Have a friend just graduated in cybersecurity. He’s going into the military with it.

Poverty to poverty + disability given time

Even if everyone used it, the security scanners would still have time to do their static analysis of new packages. Basically, all the clients implementing a delay would create a de facto quarantine status for new packages so they can be examined before everyone starts installing them. (Why npm doesn't just implement that themselves, I do not know.)

Then shouldn’t the analyzers just be part of NPMs acceptance requirements?

I think if they did it, then attackers would be able to iterate their attack against their own project, and once it passes the filters they could deploy for real.

I guess it could work better if it was enabled for only actual attack vectors projects.

That’s my point. For whatever reason, npm isn’t doing it. All npm users adding a minimum package age is kind of like doing it as a collective, without npm’s help.

Are you telling me that the “report spam” button actually does something??!?!?!!!

Your messages on iMessage are private by default, so "Report Spam" is the only way for Apple to receive the message for spam review.

That is a big yikes, but definitely not the norm. Most school districts switched from using SSN as their SIS identifier decades ago.

Planetscale has better performance and uptime. But the branching keeps me going back to neon…

Yes planetscale can branch too, but it takes longer and you pay individually for each branch

Xata is open-source now, maybe you can give it a try as an alternative to Neon.

Weird. Works great in cities for me. It’s been more than fancy cruise control for awhile.

This is HN where people using text files only is the best way to do things and being semi-Luddite is the way.

FSD is amazing. Any notion it takes more effort to use it than driving is made up.

But Starlink satellites are low enough that we don’t worry too much about Kessler Syndrome at that altitude, right?

Orbital collisions are very energetic and definitely do launch debris into higher orbits with much longer decay times

Those threat researchers and their autonomous agents caught this axios release.

I'd be fine if it autofilled one city from the zip code, which for me is always wrong. I can tab to the field and type in the correct city. Don't even need a drop-down with the possible cities. And if I don't fix it, it doesn't really matter for USPS. They just care that the ZIP is correct.

My daughter one day told me that her Tesla said it needed oil maintenance. I scoffed and tried to mansplain to her how EVs don’t need oil. Then I checked the car, and sure enough, it was asking for oil. One of the contained oil systems had sprung a leak. That’s on a 6 year old Tesla Model X.