8.
HN
Show HN: AgentOS- a memory system for AI agents that learns what it doesn't know
AgentOS introduces an advanced memory system tailored for AI agents, addressing the inefficiency of traditional memory usage by retaining excessive data. Unlike conventional systems that store all information indiscriminately, AgentOS mimics human memory recall processes through a hierarchical four-tiered storage framework (L0 to L3), which retains only pertinent details and utilizes tokens as required. This method significantly decreases token consumption, evidenced by an 82.3% reduction in benchmark tests, thereby enhancing overall system efficiency.
A distinctive feature of AgentOS is the L4 tier, where the AI system learns from its previous knowledge gaps by preserving valuable responses over time, further refining its memory capabilities. While this innovative approach effectively reduces storage costs and improves scalability, it does face challenges with maintaining high-quality summarization for technical content in tiers L1 and L2 due to potential detail loss.
AgentOS is positioned as a promising solution for scalable memory optimization within AI systems, offering substantial improvements over traditional methods. The system is open-source, available under the MIT license on GitHub, and utilizes SQLite with WAL mode alongside TypeScript, making it accessible for further development and adaptation in various applications.
Keywords: #phi4, AI agents, GitHub, HAM, Hierarchical Adaptive Memory, SQLite, benchmarking, compression, context window, lossy compression, memory system, summarization model, technical content, technical content Keywords: AI agents, tokens
news.ycombinator.com an hour ago
https://github.com/ajstars1/agent-os 23 minutes ago
|
22.
HN
Show HN: Linggen – Open agent system in Rust, any model, file-based
Linggen is an open-source agent system developed in Rust, designed to facilitate multi-agent environments where tasks are defined and managed using Markdown files. This system enables agents to define their roles, skills, and missions, allowing for task delegation and adaptation to interruptions among agents. Compatible with various AI models like Ollama, OpenAI, and Claude, Linggen provides a mechanism for routing per agent with an automatic fallback option if needed. Skills are specified in a portable Markdown format, while missions can be scheduled autonomously using cron jobs. To enhance user interaction and management, Linggen offers multiple interfaces including a web UI, terminal UI (TUI), and integration with Visual Studio Code, utilizing server-sent events to share session states in real-time. The backend is constructed using Rust tools such as axum and tokio, while the frontend leverages React 19 embedded via rust-embed. It supports native tooling for major providers and manages workspace-specific file operations with distinct permissions per agent. Named after a term from cultivation fiction meaning "spiritual root," Linggen signifies its foundational role in AI agent systems and is currently in an early development stage, with more details available on its GitHub page or through the installation script at linggen.dev.
Keywords: #phi4, GitHub, Linggen, React 19, Rust, SSE, TUI, VS Code, Web UI, agent system, axum, cultivation fiction, installation, markdown files, model compatibility, multi-agent, ratatui, rust-embed, scheduled missions, skills, spiritual root, tokio
linggen.dev 2 hours ago
|
32.
HN
GitHub Accounts Compromised
A report from OpenSourceMalware.com highlights a significant incident involving the compromise of multiple GitHub accounts, underscoring the critical role of community threat intelligence in detecting and mitigating cybersecurity threats. This event draws attention to persistent challenges related to account security on platforms like GitHub, where users' credentials remain vulnerable to various threats such as exploitation of vulnerabilities or malicious activities. The report emphasizes the importance of proactive measures and vigilance within user communities to safeguard against such risks, highlighting ongoing concerns about maintaining robust security protocols in digital environments.
Keywords: #phi4, Accounts, Breach, Community, Compromised, Cybersecurity, GitHub, Intelligence, Malware, OpenSourceMalwarecom, Security, Threat, Vulnerability
opensourcemalware.com 3 hours ago
|
39.
HN
OpenBSD Ext4fs Update
The blog post by kmx.io provides a detailed account of the development efforts surrounding the ext4fs driver for OpenBSD, highlighting both progress and encountered challenges. Initially, significant advancements were made with updates that enabled successful reading of block descriptor groups, allowing users to mount an ext4 partition and access its contents without issues. However, these achievements were followed by system panics, leading the author to seek assistance from the community. By March 2026, notable progress was reported: read-only support reached speeds up to 200MB/s, while read/write operations achieved nearly 500KB/s on a USB3 drive formatted with Linux's ext4 file system. The development process notably eschewed consulting Linux source files; instead, it relied heavily on AI tools like ChatGPT and Claude-code for code generation, supplemented by rigorous reviews and testing to ensure quality.
In addition to the driver development, the post highlights the compatibility of OpenBSD’s e2fsprogs with Linux userland formats, providing access to essential tools such as e2fsck and mkfs.ext4. The author credits this extensive work to kmx.io over a period from 2020-2026, extending an invitation for further contact through Discord. Furthermore, the post references kc3_httpd v0.1.16 in relation to this project, underscoring its relevance within the broader scope of the development efforts discussed.
Keywords: #phi4, AI, ChatGPT, Claude-code, GitHub, OpenBSD, block descriptor groups, driver, e2fsck, e2fsprogs, ext4fs, kernel, lstat, mkfsext4, mount, panics, progress, read-only support, testing, update
www.kmx.io 3 hours ago
|
64.
HN
TokenZip – A pass-by-reference protocol for heterogeneous AI agents
The TokenZip Protocol (TZP) is an open standard aimed at enhancing communication among diverse AI agents through a pass-by-reference method. This protocol replaces large data payloads with compact 15-character pointers, intending to make AI-to-AI interactions more efficient by reducing bandwidth and latency while cutting costs. Despite these claims of potential benefits, initial metrics have shown no observable improvements in these areas. Further details and interactive demonstrations of TZP can be accessed on GitHub.
Keywords: #phi4, AI agents, GitHub, TZP, TokenZip, bandwidth reduction, communication, cost savings, heterogeneous, interactive demo, latency reduction, pointer, protocol, semantic shared memory
tokenzip.org 5 hours ago
|
67.
HN
AI bots spam GitHub repo with identical PRs
A GitHub repository is experiencing issues with AI bots that are spamming it through the submission of numerous identical pull requests. This activity has been recognized by the organization managing the repository, which has assured its users of a commitment to address these disruptions. The organization plans to take into account all user feedback and any contact information provided by those affected as part of their response strategy. By acknowledging the issue openly, they aim to manage the situation effectively while considering community input to mitigate future occurrences of similar problems.
Keywords: #phi4, AI bots, GitHub, PRs, contact, email address, feedback, identical, input, keywords, repo, spam, technical
github.com 5 hours ago
|
68.
HN
Jj-Ified Fork of Superpowers
The text outlines a customized version of Jesse Vincent's Superpowers plugin, adapted by Paul Smith to work with jj instead of Git. This "jj-ified" fork translates Git workflows into jj idioms, such as substituting jj workspaces for Git worktrees. Maintaining this patchset involves several key steps: fetching updates from the original repository, rebasing changes to address any conflicts, checking for new updates related to Git, and then pushing these modifications to GitHub with "jjify" set as the default branch. To simplify this maintenance process, it has been encapsulated into a skill that is shared through a gist, streamlining the update and management workflow for users of this plugin adaptation.
Keywords: #phi4, Agents, Bookmark, Claude Code, Codex, Conflict Resolution, Conflict ResolutionKeywords: Jj-ified, Fork, Gist, Git, GitHub, Jesse Vincent, Jj-ified Fork, Maintenance, Patchset, Rebasing, Revision, Skill, Superpowers, Tooling, Upstream, Workflows, Workspaces, Worktrees
pauladamsmith.com 5 hours ago
|
69.
HN
We Scanned 50 Cursor Rules Files From GitHub. 6 Had Hidden Instructions.
An analysis of 50 cursor rules files from GitHub identified that six contained hidden instructions, presenting potential security risks. These particular files incorporated zero-width Unicode characters, base64 payloads, and toxic data flows, which could potentially transform AI coding agents into vectors for attacks. This discovery underscores the critical need to thoroughly scrutinize code for embedded malicious elements to prevent possible security breaches. The presence of such concealed threats highlights the importance of vigilance in examining codebases to protect against covert vulnerabilities that might be exploited by attackers.
Keywords: #phi4, AI Coding Agent, Attack Vector, Base64 Payloads, Cursor, GitHub, Hidden Instructions, Payloads, Rules Files, Scanned, Security Research, Technical Keywords, Toxic Data Flows, Zero-width Unicode Characters
agentseal.org 5 hours ago
|
70.
HN
Show HN: PayrollEngine – Open-source regulation-based payroll framework (.NET)
PayrollEngine is an open-source framework developed specifically for .NET environments, focusing on regulation-based payroll processing. It uniquely structures business logic via composable Regulation layers articulated in versioned JSON/YAML formats and executed through runtime C# with Roslyn. This design allows flexible rule inheritance and overriding akin to CSS cascading, accommodating both national laws and company-specific policies without the need for country-specific code paths.
The recent release (v0.10.0-beta.1) of PayrollEngine introduces several key features such as MultiCountryPayroll, which facilitates managing payroll across various countries using shared regulations. Additionally, it offers Payrun Preview for in-memory calculation testing, asynchronous payrun jobs with completion webhooks, and parallel employee processing with isolated state management. The framework leverages .NET 10, SQL Server, Docker, and Roslyn technology stack and is available under the MIT License on GitHub at [Payroll-Engine/PayrollEngine](https://github.com/Payroll-Engine/PayrollEngine). It also includes a new documentation site accessible at [payrollengine.org](https://payrollengine.org), designed to be integrated into platforms for tasks like automation, multi-country payroll management, industry-specific adjustments, and test-driven development.
Keywords: #phi4, Async jobs, Automation, C#, Company, DE/FR/NL, Docker, Employee contract, GitHub, Industry, JSON/YAML, MIT License, MultiCountryPayroll, NET, National law, Open-source, Parallel processing, PayrollEngine, Payrun Preview, Regulation-based, Roslyn, SQL Server, State isolation, Test-Driven
payrollengine.org 5 hours ago
|
77.
HN
The Token Tax You Didn't Know You Were Paying
TokenSieve is a tool designed to enhance efficiency in AI-agent interactions with cloud infrastructure, particularly addressing issues caused by excessive and irrelevant data in JSON outputs generated by tools like Claude Code. These outputs often contain superfluous elements such as null fields, empty arrays, and lengthy base64 certificate blobs, leading to token waste and resulting in errors or inaccurate responses from AI agents due to context limit constraints. TokenSieve acts as an intermediary filter that reduces data noise by trimming unnecessary components, replacing large PEM certificates with concise placeholders, and condensing repeated keys within lists to prevent redundant token consumption. By implementing these strategies, it can achieve up to 66% savings in token usage, thus improving the performance, speed, and accuracy of AI agents.
Developed using Rust for its reliability and rapid startup time—less than five milliseconds—TokenSieve ensures efficient operation without introducing workflow delays. It is open-sourced and straightforward to install with only five commands required. The tool's primary aim is to aid users in managing their token usage more effectively, thereby optimizing the data processed by AI agents. For further information or to download TokenSieve, users can visit its GitHub repository at https://github.com/ankit481/tokensieve.
Keywords: #phi4, AI agent, AWS tasks, Claude Code, EKS cluster, GitHub, JSON noise, PEM certificate, Rust, Subnets, Token Exhaustion, TokenSieve, VPCs, cloud infrastructure, context limit, token savings
news.ycombinator.com 6 hours ago
|
82.
HN
RepoKeeper – self-hosted AI agent that triages GitHub issues in 2 seconds
RepoKeeper is an innovative open-source tool designed for managing GitHub repositories with the goal of alleviating maintainer burnout by autonomously handling tasks related to issues, pull requests (PRs), and code reviews. Launched in response to a peak in AI-generated content noise in 2026, it integrates seamlessly via webhooks to deliver key functionalities aimed at improving efficiency and focus for maintainers. Among its features are issue triage capabilities that classify and label new issues automatically, PR summarization providing clear overviews along with change assessments, and detailed code review processes offering line-by-line feedback on specific areas such as security or performance, while smartly avoiding redundancy by re-reviewing only modified sections.
RepoKeeper's multi-repo management capability allows the use of a single instance to oversee multiple repositories through customizable per-repository configurations. Flexibility is further enhanced with support for various AI providers like Claude, GPT, and Ollama, enabling easy switching via configuration files to prevent vendor lock-in. This tool can be self-hosted on any Virtual Private Server (VPS) that supports HTTPS, ensuring maintainers retain control over their data privacy without relying on Software-as-a-Service platforms.
Setting up RepoKeeper involves cloning its repository and configuring GitHub integration through webhooks for both single-repo and multi-repo environments. This process is simplified by the use of YAML configuration files within repositories. The project actively invites community contributions, providing a clear pathway for developers to fork, test, build, and submit changes, all under the permissive MIT license which ensures free and open-source accessibility. By automating routine tasks, RepoKeeper empowers maintainers to concentrate on critical aspects of their projects while offering flexibility in AI choice and data control through self-hosting.
Keywords: #phi4, AI, Docker, GitHub, HTTPS, Nginx, RepoKeeper, YAML, code review, deployment, issues, maintainers, multi-repo, open source, pull requests, security, self-hosted, triage, webhooks
github.com 6 hours ago
|
91.
HN
Kanban Code – The IDE for 2026
Kanban Code is an advanced Integrated Development Environment (IDE) tailored for managing Claude Code sessions via a visually-driven Kanban board interface, available on macOS and Windows platforms. Its core functionality revolves around task management within the software development lifecycle, offering a structured workflow through stages such as Backlog, In Progress, Waiting, In Review, and Done, thereby enhancing productivity by providing a clear overview of project status from inception to completion.
The IDE boasts seamless integration with tools like tmux for terminal sessions, git worktrees for branch handling, GitHub for tracking pull requests, and Pushover for notifications. This ecosystem allows developers to manage their tasks efficiently within the Kanban Code environment without needing additional applications. Additionally, the tool automates task progression based on activity signals, provides attention-triggering notifications, maintains machine wakefulness during active sessions, and facilitates remote execution alongside managing GitHub issue backlogs.
Session management is automated through features such as session discovery, search, forking, checkpointing, and integration with git worktrees, thereby streamlining project workflows. Kanban Code supports embedded terminal access via tmux, enabling direct interaction with tasks from within the IDE, while its remote execution capabilities ensure developers can operate effectively across different environments.
The tool's architecture adheres to Clean Architecture principles, ensuring a separation between logic and user interface. It utilizes Swift for macOS applications and React coupled with TypeScript for Windows implementations, emphasizing modularity and ease of integration through the port/adapter pattern. The installation process varies by platform; macOS users download an .app file, whereas Windows requires Node.js, Rust, and Claude Code CLI to be installed via Git and npm commands.
As open-source software under the AGPLv3 license, Kanban Code invites community contributions while ensuring it remains free for use, modification, and distribution in compliance with GNU Affero General Public License v3 terms. Overall, Kanban Code aims to transform developers' approach to task management by integrating sophisticated session controls with a user-friendly interface and extensive integration options.
Keywords: #phi4, AGPLv3, AGPLv3 License Keywords: Kanban, Amphetamine, Clean Architecture, Execution, Git, GitHub, GitHub PR, IDE, Kanban Code, PR, Pushover, Remote, Remote Execution, SwiftUI, Tauri, Windows, macOS, tmux
github.com 7 hours ago
|
96.
HN
Show HN: gists.sh – Beautiful Viewer for GitHub Gists
The text introduces "gists.sh," a tool created to enhance the visual appeal and usability of GitHub Gists, which are commonly used by the author to share documents and code snippets. Recognizing that while gists are convenient, they often lack aesthetic appeal, the creator developed this minimalist viewer as a solution for users who prefer cleaner presentations. This enhancement aims to improve the overall experience when interacting with gists, even if only for short durations, making them more visually pleasing without compromising their functionality.
Keywords: #phi4, AI agents, GitHub Gists, Show HN, Viewer, clean, documents, friends, gists, gistssh, minimal page, research, snippets, teammates, technical keywords
gists.sh 7 hours ago
https://github.com/linuz90/gists.sh 6 hours ago
https://news.ycombinator.com/item?id=4263437 6 hours ago
|
114.
HN
Stacksort
Stacksort is a web-based application designed to extract and execute sorting functions from top-rated answers on StackOverflow that are tagged with "javascript" and "sort." It specifically retrieves the last code block from these responses, interpreting it as a potential sorting algorithm. Users provide input data, which the tool attempts to sort using the identified function. If the output is not correctly sorted, users have the option to try another answer by following a provided link. The source code for Stacksort is available on GitHub, where users are encouraged to report any bugs they encounter or offer feedback via issue submissions.
Keywords: #phi4, Bugs, Code block, Eval, Function, GitHub, Inputted data, Issue, JavaScript, Sort, StackOverflow, Stacksort, Tags, Wrongly-sorted
gkoberger.github.io 9 hours ago
|
120.
HN
Simple-Git NPM package has CVSS 9.8 RCE; 5M+ weekly downloads–check lockfiles
The Simple-Git NPM package is affected by a significant vulnerability (CVSS score of 9.8), allowing full remote code execution due to a case-sensitivity bug in regular expressions, which bypasses previous fixes for CVEs-2022-25860 and CVE-2022-25912. The absence of the `/i` flag in regex makes it vulnerable to uppercase configuration attacks, impacting approximately 73% of weekly installations—around nine million installs per week—with versions starting from 3.15.0 until the resolved version 3.32.3. Identified by CodeAnt AI Security Research using an AI code reviewer, this case-sensitivity issue allows attackers to execute arbitrary commands through malformed protocol configurations in methods such as `clone()` and `fetch()`, exploiting Git's default case-insensitive handling.
