Sam Rose

I'm now able To push those spirits outside My thought is free And forever lives in me Psychic transfer I've stolen their unique power Nothing can stop the evacuation Nothing can stop the psychic vacuum

@jordienr rewrite Rust in SQL

we have to bring back the SQL propaganda

@htmx_org htmx depends on 1200 CEO's over in the CEO repository htmx.ceo

@jordienr @gitpush_gitpaid "cancel"

the only guarantees in life death, taxes, and me clicking resume on my free tier supabase project

@jordienr They grow new ones in the lab

@jordienr rewriting rust in cobol

@SamRose i heard pg rewrite in rust

pumped for what we're shipping at supabase this year, everyone is heads down working on great stuff

The whole Anthropic kerfuffle would have gone much smoother if they had been upfront about it. "Hey, we know this is unpopular, but we are moving programmatic access to API pricing. To easen the transition, we are giving API credits that match your subscription value. We also expect this change to increase capacity, so we are doubling the limits throughout Claude products for the next 2 months". The reason they made it sound like an upgrade was because the announcement was not for developers. It was for investors and enterprise customers. Impacting devrel is just collateral damage, which is on par for a company which believes coding is going away any time now. And this is extremely disapointing because they want to position themselves as a company that we should trust. But if they can't be honest about pricing changes, it is really hard to believe them on anything else.

@grhmc The same way gas stations do it.

How does AWS's spot market actually do pricing?

@grhmc @RossComputerGuy

Excited to announce that we have aligned all stakeholders and hit 100k followers on LinkedIn.

Have you seen all of the software supply chain security issues recently? I don’t think this is a spike that will die down. This is the new reality, and it points to a simple truth: teams need more control over what runs in production.

@grhmc They should have listened when told nix fixes this

Vulns being identified and fixed is *getting better.*

Elixir v1.20.0-rc.5 is out with our latest batch of typing and performance improvements. We are really close to the final release, so please give it a try and report what you find! elixirforum.com/t/elixir-v1-20…

Heads up: there's currently a typosquatting package on npm pretending to be related to Supabase: 𝗌​​​​𝗎𝗉𝖺𝖻𝖺𝗌𝖾-𝗃𝖺𝗏𝖺𝗌𝖼𝗋𝗂𝗉𝗍 This is not an official Supabase package. Always verify package names before installing dependencies, especially when using AI/codegen tools that may hallucinate package names. Official packages are published under the @𝗌𝗎𝗉𝖺𝖻𝖺𝗌𝖾/* 𝗌𝖼𝗈𝗉𝖾. We're actively working to get this package taken down.

If ever a “nix fixes this” were true, this has to be the most fixiest of this that nix fixes

As a response to the ongoing npm supply-chain attacks, I released npm_ex 0.7.0. npm_ex is a pure Elixir npm package manager: resolve, fetch, cache, and link npm packages from Mix without Node.js. This release tightens the default security model: - lifecycle hooks are not auto-run - transitive git/url/file deps blocked by default - direct exotic deps require allowlisting - registry policy checks - OSV/OpenSSF malicious-package audits Also finally added proper HexDocs: getting started, dependency workflows, CI, supply-chain safety, audit docs, config + CLI cheatsheets. github.com/elixir-volt/np…

Reach 2.3 Since 2.0, the smell engine went from 30 patterns to 80+, now covering most of what Credence (hex.pm/packages/crede…) detects plus IR-based analysis that AST-only tools can't do. New in 2.1–2.3: • Repeated traversal — flags Enum.max + Enum.min + Enum.count on the same list • Nested O(n²) — Enum.member? inside Enum.map on the same variable • ++ [item] in recursion — with auto-suggested prepend+reverse fix • Multiple Enum.at with literal indices — suggests pattern matching • Piped Regex.replace — catches the subtle argument swap bug • 20+ new pipeline/collection patterns: Map.keys/values waste, identity _by functions, redundant separators, Python idiom ports Every pattern corpus-tested against 500 top Hex packages. github.com/elixir-vibe/re…

how I’m getting work done without freaking out about the npm supply chain today: ❯ go run hello_world.go hello world

We have just wrapped up the meta-issue which tracked type inference of all Elixir constructs: github.com/elixir-lang/el… It includes typing of the construct themselves and features like occurrence typing, to provide a high-degree of precision. Expect a new RC soon as we will continue measuring performance on our way to Elixir v1.20.

My plans for the week vs a supply chain attack on npm