t҉̠̙ǵ̣̞̄ͪ͜x̸̱͚̳ͫ͐̑̈ͯͣ̚n̒͌҉͉̦̜̝ͅ

Redhat employee had leaked credentials, threat actor used those credentials to push some files to GitHub, which executed the code in a GitHub action which had trusted access to publish to NPM.

Essentially, an employee got owned and someone used their access (that they already had) to publish the nefarious code.

You’ll see GitHub Actions in these often, as that’s how a lot of big open source organizations publish their packages and run tests/deployments. Its less of a “GitHub bases problem” and more of a “trust boundary problem”, if they used other services, the same problem could likely have still been successful.

Best Hemisphere.

I think facial recognition technology is very different to threw diverse software. The fact that those technologies are trained on predominantly-white data is no surprise, both of your examples are data-based (ML models) where the data itself contains the bias.

I am talking more of the open-source projects, it’s important; as you rightfully call out, that we have a varied group of opinions within the developer group 👍

Hmm, you’re talking about the little red warning triangle? In theory this could be cool if it was something each instance could configure using custom url-lists (as you know we all don’t agree on which perspective is “right”) but if it’s coming packaged with PieFed, then I would call that inherent bias in the product. 🤨

Yeah, I’m not a huge fan of it myself and don’t see the need for it really. If that’s right about the baked-in blocklist, then this was the right choice. You should be able to craft your own blocklists, if you so choose to.

Personally I don’t see why the views of those that write software should really concern us, as long as the technical implementation is not biased. It’s open-source and people can take it and do with it what they please. No-one is forcing you to accept certain views or think about things critically (including assessing others viewpoints that may be different to yours). I feel like it’s a bit of a waste of time to worry about these things.

Lmao, who is this guy? db0 is cool, and so is Quokka 🤣 What a cooker. (p.s. will this get me added to the list?)

They won’t if it’s more expensive? A small portion of people are buying it, but more would if tbe price was at least at parity.

duh, you’re right I can’t read 😂

I’m not sure on an answer to your question, but I am interested as to what hardware you run this on?

Unless your using an LLM to make simple one-page HTML pages. In which case it likes to reinvent the wheel every single time. 🤣

are you saying that we’re not all here commenting, regardless? 😥🥹

My self hosted gitlab instance has better uptime over the last 12 months than a billion-dollar SAAS product 🤣

I check it every day before I use CoPilot 😁

I turned it off ages ago, and if you already had it off, it’s staying off. (for now at least)

Its a intermediary that doesn’t have anything except basic text. Plus it opens in sub-millisecond times unlike the godawful shitshow that is Windows 11 Notepad (and paint is dogshit UWP app now too). It is useful for clearing formatting/markup, saving passwords and stuff in memory till I no longer need them, etc. Heavier editors exist, but none launch so fast or “just” do basic text with nothing fancy. Also, it opens literally any file you could possibly want. (at least it tries 😆)

Nothing at all from Windows 11. Windows 10 had good paint and notepad versions. Nice and quick and handy. I use Leafpad and Drawing on Linux, but they aren’t quite the same as the OG paint.exe and notepad.exe 😆

https://phishyurl.com/ is better 😁