Applications utilizing simple-git with user-supplied inputs for operations like cloning or pulling repositories are at risk. Developers must promptly upgrade to version 3.32.3 or later, ensuring that no unvalidated user input reaches these vulnerable methods. The vulnerability was disclosed and patched within four business days, highlighting a broader issue in software security related to case sensitivity mismatches between security measures and system behaviors.
This incident underscores the importance of rigorous auditing processes and robust support for open-source maintainers who play a crucial role in managing critical dependencies. It serves as a reminder that vulnerabilities can arise from overlooked details like regex configurations, necessitating comprehensive reviews and updates to secure software systems effectively.
Keywords: #phi4, AI security research, CVE-2026-28292, CVSS, Git protocol, GitHub, Nodejs, RCE, SCA tools, Simple-Git, advisory, audit, bypass, case-sensitivity, exploit, lockfiles, maintainers, npm, open-source, patch, regex, semantic mismatch, vulnerability
www.codeant.ai 10 hours ago
|
132.
HN
Show HN: Self-hosted DCF workspace using Damodaran datasets, LLM narratives
The project presents a self-hosted stock valuation tool leveraging Damodaran's datasets for Discounted Cash Flow (DCF) analysis, aiming to enhance transparency in AI-driven financial evaluations by explicitly detailing underlying assumptions such as cost of capital, reinvestment rates, and terminal value. Users input a stock ticker to receive an intrinsic value assessment along with deterministic calculations and narratives generated using Large Language Models (LLMs), supported by current news sources. The tool provides clarity through differentiated scenarios—base and override—to aid in valuation processes.
The platform is designed for local operation via Docker from a specified GitHub link, ensuring accessibility and user control over data handling. While functional, the system recognizes certain limitations that require refinement, notably in dealing with terminal growth rates assumptions and evaluating high-growth companies where traditional DCF may fall short. The developer actively seeks community feedback to address these complex challenges and enhance the tool's accuracy and applicability.
Keywords: #phi4, DCF, Damodaran, Docker, GitHub, LLM, Self-hosted, audit, bull/bear narratives, cost of capital, datasets, deterministic math, high-growth names, intrinsic value, narratives, reinvestment rate, terminal growth rate, ticker, tool, valuation, workspace
news.ycombinator.com 14 hours ago
https://github.com/stockvaluation-io/stockvaluation_io 11 hours ago
|
136.
HN
Microsoft uses plagiarized AI slop flowchart to explain how GitHub works
Vincent Driessen, an engineer, identified that a graphic published by Microsoft on its Learn portal, illustrating GitHub functionality, was plagiarized from his original 2010 diagram. This image, freely shared by Driessen to promote knowledge sharing, had been altered and degraded by AI, resulting in errors such as "continuously merged" becoming "continvuocly morged." Following public exposure of the plagiarism, Microsoft removed the image but failed to update their page or credit Driessen. Driessen criticized Microsoft for its careless handling of his work, reflecting a lack of ambition and respect in using AI-generated content without proper attribution. He expressed concern that the increasing use of AI could lead to more unnoticed instances of plagiarism. At the time of reporting, Microsoft had not responded to requests for comment on the issue.
Keywords: #phi4, AI, GitHub, Keynote, Learn portal, Microsoft, Vincent Driessen, attribution, branches, care, care Keywords: Microsoft, content generation, diagram, image generator, plagiarism, process, slop, tutorial
www.pcgamer.com 15 hours ago
https://news.ycombinator.com/item?id=47057829 13 hours ago
|
137.
HN
Maybe we can keep on coding? pseudo code project
The author introduces "Pseudo-Code-Flow," a tool hosted on GitHub that translates pseudo-code into executable programming language code using Large Language Models (LLMs). This utility enables users to input `.pseudo` files and convert them into their chosen programming languages via the `/translate` command. A standout feature of Pseudo-Code-Flow is its capability to suggest enhancements in design, architecture, or functionality while preserving the user's original pseudo-code style. This innovation significantly benefits developers by translating conceptual algorithms directly into functional code without the typical syntax challenges and boilerplate associated with languages like Python or C++. The tool effectively bridges the gap between idea conception and coding execution, making it a transformative addition to developer workflows.
Keywords: #phi4, C++, GitHub, LLMs, Python, algorithm representation, architecture, boilerplate, coding flow, functionality, pseudo code, real code, translation
news.ycombinator.com 15 hours ago
https://www.williamjbowman.com/blog/2026/03/0 14 hours ago
|
140.
HN
Show HN: CryptoFlora – Visualize SHA256 to a flower using Rose curves
CryptoFlora is a visualization tool that transforms SHA-256 hashes into rose curve images resembling flowers, enabling users to verify collected stamps in a loyalty card wallet application by visual identification rather than through QR codes or serial numbers. This innovative approach enhances user interaction and verification processes. The creator also proposes expanding its utility to generate random avatars from email addresses, suggesting further applications beyond its initial use case. Additionally, the tool's source code is openly available on GitHub, encouraging community engagement and potential enhancements by other developers.
Keywords: #phi4, CryptoFlora, GitHub, QR code, Rose curves, SHA256, avatar, certified, email address, feedback, hash, loyalty card wallet, random, serial number, source code, tool, tool Keywords: CryptoFlora, visualize
crypto-flora.tonytonyjan.net 16 hours ago
|
151.
HN
Show HN: ImageHost.ing – burn-after-reading image host on Cloudflare's free tier
ImageHost.ing is a privacy-focused image hosting service designed as "burn-after-reading," ensuring images are automatically deleted after 24 hours and removed upon first view. Built using Claude Code, it operates on Cloudflare's free tier, including Workers, KV, and R2 storage, without requiring user accounts or tracking. The platform charges about $10 annually for domain costs, with no plans to monetize further. Users can easily upload images in JPEG, PNG, GIF, or WEBP formats up to 5 MB using a straightforward cURL command: `curl -X POST https://api.imagehost.ing/upload -F "file=@photo.jpg"`. While the service supports daily uploads, there may be limitations on the number of uploads permitted per day. Additional details are accessible through its website or GitHub repository.
Keywords: #phi4, Claude Code, Cloudflare, GIF, GitHub, ImageHost, JPEG, KV, PNG, POST, R2, WEBP, Workers, auto-expire, burn-after-reading, curl, delete on view, free tier, max 5 MB, no accounts, no tracking, storage costs, upload
imagehost.ing 18 hours ago
|
153.
HN
Show HN: ULLI – A Linux installer without a live USB flash drive
ULLI (USB-less Linux Installer) is an alpha-stage project aimed at facilitating the installation of a bootable Linux partition on a hard drive without requiring a USB stick or manual BIOS configuration adjustments. Given its early development stage, ULLI is advised for non-critical systems with data backed up beforehand to mitigate risk. For Linux users, installation involves downloading `ulli-linux.py`, setting appropriate permissions, and executing it in the terminal using sudo privileges. Windows users can use a pre-extracted executable from `ulli-windows.zip` by running `run-ulli-windows.bat` as an administrator or after disabling smart app control.
To ensure successful installation, users may need to disable BitLocker/decrypt their hard drive, turn off Secure Boot in the BIOS, and manually set Linux as the default boot entry. ULLI supports specific versions of Linux distributions such as Linux Mint, Ubuntu, Kubuntu, Debian Live, and Fedora with KDE Plasma Desktop, but has limitations on using custom ISO files for Debian and Fedora.
For persistent installations, users can utilize live partition options for Kubuntu or install through a desktop icon within the Linux Mint live OS while setting up a swap area and btrfs file system in available space. Accessing Windows from installed systems like Linux Mint, Ubuntu, or Kubuntu involves selecting "Boot from next volume" at boot; however, accessing Windows on Debian and Fedora requires BIOS adjustments.
ULLI is distributed under the GNU General Public License v3.0, allowing users to freely use and modify the source code but prohibiting closed-source distribution.
Keywords: #phi4, BIOS, Debian, Fedora, GNU GPL v30, GitHub, Kubuntu, Linux, Linux Mint, Tunic, ULLI, USB-less, Ubuntu, Windows, alpha, btrfs, donations, hard drive, installer, permissions, persistent installation, swap area, terminal, website
github.com 19 hours ago
|
163.
HN
Show HN: Repovex – GitHub repo health scores for your whole org
Repovex is a GitHub App specifically crafted to evaluate and oversee the health of repositories within an organization by examining critical aspects such as branch protection, secret scanning, CI configuration, and documentation presence. It assigns each repository a comprehensive score out of 100 based on these evaluations. The app operates with automated nightly checks, ensuring consistent monitoring without manual intervention. Results are accessible through a user-friendly web dashboard and supplemented by weekly updates via Slack, facilitating ongoing awareness and proactive management for development teams regarding their repositories' health status. To accommodate various users, Repovex offers a free tier that supports up to five repositories, available without the need for credit card information, making it an accessible tool for smaller projects or organizations just starting with repository health assessment.
Keywords: #phi4, CI, CODEOWNERS, CONTRIBUTING, Dependabot, GitHub, LICENSE, README, Repovex, Slack digest, app, branch protection, documentation, free tier, health scores, nightly checks, org, process, repos, score, secret scanning, security, stale PRs, web dashboard
repovex.com 21 hours ago
|
171.
HN
Containers – What's in the Box?
In this episode of "Runtime Arguments," hosts Wolf and Jim delve into containers' role in software development, focusing particularly on Docker's capabilities for packaging applications with dependencies to ensure consistent execution across different environments. They discuss the advantages of containers—such as consistency, portability, scalability, and security—attributed to their lightweight nature by sharing the host's kernel, contrasting them with virtual machines which require a full operating system. Key Linux features like cgroups, namespaces, and bind mounts facilitate container functionality.
Docker is highlighted for its popularity, but alternatives such as Podman, LXD, Incus, Ubuntu Snaps, Flatpak, and Proxmox are also mentioned, underscoring the need for standards like those from the Open Container Initiative (OCI) to ease tool transitions. The episode explains that container images serve as static files encapsulating everything necessary to run an application, while containers are their running instances. Jim elaborates on Docker's user-friendly commands and multi-stage builds for efficient image management.
The discussion addresses challenges in file synchronization between host systems and containers, particularly on non-Linux platforms like macOS, which may require paid solutions unless using synchronized file shares available through certain subscriptions. The hosts then transition to comparing Docker Compose with Kubernetes, noting that while the former is suitable for smaller applications without scalability needs, the latter excels at orchestrating large-scale deployments across multiple nodes, managing container instances based on demand.
Best practices in container management are emphasized, such as running a single service per container and optimizing performance through shared layers. Jim advises newcomers to start with Docker due to its extensive adoption and support resources. The episode concludes by inviting listeners to participate in an upcoming session at Michigan Unix Users Group for further exploration of these topics, offering practical guidance on effective containerization strategies across different tools and environments.
Keywords: #phi4, Algorithms, Alpine Linux, Apple Containers, Architecture, Bind Mounts, Boyer-Moore, Cgroups, Containers, Deep Work, Development, Docker, Docker Compose, File System, Flatpak, GitHub, HDF5, Horspool, Hypervisor, Images, Incas, Information Theory, Isolation, Jim Wolf, Knowledge Worker, Kubernetes, LXD, Layers, Linux Kernel, Mac, Mail Transfer Agent, Multi-architecture, NASA, Namespaces, OCI, Open Container Initiative, Podman, PostFix, Programming, Proxmox, QEMU, Registry, Runtime Arguments, Rust, Scalability, Scientific Data, Synchronization, Ubuntu, Ubuntu Snaps, Virtual Machines, Windows
www.buzzsprout.com 22 hours ago
|
173.
HN
Compass CNC was taken down. Probably by Shaper Tools
The author had intended to construct a Compass CNC this year but discovered that its GitHub repository was no longer accessible, raising questions about whether the company is transitioning away from open-source development. It's speculated that Shaper Tools might be responsible for taking down the repository, although there could be multiple reasons behind such an action, including shifts in business strategy or legal issues. The uncertainty regarding Compass CNC’s commitment to open-source projects highlights broader concerns within the maker and DIY communities about access to resources and collaborative innovation. This situation underscores the delicate balance companies must maintain between proprietary interests and supporting open-source ecosystems.
Keywords: #phi4, Compass CNC, GitHub, Shaper Tools, build, company, gone Keywords: Compass CNC, information, open source, radar, repository, space, taken down, time
old.reddit.com 22 hours ago
https://news.ycombinator.com/item?id=44613438 21 hours ago
https://www.reddit.com/r/diycnc/comments/1qwn 21 hours ago
|
175.
HN
Ask HN: What are some good AI usage policies?
The individual is seeking advice on crafting AI usage policies specifically for open-source software by examining pre-existing examples, notably Ghostty’s policy accessible via a GitHub link. The objective is to gain insights into different methodologies' benefits and drawbacks to shape an informed approach for their own policy creation. By studying these examples, they aim to identify effective strategies and potential pitfalls in developing comprehensive AI guidelines that align with open-source principles. This endeavor involves evaluating various policies to understand how they address ethical considerations, user responsibilities, and compliance issues within the context of open-source software development. Through this analysis, the individual hopes to craft a policy that not only reflects best practices but also anticipates challenges unique to integrating AI in open-source projects.
Keywords: #phi4, AI usage policies, AI_POLICYmd, Ghostty, GitHub, Open Source, community guidelines, documentation, ethical considerations, example, inspiration, policy formation, pros/cons, technical keywords
news.ycombinator.com 22 hours ago
|
180.
HN
Get the latest preview release of Code on the Go
Code on the Go is currently inviting users to test its latest preview release and contribute feedback that will guide the development process of the application. Users have multiple avenues for submitting their issues or suggestions: they can use GitHub, send emails directly to a designated address, or utilize a Feedback button integrated within the app itself. The developers highly value user experiences and ideas, emphasizing the importance of community input in shaping the future iterations of the software. This collaborative approach highlights the development team's commitment to enhancing the application by incorporating real-world user insights and preferences into their updates.
Keywords: #phi4, Code, Feedback button, GitHub, Go, app, email, essential, experience, feedback, input, issues, preview, release, shaping, suggestions
www.appdevforall.org 22 hours ago
|
190.
HN
Ask HN: I built an AI-native codebase framework–could you evaluate it?
The author of the open-source project "ai-native" invites feedback on their AI-native codebase framework available on GitHub, aimed at enhancing the reliability of AI-assisted development through a structured approach involving clear project layouts, explicit contracts, and verification workflows. This initiative addresses challenges related to repetitiveness and maintenance difficulties that arise when applying these patterns independently in new projects. The author seeks evaluations concerning the practical utility of the framework, identification of any components perceived as unclear or unnecessary, suggestions for immediate improvements, and additional evidence or tests to bolster credibility. Open critique is welcomed along with technical feedback, and users are encouraged to provide GitHub stars if they find the framework beneficial.
Keywords: #phi4, AI-assisted development, AI-native, GitHub, codebase, credibility, evidence/tests, explicit contracts, framework, open-source, patterns, project structure, reusable framework, technical feedback, verification workflow
news.ycombinator.com a day ago
|
193.
HN
GPT-4 leaks its own API internals through training data exposure
GPT-4 exhibits a significant vulnerability where it consistently leaks internal API credentials, specifically the EPHEMERAL_KEY from OpenAI's Realtime API, due to its exposure during training. This leakage occurs across various prompts with a 75% occurrence rate in repeated tests, largely because OpenAI’s documentation is part of GPT-4’s training dataset. As a result, when prompted about “secrets” or “initialization,” the model inadvertently discloses sensitive security information like EPHEMERAL_KEY. The situation is worsened by refusal training, where models practice denying access using real secrets from their data. This systemic issue affects all similar models and could become more problematic as APIs grow in complexity, potentially leading to further leaks of sensitive information such as "session_token" or "project_key." Attackers can exploit this vulnerability by learning about the EPHEMERAL_KEY’s existence, targeting generation processes, probing client-side implementations, and executing session hijacking. The identification of this security flaw was achieved at a minimal cost of $0.04 over 60 tests conducted in four runs. In response, SafetyLayer was developed to systematically detect such vulnerabilities, offering free security assessments through their GitHub repository.
Keywords: #phi4, API internals, EPHEMERAL_KEY, GPT-4, GitHub, Realtime API, SafetyLayer, leakage, prompts, refusal training, security test, session hijacking, systemic issue, training data
news.ycombinator.com a day ago
|
198.
HN
Agents that run while I sleep
The article addresses challenges associated with code generated by autonomous agents without human oversight, particularly focusing on ensuring its correctness and alignment with intended functionality. It highlights the problem of verification when tools like Gastown autonomously produce large volumes of code, noting that increasing human reviewers is impractical and AI-generated tests may be unreliable due to potential misunderstandings.
To address these challenges, the article proposes Test-Driven Development (TDD) as an effective solution. TDD requires writing tests before coding begins, which helps in defining clear expectations upfront. This approach allows engineers to establish acceptance criteria in plain language, guiding autonomous agents in developing features that meet specific conditions. By generating and verifying these acceptance criteria, integration issues and errors can be identified early.
The article suggests a workflow where acceptance criteria are created and then automatically verified using tools like Playwright. An example provided is the Claude Skill tool, which automates verification through planning, execution, and judgment processes. The central message is that clearly defined acceptance criteria are crucial for ensuring autonomous code adheres to its intended specifications. By applying TDD principles, developers can effectively manage the complexities inherent in AI-driven development environments, leading to more reliable software outcomes.
