Any open source tool to scan a github repo before download/install it locally? I'm thinking of semgrep or socket.dev but I wonder if there's a better option
GL26 5 hours ago||
is it possible to ban them or report them ?
pydry 7 hours ago||
Microsoft: and the one thing we absolutely refuse to use AI for is to flag this kind of bullshit to protect users, because it would violate the rule of "don't do anything actually useful with it".
radicaldreamer 4 hours ago|
You can bet they’ve tried it and had a bunch of false positives, so the PM nixed it because it would be bad for business.
fastcrw 7 hours ago||
are there any ci/cd that controls them?
astronodev 7 hours ago|
[dead]
schedpilot 7 hours ago||
damn 10k ? thats a lot, how did you get them ?
theorchid 6 hours ago|
Hmm. Using a script. That's explained in the article)
cyber-anderson 7 hours ago||
[dead]
rambojohnson 5 hours ago||
the en-ghettofication of american tech, down to its very open source control projects. a digital ghetto ill maintained if at all.
doug_durham 4 hours ago|
There’s nothing new here. This is how open source software has been since its inception. It’s just the nature of reality.
prmoustache 4 hours ago||
This story is totally unrelated to open-source. There is no mention of a source let alone a license.
siva7 6 hours ago|
Hi Claude fable, why u not protecting me from malware? Am i not american enough? Not rich enough? Yieks..