This article makes ME feel like I'm going insane. Have you even read the React docs?

The article you linked about "patterns" in React is explicitly referencing patterns that are 7+ years out of date. Hooks were built to REPLACE those patterns, and they did a phenomenal job.

90% of this article is immediately invalidated by introducing a simple, 20loc "useQuery" hook (or, god forbid, looking at ANY of the libraries that provide similar. Shoutout React Query)

I really wish we could get more valid critique of React from people who actually understand the framework, instead of this drivel from devs who spend more time complaining in blog posts than reading the docs.

When I saw the setState in useEffect, I immediately knew why the person hates react. That's a horrible antipattern used by people who refuse to read the few articles about useEffect and when to use it.

HOC with render prop in 2025 https://github.com/TanStack/form/pull/1469 Render props in 2025 https://react-spectrum.adobe.com/react-aria/Dialog.html#aler... and there's more examples, just couldn't find more without looking just saying, in general I agree, but they still have their place

I agree about that specific patterns post being a bad example... but if you google for "react patterns" you won't be starved for examples of more terrible drivel. That's just what's out there, people repeat it ad nauseam. So _good luck_ to anyone who really does want to learn the right thing. From that standpoint, that article is as good or bad as most others out there (old man shakes fist at dev.to).

Even the venerable libraries like useQuery introduce as many surprises as they do benefits. The complexity cost of understanding what is going on under those 20 LOC is quite high – you need to understand "stable values" (which is only relevant to React components), re-renders and how they're triggered, maybe need to understand how graphql fragments are collated into one query document... maybe need to know when useRef is the right way to memoize over useMemo.

I agree with the author, that it feels insane. I would even add to the insanity the lack of quality when searching for help, and the weird rabbit holes that GPT can send you down if you don't already know what "good" looks like.

Hey y'all, I made the most prominent fork of this extension "Material Theme (But I Won't Sue You)"

The maintainer went off the deep end last year. He pulled the (originally apache 2) source offline, then started threatening to sue people for hosting alternative versions, including them in other IDEs, etc. Genuine lunatic.

Out of an abundance of precaution, I've taken the following action on my fork:

1. I have the VS Code team auditing it as we speak, and I've given them full permission to immediately pull it from the marketplace & force uninstall it from users if they find ANYTHING malicious.

2. I have audited the code base thoroughly (nothing seemed malicious)

3. I have removed ALL code related to changelogs, analytics, Open Collective and html rendering.

The only thing that seemed slightly concerning was the html + sanity loader for changelogs, so I gutted it entirely. Two PRs removed almost all the deps and over 7,000loc (mostly package-lock)

Repo is here if anyone else would like to audit https://github.com/t3dotgg/vsc-material-but-i-wont-sue-you

To me it seems ridiculous, that a theme could even accumulate such things as analytics and even lots of dependencies. A theme is usually something self-contained. And even more ridiculous, that anyone can, as you write, "force uninstall" anything from my machine. So glad I am not a VS Code user. It seems all the typical corporate BS is happening with its marketplace and plugins.

Try Qt themes, they're binaries compiled from C++ code :)

If one can "force uninstall" for safety, then it implies that automatic upgrading an extension with the user's consent is unsafe at the first place.

It is, but that's the reality of today - auto-updates, "evergreen" releases. This was popularised by Chrome, and IMO fixed a LOT of headaches and allowed for much faster and more agile release cycles - the reality before was that a company like Microsoft would have to provide support for older versions of their software for X years and deal with the fallout of security issues with remaining older versions. (Web) developers had to be careful about adopting newer features because X% of their user base would still be on older versions of the runtime, leading to the invention of transpilers and the start of what is still a very complicated system in web front-end world.

It doesn't fix any headaches it just outsources them to the users who get surprise breakages of their workflow in the middle of an important project.

* without the user's consent

Isn't the problem that VS Code has no permission model (restricting of them), so all extensions can do anything?

While it is, the same issue exists in Sublime, Vim, Emacs, Gedit, pico/nano[1], IntelliJ, Android Studio, Eclipse, and every editor.

[1] https://threatpost.com/researchers-show-how-popular-text-edi...

I think Xcode may be the exception but Xcode plugins also can’t do much.

