-
> The more I learn about how VSCode works ...... duct tape
The most unfortunate few lines. [0]
I wish Microsoft would hire me for a couple months to do nothing but sit in a corner by myself untangling this mess.
[0] https://github.com/microsoft/vscode/blob/6dbde2a3ed308f88164...
-
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
vscode-remote-release
Visual Studio Code Remote Development: Open any folder in WSL, in a Docker container, or on a remote machine using SSH and take advantage of VS Code's full feature set.
"For VS Code remote, the VS Code server is in the same trust boundary as the VS Code client. [...]
For Remote SSH: [...] A compromised remote could use the VS Code Remote connection to execute code on your local machine."
https://github.com/microsoft/vscode-remote-release/issues/66...
I wrote about it in a bit more detail a month ago because it seems to be a common misunderstanding: "VS Code Remote Dev and Dev Containers are not security boundaries" https://lets.re/blog/vscode-remote-dev/
-
I do my full-time development work using Neovide (a GUI frontend to nvim) over SSH. As a long-time vim user, this is great for me, but I will freely admit that it is nowhere near as easy to set up as VSCode, and it is also fundamentally a dumb client over SSH, so it suffers from lag spikes. There has been some discussion about what a smart client version of nvim would look like, but it's probably years out: https://github.com/neovim/neovim/issues/24690
-
sidecar
Sidecar is the AI brains for the Aide editor and works alongside it, locally on your machine (by codestoryai)
"[LLM-generated code] is ultra-useful if you can close the loop between the LLM and the execution environment (with an “Agent” setup). There’s lots to say about this, but for the moment: it’s a semi-effective antidote to hallucination: the LLM generates the code, the agent scaffolding runs the code, the code generates errors, the agent feeds it back to the LLM, the process iterates."
Okay, so who's doing this today and how?
This question came up recently in the Aider discord and not many had a good answer.
Aider is great but the SDK is weak and second-class, so interacting with the repl frustrates agent-dev.
Sidecar (which can run independently of Aide), https://github.com/codestoryai/sidecar/ is one agent that was mentioned. Many of that projects issues are auto-responded to by a PR-creating agent.
Anything else I'm missing?
In general, I know how I would build an agentic dev-loop, I'm just looking for a good SDK that handles prompting and diff merging etc. i.e. Aider as an SDK or similar.
-
cyberduck
Cyberduck is a libre FTP, SFTP, WebDAV, Amazon S3, Backblaze B2, Microsoft Azure & OneDrive and OpenStack Swift file transfer client for Mac and Windows.
> I distinctly remember seeing some program that was named something duck-related but for the life of me I can't remember any other specifics
cyberduck - https://cyberduck.io/
-
devspace
DevSpace - The Fastest Developer Tool for Kubernetes ⚡ Automate your deployment workflow with DevSpace and develop software directly inside Kubernetes.
-
https://github.com/Parallels/vagrant-parallels
The chef project has a builder for vagrant "baseboxes", which one can use to build own, trusted, ones: https://github.com/chef/bento
Then each of your projects could have a Vagrantfile you can use to start a VM with the right tools and mount the correct directory in the VM. If you make sure to disable all the integrations that Parallels enables by default, npm in the VM should be pretty well isolated.a
Alternatively, once orbstack implements the feature request to allow users to selectively share directories (as opposed to force sharing all Mac directories with the VM), orbstack could probably also provide pretty good isolation.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
https://github.com/Parallels/vagrant-parallels
The chef project has a builder for vagrant "baseboxes", which one can use to build own, trusted, ones: https://github.com/chef/bento
Then each of your projects could have a Vagrantfile you can use to start a VM with the right tools and mount the correct directory in the VM. If you make sure to disable all the integrations that Parallels enables by default, npm in the VM should be pretty well isolated.a
Alternatively, once orbstack implements the feature request to allow users to selectively share directories (as opposed to force sharing all Mac directories with the VM), orbstack could probably also provide pretty good isolation.
-
https://github.com/orbstack/orbstack/issues/169
-
macOS has a formal sandboxing language; I first learned about it via iTerm2's build process: https://gitlab.com/gnachman/iterm2/-/blob/v3.5.12beta2/deps.... consumed by /usr/bin/sandbox-exec https://gitlab.com/gnachman/iterm2/-/blob/v3.5.12beta2/Makef...
I haven't tried to use it in anger, but I believe this is the likely starting point https://developer.apple.com/documentation/xcode/configuring-...
-
> from IntelliJ will require 1–3 plugins. 3 for Java, Docker, 3 plugins for React, npm, Prettier, SonarLint, Copilot, database, Gitlens, Maven
How old is your copy of IJ that you need to download the Maven plugin? To the very best of my knowledge, every one of these in the "plugins" directory ships with IJ and is not something one needs to download from the JetBrains marketplace: https://github.com/JetBrains/intellij-community/tree/idea/25...
I obviously can't link to the GitHub repo for IJ Ultimate but the DataGrip behavior is similarly bundled. What may be up for hair-splitting is that think they do use the concept of plugins as an update mechanism. That is: I don't think one could download a copy of IJ Ultimate that doesn't speak Java, Docker, npm, database, or Maven. But they do use plugins such that one could acquire a bug-fix to (e.g.) the Docker plugin without having to re-download the whole IJ
