frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Building my npx business card

https://ashley.dev/posts/turning-feedback-into-features/
8•edent•1y ago

Comments

steele•1y ago
Ooh, free real estate, let's colonize and gentrify package management
aabhay•1y ago
Lmao, gentrify cracked me up
neilv•1y ago
Do these npx business cards run arbitrary code on your computer?
cypherpunks01•1y ago
npx

Run a command from a local or remote npm package

Description

This command allows you to run an arbitrary command from an npm package (either one installed locally, or fetched remotely), in a similar context as running it via npm run.

neilv•1y ago
Yes, then is a "command from an npm package" arbitrary code?

And what is this "similar context as running it via npm run"?

Would it be better to answer the question directly?

joshka•1y ago
Yeah, this seems like a very smart but inherently flawed idea.
cypherpunks01•1y ago
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Xss3•1y ago
May as well just release an executable tbh.
theamk•1y ago
Reminds me of JAPH [0] - a tiny Perl program that was used in email/newsgroup signature to give it personal touch.

[0] https://www.perlmonks.org/?node_id=412464

watusername•1y ago
Terminal business cards are a nice idea, but RCE business cards are just asking for trouble. Instead of npx, what happened to good'ol curl? Something like

$ curl ashley.dev

Some decades ago, we had finger (https://en.wikipedia.org/wiki/Finger_%28protocol%29) which is designed for this very use case. Sadly it's no longer installed by default with most distros:

$ finger @ashley.dev

queezey•1y ago
This would be a great advertisement for security consulting.

"I was just able to run arbitrary code on your computer. Here is a sample of your recent browser history. Let me tell you help you mitigate your security vulnerabilities."

Codex Resets

https://codex-resets.com/
32•denysvitali•37m ago•23 comments

Speech Recognition and TTS in less than 500kb

https://github.com/moonshine-ai/moonshine/tree/main/micro
200•petewarden•4d ago•25 comments

Classic Amiga titles, free to download

https://amigafreeware.downer.tech/
21•doener•2h ago•5 comments

Judge a book by its first pages

https://uncovered.ink
27•bookofjoe•1h ago•24 comments

GPT-5.6 used a prompt to close a 30-year gap in convex optimization

https://old.reddit.com/r/math/comments/1uxj3cy/after_openais_cdc_proof_announcement_gpt56_used_a/
481•mbustamanter•11h ago•312 comments

If You Build It, They Will Come

https://www.benlandautaylor.com/p/if-you-build-it-they-will-come
230•barry-cotter•8h ago•83 comments

Typing Speed Test, but for Developers

https://haxxorwpm.0s.is/
77•hronecviktor•4h ago•46 comments

Hardcore IndieWeb: Run your own website 100% independently for only $0.01/day

https://www.neatnik.net/hardcore-indieweb
51•cdrnsf•2h ago•41 comments

I'm Making Strandfall, a Solarpunk Orienteering Larp

https://mssv.net/2026/04/29/im-making-strandfall-a-solarpunk-orienteering-larp/
80•surprisetalk•5d ago•13 comments

Gleam Is Now on Tangled

https://tangled.org/gleam.run/gleam
191•nerdypepper•8h ago•126 comments

Real-Time LuaTeX: Recompiling Large Documents in 1ms [pdf]

https://www.tug.org/tug2026/preprints/lode-realtime.pdf
17•amichail•1h ago•3 comments

Mayor Mamdani Says Landlords Can't Use AI Images to Advertise

https://petapixel.com/2026/07/16/mayor-mamdani-says-landlords-cant-secretly-use-ai-images-to-adve...
90•gnabgib•1h ago•35 comments

Is this the end of the once-mighty GoPro?

https://amateurphotographer.com/latest/photo-news/going-going-gone-is-this-the-end-of-the-once-mi...
182•aanet•3d ago•383 comments

Fable 5 vs. GPT-5.6 Sol on an NP-Hard Problem: Does /goal help?

https://charlesazam.com/blog/fable-5-gpt-5-6-sol-goal/
205•couAUIA•13h ago•102 comments

Co-evolution of self-replication and function in a digital primordial soup

https://arxiv.org/abs/2607.09211
12•vicgalle_•2h ago•3 comments

Our Approach to Bioresilience: Isomorphic Labs and Google DeepMind

https://deepmind.google/blog/our-approach-to-bioresilience/
60•bookofjoe•7h ago•21 comments

LG monitors silently install software through Windows Update without consent

https://videocardz.com/newz/lg-monitors-silently-install-software-through-windows-update-without-...
968•baranul•13h ago•499 comments

Setting up your spare Mac for Claude Code to control, a step-by-step guide

https://ykdojo.github.io/claude-controls-mac/
166•ykev•7h ago•125 comments

Show HN: Q3Edit – Edit and play Quake 3 maps in the browser

https://q3edit.com
64•drdator•8h ago•12 comments

A Second-Grade Teacher Revived a Beloved Video Game

https://www.nytimes.com/2026/07/13/style/backyard-baseball-video-game-teacher.html
62•danso•5d ago•25 comments

Elixir-lang.org has a new design

https://elixir-lang.org/
156•bbg2401•8h ago•98 comments

Circular Obstacle Pathfinding (2017)

https://redblobgames.github.io/circular-obstacle-pathfinding/
18•andsoitis•6d ago•2 comments

GTX 1080s: Testing a Legend

https://www.lttlabs.com/articles/2026/07/15/gtx-1080s-revisiting-legends
83•LabsLucas•3d ago•36 comments

From Sawdust to Paw Patrol: The Spin Master Story (With Ronnen Harary) [audio]

https://www.econtalk.org/from-sawdust-to-paw-patrol-the-spin-master-story-with-ronnen-harary/
4•mooreds•3d ago•0 comments

What AI did to stackoverflow in a graph

https://data.stackexchange.com/stackoverflow/query/1953768#graph
352•secretslol•12h ago•408 comments

How GitHub gave every repository a durable owner

https://github.blog/security/application-security/how-github-gave-every-repository-a-durable-owner/
62•ascertain•1w ago•23 comments

The Kimi K3 Moment

https://stephen.bochinski.dev/blog/2026/07/18/the-kimi-k3-moment/
257•sbochins•6h ago•283 comments

Tech note: making your own V-I plots at home

https://lcamtuf.substack.com/p/tech-note-making-your-own-v-i-plots
62•zdw•1d ago•9 comments

Goodbye, and Thanks for All the Bikesheds

https://queue.acm.org/detail.cfm?id=3818307
176•Ygg2•6h ago•183 comments

Gap in Mochizuki's proof of ABC confirmed by Lean

https://twitter.com/FumiharuKato/status/2078017230537892207
14•ogogmad•1h ago•1 comments