frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Nano Banana Pro

https://blog.google/technology/ai/nano-banana-pro/
548•meetpateltech•4h ago•375 comments

NTSB Preliminary Report – Ups Boeing MD-11F Crash [pdf]

https://www.ntsb.gov/Documents/Prelimiary%20Report%20DCA26MA024.pdf
60•gregsadetsky•1h ago•41 comments

Microsoft makes Zork open-source

https://opensource.microsoft.com/blog/2025/11/20/preserving-code-that-shaped-generations-zork-i-i...
175•tabletcorry•1h ago•61 comments

CoMaps emerges as an Organic Maps fork

https://lwn.net/Articles/1024387/
31•altilunium•1w ago•5 comments

The Lions Operating System

https://lionsos.org
31•plunderer•1h ago•3 comments

Go Cryptography State of the Union

https://words.filippo.io/2025-state/
60•ingve•2h ago•29 comments

Okta's NextJS-0auth troubles

https://joshua.hu/ai-slop-okta-nextjs-0auth-security-vulnerability
110•ramimac•2d ago•30 comments

Launch HN: Poly (YC S22) – Cursor for Files

21•aabhay•2h ago•19 comments

Android and iPhone users can now share files, starting with the Pixel 10

https://blog.google/products/android/quick-share-airdrop/
198•abraham•2h ago•169 comments

Ask HN: How are Markov chains so different from tiny LLMs?

62•JPLeRouzic•2d ago•33 comments

Free interactive tool that shows you how PCIe lanes work on motherboards

https://mobomaps.com
61•tagyro•1d ago•8 comments

Freer Monads, More Extensible Effects (2015) [pdf]

https://okmij.org/ftp/Haskell/extensible/more.pdf
52•todsacerdoti•4h ago•3 comments

Show HN: F32 – An Extremely Small ESP32 Board

https://github.com/PegorK/f32
107•pegor•23h ago•14 comments

What's in a Passenger Name Record (PNR)? (2013)

https://hasbrouck.org/articles/PNR.html
18•rzk•4d ago•1 comments

Interactive World History Atlas Since 3000 BC

http://geacron.com/home-en/
244•not_knuth•9h ago•121 comments

Theft of 'The Weeping Woman' from the National Gallery of Victoria

https://en.wikipedia.org/wiki/Theft_of_The_Weeping_Woman_from_the_National_Gallery_of_Victoria
48•neom•5d ago•30 comments

Two recently found works of J.S. Bach presented in Leipzig [video]

https://www.youtube.com/watch?v=4hXzUGYIL9M#t=15m19s
36•Archelaos•2d ago•22 comments

Red Alert 2 in web browser

https://chronodivide.com/
315•nsoonhui•7h ago•98 comments

Firefox 147 Will Support the XDG Base Directory Specification

https://www.phoronix.com/news/Firefox-147-XDG-Base-Directory
267•bradrn•5h ago•99 comments

50th Anniversary of BitBLT

https://mastodon.sdf.org/@fvzappa/115574872559813280
38•todsacerdoti•17h ago•2 comments

Android/Linux Dual Boot

https://wiki.postmarketos.org/wiki/Dual_Booting/WiP
250•joooscha•3d ago•136 comments

Show HN: My hobby OS that runs Minecraft

https://astral-os.org/posts/2025/10/31/astral-minecraft.html
38•avaliosdev•2d ago•4 comments

The Firefly and the Pulsar

https://www.centauri-dreams.org/2025/11/20/the-firefly-and-the-pulsar/
8•JPLeRouzic•3h ago•0 comments

Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in LLMs

https://arxiv.org/abs/2511.15304
183•capgre•7h ago•109 comments

'Calvin and Hobbes' at 40

https://www.npr.org/2025/11/18/nx-s1-5564064/calvin-and-hobbes-bill-watterson-40-years-comic-stri...
310•mooreds•7h ago•112 comments

CUDA Ontology

https://jamesakl.com/posts/cuda-ontology/
227•gugagore•4d ago•37 comments

Typesetting the "Begriffsschrift" by Gottlob Frege in Plain TeX [pdf]

https://www.tug.org/TUGboat/tb36-3/tb114wermuth.pdf
22•perihelions•1w ago•2 comments

IBM Delivers New Quantum Package

https://newsroom.ibm.com/2025-11-12-ibm-delivers-new-quantum-processors,-software,-and-algorithm-...
29•donutloop•1w ago•11 comments

Basalt Woven Textile

https://materialdistrict.com/material/basalt-woven-textile/
186•rbanffy•14h ago•121 comments

Meta Segment Anything Model 3

https://ai.meta.com/sam3/
632•lukeinator42•1d ago•126 comments
Open in hackernews

Okta's NextJS-0auth troubles

https://joshua.hu/ai-slop-okta-nextjs-0auth-security-vulnerability
108•ramimac•2d ago

Comments

dovys•2d ago
You're either free OSS that gets flooded with AI slop PRs to overwhelm maintainers or you're a corporate OSS that uses AI slop to frustrate contributors. Are there any positive stories I've not seen?
cedws•2d ago
That’s funny. I spotted a similar issue in their Go SDK[1] a few years back. I was pretty appalled to see such a basic mistake from a security company, but then again it is Okta. [1]: https://github.com/okta/okta-sdk-golang/issues/306
jonathaneunice•1h ago
> I was pretty appalled to see such a basic mistake from a security company, but then again it is Okta.

