frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•1y ago

Comments

steele•1y ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•1y ago
Lmao, gentrify cracked me up
neilv•1y ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•1y ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•1y ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•1y ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•1y ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•1y ago
May as well just release an executable tbh.
theamk•1y ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•1y ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•1y ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."

Mysteries of Telegram Data Centers

https://dev.moe/en/3025
131•theanonymousone•3h ago•32 comments

Codex Micro

https://openai.com/supply/co-lab/work-louder/
26•davidbarker•32m ago•17 comments

J-space comparisons across open models

https://eliebak.com/viz/jspace-open-v2
17•babelfish•48m ago•2 comments

Prioritize mental health, and why communication is so important

https://ramones.dev/posts/mental-health/
159•ramon156•5h ago•88 comments

Primate Is the Last Great Web Framework

https://superarch.org/theanswerisc/primate-is-the-last-great-framework.html
8•terrablue•9m ago•0 comments

Show HN: misa77 - a codec that decodes 2x faster than LZ4 (at better ratios)

https://github.com/welcome-to-the-sunny-side/misa77
15•nonadhocproblem•46m ago•1 comments

Running Gemma 4 26B at 5 tokens/SEC on a 13-year-old Xeon with no GPU

https://www.neomindlabs.com/2026/06/08/running-gemma-4-26b-at-5-tokens-sec-on-a-13-year-old-xeon-...
20•neomindryan•1h ago•5 comments

Sleep regularity is a stronger predictor of mortality risk than sleep duration (2023)

https://academic.oup.com/sleep/article/47/1/zsad253/7280269
506•bilsbie•4h ago•249 comments

Launch HN: Coasty (YC S26) – An API for computer-use agents

https://coasty.ai/docs
8•nkov47•54m ago•0 comments

Open-source memory for coding agents, synced over SSH

https://github.com/vshulcz/deja-vu/
7•vshulcz•30m ago•4 comments

Jurassic Park computers in excruciating detail

https://fabiensanglard.net/jurrasic_park_computers/index.html
762•vinhnx•13h ago•195 comments

The well-calibrated Bayesian [pdf] (1982)

https://fitelson.org/seminar/dawid.pdf
36•Murfalo•2h ago•8 comments

DEA to Temporarily Schedule 7-Oh and Related Substances to Protect Public Safety

https://www.dea.gov/press-releases/2026/07/01/dea-temporarily-schedule-7-oh-and-related-substance...
47•gnabgib•1h ago•60 comments

When A.I. Is a Member of the Family

https://www.newyorker.com/magazine/2026/07/20/when-ai-is-a-member-of-the-family
8•fortran77•1h ago•4 comments

Jiga (YC W21) is hiring the best people to make manufacturing great again

https://jiga.io/about-us/
1•grmmph•4h ago

Collection of Digital Clock Designs

https://clocks.dev
3•levmiseri•12m ago•0 comments

Weathergotchi – an open-source climate Tamagotchi

https://github.com/Michael-Manning/E-Paper-Climate-Logger
79•luanmuniz•5h ago•22 comments

SpaceX bond worth 10% less than issue price – heading for junk bond status

https://www.ft.com/content/3a023b95-66c3-41e1-b0ce-df752a499541
396•youngtaff•3h ago•337 comments

The Conservationist Who Turned 40 Terabytes of Public Data into a Video Game

https://blog.exe.dev/meet-the-conservationist-who-turned-40-terabytes-of-government-data-into-a-v...
45•bryanmikaelian•1d ago•5 comments

The Memory Heist

https://www.ayush.digital/blog/the-memory-heist
22•eieio•21h ago•2 comments

What Every Python Developer Should Know About the CPython ABI

https://labs.quansight.org/blog/python-abi-abi3t
22•matt_d•3d ago•2 comments

What designing 54 computer science cards taught me about graphic design

https://fhoehl.com/designing-algodeck
4•marukodo•23m ago•0 comments

Towards a Harness That Can Do Anything

https://eardatasci.github.io/c/ambiance/index.html
72•evakhoury•2h ago•45 comments

Nat Slipstreaming v2.0 allows an attacker to remotely access any TCP/UDP service

https://sa.my/slipstream/
6•_____k•58m ago•2 comments

Briar Is in Maintenance Mode

https://briarproject.org/news/2026-maintenance-mode/
91•ristello•4h ago•66 comments

The age of the Universe from a large sample of the oldest Galactic stars

https://arxiv.org/abs/2607.00764
5•root-parent•1h ago•0 comments

What's the most popular number in Hacker News titles?

https://blog.omgmog.net/post/most-popular-numbers-in-hn-post-titles/
33•omgmog•4h ago•18 comments

C3 0.8.2 a Modest Improvement

https://c3-lang.org/blog/0_8_2_a_modest_improvement/
5•lerno•1d ago•3 comments

Show HN: 18KB ls alternative in no_std rust and Libc

https://crates.io/crates/fli-tool
11•tracyspacy•2h ago•2 comments

A Trip to 90s Kansai: Exploring the XD FirstClass Network BBS

https://cdrom.ca/games/2026/05/30/xd.html
49•zetamax•1d ago•9 comments