Hacker gains admin control of Sourcegraph and gives free access to the masses - Enlarge (credit: Getty Images)

An unknown hacker gained admini... - https://arstechnica.com/?p=1965211 #personalinformation #sourcegraph #security #breaches #hacking #biz&it

Ars Technica: Hacker gains admin control of Sourcegraph and gives free access to the masses https://arstechnica.com/?p=1965211 #Tech #arstechnica #IT #Technology #personalinformation #sourcegraph #Security #breaches #hacking #Biz&IT

So an #AI platform apparently means your brain quits working instantly. The said token was "accidentally" leaked online on July 14. The breach, discovered on the same day, was labeled "isolated and inorganic."
#cybersecurity #infosec

#AI-powered coding platform #Sourcegraph breached using leaked admin access token https://www.bleepingcomputer.com/news/security/sourcegraph-website-breached-using-leaked-admin-access-token/ @BleepingComputer @serghei

🙄 "a leaked admin access token in our public #Sourcegraph instance was used by a malicious actor"

Security update: Incident involving unauthorized admin access #sourcegraph

On August 30 (2023-08-30 13:25:54 UTC), the Sourcegraph security team identified the malicious site-admin user, revoked their access, and kicked off an internal investigation for both mitigation and next steps.

https://about.sourcegraph.com/blog/security-update-august-2023

What's the point of having a chatbot if it's not clear what the code does even to the said chatbot? It's somewhat funny and sad at the same time.

#sourcegraph #cody

@BoredomFestival Don’t know the guy, can’t speak to his motivation. He didn’t stay long at that gig anyway; now he’s at #Sourcegraph

@randomgeek #Cody uses #Anthropic’s #Claude API or can be configured to prompt #OpenAI instead, as well as use the latter for embeddings: https://docs.sourcegraph.com/cody/faq#what-third-party-cloud-services-does-cody-depend-on-today

I’m glad neither #Sourcegraph nor its third-party #LLM⁠s train on the code you give it: https://docs.sourcegraph.com/cody/faq#does-cody-train-on-my-code

Cody is probably prompting #GPT4 (OpenAI deprecated the API for the #LicenseWashing #Codex model behind #Copilot) based on this #Slack #bot code: https://sourcegraph.com/github.com/sourcegraph/sourcegraph@e772c7cbd177961cb2f8b02fcb35727158e8edef/-/blob/client/cody-slack/src/services/openai-completions-client.ts?L28

Two key points about SourceGraph Cody discussed by CTO Beyang Liu in this demo (https://www.youtube.com/watch?v=5L6Ys522snA):

1. The context from SourceGraph's code intelligence graph feeds the LLM

2. The same context is used to /validate/ responses, e.g. to make sure that symbols and filenames referenced in the generated code actually exist.

#SourceGraph #Cody #LLM #Reasoning

Shout out to Cody for reminding me of all the things I need to do when I create an S3 bucket in terraform to comply with CIS benchmark... Note, I am just using this as an "outline" so I don't miss anything. 🤯😂 #AWS #security
#sourcegraph

Sourcegraph was a fascinating, powerful tool already. What is coming via LLM technology will be a true paradigm shift. After reading Steve Yegge’s post about the marriage of Sourcegraph and LLMs, I for the first time see value in LLMs.

https://about.sourcegraph.com/blog/cheating-is-all-you-need

#Sourcegraph #LLM #AI #CodeIntelligence #Cody

One of the many reasons I love #Sourcegraph: With the browser addon it assists in focussed PR reviews without having to switch context. Instead it directly shows you the value of a variable that is declared outside of the PRs scope. /cc @mrnugget

Happy to see @1password Shell Plugins for#Fastly, #ngrok, #Vultr and #Sourcegraph finally in production. 🎉

https://app-updates.agilebits.com/product_history/CLI2#v2140001

Contributing to the #1Password Shell Plugins project has been a pretty fun experience so far, and this is my first time writing Go!

How I started. Commodore 64 programming, learning unix, doing network programming, finding IRC, creating #curl and then even more curl.

On the #Sourcegraph #podcast: https://www.youtube.com/watch?v=ZLtqHFxEDm8

The newly-released #1Password CLI v2.13.0 brings the number of 28 Shell Plugins (the ability to authenticate to a CLI with a fingerprint).

12 of which were built by y'all!

New additions include #SnowflakeDB #DataVricks
#cargo #argo #OpenAI #FlyIO
#Vultr and #SourceGraph

Huge thanks to @avy, github.com/kanadgupta, and github.com/ssttehrani for their new plugins.

The newly-released #1Password CLI v2.13.0 brings the number of 28 Shell Plugins (the ability to authenticate to a CLI with a fingerprint).

12 of which were built by y'all!

New additions include #SnowflakeDB #DataVricks
#cargo #argo #OpenAI #FlyIO
#Vultr and #SourceGraph

Huge thanks to @avy, github.com/kanadgupta, and github.com/ssttehrani for their new plugins.

After yesterday's tutorial on setting up #sourcegraph I decided to publish a follow up on how to use literal and regex searches with the tool, including a few examples from some recent problems that I had to solve myself for work.

https://tekwizz123.hashnode.dev/better-source-code-navigation-part-2-sourcegraph-literal-searches-and-regex-searches

Searching for demoscene computer code? Try the sourcegraph search engine, which searches for computer code eg: https://sourcegraph.com/search?q=context:global+demoscene&patternType=standard&sm=1

(Enter a query that will give no results, eg. a purposely misspelled word, to get a nice help screen for sourcegraph displayed).

#demoscene #sourcegraph

@alyssam_infosec @adrienne @MJS @Alarming I remember being impressed by how #SourceGraph wrote a job description. Looking now, their JDs still have the giant list of qualifications, but it's after a bunch of transparency on the company and interview process.

@ilias Not personally. But I know from a colleague and from the founder of #Hashicorp that they have Parallels running to have a Linux based VM as the workhorse.
Here there YouTube link to #Sourcegraph #DevTool video with the Hashicorp founder:
https://youtu.be/LA8KF9Fs2sk