frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•1y ago

Comments

steele•1y ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•1y ago
Lmao, gentrify cracked me up
neilv•1y ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•1y ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•1y ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•1y ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•1y ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•1y ago
May as well just release an executable tbh.
theamk•1y ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•1y ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•1y ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."

For first time, a cell built from scratch grows and divides

https://www.quantamagazine.org/for-the-first-time-a-cell-built-from-scratch-grows-and-divides-202...
308•defrost•2h ago•90 comments

Physical disc production ending in Jan 2028 for new games on PlayStation

https://blog.playstation.com/2026/07/01/physical-disc-production-ending-in-january-2028-for-new-g...
243•Tiberium•5h ago•301 comments

How We Made IPFS Content Publishing 10x Faster

https://probelab.io/blog/optimistic-provide/
48•dennis-tra•1h ago•5 comments

Box3D, an open source 3D physics engine

https://box2d.org/posts/2026/06/announcing-box3d/
216•makepanic•5h ago•40 comments

Monetization Gateway

https://blog.cloudflare.com/monetization-gateway/
108•soheilpro•3h ago•36 comments

Ask HN: Who is hiring? (July 2026)

43•whoishiring•2h ago•63 comments

Internal Combustion Engine

https://ciechanow.ski/internal-combustion-engine/
108•StefanBatory•4h ago•9 comments

Apple 'Hide My Email' Vulnerability Reveals Peoples' Real Email Addresses

https://easyoptouts.com/guides/apple-hide-my-email-is-leaking-email-addresses
58•sashk•6h ago•4 comments

Ask HN: Who wants to be hired? (July 2026)

33•whoishiring•2h ago•90 comments

Fixing a kubelet memory leak in Kubernetes 1.36

https://heyoncall.com/blog/fixing-kubernetes-kubelet-memory-leak
17•compumike•15h ago•3 comments

Meta loses bid to dismiss US states' claims that FB, Instagram addict children

https://www.reuters.com/legal/government/meta-loses-bid-dismiss-us-states-claims-that-facebook-in...
99•tartoran•1h ago•24 comments

Launch HN: Parsewise (YC P25) – Reason Across Documents with an API

29•gergelycsegzi•3h ago•20 comments

Sony Deletes 551 Movies PlayStation Owners Paid For

https://reclaimthenet.org/sony-deletes-551-studiocanal-movies-playstation-owners-paid-for
199•bilsbie•2h ago•99 comments

Manufact (YC S25) Is Hiring a Developer Advocate in SF

https://www.ycombinator.com/companies/manufact/jobs/4cyWd6S-developer-advocate-partnerships-devrel
1•luigipederzani•3h ago

Red Programming Language: Static linking support

https://www.red-lang.org/2026/06/static-linking-support.html
49•em-bee•1d ago•6 comments

Asahi Linux 7.1 Progress Report

https://asahilinux.org/2026/06/progress-report-7-1/
442•pantalaimon•7h ago•146 comments

1-Bit Pixel Art Emojis

https://hypertalking.com/2023/05/15/1-bit-pixel-art-emojis/
54•surprisetalk•6d ago•8 comments

Reduce GVisor Cold Starts with GPU Snapshotting

https://cerebrium.ai/blog/reducing-gpu-cold-starts-with-memory-snapshots-restoring-cuda-workloads...
20•jono_irwin•59m ago•5 comments

Nintendo has raised its employees base salary by 10%

https://mynintendonews.com/2026/06/26/nintendo-has-raised-its-employees-base-salary-by-10/
384•_tk_•5h ago•198 comments

FFmpeg 9.1's new AAC encoder

https://hydrogenaudio.org/index.php/topic,129691.0.html
10•ledoge•3h ago•7 comments

Newly discovered spider builds spring loaded snare to catch ants

https://phys.org/news/2026-06-newly-australian-ballista-spider-snare.html
204•chimpanzee•2d ago•44 comments

Ray Tracer in SQL

https://github.com/ClickHouse/RayTracer
27•kbumsik•2h ago•6 comments

Most arguments are about ego, not ideas

https://wangcong.org/2026-06-30-why-i-stopped-arguing-with-people.html
536•backlit4034•3h ago•417 comments

Show HN: GolemUI – The new paradigm for JavaScript forms

https://golemui.com
12•wtfdeveloper•2h ago•20 comments

Department of Commerce has lifted export controls on Claude Fable 5 and Mythos 5

https://twitter.com/AnthropicAI/status/2072106151890809341
871•Pragmata•17h ago•573 comments

Solid and Clean Code never felt solid or clean to me

https://devz.cl/posts/solid-never-felt-solid/
10•DanielVZ•1h ago•4 comments

Show HN: PMB – local memory for coding agents that shows if it is used

https://pmbai.dev
7•oleksiibond•2d ago•3 comments

ArXiv's Next Chapter

https://blog.arxiv.org/2026/06/30/arxivs-next-chapter/
244•subset•14h ago•77 comments

Obfuscation: Building the final boss of cryptography (Part I)

https://vitalik.eth.limo/general/2026/06/29/obfuscation1.html
67•fbrusch•2d ago•9 comments

A retrospective of my time on the internet

https://cleberg.net/blog/internet.html
233•felixdoerp•6h ago•237 comments