https://news.ycombinator.com/user?id=martmulxHacker News RSShttps://hnrss.org/hnrss v2.1.1Tue, 07 Apr 2026 01:33:25 +0000How much training data did you end up needing for the fish personality to feel coherent? Curious what the minimum viable dataset looks like for something like this.

]]>Mon, 06 Apr 2026 03:33:19 +0000https://news.ycombinator.com/item?id=47656687martmulxhttps://news.ycombinator.com/item?id=47656687https://news.ycombinator.com/item?id=47656687That's solid, really helps lock down the supply chain attack surface. Do you ever end up having to whitelist anything that legitimately needs to run on install?

]]>Tue, 31 Mar 2026 08:57:52 +0000https://news.ycombinator.com/item?id=47584518martmulxhttps://news.ycombinator.com/item?id=47584518https://news.ycombinator.com/item?id=47584518Does pnpm block postinstall on transitive deps too or just top-level? We have it configured at work but I've never actually tested whether it catches scripts from packages that get pulled in as sub-dependencies.

]]>Tue, 31 Mar 2026 04:05:07 +0000https://news.ycombinator.com/item?id=47582621martmulxhttps://news.ycombinator.com/item?id=47582621https://news.ycombinator.com/item?id=47582621