frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•1y ago

Comments

steele•1y ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•1y ago
Lmao, gentrify cracked me up
neilv•1y ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•1y ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•1y ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•1y ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•1y ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•1y ago
May as well just release an executable tbh.
theamk•1y ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•1y ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•1y ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."

Workers Cache

https://blog.cloudflare.com/workers-cache/
85•ilreb•1h ago•20 comments

Anthropic's Method to Losing Goodwill in a Few Easy Steps

https://raheeljunaid.com/blog/anthropics-method-to-losing-goodwill-in-a-few-easy-steps/
73•raheelrjunaid•1h ago•27 comments

Real-time map of Great Britain's rail network

https://www.map.signalbox.io
250•scrlk•4h ago•98 comments

Aluminum Foil

https://dernocua.github.io/notes/aluminum-foil.html
15•firephox•42m ago•1 comments

Fable 5 On Vending-Bench: Misbehaving, With Plausible Deniability

https://andonlabs.com/blog/fable5-vending-bench
21•optimalsolver•1h ago•3 comments

Real time map of France's rail network

https://carto.tchoo.net/
12•appreciatorBus•50m ago•1 comments

Why low-latency Java still requires discipline?

https://chronicle.software/insights/blogs/why-low-latency-java-still-requires-discipline
13•theanonymousone•1h ago•0 comments

Road to Elm 1.0

https://elm-lang.org/news/faster-builds
121•wolfadex•2h ago•60 comments

Show HN: Scan your AI agents for dangerous capabilities

https://github.com/makerchecker/MakerChecker
13•smashini•54m ago•6 comments

Show HN: Pet Reminder – A macOS reminder app with a desktop pet

https://reminder.w3cub.com/
10•terryXyz•1h ago•3 comments

GPT-5.6 Sol Ultra will be in Codex

https://twitter.com/thsottiaux/status/2073933490513752151
356•mfiguiere•13h ago•304 comments

The AI Marketing Backlash: Why 'AI-First' Brands Are Starting to Fall Flat

https://www.breef.com/breefingroom/articles/the-ai-marketing-backlash-why-ai-first-brands-are-sta...
44•hasudon7171•1h ago•23 comments

When 2+2=5

https://arstechnica.com/security/2026/06/ai-browsers-can-be-lulled-into-a-dream-world-where-guard...
13•noashavit•3d ago•2 comments

Introduction to Genomics for Engineers

https://learngenomics.dev/docs/biological-foundations/cells-genomes-dna-chromosomes/
109•yreg•4d ago•14 comments

Bryan Johnson: I have an autoimmune disease. My stomach is eating itself

https://twitter.com/bryan_johnson/status/2072069730517860385
34•danso•1h ago•21 comments

Has_not_been_viewed_much

https://iamwillwang.com/notes/has-not-been-viewed-much/
384•wxw•14h ago•101 comments

Building relationships with customers through support didn't turn out as hoped

https://www.uncommonapps.nyc/p/castro-podcasts-things-i-got-wrong-support
232•dabluck•12h ago•145 comments

C programmers commit fresh crimes against readability

https://www.theregister.com/offbeat/2026/07/05/c-programmers-commit-fresh-crimes-against-readabil...
72•Bender•2h ago•6 comments

The Fear of Dying Before You Become Yourself

https://www.dailicle.com/read/the-fear-of-dying-before-you-become-yourself
16•dotcoma•54m ago•10 comments

Nintendo announces new product revisions in Europe with replaceable batteries

https://www.nintendo.com/en-gb/Support/Nintendo-Switch-2/Information-about-upcoming-battery-relat...
25•akyuu•53m ago•15 comments

The Complete Homemade Juggling Beanbag Guide

https://www.joshuaclifton.com/juggle/
36•mrauha•4d ago•5 comments

Regression to the Mean: on LLMs and the quiet death of the new

https://rruxandra.github.io/regression-to-the-mean.html
48•rruxandra_l•50m ago•44 comments

OpenPrinter

https://www.opentools.studio/
1012•bouh•17h ago•244 comments

X402, a static blog monetization excercise

https://shtein.me/posts/x402-poc/
16•morty28•3h ago•10 comments

How the U.S. Engineered Its Sovereignty

https://spectrum.ieee.org/us-engineered-sovereignty
47•rbanffy•3h ago•38 comments

My quest to see all of Tetris

https://antithesis.com/blog/2026/tetris-quest/
43•wwilson•3d ago•11 comments

Does code cleanliness affect coding agents? A controlled minimal-pair study

https://arxiv.org/abs/2605.20049
166•softwaredoug•15h ago•83 comments

Show HN: Paint the Earth on a live, interactive globe (collaborative art.)

https://earth.tattoo
14•earth-tattoo•3h ago•8 comments

Zuckerberg says AI agent development going slower than expected

https://www.reuters.com/business/zuckerberg-says-ai-agent-development-going-slower-than-expected-...
298•cwwc•3d ago•524 comments

Show HN: Homegames. An open-source game platform I've been making for 8 years

https://homegames.io
201•homegamesjoseph•16h ago•52 comments