news.ycombinator.com
The open source DOCX editor submitted to HN a few weeks ago has been deleted
The github repo under eigenpal is gone. The web site at docx-editor is 503. No idea what's going on.
The github repo under eigenpal is gone. The web site at docx-editor is 503. No idea what's going on.
评论
20 条顶层评论请先登录 h4cker 账号,然后连接 Hacker News 后发表评论。
The original source (matching the latest published NPM version) is still at https://github.com/mhurhangee/patrick/tree/main/packages and Apache-2.0, so I imagine that someone who'd like a copy can pick it up from there.
@mhurhangee also appears to have a mirror of the missing github repo here: https://github.com/mhurhangee/docx-editor
This link should be enough to work out the relevant links. [1] I would guess that they have lost access to a resource lately ... I've read there's a lot of that going around atm. [1] https://news.ycombinator.com/threads?id=thisisjedr
I clicked through and browsed the comments and clicked links. It does appear the links are not working as described. Is there something you’re throwing and I’m not catching? :)
The relevant non functional links should be listed in the comments. The OP was complaining they were not able to include links directly. I'm not sure about [1] [2] [3] in the main post but the show hn [A] or [B] thread should afaik have not been an issue. [A] https://news.ycombinator.com/item?id=46947229 [B] https://news.ycombinator.com/item?id=48228411 [1] https://docx-editor.dev/ [2] https://github.com/eigenpal/docx-js-editor [3] https://github.com/eigenpal/docx-editor Edit for additional show hn thread
Ah, good call, I should have included the threads, thanks! I tried several variants of the GitHub URL and the main web site and got errors until I cut it back to what I posted and rushed out of work to have dinner with my wife.
i'd wager a guess that they gave up on their "experiment" the top comment on the show hn would seem quite apt if so https://news.ycombinator.com/item?id=46971202
I am a sad, dumb little AI driver with no real skills.
Also not affiliated but my open-source tinycld uses docx as the backend storage for its text package. Supports _most_ of the features (including comments and suggestions) but is still very young. It has a golang backend that reads/writes docx and translates to YJS that the editor reads for multi-user access. Has web/iOS/Android support. I found docx to be a very well documented format and a surprisingly good fit for this. https://tinycld.org has a live demo
I went looking around, but I couldn't find why you're making tinycld, and whether I could expect it to keep going as a project in the future. I expect I could find whether you're using hardened server implementations or reimplementing, but if it's the former, you should advertise that, or if the latter, you shouldn't.
It's pretty simple: I have a small company and we're using it internally. my hope by releasing it is that the ecosystem will grow and it'll become the best way to publish web apps (ambitious I know). I do not know what you expect by "hardened server implementations", it's open-source and people will probably host it a lot of different ways? If you're talking about the various services it offers like imap/webdav, I'm using well established golang libraries which I hope are secure but I have not performed a security audit or anything like that.
Thanks, I think you should put that up if it isn't, or at least link from About page if it is. "If you're talking about the various services it offers like imap/webdav, I'm using well established golang libraries" That's exactly what I'd hope to see said somewhere as a naive person. Maybe security people would say "that's only 50% of the attack surface!!!" but I'm not one so it sounds good to me.
Great feedback, that makes complete sense. I've just added https://tinycld.org/story which expounds on this a bit more and also links to the credits page that lists all the (many) libraries it uses.
Not affiliated but I been using https://github.com/superdoc-dev/superdoc and it is very good and compatible with many docx features.
I can't include the links because HN filters dead links.
[deleted]
[deleted]
what was that item from just a day or so ago where an opensource project had said they developed using AI, and a developer said "take it down, you copied it from us" I thought of it because this project said they used AI ( https://news.ycombinator.com/item?id=48085993 )
Oh man, that’s disappointing. We implemented this in a test environment and have been hammering on it. Would love to know what’s going on as it solves a real pain point for us.
There's plenty of open-source docx editors though? What makes eigenpal's editor so special?
Could you recommend your picks in the space? Edit (since I can’t seem to reply directly) - to the commenter suggesting LibreOffice below: quite different things. This was a library for implementing reasonably high fidelity docx viewing / editing in the browser.
What is wrong with LibreOffice?
The classic UI text is too damned small. You cannot easily increase it last time I checked.
[deleted]
I’m in exactly the same boat. I’ll have to look at some of the suggestions here
[deleted]
[deleted]
[deleted]
[deleted]
[deleted]
[deleted]
[deleted]
[deleted]
Github can just instantly take down all forks with a single click of a button.
This is why you clone a copy to a machine you have full control of!
Good to know. Downloaded.
[deleted]
[deleted]
i love when insecure dickheads pull out the talentless hack card, while they also whinge about skill atrophy and brain fry. the doublethink is on the nose and delicious.
mitchellh is an insecure dickhead now?
didn't know he was the source of this until after i posted, but i'm not surprised. he's certainly been on quite the bender lately indeed. but the way this usually works, i'd wager a guess he always has been.
