{"@attributes":{"version":"2.0"},"channel":{"title":"tane.dev","link":"https:\/\/tane.dev\/","description":"Recent content on tane.dev","generator":"Hugo -- gohugo.io","language":"en-gb","copyright":"This work is copyright Tane Piper","lastBuildDate":"Thu, 05 Feb 2026 12:00:00 +0100","item":[{"title":"The Man With No Brains","link":"https:\/\/tane.dev\/2026\/02\/the-man-with-no-brains\/","guid":"https:\/\/tane.dev\/2026\/02\/the-man-with-no-brains\/","comments":"https:\/\/tane.dev\/2026\/02\/the-man-with-no-brains\/#commento","pubDate":"Thu, 05 Feb 2026 12:00:00 +0100","description":"

I actually enjoy setting up a new coding project from scratch - those first couple of hours where you go from nothing to something<\/em>, even if it’s just poorly laid out HTML and CSS, or a bunch of console.log<\/code> statements.<\/p>\n

Recently though, I’ve found myself unable to approach any new task without AI’s help.<\/p>\n

Like an addiction, it became a trap. I couldn’t break free from the cycle of constant stimulation and instant gratification these tools provided. Instead of being a useful helper, AI became the process itself<\/strong> - I stopped starting with code and using AI to work through ideas, and instead started with AI and used it to generate the implementation.<\/p>","category":["AI","Productivity"]},{"title":"Oh no, not again... a meditation on NPM supply chain attacks","link":"https:\/\/tane.dev\/2025\/09\/oh-no-not-again...-a-meditation-on-npm-supply-chain-attacks\/","guid":"https:\/\/tane.dev\/2025\/09\/oh-no-not-again...-a-meditation-on-npm-supply-chain-attacks\/","comments":"https:\/\/tane.dev\/2025\/09\/oh-no-not-again...-a-meditation-on-npm-supply-chain-attacks\/#commento","pubDate":"Tue, 09 Sep 2025 12:00:00 +0100","description":"

I’ve been sitting on this article for a while now \u2013 well over a year I’ve put off publishing it \u2013 but as we’ve seen this week, the time has come to lift the veil and say the quiet part out loud:<\/p>\n

\n

It’s 2025; Microsoft should be considered a “bad actor” and a threat to all companies who develop software.<\/strong><\/p><\/blockquote>\n

Of course, if you’re old enough to remember \u2013 this is not the first time either…<\/p>","category":["NodeJS","JavaScript","Exploits","Security","Enterprise"]},{"title":"Slack wants you you know this privacy exploit is fine","link":"https:\/\/tane.dev\/2023\/09\/slack-wants-you-you-know-this-privacy-exploit-is-fine\/","guid":"https:\/\/tane.dev\/2023\/09\/slack-wants-you-you-know-this-privacy-exploit-is-fine\/","comments":"https:\/\/tane.dev\/2023\/09\/slack-wants-you-you-know-this-privacy-exploit-is-fine\/#commento","pubDate":"Mon, 25 Sep 2023 19:50:00 +0100","description":"

Last week, after a call with the engineers on my team I wanted to send a message to two of the engineers at the same time - little did I know I’d find what I believe to be a nasty privacy exploit in Slack<\/a>\n- one that made me ask “Why is this even<\/em> a feature?”<\/p>\n

Like any good responsible software engineer, instead of taking to social media or forums to post about the exploit - I opted to report it to HackerOne<\/a>\n- where Slack accepts reports of potential security exploits. After giving a detailed list of instructions on how to achive it (Report #2171907).<\/p>","category":["Slack","Privacy","Exploits","Security"]},{"title":"I Think I Found a Privacy Exploit in ChatGPT","link":"https:\/\/tane.dev\/2023\/04\/i-think-i-found-a-privacy-exploit-in-chatgpt\/","guid":"https:\/\/tane.dev\/2023\/04\/i-think-i-found-a-privacy-exploit-in-chatgpt\/","comments":"https:\/\/tane.dev\/2023\/04\/i-think-i-found-a-privacy-exploit-in-chatgpt\/#commento","pubDate":"Fri, 14 Apr 2023 00:50:00 +0100","description":"

> tl;dr: I discovered that passing empty prompts to ChatGPT still<\/code> generates responses<\/a>\nInitially, I thought these might be hallucinations, but now I suspect they could also include other users' responses from the API<\/code><\/p>\n

Last month, OpenAI unveiled their advanced large language model, ChatGPT-4<\/a>\n, attracting attention from developers, enterprises, media, and governments<\/a>\nalike.<\/p>\n

Before receiving my GPT-4 invite, I experimented with alpaca.cpp<\/a>\n, designed to run models on CPU’s with limited memory constraints. I began by developing a simple web interface using NodeJS and sockets for parsing the command line. Once I started working with the GPT-4 API, I quickly realized that with the right prompts, it could be a powerful tool. It has already helped me rewrite complex code into simpler methods and reduce complexity by moving code to functions:<\/p>","category":["OpenAI","ChatGPT","LLM","AI"]},{"title":"Announcing Formula - A Zero-Config Reactive Forms Library for Svelte","link":"https:\/\/tane.dev\/2021\/02\/announcing-formula-a-zero-config-reactive-forms-library-for-svelte\/","guid":"https:\/\/tane.dev\/2021\/02\/announcing-formula-a-zero-config-reactive-forms-library-for-svelte\/","comments":"https:\/\/tane.dev\/2021\/02\/announcing-formula-a-zero-config-reactive-forms-library-for-svelte\/#commento","pubDate":"Sat, 13 Feb 2021 12:00:00 +0100","description":"