ty, l' #outil édité par Astral, qui vérifie la cohérence des annotations de typage dans une base de code #Python passe en version beta : https://astral.sh/blog/ty
Et pour les personnes qui utilisent #codium ou #vsCode, il existe une extension : https://marketplace.visualstudio.com/items?itemName=astral-sh.ty
X Writer – Tweet from VS Code Without Distractions (BYOK, Open Source)
https://github.com/Jawuilp/X-writer
#HackerNews #XWriter #VSCode #OpenSource #DistractionFree #Tweeting #BYOK
ty, l' #outil édité par Astral, qui vérifie la cohérence des annotations de typage dans une base de code #Python passe en version beta : https://astral.sh/blog/ty
Et pour les personnes qui utilisent #codium ou #vsCode, il existe une extension : https://marketplace.visualstudio.com/items?itemName=astral-sh.ty
After many years with #VSCode, I think #Zed will become my new go-to editor. Apart from the huge performance boost, there are several features and UI details that simplify my workflow.
I also enjoy how despite being written in #Rust, there are plenty of ways to customise the experience via settings and extensions.
A very promising future for #softwareDevelopment
💰 Eventually all autocomplete features will be replaced by Copilot.
「 the AI extension of Copilot in VS Code, which, however, only offers a free volume of 2,000 suggestions – a limit that developers quickly reach, as Copilot makes a suggestion with every input. From then on, users will need a paid license. The use of IntelliCode required a local model, but was therefore unlimited and free 」
💰 Eventually all autocomplete features will be replaced by Copilot.
「 the AI extension of Copilot in VS Code, which, however, only offers a free volume of 2,000 suggestions – a limit that developers quickly reach, as Copilot makes a suggestion with every input. From then on, users will need a paid license. The use of IntelliCode required a local model, but was therefore unlimited and free 」
GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.
This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.
What protections do you think dev ecosystems should prioritize next?
Follow us for consistent, unbiased cybersecurity coverage.
#infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu
GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.
This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.
What protections do you think dev ecosystems should prioritize next?
Follow us for consistent, unbiased cybersecurity coverage.
#infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu
If you want VS Code to correct what is objectively a bug, please give a 👍 to this issue, as they've marked it a feature request for some reason. It'll be closed if enough people don't upvote it :/
If you want VS Code to correct what is objectively a bug, please give a 👍 to this issue, as they've marked it a feature request for some reason. It'll be closed if enough people don't upvote it :/
I just now made the mistake of opening #VSCode like I do any other day. The difference today is I'm monitoring memory while opening it.
Say goodbye to another 3GB memory. Just to read code. 3GB to stare at lines of text.
#LiquidGlass ...😒 The contrast of notifications is now so low that I can hardly distinguish them from the apps underneath. When I first saw this, I thought my #VSCode had gotten a new #Fantastical integration.
From VS Code to Helix
I spend a lot of my work and personal time typing text and code. Using VS Code was a no-brainer. Everyone uses it. Every project support it. And it Just Works™.
But what if I wanted to use smaller, simpler, standardized tools? As someone who never managed to get into (Neo)Vim, Helix has been an epiphany. It's not as scary as I thought.
The 80s called, and they want to give us our freedom back.
Looks like blockchains have finally found a serious use case, just maybe not the one predicted/hoped for...
This article is about #Glassworm, the latest major exploit in JavaScript-land, targetting VSCode and using #Solana as command infrastructure and Google Calendar events as backup. It's full of novel attack techniques and as they say in the article themselves: "this is absolutely brilliant (and terrifying)". All in all, a different form of "creative coding"...
"The malware is hunting for credentials:
- NPM authentication tokens - to publish malicious packages
- GitHub tokens - to compromise repositories
- OpenVSX credentials - to inject more extensions
- Git credentials - to push malicious code
- 49 different cryptocurrency wallet extensions - targeting MetaMask, Phantom, Coinbase Wallet, and dozens more"
Severe performance penalty found in VSCode rendering loop
https://github.com/microsoft/vscode/issues/272155
#HackerNews #VSCode #Performance #Rendering #Issue #Microsoft #GitHub #TechNews #Coding
Looks like blockchains have finally found a serious use case, just maybe not the one predicted/hoped for...
This article is about #Glassworm, the latest major exploit in JavaScript-land, targetting VSCode and using #Solana as command infrastructure and Google Calendar events as backup. It's full of novel attack techniques and as they say in the article themselves: "this is absolutely brilliant (and terrifying)". All in all, a different form of "creative coding"...
"The malware is hunting for credentials:
- NPM authentication tokens - to publish malicious packages
- GitHub tokens - to compromise repositories
- OpenVSX credentials - to inject more extensions
- Git credentials - to push malicious code
- 49 different cryptocurrency wallet extensions - targeting MetaMask, Phantom, Coinbase Wallet, and dozens more"
“GlassWorm isn't just another supply chain attack. It's using stealth techniques we've never seen before - invisible Unicode characters that make malicious code literally disappear from code editors. Combine that with blockchain-based C2 infra that can't be taken down, Google Calendar as a backup command server, and a full remote access trojan that turns every infected dev into a criminal proxy node.”
#technology #attack #security #cybersecurity #malware #vscode
