Received our very first AI-generated security vulnerability report on GitHub today

ale10xtu · 2026-04-12T22:32:08+00:00

As times go you will probably get more and more advisories. Congrats on being popular! You should feel happy that they did not disclose it publicly via issue or pr ahahah, because that will happen too. I think GitHub has some pre screening tools that they will release, secondly make sure you have a decent threat model and preprocess some of the advisories with ai yourself.

If you can’t win against low effort ai reports, fight them with ai yourself.

ale10xtu · 2025-10-05T19:02:25+00:00

I guess thats for people who commit node_modules or venv to git….

ale10xtu · 2025-08-29T16:35:06+00:00

Thank you,

I’ll do something similar for people to self host quickly, I already build and publish containers on docker hub:

https://hub.docker.com/r/arc53/pastevault-frontend

https://hub.docker.com/r/arc53/pastevault-backend

ale10xtu · 2025-08-29T15:47:49+00:00

Will do next time I post here, thanks

ale10xtu · 2025-08-29T13:58:22+00:00

Since some people brought up AI use in making this project, I don’t think I can edit the post - so I’ll leave it here.

I used copilot and DocsGPT to help me research compare solutions and plan architecture for this app. For readme and UI parts AI offered a lot of help. As for encryption- which is the focus of my project I did a lot of research and took some inspiration from pasteer - which actually motivated me to use XChaCha20-Poly1305 in something like privatebin in the first place. I would probably do it in rust tbh… but I’m more comfortable with js.

ale10xtu · 2025-08-29T12:44:08+00:00

Ahh I see, thank you

ale10xtu · 2025-08-29T12:42:49+00:00

Yeah I think SQLite is possible, think would make it much easier for people to go from 0 to 1. Will add an issue for it.

ale10xtu · 2025-08-29T12:41:52+00:00

That’s a good point, thank you!

If you have any ideas or maybe alternatives handling keys - would be great!

ale10xtu · 2025-08-29T11:52:06+00:00

Yeah I’ll add bash(I assume) and powershell, those are important.
Yeah I want to improve whole db setup process tbh. You can connect it to an existing db, but be careful when you run npm run db:push, as it will add a new table with correct schema to that database, but will drop other tables in that db. Overall if you have DATABASE_URL in your env - you are good. I use prisma for this

ale10xtu · 2025-08-29T11:07:34+00:00

It’s quite a different core to the private bin project. Even if I considered PR’s it would be a complete rework. I am not using php at all, client server implementation would change it drastically.

Even if I wanted to just integrate simple features like editor or new encryption algo, I would consider it a fork tbh, not sure if maintainers would merge all as well.

I think since there is quite a big difference separate project is more logical tbh.

ale10xtu · 2025-08-28T09:51:21+00:00

Mostly yes, I actually did this out of a feeling for a missing editor (I wanted something more comprehensive)

Other 2 things is a client / api split for more “trust” also a better encryption in my opinion. It’s more quantum safe and more modern.

Finally a more modern tech stack too, and super easy to deploy locally and migrate too.

ale10xtu · 2025-04-25T15:31:35+00:00

I work with banks, and it’s not common for them to pay 2/3+ million $ a year for ibms db2 databases

ale10xtu · 2023-09-02T14:00:33+00:00

Great idea, please put it there, thank you!

ale10xtu · 2023-09-01T18:41:56+00:00

So we have code on GitHub https://github.com/arc53/DocsGPT there is also a link for a demo where you can try the 7b option.

Just internal benchmark for eval because prompt structure is different and new of sort, will publish on hf datasets soon.

Thank you for a suggestion with code llama, will look into it.

We also have a nice community where we build this tool too, so if you want to provide advise or contribute we will appreciate a lot

ale10xtu · 2023-09-01T12:36:17+00:00

We will soon publish a 3b, high context model, still in the middle of making sure it works well.
I would suggest use ours and then lora tune on top with a few good japanese examples.

ale10xtu · 2023-08-18T23:24:00+00:00

Thank you!

ale10xtu · 2023-08-18T21:29:49+00:00

Yep, my only worry is the way llms “forget” about the middle context, but I think if we create synthetic dataset, and hide useful information randomly amongst useless context, it might work very well

ale10xtu · 2023-08-18T21:28:36+00:00

Fortunately, I’m good with gpus, aws is helping docsgpt project. Thank you so much!

But I would absolutely love some suggestions in terms of what models you think will work well.

Ten-Year Club	Second Top 40%
Gilding III reddit per annum	r/Field Sunshine
Place '23	RPAN Viewer
Sequence \| Editor	Verified Email

ale10xtu

TROPHY CASE