LineageOS 23 released
The LineageOS project has released version 23 of their AOSP-based Android variant. LineageOS 23 is based on the initial release of Android 16 – so not the QPR1 release that came later – because Google has not made the source code for that release available yet. Like other, similar projects, LineageOS also suffers from Google’s recent further lockdown of Android; not only do they not have access to Android 16 QPR1’s source code, they also can’t follow along with the latest security patche … ⌘ Read more

Strudel REPL - a music live coding environment living in the browser
Comments ⌘ Read more

Critical GitHub Copilot Vulnerability Leaks Private Source Code
Comments ⌘ Read more

Run a code linter in Vim every time you save ⌘ Read more

GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773)
Comments ⌘ Read more

Three ways “formally verified” can go wrong
Comments ⌘ Read more

@movq@www.uninformativ.de The time has come for “vibe coding” consultations.

@movq@www.uninformativ.de @prologic@twtxt.net Unfortunately, I had to review a coworker’s code that was also spewed out the same way. It was abso-fucking-lutely horrible. I didn’t know upfront, but then asked afterwards and got the proud (!) answer that it indeed was “assisted”. I bet this piece of garbage result was never checked or questioned the tiniest bit before submitting for review. >:-( It didn’t even do the right thing as a bonus.

What a giant shitshow. Things just have to burn to the ground several times.

How to Add MCP Servers to Claude Code with Docker MCP Toolkit
AI coding assistants have evolved from simple autocomplete tools into full development partners. Yet even the best of them, like Claude Code, can’t act directly on your environment. Claude Code can suggest a database query, but can’t run it. It can draft a GitHub issue, but can’t create it. It can write a Slack message,… ⌘ Read more

It happened.

“Can you help me debug this program? I vibe coded it and I have no idea what’s going on. I had no choice – learning this new language and frameworks would have taken ages, and I have severe time constraints.”

Did I say “no”? Of course not, I’m a “nice guy”. So I’m at fault as well, because I endorsed this whole thing. The other guy is also guilty, because he didn’t communicate clearly to his boss what can be done and how much time it takes. And the boss and his bosses are guilty a lot, because they’re all pushing for “AI”.

The end result is garbage software.

This particular project is still relatively small, so it might be okay at the moment. But normalizing this will yield nothing but garbage. And actually, especially if this small project works out fine, this contributes to the shittiness because management will interpret this as “hey, AI works”, so they will keep asking for it in future projects.

How utterly frustrating. This is not what I want to do every day from now on.

Finding a VS Code Memory Leak
Comments ⌘ Read more

Code is Never Neutral: Why All Software is Political
Comments ⌘ Read more

How I Learned to Code (using Japanese Method)
Comments ⌘ Read more

Completing urgent fixes anywhere with GitHub Copilot coding agent and mobile
Unlock the full potential of the GitHub platform. See how Copilot coding agent and GitHub Mobile combine to help you tackle development tasks and urgent fixes, no matter where you are.

The post [Completing urgent fixes anywhere with GitHub Copilot coding agent and mobile](https://github.blog/developer-skills/github/completing-urgent-fixes-anywhere-with-github-copilot-cod … ⌘ Read more

nanopb: Protocol Buffers with small code size
Comments ⌘ Read more

The case against generative AI: the numbers just don’t add up (i.e., it’s a scam)
Every single “vibe coding is the future,” “the power of AI,” and “AI job loss” story written perpetuates a myth that will only lead to more regular people getting hurt when the bubble bursts. Every article written about OpenAI or NVIDIA or Oracle that doesn’t explicitly state that the money doesn’t exist, that the revenues are impossible, that one of the companies involved bur … ⌘ Read more

I brain coded a static image gallery in a few hours
Comments ⌘ Read more

cargo-subspace: Make rust-analyzer work better with very large cargo workspaces
Let me preface all of this by saying that rust-analyzer is an amazing project, and I am eternally grateful for the many people who contribute to it! It makes developing rust code a breeze, and it has surely significantly contributed to Rust’s widespread adoption.

