frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•1y ago

Comments

steele•1y ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•1y ago
Lmao, gentrify cracked me up
neilv•1y ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•1y ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•1y ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•1y ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•1y ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•1y ago
May as well just release an executable tbh.
theamk•1y ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•1y ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•1y ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."

Apertus – Open Foundation Model for Sovereign AI

https://apertvs.ai/
124•T-A•2h ago•35 comments

Did my old job only exist because of fraud?

https://david.newgas.net/did-my-old-job-only-exist-because-of-fraud/
116•advisedwang•2h ago•33 comments

Everything Is Logarithms

https://alexkritchevsky.com/2026/05/25/everything-is-logarithms.html
71•E-Reverance•2h ago•10 comments

JSON-LD Explained for Personal Websites

https://hawksley.dev/blog/json-ld-explained-for-personal-websites/
137•ethanhawksley•4h ago•37 comments

PowerFox Browser

https://powerfox.jazzzny.me/
44•thisislife2•2h ago•13 comments

Prefer duplication over the wrong abstraction (2016)

https://sandimetz.com/blog/2016/1/20/the-wrong-abstraction
411•rafaepta•7h ago•272 comments

Identity verification on Claude

https://support.claude.com/en/articles/14328960-identity-verification-on-claude
512•bathory•11h ago•474 comments

Simple hard way to conjugate Japanese verbs

https://underreacted.leaflet.pub/3mmevu6woys27
8•valzevul•57m ago•3 comments

I Gave an AI a Civilization to Run. It Built a Nuke – Launching CivBench

https://www.lwilko.com/blog/i-gave-an-ai-a-civilization
13•LiamWilko•1h ago•4 comments

HPV jabs cut risk of dying from cervical cancer before 30 to almost zero

https://www.theguardian.com/society/2026/jun/17/hpv-jabs-reduce-risk-dying-cervical-cancer-before...
97•toomuchtodo•3d ago•39 comments

Beyond All Reason (Free Total Annihilation Inspired RTS)

https://www.beyondallreason.info
415•mosiuerbarso•12h ago•248 comments

The minimum viable unit of saleable software

https://brandur.org/minimum-viable-unit
113•brandur•7h ago•46 comments

Stop wasting tokens and re explaining your project between sessions

https://github.com/raiyanyahya/recall
52•mateenah•2h ago•40 comments

(How to Write a (Lisp) Interpreter (In Python)) (2010)

https://norvig.com/lispy.html
160•tosh•8h ago•50 comments

FDA advisors unanimously vote to approve Moderna's mRNA after agency drama

https://arstechnica.com/health/2026/06/fda-advisors-unanimously-vote-to-approve-modernas-mrna-aft...
66•worik•2h ago•34 comments

An Embedded Linux on a Single Floppy

https://github.com/w84death/floppinux
54•modinfo•2d ago•23 comments

Ask for no, don't ask for yes (2022)

https://www.mooreds.com/wordpress/archives/3518
85•skogstokig•3h ago•39 comments

There is minimal downside to switching to open models

https://www.marble.onl/posts/cancel_claude.html
10•amarble•2h ago•0 comments

Show HN: Teach your kids perfect pitch

https://github.com/paytonjjones/bsharp
34•paytonjjones•11h ago•20 comments

Wildcard (YC W25) is hiring an applied ML engineer

https://www.ycombinator.com/companies/wildcard/jobs/SEmo4di-founding-applied-ml-engineer
1•kaushikmahorker•6h ago

Minecraft: Java Edition 26.2, the first version with Vulkan 1.2

https://www.minecraft.net/en-us/article/minecraft-java-edition-26-2
32•ObviouslyFlamer•4d ago•7 comments

Tell HN: Happy Fathers Day

235•consumer451•6h ago•30 comments

Occupancy Math on the AMD MI355X: A From-First-Principles Guide

https://indianspeedster.github.io/blog/occupancy-math-mi355x/
42•skidrow•4d ago•4 comments

Djevops: Self-Host Django Easily

https://github.com/mherrmann/djevops
21•mherrmann•3d ago•5 comments

Cocktail Optimization, an Integer Programming Problem

https://bunkum.us/2026/06/18/cocktail-ingredients-milp
25•ftgregg•2d ago•4 comments

A 3D voxel game engine written in APL

https://github.com/namgyaaal/avoxelgame
147•sph•15h ago•13 comments

Developers don't understand CORS (2019)

https://fosterelli.co/developers-dont-understand-cors
355•toilet•22h ago•251 comments

Running MicroVMs in Proxmox VE, the Easy Way

https://taoofmac.com/space/blog/2026/06/18/1845
210•zdw•2d ago•38 comments

Proportional-Integral-Derivative (PID) controllers

https://en.wikipedia.org/wiki/PID_controller
90•dhorthy•2d ago•50 comments

Excessive nil pointer checks in Go

https://konradreiche.com/blog/excessive-nil-pointer-checks-in-go/
100•ingve•3d ago•77 comments