I’ve not built anything beyond simple scripts in rust but I’m looking at some of the cosmic codebase to see what I can do.

I’ve been programming for too long, my brain just autocorrected the typo so initially didn’t get the joke…

Again, this existed before AI. Typo squatting, supply chain attacks, automated package uploads, CI pipeline infection, they’re all known attack vectors. That’s not to say this isn’t a concern, just that it’s a known risk and the addition of “AI” doesn’t, to my eyes, increase that risk. If your SSH keys don’t require a password, you have taken the decision to make those keys less secure but more convenient to use. That’s pretty much always the tradeoff in security.

The risk here is slightly overblown or misrepresented. Just because a fork exists doesn’t mean that anyone has even read it, let alone run it on their system. For this to be a real threat they would have to publish packages with identical or similar names (ie typo-squatting) to public package repositories which this article didn’t have any information on but which is a known problem long before AI. The level of obfuscation and number of repos affected is impressive but ultimately unlikely to have widespread impact to anyone besides GitHub.

Another commenter said this but the last two prime ministers were only chosen by the conservative party membership, not by general election. So about 30,000 people have decided the ruler of the country for the past couple of years. You can argue about PMs before then but First Past the Post voting also has a lot to answer for.

My friend and I are looking to make a game and the general consensus has been that perforce is still better than git LFS, so we’re setting up a perforce server. What is it about SVN and perforce that you miss? I’ve only ever used git professionally for VCS so I’m finding perforce’s always-online and exclusive-checkouts model just very strange (though I understand the need for it when working with binary files).

I like it and have been using it for something like 6 months. I had an issue where I really liked the application and how simple it was but I didn’t really want to “budget”, just keep an eye on where my money was going. That was fine, just keep zero-ing the numbers every month, slightly tedious though. Now they’ve got a “report” style behind an experimental flag and that’s made it pretty perfect for me.

I set up some family members with the electron app after they had spent 3 days to do in a spreadsheet what I had done in 3 hours in actual. There was resistance initially due to sunk cost fallacy but now they’re loving it.

Other options like ynab and firefly were just too bloated and complex for our simple use case.

Why is it surprising that you had a pocket knife confiscated at a bar?

I’ve heard the argument as a positive of learning vim and while it did finally force me to touch type I can’t say that it had any impact on my programming speed.

I agree with those saying mailing lists are intimidating. I don’t know if others are using dedicated tools or something but I find web based mailing list UIs just incomprehensibly bad and difficult to navigate.