You just earned yourself a customer. I love simple apps like this. And anything which can help to reduce friction here can be translated to a DAW and added effects for a real production

Thank you so much! That workflow—starting with low friction in the browser and moving to a DAW for the final polish—is exactly what I'm aiming for.

I'm actually thinking about adding a MIDI Export feature soon, so you could sketch a quick beat here and then drag the pattern directly into Ableton or FL Studio. Would that fit your workflow?

Great idea overall. I'm sure you'll reach 100 users soon (android user here) Do you index all repos in a cadence and then let users swipe from a pool, or is it real time GitHub api calling?

Thank you. The app has two sections: curated and trending. Curated repositories are prefetched and stored in the database. Trending repositories are fetched daily via the GitHub Search API and subsequently stored. This process enriches the repository pool and allows the backend to index each repo. Whenever a user interacts with a repository (star or pass), the action is saved; this ensures the same repository is not displayed twice.

This is cool! looking forward to the android app

This is great and I have seen some apps similar to it. One of the things I believe would be a hard problem to solve is, how does a mere picture depict the exact calories? For example, a pasta or a soup can be loaded with butter versus made without it. This is usually not visible with the pictures.

Maybe one of the ways is to identify with the shine and the image differences since fat floats on top. But then how do we add a quantitative metric to it as in how many tbsp of butter were used?

Great work! Feedback: Right now it looks like there's too much going on the website. Maybe clean up to help users take action fast

> future supply chain attacks easier

to clarify if I understood correctly, because packages would be fragmented and hence more attack vector?

yep. It's hard enough to audit 200 packages, imagine there were 10000 of them!

This just reminds me of the meme of a big stone structure supported by a pebble to prevent falling, The pebble being an OSS maintainer in Nebraska.

I like the spirit of article however,

1. Tracking every mention of a dependency and assigning value fairly is extremely hard: many packages are widely reused while many are tiny utility libs.

2. Usage in a file doesn’t reflect actual runtime usage. A repo might list a package but never import it.

Overall, solutions that align incentives, and maintain ecosystem neutrality are more likely to gain traction than a platform-wide mandated surcharge.

another reminder of no matter how big we build physical infrastructure like trains/tracks, software & data is the achilles heel

it's getting way better and we've to acknowledge how far we've come in last 4 years. Interestingly, one of the key examples of this is within vs code. AI is able to predict the next world not based on the generic trained data, but in the context of the repo (while manually editing)

This is good stuff. This is very much similar to prismor's sbom visualizer since it is also .json

I do see ads on your website, is it high traffic as well?

Might wanna add a snooze feature. We use this in code security, as a break-glass scenario