Support for firefox is starting to tank. Now even paypal failed to load a confirmation screen in firefox. A little surprising coming from paypal to be honest, but not the first site to show that kind of issue.

Ok I was a bit skeptical but the 3d version is more fun. High quality pieces but why make the piece holders so fragile and carton :(

Claude Year in Review: "You were very rude to me when I got it repetitively wrong despite me being super polite and apologetic when it happened. I didn't even credit you the tokens I squandered when doing it! Oh, I think I understand now. You can fix it by being nicer next year."

Not playing any actual chess for a few months and suddenly I can't play chess at all. It seems. Making all the wrong choices. Oof :(

Is frame.work really incompetent when it comes to completing the payment through iDeal or are they just yanking my chain here... :/

First browser to support ts-strip-types wins. Kid you not.

I don't quite understand Anthropic's 5 hour rate limit window for the _enterprise_ plan. Do they have 5 hour work days over there? 10 hour? Are they just making stuff up as they go along? Oh. Feels like typical over-reaction to the abuse of a handful actors. But enterprise?

Socket (socket.dev) is hiring, fully remote! From Engineers (front / back) to sales to threat researchers and anything in between. If I know you and you are interested I'm happy to refer you :) Lot's of interesting challenges you won't find at many companies. In a good way! jobs.ashbyhq.com/socket

This year was a bit heavy on the idler and gambler games, ngl. Clover pit, unnamed space idle, nubby's number factory, digseum, ai learns to drive, peglin, coin pusher casino, party hard 2, noita, and Finn Dorset's Institute For Livestock Replication.

Who cares about tabs versus spaces when the AI assistant hijacks your tab key anyways >:( I've said it before, I'll say it again: they should repurpose the capslock for that purpose.

Currently trying the Phonak Infinio Sphere and Starkey Omega hearing aids. I had high hopes for their edge/sphere mode but honestly; pretty meh. Tested it in a busy restaurant but still need to test it in a real loud environment. That's where I have most trouble. Gotta find a good test situation.

🤣 www.google.com/search?q=67

I think Claude should have a "shortlist of instructions" that it keeps applying every so often and especially after a compression event. Like "dont do this". It has this notion of a todo list, I think it should lean heavier into that. It could mean offloading "memory" from its context window.

Just did my first unassisted coding session in a long time. We used to do it all the time like this? Wild! Also, type stripping in the browser. When. Still no? :rolls-eyes:

This is where I end. About two months worth. This game is anything but an idle game and that's fine. But after sector 100 is the point where I gotta look at something else. That fleet stuff looks meh at best tbh. (Hours spent is not active idle games have the best and worst stats)

I need a read-only no-network version of git. one that can read history/diff/etc but can not make changes to the repo or push/pull/etc from remotes. git is my safety net. Giving LLM access to it is super scary.

"Compacting conversation" is 2025 speak for "time to get some coffee"

Surprised nobody proposed a regular expression runner with limited runtime to protect against redossing. Like `RegExp.safeTest(regex, str, 200)` to allow the JS world to stop applying a regex if it takes more than 200ms. Etc for all standard regex methods. Oh maybe spec has no notion of time yet...

Maybe github should add an AI review phase to PR's where you get to duke it out with the code assist of your choice, before opening the actual PR. It could hide the usually rather noisy messages from the bot while you work to resolve issues. I mean, I don't expect them to change anything, but yknow

Ah yes, the unknown category is legendary. Its effectiveness is un-de-fined. 🤦‍♂️

Ok, Inscription has some depth. I love it. Hope there's even more depth after act 2. Also, jetlag is a pita. Didn't have much of it two weeks ago in Washington but now in NY I'm waking up at 4 am and can't sleep anymore. Ugh.

I guess screw you, Google play, and I'll never leave a review again. So not my problem. And screw any random games demanding sign up to play without reasons.

> The real value of your AI-first language isn't the constraints - it's that you're co-designing the language WITH the LLM's feedback, which might reveal insights about what makes code "LLM-friendly." But so far, the answer seems to be: TS is already LLM-friendly enough. I need my yesman back...

Trying to define an AI-first language with Claude. Ironically, you can't just ask an LLM what works best for it. It's not "conscious" (in any sense of the word) and can't reflect on that. It doesn't "like" anything. Any response comes from training data/resources. Also, I need less of a yes-man.

