hello friends i spent a couple hours today using a random string generator by charm CLI called hotdiva2000 to make a script that 1) generates a static index.html page 2) the page is a prompt generator where all the prompts are from hotdiva2000!!!!!
this makes more sense if you look at it check it out
Found means fixed: Reduce security debt at scale with GitHub security campaigns
Starting today, security campaigns are generally available for all GitHub Advanced Security and GitHub Code Security customers—helping organizations take control of their security debt and manage risk by unlocking collaboration between developers and security teams.
The post [Found means fixed: Reduce security debt at scale with GitHub security campaigns](http … ⌘ Read more
Git turns 20: A Q&A with Linus Torvalds
To celebrate two decades of Git, we sat down with Linus Torvalds—the creator of Git and Linux—to discuss how it forever changed software development.
The post Git turns 20: A Q&A with Linus Torvalds appeared first on The GitHub Blog. ⌘ Read more
Mandated use of AI at work
Although I also use AI for some features on this blog and sometimes chat with some AI agent (whether it’s ChatGPT, Claude, Microsoft Copilot or GitHub Copilot), I have mixed feelings about its mandated use at work (Shopify is just one company doing it). ⌘ Read more
↳
In-reply-to
»
uuuugh been so inactive because of stupid site moderation it's SO EXHAUSTING
⤋ Read More
@prologic@twtxt.net i did not! the retrospring codebase has been around since i was in grade school LOLLLL
Vibe coding with GitHub Copilot: Agent mode and MCP support rolling out to all VS Code users
In celebration of MSFT’s 50th anniversary, we’re rolling out Agent Mode with MCP support to all VS code users. We are also announcing the new GitHub Copilot Pro+ plan w/ premium requests, the general availability of models from Anthropic, Google, and OpenAI, next edit suggestions for code completions & the Copilot code review agent.
The post [Vibe coding with GitHub Copilot: Agent mode and MC … ⌘ Read more
Localhost dangers: CORS and DNS rebinding
What is CORS and how can a CORS misconfiguration lead to security issues? In this blog post, we’ll describe some common CORS issues as well as how you can find and fix them.
The post Localhost dangers: CORS and DNS rebinding appeared first on The GitHub Blog. ⌘ Read more
XMPP Interop Testing: Enabling Tests
Our project creates a framework that allows anyone to easily add XMPP standards compliance tests to the test phase of
their build pipeline. Prior to our most recent release (version 1.5.0) a test execution would basically run all tests
in the test suite. We provided an option to exclude certain tests, but in essence, the bulk of tests would execute.
This behavior is generally preferable when testing an XMPP server implementation. A benefit of exclusion-based
… ⌘ Read more
I’m playing with ratterplatter again: It’s a toy that watches disk I/O and emulates the noise of a real hard disk. (Linux only.) It uses sound samples from one of my older disks.
I tried a different approach at estimating the disk activity and I think I finally got it right (after almost 10 years … 🤦).
Demo, booting a Windows 2000 VM: https://movq.de/v/1400544cc6/2kboot-ratterplatter-2.mp4
(For this purpose alone, I put a couple of mini speakers into my PC case, so that the noise comes from the right place: 
)
The results aren’t too bad, but this thing can’t be super accurate due to the huge I/O caches that we have these days. For the video, I dropped the caches before booting Windows, otherwise you would have heard almost nothing.
FWIW, if you don’t know it yet, this is the equivalent for proper keyboard sound: https://github.com/zevv/bucklespring
GitHub found 39M secret leaks in 2024. Here’s what we’re doing to help
Every minute, GitHub blocks several secrets with push protection—but secret leaks still remain one of the most common causes of security incidents. Learn how GitHub is making it easier to protect yourself from exposed secrets, including today’s launches of standalone Secret Protection, org-wide scanning, and better access for teams of all sizes.
The post [GitHub found 39M secret leaks in 2024. H … ⌘ Read more
GitHub for Beginners: How to get LLMs to do what you want
Learn how to write effective prompts and troubleshoot results in this installment of our GitHub for Beginners series.
The post GitHub for Beginners: How to get LLMs to do what you want appeared first on The GitHub Blog. ⌘ Read more
Blue95: Fedora Atomic Xfce converted to a Windows 95 desktop
Blue95 is a modern and lightweight desktop experience that is reminiscent of a bygone era of computing. Based on Fedora Atomic Xfce with the Chicago95 theme. ↫ Blue95 GitHub page Exactly as it says on the tin. This is by far the easiest way to get the excellent Chigaco95 theme for Xfce set up and working in a polished way, and it also contains a few different application choices from the regular Fedora Xfce desk … ⌘ Read more
https://github.com/medialab/xan manipulate #CSV in terminal
https://github.com/Nuitka/Nuitka python #C compiler #clang
5 GitHub Actions every maintainer needs to know
With these actions, you can keep your open source projects organized, minimize repetitive and manual tasks, and focus more on writing code.
The post 5 GitHub Actions every maintainer needs to know appeared first on The GitHub Blog. ⌘ Read more
↳
In-reply-to
»
I'm not much a fan of registry limit/offset paging. I think I prefer the cursor/count method. And starting at zero for first and max for latest.
⤋ Read More
Hmm so looking at the swagger of the registry spec client it seems to just take a “page”.. That seems worse than doing an offset. Lol.
https://github.com/DracoBlue/twtxt-registry/blob/master/src/swagger.json
OpenAI adds MCP support to Agents SDK
Article URL: https://openai.github.io/openai-agents-python/mcp/
Comments URL: https://news.ycombinator.com/item?id=43485566
Points: 500
# Comments: 158 ⌘ Read more
Mastering GitHub Copilot: When to use AI agent mode
Discover the differences between agent mode and Copilot Edits with GitHub Copilot—and when to use them in your workflows.
The post Mastering GitHub Copilot: When to use AI agent mode appeared first on The GitHub Blog. ⌘ Read more
A maintainer’s guide to vulnerability disclosure: GitHub tools to make it simple
A step-by-step guide for open source maintainers on how to handle vulnerability reports confidently from the start.
The post A maintainer’s guide to vulnerability disclosure: GitHub tools to make it simple appeared fir … ⌘ Read more
Nvidia Linux GPU driver ported to Haiku
Nvidia releasing its Linux graphics driver as open source is already bearing fruit for alternative operating systems. As many people already knows, Nvidia published their kernel driver under MIT license: GitHub – NVIDIA/open-gpu-kernel-modules: NVIDIA Linux open GPU kernel module source (I will call it NVRM). This driver is very portable and its platform-independent part can be compiled for Haiku with minor effort (but it need to implement OS-specific … ⌘ Read more
World Water Day: how GitHub Copilot is helping bring clean water to communities
From simplifying the workflow of a developer to having an impact on the global water crisis, technology and AI are reshaping the way charity: water works.
The post World Water Day: how GitHub Copilot is helping bring clean water to communities appeared first on [Th … ⌘ Read more
I saw 100% I/O wait in htop today but couldn’t find a process which actually does I/O. Turns out, I/O wait isn’t what it used to be anymore:
https://lwn.net/Articles/989272/
In my case, it was mpd which triggered this:
https://github.com/MusicPlayerDaemon/MPD/issues/2241
mpd doesn’t actually do anything, it just sits there and waits for events. To my understanding, this is similar to something blocking on read(). I’m not quite sure yet if displaying this as I/O wait (or “PSI some io”) is intentional or not – but it sure is confusing.
