The most effective argument I have for getting other developers to comment their code is "The agent will read it and it will give better suggestions".
Truly perverse, but it works.
I agree with you... but the reality is that there's a wide contingent of people that are not capable of understanding "people don't know the same things as me". So they need some other reason.
It's made my project documentation so much better. If I write out really good acceptance criteria, 9 times out of 10 I can point Claude at the ticket and get a workable (if unpolished) solution with little to no supervision.
1) an AI agent is less likely to notice than even a junior is when the docs are out of date from the code
2) AI boosters are always talking about using language models to understand code, but apparently they need the code explained inline? are we AGI yet?
3) I frequently hear how great AI is at writing comments! But it needs comments to better understand the code? So I guess to enable agentic coding you also have to review all the agents' comments in addition to the code in order to prevent drift
Well... Yah. For the record I'm saying this to trick humans into making better comments for humans. It is very difficult to convince people to do this otherwise, in my experience.
buuut...
I will also mention that these agent files are typically generated by agents. And they're pretty good at it. I've previously used agents to dissect unfamiliar code bases in unfamiliar languages and it has worked spectacularly well. Far far FAR better than I could have done on my own.
I have also been shocked at how dumb they can be. They are uselessly stupid at their worst, but brilliant at their best.
I don’t think they serve the same purpose. Most of the instructions I have for an agent won’t apply to a human. It’s mostly around the the requirements to bootstrap the project vs what I’d ask for a human to accept their pull request.
Thanks! Do you have experience using it? I'm quite nervous on using node CLT because the dependencies will always end up destroying the project and seeing it hasn't been updated in 5 years does not instill confidence.
The golang project looked better because at least the golang project provides a binary.
The amount of information the SVG must store to represent the animation actually crashed the application creating it. There’s too much going on in TTE animations.
One thing I miss the most when writing Markdown is this formula experience you get in Excel. Jot something down, get the result. Then link it to another block.
There are tools like Jupyter notebooks that have all the functionalities, but their file format isn't very readable or diffable using standard terminal tools.
My assumption was that a tool like this will make it easier to keep the README.md in sync while the project evolves. Think of a `--help` section. That assumption holds true to me.
I don't know. It's a question relevant to all generative AI applications in entertainment - whether books, art, music, film or videogames. To the extent the value of these works is mostly in being social objects (i.e. shared experience to talk about with other people), being able to generate clones and personalized variants freely via GenAI destroys that value.
Since Chrome's engine is used by Edge, Opera, Brave, etc.. Probably the best move is to become a non-profit and have all those organizations chip in.
The main reason even Microsoft gave up and rebased their browser on top of Chrome is because of the breakneck speed at which Google introduces new standards and features to the ecosystem. Having them be forced to slow down might be a good thing for browser diversity and the future of the Internet.
There's been a lot of activity on Reddit and Android tech news websites. /r/Pixel4a has been absolutely busy with activity lately, lots of people asking for help.
My experience was kid dropped my old phone on holiday, we tried to remember why my spouse's old phone got replaced, and remembered she had a pixel 4a and the battery life had gotten really poor.
There was some news at the time that the 4a would be getting a 'battery performance update' and that it would result in some users getting a warning about their battery performing poorly and some would be eligible for $50 or a repair.
When I eventually got around to prepping the phone for the kid, lo and behold, the update was ready, I did it, and the battery was bad, and it linked me to the battery performance campaign page...
Which needed the IMEI, then said I could get $50, a $100 coupon or bring it in for repair, and there was a shop reasonably near me. I brought it in and they swapped the battery in about 2 hours with no extra drama.
I don't know why you would throw your phone out from this update... Although I wouldn't be surprised if you had already thrown it out because the battery performance was an issue before the update too.
Google ended security updates for the Pixel 4a in August 2023, so running this as your daily driver was already problematic. Fortunately, LineageOS officially supports the 4a, and v22 (aka Android 15) was just released for it.
This attitude (and the word "problematic") is so tiring. What is the actual problem with running it as your daily driver? What specific vulnerability are you actually concerned about? Unless there's something like an arbitrary code execution bug in one of the networking/radio stacks, "there aren't updates" is a statement with approximately zero useful information.
It seems to me that at this point for the normal person, the biggest security issue is not that some hacker will hack their phone to steal their data and render their device unusable, but rather that Google will
So I'm not terribly familiar with Bluetooth. Are these something that can be exploited by an unpaired device?
"Google Android on a Pixel 4a is vulnerable to remote code execution by arbitrary nearby wireless devices" is certainly a better reason to not use one than "security updates have ended".
and you'll see that every month lots and lots of CVEs are fixed with at least high or even critical severity in various stacks. If you're running a phone that hasn't received updates since August 2023, you can assume that you have dozens of remotely exploitable bugs on your system. The security track record of Android is absolutely terrible.
That phone hacking is not a big thing is simply because it's usually much easier for a hacker to get into the cloud services people use instead through targeted phishing attacks. If that makes you feel safe using a phone without updates, then good for you, but don't claim these updates aren't actually fixing serious bugs every month.
The fact that their bulletins say that there are high and critical vulnerabilities every month is sort of my point. Is this thing actually critical? Can you only send the vulnerable commands after you have paired? [0] suggests these are used after pairing, but like I said I'm not familiar enough with BT. If that's the case though, "User interaction is not needed for exploitation" is misleading; I'm not going to pair with random devices, so I'm not concerned. I see that with other vulnerabilities too. e.g. CVE-2024-31320 from last year is "critical", and says "there is a possible way to establish a companion device association without any confirmation due to CDM. User interaction is not needed for exploitation." Except if I'm understanding correctly, you need to install a malicious app, and what it does is let that app use a bluetooth device without asking. Big whoop, that's how everything works on desktop, and it's fine.
The problem is the security industry has such a low signal:noise ratio that it makes sense to just ignore everything they say as a user. They're constantly lying and saying there are important security updates when there aren't, and that everything is high/critical severity when it isn't. In a corporate setting, you just unthinkingly update to check boxes, but as an individual, it makes no sense to do that. And with Android, you have to take possibly undesirable feature updates to get kernel or system library updates. For some products, security updates are to "secure" the device against its owner! Advisories are often lacking enough information to be able to evaluate impact, which further makes it clear that the people publishing them are to be viewed with a skeptical eye.
It should be immediately obvious whether this is exploitable by random passersby (if it actually is) without me having to go learn how bluetooth works at a protocol level. "Don't think about it and just update, install a new OS, or buy new devices" is not a useful attitude.
Things don't become end of life when they stop receiving updates. They become finished. Whether and for what purposes they continue to be useful requires ongoing judgement.
I assume its a responsibility thing. If your bank login gets hacked on a no longer supported phone, you cannot point at other issues since you were not uptodate anymore. Even if it doesn't matter.
For older Google phones (as well as most other Android ones) it is the standard. (AFAIU this was mostly due to Qualcomm’s policies and lack of pushback from Google et al.) Newer Google ones get 5–7 years[1], and Samsung has also switched to a similar support term (but keep in mind that only Samsung’s flagships get monthly security updates).