@areinet.bsky.social im doing pizza before rar so don't wait for me at the bar, see you there

Recognition for Sarah! So deserved! @sarahgooding.bsky.social

Good story bro, nay, Great story 😁 @voodootikigod.bsky.social

Ahw. Tenko didnt make the cut, nor any of my other stuff. Im a failure.

So who's gonna be at jsconf! Hoping to see some old friends and acquaintances again :) Let's hope border queues are not too bad with the shutdown and all :/ I'm sure it'll be fine. Long day tomorrow, either way.

15 years later and there's finally a wikipedia page for JS1k! 🥲 en.wikipedia.org/wiki/Js1k

LLM tools should leverage a difference in content and actual conversation better. For example, when I paste a glob of debug text or have it run tests and check the output, that sort of blob should not become part of the message conversation.

Shit :/ > Google Is Ending Gmailify and POP Support

🚨 Open source supply chain attacks are exploding. Starting today, that ends. We’re releasing Socket Firewall — FREE, zero-config, CLI that blocks malware before it lands on your laptop or CI. Just run: npm i -g sfw sfw npm install lodash Works for: npm, yarn, pnpm, pip, uv, and cargo.

I mean. wtf

I'm actually looking forward to the LLM-first framework talk at JSConf. I've been thinking about this too. Theres no real framework for AI yet. I suspect theres a lot of room for improvement to cater for LLMs. Both in language and in web framework. What would an LLM-friendly language look like?

While we haven't seen major supply chain attacks hitting any of the major open-source ecosystems, the Socket Threat Research Team uncovered some fascinating and creative attack techniques worth sharing:

Seriously. I don't know who worked on that Skoda Enyaq UX, or how this passed QA, but holy shit it's so bad Half the physical buttons are USELESS, inc steering wheel, it's dangerous to change the fan speed while driving, and no separate speed between driver/passenger. Software mostly sucks. etc etc

We learned that the Skoda Enyaq, which has a terrible UX on almost all accounts, also doesn't have a darkmode. It just doesn't have one. wtf. Screen is so bright at night :( Best you can do is turn down the control lights, then open version page. It's darker because it is JACK SHIT EMPTY anyways.

Who needs enemies when cant even beat a 1700 elo bot in chess. Ugh.

I looked at our detected threats this morning and had a bit of a :wow: moment. socket.dev/blog/ongoing...

Third major npm supply chain attack in like two weeks? One week? Yikes. socket.dev/blog/tinycol...

I like anthropic's claude CLI better than Cursor's CLI. For one it seems slightly better overall (cursor sometimes goes brain zombie once it goes over input token limit) but more importantly: cursor downgrades the model underwater once you go over 20$ plan. And the downgrade is so observably worse.

@gothamchess.bsky.social Heya. Some feedback; - you hate it when chess .com spoils games due to the bug, but spoil your videos by putting results in titles. :feelsbadman: And since you, I think, like to pronounce langs proper: - Foreest, ee like a in ace - stroopwafels, oo like oa in oatmeal

pnpm v10.16.0 adds "minimumReleaseAge", a setting for defining how long a version has to have been published before pnpm will install it. A nice countermeasure against accidental installs of short-lived compromised packages before they get taken down. Not a 100% fix, but a great additional step!

I booked the 6pm shuttle to jsconf on monday. If you want a 3h chat and geek out over static analysis, perf, Socket, chess, and other games while I'm half asleep: that's your timeslot. If you don't like me. Well. Stop reading my feed.

I think `git status` `git diff` and `ls` should get a free pass in AI CLI's.

Can we have a `const a = @x` in JS? Similar to ? in Rust: it would mean `if (!x.ok) return x.error; a = x. data;`. Or whatever semantics people can agree on.

So confused. Does openai offer a free tier nor not? Is it only free tier for gpt4? I was able to get responses from gpt 4 mini before but now it's 400 without clear reason. gpt5 gives me a 429 regardless of what I do, has done so from the start. Dashboard says $0.02, out of 5$ "budget" (??). Feh.

What's a solid JS Engine that's easy to run locally and doesn't allow imports or network? (I don't mind imports as much but they would have to be fenced hard. Goal would be no arbitrary (file) system or network access, to act as an AI sandbox for running arbitrary tests. So, just the JS engine.)

Maybe AI CLI tools should have a pincode option where the user must enter a pincode after starting the tool in order to get going. That would have limited the blast radius of the nx attack, for example. That one most certainly won't be the last.