| ▲ | antonyh 15 hours ago |
| I appreciate the honesty about using Claude and the time it took to build this, and it shows how things can look when guided by someone who knows what they are doing. On the other hand, it also shows that it took three weeks, so why should I use this instead of building a custom toolchain myself that is optimised for what I need and actually use? Trimming away the 45+ formats to the 5 or so that matter to my project. It raises the question - is 'enterprise' software doomed in favour of a proliferation of custom built services where everybody has something unique, or is the real value in the 'support' packages and SLAs? Will devs adopt this and put 'Artifact Keeper' on their CV, or will they put 'built an artifact toolchain with Claude'? But then again, kudos to you for building something that can (and probably should) eat the lunch of the enterprise-grade tools that are simply unaffordable to small business, individual contractors, and underfunded teams. Truth be told, I'm not going to build my own, so this is certainly something I want to put in a sandbox and try out, and also this is inspirational and may finally convince me that I should give Claude a fair go if it's capable of being guided to create high quality output. |
|
| ▲ | raphinou 14 hours ago | parent | next [-] |
| I'm impressed with the speed of development. I didn't take a look at the quality of the code though. I'm using glm a Kimi k2.5, and I have a lot of corrections to apply to the code. Is Claude that better? Or is my process bad? OP: what's your development process? |
| |
| ▲ | antonyh 14 hours ago | parent | next [-] | | I've not done enough Rust to truly know, but it looks reasonable from looking at the tests, a few models, some implementation code. It doesn't use the 'unsafe' keyword anywhere, but that's not necessarily an indicator. Uses unsafe-libyaml which is like what it sounds (a hacky port of libyaml) but is no longer maintained (archived on GH in March 2024), and may have better choices. An SBOM would highlight these dependencies better than me doing random searches through the code. I'm not sure I'd have put a default in the OIDC callback to localhost, that's about the only thing I've seen in a quick 5-minute skim through. I do like the comments and the lack of emojis :-) I too would like to know the process, if OP is willing to share. | | |
| ▲ | bsgeraci 13 hours ago | parent [-] | | I have had claude go back and forth with codesimplifier agent (they developed) and a security agent. I think adding this to your workflow helps but you have to make sure to have end to end testing on the mind. Because some changes can break things real fast. My process is pretty plain outside of paying anthropic too much money a month. Only thing extra I am using is the beads currently. I was using speckit and ralph-loop but as of last week it does not seem to be needed. THink anthropic is baking some of thes tools into claude code. | | |
| ▲ | antonyh 12 hours ago | parent [-] | | Sounds really clean and simple, combined with classic developer diligence and hard effort to get it built right. Thanks for sharing. |
|
| |
| ▲ | bsgeraci 13 hours ago | parent | prev [-] | | Claude is... unfortunetly... that much better. They really know how to use the tools that integrate into CLI that just makes the flow so much better. The only extra stuff I am doing now is beads. https://github.com/steveyegge/beads I was using speckit and ralph-loop but think anthropic baked in that ralph-loop. Basically a dumb while true until you break with the condition. |
|
|
| ▲ | 0x457 5 hours ago | parent | prev | next [-] |
| Coding agents changed "build vs buy" dynamics in my opinion. Hopefully it will result in SaaS dropping pay-gating SSO. |
|
| ▲ | bsgeraci 13 hours ago | parent | prev | next [-] |
| I would say do not trust it, but use it and try it. Hopefully over time I can build trust by people using it. |
| |
| ▲ | antonyh 12 hours ago | parent [-] | | Trust it to proxy artifacts from the web? Yes I think so. Trust it not to leak credentials? No, that's something that is never taken for granted. Trust it to hold a full history of uploaded binaries? That depends on the value of the releases. For incubator work, or web projects, or even Appstore apps where it's released to those stores to manage, maybe there should be enough trust. I just wouldn't use it for code where I want access to many stable versions, and I wouldn't put it publicly on the web either - not that I would do so with Sonatype Nexus without vendor support and many safeguards. I think it'll earn trust over time, once folk are convinced to use it for real workloads. There's a lot of forms of trust. |
|
|
| ▲ | esafak 6 hours ago | parent | prev [-] |
| Why would you re-invent the wheel? Are the existing options that bad? |
| |
| ▲ | bsgeraci 4 hours ago | parent [-] | | There is no exsiting option :) unless you know where one is at. Artifactory OSS is a joke, and no other product is out there. Trust me I hate reinvinting the wheel... I rather take a nice wheel and use it. If you find an existing full blown artifactory alternative that is opensource let me know. | | |
| ▲ | edoceo 3 hours ago | parent [-] | | I was working on one; for similar reasons but I may just adopt yours - same wheel reasons. |
|
|
