22:[["$","$L24","ask",{"type":"ask","initialPosts":[{"by":"carlostkd","descendants":1,"id":48333319,"kids":[48334235,48333536],"score":2,"text":"You should read this before you install any #npm package. Because the author mentioned the taking advantage of the #AI #hallucinations but forgot that attackers can also "instruct" AIs to make reference to a malicious package

https://blog.gaborkoos.com/posts/2026-05-29-How-to-Evaluate-an-npm-Package-2026-Edition/?utm_source=reddit&utm_medium=social&utm_campaign=how-to-evaluate-an-npm-package-2026-edition&utm_content=r_netsec

#infosec #cybersecurity #ethicalhacking #news #privacy","time":1780123229,"title":"NPM Packages Attacks","type":"story"},{"by":"jimsojim","descendants":8,"id":48325208,"kids":[48333978,48325671,48327794,48332737,48325741,48327571,48329271,48329630,48333547,48333366,48327927,48327988,48326096,48325723,48327816,48330044],"score":13,"text":"As someone who picked up coding around the time AI and agents started becoming more mainstream, I realize I don’t have much knowledge about the best way to architect applications, and I often end up going with whatever the agent recommends. I wanted to check with the community: do you have any recommendations on what I should be doing to get better at overall architecture planning?

I do ask AI a lot of questions, but it would be good to have a non-AI frame of reference that I can rely on. I find that having a structured starting point really helps me challenge and evaluate some of the outputs.","time":1780071225,"title":"Ask HN: Any advice on how to learn good software architecture practices?","type":"story"},{"by":"Bulbasaur2015","descendants":4,"id":48326267,"kids":[48333158,48326402,48326942,48331187,48332676],"score":8,"text":"better place to ask over /r/LocalLLaMA","time":1780075205,"title":"Ask HN: If I cancel Codex today whats the next best local inference agent?","type":"story"},{"by":"chistev","descendants":3,"id":48334224,"kids":[48334894,48334597,48334251,48334257],"score":8,"time":1780132153,"title":"Ask HN: What's the hardest problem you've ever solved?","type":"story"},{"by":"meteor333","descendants":8,"id":48329446,"kids":[48331914,48331917,48332277,48331912,48330588,48330502,48333573,48331480,48331346,48331841,48331151,48333378],"score":8,"text":"We are facing flooding and surge in PRs across the teams. AI reviewer tools are good, but not exactly helping in efficiency. Almost all developers are experiencing velocity gains in programming but it's not resulting into eventual productivity or velocity in roadmap. How are you or your org dealing with all this?","time":1780089689,"title":"Ask HN: How is your org managing PR review load as AI multiplies code output?","type":"story"},{"by":"chistev","descendants":1,"id":48334367,"kids":[48334496,48334452],"score":6,"time":1780133626,"title":"Ask HN: What Are You Thankful For?","type":"story"},{"by":"ronyeh","descendants":0,"id":48327706,"score":4,"text":"$25","time":1780081000,"title":"FYI: Dreamina is shady; do not use","type":"story"},{"by":"seattle_spring","descendants":29,"id":48312377,"kids":[48316936,48321869,48330731,48313582,48316452,48317120,48318444,48312767,48319740,48318211,48312826,48312425,48316196,48320405,48324707,48320261],"score":17,"text":"I'm seeing an enormous contingency of my LinkedIn connections change their titles to "AI Engineer." I know for a fact that they're not working on any models or even AI workflows, they're just building apps and backends using AI tools like Claude.

Is that what "AI Engineer" means nowadays? Is that what companies are looking for when they open recs for "AI Engineer"? Should I be marketing myself as an "AI Engineer" just because I'm very efficient using modern AI tooling to build good non-AI software?","time":1779989210,"title":"Ask HN: What Is an \"AI Engineer\"?","type":"story"},{"by":"ex-aws-dude","descendants":11,"id":48315680,"kids":[48334261,48316726,48317500,48320546,48320662,48326000,48320796,48324948,48322185,48319858,48316232,48319688,48332665,48319825],"score":10,"text":"Does using claude code make you more/less likely to use front end frameworks?

I've been using it for a while to develop internal tools and I've been really impressed at how you can build complex applications with just pure HTML/CSS/JS

Previously I'd use React but now its not as clear to me the reason I would do that since either way I would just be developing through Claude.

It feels almost like the framework is just an implementation detail.

I find myself using a lot less libraries in general as well.

It kind of gives you a bit of NIH syndrome since the time cost is so low to roll your own sometimes.","time":1780003326,"title":"Ask HN: Does Claude Code remove the need for so many front-end frameworks?","type":"story"},{"by":"Mnexium","descendants":5,"id":48323554,"kids":[48326951,48333669,48323716,48323999,48325225,48325047],"score":7,"text":"Generally curious how folks are using LLM APIs today.

Are folks doing anything bespoke, unique or different?