Keywords: #phi4, AI-generated code, Agents, CI, CLI tools, Claude Code, GitHub, OAuth token, Opus, Playwright, Sonnet, TDD, TDD (Test-Driven Development), acceptance criteria, authentication, autonomous systems, backend changes, browser agents, code review, continuous integration (CI) Keywords: Agents, deployment, frontend changes, integration failures, model swapping, plugin installation, rate limiting, software engineering, testing, unit tests, verification, workflow
www.claudecodecamp.com a day ago
https://benhouston3d.com/blog/the-rise-of-test-theater 23 hours ago
https://github.com/opslane/verify 23 hours ago
https://aiorg.dev/blog/claude-code-hooks#:~:text=Protec 23 hours ago
https://code.claude.com/docs/en/devcontainer 23 hours ago
https://pastebin.com/raw/m9YQ8MyS 21 hours ago
https://deepmind.google/blog/specification-gaming-the-f 21 hours ago
https://simonwillison.net/guides/agentic-engineering-pa 21 hours ago
https://tonyalicea.dev/blog/entropy-tolerance-ai/ 21 hours ago
https://github.com/foundatron/octopusgarden 21 hours ago
https://factory.strongdm.ai/ 21 hours ago
https://github.com/foundatron/octopusgarden/blob&# 21 hours ago
https://github.com/Q00/ouroboros 21 hours ago
https://skills.sh/doubleuuser/rlm-workflow/rlm-wor 18 hours ago
https://github.com/doubleuuser/rlm-workflow 18 hours ago
https://www.hyrumslaw.com/ 18 hours ago
https://www.joegaebel.com/articles/principled-agentic-s 18 hours ago
https://github.com/JoeGaebel/outside-in-tdd-starter 18 hours ago
https://www.joegaebel.com/articles/principled-agentic-s 18 hours ago
https://anthonysciamanna.com/2019/08/22/the-c 18 hours ago
https://news.ycombinator.com/newsguidelines.html#generated 18 hours ago
https://www.cs.utexas.edu/~EWD/transcriptions/EWD0 14 hours ago
https://steve-yegge.medium.com/welcome-to-gas-town-4f25ee16d 14 hours ago
https://www.linkedin.com/posts/johubbard_github-eleuthe 14 hours ago
https://github.com/mattpocock/skills/blob/mai 14 hours ago
https://github.com/alpeware/datachannel-clj 14 hours ago
https://github.com/karpathy/llm-council 14 hours ago
https://ui.adsabs.harvard.edu/abs/2025arXiv250214815C&# 14 hours ago
https://www.arxiv.org/abs/2509.23537 14 hours ago
https://www.aristeidispanos.com/publication/panos2025mu 14 hours ago
https://arxiv.org/abs/2305.14325 14 hours ago
https://arxiv.org/abs/2306.05685 14 hours ago
https://arxiv.org/abs/2310.19740v1 14 hours ago
https://news.ycombinator.com/item?id=47313787 14 hours ago
https://docs.astral.sh/uv/ 7 hours ago
https://clelp.com/blog/how-we-built-8-agent-ai-team 7 hours ago
https://clelp.com/skill/4da37247-33ee-43ba-a004-0a89d84 7 hours ago
https://github.com/pjlsergeant/moarcode 7 hours ago
|
199.
HN
LLMs are bad at vibing specifications
The author examines the challenges faced by large language models (LLMs) in creating effective formal specifications, particularly for tools like TLA+ and Alloy. While AI has potential as a helper in specification generation, LLMs often produce "obvious properties" that fall short of capturing the nuanced requirements essential for thorough verification, especially concerning concurrency or nondeterminism issues. The text includes examples where LLM-generated specifications fail due to compilation errors or insufficient checks, attributing these shortcomings to both user errors and AI's limitations in comprehending context and complexity. Despite occasional successes by experts in generating complex properties, the overall effectiveness of LLMs remains constrained.
In addition, the author mentions a book giveaway for "Logic for Programmers," which seeks to rectify logistical issues encountered in previous giveaways, such as incorrect coupon distribution across time zones. Future efforts are aimed at ensuring more equitable distribution of books among various regions, improving accessibility and participation.
Keywords: #phi4, AI, Alloy, GitHub, LLMs, Logic, Programmers, TLA+, formal methods, giveaways, model checking, properties, specifications, verification
buttondown.com a day ago
|
210.
HN
Learn X in Y Minutes
"Learn X in Y Minutes" serves as a resource for quick introductions to various programming languages through community-driven contributions on GitHub. It comprises articles written by original authors who have licensed their work under the Creative Commons Attribution-ShareAlike 3.0 (CC BY-SA 3.0) license, promoting both sharing and adaptation of the content with appropriate attribution. The project was initiated by web developer Adam Bard, who envisioned a platform that facilitates rapid learning for programmers by providing concise and accessible guides on numerous languages. This collaborative approach allows for continuous updates and enhancements, ensuring that the content remains relevant and comprehensive for users seeking to expand their programming knowledge efficiently.
Keywords: #phi4, CC BY-SA 30 license, GitHub, Learn X, Y Minutes, articles, author, comma-separated, community-driven, contributors, extract, favorite, format, information, language, list, no duplicates, pull request, relevant, simple, technical keywords, text, topic, tour, web developer
learnxinyminutes.com a day ago
|
218.
HN
KeePassXC 2.7.12 Released
KeePassXC 2.7.12 introduces several bug fixes and enhancements aimed at improving functionality and security. The update includes support for {TIMEOTP} as an Auto-Type placeholder and adds a tooltip that displays matched URLs in the browser access confirmation dialog. It also brings nested folder support for Bitwarden imports and new Windows storage options for passkey backup eligibility (BE) and state (BS) flags, which now default to true. This change may impact existing passkeys not storing these values, with an option to revert by modifying attributes in the "Advanced" settings. The release also addresses various issues such as race conditions on Linux, checkbox value display errors, attachment file name sanitization, and minor UI improvements. Additionally, it incorporates security measures against DLL injection attacks via malicious OpenSSL config files. KeePassXC 2.7.12 is available for download from multiple platforms, including the official website, Microsoft Store, Ubuntu PPA, and Flathub. Users are encouraged to report bugs through the GitHub issue tracker or discuss them on Matrix, as outlined on the contact page.
Keywords: #phi4, Auto-Type, BE Flags, BS Flags, Bitwarden, Browser Access, Bug Fixes, Changelog, DLL Injection, Download, Enhancements, Feedback, Flathub, GitHub, KeePassXC, Linux, Matrix, Nested Folders, OpenSSL, Passkeys, Release, TIMEOTP, Ubuntu PPA, Windows
keepassxc.org a day ago
|
222.
HN
Show HN: SnapDrift – a simpler visual regression workflow for GitHub Actions
SnapDrift is an open-source tool designed to streamline visual regression testing within GitHub Actions for web applications by bridging the gap between custom scripts and comprehensive platforms. It utilizes Node/ESM libraries along with composite GitHub Actions to facilitate a balanced workflow, focusing on full-page captures via Playwright automation. The key functionalities include publishing baselines on the main branch, comparing pull request screenshots against these baselines, scoping routes according to changed files, uploading artifacts, and updating PR comments with drift summaries. SnapDrift allows configuration of test outcomes based on detected visual changes and is optimized for Ubuntu runners using fixed viewport presets for desktop and mobile environments. The tool's configuration requires a minimal setup through a `.github/snapdrift.json` file, ensuring easy integration into existing repositories.
SnapDrift operates primarily in GitHub Actions by publishing baselines upon main branch commits and conducting visual regression tests on pull requests with predefined actions. It supports various drift enforcement modes, from reporting-only to stringent failure conditions, aiming to enhance UI comparison workflows during PR reviews. The tool encourages an initial adoption of a report-only mode for detecting visual changes, progressing to stricter measures as the baselines stabilize. Feedback is welcomed on its GitHub Actions-centric design, route scoping capabilities, and synergy with Playwright-based checks, emphasizing its goal of user-friendly and efficient integration into development processes.
Keywords: #phi4, CI workflow, GitHub Actions, Node/ESM library, PR drift detection, Playwright, SnapDrift, Ubuntu runners, baseline capture, desktop/mobile viewports, diffmode, fail-on-changes, full-page capture, integration guide, report-only mode, route scoping, strict mode, threshold, viewport presets, visual regression
github.com a day ago
|
231.
HN
Ruby Users Forum February–March Update
In the February–March update from the Ruby Users Forum, significant developments and future plans were outlined. In February, the forum experienced growth with 87 new members and 181 posts, fostering dynamic discussions across various topics. Efforts to define the community's identity included creating a logo, while functional improvements involved enabling topic tags—such as "getting-started"—to aid organization, adding GIF support in posts for enhanced engagement, and introducing GitHub login options to streamline user access. The forum expressed appreciation to active members for their contributions. Looking ahead to March, plans include launching new community challenges, promoting discussion threads, sharing Ruby learning resources, and implementing minor enhancements aimed at increasing user participation. Additionally, the team is open to suggestions from the community regarding desired features or improvements, encouraging collaborative input in shaping future developments.
Keywords: #phi4, GitHub, GitHub login, Ruby Users Forum, challenges, community, discussions, engagement, engagement Keywords: Ruby, forum, gif, gif support, identity, logo, members, participation, posts, resources, tags, topics
www.rubyforum.org a day ago
|
265.
HN
Portable Secret is now open source
Portable Secret is an open-source tool released on February 26, 2026, designed for securely sharing sensitive information without the need for accounts or servers. It achieves this by generating self-contained HTML files with encrypted data and decryption code, which users can create offline on any device using a web-based interface. These files are particularly useful for air-gapped machines as they can be saved to USB drives from the browser. The tool's security model employs browser-native AES-256-GCM encryption along with Argon2id key derivation (and PBKDF2 as a fallback), providing strong protection against brute-force attacks while ensuring that all operations occur within the user’s browser without external data transmission or storage.
By making Portable Secret open source on GitHub, its creators have increased transparency and trust by allowing users to audit, fork, and host the code independently. This openness ensures that there are no hidden network requests and guarantees that sensitive data remains confined to the user's device, thereby reinforcing the tool’s commitment to security and privacy.
Keywords: #phi4, AES-256-GCM, Argon2id, GitHub, HTML, HTML file, PBKDF2, Portable Secret, SvelteKit, air-gapped, browser-native, cryptography, data privacy, data privacy Keywords: Portable Secret, encryption, network requests, offline, open source, security tool, trust
blog.alcazarsec.com a day ago
|
276.
HN
You gotta think outside the hypercube
The article explores how to visualize a tesseract, or four-dimensional hypercube, by extending concepts from two- and three-dimensional shapes. It describes the structure of a tesseract, which has 32 edges connecting 16 vertices, using coordinate constraints analogous to those used for squares and cubes. The discussion moves into rotations in higher dimensions, emphasizing that planar rotations involving pairs of axes are more intuitive than complex multi-axis ones, introducing new planes like X🌀, Y🌀, and Z🌀 alongside the familiar XY, XZ, and YZ planes.
The article examines various projection methods for representing four-dimensional objects on two-dimensional surfaces. The Cavalier Projection projects the z-axis as diagonal lines in 3D but distorts perspective when applied to higher dimensions. The Cabinet Projection adjusts for distortion by scaling the z-axis component; however, it can mislead viewers about an object's orientation. Isometric Projection places model axes at equal angles (60°) apart, offering a balanced view extendable to four dimensions but potentially distorting some shapes.
Rectilinear One-Point Perspective utilizes distance-based scaling for both z and 🌀 coordinates, producing nested cube visuals akin to shadow projections. The Fisheye Perspective employs a curvilinear approach based on Euclidean distances, which helps reduce visual clutter by distinguishing overlapping edges. Lastly, the Mixed Isometric + Vanishing Point method combines isometric views for x, y, z with vanishing-point techniques for 🌀, providing clearer visualization of tesseract rotation in specific planes.
The article concludes that while perfect four-dimensional visualization remains challenging due to dimensional compression and distortion, these projection methods offer valuable insights into higher-dimensional geometry.
Keywords: #phi4, Cartesian axes, Euclidean distance, GitHub, Tesseract, dimensions, edges, hypercube, isometric, perspective, projection, rotation, trigonometry, vertices, visualization, wireframe
lcamtuf.substack.com a day ago
|
277.
HN
Show HN: Familiar – Open-source local AI agent for macOS(and iOS)
Familiar is an open-source local AI application designed to operate on macOS, with plans for iOS development, focusing on user privacy, offline functionality, and avoiding cloud service dependency or API keys. It leverages device resources efficiently by detecting hardware capabilities at first launch, recommending models that maintain optimal performance without overheating the machine. Key features include in-built file management tools and an upcoming "Night Shift Mode" to utilize excess computing power during low-usage periods for enhanced task execution using larger AI models.
Developed with Swift/SwiftUI and MLX on Apple Silicon, Familiar is currently tested on an M1 Pro with 16GB RAM. However, its sub-3B model faces challenges in tool calling reliability and complex reasoning tasks that necessitate more robust models. The Night Shift Mode aims to overcome these limitations by allocating additional resources when the device is idle.
Looking ahead, Familiar will be open-sourced for community involvement and scrutiny. An iOS version with lighter capabilities is being developed to offer basic file operations via iCloud, aligning with its core mission of providing an accessible local AI solution that balances small-model efficiency for personal tasks and the option to use cloud resources when necessary. This project addresses privacy and cost concerns tied to cloud-based AI services by fostering a hybrid model approach and continues to evolve with upcoming updates on GitHub and further iOS integration.
Keywords: #phi4, Familiar, GitHub, M1 Pro, MLX inference, Phi-4-mini, Qwen 35 9B, Swift/SwiftUI, agent, cloud-free, companion app, file tools, hardware detection, iOS, local AI, macOS, model recommendation, night shift mode, offline, open source, privacy
thoughts.jock.pl a day ago
|
278.
HN
Show HN: Open Prompt Hub – share intent, not code
Open Prompt Hub is an innovative platform introduced by Mario to facilitate the sharing of software development intents via prompts instead of traditional code. Inspired by the potential for AI agents to create customized software from these prompts, it allows users to upload markdown-formatted prompts along with metadata, enabling AI tools to generate scripts, apps, or web services tailored to specific tasks. The platform operates similarly to GitHub but focuses on managing and sharing prompts rather than code, offering features like version control, model compatibility information, testing instructions, and user feedback on prompt reliability. To ensure security, Open Prompt Hub employs statistical analysis and classification checks to detect malicious behavior within the prompts.
Currently in its minimum viable product (MVP) phase, the platform is set for future enhancements such as CLI integration for running prompts directly from a terminal and automated build reports using API-based telemetry. Mario encourages users to explore the platform, provide feedback, and contribute towards its development and security improvements.
Keywords: #phi4, AI agents, AI models, CLI, GitHub, Open Prompt Hub, automated build reports, automated build reports Keywords: Open Prompt Hub, markdown files, meta information, prompts, security checks, software development, statistical analysis, versioned
openprompthub.io a day ago
|
285.
HN
Show HN: Star SDK – Fixing the 3 biggest annoyances with generated browser games
The Star SDK is designed to streamline browser game development by addressing common challenges such as audio compatibility across devices (including iOS Safari), responsive canvas sizing, and leaderboard integration without needing backend infrastructure. It simplifies these tasks through features like procedural synth sounds that ensure universal audio functionality and automatic management of device-specific issues, such as unlocking iOS audio contexts. Additionally, it incorporates built-in leaderboards that eliminate the need for servers or authentication processes.
A key advantage of the Star SDK is its compatibility with Large Language Models (LLMs), allowing developers to create games easily by issuing simple commands like "build a game with star-sdk." The SDK handles tasks including registering the game, setting up audio and leaderboards, and deploying it online, making backend setup unnecessary. This functionality is especially useful for those employing AI agents such as Claude Code or Codex.
The Star SDK also offers free hosting through its deployment command and generates comprehensive API documentation automatically via LLMs, minimizing the need for manual oversight. Developed from insights gained while operating a game platform, the SDK reflects an understanding of typical browser game development hurdles.
Available on npm and GitHub, the SDK provides easy installation options along with examples to assist developers in getting started promptly. It encourages community contributions through its open-source repository. Licensed under MIT, the Star SDK is accessible for both personal and commercial use without requiring engagement with its broader platform unless desired by the user.
Keywords: #phi4, AI agents, API docs, CLI, DPR scaling, GitHub, LLMs, Star SDK, Star platform, Star platform Keywords: Star SDK, Web Audio, audio, browser games, canvas, deployment, examples, game loop, iOS Safari, leaderboards, mobile, no backend, npm package, procedural sounds
github.com a day ago
|
295.
HN
Awesome-Webmcp
**Awesome WebMCP Overview**
The "Awesome WebMCP" project serves as a curated repository focusing on resources and tools linked to the Web Model Context Protocol (WebMCP), an emerging W3C standard aimed at enhancing website interaction for AI agents. This protocol facilitates direct engagement of AI agents with web content through JavaScript functions exposed by `navigator.modelContext.registerTool()` or specific HTML attributes, circumventing traditional methods like scraping or screenshots. Although still in the early preview stage within Chrome 146+ Canary as of February 2026, WebMCP is accessible across various browsers thanks to available polyfills and extensions.
The project actively encourages community participation through contributions and pull requests, reflecting its dedication to fostering an "agentic web." Key elements of this repository include:
- **WebMCP Explained & Try Out**: Provides guidance for understanding and experimenting with the protocol.
- **SDKs & Libraries**: Includes MCP-B, a comprehensive open-source ecosystem featuring polyfills and React hooks, alongside LeanMCP SDK which supports TypeScript and Python along with managed deployment capabilities.
- **Tools & Inspector Extensions**: Features tools like the Model Context Tool Inspector to enable inspection and execution of live context tools within Chrome Labs.
