frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•10mo ago

Comments

steele•10mo ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•10mo ago
Lmao, gentrify cracked me up
neilv•10mo ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•10mo ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•10mo ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•10mo ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•10mo ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•10mo ago
May as well just release an executable tbh.
theamk•10mo ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•10mo ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•10mo ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."

ChatGPT Won't Let You Type Until Cloudflare Reads Your React State

https://www.buchodi.com/chatgpt-wont-let-you-type-until-cloudflare-reads-your-react-state-i-decry...
208•alberto-m•2h ago•146 comments

Coding Agents Could Make Free Software Matter Again

https://www.gjlondon.com/blog/ai-agents-could-make-free-software-matter-again/
19•rogueleaderr•22m ago•8 comments

The Cognitive Dark Forest

https://ryelang.org/blog/posts/cognitive-dark-forest/
149•kaycebasques•3h ago•75 comments

Voyager 1 runs on 69 KB of memory and an 8-track tape recorder

https://techfixated.com/a-1977-time-capsule-voyager-1-runs-on-69-kb-of-memory-and-an-8-track-tape...
336•speckx•6h ago•143 comments

Midnight train from GA: A view of America from the tracks as airports struggle

https://isp.netscape.com/news/story/0001/20260329/e4d8ea591b3b036142c2bf2dee7dff5a
49•walterbell•2h ago•37 comments

Pretext: TypeScript library for multiline text measurement and layout

https://github.com/chenglou/pretext
157•emersonmacro•1d ago•19 comments

C++26 is done ISO C++ standards meeting, Trip Report

https://herbsutter.com/2026/03/29/c26-is-done-trip-report-march-2026-iso-c-standards-meeting-lond...
134•pjmlp•4h ago•104 comments

Ohm's Peg-to-WASM Compiler

https://ohmjs.org/blog/2026/03/12/peg-to-wasm
20•azhenley•2d ago•3 comments

Show HN: Crazierl – An Erlang Operating System

https://crazierl.org/demo/
21•toast0•2h ago•6 comments

The RISE RISC-V Runners: free, native RISC-V CI on GitHub

https://riseproject.dev/2026/03/24/announcing-the-rise-risc-v-runners-free-native-risc-v-ci-on-gi...
100•thebeardisred•3d ago•23 comments

The road signs that teach travellers about France

https://www.bbc.com/travel/article/20260327-the-road-signs-that-teach-travellers-about-france
19•1659447091•2h ago•1 comments

Neovim 0.12.0

https://github.com/neovim/neovim/releases/tag/v0.12.0
248•pawelgrzybek•5h ago•106 comments

More on Version Control

https://bramcohen.com/p/more-on-version-control
36•velmu•3h ago•4 comments

Creating West Coast Buddhism (2024)

https://letter.palladiummag.com/p/creating-west-coast-buddhism
37•surprisetalk•3d ago•14 comments

The rise and fall of IBM's 4 Pi aerospace computers: an illustrated history

https://www.righto.com/2026/03/ibm-4-pi-computer-history.html
56•zdw•6h ago•19 comments

AyaFlow: A high-performance, eBPF-based network traffic analyzer written in Rust

https://github.com/DavidHavoc/ayaFlow
69•tanelpoder•7h ago•4 comments

Kyushu Railway Company Train Varieties

https://www.jrkyushu.co.jp/english/train/index.html
32•NaOH•3h ago•1 comments

Show HN: QuickBEAM – run JavaScript as supervised Erlang/OTP processes

https://github.com/elixir-volt/quickbeam
60•dannote•1d ago•9 comments

Show HN: I made a "programming language" looking for feedback

https://github.com/alonsovm44/glupe
20•alonsovm•4h ago•19 comments

Observations from carbon dioxide monitoring

https://grieve-smith.com/ftn/2026/03/nine-observations-from-carbon-dioxide-monitoring/
36•coloneltcb•2d ago•12 comments

The Epistemology of Microphysics

https://www.edwardfeser.com/unpublishedpapers/microphysics.html
35•danielam•4d ago•20 comments

LinkedIn uses 2.4 GB RAM across two tabs

548•hrncode•13h ago•327 comments

Nitrile and latex gloves may cause overestimation of microplastics

https://news.umich.edu/nitrile-and-latex-gloves-may-cause-overestimation-of-microplastics-u-m-stu...
481•giuliomagnifico•12h ago•213 comments

Miasma: A tool to trap AI web scrapers in an endless poison pit

https://github.com/austin-weeks/miasma
267•LucidLynx•12h ago•199 comments

Sky Wins Irish Court Order to Unmask 300 Pirate IPTV Users via Revolut Bank

https://torrentfreak.com/sky-wins-irish-court-order-to-unmask-300-pirate-iptv-users-via-revolut-b...
40•nixass•2h ago•9 comments

Police used AI facial recognition to wrongly arrest TN woman for crimes in ND

https://www.cnn.com/2026/03/29/us/angela-lipps-ai-facial-recognition
304•ourmandave•8h ago•118 comments

A nearly perfect USB cable tester

https://blog.literarily-starved.com/2026/02/technology-the-nearly-perfect-usb-cable-tester-does-e...
259•birdculture•3d ago•140 comments

Full network of clitoral nerves mapped out for first time

https://www.theguardian.com/society/2026/mar/29/full-network-clitoral-nerves-mapped-out-first-tim...
200•onei•6h ago•66 comments

'Project Hail Mary' Crosses $300M in Sales to Become Amazon/MGM's Highest-Gross

https://variety.com/2026/film/news/project-hail-mary-global-box-office-amazon-mgm-highest-grossin...
10•gnabgib•20m ago•2 comments

My MacBook Keyboard Is Broken and It's Insanely Expensive to Fix

https://tobiasberg.net/posts/my-macbook-keyboard-is-broken-and-its-insanely-expensive-to-fix/
104•TobiasBerg•3h ago•108 comments