When I read what someone has written, I learn things beyond its literal text from the fact that I’m reading it, which implies it was worth effort for them to put into so many words and send to me through the medium they chose and put the level of care that they chose into their wording.

The LLM erases those choices and erases the cost of verbosity so there’s much less for me to learn from a message, and much less I stand to learn about a person though repeated exchanges to help me better contextualize future messages I receive from them.

I use LLM to summarize a lot of emails, so it doesn't really matter how it's written.

I wonder if there could be just some type of open agreement we're both using LLM and then they can communicate with one another more effectively.

I don't know if the intent was to deceive, but the comments certainly had the effect of deceiving me. I came away from that first thread thinking, "Ah, so the 'story' here is that someone on the project tried an experiment on a branch that they probably should have put in a branch on their personal fork." I was no longer thinking it was a serious possibility that an AI rewrite would get merged.

I think relatively few people are probably running Bun in production, but as a dependency management system and bundler for the JavaScript ecosystem, it's similar to `uv` from the Python ecosystem in how much faster it is compared to the most popular alternatives so it's fairly popular in that space.

PNPM is just as fast and much more reliable.

Agree with this. Been a long time pnpm user that also uses bun nowadays. Not much faster other than initial startup because pnpm uses Node.js

Although pnpm has also been trying to rewrite Rust before, they call it pacquet. It is currently being revisited

I made a Python tool to build distroless container images for projects managed by uv. It draws inspiration from Ko from the Go ecosystem and works with/depends on uv from the Python ecosystem, so I smashed them together and called it Kuvo: https://github.com/hxtk/kuvo

It’s a hobby project in a very early state where it technically works but it’s missing several things I think it needs before I’d use it for anything serious. As of right now it isn’t even complete enough to dogfood a minimal container for itself without an intermediate base image because it can’t target a platform compatible with the distroless uv container image.

When I read some written content, before AI, I learned a few different things in order. First, just by its mere existence, I learned that someone had found an idea worth expending some effort to express. Next, I would learn the words of the content. Next, I would usually acquire some kind of knowledge that I was able to synthesize or extract from the content. That last step isn't a given, but it's very likely to happen given the pre-filter implied by the first bit of information I learned.

There's no pre-filter anymore. It's exceedingly hard for me to quickly determine how important a person thinks an idea is or how much thought they've put into it in the age of AI, and so there's no guarantee that if I invest the time to read the content then there will be a proportional amount of meaning available for me to extract. This risk always existed even with works written by humans, but now it's overwhelming and has decreased my overall of exposure to new ideas that I didn't explicitly go looking for because I have a much higher expectation that information placed in front of me unsolicited will just be a waste of my time.

The missing status page [1] treats it as downtime any time any component of the system is down, and calculates the overall uptime based on the time that doesn't overlap with any individual category outages, and the overall downtime as any time overlapping with at least one individual category outage to avoid double-counting They show 24h of minor outage on that date.

I'm guessing that this site is taking the downtime in a given day across all services and adding it up, which would mean the worst possible day has 10 days of downtime (a day of downtime for each major category).

1: https://mrshu.github.io/github-statuses/

This analysis yields very different results under utilitarianism vs rule utilitarianism.

Under the former, you could argue, "What I'm doing is a science or useful art, so if copyright exists to advance those things then taking a more permissive interpretation of copyright to allow my efforts to succeed is in the spirit of the law."

Under the latter, you could argue, "Works get published because as a rule, researchers and artists know they have lawful recourse through copyright if the work gets used without their consent. The absence of that rule incentivizes safeguarding works by treating them as secret and each disclosure as a matter of personal trust, so the existence of that rule promotes the sciences and useful arts."

The Nightmare Course [1], so named because someone with that skillset (developing zero-days) is a nightmare for security, not because the course itself is a nightmare, and Roppers Academy [2] are both good for learning how to reverse engineer software and look for vulnerabilities.

The nightmare course explicitly talks about how to use Ghidra.

1: https://guyinatuxedo.github.io 2: https://www.roppers.org

The first is certainly interesting, but it won't help you develop 0day. I would think of it like more of a collection of fun puzzles and esoterica. For example all the heap unliking/metadata attacks and House of X stuff is pretty antiquated. These will help you win ctfs but are certainly not a prerequisite or even all that relevant to contemporary vuln research. Most of the public research I see is probably at least a year behind the current meta (and I expect the public internet will only grow more quiet over time)

What resources would you recommend now? Even if they're a year behind the meta, it's a lot easier to start a year behind than 6+

It’s surprising to me how much people seem to want async in low level languages. Async is very nice in Go, but the reason I reach for a language like Zig is to explicitly control those things. I’m happily writing a Zig project right now using libxev as my io_uring abstraction.

Using async in low level languages goes all the way back to the 1960's, became common in systems languages like Solo Pascal, Modula-2, with Dr.Dobbs and The C/C++ User's Journal having plenty of articles regarding C extensions for similar purposes.

Hardly anything radical.

When I look at historical cases, it seems different from a case today. If I’m a programmer in the 60s wanting async in my “low level language,” what I actually want is to make some of the highest level languages available at the time even more high level in their IO abstractions. As I understand it, C was a high-level language when it was invented, as opposed to assembly with macros. People wanting to add async were extending the state of the art for high level abstraction.

A language doing it today is doing it in the context of an ecosystem where even higher level languages exist and they have made the choice to target a lower level of abstraction.

People are putting C++20 co-routines to good use in embedded systems, in scenarios where the language runtime with some additional glue layers, is the OS for all practical purposes.

And GPGPUs as well, like senders/receivers whose main sponsor is NVidia.

But Zig's async is being designed to enable this low-level control.

There’s two things I think a low level language should have:

1. Standardise on a sync/async agnostic IO interface (or something similar) so you don’t get fragmentation in the ecosystem.

2. Stackless coroutines. Should give the most efficient async io code, and efficient code is one of the reasons I want to use low level language

Huh? Golang doesn't have async?!