I like the technical design of WASM, but I feel that better OS sandboxes for regular native code will be the common approach to running untrusted code.
As soon as you compile to WASM you no longer have the C FFI and the ability to call the OS systems interfaces for files, network and others.
It is extra work to move something to WASM vs just compiling it and running it in a sandbox.
You specify your foods in grams with plaintext (no pictures).
I never liked the "take a picture to measure calories" approach, as you could have 10 table spoons of olive oil which would drastically change the calories but would not show in a picture.
This is really cool. I vibe coded almost exactly the same app, mine also tracks saturated fat, cholesterol, sodium, and fiber (I'm getting older so these macros are pretty important to me). One of the really cool things you can do if you have tool calling hooked up is to have the LLM analyze your diet and tell you what you can do better to hit your targets - swap pizza for pasta, decrease the amount of cheese you put on your sandwich, if you're gonna have fast food don't get the fries and eat low fat/low sodium the rest of the day, etc. What model are you using? I have found Qwen Flash to be really good for my app - smart enough, tool calling works really well, and very cheap.
There is a lot to learn in nutrition. The glycemic load metric is quite revealing for pizza vs pasta (slow digesting carbs are supposed to be better). Al-dente cooked pasta is also slower digesting than well cooked pasta.
Another interesting thing is how each plant food has unique molecules that can be health promoting in humans. That was one aspect I wanted to reveal/compare for the foods I ate.
Dr Weil / Perfect Health Diet / Marks Daily Apple are three sources I like to check for information on nutrition.
PKCE protects the auth token from interception by making it so that only your code that started the flow can redeem it by proving they have the secret code_verifier on the redeem_token() call.
The code_challenge == sha256(code_verifier). You will share the code_challenge at the start of the flow.
Yes, that is true, I was assuming that any LLM code was going to be checked by the developer. Step 7 in the guide is "review your code and ensure the important logic commented in the example server is still present".
The LLM is only for converting the JS based example code into your language X and HTTP framework Y (instead of giving example code for every combination of X and Y).
The standard implementation is in a single file `http_server.ts`, which is around 200 lines of well commented code, with important logic commented (around 5 lines). The example code can be run locally with a few commands.
The repo also contains a sequence diagram [1], a description of the HTTP handlers needed [2], and a live demo [3] where you can see the request/responses.
Thanks for your feedback I have made this clearer in the readme.
As soon as you compile to WASM you no longer have the C FFI and the ability to call the OS systems interfaces for files, network and others.
It is extra work to move something to WASM vs just compiling it and running it in a sandbox.
reply