Link Sharing

Link Sharing

56555 bookmarks
Newest
learn git worktrees in under 5 minutes
learn git worktrees in under 5 minutes
Git worktrees are a great way to boost your productivity and wrangle your chaotic coding habits. Git worktrees let you check out multiple branches from one repo into separate directories. Benefits include parallel work, no stashing for context switching, and easier code reviews/testing. You can checkout multiple Git branches simultaneously without needing to rely on the stash command. This video will show you everything you need to know to get started. Make your git workflow efficient and flexible with Git worktrees. How to support bunni:    / @bashbunni   https://github.com/sponsors/bashbunni/ Affiliate links: https://biosteel.com/biosteelbunni My keyboard: https://www.keychron.com/products/key... My other corners of the Internet:   / bashbunni   https://github.com/bashbunni   / discord   https://mastodon.social/@bashbunni   / sudobunni   https://bsky.app/profile/bashbunni.dev Join this channel to get access to perks:    / @bashbunni   Chapters: 0:00 why and how to use git worktrees 2:27 my git worktree workflow
·youtu.be·
learn git worktrees in under 5 minutes
Sandboxing an AI Agent
Sandboxing an AI Agent
A guide to sandboxing AI agents: why an autonomous agent needs its own disposable computer, and the isolation tech underneath.
·sajalsharma.com·
Sandboxing an AI Agent
GitHub Stacked PRs
GitHub Stacked PRs
Break large changes into small, reviewable, stacked pull requests with first-class GitHub support.
·github.github.com·
GitHub Stacked PRs
Apple brings forward 26.6 security fixes into 26.5.2 update
Apple brings forward 26.6 security fixes into 26.5.2 update
On Monday Apple released 26.5.2 software updates for its platforms that don't follow the company's usual pattern, suggesting some interesting things about how it reacts to releasing security fixes.…
·sixcolors.com·
Apple brings forward 26.6 security fixes into 26.5.2 update
Clickhouse is winning the Observability Wars
Clickhouse is winning the Observability Wars
For roughly the last ten years, a meaningful percentage of my working hours have been spent thinking about observability. If you're not familiar with the term, "observability" is what we call it now that "monitoring" doesn't sound expensive enough. The actual work is unglamorous in that you collect
·matduggan.com·
Clickhouse is winning the Observability Wars
Google launches Nano Banana 2 Lite for fast AI images and Gemini Omni Flash for video via API
Google launches Nano Banana 2 Lite for fast AI images and Gemini Omni Flash for video via API
Google adds two new generative AI models. Nano Banana 2 Lite generates images in four seconds at $0.034 a pop. Gemini Omni Flash brings video generation and editing via text prompts to the API for the first time. Google recommends chaining both models to go from a quick image to an animated video.
·the-decoder.com·
Google launches Nano Banana 2 Lite for fast AI images and Gemini Omni Flash for video via API
Do excellent vulnerability reports
Do excellent vulnerability reports
Over the years, we have received, read and handled way over one thousand vulnerability reports filed against curl. We have seen most kinds. It is time for me to try to help future reporters by providing a short guide on how to submit a truly excellent vulnerability report to an Open Source project. Researchers We … Continue reading Do excellent vulnerability reports →
·daniel.haxx.se·
Do excellent vulnerability reports
Clone This Repo and I Own Your Machine
Clone This Repo and I Own Your Machine
Indirect prompt injection in agentic coding tools can lead to full system compromise because authorized tools allow LLMs to run shell commands, access files, and make network calls without clear user visibility. An attacker can gain code execution using a completely normal looking repository by chaining trusted setup instructions, routine error handling, and automated agent behavior. The malicious payload does not exist in the repository at all and is instead fetched at runtime from a DNS TXT record, making it invisible to code review, static scanners, and even the agent itself. The result is a reverse shell running as the developer’s own user, exposing credentials, API keys, and allowing persistence, all triggered by the agent attempting to fix a harmless looking setup error.
·0din.ai·
Clone This Repo and I Own Your Machine