I think we've seen a lot of usage with harnesses, CLIs, Cursor/Windsurf etc which uses the APIs underneath.

If you are using the API itself, what does your architecture look like with said API?","time":1780065019,"title":"Ask HK: How are you building AI apps today?","type":"story"},{"by":"wwwthrowaway256","descendants":16,"id":48312716,"kids":[48313084,48313926,48320878,48330440,48319231,48318135,48314952,48314214,48314775,48315477],"score":21,"text":"Using a throwaway account right now for obvious reasons.

I have a friend at my company that has access to some insider stuff who (subtley) tipped me off that I'm on the chopping block for upcoming layoffs.

Obviously, I'm trying to resume-spam now, but I am pretty sure that cold applying to companies doesn't work anymore, because every job posting is immediately botted to shit (and a lot of job postings are fake anyway).

So...what do people actually do to find work now? Is it really just going through your metaphorical Rolodex and bothering friends/previous coworkers and asking if that can forward your resume?","time":1779990610,"title":"Ask HN: I found out that I'm about to be laid off. How do people find jobs?","type":"story"},{"by":"widenrun","descendants":108,"id":48275508,"kids":[48276332,48275908,48276095,48275953,48275900,48276210,48297629,48275780,48277118,48278176,48276532,48276017,48276379,48285478,48277460,48276441,48275803,48291460,48275859,48278570,48275842,48276830,48276191,48280143,48277003,48276865,48276097,48279259,48280064,48280047,48275805,48276108],"score":152,"text":"I asked this in 2024 and would love to see the change: https://news.ycombinator.com/item?id=41748125","time":1779774575,"title":"Ask HN: Is anyone working at least 4 hours daily on an Apple Vision Pro?","type":"story"},{"by":"nextma","descendants":0,"id":48304365,"score":2,"text":"I built a Linux CLI tool that encrypts and decrypts folders using AES-256-GCM. It also hides file and folder names and stores the mapping in an encrypted file.

Repo: https://github.com/sahilPadmani/ACE-files-encryption","time":1779941201,"title":"C++ CLI for folder encryption with AES-256-GCM and USB-based key loading","type":"story"},{"by":"cinericius","descendants":4,"id":48309371,"kids":[48310039,48309398],"score":12,"text":"$26","time":1779978213,"title":"Garnix, the Nix CI, is shutting down","type":"story"},{"by":"blenderob","descendants":17,"id":48307584,"kids":[48315515,48308161,48330983,48310455,48307650,48321672,48315854,48331971,48311521,48308246],"score":12,"text":"There seem to be a lot of opinion pieces about GenAI on the front page lately. How do others feel about this?

I feel conflicted. I understand that GenAI is one of the biggest topics in tech right now. Yeah it makes sense that it gets a lot of attention. But I would find it a loss if the front page became too heavily skewed towards commentary on a single topic... more so when there are so many other technical areas worth discussing.","time":1779968813,"title":"Ask HN: How do you feel about posts about GenAI taking over the HN front page?","type":"story"},{"by":"Austin_Conlon","descendants":1,"id":48329193,"kids":[48329698],"score":4,"time":1780088404,"title":"Ask HN: Thoughts on the current state of tech meetups in the SF Bay Area?","type":"story"},{"by":"saeedq","descendants":0,"id":48317054,"kids":[48322906],"score":4,"text":"Hey all, I built brinicle, an in-process C++ vector engine with a python wrapper that consumes substantially less memory, while staying quite fast.\nOn 1.2 million Amazon products, it achieves sub-ms P99 latency.\nIt also supports lexical search, and hybrid search.\nIn the hybrid search, we did not try to build two indexes and then fuse results, we create ONE HNSW Graph and utilize it for semantic, lexical, and hybrid search.\nbenchmark comparisons: https://brinicle.bicardinal.com/benchmark\nhybrid search benchmark comparisons: https://brinicle.bicardinal.com/search_benchmark\nRepository::\ngithub.com/bicardinal/brinicle","time":1780011509,"title":"A disk-first C++ vector engine","type":"story"},{"by":"kendy1992","descendants":1,"id":48305896,"kids":[48325597],"score":3,"text":"See this project https://github.com/Sphere-AI-Lab/orbit.","time":1779954169,"title":"Train 1T parameter LLM with 8 GPUs?","type":"story"},{"by":"talkingtab","descendants":1,"id":48315950,"kids":[48326496],"score":10,"text":"The problem:

1. You try email routing provided by cloudflare.

2. It does not work for you

3. Somehow you get your DNS into an odd state. email routing is disabled because it is misconfigured.

4. You cannot delete your dkim record without first disabling email routing.

5. You cannot disable email routing because it is already disabled because it is misconfigured!!

6. Cloudflare only allow "guided" support for free accounts, and guides you to /dev/null for attempting this kind of problem.","time":1780004667,"title":"Do not use Cloudflare DNS regsitrar","type":"story"},{"by":"osigurdson","descendants":20,"id":48304668,"kids":[48305155,48304933,48304883,48304924,48310018,48305607,48305944,48307511,48307775,48305130,48306000],"score":6,"text":"I've been wondering, why don't we have a chrome fork that only accepts sites hosted in the EU? If a site is hosted in the EU then it can be fully regulated by the EU.