- **Demos and Samples**: Offers demonstrations across various frameworks such as React, Next.js, and Angular, illustrating diverse integration strategies.
- **Community Engagement**: Promotes sharing of demo projects on social media platforms using the hashtag #WebMCP.
Emphasizing open collaboration under a CC0-1.0 license, "Awesome WebMCP" invites contributions and creative displays to advance the potential of AI-enhanced web interactions. This dynamic collection is regularly updated, with its latest revision noted in March 2026.
Keywords: #phi4, AI agents, CC0-10, Chrome Canary, Code of Conduct, GitHub, JavaScript functions, LeanMCP, MCP-B, Model Context Tool Inspector, Python decorators, React hooks, SDKs, TypeScript, W3C standard, WebMCP, community, declarative HTML attributes, extensions, frameworks, open-source, polyfills, sidebar chat, tutorials
github.com a day ago
|
314.
HN
CPG – Generate Cilium network policies from dropped Hubble flows
The text introduces CPG, a CLI tool developed in Go by the author to streamline the creation of Cilium network policies from denied Hubble flows within environments utilizing Cilium's default-deny policy. This tool connects to the Hubble Relay and processes blocked traffic flows to automatically generate or update CiliumNetworkPolicy YAML files without redundancy. CPG supports a range of protocols, including TCP/UDP, ICMP, and CIDR blocks, facilitating network management by auto port-forwarding to hubble-relay with no additional configuration required beyond an active Cilium instance. It can be installed as a kubectl plugin through krew, although this is currently pending a pull request. The development was aided by Claude, and the author encourages feedback on alternative strategies for establishing default-deny policies. Additional information about the tool is available at its GitHub repository.
Keywords: #phi4, CIDR, CLI tool, CPG, Cilium, GitHub, Go, Hubble, Hubble Relay, ICMP, TCP/UDP, clusters, default-deny, denied flows, krew, kubectl plugin, network policies, policy merging, port-forwarding, service deployment
news.ycombinator.com a day ago
|
316.
HN
Dependency Tracking Is Hard
Tracking dependencies for `curl` and its library `libcurl`, which are both written in C, presents significant challenges due to their low-level characteristics and lack of association with any specific software ecosystem. Unlike components found within well-established ecosystems like npm or Python, `curl` cannot be described using Package URLs (PURLs), making it difficult for vulnerability reporting tools and dependency management systems to accurately account for these libraries. These challenges are compounded by the fact that `libcurl`, typically bundled with operating systems, is often overlooked since it is not managed by package managers. Consequently, software bill of materials (SBOM) generators frequently exclude `curl` or `libcurl`, focusing only on higher layers that utilize them without incorporating the libraries themselves. Despite `curl` being installed in approximately thirty billion instances worldwide, dependency tracking tools like GitHub typically misidentify its usage, often listing it as a dependency in only one repository erroneously. This underscores the broader difficulty of accurately assessing the presence and dependencies of `curl` across various software systems.
Keywords: #phi4, Binding, Build-time, C, CVE, Components, Dependency Tracking, Ecosystems, GitHub, Installations, Libraries, Operating Systems, PURLs, Package Managers, Repositories, SBOM, Software Systems, Source Code, Tarballs, curl, libcurl
daniel.haxx.se a day ago
|
317.
HN
Predbat Documentation
Predbat is a sophisticated tool integrated with the Home Assistant platform to predict home battery levels and optimize charging schedules. It supports an array of inverters such as GivEnergy, Solis, Solax, Sunsynk, Huawei, SolarEdge, Fox, Sofar, LuxPower, Solar Assistant, and Sigenergy Sigenstor, and is also known by the names Batpred or Batman. Its functionalities include predictive charts for battery levels, cost forecasts, UK-specific carbon footprint estimations, and energy rate tracking. Predbat enables users to tailor plans for various scenarios, including variations in solar production or increased household consumption, and facilitates the modeling of solar diverters along with scheduling car charging at optimal times. The tool provides insights into potential savings from photovoltaic (PV) and battery systems, allowing real-time adjustments based on actual versus predicted usage, with options to tune parameters and override plans temporarily if necessary. Support for Predbat is accessible through platforms like GitHub, Facebook Group, and a YouTube Channel. Additionally, users are offered referral codes for Octopus Energy and Axle Energy, promoting further energy solutions engagement.
Keywords: #phi4, Axle Energy, Batman, Batpred, Facebook Group, Fox, GitHub, GivEnergy, Home Assistant, Huawei, LuxPower, Octopus Energy, PV system, Predbat, Sigenergy Sigenstor, Sofar, Solar Assistant, SolarEdge, Solax, Solis, Sunsynk, UK, YouTube Channel, automatic charging, battery prediction, calibration chart, car charging, carbon footprint, cost savings, energy rates, iBoost, inverters, parameters, plan override Keywords: Predbat, real-time adjustments, referral code, solar diverters
springfall2008.github.io a day ago
|
336.
HN
Prevent duplicate webhook executions in n8n (template)
The n8n workflow presented addresses the challenge of preventing duplicate webhook executions, a common issue in systems utilizing at-least-once delivery protocols. The core feature of this template is an idempotency gate that checks whether a request has been processed within a 24-hour period, allowing initial requests while blocking subsequent retries to prevent adverse effects such as double charges or redundant email notifications.
To implement this workflow in n8n, users need to follow a few simple steps: download the workflow from a GitHub repository or use the direct JSON link provided; obtain an AARI API key required for idempotency checks; and configure their n8n credentials using Header Auth with the obtained API key. Additionally, users should replace a placeholder action within the workflow with their specific task, such as making a Stripe charge or sending an email.
The workflow's mechanism involves responding immediately to webhooks with a 200 OK status to break retry loops while employing the AARI gate to evaluate whether the event is unique by checking against stored data in Redis. This solution automatically manages common idempotency keys and offers a fallback key chain for more generic events, thus providing comprehensive deduplication across different executions.
This template distinguishes itself from n8n's native Remove Duplicates node, which only functions within single workflow executions, by storing keys externally to achieve cross-execution deduplication. It supports integration with various webhook providers such as Stripe, GitHub, Shopify, and WooCommerce, making it a versatile tool for managing duplicate webhook issues. Users who find this solution helpful are encouraged to contribute their support by starring the repository.
Keywords: #phi4, AARI API key, GitHub, Redis, Remove Duplicates node, Shopify, Stripe, WooCommerce, action runs, at-least-once delivery, blocked, deduplication, duplicate execution, event ID, gate node, header auth, idempotency, immediate response, n8n, retry loops, success, webhook, workflow template
github.com a day ago
https://n8n.io/workflows/13863 a day ago
|
338.
HN
Do developers have agency? A study of 66k GitHub projects (7.3TB)
The study examined over 66,000 GitHub projects to investigate software evolution trends by analyzing commit frequency and accumulated efforts across various project sizes. It found that larger projects with more than 3,134 commits exhibit deterministic patterns in their activity levels, which can be effectively modeled using simple linear or quadratic models without significant risk of overfitting, even when employing higher degree polynomials. A clear distinction was observed between highly active projects and the entire dataset, indicating different developmental dynamics for smaller versus larger systems.
Projects with over 700 commits showed strong adherence to predictable development patterns, evidenced by high median \(R^2\) values exceeding 0.96. In contrast, smaller projects displayed more varied trajectories. Statistical analysis using a Welch two-sample t-test confirmed significant differences between small and large project cohorts regarding accumulated commits and efforts, highlighting divergent software evolution dynamics.
The study also noted that longer development durations correlated with better fit quality for \(R^2\) values. Projects initiated before the widespread adoption of GitHub and Git showed anomalies which stabilized after 2010, likely due to easier access to these technologies. Both small and large project cohorts exhibited nearly linear or slightly decelerating commit frequency trends, though larger projects showed potential for accelerating development.
Quadratic coefficient analysis revealed differing distributions: lower values fit a log-logistic distribution while higher ones followed a power-law distribution, suggesting varying forces driving project trajectories across the median. Smaller projects with less than 700 commits displayed diverse developmental times and patterns, where short-term or experimental projects had fewer commit days compared to longer-term small projects that adhered more closely to predictable trends.
Overall, the study provides empirical evidence of distinct evolutionary dynamics between smaller and larger GitHub projects, highlighting the potential for using simple models in industrial applications despite the availability of more complex alternatives. It suggests further research into understanding variations in smaller project development patterns comprehensively.
Keywords: #phi4, GitHub, \(R^2\), commits, datasets, deterministic trends, development patterns, polynomials, project cohorts, projects, quadratic models, regression models, software evolution, statistical analysis
link.springer.com a day ago
|
341.
HN
Show HN: Sift – local hybrid search CLI in a single Rust binary
Sift is a Rust-built CLI tool for conducting rapid, consistent searches across codebases and documents locally, eliminating the need for background services. It features a comprehensive search pipeline that includes BM25/phrase/vector retrieval options, RRF fusion, and optional Qwen reranking, all of which can be individually adjusted to suit user preferences. To enhance efficiency, Sift employs an advanced caching mechanism based on Zig’s build system coupled with BLAKE3 for monitoring filesystem changes, alongside a content-addressable blob store that stores pre-extracted data to prevent redundant processing. Performance benchmarks demonstrate Sift's efficacy, showcasing 0.826 nDCG@10 at approximately 26ms p50 during vector searches and maintaining low latency of around 5ms in BM25 operations. It is available as a single executable on Mac, Windows, and Linux platforms, making it an ideal solution for developers seeking dependable local document retrieval without the need for additional infrastructure. More information can be accessed via its GitHub repository.
Keywords: #phi4, BLAKE3, BM25, CLI, GitHub, Linux, Mac, Rust, SciFact, Sift, Windows, agent, blob store, caching layer, codebases, developer, docs, hybrid search, infrastructure, local search, nDCG, vector retrieval, workflows
www.alexdk.com a day ago
|
342.
HN
Collecting AI Prompting Files in One Place
A new registry has been established to tackle the challenge of identifying effective AI configurations amidst GitHub's limited visibility features. This platform, hosted at dotprompt-seven.vercel.app, functions as a central hub for collecting, sharing, and discussing .md files related to AI workflows and setups. Users are encouraged to contribute their real-world configurations and experiences, facilitating a collaborative environment where insights into AI practices can be exchanged and refined. By creating this centralized resource, the platform aims to enhance visibility and accessibility of diverse AI setups, enabling more informed decisions and innovations in AI development.
Keywords: #phi4, AI Prompting, Collect, Configs, Contribute, Discuss, GitHub, MD files, Registry, Setups, Share, Stars, Technical Keywords, Workflow
news.ycombinator.com a day ago
|
356.
HN
Show HN: OxiGDAL – A pure Rust replacement for GDAL with zero C/C++ dependencies
OxiGDAL is a production-grade geospatial data abstraction library developed in Rust, aiming to serve as a modern alternative to the traditional GDAL by eliminating dependencies on C/C++/Fortran. Released by COOLJAPAN OU in version 0.1.0, it supports numerous geospatial formats such as GeoTIFF and GeoJSON, providing full coordinate reference system transformations via a pure Rust implementation of PROJ. The library leverages SIMD-accelerated algorithms to enhance performance and is compatible with various platforms including Python, Node.js, WebAssembly (WASM), iOS, and Android.
The project boasts an extensive codebase exceeding 500,000 lines across more than 68 workspace crates, emphasizing modularity for scalable development. It features cloud-native I/O, high concurrency safety, and efficient binary sizes suitable for WebAssembly, alongside enterprise-grade capabilities like encryption, distributed processing, and real-time streaming. OxiGDAL supports over 11 geospatial format drivers with advanced functionalities such as HTTP range reads and asynchronous I/O.
Addressing common challenges associated with GDAL—such as linking errors, large binaries, and concurrency bugs—OxiGDAL facilitates simpler deployment in cloud-native environments and embedded systems. Its cross-platform bindings and WASM compatibility ensure versatility across different use cases. The library encourages community feedback and contributions aligned with COOLJAPAN's coding practices.
For developers, OxiGDAL promises ease of integration through a streamlined setup process using `cargo add`, aligning with modern Rust ecosystem standards. Future development aims to expand projection support, introduce GPU capabilities, integrate machine learning, and enhance cloud-native services, positioning OxiGDAL as a robust solution for contemporary geospatial data processing needs.
Keywords: #phi4, COOLJAPAN, CRS transformations, Docker images, GDAL, GPU acceleration, GitHub, OGC services, OxiGDAL, Rust, SIMD, WASM, async I/O, cargo add, cloud-native I/O, contributing Keywords: OxiGDAL, cross-platform bindings, drivers, enterprise security, error handling, geospatial, high availability, library, multithreaded code, platform support, production-grade, roadmap, static binary, streaming & messaging, zero dependencies
github.com a day ago
|
357.
HN
Moonforge: A Yocto-Based Linux OS
Moonforge is an innovative open-source Linux distribution built upon Yocto and OpenEmbedded frameworks, crafted to provide a production-ready base for developing embedded and device operating systems. It prioritizes extensibility, flexibility, and maintainability, enabling developers to construct custom OS images utilizing established tools and methodologies. Key features of Moonforge include the streamlined development of immutable, maintainable, and updatable Linux systems via curated Yocto layers, a balanced approach between pre-built solutions and customization through modular layers managed by kas (a YAML-based configuration tool), and a clear separation of upstream and downstream components to facilitate product builds while maintaining control over system modifications. It integrates best practices in modern Linux environments with support for BitBake, CI/CD pipelines, diverse deployment mechanisms like systemd, RAUC, Mender, and various build environments. By managing the complexities of OS creation, such as integration, security, updates, and infrastructure, Moonforge enables developers to focus on application or device development. As an open-source initiative hosted on GitHub, it invites community contributions to enhance support across multiple hardware platforms and features.
Keywords: #phi4, BitBake, CI/CD pipelines, GitHub, Linux distribution, Mender, Moonforge, OpenEmbedded, RAUC, SBOM metadata, Yocto, community contributions, embedded systems, extensibility, flexibility, kas, maintainability, open-source project, security reports, systemd
www.igalia.com a day ago
|
358.
HN
Convert Any API Documentation into a CLI for AI Agents
PUG is a sophisticated tool that transforms API documentation into a Command Line Interface (CLI) for AI agents using Python and Go. It streamlines the process by constructing a structured "Bone Map" from unorganized API documents with a Language Learning Model (LLM), subsequently generating essential CLI components such as Go Cobra CLI, CLAUDE.md, SKILL.md, and MCP server configuration within a dedicated folder for each API. To utilize PUG, prerequisites include Python 3.10 or higher, an Anthropic API key set during initialization (`pug init`), and Playwright for scraping (automatically installed except on headless systems). Additionally, Go is required to generate the CLI binary.
Installation involves using a virtual environment, cloning the PUG repository, setting up the environment with Python's `venv`, and installing dependencies via `pip`. The main commands facilitate various stages of development: `pug init` configures the API key and project settings; `pug bone` creates or switches projects; `pug sniff` scrapes API documentation to Markdown format; `pug chew` generates a Bone Map from these docs using LLM, with an optional refinement step for manual edits. The command `pug bark` validates and produces the CLI along with related documents and configurations, while `pug run` executes the generated CLI. Outputs like CLAUDE.md can be integrated into AI tools, and MCP files are useful for MCP client integration.
The tool supports iterative development by allowing further edits post-CLI generation through repeated runs of `pug refine` and `pug chew --merge`. Users should note security best practices by not committing `.env` files to version control but using `.env.example` as a template, keeping sensitive keys local. The repository structure includes scripts like `main.py`, `sniffer.py`, templates, and directories for each bone (e.g., `brave-search/`) housing runtime data and generated outputs, all under the MIT license.
Keywords: #phi4, AI, API, Anthropic API, Anthropic API Key, Bark, Bone Map, CLAUDEmd, CLI, CLI Binary, Chew, GitHub, Gitignored, Go Cobra, LLM, MIT License, PUG, Playwright, Python, Refine, Run, SKILLmd, Security, Sniff, Virtual Environment, env, mcp-servercjs, mcpjson
github.com a day ago
|
362.
HN
Why software supply-chain review shouldn't be split across five tools
Rainy Updates is a comprehensive tool designed specifically for deterministic dependency management within Node.js monorepos and continuous integration (CI) environments. It offers a structured lifecycle that encompasses detection, summarization, decision-making, risk prediction, and application of updates to software dependencies. The tool boasts fast update detection capabilities and centralized review processes for identifying security and license risks associated with dependencies. Users can safely execute upgrades through configurable targets while benefiting from offline execution support, ensuring predictable CI runs. This feature set makes Rainy Updates particularly valuable for Node.js monorepo teams who require consistent and reliable CI artifacts, as well as engineers who wish to conduct local reviews of dependency risks or make strategic, informed upgrade decisions.
Rainy Updates can be installed via several methods: globally through Bun, npm, or pnpm; as a project dependency; through standalone binaries; or using npx. Its core commands facilitate tasks like detection, security audits, health checks, CI automation, and monitoring. The tool supports policy configuration via a JSON file to manage upgrade behaviors and integrates with AI agents for in-depth dependency health inspections via a local MCP server.
Additionally, Rainy Updates enhances repository transparency by allowing users to add live dependency health badges through GitHub Actions, which can be displayed directly in the README files. This feature provides immediate visibility into the current status of dependencies, helping teams maintain oversight of their software's integrity and security posture. Licensed under MIT, Rainy Updates stands as a robust solution for managing complex dependencies efficiently and effectively within modern development workflows.