Oh. Em. Gee.

Is this a common take on Okta? The article and comments suggest...maybe? That is frightening considering how many customers depend on Okta and Auth0.

parliament32•50m ago
We evaluated them a while ago but concluded it was amateur-hour all the way down. They seem to be one of those classic tech companies where 90% of resources go to sales/marketing, and engineering remains "minimum viable" hoping they get an exit before anyone notices.
kenhwang•13m ago
I'm convinced Okta's entire business model is undercutting everyone with a worse product with worse engineering that checks more boxes on the feature page, knowing IT procurement people aren't technical and think more checkboxes means it's better.
DetroitThrow•1h ago
Security companies that prioritize bugs being sold rather than be reported will eventually blow up. Good luck Okta shareholders.
hypeatei•57m ago
I think GitHub should allow disabling PRs. I don't believe most big corporations are interested in dealing with fly-by contributions because it might make them look bad or be riddled with quality issues.

Also some projects like the Linux kernel are just mirrors and would be better off with that functionality disabled.

jchw•49m ago
While that is true, I feel like it is irrelevant here since it seems like Okta definitely wants (and perhaps needs) the fixes. God only knows why GitHub still forces it on though. Early on it might've been some mechanism to encourage people to accept contributions to push the social coding aspect, but at this point I have no idea who this benefits, it mostly confuses people when a project doesn't accept PRs.
hypeatei•42m ago
> Okta definitely wants (and perhaps needs) the fixes

They definitely don't want them if their process requires signed commits and their solution is 1) open another PR with the authors info then sign it for them, and 2) add AI into the mix because git is too hard I guess?

No matter how you slice it, it doesn't seem like there are Okta employees who want to be taking changes from third parties.

petre•41m ago
Social on today's Internet = bots and occasionally trolls
mananaysiempre•36m ago
GitHub actually can natively mark a repo as a mirror (or could? I can’t find an example now, but they have always been rare). The book-with-bookmark icon before “user / repo” in the page header is replaced by a mirror-and-reflection-ish–looking thing, and the badge after it changes from “Public” to “Public mirror”. Unfortunately, forcing you into “social coding” (wait, is that no longer on the homepage?) takes priority, so that mark can only be given out by GitHub staff through manual intervention, and it doesn’t often happen.
jchw•52m ago
IANAL but unfortunately, I think the fix itself shown here might be too simple to actually clear the bar for copyright eligibility. (And in fairness to copyright law, it is basically the only sane way to fix this.) That means that there's probably not much you can really do, but I will say this looks fucking pathetic, Okta.
rikafurude21•29m ago
I'm more confused by the fact that the OP freely submits a PR into an open source repo but then wants to use "copyright" because the code he submitted ended up being used under the wrong name, which was then corrected.
detaro•25m ago
Why is it confusing to you to expect attribution?
rikafurude21•16m ago
thats not the confusing part, its rather confusing to threaten to sue for copyright because of mistaken attirbution
Yasuraka•49m ago
Okta is, if you may excuse my French, straight garbage.
altairprime•33m ago
And too bad for everyone who was using their former competitor Auth0.
sbmthakur•31m ago
Why if I may ask?
rcleveng•36m ago
Honestly when I saw Okta in the headline, I had assumed the article was going to say they were breached again.

This one is amusing, and as another comment mentioned below, large companies are awful at accepting patches on github. Most use one-way sync tools to push from their internal repositories to github.

Aldipower•36m ago
WTF is Okta?
mananaysiempre•32m ago
An auth integrator, a pretty notable one, mostly (originally?) OAuth I think. Multiple people calling them a trash fire here came as a surprise to me, but I defer to their experience.
Traubenfuchs•32m ago
Is there any non shite managed oAuth solution with a free tier available?

Auth0 really is super easy and comfortable to integrate and I don‘t want to run my own keycloak or whatever.

theoldgreybeard•27m ago
You couldn't pay me a billion dollars to use Okta.
pphysch•20m ago
Sadly many people will spend a million dollars to use Okta for their 10,000 logins/day (read: <1 tps) instead of running their own Keycloak or Authentik or whatever.

OIDC is not scary, and advanced central authorization features (beyond group memberships) are a big ole YAGNI / complexity trap.

mrcwinn•11m ago
You just literally saved me one billion dollars. The offer was incoming!
twodave•19m ago
I LOVE LLMs as a learning tool. I HATE LLMs as a communication tool. I know, there are people with serious handicaps who benefit from LLMs in this area. If only I could talk to those people and not wade through all this other garbage.

Especially when the AI is being represented as a person, this to me is dishonest. Not to mention annoying, almost more-so than the number of different apps that think they are important enough to send me push notifications to fill out a survey (don’t even get me started).

RagnarD•16m ago
I've been quite happy with FusionAuth so far. Free to run on your own server, easy to understand and set up, easy to program against, reliable.