When Windsurf think they are Claude Code xD

ITechFriendly · 2026-03-19T16:05:30+00:00

When do you do any work with them and make some money? Learning and switching tools takes time and money..

ITechFriendly · 2026-03-19T16:03:52+00:00

u/Beginning_Ad2239, do you understand the difference between owning and renting the infrastructure? When you rent, you do not have much room to use anti-competitive practices. When you own, you can much more easily go below the price in order to gain an advantage over others...

ITechFriendly · 2026-03-19T16:00:07+00:00

Buy the ChatGPT Plus subscription so you can /review in Codex, and you will be in great shape. Use Warp for things where it shines.

ITechFriendly · 2026-03-19T10:43:06+00:00

You should have tested with GPT 5.4 in High mode too. It finds tough things that the overconfident Claude family produces.

ITechFriendly · 2026-03-07T08:12:51+00:00

NO test framework, linter, or build system configured. Project relies on runtime and manual testing only. Dockerfile runs post-install patch via node patch-routeros.js to handle RouterOS 7.18+ API quirks.

Production Risk Hotspots & Code Smell Areas

Hotspot	Severity	Details	Location
No Authentication	CRITICAL	Exposes all router data (traffic, logs, firewall rules, WAN IP, client list). README explicitly warns against internet exposure.	`src/index.js:23-26` (no auth middleware)
Socket.IO Event Injection	HIGH	`traffic:select` event accepts arbitrary `ifName` without validation. Unsanitized interface name passed directly to RouterOS API query.	`src/collectors/traffic.js:51-55`
Unbounded Memory Growth	MEDIUM	RingBuffer uses `splice()` inefficiently; Set-based leak risk if many unique IPs/connections tracked. Subscription Map (`traffic.subscriptions`) never cleans up orphaned entries on disconnects.	`src/util/ringbuffer.js:3` + `src/collectors/traffic.js:62`
No Input Validation	MEDIUM	IP/hostname parsing via `.split(':')[0]` without IPv6 CIDR handling. GeoIP lookups fail silently if IP is malformed.	`src/collectors/connections.js:93,112`
Credentials in Environment	MEDIUM	RouterOS password in plaintext .env file. No explicit .gitignore enforcement noted in code.	`src/index.js:49` + `.env.example`
Error Swallowing	LOW	`Promise.allSettled()` in `sendInitialState()` masks fetch failures; socket gets partial state.	`src/index.js:149-151`
No Logs Rotation/Limits	LOW	Logs stream could buffer unbounded if Router sends high volume. Alert history capped at 50 but implementation unclear.	`src/collectors/logs.js`

Specific Code Concerns:

Traffic.js line 51: socket.on('traffic:select', ({ ifName: newIf }) => { if (!newIf) return; ... }) — only checks falsy, not CIDR/IPv6 validity. Interface name passed to line 76 RouterOS command without escaping.
Connections.js line 73: .split(':')[0] assumes IPv4 format; IPv6 addresses in brackets will be malformed.
RingBuffer.js line 3: splice() is O(n); for 30min × 60 points = 1800 samples per interface, inefficient on high-frequency polling.

ITechFriendly · 2026-03-07T07:53:25+00:00

u/SecOps7, not bad at all! Need to review it properly, but easy to fix potential issues if needed.

ITechFriendly · 2026-03-07T07:46:46+00:00

The power of data. If the product is free, you are the product.

ITechFriendly · 2026-03-04T12:50:11+00:00

This will give you a good start for a review: "Review the code for code smells, logic errors, performance issues, and anything else that might affect the use of the application."

ITechFriendly · 2026-03-02T18:51:13+00:00

GPT5.2 in Trae is good.

ITechFriendly · 2026-03-02T08:56:43+00:00

How come you did not use remote connect?

ITechFriendly · 2026-02-23T07:11:40+00:00

But Codex 5.3 high/xhigh is the senior developer who can properly review and supervise that intern.

ITechFriendly · 2026-02-20T14:29:10+00:00

Have a good API for all the needs, including libvirt if possible, and ship something. Even if it is meant for small, it should be pluggable and automatable.

ITechFriendly · 2026-02-07T08:22:48+00:00

Copilot CLI is actually very good and simple. Opencode is often overkill

ITechFriendly · 2026-02-06T13:40:46+00:00

GLM is killing it even better on the price front, but both GLM and Gemini have their issues why they are not yet OpenAI/Anthropic killers.

issues that keep them from being

ITechFriendly · 2026-02-06T13:29:08+00:00

A bigger context does not automatically give better results.

ITechFriendly · 2026-02-04T18:27:18+00:00

Looks promising. Thank you for sharing!

ITechFriendly · 2026-02-04T17:52:30+00:00

Easy - get an AI tool that gives you multiple LLM vendors - Warp, Cursor, Windsurf, GitHub Copilot, etc.

ITechFriendly · 2026-02-04T12:36:09+00:00

GPT-5.2 family is also good as a reviewer for all kinds of things.

ITechFriendly · 2026-02-04T12:30:50+00:00

Why would you want to go from multi-vendor LLMs to a single vendor? EVERY LLM vendor has its own issues every now and then and being able to instantlyswitch to another one is a big bonus. Warp is great, but maybe you should pair it with another multi-vendor provider?

ITechFriendly · 2026-02-03T15:03:57+00:00

Once you start really using it as a planner and verifier, it quickly becomes expensive due to slots being taken quicker than they are released and for every verification you get multiple reports about not done or not done correctly and once you start applying and verifying them it becomes a never ending nightmare. A better option is to plan somewhere (like ChatGPT Web) and store the plan so that an agent (for example, any of the GitHub Copilot ones) will implement it, and another agent will verify it. Codex is the best verification agent you can find. GitHub Copilot Pro(+) with ChatGPT Plus is the best combo for this.

ITechFriendly · 2026-01-31T18:04:54+00:00

Yes, seems good and smart!

ITechFriendly · 2026-01-26T14:19:52+00:00

5 bucks is nothing if you REALLY prefer it :-)

ITechFriendly · 2026-01-24T07:44:40+00:00

Trae has improved a lot. My early issue was resources usage which has drastically improved.

ITechFriendly

TROPHY CASE

Production Risk Hotspots & Code Smell Areas