yeah, about twice a year I use the CLI to backup my vault, and I’ve never felt comfortable installing an npm package to handle my vault. Now I’m definitely sandboxing it in a rootless container without internet next time. And installing a week old version, or older.
containers
reposting the tl;dr I wrote from another community…
Yesterday, for about 1h30min (starting at 5:57pm ET / 21:57 UTC) anyone installing the latest version of the command line interface of bitwarden was installing malware.
The malware steals GitHub/npm tokens, .ssh, .env, shell history, GitHub Actions and cloud secrets, then exfiltrates the data to private domains and as GitHub commits and doesn’t seem to be targeting Bitwarden specifically, or user vaults.
There’s no evidence that end user vault data was accessed or at risk, or that production data or production systems were compromised, according to their official statement.
It seems there were 334 bitwarden CLI downloads in this time period, some or many of which might have been from bots, so this is a higher bound to the number of affected users.
framework as in the laptop brand, or…?
Because if so, I think you can also install arch/arch-based and have bleeding edge
The standard edition of Assassin’s Creed Black Flag Resynced will be available for €59.99/$59.99
are there people out there paying full price for a 13 year old game with better textures?
react dev discovers the superior vue single-file components 😅
and they wrote a section on that
https://tkdodo.eu/blog/the-vertical-codebase#but-what-about-shared-code
as someone who only writes frontend now and then, I agree, and I don’t know how react devs find anything in their projects with the horizontal organization. I work regularly on a small one like that and it’s already a pain every time I have to backtrack where this component I’m looking at is defined.
I have the same strong feeling about how most distros and OSes have Projects/ Documents/ Videos/ Images/ etc in the home directory: this lazy “organization” is totally useless. The first thing I do on a fresh image is to get rid of these directories.
They’re all grouped by what they are instead of what project / domain they belong to, so finding anything is very inconvenient. My file explorer can help grouping files by type automatically, but it won’t know what is their intent.
On Netflix 4k streaming for example, we’re getting over 20 hours of battery life
that’s pretty sick
opencode is better anyway
this is concerning on so many levels
it reads like a manifesto written by a concerning teenager, or straight from cyberpunk, but thats the kind of psychopathic cunt that joins these corporations
she goes to a different temple
there have been enough reasons to ditch nova in the past years, in case someone is still using it
ffs some people acting like they paid for the video
didn’t like it? Don’t watch it.
you’re the one being rude here over some silly AI images that aren’t even the center of the content in question.
no evidence, it just sounded too consistent to me for a 2h video, but he speaks really well if that’s his voice, much better than what I can do.
but we need to find it first
“Native installs are trash. Always have issues resolving dependencies and compiling from source. I’ve tried it for a while but at some point you want to get work done instead of having to resolve why libxcomposite is not available”