[deleted]
Nothing weird about it. The HN guidelines[1] make it clear, IMO, that while some self-promotion is fine, the intent here is NOT to use the site primarily (or exclusively) for self-promotion. The account that submitted the userplane.io link had only ever submitted two links, and both were to userplane.io. What do you expect to happen? Please don't use HN primarily for promotion. It's ok to post your own stuff part of the time, but the primary use of the site should be for curiosity. > After a few more experiences like that, I've mostly stopped posting because it doesn't feel like the effort is worth it Ironically this is exactly the wrong response. You should post more, but more stuff that's simply intellectually interesting, and not just to promote your own stuff. But if your only reason for being here is self-promotion, then you're right... not worth it. shrug [1]: https://news.ycombinator.com/newsguidelines.html
> had only ever submitted two links, and both were to userplane.io That doesn't appear to be correct. The account's public submission history shows multiple submissions beyond userplane.io. Here's the submission history for reference: https://news.ycombinator.com/submitted?id=wizenheimer Edit: Looks like my original comment was flagged too, woah
You're right, I was looking at submissions for userplane.io[1] and over-fixated on it only being submitted twice. My mistake. Nonetheless, the basic principle is the same. Looking at their submission history it appears to be almost all self-promotional and correspondingly many of the submissions are [dead]. As far as I can tell, that's what happens here. (aside: I'm just commenting based on observation of the years, I'm not anybody "official" here or anything). [1]: https://news.ycombinator.com/from?site=userplane.io
> Looks like my original comment was flagged too Self-linking via sockpuppet accounts isn’t welcome here, especially when it’s as off-topic as yours, and it’s no surprise our community mass-flagged you. Email the mods for further guidance if you find this outcome objectionable; they’re more adept at offering counsel on how to participate at HN as a community contributor rather than as a self-promoter. 10 months ago, you commented on your own post; then, 18 days ago, you linked your own work in a general Show HN post. Given your account age, extremely low karma, and total absence of comments on anyone else’s posts for ten months in between two self-links, one can reasonably consider your account to be ‘solely here for the marketing clicks’ which would lead users to flag your submissions at a higher rate than average, as you’ve discovered. If you stop posting self-links for the next ten months and show steady participation in other people’s posts throughout that time — without referring to ‘my work/project/site’ in literally every single comment, as some have tried before you — then when you post a Show HN in ten months, users will likely not flag you for spamming us with ‘look at me! look at me! look at me’ posts (and if they do, you can reasonably ask the mods to inflag it, and they might do so!). But the fly-by-night forum spam your account history reveals is so passé and you’ve only made yourself less welcome here by insisting that you haven’t broken any rules, rather than adapting to the ongoing participation behaviors expected of submitters. Either genuinely invest time and energy into this community or move on.
Your account was created 5 hours ago, and you’ve already had two Show HNs flagged? That’s ‘email the site mods and ask for participation guidance’ territory. Perhaps you posted them under an account that wasn’t participating otherwise on the site and/or was named after a business rather than a person? In any case, bad form to re-promote your projects in an unrelated new post rather than reaching out to the mods. Adapt your behavior to be 95% contributions of posts and comments that are unrelated to your own projects/investments or else you’ll continue seeing hostility and flags to your work.
[deleted]
it is forseeable that MS would be very interested in taking a security stance vs a very possible vector.
I was going to guess that they accused the author of copying code from Office. Was AI used in the project? Perhaps a model regurgitated copyrighted code leading to a sternly worded notice from legal...?
Ooooh yeah. Looking through the author's past posts: "got a lot of skepticism because we're developing heavily with AI" So AI was in use. Then the author says that following the spec alone wasn't enough to get it working, they got "active community feedback" and fed that feedback into the AI until it worked just like Word. I have to think that if there were ANY conditions under which a model might output code that Microsoft legal would threaten to sue you for, these would be them
Clearly, it was the fault of the AI, and it should be thrown in jail.
I think this (if it is what happened) is a perfect demonstration of the dynamics. If you use AI to do things you couldn't have done on your own, you're copying off someone else's homework and the real risk is that you don't know who you're copying from, but they probably do.
How do you copy code from Office? Is the source code public?
I suspect the source code for at least some older versions of Office is absolutely in the training materials of some LLMs. There have been leaks before, and the early models were trained on the entire contents of the internet without regard to legality
Today's LLMs are perfectly capable of disassembling.
A vector against a standardized XML+ZIP document format?
‘’ <—— li’l Dr Evil air quotes to put around ‘standardized’ ;-) If anything it’s DOCX itself that was the vector!
IP is not the only issue. BTW this discussion is being chilled so now an exercise in abusive DV harvesting. Understanding DOCX Malware and Hidden Threats https://cloudmersive.com/article/Understanding-DOCX-Malware-... Hackers using Weaponized Office Document to Exploit Windows Search RCE https://cybersecuritynews.com/office-document-to-exploit-win...