I think Emacs and Vim will be lower probability targets than VS Code, though.

yeah. I hope you leave malicious code running on your computers to prove your point.

how is there not a single screenshot of what it looks like either in the repo or on the marketplace page? Or did I just miss them?

it's ugly, don't worry.

however, I found this from the malware creator's website itself: https://framerusercontent.com/images/G17CYe9tTL2GP1Rw4mUI8YC...

thank you!

hi, maintainer of the fork here

just did a pass and removed everything that was not necessary - it's even less code now lmao

    -------------------------------------------------------------------------------
    Language                     files          blank        comment           code
    -------------------------------------------------------------------------------
    TypeScript                      23             50            169           1307
    Markdown                         6            129              0            224
    YAML                             2              8              6             52
    INI                              1              1              0              7
    -------------------------------------------------------------------------------

    SUM:                            32            188            175           1590
    -------------------------------------------------------------------------------

Hi, owner of the fork here.

I did a thorough combing of the code base when I forked. Just did another audit and still not seeing anything suspicious. Gutting all of the opencollective and changelog code to be 1000% sure.

Hi. Please do not replace the original author's copyright notice in the LICENSE file. That is a violation of the Apache License.

You could instead "append" your name to the copyright notice though, which is legal.

https://github.com/t3dotgg/vsc-material-but-i-wont-sue-you/c...

The only potential risk was the use of sanity to render a changelog. I didn't want to risk it, so I gutted that and a ton of other stuff. Just published a new, stripped down version.

https://github.com/t3dotgg/vsc-material-but-i-wont-sue-you/p...

Ok, but did you remove something that explicitly appeared malicious? This is a key detail that I am not seeing in your comments or commit messages.

That's covered by

> I did a thorough combing of the code base when I forked. Just did another audit and still not seeing anything suspicious.

Oh hey, that's me! Not surprised this guy went kind of insane tbh

We do - we're using a really powerful hosted cluster at Azure (they have an exclusive licensing deal with OpenAI).

Excluding the client performance wins, we're up to 2x faster than ChatGPT.com using the same model https://x.com/ryandavogel/status/1878647963507163431

This is a weird thing to post on HN

I've been using Affinity's suite exclusively for about 4 years now and I haven't looked back once. Briefly tried Photoshop again for the generative AI stuff and it was slow, unreliable and crashed multiple times.

HIGHLY recommend giving Affinity a shot, I've edited thousands of images with Photo and I can't imagine using anything else now.

I agree they are great software, and I own an old Affinity Design license, but unfortunately not long after I decided to ditch Photoshop, I also decided I needed to ditch windows.

At the time there was no Linux support which made me sad. I have no idea if that has changed.

I am in same place. I keep Mac laptop for graphics because of this.

I know the win version now works pretty well on linux with wine. But the process to set this up is not yet automated (like 20min) and is being worked on. So i was too lazy to properly try it.

> I know the win version now works pretty well on linux with wine. But the process to set this up is not yet automated (like 20min) and is being worked on

Where did you get the information about it being worked on?

Neither does Adobe

Can’t emulate it?

> I've been using Affinity's suite exclusively for about 4 years now and I haven't looked back once.

Unluckily, Affinity Designer still has no tool for tracing images (a functionality that would be really helpful for the tasks that I use Affinity Designer for). :-(

UPDATE: Also halftone effects for fillings require quite some hacks in Affinity Designer.

It also has no curvature tool, which is a huge deal breaker for many vector artists. I have been making a stink about this online across many platforms for years but the team has shown no intention to adopt it.

A free option for tracing is:

https://www.visioncortex.org/vtracer/

I just use Inkscape for tracing and then export to SVG. I can't use Inkscape for anything else but it does provide that function.

Lack of scripting automation and a blend tool are my only real disappointments with the product. These aren't enough to make me switch back to Adobe mind you, but they're relatively glaring omissions I think.

Seconded, there are many ways in which Designer and Publisher are actually superior as well (beyond actually feeling respected as a customer).

Agreed people talk about features Affinity dont have but there are also many things that Adobe doesnt have or does so much worse.

Hige part of Adobe dominance (with pros especially) is the inertia to switch because of the workflows baked into muscle memory. Often the wierd quirks and inconsistencies became the standard. And adobe has many because all three softwares were developed by different companies.

I did not know about Affinity. I just signed up and was downloading files in less than a minute. In two minutes I was sitting in front of Photo 2, ready to work.

I just wish the Affinity apps weren’t so slow. Ever action lags and waits for the app to catch up, not to mention how long it takes for the app to start up.

Does Affinity suite include generative AI at all?

Not that I'm aware of. I hope that their new relationship with Canva gives them the resources to add AI for some features. that might be a 3.0 version.

It has content-aware fill, which IIRC is an early form of gen-AI.

I confirm, best soft ever!

If a mechanic didn’t know how to use a hammer, I’d fault the mechanic for sure.