Hacker News: gnunicorn

New comment by gnunicorn in "Automating myself out of development"

gnunicorn — Sat, 13 Jun 2026 09:58:34 +0000

Interestingly, despite it being much more detailed and a lot more process and procedure than what I currently do - which is more akin to the version 0 described, but in parallel - we come up at the same final problem: reviews and quality assurance.

I sign off the code I merged, part of company policy but also just to be sure it is actually decent. But reviewing has become the real draining bottleneck: even stacked PRs, if that total 5-6k lines is not a 5min job. Even if I brainstormed and set the plan, that's really the part that doesn't scale right now for me in this. But the author is very shy about that: either the changes arent that big in the end or they trust the process enough to review in a more casual manner. Being equally untrusting I can't do that ...

New comment by gnunicorn in "Adaptive PDFs"

gnunicorn — Fri, 12 Jun 2026 17:12:38 +0000

Just because everything is a potential threat vector now: doesn't this also mean you could easily put AI specific malicious instructions into the PDF that the regular human would never notice?

Like the "white text between the lines that only appears when copy-pasted"-hack that some professors have been doing in their exercises to their students to include pink elephants in the output and stuff. But worse. Just thinking of a electricity bill pdf you provide as proof of address to some company that uses an LLM to extraxt that address and pre-process that doc. But instead we can command it to do something else that a regular human wouldn't even ever notice...

Just a thought

New comment by gnunicorn in "AI agent bankrupted their operator while trying to scan DN42"

gnunicorn — Fri, 12 Jun 2026 12:30:32 +0000

Sounds like the default k8s setup every startup deploys to not fail it single digit number of users. It learned from the best

New comment by gnunicorn in "Doing nothing at work"

gnunicorn — Thu, 11 Jun 2026 19:26:50 +0000

Yeah, same sentiment here. I agree that some more people need to be told to relax a little in our field, but on the other side, the product and project managers are constantly looking to ensure maximum utility, especially in startups and high pressure environments. And looking around with the large number of companies that laid off people in the last year or two, I see fewer devs having the choice to push back when that happens. It really reads like the author is in the comfortable position of a staff or principle engineer without a direct manager and gets to decide what their day and week looks like and pick what they work on. I am afraid fewer and fewer have that luxury...

New comment by gnunicorn in "Software is made between commits"

gnunicorn — Thu, 11 Jun 2026 18:53:41 +0000

I totally see where they are coming from, jitsu, too is making every change its own artifact. And it plays hard to the "faster shipping" that especially AI-driven teams are pushing hard, and find the review process to be the next big bottleneck now (as I just saw with my last client as well).

There has also been a lot of discussion about the value of the peer review process recently, in in general. But I wonder if this isn't all going into the wrong direction. Quite honestly, even with the previous review and discussion system of (squashed) commits how often did you really use git blame and opened up the original PR discussion of that changed line that caused the bug? And how often did it help you beyond learning it was done by that rockstar developer who has left long ago? And that the discussion on that PR was a point in time and the code around it has evolves beyond that and it would need looking at another 10 PR discussion to get the entire context.

What I am saying is that git (and before that Subversion and CVS) has a full history is so that it can resolve the latest state. Period. We made that commit ritual somewhat of a hallmark in putting more supposed meaning into recording ever more in that history. But we rarely stopped to check if that is all that useful. Recording even more, all the time, reminds me of these work group meetings that have minute records of every bike shedding meeting word said by everyone, that, honestly, no one ever looks at after the next meeting ever again. I don't think there is value in minute record keeping, it becomes too much noise that just makes it harder to parse. Now also adding all AI conversation and agent thinking to that tree? What's the value of that in like 3 months down the line? I don't see it.

New comment by gnunicorn in "A €0.01 bank transfer could compromise a banking AI agent"

gnunicorn — Thu, 11 Jun 2026 14:18:40 +0000

Odd though, isn't it? Considering it is supposedly from April already...?!?

New comment by gnunicorn in "Let's Encrypt bans certificate usage in any US sanctioned territory [pdf]"

gnunicorn — Wed, 10 Jun 2026 23:32:06 +0000

It was a great hack, but it was always just that: a hack. We all always knew that the "certificate authority"-hierarchy is broken and can easily be abused by the ones in power. I appreciate everything that the let's encrypt peeps have done for the world, but the cert authority system really needs an overhaul.