frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

What will enter the public domain in 2026?

https://publicdomainreview.org/features/entering-the-public-domain/2026/
147•herbertl•3h ago•35 comments

Beej's Guide to Learning Computer Science

https://beej.us/guide/bglcs/html/split/
140•intelkishan•3h ago•22 comments

DeepSeek-v3.2: Pushing the frontier of open large language models [pdf]

https://huggingface.co/deepseek-ai/DeepSeek-V3.2/resolve/main/assets/paper.pdf
698•pretext•15h ago•337 comments

India orders smartphone makers to preload state-owned cyber safety app

https://www.reuters.com/sustainability/boards-policy-regulation/india-orders-mobile-phones-preloa...
589•jmsflknr•1d ago•346 comments

Tom Stoppard has died

https://www.bbc.com/news/articles/c74xe49q7vlo
54•mstep•2d ago•7 comments

Reverse math shows why hard problems are hard

https://www.quantamagazine.org/reverse-mathematics-illuminates-why-hard-problems-are-hard-20251201/
57•gsf_emergency_6•4h ago•7 comments

Decreasing Certificate Lifetimes to 45 Days

https://letsencrypt.org/2025/12/02/from-90-to-45.html
43•abraham•3h ago•5 comments

Frequently Asked Unicycling Questions

https://vale.rocks/posts/unicycle-faq
11•edent•1h ago•5 comments

Beej's Guide to C Programming

https://beej.us/guide/bgc/
6•tambourine_man•31m ago•4 comments

Notes on Bhutan

https://apropos.substack.com/p/notes-on-bhutan
15•sg5421•5h ago•0 comments

Ghostty compiled to WASM with xterm.js API compatibility

https://github.com/coder/ghostty-web
297•kylecarbs•12h ago•92 comments

Arcee Trinity Mini: US-Trained Moe Model

https://www.arcee.ai/blog/the-trinity-manifesto?src=hn
50•hurrycane•6h ago•12 comments

Ask HN: Who is hiring? (December 2025)

246•whoishiring•14h ago•323 comments

Codex, Opus, Gemini try to build Counter Strike

https://www.instantdb.com/essays/agents_building_counterstrike
160•stopachka•3d ago•37 comments

Cartographers have been hiding illustrations inside Switzerland’s maps (2020)

https://eyeondesign.aiga.org/for-decades-cartographers-have-been-hiding-covert-illustrations-insi...
288•mhb•17h ago•55 comments

Tested: 1981 Datsun 280ZX Turbo (1981)

https://www.caranddriver.com/reviews/a69529696/1981-datsun-280-zx-turbo-archive-test/
36•RickJWagner•2d ago•44 comments

Google, Nvidia, and OpenAI

https://stratechery.com/2025/google-nvidia-and-openai/
161•tambourine_man•15h ago•146 comments

Google unkills JPEG XL?

https://tonisagrista.com/blog/2025/google-unkills-jpegxl/
287•speckx•15h ago•216 comments

AI agents find $4.6M in blockchain smart contract exploits

https://red.anthropic.com/2025/smart-contracts/
155•bpierre•7h ago•80 comments

Last Week on My Mac: Losing confidence

https://eclecticlight.co/2025/11/30/last-week-on-my-mac-losing-confidence/
359•frizlab•7h ago•190 comments

10 years of writing a blog nobody reads

https://flowtwo.io/post/on-10-years-of-writing-a-blog-nobody-reads
177•thejoeflow•4d ago•92 comments

The Penicillin Myth

https://www.asimov.press/p/penicillin-myth
158•surprisetalk•16h ago•80 comments

A Bus Ride and the (At Least) 3x UX FAILs

https://bsdly.blogspot.com/2025/11/a-bus-ride-and-at-least-3x-ux-fails.html
4•zdw•2d ago•0 comments

John Giannandrea to retire from Apple

https://www.apple.com/newsroom/2025/12/john-giannandrea-to-retire-from-apple/
76•robbiet480•8h ago•290 comments

Instagram chief orders staff back to the office five days a week in 2026

https://www.businessinsider.com/instagram-chief-adam-mosseri-announces-five-day-office-return-202...
205•mfiguiere•9h ago•234 comments

Dark Corners of Unicode (2015)

https://eev.ee/blog/2015/09/12/dark-corners-of-unicode/
10•cratermoon•3d ago•1 comments

Why I stopped using JSON for my APIs

https://aloisdeniel.com/blog/better-than-json
103•barremian•11h ago•116 comments

Ask HN: Who wants to be hired? (December 2025)

123•whoishiring•14h ago•233 comments

Durin is a library for reading and writing the Dwarf debugging format

https://github.com/tmcgilchrist/durin
65•mooreds•12h ago•16 comments

A vector graphics workstation from the 70s

https://justanotherelectronicsblog.com/?p=1429
174•ibobev•17h ago•48 comments
Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•6mo ago

Comments

steele•6mo ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•6mo ago
Lmao, gentrify cracked me up
neilv•6mo ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•6mo ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•6mo ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•6mo ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•6mo ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•6mo ago
May as well just release an executable tbh.
theamk•6mo ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•6mo ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•6mo ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."