agent) use a gated approach for first-time contributors:

https://github.com/badlogic/pi-mono/blob/main/CONTRIBUTING.m...

Here is what it looks like in practice:

https://github.com/badlogic/pi-mono/issues/1218
mrshu
·há 5 meses·discuss
Peter Steinberger, the author of Clawdbot / Moltbot

https://steipete.me/