The author of this analysis used ^ prompt and fed it to OSS LLMs. The question itself contains the answer. The prompt contains all the facts and insights the model needs to identify the issue. It removes the burden of finding those insights within the 4k+ lines of code in the original vulnerable file.

So the claim that OSS models can find those zero-day issues was a lie.

I have been saying this since last year, we crossed certian treshhold and not everyone realized it yet.

True, fortunately we learned how to filter those types of resumes and candidates. (we got quite good at that)

Yup, this happened to me. Ask me anything.

Are remote jobs completely over now with rampant AI fakers?

How common does this happen now?

We are still a fully remote company, but we added an additional on-site stage to verify if the people are legit. So I would say that the jobs are not over, but hiring just got way more expensive.

Thank you so much, sharing is caring!:)

Clickable links:

- https://news.ycombinator.com/item?id=40460084

- https://github.com/dj-stripe/dj-stripe

- https://gist.githubusercontent.com/kannthu/6e1bdd2781d2e0a6d...

No mods. Anarchy.

Oh, I did not know about that, good idea!

I see writing posts and commenting as two separate ways of contributing. These are 2 different styles.

I prefer writing high-quality content (posts) instead of commenting. It is not in my nature to write comments (and this style of contributing).

It does not mean that I am not putting high effort into writing posts - quite the opposite. When I write long content I put all my heart into it and many hours.

What I mean is that I would love to meaningfully contribute and gain karma by doing "content" the way I like and prefer and not being forced to comment.

Unless your ideas are a monolith ("Read my 2000 word essay or nothing!") then maybe reply to other posts with relevant snippets of your work and link to the longer content.

At the end of the day, the whole should be greater than the sum of the parts but if your content is good you'd expect your parts (shorter sub-ideas) would at least be clear and well-written enough to draw some upvotes as comments.

Also, even if "good" posts are rare (which as others have said sounds pretty arrogant), you should be able to post comments that are helpful clarifications or corrections on those posts.

I get that you'd prefer to gain karma by posting not commenting but the gating method is based on comment karma to earn the right to get posting karma.

I think you're stuck, until you either earn comment karma or find channels to write content on which gains karma.

Not really, sourcegraph is the end product - what I am talking about is giving you API to create products similar to sourcegraph.