↳
In-reply-to
»
i tried deploying anubis (https://github.com/TecharoHQ/anubis) to protect my site superlove but yall i got so stuck with getting it behind caddy that i felt super dumb and gave up for now T_T
⤋ Read More
@kat@yarn.girlonthemoon.xyz think i’ll wait and see if the caddy module proposal gets anywhere bc that sounds like it’d make my life easier lol
i tried deploying anubis (https://github.com/TecharoHQ/anubis) to protect my site superlove but yall i got so stuck with getting it behind caddy that i felt super dumb and gave up for now T_T
Monero Research Lab meeting scheduled for 26 March 2025 1700 UTC
The next Monero Research Lab1 meeting is scheduled to take place on Wednesday, March 26th 2025 at 17:00 UTC on IRC-Libera/Matrix2 in the #monero-research-lab channels.
Video: How to create checklists in Markdown for easier task tracking
Ever wondered how to create checklists in your GitHub repositories, Issues, and PRs? Make task lists more manageable in your GitHub repositories, issues, and pull requests.
The post Video: How to create checklists in Markdown for easier task tracking appeared first on [The … ⌘ Read more
How fast the days are getting longer (2023)
Article URL: https://joe-antognini.github.io/astronomy/daylight
Comments URL: https://news.ycombinator.com/item?id=43413935
Points: 503
# Comments: 171 ⌘ Read more
IssueOps: Automate CI/CD (and more!) with GitHub Issues and Actions
A look into building IssueOps workflows on GitHub to do everything from CI/CD to handling approvals and more.
The post IssueOps: Automate CI/CD (and more!) with GitHub Issues and Actions appeared first on The GitHub Blog. ⌘ Read more
https://github.com/outpaddling/desktop-installer freebsd netbsd openbsd postinstall script
[ANN] Cypher Stack published FROSTLASS security proofs and Eagen’s divisors review
Links:
n/a ⌘ Read more
GitHub for Beginners: Essential features of GitHub Copilot
Get the most out of Copilot with code completion, inline chat, slash commands, Copilot code review, and more.
The post GitHub for Beginners: Essential features of GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
Docs – Open source alternative to Notion or Outline
Article URL: https://github.com/suitenumerique/docs
Comments URL: https://news.ycombinator.com/item?id=43378239
Points: 503
# Comments: 181 ⌘ Read more
↳
In-reply-to
»
@prologic I created a script for your book. i have only done the first two chapters. have to do some adjustments to the text so it sounds ok and that takes time..
⤋ Read More
Chapter 1:
Chapter 2:
if you want a different voice let me know which to use: https://rhasspy.github.io/piper-samples/
Highlights from Git 2.49
The open source Git project just released Git 2.49. Here is GitHub’s look at some of the most interesting features and changes introduced since last time.
The post Highlights from Git 2.49 appeared first on The GitHub Blog. ⌘ Read more
How GitHub engineers learn new codebases
Strategies to quickly get up to speed, whether you’re a seasoned engineer or a newcomer to the field.
The post How GitHub engineers learn new codebases appeared first on The GitHub Blog. ⌘ Read more
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) were discovered in ruby-saml up to version 1.17.0. In this blog post, we’ll shed light on how these vulnerabilities that rely on a parser differential were uncovered.
The post [Sign in as anyone: Bypassing SAML SSO authentication with parser differentials](https://github.blog/security/sign-in-as-anyone- … ⌘ Read more
GitHub Availability Report: February 2025
In February, we experienced two incidents that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: February 2025 appeared first on The GitHub Blog. ⌘ Read more
[LTH] [Bounty] [0.1 XMR] Stack Wallet - Add missing icons for swap providers
Link: https://bounties.monero.social/posts/184/
b4n6_b4n6 (Github) ⌘ Read more
The Startup CTO’s Handbook
Article URL: https://github.com/ZachGoldberg/Startup-CTO-Handbook/blob/main/StartupCTOHandbook.md
Comments URL: https://news.ycombinator.com/item?id=43337703
Points: 502
# Comments: 169 ⌘ Read more
Why Java endures: The foundation of modern enterprise development
For 30 years, Java has been a cornerstone of enterprise software development. Here’s why—and how to learn Java.
