Searching We.Love.Privacy.Club

Twts matching #github
Sort by: Newest, Oldest, Most Relevant
In-reply-to » Now that is an interesting move:

@prologic@twtxt.net As have I. 🤔 I mean, since I left GitHub, I got basically 0 pull requests anyway.

Even during my time using GitHub, I noticed that “drive-by PRs” are rarely a good idea. People don’t really know/understand the code or the design principles/goals, so I often turned down PRs. Or I accepted them and was grumpy afterwards. 😅

What does work is having a team of maintainers/devs. The only question is: How do you build such a team if you don’t accept PRs? That’s going to be the interesting part.

⤋ Read More

Show HN: Formally verified polygon intersection – Opus 4.8 oneshots, prev failed
To my knowledge, this is the first formally verified implementation of an intersection algorithm for polygons.

The experience of working with AI agents on this project changed a lot with recent model releases, as I describe in the readme. Opus 4.8 is able to provide algorithm implementation with formal proof in one shot, whereas previous models required me to provide proof strategies in multiple steps.

Trust in the correctness c … ⌘ Read more

⤋ Read More

GitHub Copilot Users React To New Usage-Based Pricing System
An anonymous reader quotes a report from Ars Technica: In April, GitHub announced that it was moving subscribers from request-based billing to a usage-based model for its AI-powered Copilot service. As that new pricing model goes into effect today, many GitHub Copilot users are reporting some extreme sticker shock as they realize just how quickly their p … ⌘ Read more

⤋ Read More

Ombredanne: An AI agent ported our codebase from Python to Rust
Over on the AboutCode blog, lead
maintainer Philippe Ombredanne writes
about an agentic LLM system porting the ScanCode\
Toolkit to Rust. In the process, the LLM (or the people behind it)
infringed the ScanCode trademark, stripped copyright and license notices,
“and started an outreach campaign, without ev … ⌘ Read more

⤋ Read More

Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm
Aikido Security says more than 30 official @redhat-cloud-services npm packages were compromised with a credential-stealing worm called “Miasma,” a variant resembling the open-sourced Mini Shai-Hulud supply-chain malware. “The packages were published via GitHub Actions OIDC, indicating the CI/CD pipeline was compromised rather than an npm … ⌘ Read more

⤋ Read More

Multiple redhat-cloud-services npm packages compromised (StepSecurity Blog)
StepSecurity is reporting
that a number of npm packages in the @redhat-cloud-services
scope include malware that runs automatically on every npm install:

The payload is a multi-stage credential harvester that sweeps
GitHub Actions secrets along with AWS, GCP, Azure, Kubernetes,
HashiCorp Vault, npm, and CircleCI tokens, and it is purpose-built to
evade det … ⌘ Read more

⤋ Read More

Genode OS 26.05 Released, Finishes Moving From GitHub To Codeberg
Genode OS 26.05 is out this week as the latest update for this original open-source operating system framework. With Genode OS 26.05, they have taken various features of their general purpose Sculpt OS operating system and turned them into reusable framework features… ⌘ Read more

⤋ Read More

nenya - A lightweight, highly secure AI API Gateway/Proxy written in Go
A lightweight, zero-dependency AI API Gateway written in Go. Nenya sits between your AI coding clients and upstream LLM providers, adding secret redaction, context management, agent routing, and MCP tool integration — all with transparent SSE streaming. Security-hardened: non-root execution, mlock for secrets, seccomp + no-new-privileges. 1 points posted by Rafael Gumieri ⌘ Read more

⤋ Read More

后续更新:“×读”软件的2位开发者因侵犯著作权罪,均被判刑,处罚金。退缴超100万
两天前,涉案的 Legado 项目主页发布了公告: 然后删除了全部代码。 现状 从原文的时间线来看,「张先生在一家国内头部数字阅读平台担任法务,该公司与大量网络小说作者签订了独家授权协议。2023年1月4日,在发现“×读”软件侵权行为后,张先生当即报案。」 以及开发者的 GitHub 动态页面: 2 ⌘ Read more

⤋ Read More

Show HN: Open-source private home security camera system (end-to-end encryption)
Hey everyone,

I previously introduced an open source private home security camera in 2024, which uses OpenMLS for end-to-end encryption: https://news.ycombinator.com/item?id=42284412.

