VEXEEE

1.3K posts

VEXEEE banner
VEXEEE

VEXEEE

@eeexev

/tmp/universe/milky_way/solar_system/earth.sys

Katılım Ağustos 2020
320 Takip Edilen214 Takipçiler
Steve Ruiz
Steve Ruiz@steveruizok·
I said "state machines" and look who showed up
English
17
7
213
21.1K
VEXEEE
VEXEEE@eeexev·
@birch_js Clean code uncle will haunt the guy
English
0
0
0
936
José Valim
José Valim@josevalim·
That's how I feel as a bun user (I only use it for bundling, so not at the same scale as @thdxr). The rewrite is impressive and I trust the maintainers are doing what is right for the project, but I expect rough edges. I'll reserve my overall judgement for a couple weeks/months.
dax@thdxr

we are impacted by bun stability more than almost anyone, anything they're doing to try and improve that is good simultaneously we're going to wait a long time before considering moving a million daily users to the rust version so we're stuck for now

English
3
4
124
19.6K
VEXEEE retweetledi
anoop
anoop@anoopcodes·
@vanilagy In my opinion, It was just Jareds (creator of Bun) obsession about performance. The guy would post every single day about shaving of tiny amounts of performance, like every single day for YEARS That is addicting. And people want to root for it.
English
0
1
35
3.7K
VEXEEE retweetledi
Yoav
Yoav@YoavCodes·
Imagine deploying 1,000,000 lines of code written in 6 days by AI that no human has ever read, let alone reviewed, to production where your customer’s data is. Imagine
Ryan Fleury@rfleury

Presented without comment

English
82
112
3.3K
247.1K
VEXEEE retweetledi
Zed
Zed@zeddotdev·
Big diff go brrrrr
English
109
136
3.8K
244.7K
VEXEEE retweetledi
Aiden Bai
Aiden Bai@aidenybai·
Introducing React​ Review Agents write terrible React, this helps you fix it Just paste your GitHub repo! No signup required
English
62
97
1.8K
145.6K
Bun
Bun@bunjavascript·
Bun v1.3.14 - Fixes 92 issues, addressing 380 👍 - `Bun.Image` - builtin image processing - global virtual store in bun install - HTTP/3 Bun.serve() - HTTP/3 & HTTP/2 fetch() - `node:worker_threads` stability fixes - -17 MB on Windows, -7 MB on Linux bun.com/blog/bun-v1.3.…
English
32
50
1.2K
104.3K
VEXEEE retweetledi
Google DeepMind
Google DeepMind@GoogleDeepMind·
We’re reimagining a 50-year-old interface - the mouse pointer - with AI. 🖱️ These experimental demos show how people can intuitively direct Gemini on their screens using motion, speech, and natural shorthand to get things done 🧵
English
429
1.1K
8.5K
1.6M
VEXEEE retweetledi
Seb ⚛️ ThisWeekInReact.com
Seb ⚛️ ThisWeekInReact.com@sebastienlorber·
TL;DR for open-source maintainers 🚫 NEVER use "pull_request_target" workflows 🚫 NEVER use shared caches in your publish pipeline Combining these 2 in particular is extremely dangerous I've repeated this countless times over the years, but another reminder is always useful
Seb ⚛️ ThisWeekInReact.com tweet media
TANSTACK@tan_stack

SECURITY ADVISORY — TanStack npm packages A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package. Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down. Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys. If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised: • Rotate cloud, GitHub, and SSH credentials immediately • Audit cloud audit logs for the last several hours • Pin to a prior known-good version and reinstall from a clean lockfile Detection — the malicious manifest contains: "optionalDependencies": { "@tanstack/setup": "github:tanstack/router#79ac49ee..." } Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root). Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level. Full technical breakdown, complete package and version list, and rolling status updates: github.com/TanStack/route… Credit to the security researcher for responsible disclosure.

English
25
221
1.7K
203.5K
VEXEEE retweetledi
International Cyber Digest
International Cyber Digest@IntCyberDigest·
🚨 How the TanStack npm attack actually happened: 1. Attacker opened a normal-looking pull request (#7378) on the TanStack repo. 2. GitHub automatically ran CI tests on that PR. 3. Code inside the PR stole the workflow's GitHub Actions Cache write token during the test run. 4. The attacker used that token to plant poisoned files in the shared build cache. The PR could be closed afterwards. The poisoned cache stays. 5. The official release workflow later pulled from the cache, baked the malicious files into the build, and signed and published 84 malicious package versions to npm.
Adnan Khan@adnanthekhan

This attack leveraged GitHub Actions Cache Poisoning. Payload deployed here: github.com/TanStack/route… It looks like it detonated here: #step:26:2" target="_blank" rel="nofollow noopener">github.com/TanStack/route…

English
61
574
4.7K
800.6K
VEXEEE retweetledi
Claude
Claude@claudeai·
New in Claude Code: agent view. One list of all your sessions, available today as a research preview.
English
990
2.2K
28.9K
5.8M
VEXEEE retweetledi
ふぁ
ふぁ@faa0311·
最悪のツールが出来そう
日本語
6
29
532
90.5K
VEXEEE retweetledi
Herrington Darkholme
Herrington Darkholme@hd_nvim·
tsz is an unofficial TypeScript compiler in Rust by @mohsen____ It is now nearly compatible with TypeScript 6.0 and 1.26x faster than tsgo
Herrington Darkholme tweet media
English
10
12
273
22.8K
VEXEEE retweetledi
OpenRouter
OpenRouter@OpenRouter·
Introducing Pareto Code: a new, free, experimental coding router Set `min_coding_score` in your request and route to the cheapest code-capable model that clears your bar, ranked by @ArtificialAnlys. See the Pareto frontier shifting in real time👇
OpenRouter tweet media
English
40
67
921
212.2K
VEXEEE
VEXEEE@eeexev·
Hey all, if you are looking for paddle ocr javascript sdk, go checkout my package github.com/PT-Perkasa-Pil… Here's some comparison with the official PaddlePaddle paddle ocr js sdk
VEXEEE tweet mediaVEXEEE tweet media
English
0
0
0
16
VEXEEE retweetledi
pilcrow
pilcrow@pilcrowonpaper·
Open-sourcing my passwordless auth example! It's a minimal but complete implementation of passkeys and email sign-in following best practices github.com/pilcrowonpaper…
English
5
13
194
11.3K
VEXEEE retweetledi
Chris Tate
Chris Tate@ctatedev·
Introducing zero-native Build native desktop + mobile apps with web UI and Zig → Tiny binaries, low memory usage → Selectable web engines (WKWebView, WebKitGTK, WebView2, Chromium/CEF) → Next.js, Vue, Svelte, Vite, React → macOS, Linux, Windows, iOS, Android
Chris Tate tweet media
English
162
290
3.9K
534.3K
VEXEEE retweetledi
God of Prompt
God of Prompt@godofprompt·
Left: the watermark GPT Image 2 embeds into every image it generates. Right: SynthID, the fingerprint Google bakes into every Nano Banana and Gemini image. Invisible to the human eye. Applied during generation, not added after. Designed to survive screenshots, crops, and compression. Most people using these tools daily have no idea their output is fingerprinted at the pixel level. Every major AI image generator now tags what it produces, and the tag travels with the image wherever it ends up. You can verify this yourself. Content Credentials Verify detects C2PA markers from OpenAI images. Gemini detects SynthID if you upload an image directly to it. The images will keep getting more realistic. The identification tech is keeping pace.
God of Prompt tweet mediaGod of Prompt tweet media
Pleometric@pleometric

I extracted the gpt-image-2 watermark! testing it on different types of images now

English
140
545
4.9K
897.6K

Keşfet

@steveruizok @birch_js @jarredsumner @josevalim @thdxr @vanilagy @bunjavascript @mohsen____