1
AI load breaks GitHub – why not other vendors?
AI负载冲击GitHub可靠性骤降,揭示大厂基础设施的差异化应对困境
Article URL: https://blog.pragmaticengineer.com/the-pulse-ai-load-breaks-github/ Comments URL: https://news.ycombinator.com/item?id=48266309 Points: 3…
2
Here’s a beginner-friendly guide to GitHub, especially focused on forks and pull requests, which are the core of real-world collaboration
零基础学会GitHub协作核心——fork和PR,图解开源工作流轻松上手
🚀 GitHub for Beginners (Forks, Pull Requests, and Collaboration) GitHub is where developers store code, collaborate, and contribute to projects . If G…
3
Show HN: Memory for LLM apps that cuts input tokens up to 80% (avg 68%)
GitHub开源项目,让LLM应用拥有长期记忆,同时将输入token平均削减68%,大幅降低API成本。
Article URL: https://github.com/Tem-Degu/streetai-memory Comments URL: https://news.ycombinator.com/item?id=48249509 Points: 1 # Comments: 0
4
What Developers Don’t Say in Interviews—but Show on GitHub
从研究论文看GitHub上的开发者行为,揭示面试中难以言说的真实一面
When I started working on my usability study project with KServe, I interacted with KServe users to understand the challenges they were experiencing w…
5
Tell HN: I'm tired of AI-generated answers
揭开AI答案的沉沦:开发者揭露GitHub讨论区充斥人工智能复读机,真实求助被淹没在无意义回复中。
I found GitHub repositories that were spreading malware. I asked AI what I should do about it, but it gave me nothing useful. So I opened a discussion…
6
CISA Security Leak
CISA承包商在GitHub上意外暴露多个高权限AWS GovCloud账户凭证,安全专家揭露开源仓库风险。
Crazy story : Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repo…
7
A hacker group is poisoning open source code at an unprecedented scale
黑客通过VSCode扩展投毒开源代码,GitHub遭供应链攻击,规模史无前例。
GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks.
8
Building GitHub’s next chapter in accessibility
GitHub发布无障碍新策略,邀你共建包容性开发文化,了解最新进展与参与方式。
Explore our update on GitHub’s accessibility strategy, and learn how you can join us in building a culture of accessibility. The post Building GitHub&…
9
GitHub 被黑,3800个内部仓库外泄:从一枚恶意VS Code扩展说起
从一枚恶意VS Code扩展说起,揭秘GitHub内部3800个仓库泄露的供应链攻击链条,开发者必看的安全警示。
10
GitHub confirms breach of 3,800 repos via malicious VSCode extension
恶意VSCode扩展致GitHub 3800个仓库被入侵,供应链安全警钟再响
Previous thread in sequence: GitHub is investigating unauthorized access to their internal repositories - https://news.ycombinator.com/item?id=4820131…
11
Investigating unauthorized access to GitHub-owned repositories
GitHub首席安全官亲述内部仓库遭非法入侵的完整调查过程
If any impact is discovered, customers will be notified via established incident response and notification channels. The post Investigating unauthoriz…
12
Zero-Secret CI/CD: GitHub Actions + OIDC on AWS (Part 6)
抛弃GitHub Secrets,用OIDC信任实现更安全的零密钥CI/CD部署,附完整AWS配置实例
Zero-Secret CI/CD: GitHub Actions + OIDC on AWS (Part 6) No AWS_ACCESS_KEY_ID in your GitHub secrets. Ever. Here's how OIDC trust works and why it's s…
13
AI Inference Costs: The Wake-Up Call for 2026 and 2027
2026年AI推理成本将飙升,GitHub Copilot率先转向用量计费,企业预算面临调整。
Article URL: https://blog.herlein.com/post/ai-inference-costs-reality-check/ Comments URL: https://news.ycombinator.com/item?id=48211362 Points: 1 # C…
14
LLM: Documentation driven exploration for big codebase
用LLM辅助,以文档为线索高效探索大型代码库的开源工具
Article URL: https://github.com/Anhydrite/doc-torn Comments URL: https://news.ycombinator.com/item?id=48219106 Points: 2 # Comments: 1
15
GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK
GitHub确认3800个内部仓库遭投毒VS Code扩展窃取,针对微软Python SDK的供应链蠕虫正在扩散。
GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal reposit…
16
GitHub 被黑:员工装了一个 VS Code 插件后,3800 个内部仓库泄漏
GitHub 因员工安装恶意 VS Code 插件导致3800个内部仓库泄漏,敲响企业供应链安全警钟。
昨日 GitHub 在 X 上确认:一名员工安装了被植入恶意代码的 VS Code 扩展,导致 GitHub 内部约 3800 个代码仓库遭泄漏。@Appinn 感谢 vlad 的提醒。 从 GitHub 确认的情况来看,一名员工安装了恶意的 VS Code 扩展程序后,其设备被攻破,约有 3800
17
Pi creator removed from OpenClaw's GitHub organization
Pi 创建者突遭移除事件,OpenClaw 组织 GitHub 管理权变化引发关注。
Article URL: https://twitter.com/badlogicgames/status/2057391656379269272 Comments URL: https://news.ycombinator.com/item?id=48220368 Points: 3 # Comm…
18
Aperion Shield: local guardrail that blocks destructive AI coding agent ops
开源本地安全护栏,阻挡AI编码代理的破坏性操作,v0.7新增45+自适应规则与更多测试用例。
Article URL: https://github.com/AperionAI/shield Comments URL: https://news.ycombinator.com/item?id=48207471 Points: 2 # Comments: 0
19
Show HN: AI Efficiency Score – paste any GitHub repo, get a score in seconds
粘贴GitHub仓库就能秒出AI使用效率评分,无需注册,适合工程团队自检
Article URL: https://costlens.dev/score Comments URL: https://news.ycombinator.com/item?id=48194736 Points: 2 # Comments: 0
20
US cyber agency CISA exposed reams of passwords and cloud keys to the open web
安全研究员发现CISA承包商员工竟在GitHub上公开了明文凭证,包括云密钥和访问令牌,差点引发重大数据泄露。
The federal cybersecurity agency left plaintext passwords in a spreadsheet uploaded to a public GitHub repository, per a report by independent journal…