The surface area for supply chain attack with Helix is vanishingly small compared to nvim + n extensions. You’re dealing with a single vendor, versus one per extension. Helix also runs a very slow, deliberate release process, so while it’s certainly possible that a supply chain vulnerability could be shipped, the process in place appears to work well to mitigate it.
LaunchNotes | Principal engineer, Full Stack Engineer, Product Designer | Full Time | Remote North/Central America
LaunchNotes is a platform for communicating product change within your company and out to your customers. We believe organizational transparency isn’t a nice to have, it’s a must have. We believe that everybody across your team deserves to understand your product and development process and have visibility into it to be able to get their work done. At the heart of LaunchNotes, our mission is to demystify your development process, so that your entire business can work freely.
If you’re passionate about productivity, communication and improving the relationship between technical and non-technical teams, get in touch. Email tyler [at] LaunchNotes [dot] io
Two and a half years ago I started working on the idea. It took me about a year to get the initial offering done and launched. The first calendar year in business was technically profitable. We ended up reinvesting the profits into new computers as well as paying all of the operational expenses upfront for the following year.
This year, it's tracking at roughly 5x of last year's revenue and we've also improved our margins by about 2x.
All said and done, we both put about an hour a day into it, five days a week, and one full weekend day a month.