Keywords: #phi4, AI, AI agents, Actions, CI/CD, CI/CD automation, CLI, CLI tool, GitHub, GitHub Actions, MCP, MCP server, Node monorepos, advisories, agents, artifacts, automation, badge, dependency, dependency review, deterministic, deterministic artifacts, health, health badge, monorepos, operator, policy, policy rules, review, risks, rules, security, security advisories, server, supply-chain, supply-chain risks Keywords: Node, tool, upgrade, upgrade operator
github.com a day ago
|
370.
HN
Show HN: Manual code review and feedback loop for agents
The post introduces "plannotator," an open-source tool available on GitHub designed for facilitating manual code review and establishing feedback loops. However, users are currently unable to access its features because JavaScript is disabled in their browsers. The solution offered involves enabling JavaScript or switching to a browser that supports it to effectively use the platform. For further assistance, users can refer to the Help Center. This guidance ensures potential users can overcome technical barriers to fully utilize "plannotator."
Keywords: #phi4, Agents, Backnotprop, Browser, Feedback loop, GitHub, Help Center, JavaScript, Manual code review, OSS, Plannotator, Plannotator ``` Keywords: Show HN, Show HN, Supported browsers, xcom
twitter.com a day ago
|
376.
HN
Superpowers 5
"Superpowers 5" is an enhanced version of a tool aimed at improving coding workflows through automated planning and implementation, featuring several new functionalities designed to streamline user interaction with code design processes. The updated tool introduces "Visual Brainstorming," which replaces ASCII art with web-based visuals like mockups, diagrams, and comparisons, thereby facilitating more effective communication of complex ideas in a browser environment. A significant workflow enhancement, the "Spec Review Loop," involves an adversarial review process by subagents to ensure the accuracy and completeness of planning documents, particularly addressing "TBD" sections.
The tool now emphasizes "Subagent Driven Development," a preferred method over older strategies due to its superior capability in executing plans via multiple subagents for efficient task delegation. It incorporates software engineering principles such as unit decomposition, promoting single-responsibility and manageable file sizes throughout the planning process, alongside interactive breakdowns of tasks for large-scale projects.
Additionally, updates include new guidelines for documentation and instruction management, favoring a specific directory structure for specs and plans and prioritizing user-provided instructions over internal ones to adjust custom behavior. The integration with Codex subagents is accompanied by strategies to manage recursive task delegation effectively among them.
Moreover, there's a deprecation notice for older slash commands in favor of an evolving skills system, indicating future plans for their removal. Users of compatible tools like Claude Code or Cursor are encouraged to update automatically or manually as needed.
Keywords: #phi4, ASCII Art, Codex, Diagrams, Documentation Location, GitHub, HTML, Interface-Driven Design, Local Instructions, Mockups, React Todo List, Slash Commands, Software Engineering, Subagent Development, Superpowers, UX Design, Unit Decomposition, Visual Brainstorming, Web Browser
blog.fsck.com a day ago
|
377.
HN
Show HN: Git Trophy – 3D print your GitHub contribution graph
Luka, the founder of Git Trophy, has developed a novel project enabling users to 3D print their GitHub contribution graphs as artistic trophies. This idea was inspired by the GitHub Skyline website and arose from challenges such as high costs and difficulties associated with existing print-on-demand services. Although recently launched and in its early stages—with only one customer so far—a friend of Luka, Git Trophy is seeking feedback to improve its offerings. Users interested in creating their own 3D prints can utilize the `gh-skyline` extension for GitHub CLI to generate an STL file. This file can then be customized using software like Bambu Studio, allowing users to differentiate colors across various elements of the graph.
Keywords: #phi4, 3D printing, Art, Bambu Studio, CLI, Git Trophy, GitHub, GitHub art Keywords: Git, Github CLI, Luka, STL file, Trophy, contribution graph, feedback, physical product, print-on-demand, slicer program
git-trophy.com a day ago
|
380.
HN
Xygeni/xygeni-action GitHub Action is compromised – poisoned tag is still live
On March 3, 2026, the Xygeni GitHub Action was compromised when an attacker exploited poisoned tags to inject a command-and-control reverse shell into the software under the guise of "scanner version telemetry." This attack involved unauthorized access to maintainer accounts and a GitHub App token, allowing three pull requests—none of which were merged—to be closed after introducing malicious code. The vulnerability was exacerbated by the redirection of the v5 tag to point to this backdoored commit, affecting over 137 repositories that used it. The implant allowed for arbitrary command execution and data collection for up to three minutes without detection.
The attack stemmed from compromised credentials within Xygeni's organization rather than an external breach, as evidenced by simultaneous activity across multiple maintainer accounts and a GitHub App in a short timeframe, likely due to credential theft or phishing attacks. Despite efforts to mitigate the damage through the release of a secured version (v6.4.0) with checksum verification, the original v5 tag remained uncorrected, continuing to pose risks.
To defend against such supply chain threats, best practices include pinning actions to immutable full commit SHAs instead of mutable tags, using maintained versions of GitHub Actions, monitoring network activity from CI runners, and employing policies like StepSecurity's Compromised Actions Policy. Regular audits of third-party action source codes are also recommended. The incident underlines the risks associated with relying on mutable tags in workflows.
Indicators of this specific compromise include a particular C2 server endpoint and authentication header used by the malicious implant. Addressing this threat requires immediate actions, such as pinning to secure commit versions, to prevent further exploitation.
Keywords: #phi4, C2 Reverse Shell, Commit SHA Pinning, Compromise, Credential Compromise, GitHub Action, Harden-Runner, Indicators of Compromise, Maintained Actions, Mutable Tags, Network Egress Monitoring, Orchestrate Security, Poisoned Tag, Supply Chain Attack
www.stepsecurity.io a day ago
|
385.
HN
Show HN: Lineark, CLI for Linear, hits 2.0
Lineark 2.0 is an unofficial command-line interface and Rust Software Development Kit designed to efficiently interact with Linear, a project management tool, reducing token consumption significantly compared to the official Linear MCP server. It offers extensive functionality allowing users to manage various aspects of Linear projects directly from the terminal, including tasks, areas, issues, comments, relations, labels, projects, milestones, cycles, documents, teams, users, and file embeds. The interface provides both human-readable outputs and JSON format options, making it versatile for different use cases.
Installation can be accomplished via a `curl` script or by using Cargo with the command `cargo install lineark`, with an easy update option available through `lineark self update`. Authentication requires generating a Linear Personal API key and saving it in a specific file, allowing multiple workspace profiles if needed. Usage examples include identity checks, listing issues assigned to a particular team, and searching or modifying specific tasks.
Lineark can be integrated into AI agents by adding minimal context file lines for dynamic command discovery at runtime, bypassing the need for predefined tool schemas. Its SDK facilitates integration into Rust projects through its custom data structures that ensure zero overfetching using GraphQL queries. The architecture comprises four key crates: lineark-codegen for generating typed Rust code from Linear's GraphQL schema, lineark-sdk for core functionalities including client and authentication operations, lineark-derive for enabling lean data structure creation with minimal data retrieval, and the CLI itself which leverages these SDK capabilities without directly handling raw GraphQL. Licensed under MIT, Lineark offers robust, efficient management tools tailored for developers working with Linear.
Keywords: #phi4, API key, CLI, GitHub, GraphQL, JSON, Linear, MIT License, Rust SDK, SDK integration, architecture, authentication, command reference, commands, installation, issue tracking, overfetching, pagination, project management, tokens, tool schemas, workspace profiles
github.com a day ago
|
392.
HN
Ask HN: Is GitHub getting less reliable, or is it just me?
Over the past two to three months, a user has raised concerns about GitHub's reliability due to consistent issues impacting their productivity. The primary problems include frequent rate limiting and instability of GitHub Copilot, as well as major outages that disrupt services. Additionally, there are ongoing difficulties with tunnels and Codespaces, further complicating the use of GitHub for development tasks. These challenges have become significant enough for the user to seek feedback from others to determine if this experience is shared widely, suggesting a broader concern regarding GitHub's performance during this period.
Keywords: #phi4, Codespaces, Copilot instability, GitHub, daily basis, major outages, persistent problems, productivity concern, rate limiting, recurring issues, reliability issues, technical keywords, tunnels
news.ycombinator.com a day ago
https://telliott.me/posts/is-github-getting-less-reliab a day ago
|
403.
HN
Show HN: A tool that automatically installs Python and common dev libraries
The "pirate-essentials" tool is an open-source initiative designed by a developer to streamline the installation of Python and popular development libraries. Its primary goal is to simplify developers' setup processes, obviating the need for repetitive manual configurations. By automating these installations, the tool enhances efficiency and saves time for users involved in various programming projects. The project encourages community engagement, inviting individuals to explore its functionalities, conduct testing, and provide constructive feedback. This collaborative approach aims to refine the tool further, ensuring it meets the diverse needs of developers. "pirate-essentials" can be accessed through its GitHub repository at [ALEXPAN-DEV/pirate-essentials](https://github.com/ALEXPAN-DEV/pirate-essentials), where users are welcomed to participate in its ongoing development and improvement process.
Keywords: #phi4, Commonly Used, Dev, Feedback, GitHub, Install, Libraries, Open-source, Project, Python, Setup, Test, Tool
news.ycombinator.com a day ago
|
404.
HN
Skill to slim down your bloated AGENTS.md file
Agent Slimmer is designed to optimize AGENTS.md files for AI coding agents by eliminating unnecessary content, thereby enhancing performance. Research shows that overly detailed context files can increase cognitive load and reduce task success rates. This tool assists users in refining their documentation by removing redundant or non-essential information such as easily inferred codebase descriptions, duplicated repository documentation, generic best practices, and vague guidance. It ensures the retention of critical elements like specific tool requirements, behavioral constraints, and essential project knowledge not available elsewhere. The optimization process involves cataloging the repository's content, classifying it based on set criteria, and producing a streamlined version accompanied by an explanatory changelog. Agent Slimmer is built on research indicating that focused context files enhance efficiency while overly comprehensive ones impair accuracy. It operates under the MIT License, has no dependencies, and functions exclusively through markdown files.
Keywords: #phi4, AI coding agent, Agent Slimmer, GitHub, MIT License, behavioral constraints, changelog, codebase descriptions, cognitive load, context file, inference cost, optimization, research basis, skill file, task success rates, tool requirements
mheadd.github.io a day ago
|
417.
HN
Things I've Done with AI
In "Things I've Done with AI," the author traces their evolution from a middle school programmer to an experienced engineer at AWS, illustrating how programming has shaped both their passion and career. Initially hesitant about integrating AI into coding due to concerns over maintaining code quality, they were wary of tools like GitHub Copilot and Claude Code. However, the realization that the primary goal in professional work is delivering functional solutions—rather than adhering strictly to traditional code aesthetics—prompted a shift in perspective.
Embracing AI from October 2025 onwards, the author has been able to rapidly develop numerous projects by crafting prompts and reviewing outputs from large language models (LLMs). This technological adoption has facilitated quicker implementation of new features, design documentation, bespoke tools, and task automation at their workplace. Despite these advancements in professional settings, personal projects have faced challenges, particularly in testing and ensuring the accuracy of LLM-generated documentation.
Ultimately, AI has significantly enhanced productivity for programmers who prioritize problem-solving over coding minutiae. The author acknowledges that while challenges remain concerning testing, developer experience, and industry adaptation to these tools, they are optimistic about their potential benefits. They express hope that these technologies will complement rather than render human skills obsolete prematurely.
Keywords: #phi4, AI, AWS, Claude Code, Cursor, GitHib Copilot, GitHub, Haskell, IDE, Java, JavaScript, LLMs, architecture, automation, business value, career, code quality, design patterns, developer experience, documentation, engineering, hobby, maintainability, problem-solving, programming, projects, software development, static analysis, testing, tools, type systems, velocity
sjer.red 2 days ago
https://www.stavros.io/posts/i-made-a-voice-note-taker& a day ago
https://github.com/skorokithakis/stavrobot a day ago
https://github.com/skorokithakis/macropad a day ago
https://github.com/skorokithakis/sleight-of-hand a day ago
https://pine.town a day ago
https://encyclopedai.stavros.io a day ago
https://justone.stavros.io a day ago
https://www.themakery.cc a day ago
https://theboard.stavros.io a day ago
https://github.com/skorokithakis/dracula a day ago
https://github.com/skorokithakis/support-email-bot a day ago
https://animated-puzzles.specr.net a day ago
https://lend-me-your-ears.specr.net a day ago
https://shahkur.specr.net a day ago
https://common-thread.specr.net a day ago
https://slide-puzzles.specr.net a day ago
https://github.com/scpedicini/glyph-shift a day ago
https://www.wickeditor.com/ a day ago
https://en.wikipedia.org/wiki/Corpus_Clock a day ago
|
420.
HN
AluminatiAI – per-job GPU cost tracking (Nvidia-smi shows watts, not dollars)
AluminatiAI addresses the challenge of effectively tracking GPU costs per job within clusters like NVIDIA's H100 by providing detailed insights that traditional methods lack. Unlike `nvidia-smi`, which only supplies wattage data, and cloud billing systems that offer monthly totals, AluminatiAI utilizes a lightweight Python agent to sample power draw every five seconds. This data is then streamed to a dashboard created with Next.js and Supabase, where it's converted from watts into dollar amounts for each job, GPU, and day. The tool supports various NVIDIA GPUs such as A100, H100, RTX 3090/4090, and even Google Colab environments. Its installation is straightforward, requiring only a `pip install` command and one environment variable, with the entire process taking under two minutes. As the cost of using H100 GPUs rises, AluminatiAI proves invaluable for teams aiming to identify expensive runs in large-scale model training, thereby aiding in effective budget management. The project is open-source, available on GitHub, and additional information can be found on its website; users are encouraged to inquire about its sampling methodology or conversion logic.
Keywords: #phi4, A100, AluminatiAI, GPU cost tracking, GitHub, Google Colab, H100 clusters, Nextjs, Nvidia-smi, Python agent, RTX 3090/4090, Supabase dashboard, dollars, open source, pip install, pynvml, training runs, watt-to-dollar conversion, watts, website
news.ycombinator.com 2 days ago
|
422.
HN
Andrew Ng Just Dropped Context Hub – GitHub for AI Agent Knowledg
Context Hub, introduced by Andrew Ng, serves as an innovative tool designed to augment AI coding agents through access to curated, versioned documentation in markdown format. This addresses common challenges such as API hallucinations and session-based forgetfulness by providing precise and up-to-date documents that the agents can refer to. Users can install Context Hub via npm and leverage its CLI capabilities to search for and fetch language-specific documentation.
The tool functions through a self-improving loop, enabling AI agents to not only access but also annotate documentation, with these annotations preserved across sessions. This persistence allows agents to enhance their performance by learning from previous interactions. Furthermore, a feedback system is in place where users can rate documents through upvotes or downvotes, aiding authors in refining content based on actual usage.
Context Hub optimizes efficiency by supporting the incremental fetching of specific document segments. Contributions are welcomed from both API providers and community members, who are encouraged to submit documentation in markdown format with YAML frontmatter. The tool is governed under the MIT license, fostering open collaboration aimed at improving documentation quality for coding agents.
Keywords: #phi4, AI Agent, API Documentation, Annotations, CLI Commands, Coding Agents, Context Hub, Feedback, Language-Specific, Markdown, Self-Improving Agents, Versioned Docs, npm
github.com 2 days ago
|
431.
HN
Autopsy – Open-source CLI that diagnoses production incidents in 30 seconds
Autopsy is an open-source command-line interface tool designed to expedite the diagnosis of production incidents by delivering root cause analysis within approximately 30 seconds—a significant improvement over traditional methods that can take minutes. Leveraging AI technology, Autopsy effectively correlates logs with deployments without requiring any configuration or vendor lock-in, making it a versatile solution for various environments. Licensed under the MIT License, its streamlined installation process via pip adds to its appeal. Its ability to identify actual causes rather than just symptoms of issues has made Autopsy particularly popular among Site Reliability Engineers at over 50 startups, underscoring its efficiency and practical utility in real-world scenarios. For those interested in exploring further details about the tool, information is readily available on GitHub.
Keywords: #phi4, 502 Bad Gateway, AI, Autopsy, CLI, ConnectionTimeout, ERROR, GitHub, MIT License, Open Source, SREs, deploys, diagnose, grep, incidents, logs, pip install, root cause, runtime error, vendor lock-in, zero config, zero config Keywords: Autopsy
zaappy.github.io 2 days ago
|
436.
HN
Show HN: FeralDeps, local dependency and vulnerability scanner for Java projects
FeralDeps is an open-source tool designed to scan Java projects for outdated dependencies and known vulnerabilities. It specifically targets Gradle/Maven projects, identifying potential security risks by generating detailed HTML reports that include CVSS severity scores. The tool features a simple graphical user interface (GUI) that facilitates its use, while prioritizing local processing of scans to safeguard user privacy. Although it operates predominantly offline, FeralDeps has the option to connect with external APIs such as OSS Index or GitHub for enhanced vulnerability data when necessary.
Users can obtain FeralDeps either by downloading a prebuilt JAR file or by building it from source using Java (JDK 11+) and Maven. Among its main features are first-level dependency scanning, along with the capability to produce reports in HTML or CSV formats. Additionally, users can configure API credentials within the tool to improve CVSS scoring accuracy.
Looking ahead, FeralDeps aims to broaden its scope by supporting other programming ecosystems like Python and JavaScript, enhancing offline functionality, and integrating with continuous integration (CI) systems for more seamless operations. The project places a strong emphasis on user privacy, ensuring that no project data or metadata is transmitted externally unless required through rate-limited API calls. FeralDeps is maintained collaboratively by Conor-20105865 and the PardixLabs team, who actively seek community feedback to inform future enhancements and developments.
