The graph at https://ourworldindata.org/grapher/solar-pv-energy-consumpti... seems to indicate the real world outcome is something more like 12.9%. That is, pick a dot on the graph and look at the capacity (watts) versus how much was generated in 2024 (watt-hours), and the number ends up vaguely looking like 1000 watt-hours generated for every watt of capacity. Given that there's 8760 hours in a year, that's vaguely in the 12% range.

The number for "World" is 2,110,000 GWh consumed for 1,866 GW of capacity, which means 2110000÷(1866×8760) = 12.9% of "capacity". Running the numbers for every country (there's a csv!) shows expected cloudy/northerly countries down near 8-9% (UK, germany, norway) and the sunnier ones near 20%... The USA is 19.8% which tracks given how popular solar is in the sunnier regions in particular.

Nobody in their right mind should be surprised by this, since the sun doesn't always shine, it gets dark at night, etc... it's unrealistic to assume this number will ever meaningfully change for solar. It's just the baseline expectation.

So yeah, "capacity" is misleading indeed. It means that for solar, "50% of global capacity" would mean something more like "6% of energy consumed".

But it's still super exciting to see the clear exponential growth here. (Speaking as someone who installed a 14KW array on his roof last year, solar makes me super excited.)

> I don't think your password manager is good, and I don't think you think it's good either or you'd be using it.

Lol I am using it now though. In the time from yesterday’s post to now I have an iOS app, an iOS Password Autofill extension, a Mac app and the existing Linux CLI and Firefox browser extension. Automatically syncs conflict-free between everything too, using a simple web server for sync. It now covers every use case 1Password did for me, and no, none of the “rust password manager site:github.com” results do any of this.

It was an experiment to see if the effort of vibe coding a password manager would be easy enough that it would be worth doing, and guess what: resounding success. Cope more.

I’m just going to assume that you’ve completely conceded your original point then, since you have absolutely zero to say about whether you agree the LLM did good work or not. Since the moment I showed you its work, you immediately shifted to insulting my intelligence for bothering with a password manager in the first place.

I honestly don’t know why I bother feeding trolls like you when it’s clear your only goal here is to find fault.

Lol no, I had no idea there was any other password managers! Thanks for the google search link! I didn't know search engines existed either!

> Wisdom means knowing when and where to apply cleverness, and where not to. like being able to recognize existing sub-components.

It says literally in the README that part of this is an exercise in seeing what an LLM can do. I am in no way suggesting anyone use this (because there's a bazillion other password managers already) nor would I even have made this public if you hadn't baited me into doing it.

The fact that there's a literal sea of password managers out there is why I'm curious enough to think "maybe a one that I get to design myself, written to exactly my tastes and my tastes alone could be feasible", and that's what this exercise is about. It literally took me less time to vibe-code what I have right now, than to pour through the sea of options that already exist to decide which one I should try. And having it be mine at the end means that I can implement my pet features the way I want, without having to worry one bit about fighting with upstream maintainers. It's also just fun. I thoroughly enjoy the process of thinking about the design and iterating on it.

The impressive thing isn't merely that it produces thousands of lines of code, it's that I've reviewed the code, it's pretty good, it works, and I'm getting use out of the resulting project.

> What would you say is your multiplier, in terms of throughly reviewing code vs writing it from scratch?

I'd say about 10x. More than that (and closer to 100x) if I'm only giving the code a cursory glance (sometimes I just look at the git diff, it looks pretty damned reasonable to me, and I commit it without diving that deep into the review. But I sometimes do something similar when reviewing coworkers' code!)

https://github.com/ninkendo84/kenpass

I'm not saying it's perfect, there's some things I would've done differently in the code. It's also not even close to done/complete, but it has:

- A background agent that keeps the unsealed vault in-memory

- A CLI for basic CRUD

- Encryption for the on-disk layout that uses reasonably good standards (pbkdf2 with 600,000 iterations, etc)

- Sync with any server that supports webdav+etags+mTLS auth (I just take care of this out of band, I had the LLM whip up the nginx config though)

- A very basic firefox extension that will fill passwords (I only did 2 or 3 rounds of prompting for that one, I'm going to add more later)

Every commit that was vibe-coded contains the prompt I gave to Codex, so you can reproduce the entire development yourself if you want... A few of the prompts were actually constructed by ChatGPT 5.2. (It started out as a conversation with ChatGPT about what the sync protocol would look like for a password manager in a way that is conflict-free, and eventually I just said "ok give me a prompt I can give to codex to get a basic repo going" and then I just kept building from there.)

Also full disclosure, it had originally put all the code for each crate in a single lib.rs, so I had it split the crates into more modules for readability, before I published but after I made the initial comment in this thread.

I haven't decided if I want to take this all the way to something I actually use full time, yet. I just saw the 1password subscription increase and decided "wait what if I just vibe-coded my own?" (I also don't think it's even close to worthy of a "Show HN", because literally anybody could have done this.)

My personal anecdote: I used an LLM recently to basically vibe code a password manager.

Now, I’ve been a software engineer for 20 years. I’m very familiar with the process of code review and how to dive in to someone else’s code and get a feel for what’s happening, and how to spot issues. So when I say the LLM produced thousands of lines of working code in a very short time (probably at least 10 times faster than I would have done it), you could easily point at me and say “ha, look at ninkendo, he thinks more lines of code equals better!” And walk away feeling smug. Like, in your mind perhaps you think the result is an unmaintainable mess, and that the only thing I’m gushing about is the LOC count.

But here’s the thing: it actually did a good job. I was personally reviewing the code the whole time. And believe me when I say, the resulting product is actually good. The code is readable and obvious, it put clean separation of responsibilities into different crates (I’m using rust) and it wrote tons of tests, which actually validate behavior. It’s very near the quality level of what I would have been able to do. And I’m not half bad. (I’ve been coding in rust in particular, professionally for about 2 years now, on top of the ~20 years of other professional programming experience before that.)

