Anmelden

Frühere Suchanfragen

Keine früheren Suchanfragen

Suchoptionen

Nur verfügbar, wenn angemeldet.
social.heise.de ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Der Mastodon-Server von und für Heise Medien und insb. die Nachrichten von heise online.

Verwaltet von:

Serverstatistik:

37
aktive Profile

social.heise.de: ÜberProfilverzeichnisDatenschutzerklärung

Mastodon: ÜberApp herunterladenTastenkombinationenQuellcode anzeigenv4.3.7

#dev

6 Beiträge6 Beteiligte0 Beiträge heute
Öffentlich *
skry

“slopsquatting, a new term for a surprisingly effective type of software supply chain attack that emerges when LLMs “hallucinate” package names that don’t actually exist. If you’ve ever seen an AI recommend a package and thought, “Wait, is that real?”—you’ve already encountered the foundation of the problem.

And now attackers are catching on.”

The Rise of Slopsquatting: How #AI Hallucinations Are Fueling... socket.dev/blog/slopsquatting- #npm #dev #infosec

Edit: more info: bleepingcomputer.com/news/secu

SocketThe Rise of Slopsquatting: How AI Hallucinations Are Fueling...Slopsquatting is a new supply chain threat where AI-assisted code generators recommend hallucinated packages that attackers register and weaponize.
Öffentlich
Aral Balkan

New Kitten feature: Icons!

You can now make use of a subset of the icons in the Phosphor icons set by @minoraxis and @rektdeckard.

kitten.small-web.org/reference

Search through them in your editor by referencing `kitten.icons.categories` and `kitten.icons.tags`.

Add this to a file called index.page.js and run `kitten` to see a large duotone pink cat (because why not?):

export default function () {
return kitten.html`
<${kitten.icons.c.Cat}
size=40%
weight=duotone
colour=deeppink
/>
`
}

(And yes, the set includes icons for the fediverse. This one of the reasons I chose it.) ;)

Enjoy!

:kitten:💕

Screenshot of the all icons example at the end of this section showing the icons sorted alphabetically and rendered in duotone deep pink. The icons starting with a and b are visible in the browser.
#Kitten#SmallWeb#SmallTech
Öffentlich *
Aral Balkan

Coming tomorrow to Kitten… Kitten icons!

Kitten will have built-in support for the Phosphor icons set with full authoring-time language intelligence where you can search for icons via category and tag (in addition to the canonical alphabetical categorisation).

Thought this was going to take me a few hours but it took a few days thanks to running into issues with size limits, type inference from JavaScript types in modules, etc., with the TypeScript language server but I believe I’ve finally cracked it :)

:kitten: 💕

Screenshot of detail of a Kitten template open in a code editor. Author is editing Kitten component reference in a markdown block, within a H2 header. The caret is at <${kitten.icons.tags. and the autocompletion box is open showing a list of possible fields: a11y, accessibility, accessible, accomodations, account, accounts, accuracy, acrobat, activity, add. The reasty of the line of code reads } weight=duotone size=1.5em/>
#Kitten#SmallWeb#icons
Öffentlich
Kerfuffle

I have now encountered several cases of unintelligible documentation - functional requirements, security measures, technical how-tos - where I had to ask the author for clarification, and getting as a reply "oh I don't know; I just asked #ChatGPT".

Now I can bash #ai tools, but people who produce documentation that they themselves don't understand have always been a blight on #IT. It's irresponsible, unprofessional, and makes work harder for everyone.

#dev#SoftwareEngineering
Öffentlich *
Aral Balkan

New Kitten update

🥳 Kitten HTML templates and kitten.Component render functions can now be async.

kitten.small-web.org

This is quite a big one and it took me finally biting the bullet and getting my head around generators in JavaScript to implement properly.

So now you can mix synchronous and asynchronous components as you like and if there are any asynchronous components in your templates they will automatically be awaited (even if you forget to use await) ;)

I’ll write a proper post/tutorial/documentation for it soon but for the time being enjoy the screenshots where a layout template gets the latest three posts from my mock fediverse public timeline service and displays them on the page.

The kitten.Component version also has a refresh button that streams a different three to the page.

For those of you unfamiliar with Kitten, this is all the code in either example. No scaffolding, nothing. Pop either into a file called index.page.js and run kitten in that folder and visit https://localhost to see the example run.

Enjoy!