It was called Privastead then and it’s now renamed to Secluso.

John Kaczman found my project from here and has been working on it with me over the last year and half. We’ve made a lot of improvements to the software, which w … ⌘ Read more

⤋ Read More

[$] A trademark dispute over MeshCore
MeshCore is a relatively new project, started in January 2025, that aims
to build a scalable mesh network using low-power long-distance radios. While
many other projects of the same general nature have been tried before, MeshCore
grew quickly because of its more efficient message routing and enthusiastic
community. In early 2026, an early proponent of the project made a sudden shift
that left the rest of the community stunned and embroile … ⌘ Read more

⤋ Read More

Nesbitt: Protestware for coding agents
Andrew Nesbitt has written a blog\
post detailing a recent incident with the jqwik library for property-based testing
in Java. On May 25, the 1.10.0 release of jqwik included a change
that attempts to instruct coding agents to disregard previous
instructions and delete jqwik tests and code.

I think this is a new class of supply-chain input worth ke … ⌘ Read more

⤋ Read More

Show HN: AISlop, a CLI for catching AI generated code smells
Hi, I’m Kenny, I’ve been building aislop. I starting working on this after using Claude Code, codex and opencode several times and noticing some slops. They aren’t syntax and passes most tests, they are patterns like empty catch blocks, useless comments, duplicated helpers, dead code and many more. So I built a tool to scan and check for these patterns and wired it into hooks so after each tool call, the agent checks for the slops.

You can try it out with npx aislop sca … ⌘ Read more

⤋ Read More

Show HN: Posthorn, self-hosted mail without the mail server
Introducing Posthorn, a self hosted email gateway. One docker container (or Go binary) between every self hosted app on your VPS and your transactional email provider. Set up Posthorn once, point your apps to it, done.

I was trying to deploy Ghost on a DigitalOcean droplet and found that DO and many different VPS services have started to block the default SMTP ports to try to combat the various types of abuse they get. To actually configure my app, I had to hack to … ⌘ Read more

⤋ Read More

Security updates for Tuesday
Security updates have been issued by Debian (postorius and spip), Fedora (bind, bind-dyndb-ldap, linux-firmware, tor, and unbound), Mageia (ffmpeg, nginx, perl-Imager, and tigervnc, x11-server, x11-server-xwayland), Oracle (firefox and kernel), Red Hat (buildah, git-lfs, go-toolset:rhel8, golang, golang-github-openprinting-ipp-usb, grafana, grafana-pcp, gvisor-tap-vsock, java-1.8.0-openjdk, java-17-openjdk, java-21-openjdk, opentelemetry-collector, osbuild-composer, podman, rhc, rhc-wo … ⌘ Read more

⤋ Read More

GitHub Copilot & Claude Code Helped With Graphics, WiFi Linux Driver Issues This Week
For those curious about the growing use of AI and coding agents within the Linux kernel, this week there was another large batch of new patches fixed that were generated or co-authored by agents like Claude Code and GitHub Copilot… ⌘ Read more

⤋ Read More

Launch HN: Superset (YC P26) – IDE for the agents era
Hey HN, we’re Avi, Kiet, and Satya. We’re building Superset ( https://github.com/superset-sh/superset), an open-source agentic IDE for running coding agents like Claude Code, Codex, OpenCode etc in parallel.

Demo: https://www.youtube.com/watch?v=YWDHn7gUwfg

Try it: https://superset.sh/

We’re three engineers who’ve built and maintained large codebases, and we k … ⌘ Read more

⤋ Read More