My takeaway is that as a professional engineer, my job is going to be shifting from doing the actual code writing, to managing an LLM as if it’s my pair programming partner and it has the keyboard. I feel sad for the loss of the actual practice of coding, but it’s all over but the mourning at this point. This tech is here to stay.

Here’s what you do:

- Make a “what’s new” section in settings.

- Put a link in there that takes me to a webpage where I can see what’s new.

- That’s it.

Instead what always seems to happen is that I’m in the middle of trying to do something with the software and in order to do that I must close whatever popup you’re shoving in my face to tell me about the new feature. I don’t have time to read it now because I opened the software with an intention to finish a task and I don’t have time to read it now. And then later when I finally do have the time to look at your new feature? Nobody bothers actually putting that information anywhere persistent, so I guess I’m out of luck even if I care about the feature.

Updating to a new iOS version is a perfect example of this. Say there are a dozen apps that have a new feature popup on first launch when you update iOS. Imagine a typical day waking up and trying to use my phone. I have to drive somewhere so I try to put an address into Maps and have to immediately fend off the “what’s new in maps” dialog so I can type the address I need to go to. Then I want to put on the song my kid is yelling at me to play and have to fend off the “what’s new in Music” popup. Later I’m trying to respond to an important text and have to fend off “What’s new in messages”, etc etc etc.

That first day using iOS is an absolute nightmare because of this.

Now imagine the alternative: a simple badge icon in the settings app, and I tap it and see a link to “what’s new in iOS”, and guess what, it can be a fucking webpage! I can bookmark it! I can add it to my reading list and see it later! Hell, I can even share it with my friends!

But no, instead apps insist on trying to increase “engagement” with their new feature, because some PM’s promo packet wants to include “this many users used my new feature” and the only way they can think to do this is to (1) stop the user from accomplishing their task until they tap the cutesy “Got It!” button, and (2) don’t bother with persisting it anywhere, because the idea that the user doesn’t have time to check out the feature now is so foreign to these sociopaths it never even crossed their mind.

Right, that's the whole point of this thread. The only stable ABI rust has is one where you can only use C's features at the boundaries. It would be really nice if that wasn't the case (ie. if you could express "real" rust types at a stable ABI boundary.)

As OP said, "I don't think deflecting by saying "but C is no safer" is super interesting". People seem intent on steering that conversation that way anyway, I guess.

My problem with all software that shoves these AI features in my face, is that I don’t use features under duress.

If you interrupt what I’m doing to push me to use a feature, I won’t use it. If you’re a web designer and you block the page to tell me to sign up for an account, I close the tab and vow to never create an account. If you stop what I’m doing to ask me to rate your app, I’m going to give it 1 star. Et cetera.

Now I’ll be the first to admit this is childish… it’s a flaw in my character. When I feel pushed, I push back, and software pushing me makes me irrationally angry for reasons I can’t quite articulate. In some ways I wish I wasn’t like this. But I can’t be alone. I’m certain there is a non-negligible number of people like me, and when a browser immediately shoves AI features in my face on first launch, well, the first thing I’m going to do is disable them.

The especially tragic part is that I personally find LLMs useful! And I’m at the point where I sorta want to install a Firefox extension for ChatGPT now. But the actual browser AI features were pushed on me in a way that made me feel violated, so I can’t use them on principle. Maybe in a few years I guess.

If instead these companies would just dial it back several notches, I would have had the curiosity to try these features out myself, and I’d likely be using them by now. But the way they’ve tried so hard to force them on me has destroyed my trust and now, not only am I not using whatever feature they promote, I hate their product more than I otherwise would.

Firefox isn’t actually that bad here, and now that there’s a simple kill switch, I may actually try their chatbot sidebar thing. But for companies like MS, I will never, ever, ever use any of their AI features for the reasons above. (I’ve literally uninstalled Windows now, it’s gotten so bad.)

That is the major problem for me… I don’t actually mind that much if a library has bugs… those can always be fixed. But when a library does a total 180 on the API contract, or removes things, or just changes their mind on what the abstraction should be (often it feels like they’re just feng shui’ing things), that’s a major problem. And it’s what people mean when they say “immaturity”: if I build on top of this, is it all going to break horribly at some point in the future when the author changes their mind?

People often say “just don’t update then”, but that’s (a) a sure fire way to accumulate tech debt in your codebase (because some day may come when you must update), and (b) you’re no longer getting what could be critical updates to the library.

Rust-to-rust code should be able to be dynamically linked with an ABI that has better safety guarantees than the C ABI. That’s the point. You can’t even express an Option via the C ABI, let alone the myriad of other things rust has that are put together to make it a safe language.

You can look to Swift for prior art on how this can be done: https://faultlore.com/blah/swift-abi/

It would be very hard to accomplish. Apple was extremely motivated to make Swift have a resilient/stable ABI, because they wanted to author system frameworks in swift and have third parties use them in swift code (including globally updating said frameworks without any apps needing to recompile.) They wanted these frameworks to feel like idiomatic swift code too, not just be a bunch of pointers and manual allocation. There’s a good argument that (1) Rust doesn’t consider this an important enough feature and (2) they don’t have enough resources to accomplish it even if they did. But if you could wave a magic wand and make it “done”, it would be huge for rust adoption.

Very well put. This should be in the git-ignore manpage.

    let mut found_info = None;
    for info in &STAT_INFO {
        if info.kind == item_type {
            found_info = Some(info);
            break;
        }
    }

    let found_info = STAT_INFO.iter().find(|info| info.kind() == item_type);