> Status: Early prototype. Fully vibe coded. [...]

Cool project... However, the terminal is where you enter passwords, ssh, set API keys etc. Something so sensitive should not be "Fully vibe coded".

For a project like this, I would expect to see a clarification which might read something like this: "Fully vibe coded, but I audited each and every line of generated code and I am already a domain expert in vt sequences and emacs so I know this program should be OK." But given that I did NOT see a clarification or statement like this, it becomes very difficult to trust a project like this.

Again, it is a cool idea.

▲

mccoyb 6 hours ago | parent [-]

The vast majority of your complaints are handled by libghostty-vt itself, not by this person's Emacs wrapper software over libghostty.

Ghostty is a great piece of software, with a stellar maintainer who has a very pragmatic and measured take on using AI to develop software.

▲

nine_k 3 hours ago | parent [-]

Looking at the sophistication of modern security exploits, I'd say that just a few minor gaps, strategically positioned, can lead to surprisingly drastic results. Of course, Emacs is a niche editor/IDE/OS/whatnot, so an unlikely target, but still.

It's a great proof of concept though. In the meantime, I'll stick with vterm.

▲

whalesalad 3 hours ago | parent [-]

no malicious person is using emacs. the userbase is full of painfully honest people.

	▲	nine_k 2 hours ago \| parent [-]
		I hope they all secure their MELPA accounts properly, too!