:kitten:💕

const BasicLayoutTemplate = async ({ title, SLOT }) => { const posts = (await (await fetch('https://streamiverse.small-web.org/public/')).json()).splice(0, 3) return kitten.html` <main> <page css> <h1>${title}</h1> ${SLOT} <h2>Fediverse posts</h2> <ul> ${posts.map(post => kitten.html` <li><img src='${post.account.avatar}'> ${[post.content]}</li> `)} </ul> <style> li { display: flex; gap: 1em; margin-bottom: 1em; } img { width: 5em; height: auto; } </style> </main> ` } export default async () => await kitten.html` <${BasicLayoutTemplate} title='Async components are fun!'> <markdown> Oh, isn’t this __nice?__ </markdown> </> `
class BasicLayoutTemplate extends kitten.Component { async html ({title, SLOT}) { return kitten.html` <main id='page' morph> <page css> <h1>${title}</h1> ${SLOT} <${FediversePosts.connectedTo(this)} /> </main> ` } } class FediversePosts extends kitten.Component { async html () { const posts = (await (await fetch('https://streamiverse.small-web.org/public/')).json()).splice(Math.floor(Math.random()*6), 3) return kitten.html` <div id='posts' morph> <h2>Fediverse posts</h2> <ul> ${posts.map(post => kitten.html` <li><img src='${post.account.avatar}'> ${[post.content]}</li> `)} </ul> <button name='refresh' connect>Refresh</button> <style> li { display: flex; gap: 1em; margin-bottom: 1em; } img { width: 5em; height: auto; } </style> </div> ` } onRefresh () { this.update() } } export default class MyPage extends kitten.Page { async html () { return kitten.html` <${BasicLayoutTemplate.connectedTo(this)} title='Async components are fun!'> <markdown> Oh, isn’t this __nice?__ </markdown> </> ` } }
Screenshot of the functional components version (first screenshot) running in the browser. The page has a large title “Async components are fun!” Under that is the slotted content: “Oh, isn’t this nice?” with “nice?” in boldface. Under that is a smaller heading “Fediverse posts” followed by a list of three posts accompanied by avatar images. The first one is by me (“The only legitimate use of privilege is to help bring about the kind of world where you would not have had it to begin with. #privilege”), the second by Laura Kalbag (“Here’s to 38…”) and the last is by Lydia Conwell (”Can #FrancescaAlbanese be Prime Minister now?)
#Kitten#SmallWeb#async
Öffentlich
CryogenicNighthawk

I am having so much fun with disposable VMs (DVM) in #Qubes, it should be illegal!

I'm doing #dev work again today and when I think I have the minimal commands to reproduce an issue, I'll spin up a DVM, paste the commands and make sure I hit the problem I expected. If not, I'll poke around to fix it (install a dependency, update the PATH, etc.) and then repeat.

Takes about 8 second to spin up a fresh VM. Very rapid #development!

Öffentlich *
Aral Balkan

New Kitten release

• Now leaves <style> tags within <template> tags alone when collating and normalising the CSS on a page so as not to interfere with scoped styles in declarative shadow DOM.

(Kitten’s Streaming HTML workflow¹ – which uses htmx and WebSockets under the hood – combined with built-in support for slots, etc., in Kitten components² means the use of declarative shadow DOM is mostly useful if you want scoped styles. Ideally, of course, use classes to scope styles to your components and be specific in your CSS selectors in general so as not to pollute elements in your components. Although that’s a bit like saying you should floss everyday. Yeah, we all know we should…) :)

Update: All that said, I’d highly recommend you don’t use Shadow DOM in your Kitten apps. For one thing, htmx’s WebSocket extension doesn’t seem to play well with it. And for another, you really don’t need it and definitely not just to get scoped CSS.

Enjoy!

:kitten:💕

¹ kitten.small-web.org/tutorials
² kitten.small-web.org/tutorials

Screenshot of code (left) and browser output (right). Code: <p>I am regular root</p> <div> <template shadowrootmode='open'> <p>I am shadow root</p> <slot></slot> <style> p { color: red; } </style> </template> </div> <p>I am also regular root</p> <style> p { color: blue; } </style> Browser output shows “I am regular root” in blue, “I am shadow root” in red, and “I am also regular root” in blue.
#Kitten#SmallWeb#SmallTech
EntdeckenLive-Feeds
Über