AI has taken over open source, and the data is wild: • npm is now seeing 100k+ packages published per month • packages with em dashes in READMEs jumped from ~5% to 30%+ • AI is increasingly writing packages and choosing dependencies Awesome post by @staltz.com: socket.dev/blog/ai-has-...

I just wrote a new article on the Socket blog: *AI Has Taken Over Open Source* Shocking charts and data to let sink in. Please read socket.dev/blog/ai-has-...

Proud to be working to improve the safety of FOSS ecosystems. It's also great to see this work so well resourced. Socket Security also offer free accounts for any Open Source projects - we give back to the commons

Today is a big day for @socket.dev. We raised a $60M Series C at a $1B valuation, led by Thrive Capital. 20,000+ orgs, 1.5M repos protected, 1,000+ supply chain attacks blocked per week. 3/5 FAANG companies are customers. We're just getting started.

My biggest struggle with AI coding is that I haven't answered these questions yet: (1) how can I reduce the time that it's idle (overnight, overweekend), and if that happens then (2) how can I keep up with the reviews?

Why does Anthropic not offer Claude in the cloud (Cowork in the cloud, scheduled tasks etc)? Why why why why why Why are they telling me to keep my macbook always awake why why.

Microsoft had this very handy app for scanning documents called Lens. I use it for years. I refrained from updating the software version out of fear they would paywall it. Well, guess what, I accidentally updated.

Somehow developers have been convinced that the future of computing is to leave their computers busy doing something with a swarm of "agents", going to sleep, and then accepting —without reviewing— the garbage output after they wake up the next morning.

My colleague @staltz.com and his team are at it again, working magic with UIs to reduce cognitive load and make security information easier to explore. Excited to see this launched! 💜

git commit -m'Did what AI did not, because this is the future'

Solution for Greenland: split into North Greenland and South Greenland. Trump is going to do this anyway, so why not find a compromise where most of the population (southwest-concentrated) remains untouched, while the USA can do their world policing thing in the north.

Want to work with me and a number of world-class JS open source developers at @socket.dev protecting ALL open source libraries from supply chain attacks? We're looking for stellar frontend developers. DM me

For some reason, humans like – and have always liked – anthropomorphized animals.

Doom-scrolling generation looking back at the early 2000s: we were happy, and we didn’t realize it. AI-slop generation looking back at the doom-scrolling era: we were happy, and we didn’t realize it.

If you ever wonder where did Andre Staltz go

I select "Light Mode" in Tahoe and the header "Appearance" fades away, while the Back/Forward buttons remain in dark mode. 👏

I think spreadsheets as a concept are brilliant. Can you imagine computers *without* them? They are simultaneously databases and user interfaces. Manipulation is direct: the input is the output. Reactive programming and no need to reason about outdated state or cache invalidation. Simply brilliant

The slop is everywhere. Even Google with infinite budget can't make a dropdown work.

Even the pagination UI is utterly broken in this product. Seriously, vibe coding is one of the worst things that happened to our industry. We were going in a pretty okay direction until AI came along. It made products worse, programming frustrating and code review miserable.

So I gave Suno (music production AI) a try and I was mind blown and inspired. It remixed/improved one of my song demos and that gave me fresh ideas for the song. So within a few minutes, I pulled out the credit card and got the premier plan. Then I'm playing around with it, until...

Just had a thought yesterday, which I can't promise will happen: to rebuild/reboot Cycle.js from scratch, getting rid of some support for legacy things, and building on top of React exclusively. I miss streams

Cursor -> Curser Claude -> Fraud ChatGPT -> ChadGDP Gemini -> German eye

Back in the days I tweeted something along the lines of "programming is primarily about reading and understanding code, not writing code" which went a bit viral. In the age of AI coding, this couldn't be further from the truth. Vibe coding is just modern day StackOverflow copy-paste spaghetti.

Searching the web for an answer: scrolling through pages which are riddled with cookie banners and ads and paywalls. Asking an LLM to search for you: immediately get the right answer you want. This is one of the reasons the web is doomed, *although* LLMs build their value on top of the web.

I regret calling myself a "leftist" for years. No other online group gets this much impunity and complacency when wishing or celebrating the death of others. The progressive radical left does not have a monopoly on empathy, equality, love, and respect. These can be found elsewhere, abundantly.

Hatred (of any kind) eventually manifests itself physically in the form of violence. Extreme political stances are both fueled by hatred. The difference between the two sides is that one of them hates in the name of love.

🚀 We’re kicking off another Launch Week at Socket, with a new feature launching every day! First up: Pull Request Stories, a dashboard view that helps security teams track supply chain risks by showing the real impact of every PR.

AI tools I want 🤩 versus AI tools I don't want 🫣, a thread

Social media is a videogame. Everybody is trying to maximize their follows, likes, and reposts. Same thing as arcades from the 90s where you wanted to publicly show off how big your scores can get. Take a big break from it, and when you come back you'll realize how ridiculous it is.

So much is spoken nowadays about trauma, its effects in shaping who we are, and therapy. But so little attention is given to preventing trauma, usually achieved by giving kids a childhood full of love and attention, with parents in a stable relationship. People don't even want to HAVE kids.

I am in San Francisco.

Wow, this is pretty good

I predict the AI bubble will pop in way similar to how Google products did in the 2010s. They were "too good to be for free", and eventually advertisements kicked in. Product quality stagnated (just marginal improvements), while monetization ramped up a lot, e.g. ads on YouTube.

Today I learned that 50% is far less than 47.4%. This is the future.

AGI is upon us.

They blindfolded him

This article is okay. The deeper issue is that masculinity without fatherhood is incomplete. We live in a cultural era where the concept of fatherhood is utterly shattered, either via traumas with our dads, or escaping the dad role ourselves. PS: I wrote this right after putting my kids to sleep.

I stopped thinking of AI tools as "intelligence" and started viewing them as advanced text manipulators and this made me far more productive with them. It set the correct expectations for the use cases. This applies not only for rewriting texts.

Sneak peek. Just rehearsing

Sometimes I play impossible chords

Artificial Garbage Intelligence

🚀 The Socket dashboard just got a major refresh! We've streamlined navigation, reduced visual clutter, and put your most critical security insights front and center. ✨ Check out what we've been building, now live for all users! socket.dev/blog/fresh-l...

Explain to me, in full honesty, why you would be against the USA removing (without casualties!) the capability of Iran to have nuclear weapons, and why you would side with Iran (a totalitarian regime!) where both its government and people (protesting on the streets) want "death to the USA".

"Sigh I just want this div to be 100% height of its parent. Hmm maybe asking AI in Chrome DevTools will work. Seems like an easy task." "Nope nope nope. Garbage AI" "AGI": "Artificial Garbage Intelligence"

Career advice for developers: Write normal code. Just the basic good stuff. Don't be fancy, don't be clever. Don't use currying everywhere. You don't need Docker for everything. Also don't write dumb code. Please write good code. But make it normal. As unsurprising as possible. Thank you

If I'd write a frontend framework in 2025, I'd make sure (among other things) that every component MUST prescribe a loading state and an error state. Too often devs forget to implement these, or we mix them, leading to problems like rendering "0 results" or "loading..." when the request fails.

The easy way to type "€" on a desktop keyboard: slam Alt+ random keys, sometimes Alt+Shift+, until you see €, then delete the rest.

I asked ChatGPT for a great recipe for homemade ice cream. I followed what it told me to do. The resulting "ice cream" sucked. Now I found a basic ice cream recipe from the NYT and it's amazing.