HackerTrans
TopNewTrendsCommentsPastAskShowJobs

duriantaco

3 karmajoined năm ngoái
github.com/duriantaco

Submissions

[untitled]

1 points·by duriantaco·2 tháng trước·0 comments

Why so many tools getting hacked? Tanstack, Mistral, Grafana?

techcrunch.com
1 points·by duriantaco·2 tháng trước·1 comments

[untitled]

1 points·by duriantaco·2 tháng trước·0 comments

[untitled]

1 points·by duriantaco·2 tháng trước·0 comments

[untitled]

1 points·by duriantaco·2 tháng trước·0 comments

[untitled]

1 points·by duriantaco·3 tháng trước·0 comments

[untitled]

1 points·by duriantaco·4 tháng trước·0 comments

[untitled]

1 points·by duriantaco·4 tháng trước·0 comments

Show HN: Skylos – A Python dead code finder benchmarked against 9 libraries

skylos.dev
3 points·by duriantaco·4 tháng trước·1 comments

[untitled]

1 points·by duriantaco·5 tháng trước·0 comments

Ask HN: Why dead code detection in Python is harder than most tools admit

6 points·by duriantaco·5 tháng trước·3 comments

[untitled]

1 points·by duriantaco·7 tháng trước·0 comments

[untitled]

1 points·by duriantaco·8 tháng trước·0 comments

[untitled]

1 points·by duriantaco·8 tháng trước·0 comments

[untitled]

1 points·by duriantaco·9 tháng trước·0 comments

[untitled]

1 points·by duriantaco·9 tháng trước·0 comments

[untitled]

1 points·by duriantaco·10 tháng trước·0 comments

comments

duriantaco
·19 giờ trước·discuss
https://github.com/duriantaco/ravage. Working on an autonomous pentester!
duriantaco
·2 tháng trước·discuss
[dead]
duriantaco
·2 tháng trước·discuss
[dead]
duriantaco
·3 tháng trước·discuss
should log the journey down and os it!
duriantaco
·3 tháng trước·discuss
cool. did you test it on a 4090? how does it stack up?
duriantaco
·4 tháng trước·discuss
Hi HN, im the author of Skylos. We built it because traditional static analyzers (like Vulture) fall apart on modern, dynamic Python frameworks like FastAPI and Pydantic. Don't get me wrong, vulture is really really good. However, in some frameworks, they either miss a ton of dead code or throw you a lot of false positives.

So.. built a hybrid AST + LLM analyzer. We just benchmarked it against 9 popular open-source libraries to see how the data actually compares in the real world.

This is our github: github.com/duriantaco/skylos and https://github.com/duriantaco/skylos-demo this is to our benchmark. the blog post above is essentially the summary

Happy to answer any questions or hear your critiques on the methodology!
duriantaco
·5 tháng trước·discuss
First off, thanks a lot for taking the time to run Skylos against its own repo! Getting those flagged at confidence=60 is why deeper framework awareness is an immediate priority for us.

The 2 pass approach with Swynx is cool! Doing a BFS for file-level reachability first to sidestep the AST dynamic dispatch nightmare makes sense. If the module isnt even in the import graph then the confidence is practically 100%. And great callout on `__getattr__` and `importlib`.. Those dynamic edge cases are really sleeper problems for Python static analysis.

Thanks for the check on the pytest hooks and for sharing the Swynx architecture! It’s great to see how you guys tackled the dynamic nature of Python.