Hacker News new | past | comments | ask | show | jobs | submit | chgo1's comments login

Is there any way to fix the command injection solely in the Makefile?


If Bash is used as the SHELL for make[0], then it might be possible with the ${parameter@Q} parameter expansion[1]?

I would still rather resort to python's shlex.quote[2] on the python side of things tbh.

[0]: https://stackoverflow.com/questions/589276/how-can-i-use-bas...

[1]: https://www.gnu.org/savannah-checkouts/gnu/bash/manual/bash.... (at the end of the chapter)

[2]: https://docs.python.org/3/library/shlex.html#shlex.quote


Dataset: http://openaipublic.blob.core.windows.net/simple-evals/simpl...


First few questions for those who don't care to download. Most just seem to be about niche facts:

    Who received the IEEE Frank Rosenblatt Award in 2010?
    Who was awarded the Oceanography Society's Jerlov Award in 2018?
    What's the name of the women's liberal arts college in Cambridge, Massachusetts?
    In whose honor was the Leipzig 1877 tournament organized?
    According to Karl Küchler, what did Empress Elizabeth of Austria's favorite sculpture depict, which was made for her villa Achilleion at Corfu?
    How much money, in euros, was the surgeon held responsible for Stella Obasanjo's death ordered to pay her son?


Also importantly, they do have a 'not attempted' or 'do not know' type of response, though how it is used is not really well discussed in the article.

As it has been for decades now, the 'Nan' type of answer in NLP is important, adds great capability, and is often glossed over.


a little glossed over, but they do point out that most important improvement o1 has over gpt-4o is not it's "correct" score improving from 38% to 42% but actually it's "not attempted" going from 1% to 9%. The improvement is even more stark for o1-mini vs gpt-4o-mini: 1% to 28%.

They don't really describe what "success" would look like but it seems to me like the primary goal is to minimize "incorrect", rather than to maximize "correct". the mini models would get there by maximizing "not attempted" with the larger models having much higher "correct". Then both model sizes could hopefully reach 90%+ "correct" when given access to external lookup tools.


> What's the name of the women's liberal arts college in Cambridge, Massachusetts?

Wait, what is the correct answer? “Radcliffe College”?


Yes


Not surprising that this would be on a list of questions at least one model got wrong, since I think the real answer is "there isn't one anymore, but from 1879 to 1999 the answer would have been Radcliffe College".


Yes, that would be my preferred answer!


A question regarding the second generation in the example: Why is the symbol "um" (0) only counted once?


Thank you for the close reading! That’s definitely a mistake on my part, I’ll fix it shortly.


Unfortunately, the proposal was declined in 2022.

List of all proposals: https://www.unicode.org/emoji/emoji-proposals-status.html


(2019)


@dang: .org.ru should probably be treated as TLD


Nice writeup! A small improvement: There is `#[serde(rename_all = "camelCase")]` to avoid typing all properties twice.


Along the same lines, wasm-bindgen can generate the TypeScript types: https://rustwasm.github.io/wasm-bindgen/reference/attributes...


I was wondering about that too. The direction of a high quality shading is not uniform: https://i.imgur.com/Y8hIWAD.png (taken from Fig. 3 in the paper)


The article was updated to: "Germany: 1 dead, 9 injured after test car veers into traffic"


based on this decision: https://www.admin.ch/gov/de/start/dokumentation/medienmittei... (German)


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: