Reposted by Bret Comnes
+1 to all this. More-or-less the same experience even.
Very open to things.
If anyone is hiring.
Very open to things.
If anyone is hiring.
serious question: is anyone hiring? open to connecting. 10+ years of full stack experience plus 1 year of unhinged ai/atproto hacking
January 6, 2026 at 10:23 PM
+1 to all this. More-or-less the same experience even.
Very open to things.
If anyone is hiring.
Very open to things.
If anyone is hiring.
Good reference. Thanks for sorting that out in one place.
wrote a brief history of module specifiers and protocols in javascript: macwright.com/2025/12/08/m...
A brief history of specifiers and protocols
npm:, node:, jsr:, https: and a lot more
macwright.com
December 8, 2025 at 7:26 PM
Good reference. Thanks for sorting that out in one place.
I mini-racked my network. Next step is to fit the orange case into 1U somehow.
December 6, 2025 at 3:32 AM
I mini-racked my network. Next step is to fit the orange case into 1U somehow.
Why doesn’t anyone sell a charging cubby optimized for horizontal slots. They are all vertical.
December 6, 2025 at 3:30 AM
Why doesn’t anyone sell a charging cubby optimized for horizontal slots. They are all vertical.
Anyone have old Mac minis they have sitting around and want to sell me?
October 21, 2025 at 3:00 AM
Anyone have old Mac minis they have sitting around and want to sell me?
Reposted by Bret Comnes
We’re system architects at core. We built a decentralized network so you could run your own moderation, but beyond that our upcoming healthy discourse project is taking some swings at the interaction model that drives these dynamics on Bluesky. Excited to start seeing it in action.
October 3, 2025 at 1:49 PM
We’re system architects at core. We built a decentralized network so you could run your own moderation, but beyond that our upcoming healthy discourse project is taking some swings at the interaction model that drives these dynamics on Bluesky. Excited to start seeing it in action.
Reposted by Bret Comnes
Recognition for Sarah! So deserved! @sarahgooding.bsky.social
October 16, 2025 at 2:50 PM
Recognition for Sarah! So deserved! @sarahgooding.bsky.social
Reposted by Bret Comnes
Maintainer compromises used to be rare. Now they’re happening at an alarming rate, as seen in recent attacks. Today we’re giving developers a new layer of defense with Socket Firewall, a free tool that blocks malicious dependencies at install time.
September 30, 2025 at 5:21 PM
Maintainer compromises used to be rare. Now they’re happening at an alarming rate, as seen in recent attacks. Today we’re giving developers a new layer of defense with Socket Firewall, a free tool that blocks malicious dependencies at install time.
Reposted by Bret Comnes
🚨 Open source supply chain attacks are exploding.
Starting today, that ends.
We’re releasing Socket Firewall — FREE, zero-config, CLI that blocks malware before it lands on your laptop or CI.
Just run:
npm i -g sfw
sfw npm install lodash
Works for: npm, yarn, pnpm, pip, uv, and cargo.
Starting today, that ends.
We’re releasing Socket Firewall — FREE, zero-config, CLI that blocks malware before it lands on your laptop or CI.
Just run:
npm i -g sfw
sfw npm install lodash
Works for: npm, yarn, pnpm, pip, uv, and cargo.
September 30, 2025 at 6:06 PM
🚨 Open source supply chain attacks are exploding.
Starting today, that ends.
We’re releasing Socket Firewall — FREE, zero-config, CLI that blocks malware before it lands on your laptop or CI.
Just run:
npm i -g sfw
sfw npm install lodash
Works for: npm, yarn, pnpm, pip, uv, and cargo.
Starting today, that ends.
We’re releasing Socket Firewall — FREE, zero-config, CLI that blocks malware before it lands on your laptop or CI.
Just run:
npm i -g sfw
sfw npm install lodash
Works for: npm, yarn, pnpm, pip, uv, and cargo.
Anyone know a good leader election library that either uses pg or redis on the backed? Basically, in a horizontally deployed service, I need one instance to do something unique, and something else to take over when it disappears.
September 24, 2025 at 10:14 PM
Anyone know a good leader election library that either uses pg or redis on the backed? Basically, in a horizontally deployed service, I need one instance to do something unique, and something else to take over when it disappears.
Gigantic OOOOOF on this one.
🚨 Supply chain attack on Nx npm packages (4.6M weekly downloads)
Malware abused AI CLI tools (Claude, Gemini, Q) to steal creds + wallets, then exfiltrated to GitHub repos (s1ngularity-repository*).
More than 1,000 victim accounts confirmed.
🔗 socket.dev/blog/nx-pack... #nodejs
Malware abused AI CLI tools (Claude, Gemini, Q) to steal creds + wallets, then exfiltrated to GitHub repos (s1ngularity-repository*).
More than 1,000 victim accounts confirmed.
🔗 socket.dev/blog/nx-pack... #nodejs
Nx npm Packages Compromised in Supply Chain Attack Leveragin...
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malwa...
socket.dev
August 28, 2025 at 1:51 AM
Gigantic OOOOOF on this one.
Reposted by Bret Comnes
Reminder that the major thing that made GitHub succeed over Google Code, Sourceforge etc is to be found in its initial tagline:
“Social coding”
GitHub added a social network on top of the code – highlighting the people rather than just the lines
Any successor to it needs to solve the social layer
“Social coding”
GitHub added a social network on top of the code – highlighting the people rather than just the lines
Any successor to it needs to solve the social layer
August 11, 2025 at 10:50 PM
Reminder that the major thing that made GitHub succeed over Google Code, Sourceforge etc is to be found in its initial tagline:
“Social coding”
GitHub added a social network on top of the code – highlighting the people rather than just the lines
Any successor to it needs to solve the social layer
“Social coding”
GitHub added a social network on top of the code – highlighting the people rather than just the lines
Any successor to it needs to solve the social layer
Didn't know @pfrazee.com was moonlighting at openai
August 7, 2025 at 6:24 PM
Didn't know @pfrazee.com was moonlighting at openai
Reposted by Bret Comnes
You can now view and edit your auth tokens in your account page. More auth token features like a CRUID ui and old token cleanup coming soon. Sorry for the slow pace of development lately, just trying to get core features implemented correctly.
July 28, 2025 at 5:16 AM
You can now view and edit your auth tokens in your account page. More auth token features like a CRUID ui and old token cleanup coming soon. Sorry for the slow pace of development lately, just trying to get core features implemented correctly.
Reposted by Bret Comnes
Y'all don't sleep on ls-mcp
It's a quick access CLI to detect and list all MCP servers across your AI tools stack
It's a quick access CLI to detect and list all MCP servers across your AI tools stack
July 22, 2025 at 7:27 PM
Y'all don't sleep on ls-mcp
It's a quick access CLI to detect and list all MCP servers across your AI tools stack
It's a quick access CLI to detect and list all MCP servers across your AI tools stack
Is there such a thing as a userQueryState hook? Basically use state but reactive in and out of the query string.
June 14, 2025 at 4:09 PM
Is there such a thing as a userQueryState hook? Basically use state but reactive in and out of the query string.
Reposted by Bret Comnes
deploy-to-neocities helping deploy 1k personal websites! Glad to see it!
May 27, 2025 at 7:46 PM
deploy-to-neocities helping deploy 1k personal websites! Glad to see it!
Is there any good domain registrar left? (Independently run, well made, decent prices?) seems iwantmyname sold out recently.
May 25, 2025 at 7:02 PM
Is there any good domain registrar left? (Independently run, well made, decent prices?) seems iwantmyname sold out recently.
I think it may finally be time to drop .io domains. These stupid things cost $100/yr!
May 22, 2025 at 8:02 PM
I think it may finally be time to drop .io domains. These stupid things cost $100/yr!
This is just going to get worse with AI, when people finally realize the only things these create are derivative ripoffs of original work. Goes for code too!
i don't have the resources nor the energy to spare to pursue this legally but i have lost count of the number of times a major company has deemed it easier to pay a designer to imitate or steal my work than to write me an email.
May 19, 2025 at 11:12 PM
This is just going to get worse with AI, when people finally realize the only things these create are derivative ripoffs of original work. Goes for code too!
Looking for prior art: dissecting GitHub repos into sub-projects, specifically in monorepos.
May 15, 2025 at 4:07 AM
Looking for prior art: dissecting GitHub repos into sub-projects, specifically in monorepos.