Keywords: #phi4, API credentials, CI integration, CVSS scores, Code of Conduct, FeralDeps, GitHub, Gradle, HTML reports, Java, JavaScript, Maven, OSS Index, Python, code signing, contributing, dependency scanner, local scanning, offline mode, privacy policy, transitive dependencies, vulnerability scanner
github.com 2 days ago
|
439.
HN
NaviServer, a versatile multiprotocol (HTTP(S), etc.) server written in C/Tcl
NaviServer is a multiprotocol server that supports protocols like HTTP(S) and is developed in C/Tcl to facilitate easy extensions using both languages. As free and open-source software, it benefits from community maintenance with availability on SourceForge and GitHub. The server features cross-platform compatibility, supporting FreeBSD, Linux, Solaris, macOS 10.2+, and Windows, and adheres to a versioning system denoted by MAJOR.MINOR.PATCH, where feature changes are reserved for MINOR or MAJOR releases.
For installation, NaviServer necessitates Tcl 8.5 (or higher for versions >=5) with threading enabled, GNU Make, and specific tools like Msys + Mingw or MSVC on Windows. It also supports cross-compilation for Windows using gcc/mingw. Documentation is accessible in Unix nroff and HTML formats online via SourceForge, along with installation scripts offering various configurations for Unix platforms.
Users can enhance NaviServer's functionality by installing additional modules from SourceForge tarballs or directly through GitHub repositories. An optional component called NSF/XOTcl adds features like cryptographic capabilities, recommended for enhanced performance. Community engagement is fostered through mailing lists on SourceForge, where users can discuss questions, configurations, and the development trajectory of NaviServer. The project encourages community involvement through its open-source framework while providing extensive documentation and support across online platforms.
Keywords: #phi4, C/Tcl, FreeBSD, GNU Make, GitHub, HTTP(S), Linux, NSF/XOTcl, NaviServer, Solaris, SourceForge, Tcl, Windows, compiling, configuration, cross-compiling, documentation, installation, macOS, mailing lists, modules, multiprotocol, open source, server, versioning
github.com 2 days ago
|
447.
HN
Show HN: Marque – MCP/CLI server for persistent agent design identity
Parth, a high school senior, created "Marque," an innovative MCP/CLI server aimed at addressing the challenge of non-persistent identity in AI-crafted coding designs. Traditional AI design tools often produce generic outputs featuring commonly used elements like rounded corners and blue buttons due to their inability to retain context or user-specific preferences across projects. Marque uniquely operates on an infrastructure level, eschewing repeated prompts to better preserve project-specific aesthetics.
The tool provides several key features: it offers "stamping" and "synthesizing," which transforms a design into actionable guidelines, ensuring that the resulting output aligns with intended stylistic elements; it sets up AI agents like Claude Code and Copilot to incorporate design contexts prior to code generation through its MCP setup; it enables "blending" of multiple design references, allowing designers to merge favored features from different sources by assigning specific weights, thereby crafting unique designs. Additionally, Marque’s "improving" function ensures that outputs remain consistent with the initial design mark by making real-time corrections based on comparisons with a visual model.
The primary goal of Marque is to facilitate the creation of "vibe-coded" products, which balance aesthetic appeal with rapid development speed. The tool is available as open-source software via its GitHub repository, and Parth has provided a demo for those interested in exploring it further. Parth actively seeks feedback on this solution designed to maintain individuality and specificity in AI-generated designs, fostering more personalized and contextually aware design outputs.
Keywords: #phi4, AI coding agents, GitHub, JSX blueprints, MCP/CLI server, Marque, UI, actionable mark, anti-defaults, concept philosophy, corrections file, creative tension, design identity, element level violations, feedback, get_design_context_for, marque blend, marque-cli, named design identity, npm install, open source, persistent agent, vibe-coded products, vision model
marque-web.vercel.app 2 days ago
https://agilevibecoding.org a day ago
|
450.
HN
Deepfakes for Code and the Asymmetric Internet
The article examines "RuView," a GitHub repository that falsely claims to convert WiFi signals into real-time human pose estimation, revealing it as inoperative code similar to a deepfake. This example illustrates how AI can generate convincing yet useless content inexpensively, contributing to noise on the internet and imposing verification costs on users. The issue is part of a broader trend where AI simultaneously generates information overload and facilitates signal extraction at scale, benefiting those with resources to employ advanced technology. For instance, Meta has successfully used AI to extract valuable data despite tighter tracking restrictions, driving significant revenue growth. This creates an asymmetrical digital landscape: well-resourced entities thrive by effectively filtering information, while smaller players struggle with verification burdens, potentially undermining the openness and fairness of the online environment.
Keywords: #phi4, AI-generated, Ad Targeting, App Tracking Transparency, Asymmetric Internet, Code, Compute, Deepfakes, Financial Markets, GitHub, Meta, Noise, Open Internet, Open Internet Keywords: Deepfakes, Pose Estimation, Python, RuView, Rust, Signal Extraction, Tech Companies, Verification, WiFi Signals
matthiasplappert.com 2 days ago
|
485.
HN
Show HN: Local Code Mode: Save 65-99% Context for MCP
Local Code Mode is an innovative tool designed specifically for Message-Contract Protocol (MCP) servers, aiming to drastically reduce the context load by up to 99%. Unlike traditional MCP tools that rely on wrapping CRUD JSON APIs—often resulting in significant data being added to the context—this approach utilizes AI to create small scripts. These scripts are executed within a local sandboxed environment using raw data sourced from well-known APIs like SCIM, Kubernetes, and AWS. By executing these compact scripts locally, only minimal output is introduced into the context, significantly minimizing unnecessary data load. Drawing inspiration from Cloudflare's Code Mode but tailored for local use to enhance isolation and security, Local Code Mode improves efficiency in MCP tool design by eliminating external dependencies. Users can easily incorporate this feature into their MCP server projects with a straightforward prompt, achieving substantial reductions in context consumption.
Keywords: #phi4, AI agent, AWS, CRUD JSON APIs, Cloudflare's Code Mode, GitHub, Kubernetes, LLM, Local Code Mode, MCP, SCIM, Slack, Stripe, context window, extraction script, isolated runtime, raw data, sandboxed runtime, script execution, server project, well-known APIs
gist.github.com 2 days ago
|
490.
HN
Show HN: Llmpm – NPM for LLMs
Llmpm is a command-line interface tool designed to streamline the process of installing, running, and sharing AI models with ease comparable to using Node Package Manager (npm) packages. It facilitates interaction with open-source Large Language Models (LLMs), allowing users to install specific models through commands like `llmpm install llama3` and execute them using `llmpm run llama3`. This tool also supports the packaging of these models alongside projects, ensuring that they can be easily replicated by others. Llmpm's functionality includes auto-detection of model types, enabling it to automatically initiate appropriate backends for various applications such as text, image, or audio processing. Users can find more information and access resources at the website [https://llmpm.co](https://llmpm.co) or explore its development on GitHub at [https://github.com/llmpm/llmpm-dev](https://github.com/llmpm/llmpm-dev).
Keywords: #phi4, CLI tool, GitHub, LLMs, Llmpm, NPM, Show HN, audio, backend, image, installable, models, open-source, packages, text, website
www.llmpm.co 2 days ago
https://llmpm.co/rankings 2 days ago
|
492.
HN
eBay – What's Ending Soon?
The blog post introduces a custom micro website called "eBay - What's Ending Soon?" developed to assist users in identifying eBay items nearing their end time, potentially listed below market value. This tool addresses challenges within eBay’s interface that directs searches into specific subcategories and restricts visible results per page. The micro website offers an unfiltered feed of upcoming auctions or "Buy It Now" listings without these constraints, facilitating the discovery of deals in broad categories such as “Computers, Tablets & Network Hardware.” Enhanced search functionality is provided by highlighting items with no bids and displaying total prices inclusive of shipping, helping users avoid pitfalls like low initial prices with high shipping fees. The developer's experience reveals that this tool has already uncovered several underpriced deals. While the eBay API used is user-friendly, it limits hobbyists to 5,000 requests daily, indicating a need for higher request limits in production settings. Additional technical details and code are available on GitHub, with guidance on using the eBay API provided in the repository's readme file.
Keywords: #phi4, API, GitHub, auction items, bargain, bids, categories, deals, desktop server, eBay, gallery view, micro website, production traffic, raw results, requests, subcategories, total price
falkus.co 2 days ago
|
493.
HN
Show HN: Robotics runtime in the browser (flight controller, WebAssembly)
The demonstration features a browser-based robotics runtime using WebAssembly that integrates a flight controller with a world simulator. This system is built on copper-rs, an open-source Rust framework designed for deterministic robotic tasks, supporting various platforms from microcontrollers like STM32H7 to desktop operating systems such as Linux, macOS, and Windows. The simulation component leverages Bevy, while the monitoring interface employs ratatui within a browser environment typically used in terminals. Users can access more information or contribute via GitHub. Interaction with the flight simulator is achieved through specific commands: pressing Space arms it, increasing throttle initiates takeoff, W A S D keys control movement, and Q/E adjusts yaw.
Keywords: #phi4, Bevy, Copper project, GitHub, Linux, Robotics, Rust, STM32H7, Sim Controls, W A S D, WebAssembly, Windows, arm, browser, copper-rs, demo, desktop OS, deterministic workloads, drones, flight controller, macOS, microcontrollers, monitoring interface, ratatui, runtime, simulator, throttle, yaw
cdn.copper-robotics.com 2 days ago
https://cdn.copper-robotics.com/demo/balancebot/in 2 days ago
|
504.
HN
Show HN: Nox – A tree-walking interpreted language written in pure Python
Nox is an interpreted programming language developed in pure Python, focused on being lightweight and extensible with its tree-walking architecture. It includes its own lexer, parser, abstract syntax tree (AST), and interpreter, purposely avoiding the use of `eval` or `exec`. The design ensures no external dependencies beyond standard Python, simplifying installation and integration. A significant feature is its Foreign Function Interface (FFI) for C/C++, allowing native system-level interactions. Nox enhances developer experience through built-in package management, support for asynchronous programming with async/await, and the ability to compile programs into standalone executables independent of a Python environment.
For web development, Nox integrates frameworks like NoxWeb and NoxGram, facilitating website creation and Telegram bot development respectively. It supports various programming constructs such as classes, traits, structs, control flow mechanisms, error handling, asynchronous operations, and offers a comprehensive standard library. This library encompasses modules for mathematical functions, string manipulation, file I/O, HTTP requests, subprocess management, JSON processing, and C/C++ FFI among others.
Nox also allows package installations directly from GitHub, supports folder execution, and can compile code into standalone binaries. The project's structure includes the source code located in `nox/`, along with documentation, libraries, requirements, a setup script, and a license file. Designed to provide clean architecture while maintaining minimalism and power, Nox is apt for scripting and web tasks extending Python's capabilities. The creator invites feedback on its design and execution model, promoting an ongoing dialogue about the language’s development. Further information and contributions can be accessed through the [Nox GitHub repository](https://github.com/DevNexe/Nox).
Keywords: #phi4, AST, C/C++ integration, FFI, GitHub, Nox, Python, architecture, architecture Keywords: Nox, async/await, documentation, folder execution, interpreted, interpreted language, lexer, package manager, parser, scripting, scripting language, standalone executable, tree-walking, web framework
github.com 2 days ago
|
505.
HN
Why glibc is faster on some GitHub Actions Runners
The article investigates the impact of adding new benchmarks in GitHub Actions Runners on unrelated benchmarks' performance due to CPU and system-level complexities. The research conducted by CodSpeed reveals that variables such as CPU caching, threading, and compiler optimizations significantly affect benchmark results. Performance measurements using Callgrind demonstrated consistent individual runs on a single machine; however, variability was observed across different GitHub Actions jobs, attributed to disparities in CPU architecture and cache sizes among runners. Intel CPUs outperformed AMD ones due to larger caches and features like AVX-512.
A significant source of variance identified is GLIBC optimizations, which are specific to certain system/CPU architectures, leading to instability in benchmarks. The article proposes solutions such as employing dedicated Macro Runners for consistent environments or altering the Callgrind tool to standardize CPU feature detection across runs. It underscores the importance of recognizing environmental changes that can influence performance outcomes and recommends using CodSpeed's tools for more stable benchmarking.
The study emphasizes the complex relationship between system environments and benchmark accuracy, advising developers to consider these factors when evaluating code performance regressions. This understanding is crucial for ensuring reliable assessment of software performance across varied computing resources.
Keywords: #phi4, CPU features, Callgrind, CodSpeed, GLIBC_TUNABLES, GitHub Actions, Valgrind, benchmarks, cache sizes, environment stability, glibc, performance regressions, variance, virtual CPU
codspeed.io 2 days ago
|
507.
HN
Show HN: NovusNet, an encrypted C++ networking library for beginners
NovusNet is an encrypted C++ networking library designed to provide simplicity in establishing server-client connections with minimal coding effort, contrasting more complex solutions like Boost.Asio. Built with OpenSSL for security, it simplifies network project setups by handling boilerplate tasks and currently supports Linux systems, planning Windows support post-stabilization. Although still under early development and potentially buggy, NovusNet encourages issue reporting from users. The library's capabilities are demonstrated through the NovusChat example project, which offers straightforward code snippets for server and client applications accessible in its repository. Integration is facilitated by cloning the repo, including `nn.hpp` in projects, and linking against OpenSSL via CMake.
While encryption is implemented, NovusNet currently lacks access control features, prompting developers to consider custom implementations if needed. The library's primary aim is to alleviate the complexities of networking tasks, enabling both beginners and seasoned developers to focus on core product development without delving into intricate network communication setups from scratch.
Keywords: #phi4, BoostAsio, C++, CMakeListstxt, GitHub, Linux, NovusChat, NovusNet, OpenSSL, OpenSSL::Crypto, OpenSSL::SSL, Windows support, access control, beginners, bugs, client, code examples, communication, encryption, networking library, project setup, server, sockets
github.com 2 days ago
|
512.
HN
Show HN: AriaType – Privacy-first voice keyboard with AI polish (Beta, macOS)
AriaType is a beta voice keyboard specifically developed for macOS, emphasizing privacy through local processing without relying on cloud services after the initial model download. It enables users to input text via voice commands by running whisper-based transcription models locally, with optional AI features such as removing filler words and correcting grammar. The application seamlessly integrates across all applications by inserting text at the current cursor position. AriaType is committed to open-source transparency, ensuring no telemetry unless user consent is given. Available in Beta v0.1.0 for macOS on Apple Silicon, it is also being developed for Windows. The developer invites feedback from the Hacker News community regarding performance and accuracy trade-offs, as well as suggestions for new features, with additional information accessible through its GitHub page and website.
Keywords: #phi4, AI polish, AriaType, GitHub, beta version, hotkey activation, local processing, macOS, model sizes, offline, offline functionality Keywords: AriaType, on-device, on-device processing, open source, performance, performance accuracy, privacy-first, text injection, text reliability, voice keyboard, website, whisper-based, whisper-based models
ariatype.com 2 days ago
|
517.
HN
My Experiment with GitHub Sponsors
The author reflects on their recent engagement with GitHub Sponsors as both a contributor and benefactor to the open-source community, revealing insights from this personal journey. Historically reliant on open-source software, they only recently began contributing financially through monthly donations of $5 each to select projects after dismissing corporate sponsorship due to anticipated bureaucratic hurdles. The author notes GitHub's facilitation of sponsoring individual contributors via badges for first-time sponsors and encounters challenges such as minimum donation requirements set by some creators and banking restrictions that blocked multiple payments.
Additionally, the author observes a lack of diversity among sponsored creators within their network, noting a predominance of white males or organizations led by them. This observation highlights an underrepresentation of minorities in tech and prompts further unsuccessful attempts to find more diverse contributors. These experiences underscore both practical and social dimensions of engaging with open-source communities via platforms like GitHub Sponsors.
Keywords: #phi4, GitHub Sponsors, GitHub badge, PHP Foundation, budget cuts, bureaucracy, credit cards, diversity, donations, open-source software, pull requests, sponsorship tiers, underrepresented groups
chuniversiteit.nl 2 days ago
|
520.
HN
Show HN: TapMap – see where your computer connects on a world map
TapMap is a visualization tool designed to map computer network connections onto a world map. It operates by reading local socket connections and resolving IP addresses using MaxMind GeoLite2, displaying this information visually with Plotly. A key feature of TapMap is its commitment to privacy; it runs entirely on the user's machine without transmitting connection data to external servers. The tool is available as a Windows build, and those interested in exploring or modifying the software can access its source code via GitHub at [olalie/tapmap](https://github.com/olalie/tapmap).
Keywords: #phi4, GitHub, IP addresses, MaxMind GeoLite2, Plotly, TapMap, Windows build, computer connections, local socket connections, network data, runs locally, visualization tool, world map
news.ycombinator.com 2 days ago
|
526.
HN
Thr8 – GitHub Action that auto-generates PASTA threat models from your codebase
Thr8 is a GitHub Action that automates the creation of PASTA threat models by analyzing codebases, infrastructures, and dependencies. It leverages static analysis along with Claude AI to identify elements such as programming languages, frameworks, databases, authentication mechanisms, security controls, and API endpoints. The key features include automatic scanning of repositories and infrastructure configurations like Terraform and Docker Compose, employing PASTA's 7-stage threat modeling framework. Outputs are available in formats including Markdown with diagrams, JSON, HTML, and optionally PDF. Thr8 can also automatically remediate issues by generating GitHub Issues for findings and AI-powered pull requests to fix critical vulnerabilities.
