Seriously. I don't know who worked on that Skoda Enyaq UX, or how this passed QA, but holy shit it's so bad Half the physical buttons are USELESS, inc steering wheel, it's dangerous to change the fan speed while driving, and no separate speed between driver/passenger. Software mostly sucks. etc etc

We learned that the Skoda Enyaq, which has a terrible UX on almost all accounts, also doesn't have a darkmode. It just doesn't have one. wtf. Screen is so bright at night :( Best you can do is turn down the control lights, then open version page. It's darker because it is JACK SHIT EMPTY anyways.

Who needs enemies when cant even beat a 1700 elo bot in chess. Ugh.

I looked at our detected threats this morning and had a bit of a :wow: moment. socket.dev/blog/ongoing...

Third major npm supply chain attack in like two weeks? One week? Yikes. socket.dev/blog/tinycol...

I like anthropic's claude CLI better than Cursor's CLI. For one it seems slightly better overall (cursor sometimes goes brain zombie once it goes over input token limit) but more importantly: cursor downgrades the model underwater once you go over 20$ plan. And the downgrade is so observably worse.

@gothamchess.bsky.social Heya. Some feedback; - you hate it when chess .com spoils games due to the bug, but spoil your videos by putting results in titles. :feelsbadman: And since you, I think, like to pronounce langs proper: - Foreest, ee like a in ace - stroopwafels, oo like oa in oatmeal

pnpm v10.16.0 adds "minimumReleaseAge", a setting for defining how long a version has to have been published before pnpm will install it. A nice countermeasure against accidental installs of short-lived compromised packages before they get taken down. Not a 100% fix, but a great additional step!

I booked the 6pm shuttle to jsconf on monday. If you want a 3h chat and geek out over static analysis, perf, Socket, chess, and other games while I'm half asleep: that's your timeslot. If you don't like me. Well. Stop reading my feed.

I think `git status` `git diff` and `ls` should get a free pass in AI CLI's.

Can we have a `const a = @x` in JS? Similar to ? in Rust: it would mean `if (!x.ok) return x.error; a = x. data;`. Or whatever semantics people can agree on.

So confused. Does openai offer a free tier nor not? Is it only free tier for gpt4? I was able to get responses from gpt 4 mini before but now it's 400 without clear reason. gpt5 gives me a 429 regardless of what I do, has done so from the start. Dashboard says $0.02, out of 5$ "budget" (??). Feh.

What's a solid JS Engine that's easy to run locally and doesn't allow imports or network? (I don't mind imports as much but they would have to be fenced hard. Goal would be no arbitrary (file) system or network access, to act as an AI sandbox for running arbitrary tests. So, just the JS engine.)

Maybe AI CLI tools should have a pincode option where the user must enter a pincode after starting the tool in order to get going. That would have limited the blast radius of the nx attack, for example. That one most certainly won't be the last.

semi-colon free as cost saving (AI tokens), huh.

Love a small little idler that you can finish in an hour.

Want to know if you were affected? Just open a terminal.

Back in SF. Been a while.

Self Driving chairs at Schiphol airport. Thats pretty cool. Flying to sfo today. Want sure if I'd ever see sfo again but here we go.

Back in uni there was all this talk about how Chompski thought language could be modeled and such. Linguistical analysis. Omg I made so many ling parse trees But there was always the question of whether language could be modeled universally. I think LLM's answer that now: yep. Just don't ask how 🤷

UCI (prototcol stockfish uses too) has no way to convey a draw. So you can trivially find out whether a line ends in a checkmate (score is 100 or -100) or not-stalemate (score != 0) but in order to figure out whether it's a stalemate you have to _replay the entire game with a proper engine_ WAT.

iykyk: stockfish question: given a pv that is not at requested max depth nor a mate (score -100/100), is there a way to distinguish a stalemate from an unfinished/pruned pv? I struggle with the fact that this would be the only case requiring a full fledged move engine... :/

Well, I'm glad I learned Rust before it became obsolete to learn how to program.

Ok. I spent about a week or so with codex, OpenAI's CLI using a special codex model. It was nice and worked okay. CLI UX has some clear improvements to do but was pretty good overall. Now running with Claude's CLI for a day and um, it's like miles ahead. Both in terms of CLI, UX, and output.

Are we having a Matrix moment? Too soon?

All I want to know is whether this one can play chess.

Hmmm. Cursor bad ux: You queue up a bunch of small tasks for the agent to complete. The agent wants to run a certain task (which was expressedly forbidden but it did anyways). I pick "no and tell it what to do", tell it not to do that, and my queue of tasks is gone. Shit. Guess we're not using that.