The post Why Java endures: The foundation of modern enterprise development appeared first on The GitHub Blog. ⌘ Read more
selsta posts February 2025 Monero dev report
selsta1 has posted a monthly CCS progress report2 for February 2025, which includes several Monero dev updates.
Milestone 3:
* v0.18.4.0 is code-ready and currently in testing phase
* Traced down a bug in a recently merged PR that is part of v0.18.4.0
* Handle the recent DDoS attempt on public nodes
Note that misc work is not explicitly mentioned in these updates. The full list of changes can be found on Github3’[4 … ⌘ Read more
Full exposure: A practical approach to handling sensitive data leaks
Treating exposures as full and complete can help you respond more effectively to focus on what truly matters: securing systems, protecting sensitive data, and maintaining the trust of stakeholders.
The post Full exposure: A practical approach to handling sensitive data leaks appeared first on [The GitHu … ⌘ Read more
@lyse@lyse.isobeef.org OK. So how I have worked things like this out is to have the interface in the root package from the implementations. The interface doesn’t need to be tested since it’s just a contract. The implementations don’t need to import storage.Storage
- storage/ defines the
Storageinterface (no tests!)
- storage/sqlite for the sqlite implementation tests for sqlite directly
- storage/ram for the ram implementation and tests for RAM directly
- storage/sqlite for the sqlite implementation tests for sqlite directly
- controller/ can now import both storage and the implementation as needed.
So now I am guessing you wanted the RAM test for testing queries against sqlite and have it return some query response?
For that I usually would register a driver for SQL that emulates sqlite. Then it’s just a matter of passing the connection string to open the registered driver on setup.
https://github.com/glebarez/go-sqlite?tab=readme-ov-file#connection-string-examples
everoddandeven releases ‘Monero Daemon GUI’ v1.2.0
everoddandeven1 has released Monero node manager monerod-gui 2 version 1.2.0 Shadowness 3 with various upgrades, fixes and improvements:
Upgrade Electron to v35.0.0
Upgrade Angular to v19
Upgrade dependencies
TOR and I2P service
Private testnet tool
UI fixes and improvements
monerod settings fixes
Consult the Github repository2 for the complete changelog4, a demo … ⌘ Read more
Microsoft discovers massive malvertising campaign on GitHub
Like the other Chrome skins, Microsoft Edge is also moving to disable Manifest v2 extensions, restricting the effectiveness of ad blockers like uBlock Origin. As an advertising company, Microsoft was obviously never going to do the work to keep Manifest v2 support around in Chrome, so this was inevitable. Blocking ads might be a necessary security practice, but why cry over spilled user data, am I right? Anyway, … ⌘ Read more
Four steps toward building an open source community
Three maintainers talk about how they fostered their open source communities.
The post Four steps toward building an open source community appeared first on The GitHub Blog. ⌘ Read more
Video: How to run dependency audits with GitHub Copilot
Learn to automate dependency management using GitHub Copilot, GitHub Actions, and Dependabot to eliminate manual checks, improve security, and save time for what really matters.
The post Video: How to run dependency audits with GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
Not just for developers: How product and security teams can use GitHub Copilot
GitHub Copilot isn’t just for developers! Discover how product managers, security professionals, scrum masters, and more use GitHub Copilot to streamline tasks, automate workflows, and boost productivity across teams.
The post [Not just for developers: How product and security teams can use GitHub Copilot](https://github.blog/ai-and-ml/github-copilot/not-just-for-dev … ⌘ Read more
Finding leaked passwords with AI: How we built Copilot secret scanning
Passwords are notoriously difficult to detect with conventional programming approaches. AI can help us find passwords better because it understands context. This blog post will explore the technical challenges we faced with building the feature and the novel and creative ways we solved them.
The post [Finding leaked passwords with AI: How we built Copilot secret scanning](https … ⌘ Read more