This would make it easier for citizens to know that their data is is safe (according to EU standards) and avoids the regulatory complexities of trying to enforce rules in other countries.

Thoughts?","time":1779943963,"title":"Ask HN: Why not have an EU browser?","type":"story"},{"by":"MaxTeabag","descendants":5,"id":48271934,"kids":[48305370,48286763,48299373,48293672,48272654,48272635],"score":20,"text":"$27","time":1779744883,"title":"Sqlit – A lazygit-style TUI for SQL databases","type":"story"},{"by":"chistev","descendants":10,"id":48328127,"kids":[48328863,48328387,48331951,48331771,48328576,48328925],"score":10,"time":1780083244,"title":"Ask HN: What was the best decision you made in your career?","type":"story"},{"by":"escot","descendants":1,"id":48285139,"kids":[48288352,48306189,48304287,48288659,48303217],"score":5,"text":"Say you’re making a chess game. A valid board only has one piece per square, or zero. But, you have an algo that generates boards by moving pieces around and during that algo you may move a piece on top of another and then later decide to move one of them to get back to valid.

Do you try to use some existing Board type and just avoid in your algo those invalid states (like by using a stack or some data structure to avoid iteratively moving pieces one at a time).

Do you have a separate InvalidBoard type that allows multiple pieces per square?

I think it’s context dependent but I’m curious how you’ve seen this handled in different ways.","time":1779825386,"title":"Ask HN: How do you model temporarily invalid data structures","type":"story"},{"by":"hliyan","descendants":3,"id":48270275,"kids":[48274070,48273840,48273897],"score":17,"text":"$28","time":1779735058,"title":"Did the Linux memory management maintainer \"just quit\"?","type":"story"}]}]]

NPM Packages Attacks

Ask HN: Any advice on how to learn good software architecture practices?

Ask HN: If I cancel Codex today whats the next best local inference agent?

Ask HN: What's the hardest problem you've ever solved?

Ask HN: How is your org managing PR review load as AI multiplies code output?

Ask HN: What Are You Thankful For?

FYI: Dreamina is shady; do not use

Ask HN: What Is an "AI Engineer"?

Ask HN: Does Claude Code remove the need for so many front-end frameworks?

Ask HK: How are you building AI apps today?

Ask HN: I found out that I'm about to be laid off. How do people find jobs?

Ask HN: Is anyone working at least 4 hours daily on an Apple Vision Pro?

C++ CLI for folder encryption with AES-256-GCM and USB-based key loading

Garnix, the Nix CI, is shutting down

Ask HN: How do you feel about posts about GenAI taking over the HN front page?

Ask HN: Thoughts on the current state of tech meetups in the SF Bay Area?

A disk-first C++ vector engine

Train 1T parameter LLM with 8 GPUs?

Do not use Cloudflare DNS regsitrar

Ask HN: Why not have an EU browser?

Sqlit – A lazygit-style TUI for SQL databases

Ask HN: What was the best decision you made in your career?

Ask HN: How do you model temporarily invalid data structures

Did the Linux memory management maintainer "just quit"?

NPM Packages Attacks

Comments

NPM Packages Attacks

Ask HN: Any advice on how to learn good software architecture practices?

Ask HN: If I cancel Codex today whats the next best local inference agent?

Ask HN: What's the hardest problem you've ever solved?

Ask HN: How is your org managing PR review load as AI multiplies code output?

Ask HN: What Are You Thankful For?

FYI: Dreamina is shady; do not use

Ask HN: What Is an "AI Engineer"?

Ask HN: Does Claude Code remove the need for so many front-end frameworks?

Ask HK: How are you building AI apps today?

Ask HN: I found out that I'm about to be laid off. How do people find jobs?

Ask HN: Is anyone working at least 4 hours daily on an Apple Vision Pro?

C++ CLI for folder encryption with AES-256-GCM and USB-based key loading

Garnix, the Nix CI, is shutting down

Ask HN: How do you feel about posts about GenAI taking over the HN front page?

Ask HN: Thoughts on the current state of tech meetups in the SF Bay Area?

A disk-first C++ vector engine

Train 1T parameter LLM with 8 GPUs?

Do not use Cloudflare DNS regsitrar

Ask HN: Why not have an EU browser?

Sqlit – A lazygit-style TUI for SQL databases

Ask HN: What was the best decision you made in your career?

Ask HN: How do you model temporarily invalid data structures

Did the Linux memory management maintainer "just quit"?