Readit News logoReadit News
codesparkle commented on Post-mortem of Shai-Hulud attack on November 24th, 2025   posthog.com/blog/nov-24-s... · Posted by u/makepanic
codesparkle · 17 days ago
That’s not what happened at all

The attacker did not need to merge any PRs to exfiltrate the credentials

codesparkle · 17 days ago
What actually happened:

The workflow was configured in a way that allowed untrusted code from a branch controlled by the attacker to be executed in the context of a GitHub action workflow that had access to secrets.

codesparkle commented on Post-mortem of Shai-Hulud attack on November 24th, 2025   posthog.com/blog/nov-24-s... · Posted by u/makepanic
themly · 17 days ago
Long story short: they messed up the assign-reviewers.yml workflow, allowing external contributors to merge PRs without proper reviews. From this point on, you're fully open to all kinds of bad stuff.
codesparkle · 17 days ago
That’s not what happened at all

The attacker did not need to merge any PRs to exfiltrate the credentials

Posted by u/codesparkle 3 months ago
Priorities: Urgent vs. Importantarchaeologist.dev/artifac...
Posted by u/codesparkle 3 years ago
What microservices can learn from React.jsarchaeologist.dev/artifac...
Posted by u/codesparkle 3 years ago
Product Manage Your Meetingscutlefish.substack.com/p/...
codesparkle commented on Consume Less, Create More   archaeologist.dev/artifac... · Posted by u/codesparkle
082349872349872 · 3 years ago
I'm using https://www.newsboat.org , but not for any good reason: only because it came to hand when an HN discussion of a fork inspired me. That said, I've had no reason to look for anything better.

On an MBP, I'm using:

  browser "open %u"
  show-read-feeds no
  auto-reload yes
  reload-time 60
  macro m mark-feed-read ; quit ; reload-all
  macro k open ; goto-url 2 ; quit
for hourly polling; when I swap to its screen, I only ever consult 1 virtual feed:

  "query:Unread Articles:unread = \"yes\""
then use either 'o' or ',k' (for HN articles, to open comments) to load whatever looks interesting into tabs (in the browser on a different screen), then ',my' to mark all as read and re-poll.

codesparkle · 3 years ago
cool, there's a brew formula and trying to run it tells me exactly what to do:

  Error: no URLs configured. Please fill the file ~/.newsboat/urls with RSS feed URLs or import an OPML file.
thanks for the tip, giving it a go!

codesparkle commented on Consume Less, Create More   archaeologist.dev/artifac... · Posted by u/codesparkle
082349872349872 · 3 years ago
I know I'm trailing edge (quarter century late?) but I just installed an RSS reader, and found that it cut down on my click-click-click immensely: ("OK, I've finished skimming/reading the latest batch of incoming bitstreams, now time for me to create some fresh outgoing bits").

cf https://en.wikipedia.org/wiki/Operant_conditioning_chamber#/...

codesparkle · 3 years ago
Nice! I have tried Mastodon but keep getting sucked back into Twitter, hence the 30 minute daily limit. Perhaps I should give RSS a go as well. Can you recommend a reader?
Posted by u/codesparkle 3 years ago
Consume Less, Create Morearchaeologist.dev/artifac...
Posted by u/codesparkle 4 years ago
Odd: A Texas hold'em poker odds simulator written in Rustgithub.com/ocisly/odd...
codesparkle commented on Big O Notation – Explained as easily as possible   thatcomputerscientist.com... · Posted by u/optimalsolver
codesparkle · 5 years ago
A bad programmer solves their problems inefficiently and a really bad programmer doesn't even know why their solution is inefficient

To any beginners reading this: Solving problems inefficiently does not make you a bad programmer. Most of the time, an "inefficient" solution will be good enough, and optimising for performance comes at a cost.

So sit back, relax, and enjoy the journey.

c

u/codesparkle

KarmaCake day204August 19, 2016View Original