HackerTrans
TopNewTrendsCommentsPastAskShowJobs

teh

no profile record

comments

teh
·23 วันที่ผ่านมา·discuss
I sometimes wonder how much of intelligence is being good with tools.

I feel pretty averagely smart but give me some good tooling like a good editor, a good type system, semantic grep, good testing and some solvers and I can actually deliver some work.

Maybe the trick isn't 500 billion parameters but a model super integrated with the task at hand for iteration and debugging?

FWIW the article really mirrors my own experience. I can run a small gemma4 for quick edits (and it's fast!) or data cleanup but for other tasks you do need a different tool (claude).
teh
·4 เดือนที่ผ่านมา·discuss
Another useful "Emergency exit" is CTRL+Z which stops the process and cannot be intercepted.

It's often faster than hitting CTRL+C and waiting for process cleanup, especially when many resources are used. Then you can do e.g. `kill -9 $(jobs -p)` to kill the stopped tasks.
teh
·4 เดือนที่ผ่านมา·discuss
Chrome uses sandboxing and a lot of safe tooling (wuffs, rust) for untrusted data.

curl is heavily fuzzed and you still mostly control what you are downloading unless the target is compromised.

With logs the attacker controls what goes into your logs.

And you don't need to really look very hard, there are a fair number of very recent stack and heap overflows: https://github.com/tstack/lnav/issues?q=is%3Aissue%20heap%20...
teh
·4 เดือนที่ผ่านมา·discuss
Super useful tool but need to be aware that this is reading potentially untrusted input (e.g. in the case of http request logs) and written in c++, so a possible attack vector. I use lnav where I trust the logs, but do wish a safe implementation existed.
teh
·4 เดือนที่ผ่านมา·discuss
There is precedent: with type checkers like pyright you can opt into specific checks, or have a basic, standard, strict setting, each expanding the set of checks done.

How would dependencies work in this schism? E.g. if serde starts using named impls, do all dependencies have to use named impls?
teh
·6 เดือนที่ผ่านมา·discuss
I can't fully answer your question but I did once spend about a week porting plain internal configuration to cue, jsonnet, dhall and a few related tools (a few thousand lines).

I was initially most excited by cue but the novelty friction turned out to be too high. After presenting the various approaches the team agreed as well.

In the end we used jsonnet which turned out to be a safe choice. It's not been a source of bugs and no one complained so far that it's difficult to understand its behaviour.