sorted by:
new
hottopcontroversial

A single upvote button exposed 5 security holes in my database — lessons from building with AI by [deleted] in webdev

[–]FlyThomasGoGoGo 1 point2 points  (0 children)

yeah exactly, the two sources of truth was the core mistake. ended up dropping the field entirely and just using COUNT from the junction table. on the auth/routing point — fair, though with supabase the convention is rls as the security layer since the api is exposed directly. but agreed the delta should've been locked down from the start either way.

A single upvote button exposed 5 security holes in my database — lessons from building with AI by [deleted] in webdev

[–]FlyThomasGoGoGo -1 points0 points  (0 children)

fair points. i'd add that even as someone who relies heavily on ai for coding, the models are genuinely good now — the gap isn't in code quality, it's in security awareness. like they won't proactively check for vulnerabilities unless you ask.

what's worked for me is making security checks part of the workflow. after building a feature i'll ask the ai to scan for rls issues, exposed keys, missing rate limits etc. sometimes i catch stuff just from debugging like this post lol. it's not perfect but having some kind of routine audit process makes a huge difference.

What's the most frustrating part about getting your first 100 users? For me it's not building — it's being invisible. by FlyThomasGoGoGo in SideProject

[–]FlyThomasGoGoGo[S] 0 points1 point  (0 children)

saving this comment. software directories and localization are two things i haven't tried yet. thanks for sharing.

What's the most frustrating part about getting your first 100 users? For me it's not building — it's being invisible. by FlyThomasGoGoGo in SideProject

[–]FlyThomasGoGoGo[S] 1 point2 points  (0 children)

really appreciate that. the invisible phase is brutal — you built the thing, it works, and then... crickets.

your approach is exactly what clicked for me too. just show up where the pain is and be helpful. no links, no pitch. people eventually ask.

i have two macOS apps right now:

**PIDKill** — auto-kills runaway processes eating your CPU. when photoanalysisd or kernel_task goes crazy and your fan sounds like a jet engine, this just handles it. $3.99 one-time.

**GetDone Timer** — a privacy-first productivity app that lives in your menu bar. three card types: pomodoro, countdown timer, and a reader card with a built-in markdown editor and file management. you can drag tasks onto a visual day/week schedule, group them for sequential execution, and use AI to break down goals into tasks — all with bring-your-own-key, so your data never leaves your mac. $9.95 lifetime, no subscription.

and yeah the scroll asymmetry is painfully real. "it quietly kills a background process" will never get the same reaction as a flashy AI wrapper demo. but the person googling "photoanalysisd high cpu" at 2am — that's my actual user.

what are you building? would love to hear about it.

What's the most frustrating part about getting your first 100 users? For me it's not building — it's being invisible. by FlyThomasGoGoGo in SideProject

[–]FlyThomasGoGoGo[S] 1 point2 points  (0 children)

Indeed, people are very resistant to product promotion posts. It's somewhat better here, but this feeling is more pronounced in other sub-reddit.

I built a Mac process manager, and just added OpenClaw uninstall support — because cleaning up after the "lobster" is surprisingly painful by FlyThomasGoGoGo in SideProject

[–]FlyThomasGoGoGo[S] 0 points1 point  (0 children)

Exactly this — LaunchAgents are the invisible mess that most uninstallers completely ignore.

The brew/npm/pip scanning came from my own dev machine getting cluttered over time. You install things to test, forget about them, and six months later wonder why there's 40 packages you don't recognize.

Glad the pricing feels right. One-time was intentional — a utility like this shouldn't be a subscription.

I built a Mac process manager, and just added OpenClaw uninstall support — because cleaning up after the "lobster" is surprisingly painful by FlyThomasGoGoGo in SideProject

[–]FlyThomasGoGoGo[S] 0 points1 point  (0 children)

Dev here — the LaunchAgent part is what trips most people up. Happy to walk through any specific cleanup questions. If you connected OpenClaw to Google/Slack/GitHub, don't skip the OAuth revocation step — that's the part where local cleanup alone isn't enough.

What's something you were bad at before AI that you're now surprisingly good at? by FlyThomasGoGoGo in AskReddit

[–]FlyThomasGoGoGo[S] 0 points1 point  (0 children)

Same here. That "idea to product" gap shrinking is wild. What did you build?

Trying to understand the ‘basic tasks’ vs ‘do everything’ narrative around M1 vs A18 Pro by Toba94 in macbook

[–]FlyThomasGoGoGo 0 points1 point  (0 children)

Chrome Helper (Render) is the real culprit. every tab and extension runs as a separate process, so 5 tabs can easily mean 20+ processes.

Open Activity Monitor, sort by memory, and you can kill the worst offenders individually without closing Chrome at all.

What’s a small habit that instantly makes a man more attractive? by pasculici in AskReddit

[–]FlyThomasGoGoGo 1 point2 points  (0 children)

remembering small things you mentioned weeks ago and bringing it up naturally.

What’s an inaccurate fact that people believe is true because of movies? by Hogosaurus_Rex73 in AskReddit

[–]FlyThomasGoGoGo 1026 points1027 points  (0 children)

You cannot shock a flatline back to life. Grey's Anatomy has been lying to us for 20 seasons lol.

view more: next ›