Skip Navigation

Kissaki

@ Kissaki @programming.dev

Posts
226
Comments
1467
Joined
3 yr. ago

  • Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health"

    Jump

  • relevant, from a PR comment

    On Monday January 26, 2026, I intend to merge this pull-request and post an explainer blog post detailing some further reasoning and details behind this move. The change, the end of the bounty, is officially set for January 31 but I am certain it will take some days to "take effect" and by merging the update a few days early I don't think we actually hurt anyone.

  • Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health"

    Jump

  • His comments came as cURL users complained that the move was treating the symptoms caused by AI slop without addressing the cause. The users said they were concerned the move would eliminate a key means for ensuring and maintaining the security of the tool.

    A single user commented, and they responded. “users complained” and "the users" is wrong. implying something different.

    “users complained” feels like a misrepresentation to me as well, at least how I read and understand "complained". The user wrote “As a security researcher, this is honestly painful to see, but also completely understandable.” Is it complaining if they understand the act and change?

    In a separate post on Thursday, Stenberg wrote: “We will ban you and ridicule you in public if you waste our time on crap reports.”

    The linked separate post is a /.well-known/security.txt file. It's not really a “separate post”. And I don't see where they got the date from. Maybe from whatever linked to that in the first place.

    An update to cURL’s official GitHub account made the termination, which takes effect at the end of this month, official.

    Isn't that from the merge request, which is not merged yet? It's definitely not in the main branch. Current MR state is something different. The MR discussion clearly states that they will merge on 26th - no early.

    “an update to the official GitHub account” makes no sense to me in the first place, when it's a file in a repo, not even the account.

    At first, I only wanted to point out one thing. Now this whole article feels like AI slop. Dunno how warranted that feeling/assessment is. Is it sloppy reporting? Am I, as a reader, the problem?

    /edit: The bleeping computer article posted in the community is much better/consistent/coherent. Of course, this one was earlier and already has traction.

  • Can we share our work?

    Jump

  • I can't read this because it's not in code fencing /s

  • A manifesto for open source, from Mercedes-Benz

    Jump

  • Arse and elbow

    Jump

  • Links to two years ago. Surely jpg png or bmp parsers had security issues whatever years ago as well?

  • Deprecation of user to organization account transformation

    Jump

  • If you want your organization to use your current username, you’ll need to rename your personal account first

    Is it possible to automate observing user renames and then create new accounts effectively blocking them?

  • Stop turning everything into arrays (and do less work instead)

    Jump

  • After the first half, content repetition sets in, making me wonder about degree of LLM. I feel like at the end I read two things in particular three times.

    Either way, The first half or third was interesting and valuable.

  • Welcome Dan Williams, new LibreOffice Developer focusing on UI/UX 🥳

    Jump

  • Liquid glass? Sounds hot. 🤡

  • Deleted

    Permanently Deleted

    Jump

  • They say they want to distance themselves from Microsoft. VSCodium is a stripped/forked VSCode, I have to assume that's why they want to evade it. Theia is a separate, independent project that adds VSCode-plugin-compatible APIs.

  • A data model for Git

    Jump

  • I used GitGitGadget to make all of my contributions. This meant that I could make a GitHub pull request (a workflow I’m comfortable with) and GitGitGadget would convert my PRs into the system the Git developers use (emails with patches attached). GitGitGadget worked great and I was very grateful to not have to learn how to send patches by email with Git.

    Interesting

    https://gitgitgadget.github.io/

  • Deleted

    Permanently Deleted

    Jump

  • Newer AI Coding Assistants Are Failing in Insidious Ways

    Jump

  • A task that might have taken five hours assisted by AI, and perhaps ten hours without it, is now more commonly taking seven or eight hours, or even longer.

    What kind of work do they do?

    in my role as CEO of Carrington Labs, a provider of predictive-analytics risk models for lenders. My team has a sandbox where we create, deploy, and run AI-generated code without a human in the loop. We use them to extract useful features for model construction, a natural-selection approach to feature development.

    I wonder what I have to imagine this is doing and how. How do they interface with the loop-without-a-human?

    Either way, they do seem to have a (small, narrow) systematic test case and the product variance to be useful at least anecdotally/for a sample case.

  • Google AI Studio is now sponsoring Tailwind CSS

    Jump

  • I am happy to share that we (the @GoogleAIStudio team) are now a sponsor of the @tailwindcss project! Honored to support and find ways to do more together to help the ecosystem of builders.

    by Logan Kilpatrick - user profile desc: Lead product for @GoogleAIStudio & Gemini API. My views!

  • BBC tested ChatGPT, Copilot, Gemini, and Perplexity on 100 of its own articles; 51% of answers had significant issues

    Jump

  • In December 2024, the BBC carried out research into the accuracy of four prominent AI assistants that can search the internet – OpenAI’s ChatGPT; Microsoft’s Copilot; Google’s Gemini; and Perplexity. We did this by reviewing responses from the AI assistants to 100 questions about the news, asking AI assistants to use BBC News sources where possible.

    The answers produced by the AI assistants contained significant inaccuracies and distorted content from the BBC. In particular: …

    51 % significant issues, 19 % factual errors, 13 % altered or invalid quote citations

  • Researchers figured out how to run a 120-billion parameter model across four regular desktop PCs

    Jump

  • The article isn't very concrete on what the substance of this Anyway System is.

    The FAQ answered my question though, and it seems mostly about dynamic management of PCs as execution nodes.