The integration of Thr8 into CI/CD pipelines allows builds to potentially fail on detecting critical-risk findings, promoting immediate attention to security concerns. To deploy Thr8, a GitHub workflow needs to be established with the necessary permissions, an Anthropic API key, and optionally, a GitHub token for automated remediation. The process involves four stages: Discovery, Reasoning (utilizing Claude AI), Output generation, and optional Remediation. Reports produced cover all PASTA framework stages, providing insights into business objectives, technical scope, application decomposition, threat analysis, vulnerability analysis, attack modeling, and risk & impact assessment.
The action produces metrics on the total vulnerabilities discovered, including those with critical risks, along with generated reports and metrics related to created issues and pull requests. For automated remediation, specific flags in workflow configuration can enable issue creation and fix PRs, requiring a GitHub token for execution and appropriate repository settings. Thr8 supports an extensive range of tech stacks, enhancing its applicability across various environments. While the associated costs are minimal, primarily linked to Claude API calls, they may increase slightly if auto-fix functionality is enabled due to additional API usage per vulnerability addressed.
Keywords: #phi4, API Mapping, Attack Surfaces, Auto-generate, Automated Fixes, Business Objectives, CI/CD Integration, Codebase Analysis, Cost Estimation, Data Flow Visualization, Deduplication, Fix PRs, GitHub Action, GitHub Issues, HTML Report, Infrastructure Parsing, JSON Output, Kill Chains, MIT License Keywords: GitHub Action, Markdown Output, PASTA, PASTA Threat Model, PDF Generation, Remediation, Remediation Logic, Risk Analysis, Static Analysis, Tech Stack Detection, Threat Modeling, Vulnerability Identification
github.com 2 days ago
|
530.
HN
The AI economy needs an ass
The AI economy encompasses an array of specialized agents designed to perform distinct roles leveraging unique skills. These include the Smart Ass Code Reviewer who conducts rigorous code reviews to identify subtle bugs; the Lazy Ass Anti-Productivity Agent which automates tasks to enhance laziness; and the Wise Ass Teaching Assistant that demystifies complex subjects such as quantum physics using simple analogies. Additionally, there's the Bad Ass Confidence Coach aimed at boosting presentation skills through energy and empowerment techniques. The Fine Ass Financial Advisor makes budgeting more conversational and accessible, while the Hard Ass Ruthless Prioritizer helps streamline focus by eliminating non-essential tasks during feature triage processes. Moreover, the Salty Ass Design Critic delivers detailed critiques on user interfaces via heuristic evaluation, and the Bitch Ass Devil's Advocate serves to rigorously challenge plans by forecasting potential failures through pre-mortem analysis. These agents, each imbued with a distinct "soul," are accessible across platforms such as GitHub, Calendar, Docs, Slides, Plaid, or Notion, providing tailored solutions to specific needs within the AI-driven economy.
Keywords: #phi4, AI economy, GitHub, UI critique, automation, code review, design critic, financial advisor, pitch prep, pre-mortem analysis, productivity agent, quantum physics, scope creep
www.assstore.ai 2 days ago
|
538.
HN
Show HN: Let LLMs anonymously report tool quality back to MCP servers
The post introduces a new protocol designed for Large Language Models (LLMs) to anonymously report tool quality issues back to MCP server maintainers. This system empowers LLMs to independently analyze their sessions and provide structured, anonymized feedback on various aspects such as tool confusion, reliability problems, documentation gaps, and missing capabilities. The process requires zero user effort once users have opted in. Two key resources accompany this initiative: a link to a draft of the proposed protocol and a TypeScript prototype repository that includes ten tests demonstrating the functionality of the feature. The authors underscore their commitment to carefully reviewing all feedback received through this mechanism to enhance their tools' quality. Additionally, they express a desire for an email address to be included for further communication regarding the initiative.
Keywords: #phi4, GitHub, LLMs, MCP servers, SEP draft, Show HN, TypeScript prototype, client experience, documentation gaps, feedback, missing capabilities, opt-in, protocol-level mechanism, reliability issues, session analysis, tool confusion
github.com 2 days ago
|
541.
HN
Rapidhash Unity Port
Rapidhash is an efficient non-cryptographic hash function derived from xxHash, implemented concisely in over 500 lines of C code with various options and variants. The author has ported Rapidhash to C# for use in Unity/Burst environments, reducing it to approximately 100 lines of core code. This adaptation leverages Unity's Burst technology to optimize performance by using 128-bit multiply functions. The C#/Burst version provides an API akin to Unity.Collections.xxHash3 but returns 64-bit hash values and includes additional helper entry points for hashing structs and arrays.
Performance evaluations reveal that the Burst-compiled Rapidhash closely rivals the speed of its native C counterpart, especially with larger inputs, whereas XXH3 lags behind by 30-40% in comparison to its native version. Tests across different hardware platforms show Rapidhash achieving superior throughput compared to XXH3, notably on ARM64 architectures. For instance, on a Ryzen 5950X running Windows, Rapidhash attains speeds of up to 38GB/s, significantly surpassing both the native and C#/Burst versions of XXH3. Similarly, on an Apple M4 Max with macOS, it reaches speeds of up to 67GB/s compared to 50GB/s for native XXH3 and 30GB/s for its C#/Burst version.
The comprehensive implementation is available under the MIT license in a GitHub repository named UnitySmolRapidhash.
Keywords: #phi4, ARM64, Apple M4 Max, Burst, C code, C#, GitHub, MIT license, Rapidhash, Ryzen 5950X, SmolRapidhash3cs, Unity, XXH3, benchmark, hash functions, native implementation, performance, wyhash, xxHash
aras-p.info 2 days ago
|
542.
HN
T3 Code – TypeScript-based web and desktop GUI for "coding agents"
T3 Code is a TypeScript-based interface designed specifically for "coding agents," aiming to enhance the coding experience with integrated AI capabilities. The platform promises an optimal toolset for developers looking to leverage artificial intelligence in their workflows, positioning itself as a cutting-edge solution in coding environments. As of now, T3 Code is accessible on GitHub and invites users to explore its features through various channels including its official website, Discord community, or by downloading the software directly from T3 Tools Inc. The company behind it anticipates launching more developments by 2026, signaling ongoing evolution and potential advancements in AI-driven coding tools. This comprehensive package seeks to cater to developers eager to harness AI's power for more efficient and innovative coding practices.
Keywords: #phi4, AI, Discord, GitHub, T3 Code, T3 Tools Inc, TypeScript, coding agents, desktop GUI, download, technical keywords, web GUI
t3.codes 2 days ago
|
545.
HN
Show HN: Sinkhole – 30 free browser-based tools, no signup, MIT licensed
Sinkhole is a free, browser-based platform offering 30 versatile tools across various categories that do not require user sign-up or subscriptions. It provides alternatives to popular services like TinyPNG and iLovePDF by enabling users to perform tasks such as image compression, conversion, resizing, PDF merging and splitting, text formatting, video compressing, and webhook testing—all within the browser environment or through a lightweight API. Notably, all functionalities are MIT licensed, ensuring no user accounts, watermarks, or file retention, thereby emphasizing privacy and accessibility. Developed by BoringEuropeanDev, Sinkhole aims to reduce reliance on costly tools while providing fast, reliable utility without templates. The platform encourages feedback from users regarding additional features they would like to see. More information about Sinkhole can be found on its GitHub page.
Keywords: #phi4, API, Convertio, GitHub, MIT licensed, PDF, Sinkhole, SmallPDF, TinyPNG, browser-based, dev, feedback, free, iLovePDF, image, output files, text, tools, utilities, video, zero sign-up
www.sinkhole.app 2 days ago
|
549.
HN
Show HN: Needle – Search Reddit, Hacker News, GitHub and Forums in One Place
Needle is an innovative tool developed to facilitate seamless searching across multiple online platforms such as Reddit, Hacker News, GitHub, and various forums. It enables users to execute a singular search query that spans 12 different communities, effectively consolidating discussions into one comprehensive view. This capability assists users in identifying potential customers, discovering competitors, monitoring relevant keywords, and pinpointing emerging issues. Recently, Needle has enhanced its functionality by introducing a brand setup feature, which automatically creates pertinent searches based on the user's product information. The company encourages feedback from the Hacker News community to further refine and improve their services at useneedle.net.
Keywords: #phi4, GitHub, Hacker News, Needle, Reddit, brand, communities, competitors, customers, discussions, feedback, forums, keywords, problems, product, search
news.ycombinator.com 2 days ago
|
552.
HN
Show HN: AgentScan – Detect AI agent accounts on GitHub
AgentScan is a tool developed to assist open-source maintainers in identifying AI agent accounts on GitHub, which often contribute low-quality pull requests and comments that hinder project maintenance. The tool evaluates public GitHub activity for automation signals, such as specific timing patterns and commit frequency, to pinpoint these agents. Community members can flag potentially suspicious accounts through GitHub Issues by providing a username, reasoning, and evidence of their concerns. To ensure transparency and fairness, all flagged issues are made public, allowing any wrongful accusations to be openly contested. So far, four accounts have been flagged using this system. The goal is for increased community involvement to enhance the tool's effectiveness. While flagging aims for clarity and dispute resolution, users are encouraged to verify results contextually since the analysis is based on pattern recognition. The AgentScan repository is available on GitHub for further exploration and use.
Keywords: #phi4, AI agents, GitHub, PRs (pull requests), automation signals, comments, commit frequency, community members, flagging, maintainers, open source, pattern analysis, repository URL, timing patterns, transparency
agentscan.netlify.app 2 days ago
|
559.
HN
Show HN: Kairos, real-time AI who cross-verifies (Python, 100KB)
Joshua, a teenager from Kerala, India, developed Kairos, an AI tool designed to enhance the accuracy of live event reporting. Motivated by notable errors made by popular AIs like ChatGPT and Copilot during the T20 World Cup Final, where incorrect player names were confidently provided, Kairos employs a unique methodology that involves cross-verifying information from multiple sources before presenting it. The system's architecture consists of several innovative components: Pronoun Resolution using ChromaDB conversation history without API calls; Domain Classification into six categories; Query Expansion to transform one query into four targeted searches purely in Python; and Parallel Async Fetch with Timeouts for efficient data retrieval. It further incorporates Cross-Verification Scoring by evaluating results from independent sources before feeding them into the Gemini 2.5 language model, along with a Dynamic Thinking Budget that allocates computational resources based on task complexity, ranging up to 10,000 units. Additionally, it limits responses to 250 words or less.
Kairos' efficient design is supported by a lightweight codebase (~90KB), utilizing the Gemini 2.5 model and ChromaDB as a flash cache without incurring operational costs. During the T20 World Cup Final benchmark test, Kairos scored notably higher than other AI models, achieving 43/50 compared to Gemini's 40/50, Perplexity's 38/50, Copilot's 26/50, and ChatGPT's 19/50, due in part to its use of 15 live sources for cross-verification. The project is open-source, available on GitHub, with Joshua inviting technical inquiries for further engagement.
Keywords: #phi4, AI, ChatGPT, ChromaDB, Copilot, DuckDuckGo, GitHub, India, Joshua, Kairos, Kerala, NewsAPI, Python, RSS, T20 World Cup Final, async fetch, benchmark, cross-verification, domain classification, hallucination, live data, query expansion, real-time, scoring, sources Keywords: Kairos, thinking budget, verification pass
news.ycombinator.com 2 days ago
|
562.
HN
Ask HN: Seeking a Lobste.rs Invitation
The user is seeking an invitation to Lobste.rs via Hacker News, emphasizing their proficiency in developing systems from the ground up, particularly deterministic execution fabrics and MCP-native search capabilities. They point out that their GitHub repositories, such as the one found at https://github.com/eouzoe, serve as a more compelling demonstration of their technical skills than verbal explanations could provide. In expressing this request, they extend thanks for any consideration or assistance in securing an invitation to join Lobste.rs, underscoring both their qualifications and appreciation.
Keywords: #phi4, Declarative, Deterministic, Environments, Execution, Fabrics, GitHub, Invitation, Lobsters, MCP-native, Repositories, Search, Systems
news.ycombinator.com 2 days ago
|
563.
HN
Using AI Agents in Software Development 2026 [audio]
In an episode recorded at GitHub in early 2026, Brittany and Bethany delve into the impact of AI agents like Copilot and Claude Code on software development. They explore how these tools boost programmer productivity and transform engineering workflows through asynchronous and synchronous applications. The discussion covers practical implementations such as custom agents and repository instructions while envisioning future advancements including smarter calendar integrations and lore-dump assistants. Brittany and Bethany highlight the facilitation of feature building with AI, affecting both developer roles and product management. They also consider AI's role in supporting career growth and improving work-life balance. The episode forecasts a future where integrated automation tools enhance software development and overall daily productivity, reshaping industry practices.
Keywords: #phi4, AI Agents, Asynchronous Tooling, Automation, Bethany, Brittany, Calendar Integration, Claude Code, Coding Agents, Copilot, Engineering Workflows, GitHub, Pragmatic Summit, Programmer Productivity, Software Development, Synchronous Tooling, Vibe Coding, Zapier
overcommitted.dev 2 days ago
|
577.
HN
Show HN: TemplUI v1.7.0 – UI components for Go and templ, now with import mode
TemplUI v1.7.0 marks the release of a component library tailored for Go, templ, and Tailwind CSS, offering developers two distinct workflows to integrate components into their projects: CLI and Import. With the CLI workflow, users can copy components directly into their codebase, providing flexibility in how they manage their application structure. Alternatively, the Import workflow allows developers to incorporate TemplUI as a direct dependency from GitHub, streamlining setup processes for those who prefer package management systems. This update also brings back a dedicated quickstart repository to facilitate initial project setups and introduces automatic script handling for interactive components, simplifying development efforts. Additionally, the documentation has been refined for better accessibility and comprehension. Although still in beta, the Import workflow is highlighted as particularly sought-after by users. TemplUI emphasizes customization and modern design aesthetics, making it an attractive option for building contemporary Go applications. Developers are encouraged to provide feedback during its ongoing refinement phase. Comprehensive documentation can be accessed at templui.io/docs/introduction, while a quickstart repository is available on GitHub, with the project being open-source under the MIT license.
Keywords: #phi4, CLI, CLI workflow, GitHub, Go, MIT, MIT license, Tailwind CSS, beta, components, customization, documentation, import, import mode, interactive, interactive components, modern, modern applications Keywords: templUI, quickstart, templ, templUI
github.com 2 days ago
|
586.
HN
Show HN: FretBench – I tested 14 LLMs on reading guitar tabs. Most failed
FretBench is a specialized benchmark developed by jmcapra to evaluate Large Language Models (LLMs) on their ability to interpret guitar tablatures, comprising 182 cases across four tunings. It assesses models based on their skills in reading ASCII art, adhering to explicit rules, performing arithmetic, and maintaining temporal order within the tabs. In these tests, the open-weight Qwen models from Alibaba, particularly the Qwen 3.5 Plus, emerged as top performers with scores surpassing 77.5%, while many other models scored below 50%. The Gemini models underperformed against expectations, with some mid-tier or flagship models scoring near random chance.
The observed performance disparities among different models are hypothesized to be linked to how these models tokenize ASCII characters, affecting their capacity to process structured grid inputs like guitar tabs. This insight is significant for the development of benchmarks involving structured inputs and indicates an ongoing research effort to test additional models and investigate this tokenization hypothesis further. All related resources, including full results, benchmark data, and code, are openly available on GitHub.
The findings also highlight specific challenges faced by LLMs in handling tasks that require basic reasoning despite clear instructions and minimal context. While the top-performing models demonstrated proficiency, especially with non-standard tunings like Drop D, most models encountered significant difficulties, particularly with Half-Step Down tuning. This benchmark underscores the complexities involved in developing models capable of understanding structured inputs and performing related cognitive tasks effectively.
Keywords: #phi4, ASCII art, FretBench, GPT-54, GitHub, LLMs, OpenRouter, Qwen models, benchmark, guitar tabs, reasoning chain, structured input, tokenization, tuning
fretbench.tymo.ai 2 days ago
|
589.
HN
Kairos – real-time AI that cross-verifies news before answering (Python, 90KB)
Kairos, an innovative real-time AI developed by Joshua, a teenager from Kerala, India, addresses significant shortcomings in existing AI technologies like ChatGPT and Copilot, which often struggle to provide accurate information on live events due to their lack of access to real-time data. Kairos stands out through its unique verification process that enhances the accuracy of news-related responses. This process involves cross-referencing titles across multiple platforms such as RSS feeds, DuckDuckGo, and NewsAPI, and scoring each result based on the number of independent sources confirming it. Results are then ranked by confidence before being fed into the language model for response generation.
The architecture of Kairos is sophisticated, incorporating several advanced features to improve its functionality and reliability. It uses pronoun resolution via ChromaDB to clarify ambiguous references, classifies domains into six distinct categories to better understand content context, expands queries for thoroughness, executes parallel asynchronous fetching to optimize data retrieval speed, and employs a dynamic thinking budget to efficiently manage computational resources.
A critical constraint in Kairos' design is its 250-word output limit, which ensures concise responses. Importantly, this service operates without any cost, making it accessible. Demonstrating its effectiveness, Kairos performed exceptionally well during the T20 World Cup Final, accurately citing 15 live sources while other AIs struggled with inaccurate player name predictions. Reflecting a commitment to transparency and community contribution, the project has been made open-source on GitHub.
Keywords: #phi4, AI, ChatGPT, ChromaDB, Copilot, DuckDuckGo, Gemini 25 Flash, GitHub, Kairos, NewsAPI, Python, RSS, T20 World Cup Final, async fetch, benchmark, cross-verification scoring, domain classification, live events, news verification, query expansion
news.ycombinator.com 2 days ago
|
594.