If you’ve ever worked with a very large cargo workspace (think hundreds of crates), you know that rust-analyzer eagerly builds compile time dependencies (e.g. proc macros) and index … ⌘ Read more

Fedora Linux Weaponizes Code of Conduct Against Jews
Call a Jew a “Nazi”? ⌘ Read more

Spec-driven development: Using Markdown as a programming language when building with AI
I coded my latest app entirely in Markdown and let GitHub Copilot compile it into Go. This resulted in cleaner specs, faster iteration, and no more context loss. ✨

The post [Spec-driven development: Using Markdown as a programming language when building with AI](https://github.blog/ai-and-ml/generative-ai/spec-driven-development-using-markdown-as-a-p … ⌘ Read more

Comprehension debt: A ticking time bomb of LLM-generated code
Article URL: https://codemanship.wordpress.com/2025/09/30/comprehension-debt-the-ticking-time-bomb-of-llm-generated-code/

Comments URL: https://news.ycombinator.com/item?id=45423917

Points: 530

# Comments: 334 ⌘ Read more

Can VS Code shortcuts compete with Vim? ⌘ Read more

I finally solved the loading issue in my WIP reader, TwtStrm (and apologies again to anyone that got spammed while I was diagnosing the issue).

After another round of coding this weekend, I’m happy to report that it now renders all the twts (with markdown parsing), complete with localstorage and server-based file caching.

Pretty happy with my zs-blog-template starter kit for creating and maintaining your own blog using zs 👌 Demo of what the starter kit looks like here – Basic features include:

• Clean layout & typography
  
• Chroma code highlighting (aligned to your site palette)
  
• Accessible copy-code button
  
• “On this page” collapsible TOC
  
• RSS, sitemap, robots
  
• Archives, tags, tag cloud
  
• Draft support (hidden from lists/feeds)
  
• Open Graph (OG) & Twitter card meta (default image + per-post overrides)
  
• Ready-to-use 404 page
  

As well as custom routes (redirects, rewrites, etc) to support canonical URLs or redirecting old URLs as well as new zs external command capability itself that now lets you do things like:

$ zs newpost

to help kick-start the creation of a new post with all the right “stuff”™ ready to go and then pop open your $EEDITOR 🤞

#awesome #zs

@prologic@twtxt.net need to work on the CSS. For example, the tags are too big, the code blocks (and the inline ones) are too small, the single posts have no date (intended?), and so on. It’s an alpha start!

Put another way, what you are proposing/pushing for requires hundreds of lines of code to change across a half dozen or so clients and lots of breaking changes, not to mention unknowns.

What I want us to do is make only a few half dozen or so lines of code changes to our clients and minimize the breaking changes and unknowns.

Coding a SHA2 Length Extension Attack - Computerphile ⌘ Read more

GitHub Copilot gets smarter at finding your code: Inside our new embedding model 
Learn about a new Copilot embedding model that makes code search in VS Code faster, lighter on memory, and far more accurate.

The post GitHub Copilot gets smarter at finding your code: Inside our new embedding model appeared first on The GitHub Blog. ⌘ Read more

@bender@twtxt.net Thanks for asking!

So, I’ve been working on 2 main twtxt-related projects.

The first is small Node / express application that serves up a twtxt file while allowing its owner to add twts to it (or edit it outright), and I’ve been testing it on my site since the night I made that post. It’s still very much an MVP, and I’ve been intermittently adding features, improving security, and streamlining the code, with an eye to release it after I get an MVP done of project #2 (the reader).

But that’s where I’ve been struggling. The idea seems simple enough - another Node / express app (this one with a Vite-powered front-end) that reads a public twtxt file, parses the “follow” list, grabs (and parses) those twtxt files, and then creates a river of twts out of the result. The pieces work fine in seclusion (and with dummy data), but I keep running into weird issues when reading real-live twtxt files, so some twts come through, while others get lost in the ether. I’ll figure it out eventually, but for now, I’ve been spending far more time than I anticipated just trying to get it to work end-to-end.

On top of it, the 2 projects wound up turning into 4 (so far), as I’ve been spinning out little libraries to use across both apps (like https://jsr.io/@itsericwoodward/fluent-dom-esm, and a forthcoming twtxt helper library).

In the end, I’m hoping to have project 1 (the editor) into beta by the end of October, and project 2 (the reader) into beta sometime after that, but we’ll see.

