There is a 8 months old open ticket, with an official answer, here: https://gitlab.opencode.de/bmi/eudi-wallet/wallet-developmen...

It would be much more interesting/efficient if the LLM had tokens for machine instructions so extracting instructions would be done at tokenizing phase, not by calling objdump.

But I guess I'm not the first one to have that idea. Any references to research papers would be welcome.

As an experiment, I just now took a random section of a few hundreds bytes (as a hexdump) from the /bin/ls executable and pasted them into ChatGPT.

I don't know if it's correct, but it speculated that it's part of a command line processor: https://chatgpt.com/share/69d19e4f-ff2c-83e8-bc55-3f7f5207c3...

Now imagine how much more it could have derived if I had given it the full executable, with all the strings, pointers to those strings and whatnot.

I've done some minor reverse engineering of old test equipment binaries in the past and LLMs are incredible at figuring out what the code is doing, way better than the regular way of Ghidra to decompile code.

I have no doubt that LLMs can be as good at analyzing binaries than at analyzing source code.

An avalanche of 0-day in proprietary code is coming.

That's not how that works in the Go ecosystem: you don't get that dependency upgrade unless you explicitly upgrade the dependencies of your project. The Go toolchain uses the "Minimum Version Selection" algorithm.

https://research.swtch.com/vgo-mvs

It does: https://github.com/dolmen-go/codegen/blob/master/.github/wor...

Is this the Stephen Dolan creator of jq?

https://jqlang.org/

Yes, its exactly that Stephen Dolan.

Stop trusting any dependency now.

It looks like a search for the command line tool available to send content to the clipboard.

Can't tell if that obfuscated code works though.

Esc :q!