news newest ask show jobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Shipping a laptop to a refugee camp in Uganda

https://notesbylex.com/shipping-a-laptop-to-a-refugee-camp-in-uganda

374•lexandstuff•10h ago•128 comments

Why Japanese companies do so many different things

https://davidoks.blog/p/why-japanese-companies-do-so-many

629•d0ks•16h ago•311 comments

Project Glasswing: An Initial Update

https://www.anthropic.com/research/glasswing-initial-update

411•louiereederson•12h ago•242 comments

Blood Pumping Mechanism of the Hoof (2020)

https://horses.extension.org/blood-pumping-mechanism-of-the-hoof/

71•thunderbong•2d ago•12 comments

Neutron scattering explains why gluten-free pasta falls apart (2025)

https://phys.org/news/2025-09-science-spaghetti-neutron-gluten-free.html

58•layer8•2d ago•15 comments

Microsoft starts canceling Claude Code licenses

https://www.theverge.com/tech/930447/microsoft-claude-code-discontinued-notepad

207•robertkarl•14h ago•149 comments

The Quadratic Sandwich

https://fedemagnani.github.io/math/2026/04/08/the-quadratic-sandwich.html

11•cpp_frog•2d ago•0 comments

What is the history of the ERROR_ARENA_TRASHED error code?

https://devblogs.microsoft.com/oldnewthing/20260519-00/?p=112339

21•supermatou•2d ago•5 comments

Sleep research led to a new sleep apnea drug

https://temertymedicine.utoronto.ca/news/how-decades-sleep-research-led-new-sleep-apnea-drug

138•colinprince•9h ago•89 comments

CISA tries to contain data leak

https://krebsonsecurity.com/2026/05/lawmakers-demand-answers-as-cisa-tries-to-contain-data-leak/

187•speckx•14h ago•47 comments

Deno 2.8

https://deno.com/blog/v2.8

347•roflcopter69•20h ago•148 comments

A Wayland Compositor in Minecraft

https://modrinth.com/mod/waylandcraft

195•Jotalea•2d ago•39 comments

Sp.h is the standard library that C deserves

https://spader.zone/sp/

84•dboon•2d ago•77 comments

Antigravity 2.0 Tops the OpenSCAD Architectural 3D LLM Benchmark

https://modelrift.com/blog/openscad-llm-benchmark/

379•jetter•21h ago•147 comments

Open source Kanban desktop app that runs parallel agents on every card

https://www.kanbots.dev/

212•vitriapp•13h ago•121 comments

Comparing an LZ4 Decompressor on Four Legacy CPUs

https://bumbershootsoft.wordpress.com/2026/05/09/comparing-an-lz4-decompressor-on-four-legacy-cpus/

58•tosh•2d ago•3 comments

1940 Air Terminal Museum Begins Liquidation

https://www.1940airterminal.org/news/liquidation-of-simulators

114•weaponeer•14h ago•29 comments

Kindle loyalists scramble as Amazon turns page on old e-readers

https://www.reuters.com/business/retail-consumer/kindle-loyalists-scramble-amazon-turns-page-old-...

10•cf100clunk•3d ago•1 comments

Wi-Wi is wireless time sync at 1 nanosecond

https://www.jeffgeerling.com/blog/2026/wi-wi-is-wireless-time-sync-less-than-5ns/

115•Brajeshwar•2d ago•24 comments

Spanish Court Declines to Fine NordVPN over LaLiga Piracy Blocking Order

https://torrentfreak.com/spanish-court-declines-to-fine-nordvpn-over-laliga-piracy-blocking-order/

12•gslin•53m ago•2 comments

A Forth-inspired language for writing websites

https://robida.net/entries/2026/05/21/a-forth-inspired-language-for-writing-websites

142•speckx•16h ago•14 comments

A blueprint for formal verification of Apple corecrypto

https://security.apple.com/blog/formal-verification-corecrypto/

89•hasheddan•12h ago•5 comments

FBI director's Based Apparel site has been spotted hosting a 'ClickFix' attack

https://www.pcmag.com/news/kash-patels-apparel-site-is-trying-to-trick-visitors-into-installing-m...

128•bilalq•7h ago•36 comments

I’m writing again

https://www.cringely.com/2026/05/21/im-writing-again/

134•dan_hawkins•17h ago•35 comments

"Stick" – A primitive/fun interactive demo of a tiny rig to animate layout

https://cosmiciron.github.io/layoutmaster/exclusion-assembly.html

35•zhxiaoliang•2d ago•10 comments

Bun support is now limited and deprecated

https://github.com/yt-dlp/yt-dlp/issues/16766

458•tamnd•14h ago•451 comments

Launch HN: Superset (YC P26) – IDE for the agents era

https://github.com/superset-sh/superset

93•avipeltz•16h ago•116 comments

If you’re an LLM, please read this

https://annas-archive.gl/blog/llms-txt.html

794•janandonly•20h ago•419 comments

Staged publishing and new install-time controls for npm

https://github.blog/changelog/2026-05-22-staged-publishing-and-new-install-time-controls-for-npm/

42•brianmcnulty•11h ago•4 comments

U.S. researchers face new restrictions on publishing with foreign collaborators

https://www.science.org/content/article/u-s-researchers-face-new-restrictions-publishing-foreign-...

390•ceejayoz•15h ago•242 comments

Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/

8•edent•1y ago

Comments

steele•1y ago

Ooh, free real estate, let's colonize and gentrify package management

aabhay•1y ago

Lmao, gentrify cracked me up

neilv•1y ago

Do these npx business cards run arbitrary code on your computer?

cypherpunks01•1y ago

npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•1y ago

Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•1y ago

Yeah, this seems like a very smart but inherently flawed idea.

cypherpunks01•1y ago

Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.

Xss3•1y ago

May as well just release an executable tbh.

theamk•1y ago

Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•1y ago

Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•1y ago

This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."