The entire permissions system feels like it's ripe for a DSL of some kind. Looking at the context implementation in src/nah/context.py and the way it hardcodes a ton of assumptions makes me think it will just be a maintenance nightmare to account for _all_ possible contexts and known commands. It would be nice to be able to express that __pycache__/ is not an important directory and can be deleted at will without having to encode that specific directory name (not that this projects hardcodes it, it's just an example to get to the point).
I can imagine an agentic loop that updates dependencies à la Dependabot/Renovate-style by going through the changelog of a new version, reviewing new code changes, and evaluating whether it's worth it to upgrade (or even dangerous to do so, either from stability or security point of view). Too often these tools are used to blindly respin builds with the latest and greatest versions, which is what gets most people in trouble when their NPM deps become malicious.
How would the LLM provider get any information about your reading habits from the app? The LLM is used _before_ the news content is served to you, the reader.
I actually find the relevant PR/MR discussion a lot more useful than the commit messages themselves. So any git blame is just to get a commit hash and look that up in GitLab/GitHub to see the entire change set and any comments around it. It makes me wish those comments were bundled with the merge commit somehow and could easily be accessed in the terminal where I'm viewing the git history.
Not quite the same thing. Google's features seem to give the model the ability to control the browser, not just act upon the text within a given web page.
I tend to agree. If this was built as a true browser enhancement, it would allow you to select the model of your choice or even plug it into a locally running LLM. This being exclusive to Gemini just juices up their usage numbers to make their investments more justifiable. I wonder if Firefox will ever introduce any similar features.
Since so many vendors discovered these packages seemingly independently, you'd think that they would share those mechanisms with NPM itself so that those packages would never be published in the first place. But I guess that removes their ability to sell an "early alert" mechanism through their offerings...
What is everyone using their local LLMs for primarily? Unless you have a beefy machine, you'll never approach the level of quality of proprietary models like Gemini or Claude, but I'm guessing these smaller models still have their use cases, just not sure what those are.
The title of this article is simply false. The CVE Program is a separate entity from MITRE and is most definitely not ending. The CVE Program has been acquiring assets from MITRE for years now. That is why the main site shifted from cve.mitre.org to cve.org. MITRE has always simply been the workhorse of the program, and now that is being shifted to others (CVE foundation, which has global representation).
This looks great! I've considered building a simple device with an LED matrix that looks similar to this, but could never figure out what gives the LEDs the muted look. All of the devices mentioned here (Tidbyt Gen2, Lamarca, Ulanzi, even the busy.bar) have it. Is the back-pannel just an LED matrix with a custom acrylic in front of it? How do they ensure the light from individual LEDs doesn't bleed into its neighbor?