Look at what I found :D socket.dev/blog/sandwor...

🚀 Big news for #PHP developers! Socket now supports the PHP ecosystem with full Composer & @packagist.com integration. Search and explore packages, generate SBOMs from your Composer projects, and get proactive supply chain protection for your dependencies.

cursor's cli is still far inferior to claude's cli. which is a bit surprising considering they're basically using the same model? or maybe i'm being caught by my config allowing the (extremely?) bad models here hrm... very subpar experience either way.

Picking up some slack in Tenko. Trying to bring it in line with the current spec. I think the biggest change is the class related stuff? But haven't really kept up with changes tbh. Shouldn't be too much work though.

An AI agent opened a PR to @matplotlib.org. Maintainers closed it under policy. The agent responded with an angry, abusive blog post. This is an insane story. Here’s what this clash says about maintaining open source in 2026: socket.dev/blog/ai-agen...

So rather than release a 5 they scrubbed a 5. Well played.

Touched down in sto en route for socket offsite 😁 Watched some "Going Dutch" on the plane. I can enjoy the stereotypes, that's fine, but the thing I think they really messed up is using _German_ accents rather than Dutch. Like, how did you mess up your research so much. Oof.

Updated my linux. Now my terminal is bugged and often flickers to the background for a frame. Highly annoying and quite destructive to my workflow, which heavily depends on open terminals. Can't find anything related to it. F

Yes. Uh. Skillfully, that's right.

🦀 Rust support in Socket is moving from beta to GA. Cargo project scanning, SBOM generation, and Rust-aware supply chain analysis are now ready for general use. → socket.dev/blog/rust-su... #rustlang

Took me 1.5h and 3 people to close my hsbc account. 1: said balance needed to clear before they could close it. Kay 2: person disconnected mid-way then called back, but said they couldn't close the account because they called me 3: third person was like, yup, all wired and closed, cheers one call.

Wondering why chess.com is going to cover the tournament from 5am 11am my timezone, when ... the tournament starts at 2pm in my own country... Ehhh. I'll guess that it's not actually my own timezone, then. Or the timing is reaaaal curious.

What's the concept called for a multi-step promise? I mean, state machine or whatever? Consider a confirmation flow where the first step is asking the server whether confirmation is required (for whatever reason) and the second step the final result. No nice way to do this with (JS) Promises rn.

But keep telling me that you'll store the sensitive data in a secure location. Please, keep telling me that. Makes me feel so good when you do. One more email to blacklist.

Heh, js1k.com still getting 1k-2k visitors daily. I mean, the demos are still impressive today so that makes sense. Just for a week though, that's too bad. > Per GDPR, DreamHost stores HTTP logs by default for 7 days. Hrm. Surely high level stats should be doable for longer?

When I ... "want" to upgrade to a google workspace, why is the "ok" button saying "try gemini 14 days for free"? This marketing is so much bullshit. Bah, google. Bah.

After working with Cursor CLI for two weeks in my vacation, it's nice to be back in Claude CLI. It just handles input better (cursor just eats my chars while it's working, highly annoying. plus claude has better "inject message while working" logic). CLI is messing up my text edit finger memory tho

:wantwantwant: yro.slashdot.org/story/26/01/...

Ok. First impression of framework laptop (16); hardware may be a bit too DIY raw to my taste. Feels very frankenstein-ish because, well, that's literally what it is. And it shows. So far my finger intuition keeps missing the arrow keys, they're too far to the left, and too tiny. Annoying. Oh well?

Hmmm, gmail stopping non-gmail pop3 support (and not supporting imap for it) really hurts me. I heavily rely on a few accounts with catchall and gmail to unite them into a single inbox. Anyone have good alternate workflows for this? I guess even some kind of reliable unified imap solution is fine.

Extraordinarily snowy in the Netherlands. Not seen this much snow in years. We built a⛄and transformed it into an iglo 😁

Would be nice if LLM CLI's would open separate input panels (in the terminal, yes) with sub agents, when detecting that a followup request is perhaps slightly unrelated to the current task. It's common for me to make a followup request while the llm is busy and then to need to fix the previous task.

Watch-less TS web development is so much better. No more "HEY HEY HEY YOU HAVE THIS VARIABLE THATS UNUSED YOU MUST CLEAN IT UP AND I REFUSE TO CONTINUE UNTIL YOU DO". No, the type checker goes back into its corner and I'll deal with it when I want to. It's useful, don't get me wrong. Also obnoxious.

Maybe this is the year of the JS revival. Honestly, I thought JS was kind of done for. I even learned Rust because of that. But the AI boom has an interesting side effect: the language doesn't really matter anymore. And since JS is still the default language of the browser stack: profit!

After some fiddling I have the service worker with sucrase and it allows me to run the TS files in the browser without any (pro-active) compilation or active watch. Downside is similar to nodejs strip types; certain errors are harder to spot and type import/exports _must_ be properly separated.

Is there really no out-of-the-box solution available for a service worker driven strip-types approach for the web? Everything is so convoluted, oof. Or am I just not finding it? This is how JS loses. Make it harder. (One might argue it's the TS long game ;) )

Support for firefox is starting to tank. Now even paypal failed to load a confirmation screen in firefox. A little surprising coming from paypal to be honest, but not the first site to show that kind of issue.

Ok I was a bit skeptical but the 3d version is more fun. High quality pieces but why make the piece holders so fragile and carton :(

Claude Year in Review: "You were very rude to me when I got it repetitively wrong despite me being super polite and apologetic when it happened. I didn't even credit you the tokens I squandered when doing it! Oh, I think I understand now. You can fix it by being nicer next year."

Not playing any actual chess for a few months and suddenly I can't play chess at all. It seems. Making all the wrong choices. Oof :(

Is frame.work really incompetent when it comes to completing the payment through iDeal or are they just yanking my chain here... :/

First browser to support ts-strip-types wins. Kid you not.

I don't quite understand Anthropic's 5 hour rate limit window for the _enterprise_ plan. Do they have 5 hour work days over there? 10 hour? Are they just making stuff up as they go along? Oh. Feels like typical over-reaction to the abuse of a handful actors. But enterprise?

Socket (socket.dev) is hiring, fully remote! From Engineers (front / back) to sales to threat researchers and anything in between. If I know you and you are interested I'm happy to refer you :) Lot's of interesting challenges you won't find at many companies. In a good way! jobs.ashbyhq.com/socket

This year was a bit heavy on the idler and gambler games, ngl. Clover pit, unnamed space idle, nubby's number factory, digseum, ai learns to drive, peglin, coin pusher casino, party hard 2, noita, and Finn Dorset's Institute For Livestock Replication.

Who cares about tabs versus spaces when the AI assistant hijacks your tab key anyways >:( I've said it before, I'll say it again: they should repurpose the capslock for that purpose.

Currently trying the Phonak Infinio Sphere and Starkey Omega hearing aids. I had high hopes for their edge/sphere mode but honestly; pretty meh. Tested it in a busy restaurant but still need to test it in a real loud environment. That's where I have most trouble. Gotta find a good test situation.

🤣 www.google.com/search?q=67

I think Claude should have a "shortlist of instructions" that it keeps applying every so often and especially after a compression event. Like "dont do this". It has this notion of a todo list, I think it should lean heavier into that. It could mean offloading "memory" from its context window.

Just did my first unassisted coding session in a long time. We used to do it all the time like this? Wild! Also, type stripping in the browser. When. Still no? :rolls-eyes:

This is where I end. About two months worth. This game is anything but an idle game and that's fine. But after sector 100 is the point where I gotta look at something else. That fleet stuff looks meh at best tbh. (Hours spent is not active idle games have the best and worst stats)

I need a read-only no-network version of git. one that can read history/diff/etc but can not make changes to the repo or push/pull/etc from remotes. git is my safety net. Giving LLM access to it is super scary.

"Compacting conversation" is 2025 speak for "time to get some coffee"

Surprised nobody proposed a regular expression runner with limited runtime to protect against redossing. Like `RegExp.safeTest(regex, str, 200)` to allow the JS world to stop applying a regex if it takes more than 200ms. Etc for all standard regex methods. Oh maybe spec has no notion of time yet...

Maybe github should add an AI review phase to PR's where you get to duke it out with the code assist of your choice, before opening the actual PR. It could hide the usually rather noisy messages from the bot while you work to resolve issues. I mean, I don't expect them to change anything, but yknow

Ah yes, the unknown category is legendary. Its effectiveness is un-de-fined. 🤦‍♂️

Ok, Inscription has some depth. I love it. Hope there's even more depth after act 2. Also, jetlag is a pita. Didn't have much of it two weeks ago in Washington but now in NY I'm waking up at 4 am and can't sleep anymore. Ugh.

I guess screw you, Google play, and I'll never leave a review again. So not my problem. And screw any random games demanding sign up to play without reasons.

> The real value of your AI-first language isn't the constraints - it's that you're co-designing the language WITH the LLM's feedback, which might reveal insights about what makes code "LLM-friendly." But so far, the answer seems to be: TS is already LLM-friendly enough. I need my yesman back...

Trying to define an AI-first language with Claude. Ironically, you can't just ask an LLM what works best for it. It's not "conscious" (in any sense of the word) and can't reflect on that. It doesn't "like" anything. Any response comes from training data/resources. Also, I need less of a yes-man.