frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Giant trees have no trouble pumping water to top branches

https://news.exeter.ac.uk/faculty-of-environment-science-and-economy/giant-trees-have-no-trouble-...
72•hhs•2h ago•33 comments

Leanstral 1.5: Proof Abundance for All

https://mistral.ai/news/leanstral-1-5/
62•programLyrique•2h ago•10 comments

Odin, Wikipedia and Engagement Farming

https://katamari64.se/posts/2026/odin-wikipedia/
43•stock_toaster•1h ago•38 comments

Soatok's Informal Guide to Threat Models

https://soatok.blog/2026/06/30/soatoks-informal-guide-to-threat-models/
15•zdw•35m ago•2 comments

Steam Controller Auto-Charge – pilot to magnetic charging puck using CV

https://github.com/FossPrime/Steam-Controller-Auto-Charge
56•zdw•2h ago•9 comments

SearXNG: A free internet metasearch engine

https://github.com/searxng/searxng
124•theanonymousone•4h ago•38 comments

The circuit that lets your brain think and see

https://www.engineering.columbia.edu/about/news/circuit-lets-your-brain-think-and-see
24•hhs•2h ago•4 comments

GLM5.2 on AMD MI355X at 2626 tok/s/node at over 2x lower cost than Blackwell

https://www.wafer.ai/blog/glm52-amd
68•latchkey•3h ago•18 comments

Amsterdam invented the fire department

https://worksinprogress.co/issue/how-amsterdam-invented-the-fire-department/
32•zdw•2h ago•7 comments

MSI Center – How to gain SYSTEM privileges in seconds

https://mrbruh.com/msicenter/
5•MrBruh•13m ago•0 comments

What does privatization of the US Postal Service mean?

https://phenomenalworld.org/analysis/unstitching-america/
14•htunnicliff•1h ago•4 comments

Jamesob's guide to running SOTA LLMs locally

https://github.com/jamesob/local-llm
269•livestyle•10h ago•124 comments

Applied Category Theory Course (2018)

https://math.ucr.edu/home/baez/act_course/index.html
45•measurablefunc•4h ago•6 comments

Infracost (YC W21) Is Hiring a Marketing Lead to Shift FinOps Left

https://www.ycombinator.com/companies/infracost/jobs/YTJcFwr-marketing-lead
1•akh•4h ago

Espionage Against the European Parliament

https://citizenlab.ca/research/member-of-committee-investigating-spyware-hacked-with-pegasus/
259•ledoge•4h ago•64 comments

Dispersion loss counteracts embedding condensation in small language models

https://chenliu-1996.github.io/projects/LM-Dispersion/
20•E-Reverance•2h ago•5 comments

We put a Redis server inside our runtime

https://encore.dev/blog/redis-runtime
18•eandre•2d ago•6 comments

New serious vulnerabilities spiked around release of Claude Mythos Preview

https://epoch.ai/data-insights/cve-severity-spike
34•cubefox•3h ago•7 comments

Costco is the anti-Amazon

https://phenomenalworld.org/analysis/the-anti-amazon/
287•bookofjoe•9h ago•265 comments

Notes from Building Tinkerfont

https://mighil.com/notes-from-building-tinkerfont
6•surprisetalk•2d ago•0 comments

Africans Are Turning to Starlink

https://www.economist.com/middle-east-and-africa/2026/07/02/africans-are-turning-to-starlink
101•bookofjoe•4h ago•91 comments

Factories are just rooms

https://interconnected.org/home/2026/07/03/factories
189•arbesman•9h ago•76 comments

International chess federation sanctions Kramnik

https://www.fide.com/fide-ethics-disciplinary-commission-issues-a-decision-in-case-involving-gm-v...
117•DarkContinent•8h ago•62 comments

FreeBSD ate my RAM

https://crocidb.com/post/freebsd-ate-my-ram/
85•theanonymousone•6h ago•36 comments

Scientists discover guidance system for migratory songbirds

https://news.exeter.ac.uk/faculty-of-environment-science-and-economy/scientists-discover-guidance...
5•bit_economist•1h ago•0 comments

GitFut – Your GitHub stats turned into a World-Cup-style player card

https://gitfut.com
13•redbell•2h ago•7 comments

Software, from First Principles

https://fazamhd.com/mental-models/software/
25•faza•3h ago•7 comments

Hunting a 16-year-old SQLite WAL bug with TLA+

https://ubuntu.com/blog/hunting-a-16-year-old-sqlite-bug-with-tla-is-dqlite-affected
167•peterparker204•3d ago•14 comments

I Could Kill You with a Consumer Drone

https://www.defenseone.com/ideas/2017/06/i-could-kill-you-consumer-drone/139012/
10•bookofjoe•49m ago•5 comments

Wordgard: In-browser rich-text editor from the creator of ProseMirror

https://wordgard.net/
258•indy•16h ago•90 comments
Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•1y ago

Comments

steele•1y ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•1y ago
Lmao, gentrify cracked me up
neilv•1y ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•1y ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•1y ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•1y ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•1y ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•1y ago
May as well just release an executable tbh.
theamk•1y ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•1y ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•1y ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."