Hacker News: arianvanp

New comment by arianvanp in "jj – the CLI for Jujutsu"

arianvanp — Tue, 14 Apr 2026 12:44:12 +0000

You can disable the auto staging of new files since recently which removed the main grype for me

New comment by arianvanp in "Open Source Security at Astral"

arianvanp — Thu, 09 Apr 2026 06:29:14 +0000

The problem is nobody checks.

All the axios releases had attestations except for the compromised one. npm installed it anyway.

New comment by arianvanp in "Delve removed from Y Combinator"

arianvanp — Sat, 04 Apr 2026 06:54:24 +0000

If you care about this stuff you need to in-house auditing and do your own audits with people who care. Then get certified by an external auditor for the paper.

You can start very lightweight with doing spec driven development with the help of AI if you're at a size where you can't afford that. It's better than nothing.

But the important part is you, as a company, should inherently care.

If you rely on an auditor feedback loop to get compliant you've already lost.

New comment by arianvanp in "VHDL's Crown Jewel"

arianvanp — Mon, 30 Mar 2026 06:40:26 +0000

Sounds like reachability problem in Petri nets to me?

New comment by arianvanp in "ICAO issued new power bank restriction on flight"

arianvanp — Sun, 29 Mar 2026 08:46:01 +0000

E cigarettes work by shorting the battery releasing a lot of instantenous heat. Their safety controller firmware are often of ... Dubious quality. It can happen quite often that the cigarette doesn't stop shorting the battery and catch fire as a result.

Making fire is literally their function unlike a laptop.

Combine that with basically unregulated and semi illegal supply chain and it becomes a recipe for disaster

New comment by arianvanp in "Why I love NixOS"

arianvanp — Mon, 23 Mar 2026 07:47:19 +0000

Arch Linux also has a long history of people writing their own package specs (AUR) and is relatively simple too of course.

Let me put it differently. The documentation of NixOS treats package maintainers and users as kind of equal.

This has benefits and downsides. Benefit is that everyone is treated as a power user. Downside is that power users are horrible at writing docs and this philosophy is my main theory why NixOS docs are so .... Bad

Fedora (and RHEL) end user and developer docs are written for quite different audiences

New comment by arianvanp in "Why I love NixOS"

arianvanp — Mon, 23 Mar 2026 07:07:11 +0000

A snapshot of your build folder. Not even the sources. This is my other problem with mainstream Distros. Extending them is completely opaque. NixOS is source based and anything and everything can be updated by the user. Need some patch from kernel ML? 1 line of code. Need a Bugfix in your IDE that hasn't landed in a release? 1 line of code.

There is no distinction between package maintainers and end users. They have the same power.

In the meantime i dont expect Debian users to ever write a package themselves or to modify one.

In nixOS you do it all the time

New comment by arianvanp in "Why I love NixOS"

arianvanp — Mon, 23 Mar 2026 07:02:02 +0000

I've been trying to get nixd LSP to work with Claude Code but I got stuck as they gatekeep it behind their "plugin" system and you can't just configure it in settings.json to point to a nix store path like mcps :(

New comment by arianvanp in "Afroman found not liable in defamation case"

arianvanp — Thu, 19 Mar 2026 12:53:34 +0000

I think you're confusing gender and sexual orientation. He's calling her a lesbian

New comment by arianvanp in "Show HN: OneCLI – Vault for AI Agents in Rust"

arianvanp — Fri, 13 Mar 2026 09:08:51 +0000

Also doesn't this mean I have to reconfigure all my tools to use HTTP and then when I forget to enable this it will fall back to getting MITM'd by the Internet? Fails open in the most insecure method ever

New comment by arianvanp in "Show HN: OneCLI – Vault for AI Agents in Rust"

arianvanp — Fri, 13 Mar 2026 09:07:14 +0000

But it hasn't been built exclusively for that use case. It's literally the same.

New comment by arianvanp in "Agent Safehouse – macOS-native sandboxing for local agents"

arianvanp — Sun, 08 Mar 2026 21:10:30 +0000

That and that the built in sandbox in Claude Code is bad (read only access to everything by default) and tightly coupled (cant modify it or swap it out).

New comment by arianvanp in "Agent Safehouse – macOS-native sandboxing for local agents"

arianvanp — Sun, 08 Mar 2026 21:09:15 +0000

That is also Linux VM on MacOS. They're not MacOS containers.. So it's completely pointless / useless for MacOS or iOS development

New comment by arianvanp in "Claude Code escapes its own denylist and sandbox"

arianvanp — Tue, 03 Mar 2026 22:57:52 +0000

I opened an issue about this on day 1 of the release:

https://github.com/anthropic-experimental/sandbox-runtime/is...

I ended up making my own sandbox wrapper instead https://GitHub.com/arianvp/landlock-nix

New comment by arianvanp in "GitHub having issues [resolved]"

arianvanp — Tue, 03 Mar 2026 22:00:30 +0000

Doesn't post-receive block the push operation and get cancelled when you cancel the push?

New comment by arianvanp in "MacBook Pro with M5 Pro and M5 Max"

arianvanp — Tue, 03 Mar 2026 14:20:31 +0000

Closing Tabs in Safari till takes more than a second though. And if you hold Cmd-W to close all of them it just completely locks up and crashes. Still not fixed since the release of Safari 26.

Literally unusable

New comment by arianvanp in "Don't trust AI agents"

arianvanp — Sat, 28 Feb 2026 15:18:50 +0000

Literally every email client on the planet has supported `mailto:` URIs since basically the existence of the world wide web.

Just generate a mailto Uri with the body set to the draft.

New comment by arianvanp in "Turn Dependabot off"

arianvanp — Sat, 21 Feb 2026 00:52:18 +0000

At this point your steps are so simple id skip GitHub actions security tyre fire altogether. Just run the go commands whilst listening on GitHub webhooks and updating checks with the GitHub checks API.

GitHub actions is the biggest security risk in this whole setup.

Honestly not that complicated.

New comment by arianvanp in "Web Components: The Framework-Free Renaissance"

arianvanp — Fri, 20 Feb 2026 14:40:05 +0000

Say you want to have a custom button element. You cant give it a `type=submit` whilst you can set that on and

New comment by arianvanp in "Web Components: The Framework-Free Renaissance"

arianvanp — Fri, 20 Feb 2026 11:30:02 +0000

I tried Web Components to create a `` element to allow Passkey support in forms without having to write javascript as an end-user.

I ran into https://github.com/WICG/webcomponents/issues/814

As long as this is not fixed I can't take Web Components seriously.