The answer is in the name. The word 'hacker' used to more refer to someone who is a tinkerer, diy engineer, curious about how systems, components, etc work. Hacker News is still somewhat true to this ethos, what's popular here aligns with this old-school curiosity mindset. Of course the exact interests of the userbase has changed over the years, but if you spend a lot of time on this forum you eventually understand some of the common themes that get the minds of the hackers turning.
Unfortunately due to the enshittification of things people are conditioned to see HN as something to be gamed and leveraged for personal gain now, but in general it's algorithm-less enough, the the mods are strict enough, (thank god) that the type of content here stays pointed towards the original 'hacker' ideals.
Anyone have a good solution to scan all code in our Github org for uses of the affected packages? Many of the methods we've tried have dead ended. Inability to reliably search branches is quite annoying here.
Have you tried Dependency Track from OWASP? Generate SBOM from each repo/projects and post it with API to DT and you have full overview. You have to hook it up so it is done automatically because of course stuff will always move.
npm audit - will tell you if there's any packages with known vulnerabilities.
https://docs.npmjs.com/cli/v11/commands/npm-audit
I'd imagine it's considerably slower than search, but hopefully more reliable.
You can probably get a list of the repos with a github API or something.
Git clone with org admin user credentials (can be read only) so you have access to all the repos.
run grep on all package.json files, search for all of the affected repos.
No need to do any code regarding versions, just filter it down and manually process versions if needed. If you have any of these packages, no matter the versions, you should already be making efforts to migrating, kill the baby with the bathwater, cut off the arm before the gangrene spreads. At any rate you can check versions manually after you have filtered it down to something reasonable, part of automating is knowing when to stop.
For real. It makes me feel like I'm coding in C++ again. I have the suspicion that many Next aficionados are using M12 Macs with 512GB RAM and don't know how bad the DX is on anything less than a bleeding edge machine.
I've saved a link to more or less every thought-provoking article I've read since the last 12 years (first in Evernote, and now Obsidian). I have two notes, one "links", the other "article notes", that's just a bare minimum note-taking system for stuff I read on the web. Both notes are huge, and undoubtedly contain many tidbits of advice, perception shifting ideas, or "subjectivity merges" (https://sashachapin.substack.com/p/books-are-subjectivity-me...).
One of my project ideas now that has been building in my mind is, 12 years on, to go back and re-read and re-evaluate many of these links, and do a short write-up on how I've been influence by this article or any explicit choices that I've made in my life that could likely be attributed to it. I think this would be fascinating from a psychological/neurological POV but also a really cool chance to reflect on how I've changed/grown as a person.
Great article, and this resonates a lot with how I've felt lately. I'm trying to include at least one "creative" task each day in my to-dos, because I notice I feel much much better if I have a multidisciplinary day--some programming, some writing, some DIY projects, some new cooking. If I run out of steam for one thing, oftentimes I still have energy to put into other types of tasks, and even feel rejuvenated afterwards. These things can be small (like learning a new skating drill or a small home improvement project), but the act of creating something physical regularly feels really good to me day after day.
They're nice to be able to change up your position during the course of the day, but regardless of what you do, it's bad for your body to be in the same position for several in a row. You can throw some money at the problem, but having discipline to get up and have a quick break every 30 minutes will take you much further than a standing desk will IME.
Really cool angle. I'm curious how Youtube ranks on the amount of human knowledge or described experience compared to the whole (publically available) web. It's got to be pretty substantial.
A personal journaling web app that records my voice, sends it to a speech-to-text API, then sends that text to ChatGPT to rewrite it in a style of my choice (bulleted list, casual, professional, etc). Then saves that as a markdown file for viewing in the same web app. Pretty easy to make and I really like journaling with my voice.
I would almost consider this a default package to use in a react application for server-side state. Any mildly complex UI will almost immediately need init/loading/error/data states, and you begin to write a wrapper that trends towards what react-query gives you. It makes it a lot easier to by default, write code that provides much better UX. The improvement there far outweighs the small amount of time it takes to learn the library and overhead it introduces.
Unfortunately due to the enshittification of things people are conditioned to see HN as something to be gamed and leveraged for personal gain now, but in general it's algorithm-less enough, the the mods are strict enough, (thank god) that the type of content here stays pointed towards the original 'hacker' ideals.