Ramesh
@rna.me
Building stuff for the thrill π, Fixing bugs for the fun π
Reposted by Ramesh
Had a great time last week at the Cornerstone book launch party. Honored to be on stage with Calvin Mills (The Caged Man) and Barry Pearce (The Plan of Chicago), two great fiction writers.
November 14, 2025 at 4:15 PM
Had a great time last week at the Cornerstone book launch party. Honored to be on stage with Calvin Mills (The Caged Man) and Barry Pearce (The Plan of Chicago), two great fiction writers.
The scary part? This was from a repo that seemed trustworthy. We're one `npm install` away from a breach at any time.
What security measures are you using? Would love to hear what's working for others.
What security measures are you using? Would love to hear what's working for others.
October 15, 2025 at 9:29 AM
The scary part? This was from a repo that seemed trustworthy. We're one `npm install` away from a breach at any time.
What security measures are you using? Would love to hear what's working for others.
What security measures are you using? Would love to hear what's working for others.
Today, I learned about these concepts that Iβm planning to implement in my future repositories.
1. `npm install --ignore-scripts` as default
2. Mandatory package-lock.json
1. `npm install --ignore-scripts` as default
2. Mandatory package-lock.json
October 15, 2025 at 9:29 AM
Today, I learned about these concepts that Iβm planning to implement in my future repositories.
1. `npm install --ignore-scripts` as default
2. Mandatory package-lock.json
1. `npm install --ignore-scripts` as default
2. Mandatory package-lock.json
Almost got hacked through `npm install` command on a seemed-legitimate repo.
My observations:
- Malicious scripts in dependencies which got executed immediately during install
- I guess they can exfiltrate env vars, credentials or any sensitive information.
My observations:
- Malicious scripts in dependencies which got executed immediately during install
- I guess they can exfiltrate env vars, credentials or any sensitive information.
October 15, 2025 at 9:29 AM
Almost got hacked through `npm install` command on a seemed-legitimate repo.
My observations:
- Malicious scripts in dependencies which got executed immediately during install
- I guess they can exfiltrate env vars, credentials or any sensitive information.
My observations:
- Malicious scripts in dependencies which got executed immediately during install
- I guess they can exfiltrate env vars, credentials or any sensitive information.
Apple's annual releases lately feel less like innovation and more like they're just proving the existence of... their current business model. Why can't they just skip a year and drop something truly revolutionary? #Apple #WWDC #InnovationDrought
June 10, 2025 at 4:29 PM
Apple's annual releases lately feel less like innovation and more like they're just proving the existence of... their current business model. Why can't they just skip a year and drop something truly revolutionary? #Apple #WWDC #InnovationDrought
Reposted by Ramesh
"vibe coding" feels a lot like Rails generators - a neat party trick, and certainly impressive to people who have minimal coding experience, but aren't terribly practical for the majority of day-to-day engineering tasks.
May 27, 2025 at 5:29 PM
"vibe coding" feels a lot like Rails generators - a neat party trick, and certainly impressive to people who have minimal coding experience, but aren't terribly practical for the majority of day-to-day engineering tasks.
Reposted by Ramesh
Yet another reason to get off Gmail and try to lessen your reliance on Google altogether. There are plenty of good alternatives. I use ProtonMail, for example.
Gmailβs AI summaries now appear automatically
Gemini now reads your emails for you.
www.theverge.com
May 30, 2025 at 9:04 AM
Yet another reason to get off Gmail and try to lessen your reliance on Google altogether. There are plenty of good alternatives. I use ProtonMail, for example.
Reposted by Ramesh
Move intentionally and make things
May 30, 2025 at 1:14 PM
Move intentionally and make things