I think this reply might have been downvoted for being a bit glib, but the superpowers plugin took my Claude Code experience from mostly frustrating to nearly-magical
I’m not a software engineer by training nor trade, so caveats apply, but I found that the brainstorming -> plan writing -> plan execution flow provided by the skills in this plugin helps immensely with extracting assumptions and unsaid preferences into a comprehensive plan—-very similar to the guidance elsewhere in this thread, except automated/guided along by the plugin skills
Ha, same. Windows XP for me had a horrible habit of booting into a blue screen randomly after updating video card drivers (happened with both ATI and Nvidia). Trying to do a repair install wouldn't work. The only option was a full reinstall.
Installation from the disk took an hour. Then (if you were going about this the legal way) you'd have to call the microsoft number to register your install, but be on hold for another 30 minutes. Then it was multiple hours of install your favorite video player, reboot. Install video codecs, reboot. Install firefox, reboot. Apply all of your registry tweaks, reboot. Install all your games from CD-ROM, more rebooting. And multiple hours of that.
So this is part of the "React2Shell" CVE-2025-55182 issue? I find it interesting that this seems to get so little publicity. Almost like the issue is normal or expected. And it looks like the affected versions go back a little over a year. So if you've deployed anything with Next.js over the last 12 months your web app is now probably part of a million node bot net. And everyone's advice is just "use docker" or "install a firewall".
I'm not even sure what to say, or think, or even how to feel about the frontend ecosystem at this point. I've been debating on leaving the whole "web app" ecosystem as my main employment ventures and applying to some places requiring C++. C++ seems much easier to understand than what ever the latest frontend fad is. /rant
Frontend churn has chilled out so much over the last few years. The default webapp stack today has been the same for 5 years now, next.js (9yo) react (12yo) tailwind (8yo) postgres (36yo). I'm not endorsing this stack, it just seems to be the norm now.
Compare that to what we had in the late 00's and early 10's we went through prototype -> mootools -> jquery -> backbone -> angularjs -> ember -> react, all in about 6 years. Thats a new recommended framework every year. If you want to complain about fads and churn, hop on over to AI development, they have plenty.
You can write web apps without touching the hottest JS framework of the week. I've never touched these frameworks that try to blur the line between frontend and backend.
Pick a solid technology (.NET, Java, Go, etc...) for the backend and use whatever you want for your frontend. Voila, less CVEs and less churn!
I'm hearing about it like crazy because I deployed around 100 Next frontends in that time period. I didn't use server components though so I'm not affected.
> If your app’s React code does not use a server, your app is not affected by this vulnerability. If your app does not use a framework, bundler, or bundler plugin that supports React Server Components, your app is not affected by this vulnerability.
I would read the manual too on the ride home. But I think that was only for new games? I seem to remember that rentals didn't come with manuals. The best memory was my grandma picking me up to spend the summer at her house. We stopped by wal-mart and I grabbed the first release of Gran Turismo for psx. It came with a fairly giant manual. Had a three hour drive to her house. I read it over and over!
reply