Tag: GitHub Actions

Source URL: https://simonwillison.net/2025/Feb/15/llm-mlx/#atom-everything Source: Simon Willison’s Weblog Title: Run LLMs on macOS using llm-mlx and Apple’s MLX framework Feedly Summary: llm-mlx is a brand new plugin for my LLM Python Library and CLI utility which builds on top of Apple’s excellent MLX array framework library and mlx-lm package. If you’re a terminal user or Python…

Hacker News: Using pip to install a Large Language Model that’s under 100MB

Feb 7, 2025

—

by

Source URL: https://simonwillison.net/2025/Feb/7/pip-install-llm-smollm2/ Source: Hacker News Title: Using pip to install a Large Language Model that’s under 100MB Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the release of a new Python package, llm-smollm2, which allows users to install a quantized Large Language Model (LLM) under 100MB through pip. It provides…

Simon Willison’s Weblog: Using pip to install a Large Language Model that’s under 100MB

Feb 7, 2025

—

by

Source URL: https://simonwillison.net/2025/Feb/7/pip-install-llm-smollm2/ Source: Simon Willison’s Weblog Title: Using pip to install a Large Language Model that’s under 100MB Feedly Summary: I just released llm-smollm2, a new plugin for LLM that bundles a quantized copy of the SmolLM2-135M-Instruct LLM inside of the Python package. This means you can now pip install a full LLM! If…

Bulletins: Vulnerability Summary for the Week of December 2, 2024

Jan 27, 2025

—

by

Source URL: https://www.cisa.gov/news-events/bulletins/sb24-344 Source: Bulletins Title: Vulnerability Summary for the Week of December 2, 2024 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description8 Published CVSS Score Source Info SailPoint Technologies–IdentityIQ IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2…

Simon Willison’s Weblog: December in LLMs has been a lot

Dec 20, 2024

—

by

Source URL: https://simonwillison.net/2024/Dec/20/december-in-llms-has-been-a-lot/#atom-everything Source: Simon Willison’s Weblog Title: December in LLMs has been a lot Feedly Summary: I had big plans for December: for one thing, I was hoping to get to an actual RC of Datasette 1.0, in preparation for a full release in January. Instead, I’ve found myself distracted by a constant barrage…

Hacker News: Analysis of supply-chain attack on Ultralytics

Dec 14, 2024

—

by

Source URL: https://blog.pypi.org/posts/2024-12-11-ultralytics-attack-analysis/ Source: Hacker News Title: Analysis of supply-chain attack on Ultralytics Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The provided text discusses a recent supply-chain attack on the Ultralytics Python project, emphasizing significant vulnerabilities in software publishing and security. It highlights lessons learned for securing workflows, managing API tokens, and improving…

Schneier on Security: Ultralytics Supply-Chain Attack

Dec 13, 2024

—

by

Source URL: https://www.schneier.com/blog/archives/2024/12/ultralytics-supply-chain-attack.html Source: Schneier on Security Title: Ultralytics Supply-Chain Attack Feedly Summary: Last week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary: On December 4, a malicious version 8.3.41 of the popular AI library ultralytics —which has almost 60 million downloads—was published to the Python Package Index…

Hacker News: Run Database in GitHub Actions, Persisting Data to S3, and Access It Publicly

Dec 12, 2024

—

by

Source URL: https://wesql.io/blog/use-github-actions-as-database Source: Hacker News Title: Run Database in GitHub Actions, Persisting Data to S3, and Access It Publicly Feedly Summary: Comments AI Summary and Description: Yes Summary: The text presents an innovative approach to managing databases for short-term needs using GitHub Actions and S3-compatible storage, allowing users to avoid ongoing costs associated with…

Hacker News: Zizmor would have caught the Ultralytics workflow vulnerability

Dec 8, 2024

—

by