frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

The Zilog Z80 has turned 50

https://goliath32.com/blog/z80.html
36•st_goliath•50m ago•3 comments

AWS: Inaccurate Estimated Billing Data – $1.7 billion

866•nprateem•10h ago•475 comments

First atmosphere found on Earth-like planet in habitable zone of distant star

https://www.bbc.com/news/articles/cy4kdd1e0ejo
271•neversaydie•6h ago•190 comments

Learning a few things about running SQLite

https://jvns.ca/blog/2026/07/17/learning-about-running-sqlite/
75•surprisetalk•2h ago•18 comments

Frame – Linux X server in Assembly

https://isene.org/2026/07/Frame.html
103•guybedo•5h ago•60 comments

Kimi K3, and what we can still learn from the pelican benchmark

https://simonwillison.net/2026/Jul/16/kimi-k3/
191•droidjj•6h ago•110 comments

The state of open source AI

https://stateofopensource.ai/
302•rellem•6h ago•209 comments

Three ways people respond to a problem (other than solving it)

https://improvesomething.today/responses-to-problems/
146•surprisetalk•6h ago•71 comments

Frank Lloyd Wright’s first home

https://www.architecturaldigest.com/story/frank-lloyd-wright-home-and-studio-everything-you-need-...
45•NaOH•4d ago•22 comments

A Road to Lisp: Which Lisp

https://scotto.me/blog/2026-07-17-which-lisp/
140•silcoon•6h ago•89 comments

Show HN: A zoomable timeline of 4M Wikipedia events

https://app.everything.diena.co/
16•lortex•1h ago•5 comments

AI Meets Cryptography 2: What AI Found in OpenVM's ZkVM

https://blog.zksecurity.xyz/posts/openvm-bugs/
68•duha•6h ago•0 comments

Show HN: Watch bots interact with an SSH honeypot in real time

https://honeypotlive.cc/
116•tusksm•6h ago•44 comments

More Bounce to the Ounce

https://mceglowski.substack.com/p/more-bounce-to-the-ounce
81•pavel_lishin•6h ago•26 comments

EEG shows brain can simultaneous encode two speech streams

https://journals.plos.org/plosbiology/article?id=10.1371/journal.pbio.3003876
238•giuliomagnifico•14h ago•155 comments

Show HN: Explore the Workspaces of Modern Creators

https://workspaces.xyz/
41•ryangilbert•4h ago•34 comments

Estimating the heights of New Yorkers from their scuff marks

https://blog.jse.li/posts/smith9street/
22•eat_veggies•3d ago•3 comments

Pebble Mega Update – July 2026

https://repebble.com/blog/pebble-mega-update-july-2026
245•crazysaem•16h ago•159 comments

Manufact (YC S25) Is Hiring a Senior infra engineer to build the MCP cloud

https://www.ycombinator.com/companies/manufact/jobs/Dh6PYP5-senior-infrastructure-engineer
1•luigipederzani•7h ago

Homomorphically encrypted CIFAR-10 inference in 200ms

https://sofar.belfortlabs.cloud/
22•j2kun•4h ago•24 comments

Flock CEO Apologizes for Calling Activists 'Terrorists'

https://www.forbes.com/sites/thomasbrewster/2026/07/17/flock-ceo-sorry-for-labelling-activists-te...
14•chaps•38m ago•6 comments

Apple targets dozens of OpenAI employees with legal letters

https://www.ft.com/content/1b8c9d52-88a9-426b-ba47-f1811f859166
331•merksittich•8h ago•276 comments

Faster binary search: from compiled code to mechanical sympathy

https://pythonspeed.com/articles/branchless-binary-search/
50•enz•5d ago•11 comments

Latent Space as a New Medium

https://kevinkelly.substack.com/p/latent-space-as-a-new-medium
61•thm•4d ago•18 comments

MoonBASIC: A modern BASIC for building 2D and 3D games

https://github.com/CharmingBlaze/moonbasic
12•klaussilveira•3d ago•3 comments

Short sellers notch $8.7B profit as SpaceX shares dip to IPO price

https://www.reuters.com/business/media-telecom/short-sellers-rack-up-87-bln-profit-spacex-slips-b...
122•1vuio0pswjnm7•5h ago•88 comments

Camera Chase Vehicle

https://transistor-man.com/gimbal_camera_rover.html
175•geerlingguy•1w ago•18 comments

VulnHunter: Capital One's agentic AI code security tool

https://www.capitalone.com/tech/open-source/announcing-vulnhunter/
49•medina•7h ago•28 comments

Decoy Font

https://www.mixfont.com/experiments/decoy-font
678•ray__•1d ago•152 comments

Kimi K3: Open Frontier Intelligence

https://www.kimi.com/blog/kimi-k3
1971•vincent_s•1d ago•1143 comments
Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•1y ago

Comments

steele•1y ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•1y ago
Lmao, gentrify cracked me up
neilv•1y ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•1y ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•1y ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•1y ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•1y ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•1y ago
May as well just release an executable tbh.
theamk•1y ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•1y ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•1y ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."