Can’t you just partition the table by time (or whatever) and drop old partitions and not worry about vacuuming? Why do you need to keep around completed jobs forever?
Yes you can, and at the risk of sounding a little snarky; if you do something like that and then release it as open source, people may even discuss it on HN!
I've tested system prompt patching and it's definitely capable of identifying that my changes have been applied.
As someone who's been programming alone for over a decade, I absolutely do want to enjoy my coding buddy experience. I want to trust it. I feel pretty bad when I have to treat Claude like a dumb machine. It's especially bad when it starts making mistakes due to lack of reasoning. When I start explaining obvious stuff it's because I've lost the respect I had for it and have started treating it like a moron I have to babysit instead of a fellow programmer. It's definitely capable of understanding and reasoning, it's just not doing it because of adaptive thinking or bad system prompts or whatever else.
As a PBC, the intent of the company is not only profit, but it's hard to analyze the counterfactuals of if Anthropic were a pure for-profit or a non-profit
Sure, I care about certain people more than others and I’d be willing to use violence to defend myself or my family. But that’s not the same as cheering on or advocating for an attack on someone else that may or may not have done something to harm someone totally unrelated to you.
I’m pretty sure you can setup without broad host permissions, you just probably wouldn’t like it. You’d have to click a button to trigger the behavior, which I think requires you to click another button to approve access. Or configure the extension to allow access to specific domains after install, which will also have a permission prompt.
Isn’t it exactly the same on iOS? If you select a folder, the app gets a security scoped URL for the folder and can read/write the entire tree. The app can also then create a bookmark to persist the security scoped url and use it whenever in the future.
This rules out entire classes of app and would make using a computer a miserable experience.
For example let's say you want to make an app that every day writes a backup to a particular location e.g. 1Password can do a daily backup of your encrypted passwords to a backup location.
Or, let's say you want to make a GUI around a command line program that stores its config as a dotfile.
Without a way to save access to file system locations persistently, apps would be forced to constantly shove open panels in your face all the time.
Expiration depends on how the app has implemented the request for access. Granting access creates a security-scoped bookmark. The app can store it and use it the next time access is required which will bypass the prompt and the bookmark will remain valid in perpetuity (or until tcc reset), or the app can not store it and request permission every launch.
It doesn’t expire, you can even move the file and you can update the bookmark to follow the move.
There are legitimate reasons to give an app persistent access to a file or directory. Maybe you want it to write to a particular directory in your iCloud storage or whatever so it syncs without having to select the directory every time. A note taking app for example.
No, it shouldn’t. There are real reasons to give persistent access to a particular directory. Maybe you want your note taking app to put all notes in a directory for iCloud/dropbox/google drive/some other sync service.
I am baffled that anyone thinks implication-of-action ambiguity and hidden security states without obvious controls, are acceptable security practices.
reply