    I assume that means I could run the model on one of those PCs as well, despite the article claiming you can use as few as four PCs? Or does this system somehow distribute a single model prompt process into multiple execution pipelines?

  • Removed Deleted

    Permanently Deleted

    Jump

  • Did you remove your earlier post from two or three days ago? https://programming.dev/post/43579392

    I posted a comment there, but looks like what I was asking about is no longer part of the post or repo readme this time around.

    While trying to determine whether this is that I noticed you wrote “566 pages of theory” but then 573-page manuscript. I assume it became more pages, or are they different things?

  • Opus 4.5 is going to change everything

    Jump

  • Without understanding how it’s built, how do I know if there’s duplication, dead code, or poor patterns? I used to obsess over this. Now I’m less worried that a human needs to read the code, because I’m genuinely not sure that they do.

    What you do need: simple entry points, explicit code with fewer abstractions, minimal coupling, and linear control flow.

    Seems to be the common simple standard software works well fallacy.

    By “can replace developers”, what do they mean? They don't clarify, only talk about their three success projects.

    We've seen studies of the issues and risks, and discrepancy between user perception and more factual gains. And this post certainly seems like they're not experienced in or thinking of development and maintenance that goes beyond simple standard integration software. Which doesn't make it too surprising they're not concerned about security for those simpler projects either.

  • Creators of Tailwind laid off 75% of their engineering team

    Jump

  • Open Source Money Manager

    Jump
  • Git @programming.dev
    Kissaki @programming.dev

    Highlights from Git 2.48 - GitHub Blog (2025-01-10)

    github.blog /open-source/git/highlights-from-git-2-48/
  • Nushell @programming.dev
    Kissaki @programming.dev

    GitHub Actions Workflow for testing Nushell env and config files

    github.com /Kissaki/nushell-config/blob/main/.github/workflows/main.yml
  • Programming @programming.dev
    Kissaki @programming.dev

    Edgio files for bankruptcy, Microsoft has to update some dotnet CDN URLs that used azureedge.net domain

    devblogs.microsoft.com /dotnet/critical-dotnet-install-links-are-changing/
  • .NET @programming.dev
    Kissaki @programming.dev

    Critical: .NET Install links are changing - .NET Blog

    devblogs.microsoft.com /dotnet/critical-dotnet-install-links-are-changing/
  • Nushell @programming.dev
    Kissaki @programming.dev

    Nushell 0.101.0 | Nushell

    www.nushell.sh /blog/2024-12-24-nushell_0_101_0.html
  • Programming Horror @programming.dev
    Kissaki @programming.dev

    nmake cancel

  • .NET @programming.dev
    Kissaki @programming.dev

    Dramatically faster package restores with .NET 9's new NuGet resolver - .NET Blog

    devblogs.microsoft.com /dotnet/dotnet-9-nuget-resolver/
  • Programming @programming.dev
    Kissaki @programming.dev

    Deno v. Oracle: Canceling the JavaScript Trademark

    deno.com /blog/deno-v-oracle
  • Web Development @programming.dev
    Kissaki @programming.dev

    Deno v. Oracle: Canceling the JavaScript Trademark

    deno.com /blog/deno-v-oracle
  • JavaScript @programming.dev
    Kissaki @programming.dev

    Deno v. Oracle: Canceling the JavaScript Trademark

    deno.com /blog/deno-v-oracle
  • .NET @programming.dev
    Kissaki @programming.dev

    dotnet scaffold - Next Generation Content Creation for .NET - .NET Blog

    devblogs.microsoft.com /dotnet/introducing-dotnet-scaffold/
  • Programming @programming.dev
    Kissaki @programming.dev

    How Did REST Come To Mean The Opposite of REST? | htmx

    htmx.org /essays/how-did-rest-come-to-mean-the-opposite-of-rest/
  • Web Development @programming.dev
    Kissaki @programming.dev

    How Did REST Come To Mean The Opposite of REST? | htmx

    htmx.org /essays/how-did-rest-come-to-mean-the-opposite-of-rest/
  • Nushell @programming.dev
    Kissaki @programming.dev

    Nushell CLI command to download the highest-quality opus audio file through yt-dlp

    kcode.de /blog/2024/2024-03-12_nushell-command-alias-download-opus-audio-through-yt-dlp/
  • Nushell @programming.dev
    Kissaki @programming.dev

    Nushell - A Great Shell (Command Line)

    kcode.de /blog/2022/2022-08-11-nushell/
  • Nushell @programming.dev
    Kissaki @programming.dev

    Nushell 0.100.0 | Nushell

    www.nushell.sh /blog/2024-11-12-nushell_0_100_0.html
  • Programming @beehaw.org
    Kissaki @programming.dev

    Announcing .NET 9 - .NET Blog

    devblogs.microsoft.com /dotnet/announcing-dotnet-9/
  • Programming @programming.dev
    Kissaki @programming.dev

    Announcing .NET 9 - .NET Blog

    devblogs.microsoft.com /dotnet/announcing-dotnet-9/
  • .NET @programming.dev
    Kissaki @programming.dev

    Announcing .NET 9 - .NET Blog

    devblogs.microsoft.com /dotnet/announcing-dotnet-9/
  • .NET @programming.dev
    Kissaki @programming.dev

    What's new in System.Text.Json in .NET 9 - .NET Blog

    devblogs.microsoft.com /dotnet/system-text-json-in-dotnet-9/