Tomasz Kielar

@psmyrdek @TotalnyChampion aka boiled strawberries

@TotalnyChampion Wywar z truskawek

japierdole ludzie z warszawy odkryli kompot i sprzedają go za 30 zł XD

@saltyAom any ability to jump into closed alpha beta testing? would love to try as im building upon Elysia

Elysia 2 beta is close

Big diff go brrrrr

damn Bun did it 🤞🏽 gonna check out the canary @jarredsumner

@cursor_ai what about running local postgres / redis services from compose? is it doable via the new dev envs?

Starting today, you can run cloud agents inside fully configured development environments. Set them up the same way you'd set up a laptop for an engineer: cloned repos, installed dependencies, and toolchain credentials.

here's the script for checking compromised packages and files. thanks @claudeai gist.github.com/k1eu/1f7cb3ae7… It's based on the findings by aikido.dev/blog/mini-shai…

@tan_stack @TansTack gist.github.com/k1eu/1f7cb3ae7… Based on the aikido.dev/blog/mini-shai… here's the script for checking compromised packages and files. thanks @claudeai

SECURITY ADVISORY — TanStack npm packages A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package. Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down. Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys. If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised: • Rotate cloud, GitHub, and SSH credentials immediately • Audit cloud audit logs for the last several hours • Pin to a prior known-good version and reinstall from a clean lockfile Detection — the malicious manifest contains: "optionalDependencies": { "@tanstack/setup": "github:tanstack/router#79ac49ee..." } Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root). Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level. Full technical breakdown, complete package and version list, and rolling status updates: github.com/TanStack/route… Credit to the security researcher for responsible disclosure.

Tanstack Start really feels like what many developers wanted Next.js to become. 1. Open source 2. Can be deployed anywhere without performance issues - Cloudflare Workers, Netlify, $5 VPS 3. Type safe routing 4. Server functions TanStack Start brings control back to developers.

@semdzh @schanuelmiller use tanstack.com/router/latest/… and do whatever convention suits you 🎉

Hey @schanuelmiller, What’s the best way to protect routes in the TanStack Start app? Personally, I find option 1 much cleaner. What do you recommend?

Current models are great at visualizing you in different outfits. The problem? The “you” isn’t consistent. No persistent avatar. No real mix & match. I might have a fix for that later today 🤫

@dillon_mulroy @adamtowerz dropping Nest is always a good call

@adamtowerz drop the Nest. it’s cleaner

RepositoryForker is my favorite class ive ever named

Introducing GPT-5.5 A new class of intelligence for real work and powering agents, built to understand complex goals, use tools, check its work, and carry more tasks through to completion. It marks a new way of getting computer work done. Now available in ChatGPT and Codex.

playing around with gpt-image-2

dedication.

I recently worked with a few younger designers and saw that there is room for improvement on how to talk with AI

We benchmarked TanStack Start, React Router, and Next.js running the exact same eCommerce app at 1,000 req/s on AWS EKS. The results were eye-opening.

@shlomiatar @jarredsumner @saltyAom How's the Bun and Elysia in X holding up these years? :)

@aqueel @jarredsumner also a shoutout to @saltyAom and the phenomenal Elysia js that is powering our server driven UI. Incredible work.

X is using Bun in production!

@andrii_sherman step in a good direction - waiting for migrate down 🤓

We just released beta.16 with migration updates and fixes. The best part of this release is that we added commutativity checks for PostgreSQL and MySQL (we’ll add other dialects next). Commutativity checks are especially useful for the most painful part of drizzle migrations: working in big teams Here’s what we have in total: 1. No more _journal (auto-upgrade from 0.x) 2. Drop migrations by deleting the folder 3. Apply all migrations, not only those after the last one recorded in the DB 4. Now generate and migrate detect conflicting branches. Example: - Feature 1 adds migration_1 (alter column) - Feature 2 adds migration_2 (alters the same column) - Both land in dev - drizzle-kit flags the conflict, prints a migration tree, and points to what to fix (delete one migration and regenerate) Rule of thumb: resolve conflicts by removing the conflicted migration (and any subsequent ones) from the target branch If everything is commutative, drizzle-kit lets you apply migrations in any order We’re at ~98% - remaining work is adding commutativity checks for other dialects and testing Congrats!

@pierskarsenbarg @yusukebe yes you can - it has offical node adapter

@k1euu @yusukebe Can you use Elysia with node? I thought it was bun only?

I like the current Elysia's branding (this is not a comment as "the competitor"). The identity and soul are most important for the creator. Plus, the characters are cute

@yusukebe elysia in honoverse