I hope this has satisfied your curiosity, but if you’d like to know more, please reach out!

Gartner positions GitHub as a Leader in the 2025 Magic Quadrant for AI Code Assistants for the second year in a row
Our commitment is to empower every developer and stay true to our north star by building an open, secure, and AI-powered platform that defines the future of software development.

The post [Gartner positions GitHub as a Leader in the 2025 Magic Quadrant for AI Code Assistants for the second yea … ⌘ Read more

The big QR code canine, has been one of my favourites - because even after a few months, I still find the pose really cute. Always thought a chibi version is a necessary addition and now I finally drew it.

Doing a bit of 2018 Advent of Code now to relax. 🎄

@arne@uplegger.eu Hm, noch nie gemacht. 🤔 Machst du das von Hand oder mit Code?

@kat@yarn.girlonthemoon.xyz @kat@yarn.girlonthemoon.xyz Pretty sure I have many more mentions in the database than the one and only one I see hmmm 🤔 – I’ll have a look at the code when I can and the SQL query it’s using

Erlang Solutions: ElixirConf US 2025: Highlights from My First ElixirConf
Joining conferences is one of the best perks of working as a Developer at Erlang Solutions. Despite having attended multiple Code BEAM conferences in Europe, ElixirConf US 2025 was my first. The conference had 3 tracks, filled with talks from 45+ speakers and 400+ attendees, both in-person and virtual.

ElixirConf is one of the great occasions to connect with other Elixir ent … ⌘ Read more

@movq@www.uninformativ.de this seems like a bit of an overkill, that would also harm modding and power users - who often need to see the exact implementation of new features and benefit from the ability to pull up the history of code changes, in their browser. Sure they could clone the repo and do that locally, but if it has dependencies, they’d also have to clone those, to see how those get updated and it’d soon be a mess.

@movq@www.uninformativ.de Holy shit, that’s insane! :-D I tried it, but i’m absolutely terrible at these type of games. I’m having trouble with the keys to move around. Maybe after ages I would pick it up and it becomes natural. I just was never a real gamer.

I will definitely try to read through the code, though! This looks sick. 8-)

@eric@itsericwoodward.com Hmm, the images are all 404ing. Also, I reckon that lots of code blocks are broken, too.

Haha, fun! I browsed your gopher hole a little bit. I noticed some entries are fully justified (formatting), while others are not. I didn’t notice a pattern, though it makes sense not to use justification on entries with code. Yet, some prose entries are, and some are not. A mystery. :-)

@bender@twtxt.net The address is/was correct but probably got mangled by the Markdown renderer. Let’s try again in a code block:

gopher://uninformativ.de/0/phlog/2025/2025-09/2025-09-03--roophloch.txt

Mathieu Pasquet: slixmpp v1.11
This new version includes a few new XEP plugins as well as fixes, notably
for some leftover issues in our rust JID code, as well as one for a bug that
caused issues in Home Assistant.

Thanks to everyone who contributed with code, issues, suggestions, and reviews!

Nicoco put in a lot of work in order to get all possible wheels built in CI. We now have manylinux and musl builds of everything doable within codeberg,
published to the codeberg pypi repo, and published on pypi. … ⌘ Read more

“But all your stuff is MIT licensed! They are allowed to do that!”

Haha. As if they would care. They crawl everything they get their hands on.

Besides, that’s not true, the license states that the copyright notice must be retained. “AI” breaks that. They incorporate my code and my articles in their product and make it appear as if it was their work.

** To the surprise of literally no one, I’m working on implementing a programming language all my own **
Inspired by conversation at a recent Future of Coding event, I decided I’d write up a little something about the programming language I’ve been working on (for what feels like forever) before I’ve gotten it to a totally shareable state. I have a working interpreter that I’m pretty pleased with, but I don’t yet have an interact … ⌘ Read more

@kat@yarn.girlonthemoon.xyz On the one hand, all these programs have a very long history and the technology behind manpages is actually very powerful – you can use it to write books:

https://www.troff.org/pubs.html

I have two books from that list, for example “The UNIX programming environment”:

https://movq.de/v/c3dab75c97/upe.jpg

It’s a bit older, of course, but it looks and feels like a normal book, and it uses the same tech as manpages – which I think is really cool. 😎

It’s comparable to LaTeX (just harder/different to use) but much faster than LaTeX. You can also do stuff like render manpages as a PDF (man -Tpdf cp >cp.pdf) or as an HTML file (man -Thtml cp >cp.html). I think I once made slides for a talk this way.

