According to the release:
Adds experimental PostgreSQL support
The code was written by Cursor and Claude
14,997 added lines of code, and 10,202 lines removed
reviewed and heavily tested over 2-3 weeks
This makes me uneasy, especially as ntfy is an internet facing service. I am now looking for alternatives.
Am I overreacting or do you all share the same concern?
And the lead dev for Huntarr said they were following best practices, and had a heavy background in cybersecurity. And we’ve all seen how that turned out.
This change 100% smells like vibe code. They refactored nearly 15k lines of code in a single push. That’s not something you just do on a whim without a team of full time devs or vibe coding. And we know they don’t have the former, so it is almost certainly the latter.
Wait… what happened to Huntarr?
Long story short? You should kill the container and change your related passwords/API keys. The dev tried censoring it for a while, but couldn’t keep up with the posts. They eventually nuked the entire sub and deleted their Reddit account. They also privated their GitHub and changed their username.