mso.
2.5K posts
mso.
@mariodev__
✦ Be best, not first ✦ - | Fullstack dev @hireflix | prev CTO @streameth | - Making https://t.co/6TMTIxqVlY
GitHub acaba de solucionar el mayor problema del vibe coding. Acaban de lanzar Spec Kit y en días ya tiene +95K estrellas. ¿La idea? En vez de tirar prompts vagos y rezar para que el agente no rompa tu proyecto… Spec Kit obliga a la IA a crear una especificación estructurada ANTES de tocar código. La IA primero entiende lo que quieres construir, pregunta lo que falta, organiza el proyecto y después empieza a programar. Eso significa menos tiempo arreglando errores absurdos, menos código inconsistente y resultados mucho más predecibles cuando trabajas con agentes. El flujo es simple: /constitution → reglas y estándares /specify → qué quieres construir /clarify → dudas antes de empezar /plan → arquitectura y stack /tasks → tareas ordenadas /implement → ejecución Compatible con Claude Code, Cursor, Copilot, Codex, Gemini CLI y +25 agentes. 95K estrellas. 8K forks. Open source. Publicado por GitHub. Repositorio 👇
Introducing Composer 2.5, our most powerful model yet. It's more intelligent, better at sustained work on long-running tasks, and more reliable at following complex instructions. For the next week, we’re doubling the included usage of the model.
Swival audit of Tigerbeetle. Zero high-severity findings. Zero. #tigerbeetle-audit-findings" target="_blank" rel="nofollow noopener">github.com/Swival/securit…
every pixel of this image shoots a photon backwards through curved spacetime to find out where it came from. sixty times a second, in 600 lines of webgl. claude taught me how. now you can learn it too, with fun interactive examples and knobs: radiant-shaders.com/learn/event-ho…
SECURITY ADVISORY — TanStack npm packages A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package. Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down. Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys. If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised: • Rotate cloud, GitHub, and SSH credentials immediately • Audit cloud audit logs for the last several hours • Pin to a prior known-good version and reinstall from a clean lockfile Detection — the malicious manifest contains: "optionalDependencies": { "@tanstack/setup": "github:tanstack/router#79ac49ee..." } Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root). Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level. Full technical breakdown, complete package and version list, and rolling status updates: github.com/TanStack/route… Credit to the security researcher for responsible disclosure.
This is what happening. Do not let influencers hype fool you.
got a fix for my claude code session management