On the other hand, traditional manpages (i.e., ones that are not written in mandoc) do not use semantic markup. They literally say, “this text is bold, that text over here is italics”, and so on.

So when you run man foo, it has no other choice but to show it in black, white, bold, underline – showing it in color would be wrong, because that’s not what the source code of that manpage says.

Colorizing them is a hack, to be honest. You’re not meant to do this. (The devs actually broke this by accident recently. They themselves aren’t really aware that people use colors.)

If mandoc and semantic markup was more commonly used, I think it would be easier to convince the devs to add proper customizable colors.

@kat@yarn.girlonthemoon.xyz @movq@www.uninformativ.de Sorry, I neither finished it nor in time. :-( That’s as good as it’s gonna get for the moment: https://git.isobeef.org/lyse/gelbariab/-/tree/master/rss-proxys?ref_type=heads

The README should hopefully provide a crude introduction. The example configuration file is documented fairly well, I believe (but maybe not). You probably still have to consult and maybe also modify the source code to fit your needs.

Let me know if you run into issues, have questions, wishes etc.

In 1996, they came up with the X11 “SECURITY” extension:

https://www.reddit.com/r/linux/comments/4w548u/what_is_up_with_the_x11_security_extension/

This is what could have (eventually) solved the security issues that we’re currently seeing with X11. Those issues are cited as one of the reasons for switching to Wayland.

That extension never took off. The person on reddit wonders why – I think it’s simple: Containers and sandboxes weren’t a thing in 1996. It hardly mattered if X11 was “insecure”. If you could run an X11 client, you probably already had access to the machine and could just do all kinds of other nasty things.

Today, sandboxing is a thing. Today, this matters.

I’ve heard so many times that “X11 is beyond fixable, it’s hopeless.” I don’t believe that. I believe that these problems are solveable with X11 and some devs have said “yeah, we could have kept working on it”. It’s that people don’t want to do it:

Why not extend the X server?

Because for the first time we have a realistic chance of not having to do that.

https://wayland.freedesktop.org/faq.html

I’m not in a position to judge the devs. Maybe the X.Org code really is so bad that you want to run away, screaming in horror. I don’t know.

But all this was a choice. I don’t buy the argument that we never would have gotten rid of things like core fonts.

All the toolkits and programs had to be ported to Wayland. A huge, still unfinished effort. If that was an acceptable thing to do, then it would have been acceptable to make an “X12” that keeps all the good things about X11, remains compatible where feasible, eliminates the problems, and requires some clients to be adjusted. (You could have still made “X11X12” like “XWayland” for actual legacy programs.)

Since Fastly acquired and recently shut down glitch.com, some of my ancient webapps are no longer available, nor do I have any plans to make them available again - all had either zero, or very few monthly visits, used outdated libraries and would be a waste of money, to continue hosting and updating elsewhere.

All art archives remain unaffected and all projects shut down before 2025, were already permanently deleted, but if there’s someone out there, still relying on the recently discontinued projects, somehow - you can reach out and request their source code.

These requests will only be honoured, until the end of this year, when we plan to permanently delete, all of this data (both webapps and files only hosted on Amazons CDN).

Canine out °_°

Heck yeah, that’s damn cool: Reading QR codes without a computer! https://qr.blinry.org/

@lyse@lyse.isobeef.org “Advanced”, well, probably more “mature”. There aren’t a ton of crazy features and that icon thing is the largest code addition in the last 10 years. %)

Speaking of OS/2 … I just realized that Windows 3.x didn’t have icons, either. If I’m not mistaken, this only got added in Windows 95. In other words, OS/2 had this feature before Windows did, because at least OS/2 2.1 from 1993 had icons. Who would have thunk.

(Now I kind of want to know which system really introduced this feature.)

@kat@yarn.girlonthemoon.xyz NVM i stole other peoples code to make a dictionary lookup script https://bytes.4-walls.net/kat/dotfiles/src/branch/main/config/.local/bin/dict