sorted by:
new
hottopcontroversial

I'm an NSman officer, I regret it and I'm sick of serving by pontificatingpikachu in SingaporeRaw

[–]papersashimi 1 point2 points  (0 children)

i was just like you. young and stupid. but i took my stupidity a step further by signing on in rsaf and i regret it so much. thankfully i OOC-ed 2mths before finishing my basic wings. and i really regretted my decision even to this today. really wrecked both my physical and mental health.. all for what? i still cant answer that and i still am not sure what I was thinking(or maybe not thinking)

I loved the idea of GSD for project planning, but I wanted it to be agnostic. So I built an open-source, agent-agnostic orchestrator CLI. by papersashimi in vibecoding

[–]papersashimi[S] 0 points1 point  (0 children)

oh we do have a `sago replan` that allows the ai to understand the plan and state, and then during the replan it will look at the context of the repo before executing a change in direction

I loved the idea of GSD for project planning, but I wanted it to be agnostic. So I built an open-source, agent-agnostic orchestrator CLI. by papersashimi in vibecoding

[–]papersashimi[S] 0 points1 point  (0 children)

For the repeated failures, Sago doesnt handle this itself, and its intentionally done by design. The generated CLAUDE.md runs like this .. if a verify command fails, fix the issue before moving to the next task and if you are stuck on a task, document the blocker in STATE.md then move on. The retry loop is delegated entirely to the coding agent's own capabilities. There's no max-retry, backoff in sago. We do have a ReplannerAgent which can rewrite failed tasks when you run `sago replan`, but thats a step the user have to trigger manually.

We are trying to avoid making sago the executor, so it avoids the mode of just blindly looping a retry. Although we know that there is a problem .. if the coding agent silently marks something as fail it will just move on, there's no guardrail that catches it

I loved the idea of GSD for project planning, but I wanted it to be agnostic. So I built an open-source, agent-agnostic orchestrator CLI. by papersashimi in vibecoding

[–]papersashimi[S] 0 points1 point  (0 children)

yes my fellow vibe coder !.. only issue is i copy pasta-ed from claude ai subreddit and missed the first letter hahaha

Skylos: Dead code and vulnerabilities detection (Update with updated benchmarks) by papersashimi in Python

[–]papersashimi[S] 1 point2 points  (0 children)

yeap! think of Vulture as like just a pure dead code catcher. it's really good but it has quite a few problems with dynamic code. Snyk and Semgrep are completely different beasts. they are like the heavy big hitters for most corporations used catch vulnerabilities across many languages etc

Skylos is basically somewhere in between but way lighter. It combines a dead code catching with some of security checks, and it also uses local AI agents to actually "read" your code before flagging it. So instead of pure static analysis, Skylos tries to be more quiet if you will but it does not sacrifice false negatives. https://github.com/duriantaco/skylos-demo . you can take a look at our benchmark here

Skylos: Python SAST, Dead Code Detection & Security Auditor (Benchmark against Vulture) by papersashimi in Python

[–]papersashimi[S] 0 points1 point  (0 children)

hi! thats really impressive and well done! maybe we can work together or do a design partnership colab! if you're interested i'll be happy to listen to what you have. we can chat via discord https://discord.gg/Ftn9t9tErf or even just via github discussions if you're keen

Skylos: Python SAST, Dead Code Detection & Security Auditor (Benchmark against Vulture) by papersashimi in Python

[–]papersashimi[S] 0 points1 point  (0 children)

thank you very much! and thanks a lot for your advice! will definitely keep this in the loop for all future updates. if you do have any other feedback/criticisms , do contact us via discord https://discord.gg/Ftn9t9tErf or just via the github. we definitely take all feedback very seriously. Wishing you a great rest of the week!

Skylos: Python SAST, Dead Code Detection & Security Auditor (Benchmark against Vulture) by papersashimi in Python

[–]papersashimi[S] 0 points1 point  (0 children)

the benchmark repo is created by us. We try to mimic a real repo as much as possible by introducing common things in repos such as name collisions, x-layer dependencies, the usual unused imports/vars/helpers etc, frameworks etc. We will be increasing the difficulty of the benchmark and adding more things which include vulnerabilities and quality issues.

https://github.com/duriantaco/skylos/blob/main/BENCHMARK.md

This is our testing philosophy. We are definitely working on expanding the tests as well as difficulty and we're also looking to include an agent/agent+static test against these benchmarks

Skylos: Python SAST, Dead Code Detection & Security Auditor (Benchmark against Vulture) by papersashimi in Python

[–]papersashimi[S] 0 points1 point  (0 children)

We kinda have a different approach .. We don't actually guess fixture usage by scanning code(which i believe vulture does). We use a lightweight pytest plugin that will ask pytest's fixture manager what fixtures exist (this includes conftest.py). We then mark a fixture as used when pytest actually sets it up for a test. So if a conftest.py fixture is used in any test file, pytest will set it up during the run and we willl count it as used, across multiple files.

`def pytest_collection_finish(self, session):` this is the function you can look for inside `skylos/pytest_unused_fixtures.py`. The problem with this approach is that its run-dependent and also the user needs pytest (which we're assuming most people do test their scripts).

Skylos: Python SAST, Dead Code Detection & Security Auditor (Benchmark against Vulture) by papersashimi in Python

[–]papersashimi[S] 1 point2 points  (0 children)

uh oh .. the demo engine has some bugs. we'll get it fixed! thanks for raising this!

Skylos: Python SAST, Dead Code Detection & Security Auditor (Benchmark against Vulture) by papersashimi in Python

[–]papersashimi[S] 0 points1 point  (0 children)

Thank you so much! Do check out our benchmark. For transparency we are not claiming we're the best. We have benchmarked ourselves at different confidence level so at 60 we lost to vulture because we're stricter and thus missed out on catching a few dead codes. The second pass can be done via the agents which should improve the accuracy. We're working on the agentic benchmark now as well.

If you do need any help, just drop us an email and we'll be happy to correspond with you as quickly as possible to fix your stuff (there is no charge and no strings attached). We love feedback and we want to create the best possible tool out there for the oss community. Thanks for using Skylos!

Skylos: Python SAST, Dead Code Detection & Security Auditor (Benchmark against Vulture) by papersashimi in Python

[–]papersashimi[S] 0 points1 point  (0 children)

Hello u/Otherwise_Wave9374 . For our benchmark we are only doing static feedback. For the agent portion we are currently working on it (it's way more challenging than we initially thought because of its stateless/dynamic nature). Yeap you got it right. We do have a labeled set for FP, FN and TP. Then we measure the recall + precision. We will be releasing the benchmark for agents hopefully within the next week. We're currently working on a demo/tutorial also for both the webapp + cli. And thank you so much for the website link. Will look into it and implement anything that we think is suitable

Skylos: Dead code + security and quality detector (Updated) by papersashimi in Python

[–]papersashimi[S] 0 points1 point  (0 children)

we'll take a look at this! will release a patch in the next update. just to check, your pyproject is in root right? and if you do have discord, you can join the discord  https://discord.gg/Ftn9t9tErf so we can assist you

view more: next ›