Current status Ok actually I should just go to bed :p

After having worked with vscode-through-cursor I maintain that webstorm just feels more solid on most accounts. Search, selection, navigation. I dunno, it just feels better. Cursor still better on the AI front, of course. Cursor does suffer from severe memory leaks, that part is annoying.

console.time() and console.timeEnd() should have an option to print the "starting" message as well, not just the end timing. and an option to start a .group() while you're at it. And an option to get the string back rather than force-emit it. These are the common cases for me, anyways.

Was wondering why Cursor was suddenly vibing all these async functions. Code wasn't doing anything async. Turns out at some point it had decided that dynamic imports was the better way to import deps. This is how evolution works. I made it clean all of it up. This is how teachers work.

Had Cursor work batch of tasks Also, I found a failure case of moves being parsed in correctly, stored it in a comment, no further description. Mindlessly telling it to continue with next step. "I finished tasks, but I see that you opened this file and let me fix the problem". Uh, what. It did.

Rest assured that I'm not exactly more confident in using libraries (over standards) when vibe coding. It was so convinced this was correct.

I gotta frame this one

Got into a fight with GPT (or o3? whatever, codex) today. I asked it to refactor a few cases, like 20 steps. It went full overengineering mode, codemods and complex solutions, claiming the change was "super difficult". Couldn't persuade it. Closed the chat, opened a new one, and it oneshot it. 🙄

games-island.eu has some great offers if you're into TCG's. Picked up a few Lorcana cases for ~85-90eur. have not been able to find a price match close to that in a long time. Not even cardmarket (because shipping costs, ugh). (Fwiw, I've ordered there before. That was a legit experience.)

@voodootikigod.bsky.social can you give more information on the jsconf shuttle bus? i need to book flight asap but i currently dont know enough about the shuttle to take that gamble.

Is AI slop any different from "move fast, refactor later ... no actually, nevermind refactoring is too expensive and it will take too much time just scrap it and replace it with that new thing or tack this thing over there without breaking it it's fine we'll just call it tech debt" ? Feels the same.

Here's the chess tool I was vibing. It's a tool to find the best chess line based on a given position. Built on Stockfish (Claude used the most time trying integrating this). Nothing ground-breaking but I needed this tool for followup ideas :) pvdz.github.io/bestchessline/

Adding an auto-formatter to the build step makes claude (cursor) get confused all-the-time. Every time it's like "oh I'll make this change" ... <nothing changed> "wait let me read the file to see where it is". Probably best to not autoformat it until you want to commit it..? Or only manually.

Would have been really nice right about now if nodejs would have some kind of sensible permission model where it could lock out things like network access or file system access. I mean that's true from the get go but in the AI era its relevance just ballooned. Treat as atomics and and gate them...

Vibe coding experience so far: - initial poc: 10 minutes - implementing stockfish off-the-shelve: 2 hours plus tedious debugging and only solved after explicitly pointing it into an official example (despite telling it to read its docs) - more feature work: 20 minutes - polish: forever, of course.

Oh good five years in, turns out my walker has a subtle bug when replacing the (single statement) child of an AST node with a Block that wraps this statement (`if(x)y` -> `if(x){y}`. It's not like I have 30.000 tests or anything. You would expect it to trip up but no I have to find it in the wild.

I thought, yay, I finally understand the chess problem that was thrown at me at my puzzle level. But no. Turns out just made puzzles easy so now this kind of streak is completely devalued. I'm at puzzle ~2300 and getting puzzles 1000-1800. sigh.

(Chess) So what I'd like is somebody doing doing Dvoretsky's "Endgame Manual" but as a series of videos. I think I can learn a great deal from what's described in that book. But having not learned to read chess notation since I was five, I have a super hard time reading it, makes these books hard.

It's a "you know what, maybe cosmos wasn't actually that bad" kind of day. That's saying something.

🎉 We’re already contributing to CycloneDX and PURL through TC54, now with an official seat at Ecma International. Excited to keep pushing SBOM standards forward! ecma-international.org/news/ecma-in...

Works or B0rks? ``` function f(a,b,c) { "use strict"; arguments.length = 1; console.log(arguments[0]); console.log(arguments[1]); console.log(arguments[2]); console.log(arguments.length); } f(10, 20, 30); ``` What's the output? What if it's not strict mode?

Works or B0rks? ``` function f(...args) { console.log('params:', f.length); console.log('args:', arguments.length); console.log('rest:', args.length); } f(1, 2, 3); f(1, 2); ``` What's being logged? Ie. does arguments.length count the rest param as one? (:

Works or B0rks? ``` const log = console.log.bind(console); function f(a,b) { log(a, b, arguments.length); } log(f.length); // ? Object.defineProperty(f,'length',{value:1,configurable:false}); log(f.length); // ? f(1,2,3); // ? ``` Assume strict mode. How far does function.length go? :) Don't ask.