frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

What an unprocessed photo looks like

https://maurycyz.com/misc/raw_photo/
741•zdw•5h ago•158 comments

You can make up HTML tags

https://maurycyz.com/misc/make-up-tags/
71•todsacerdoti•1h ago•23 comments

Unity's Mono problem: Why your C# code runs slower than it should

https://marekfiser.com/blog/mono-vs-dot-net-in-unity/
132•iliketrains•6h ago•65 comments

MongoBleed Explained Simply

https://bigdata.2minutestreaming.com/p/mongobleed-explained-simply
129•todsacerdoti•7h ago•49 comments

Spherical Cow

https://lib.rs/crates/spherical-cow
71•Natfan•5h ago•7 comments

As AI gobbles up chips, prices for devices may rise

https://www.npr.org/2025/12/28/nx-s1-5656190/ai-chips-memory-prices-ram
69•geox•5h ago•59 comments

Software engineers should be a little bit cynical

https://www.seangoedecke.com/a-little-bit-cynical/
127•zdw•6h ago•100 comments

PySDR: A Guide to SDR and DSP Using Python

https://pysdr.org/content/intro.html
147•kklisura•8h ago•7 comments

Researchers discover molecular difference in autistic brains

https://medicine.yale.edu/news-article/molecular-difference-in-autistic-brains/
72•amichail•5h ago•55 comments

62 years in the making: NYC's newest water tunnel nears the finish line

https://ny1.com/nyc/all-boroughs/news/2025/11/09/water--dep--tunnels-
93•eatonphil•5h ago•51 comments

Growing up in “404 Not Found”: China's nuclear city in the Gobi Desert

https://substack.com/inbox/post/182743659
719•Vincent_Yan404•21h ago•315 comments

Why I Think Valve's Retiring the Steam Deck LCD

https://gardinerbryant.com/why-valves-retiring-the-steam-deck-lcd/
4•Ariarule•37m ago•2 comments

Slaughtering Competition Problems with Quantifier Elimination (2021)

https://grossack.site/2021/12/22/qe-competition.html
39•todsacerdoti•5h ago•0 comments

Show HN: My app just won best iOS Japanese learning tool of 2025 award (blog)

https://skerritt.blog/best-japanese-learning-tools-2025-award-show/
67•wahnfrieden•4h ago•12 comments

Building a macOS app to know when my Mac is thermal throttling

https://stanislas.blog/2025/12/macos-thermal-throttling-app/
249•angristan•16h ago•108 comments

Why I Disappeared – My week with minimal internet in a remote island chain

https://www.kenklippenstein.com/p/why-i-disappeared
58•eh_why_not•6h ago•44 comments

Fast Cvvdp Implementation in C

https://github.com/halidecx/fcvvdp
20•todsacerdoti•4h ago•1 comments

Learn computer graphics from scratch and for free

https://www.scratchapixel.com
213•theusus•17h ago•26 comments

Stepping down as Mockito maintainer after ten years

https://github.com/mockito/mockito/issues/3777
235•saikatsg•8h ago•141 comments

A bitwise reproducible deep learning framework

https://github.com/microsoft/RepDL
3•noosphr•6d ago•0 comments

How to Complain (2024)

https://outerproduct.net/trivial/2024-03-25_complain.html
38•ysangkok•4h ago•3 comments

Remembering Lou Gerstner

https://newsroom.ibm.com/2025-12-28-Remembering-Lou-Gerstner
80•thm•9h ago•35 comments

Self-hosting is being enshittified

https://troubled.engineer/posts/selfhosting-in-2025/
44•StrLght•2h ago•34 comments

Writing non-English languages with a QWERTY keyboard

https://altgr-weur.eu/altgr-intl.html
20•tokai•4d ago•10 comments

Finding Jingle Town: Debugging an N64 Game Without Symbols

https://blog.chrislewis.au/finding-jingle-town-debugging-an-n64-game-without-symbols/
10•knackers•5d ago•0 comments

Doublespeak: In-Context Representation Hijacking

https://mentaleap.ai/doublespeak/
60•surprisetalk•6d ago•5 comments

No, it's not a battleship

https://www.navalgazing.net/No-its-not
111•hermitcrab•8h ago•141 comments

Time in C++: Inter-Clock Conversions, Epochs, and Durations

https://www.sandordargo.com/blog/2025/12/24/clocks-part-5-conversions
31•ibobev•2d ago•6 comments

Rust errors without dependencies

https://vincents.dev/blog/rust-errors-without-dependencies/
37•vsgherzi•1d ago•63 comments

One year of keeping a tada list

https://www.ducktyped.org/p/one-year-of-keeping-a-tada-list
242•egonschiele•6d ago•74 comments
Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•7mo ago

Comments

steele•7mo ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•7mo ago
Lmao, gentrify cracked me up
neilv•7mo ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•7mo ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•7mo ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•7mo ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•7mo ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•7mo ago
May as well just release an executable tbh.
theamk•7mo ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•7mo ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•7mo ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."