Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
cubefox 10 hours ago

It needs far more features apparently. Tons more. That's why Notepad++ is popular. Which also had a severe security vulnerability recently. Which was actively exploited by some state actor like China.

leduyquang753 10 hours ago | parent | next [-]

That recent Notepad++ incident was a supply chain attack, not a vulnerability in the original program.

SPICLK2 10 hours ago | parent [-]

Strictly, no. But it was a vulnerability in the design of Notepad++, key elements here being the featureset that requires frequent updates and the lack of integrity checks during the upgrade process.

This has prompted me to move on from Notepad++ - it's sad, because I've used it for many years, but this is too much.

IsTom 10 hours ago | parent [-]

> in the design of Notepad++

One could argue it's an issue with windows where you can't just pull updates using a package manager/app store.

ampersandwhich 9 hours ago | parent | next [-]

Recently, I was pleasantly surprised to discover that the Microsoft Store has a built-in CLI with that exact functionality. You just run `store updates` to check for updates to store-managed apps, and you can target specific items with `store update <update-id>`. Of course, there's also winget for non-store applications (`winget upgrade`). I find them pretty handy as I have become quite used to managing my Linux installations with pacman over the past year or so. I discovered the store CLI completely by accident. It's not widely advertised.

gchamonlive 8 hours ago | parent | prev | next [-]

I am driving an Ubuntu installation because it's what's my current employer mandates and coming from arch it feels like going back to Windows. Oh-my-zsh, opencode, gemini-cli, bun, pyenv, nvm... All installed with curl | bash which is not as bad as a .exe or .msi -- those are scripts you can still easily inspect -- but it's also bypassing the pkg manager.

But I guess that's what you get when you fragment your ecosystem in apt, snap and gnome extension manager. I need to master nix asap.

SPICLK2 10 hours ago | parent | prev | next [-]

I'm not sure who I trust less to handle package integrity, the 3rd party hosting provider that Notepad++ used, or Microsoft.

IsTom 10 hours ago | parent [-]

A little tongue-in-cheek, but it's also an issue with windows, that it's owned by an untrustworthy company.

tracker1 3 hours ago | parent | prev | next [-]

You mean like WinGet? or the Windows Store?

voidUpdate 10 hours ago | parent | prev | next [-]

You can if you use the windows store. It's just that you usually install things outside of that, unlike in linuxes where you generally use the package manager that can handle updates for you

delaminator 8 hours ago | parent [-]

Plus Windows Store is not supported on all version of Windows particularly Datacenter versions - your most valuable assets !!

tracker1 3 hours ago | parent [-]

You can jump through a couple hoops to get WinGet working in Windows Server environments without much issue. IIRC, there's a single PS1 script you can run to do it, followed by a reboot.

RobotToaster 10 hours ago | parent | prev [-]

Pretty sure winget does let you do that.

conductr 10 hours ago | parent | prev [-]

The OS provided option can be bare bones, stable, secure and just utilitarian. This promotes having people choose their own tools for the features they want and not really expecting much other than reliability from the OS version. They didn’t need to mess with a good thing.

Ok, tabs, I do like the tabs.