Readit NewsDavidbrcz commented on Shai-Hulud Returns: Over 300 NPM Packages Infected helixguard.ai/blog/malici... · Posted by u/mrdosija
It's not "node" or "Javascript" the problem, it's this convenient packaging model.
This is gonna ruffle some feathers, but it's only a matter of time until it'll happen on the Rust ecosystem which loves to depend on a billion subpackages, and it won't be fault of the language itself.
The more I think about it, the more I believe that C, C++ or Odin's decision not to have a convenient package manager that fosters a cambrian explosion of dependencies to be a very good idea security-wise. Ambivalent about Go: they have a semblance of packaging system, but nothing so reckless like allowing third-party tarballs uploaded in the cloud to effectively run code on the dev's machine.
Don't worry about C or C++, we create the vulnerabilities ourselves !
Davidbrcz commented on Spec-Driven Development: The Waterfall Strikes Back marmelab.com/blog/2025/11... · Posted by u/vinhnx
That's Event-B (minus the formal side) with LLM
Personally, I think dark mode is unnecessary feature creep. But it's also because I never use it and hate it when it's the default and I have to go hunt for the hidden button to switch it off: I need lots of light, otherwise letters get blurry for me, so I'm just another biased human being =)
Dark mode is also about accessibility for some visually impaired users
Deleted Comment
“Modern LLMs suffer from hindsight contamination. GPT-5 knows how the story ends—WWI, the League's failure, the Spanish flu.”
This is really fascinating. As someone who reads a lot of history and historical fiction I think this is really intriguing. Imagine having a conversation with someone genuinely from the period, where they don’t know the “end of the story”.