frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•1y ago

Comments

steele•1y ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•1y ago
Lmao, gentrify cracked me up
neilv•1y ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•1y ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•1y ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•1y ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•1y ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•1y ago
May as well just release an executable tbh.
theamk•1y ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•1y ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•1y ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."

OpenPrinter

https://www.opentools.studio/
305•bouh•3h ago•91 comments

Organic Maps

https://organicmaps.app/
771•tosh•9h ago•217 comments

Show HN: Homegames. An open-source game platform I've been making for 8 years

https://homegames.io
76•homegamesjoseph•2h ago•25 comments

New AI tutor achieves 0.71-1.30 SD effect size in Dartmouth course [pdf]

https://intextbooks.science.uu.nl/workshop2026/files/itb26_s1s2.pdf
116•jonahbard•5h ago•77 comments

Connections in Math: the two kinds of random

https://stillthinking.net/posts/connections-in-math-two-kinds-of-random/
7•pcael•42m ago•3 comments

The future of Flipper Zero development

https://blog.flipper.net/future-of-flipper-zero-development/
208•croes•5h ago•76 comments

Composite Video on the NES: Why's it so wobbly?

https://nicole.express/2026/phase-altering-by-line.html
26•zdw•2h ago•2 comments

Has_not_been_viewed_much

https://iamwillwang.com/notes/has-not-been-viewed-much/
6•wxw•24m ago•0 comments

Mr. Baby Paint and accidentally discovering a new cellular automata

https://tekstien-marginaalien-keskus.aalto.fi/residenssi/heikki/blog/004-december-2/
95•jfil•2d ago•17 comments

Starring the Computer

https://www.starringthecomputer.com/computers.html
155•gitowiec•6h ago•38 comments

It's not about physical vs. digital games, it's about ownership

https://popcar.bearblog.dev/its-about-ownership/
289•popcar2•9h ago•221 comments

Al Vigier: Canada's AI strategy shouldn't include secret Palantir bills

https://www.readtheline.ca/p/al-vigier-canadas-ai-strategy-shouldnt
4•ClearwayLaw•9m ago•2 comments

Dungeon Proof Crawler: learn how to write proofs with RPG

https://dhilst.github.io/algae/game/index.html
26•SchwKatze•3h ago•12 comments

Pint in England

https://dispatch-media.com/the-best-pint-in-england/
28•gripfx•3h ago•11 comments

Delta flight hit by firework while landing at Midway Airport on Fourth of July

https://www.nbcchicago.com/news/local/delta-flight-hit-by-firework-while-landing-at-midway-airpor...
46•randycupertino•4h ago•28 comments

Cursed circuits #5: capacitance multiplier

https://lcamtuf.substack.com/p/cursed-circuits-capacitance-multiplier
38•surprisetalk•4h ago•2 comments

Dependencies should be fetched directly from VCS

https://www.arp242.net/deps-vcs.html
31•mrngm•3h ago•19 comments

CoCom regulations and GPS receivers for balloons and cubesats

https://space.stackexchange.com/questions/14687/current-situation-with-cocom-regulations-and-gps-...
15•vinnyglennon•2h ago•4 comments

DNSGlobe – Rust TUI to watch DNS propagate around the world

https://github.com/514-labs/dnsglobe
14•Callicles•2h ago•10 comments

Introduction to Compilers and Language Design (2021)

https://dthain.github.io/books/compiler/
265•AlexeyBrin•12h ago•45 comments

You need a webring

https://shub.club/writings/2026/july/you-need-a-webring/
47•forthwall•5h ago•31 comments

Show HN: Osint tool that finds exposed files on domains

https://search.cerast-intelligence.com/
21•PatchRequest•3h ago•7 comments

Zero-copy in Go: sendfile, splice, and the cost of io.Copy

https://segflow.github.io/post/zero-copy-sendfile-splice/
51•mrngm•3h ago•8 comments

Completing a computer science degree on Coursera

https://notesbylex.com/completing-a-computer-science-degree-on-coursera
77•lexandstuff•2h ago•48 comments

Zuckerberg says AI agent development going slower than expected

https://www.reuters.com/business/zuckerberg-says-ai-agent-development-going-slower-than-expected-...
53•cwwc•3d ago•199 comments

Run Windows 2000 on a DEC Alpha with a new es40 fork

https://raymii.org/s/blog/Run_Windows_2000_for_Dec_Alpha_on_a_new_es40_fork.html
100•jandeboevrie•10h ago•53 comments

Had an idea for a Rust editor with simple Vim mode for learning

https://github.com/electronicsleep/rust-vim
9•ElectronicSleep•2h ago•1 comments

Artificial Adventures

https://www.scattered-thoughts.net/writing/artificial-adventures/
11•jamii•3d ago•1 comments

Lean Software Scaling Laws

https://gwern.net/lean-scaling
4•gmays•8h ago•0 comments

We Always Leave Things Unfinished

https://bigreaderbadgrades.substack.com/p/we-always-leave-things-unfinished
37•bryanrasmussen•3d ago•1 comments