Your pricing is absolutely ridiculous. I ran a full image generation site (like Leonardo), so I know what it costs to run models/generate images. I'm shocked people are willing to pay you that much money. Your margins must be like 99%

"AI" is just the latest grift in a long, long line.

All these people commenting on the positive relationship between amount of code and technical debt. Generative AI can refactor code too (making it smaller)

Lol, has their SB creds. Someone could do a bunch of stuff with that

These appear to be local credentials (supabase init, supabase start), but I'll reach out to the founders now to make sure everything is secure on their Production database/APIs. We are a GitHub secret scanning partner [0], so hopefully this was caught early.

---

For any other founders reading this, it's recommended to add a `SECURITY.md` to your repo before doing a ShowHN/LaunchHN. This can be exposed in your `.well-known` folder (eg: https://supabase.com/.well-known/security.txt). This will help with responsible disclosures.

[0] GitHub secret scanning: https://github.blog/changelog/2022-03-28-supabase-is-now-a-g...

> Do not reveal the problem to others until it has been resolved,

sorry, probably shouldn't have pointed that out. noted for future reference.

aside: big fan of Supabase, Paul! it's a pleasure using it!

This is exactly right, thanks a bunch for checking. Also, thanks for the note! We will add a SECURITY.md

> Apple, nVidia, and Intel could bring serious hurt to software companies in the next 5-10.

What does that mean? What software companies?

Cloud based AI https://news.ycombinator.com/item?id=35283852

Love your writing, Will. Have both of your books!

i just asked it about safetensors today! also, got a response that amounted to "i don't know what that is. i'm guessing it's X"

did you post the documentation into the prompt?

nice. general question: how many lines of code (at 120 char col len) could you send in one prompt?

also, the entire thing is literally 60 lines of python. sometimes i don't get what gets upvoted on HN anymore

> also, the entire thing is literally 60 lines of python.

Which is a lot as you can do this in one line of bash. And have in the past for other reasons.

Something like;

     find . -name "*.py" -exec cat {} + > output.txt

Looks like it does this to me:

   for file in `git ls-files`; do echo $file; cat $file; echo; echo -------; done

> Permissively Licensed: Trained only on permissively-licensed repos to avoid legal risks

You’re fine-tuning the model. What model are you fine-tuning? I can’t imagine you trained your own LLM from scratch, so how can you possibly guarantee the core model wasn’t trained on non-permissively licensed code?

We're starting off with an open source base model that was trained on The Stack, a dataset containing only permissively-licensed code, and we're further augmenting it with additional repositories with MIT, BSD, or Apache Licenses.

How are you complying with the attribution requirement for MIT and Apache?

From the MIT License[0]:

>The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

From the Apache License[1]:

>You must give any other recipients of the Work or Derivative Works a copy of this License; and You must cause any modified files to carry prominent notices stating that You changed the files; and You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and

[0] https://opensource.org/license/mit/

[1] https://opensource.org/license/apache-2-0/

Not sure why you’re getting downvoted. I’m also curious where these people are going to earn massive comp.

that first plugin is genius! i'm totally gonna give it a go tomorrow!

edit: just opened the second. even better!