![](/static/253f0d9b/assets/icons/icon-96x96.png)
![](https://programming.dev/pictrs/image/8140dda6-9512-4297-ac17-d303638c90a6.png)
You declare it in the package.json as a category when publishing. It’s completely self-selected with no oversight, review, or enforced permissions.
You declare it in the package.json as a category when publishing. It’s completely self-selected with no oversight, review, or enforced permissions.
I believe they’re referring to lower down in the article, where the researchers analyzed existing extensions on the marketplace:
After the successful experiment, the researchers decided to dive into the threat landscape of the VSCode Marketplace, using a custom tool they developed named ‘ExtensionTotal’ to find high-risk extensions, unpack them, and scrutinize suspicious code snippets.
Through this process, they have found the following:
- 1,283 with known malicious code (229 million installs).
- 8,161 communicating with hardcoded IP addresses.
- 1,452 running unknown executables.
- 2,304 that are using another publisher’s Github repo, indicating they are a copycat.
The WinAmp maybe sorta open-sourcing is interesting. I’ve never used it (aside from downloading it to get MilkDrop working in Foobar2000).
These names are really fun! Good ones to add to my list…
Cool to see the Immich team going full time. I don’t use it personally but I hear great things
You mean like git sparse-checkout
? Admittedly experimental but useful
My “scrum leader” (who we handled agile just fine without before) is constantly complaining about points or priorities shifting, to the point that he’ll tell us to not put what we’re actually working on on the board because it’ll mess up the burndown chart.
One of the 4 values of agile is “responding to change over following a plan”. He’s parroted this to us before, and yet still doesn’t seem to see the irony.
Please, let’s get a little better data in here…
UPDATE real_influencers SET inactive_date=2024-03-29 WHERE name = 'Simon Riggs';
One of my biggest annoyances when talking to (especially older) people about my job as a software engineer is when they’re like “but how are you still working on it? Don’t you just like, make the app and you’re done?” They don’t realize the amount of work it takes to write everything, because they don’t understand the complexity involved in writing software.
Though it’s not as bad as “so I have an app idea… It’s like Uber but for clothing”
Also, I was just looking this morning at writing something like that Fitbit/influxDB integration for YNAB (You Need a Budget) for visualization in grafana!
I usually don’t pay much attention to the “new software” section, but PerPlexed looks pretty cool! It never occurred to me that it would be possible to create an alternative Plex UI from scratch like that
You should reach out to the authors! I have no clue how they create their “new” section
Also, that CLI trick is crazy! Never knew that and I’m a fairly proficient shell user.
Anyone use authentik? Seems useful, most of my homelab services are unsecured ATM (just local only/vpn)
The thought of colocating my homelab is intriguing… But also sounds like way too much effort and money
Also, I like the “alternative to” blogs in https://blog.while-true-do.io/spotlight-alternatives-for-google-dns/?ref=selfh.st - it’s an interesting series.
Spotted homepage on there - might switch my dashboard from Homarr to that, give it a try. Anyone used it (or other dashboarding software) before?
Not to disagree with your point about learning git, but you might be interested to know that “all large companies use git” isn’t actually exactly true - Facebook/Meta, one of the largest tech companies, uses mercurial: https://graphite.dev/blog/why-facebook-doesnt-use-git
Also never seen BaseRow before - anyone used that over NocoDb? Comparisons?
What’s wrong with Business Insider? Genuine question