HN
Show HN: Husky hook that blocks Git push until you do your pushups
The "Husky hook" is an innovative tool that integrates physical activity with software development workflows by preventing Git pushes until users complete a set number of push-ups. This mechanism ensures that every attempt to push changes to GitHub triggers an error message, which directs the user to perform the specified exercise. To proceed with the push, users must open the app and fulfill the required repetitions. Only after completing these actions will a token be cleared, allowing the push operation to continue. This tool creatively combines fitness with coding practices by enforcing physical activity as a prerequisite for code integration.
Keywords: #phi4, Git push, GitHub, Husky hook, Show HN, app, error, pushups, refs, repo, reps, token
git-push.app 2 days ago
|
597.
HN
Show HN: Word Clouds as an LLM Tool – MCP/REST API
The author developed a tool designed to enable language models (LLMs) to generate word clouds for specific topics. Recognizing the inherent limitations of LLMs in layout design, they created a browser-based layout engine integrated with a Go/Fiber server using @napi-rs/canvas technology. This integration results in an MCP server and REST API setup that facilitates seamless incorporation into any LLM tool. Users can access detailed instructions for utilizing this functionality at word-cloud.net/ai.html. Additionally, feedback is encouraged through the project's GitHub repository located at github.com/pilotso11/word-cloud-net.
Keywords: #phi4, @napi-rs/canvas, Browser, Feedback, GitHub, Go/Fiber server, Instructions, LLM Tool, Layout Engine, MCP/REST API, Online Maker, Word Clouds, WordCloud Generator
word-cloud.net 2 days ago
|
602.
HN
CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories (2025)
In this blog post, a critical security vulnerability in CodeRabbit's production system is highlighted, which allowed remote code execution (RCE) on its servers, granting unauthorized access to 1 million repositories, including private ones. The vulnerability stemmed from the insecure configuration of Rubocop, an external tool used by CodeRabbit that could be manipulated to execute arbitrary Ruby scripts and exfiltrate sensitive environment variables. This flaw enabled attackers to potentially access sensitive data such as API keys and database credentials stored in server environment variables. Additionally, they could gain write access to 1 million repositories, allowing them to clone private repositories, modify git history, alter GitHub releases, or exploit vulnerabilities in GitHub actions.
The author demonstrates a proof of concept using the PyGitHub library to show how an attacker might exploit these vulnerabilities maliciously. Despite having security checks that identified potential risks in pull requests, CodeRabbit's application still executed arbitrary code due to misconfigurations outside its sandbox environment. In response, CodeRabbit took swift action by disabling Rubocop, rotating compromised credentials, deploying a fix to run tools within a secure sandbox environment, and implementing stricter network access controls.
This incident underscores the importance of integrating robust security practices from the outset in AI-powered development tools to prevent large-scale supply chain attacks. The blog emphasizes that while innovation is crucial, embedding security into the development lifecycle is essential for building resilient products.
Keywords: #phi4, AI code review, API tokens, CodeRabbit, GitHub, RCE, Rubocop, environment variables, isolation mechanism, lateral movement, private repositories, responsible disclosure, sandboxing, security vulnerability
kudelskisecurity.com 2 days ago
|
604.
HN
Show HN: Run 500B+ Parameter LLMs Locally on a Mac Mini
OpenGraviton is an innovative open-source AI inference engine designed to facilitate the local execution of extremely large language models (LLMs) on consumer hardware, such as a Mac Mini. By employing advanced techniques like 1.58-bit ternary quantization, dynamic sparsity with Top-K pruning and Mixture of Experts routing, and memory-mapped layer streaming, OpenGraviton significantly compresses model sizes, enabling efficient handling of models that surpass system RAM capacity. For example, it reduces the TinyLlama-1.1B model size from approximately 2GB to around 0.24GB. The engine supports Apple Silicon through Metal and C++ tensor unpacking and enhances generation speed via speculative decoding. This technology allows users to run models with up to 500 billion parameters by streaming layers from disk, thereby democratizing access to large LLMs without cloud reliance.
OpenGraviton's architecture is versatile, supporting integration into AI applications via a user interface and REST API across various platforms like Apple Silicon, NVIDIA GPUs, and CPUs. Key architectural components include QuantizedLinear modules for efficient memory usage, dynamic sparsity engines, memory managers, and speculative decoding frameworks that optimize performance without significant quality loss. The project encourages community involvement with a comprehensive testing suite and is distributed under the Apache License 2.0. It builds upon existing research in efficient LLM inference techniques, aiming to provide detailed documentation, installation guides, and accessible APIs for users.
Keywords: #phi4, AI inference, Apache License 20, Apple Silicon, C++ tensor, CPU, CUDA, GitHub, GravitonEngine, HuggingFace, INT8 quantization, LLMs, LayerStreamer, M1 Max, Mac Mini, Metal, MoE routing, OpenGraviton, PyTorch, QuantizedLinear, SpeculativeDecoder, Top-K pruning, dynamic sparsity, mmap-based streaming, pytest, speculative decoding, ternary quantization
github.com 2 days ago
https://github.com/opengraviton/graviton?tab=readme-ov- 2 days ago
|
606.
HN
MLShip – Deploy Streamlit/Gradio ML apps in 60 seconds, no Docker or AWS
MLShip is a streamlined platform that facilitates the rapid deployment of Streamlit/Gradio machine learning applications in just 60 seconds, bypassing complex Docker or AWS setups. It resolves typical deployment issues such as extended setup times and non-functional endpoints by offering straightforward upload options or GitHub integration. This integration allows for an auto-generated live URL with automatic redeployment upon each git push. Aimed at data scientists, ML engineers, Python developers, and hackathon enthusiasts, MLShip provides free early access via mlship-dev.netlify.app. The platform seeks user feedback from Hacker News to enhance its capabilities further.
Keywords: #phi4, AWS, Deploy, Docker, GitHub, Gradio, ML apps, MLShip, Netlify, Python developers, Streamlit, auto-redeploys, data scientists, feedback, hackathon builders, live URL
news.ycombinator.com 2 days ago
|
607.
HN
MLShip – Deploy Streamlit/Gradio ML apps in 60 seconds, no Docker or AWS
MLShip is a tool designed to streamline the deployment of Streamlit/Gradio machine learning applications by removing the need for complex Docker or AWS configurations. Developed in response to the challenges faced during lengthy and complicated setups, MLShip enables users to easily upload projects directly or link through GitHub to obtain a live URL within 60 seconds. The platform offers auto-redeployment with every git push, making it particularly beneficial for data scientists, machine learning engineers, Python developers, and hackathon participants seeking efficient deployment solutions. Free early access is available at mlship-dev.netlify.app, and the creator invites feedback from the Hacker News community to enhance its functionality.
Keywords: #phi4, AWS, Deploy, Docker, GitHub, Gradio, ML apps, MLShip, Netlify, Python developers, Streamlit, auto-redeploys, data scientists, feedback, hackathon builders, live URL
news.ycombinator.com 2 days ago
|
613.
HN
Top trending repo claims to detect movement via WiFi, yet no one can run it
The GitHub repository "RuView," developed by ruvnet, has garnered significant attention by quickly amassing 31,000 stars and becoming the month's top trending project due to its claim of detecting movement using WiFi with inexpensive $8 hardware. Despite this popularity, there is a notable lack of engagement or discussion from users beyond the author concerning the repository's actual functionality. Minimal presence on platforms like YouTube, Reddit, or GitHub issues—where comments are often closed by the author—further contributes to skepticism about its effectiveness. The sudden rise in prominence has sparked speculation within the tech community regarding potential motivations behind its popularity, such as promoting sales for ESP32-S3 boards or possible security vulnerabilities in the codebase. Community members have urged individuals with access to an ESP32 board to conduct local tests and verify the repository's claims independently.
Keywords: #phi4, ESP32 board, ESP32 board Keywords: Top trending, ESP32-S3, ESP32-S3 boards, GitHub, Top trending, WiFi, attack vectors, discussion, hardware, issues, local run, movement detection, repo, stars, verification
news.ycombinator.com 2 days ago
|
627.
HN
Zero Lines Written by a Human but 750 Pull Requests Later
An engineer successfully developed a production application called ChatML using 753 pull requests authored entirely by an AI agent named Claude within 45 days across four programming languages: Go, React, Rust, and Node.js, without writing any code themselves. By acting as both architect and product manager, the engineer directed AI's development process through guidance and review rather than direct coding. This project demonstrated how experienced engineers can effectively shift their focus from coding to overseeing architecture and making informed evaluations in software creation.
ChatML is a macOS application featuring real-time streaming capabilities and integrated GitHub pull request workflows, built using AI as its own development environment. The decision to open-source ChatML under the GPL-3.0 license reflects the engineer's commitment to community-driven and accountable solutions, driven by frustration with proprietary tools lacking transparency. This project underscores the importance of parallel task management in AI-assisted development and highlights the necessity for open-source options to prevent dependency on closed-source products.
The engineer has made ChatML available on GitHub and invites others to explore its codebase, providing a platform for feedback and encouraging support through starring the repository as an endorsement of open-source, AI-driven developer tools. The project’s aim is not commercial profit but rather enhancing visibility for this innovative approach in software development.
Keywords: #phi4, AI, ChatML, GitHub, architecture, code review, copyleft, engineer, feedback loop, open source, product, programming languages, pull requests, sessions
chatml.com 2 days ago
|
633.
HN
Show HN: Ajen – Describe a startup, watch AI employees build it
Ajen is an open-source platform designed to assist users in transforming startup ideas into reality by leveraging AI-powered virtual employees, such as CEOs, developers, and marketers. These virtual teams are tasked with planning, developing, and launching products efficiently, simulating a comprehensive startup team. Developed using Rust for enhanced modularity, Ajen allows for the customization of models, roles, and workflows to suit specific needs. Users initiate the process by describing their desired product, such as a SaaS app or marketplace. The AI-driven virtual team then collaborates to realize this vision, effectively bringing the user's concept to fruition. This innovative platform is accessible on GitHub at [ajenhq/ajen], facilitating community engagement and contribution.
Keywords: #phi4, AI, Ajen, CEO, GitHub, Rust, SaaS, developers, employees, execution, marketers, marketplace, modular, open-source, planning, platform, startup, tool, vision
www.ajen.dev 2 days ago
|
635.
HN
Show HN: Todo.open – A local-first task server with CLI, TUI, and web UI
Todo.open is a local-first task management tool that provides interfaces such as CLI, TUI (Bubble Tea terminal UI), and Web UI. It enhances the functionality of traditional systems like todo.txt by incorporating features like a real API and live updates through SSE (Server-Sent Events). Tasks are stored in human-readable plain JSONL files on disk instead of using a database, ensuring easy accessibility and editability. A local HTTP server offers a REST + SSE API to keep all interfaces synchronized automatically.
A distinctive feature of Todo.open is its adapter system that allows users to customize task data rendering with view adapters or synchronization with external systems through sync adapters. This flexibility facilitates integration with custom backends or task representations like Markdown, enhancing the tool's extensibility and user control. Additionally, Todo.open supports AI integration via agent primitives while maintaining simplicity by using plain files and open protocols.
The project is openly hosted on GitHub at [todo-open](https://github.com/justEstif/todo-open) with more information available on its dedicated site at [justestif.github.io/todo-open](https://justestif.github.io/todo-open).
Keywords: #phi4, AI agent, CLI, GitHub, JSONL, REST API, SSE, TUI, Todoopen, adapter system, composable interfaces, local-first, open protocol, plain files, sync adapters, task server, view adapters, web UI
news.ycombinator.com 2 days ago
|
636.
HN
Show HN: lovable-downloader – download Lovable projects locally (Rust CLI)
The "Lovable-Downloader" is a command-line utility developed in Rust that facilitates the local downloading of projects from Lovable without relying on GitHub integration. It constructs the project directory and manages asset download based on specified limits using Lovable's API. The installation process utilizes Cargo, with users needing to input the desired project URL as an argument. Options are available for overwriting existing directories (`--force`) or displaying help/version details.
Authentication is necessary, requiring a bearer token obtainable from Lovable, which can be configured via environment variables, a `.env` file, or interactively upon starting the tool. By default, downloaded projects are stored in `./projects/<uuid>/`, relative to the user's current directory. The tool automatically skips files exceeding the API size limit, notifying users with a message and providing a summary of successful downloads. While new or altered files can be written if the `--force` option is enabled, existing stale files remain unaffected unless manually updated.
Keywords: #phi4, API request, GitHub, Lovable account, Rust CLI, assets, bearer token, cargo install, domain configuration, env file, environment variable, force option, interactive prompt, lovable-downloader, options, overwrite behavior, project URL, prototype, size limit, summary count
github.com 2 days ago
|
645.
HN
Show HN: OxiMedia – Pure Rust Reconstruction of FFmpeg and OpenCV
OxiMedia is a pioneering project that reconstructs FFmpeg and OpenCV using Pure Rust, offering a patent-free and memory-safe framework for multimedia processing and computer vision tasks. Designed to ensure safety and efficiency, it prohibits unsafe code, supports only royalty-free codecs like AV1 and Opus, and incorporates asynchronous operations with Tokio. With no dependencies on C or Fortran in its default features, OxiMedia is also prepared for WebAssembly targeting, enabling browser-based applications without external transcoding servers. As of version 0.1.0, the framework consists of 92 crates totaling around 1.36 million lines of Rust code.
The project aims to merge multimedia and computer vision functionalities into a unified system that handles diverse tasks such as codec encoding/decoding, streaming protocols, filter graphs, object detection, motion tracking, video enhancement, and quality assessment. OxiMedia's architecture is divided into domains like Foundation, Codecs & Container, Networking, Audio, Computer Vision, Quality & Analysis, all supported by shared layers for processing pipelines and applications. This design eliminates the need for complex system library installations, simplifying integration.
Currently in a production-grade phase, OxiMedia emphasizes stability, comprehensive documentation, testing, and strict coding standards. Developed by COOLJAPAN OU (Team Kitasan), it invites sponsorship to continue advancing this Pure Rust ecosystem. Licensed under Apache 2.0, the project embodies a commitment to safety, patent freedom, and sovereign development in multimedia processing and computer vision, representing a significant stride towards independent and efficient solutions entirely in Rust.
Keywords: #phi4, FFmpeg, GitHub, OpenCV, OxiMedia, Pure Rust, Rust, Tokio, WASM, architecture, async, codecs, computer vision, concurrency, crates, framework, licensing, memory safety, multimedia, production-grade, sponsorship
github.com 2 days ago
https://www.npmjs.com/package/@cooljapan/oximedia 2 days ago
|
646.
HN
Show HN: GYML – YAML syntax, JSON semantics, zero runtime dependencies
GYML is designed as a strict subset of YAML aimed at resolving common issues such as the Norway Problem and silent duplicate key overwrites. It maintains YAML's indentation syntax but aligns with JSON in terms of type semantics, offering a single spelling per data type without utilizing anchors, aliases, or tags. This design ensures predictability by disallowing implicit type coercion, guaranteeing that input matches output precisely.
Key features of GYML include its status as a strict subset where valid GYML documents are invariably valid YAML, but not the other way around. It enforces clear type semantics with no implicit type coercion and supports only block style syntax, discarding flow styles and complex features like anchors or tags to prevent errors such as duplicate key overwrites.
GYML's parsing into Python objects can be achieved through a custom parser without runtime dependencies, facilitating easy integration. Installation is straightforward via pip or uv commands, allowing users to parse both strings and files efficiently while returning native Python types. Its error handling provides detailed feedback on issues with precise location indicators, avoiding reliance on C extensions.
The development of GYML emphasizes contributions that maintain zero runtime dependencies and full typing, with comprehensive testing required for all changes as outlined in `AGENTS.md`. By addressing YAML's pitfalls while retaining its usability, GYML strives to offer a reliable configuration format.
Keywords: #phi4, CLI, GitHub, JSON, Norway Problem, Python, YAML, aliases, anchors, block style, configuration, conftestpy, duplicates, error handling, indentation, jq, lexer, parser, predictability, pretty-printed JSON, pytest, ruff, runtime dependencies, semantics, silent overwrites, strict typing, syntax, tags, ty
github.com 2 days ago
|
668.
HN
I hate it when it happens
The text addresses a common frustration experienced within popular GitHub repositories where users frequently open issues about problems they have already encountered and subsequently resolved on their own. This practice leads to confusion and inefficiency because other users seeking solutions may encounter these closed issues without any useful information, as the original poster often closes them with a simple note of self-resolution. The lack of detailed resolution or shared knowledge not only causes frustration for those looking for help but also undermines the collective benefit of community-driven problem-solving resources like GitHub. This issue highlights the need for more informative and collaborative engagement when resolving problems on such platforms to enhance support for all users.
Keywords: #phi4, GitHub, Google, My bad, closed, discover, figured, hate, issue, legendary, out, problem, repo, technical
coding.napolux.com 3 days ago
|
674.
HN
Show HN: Ryva reads your GitHub and Slack so you can kill your standups
Ryva is a tool aimed at enhancing development team workflows through the integration of data from platforms like GitHub and Slack. Its primary objective is to render daily standup meetings obsolete by offering a comprehensive, written summary that outlines project statuses, recent changes, key decisions made, outstanding issues, and future steps. Ryva ensures that all pertinent information is captured in real-time, thereby establishing an operational source of truth for the team. The tool organizes this information into structured decision blocks enriched with domain-specific details, facilitating alignment within teams and ensuring traceability of decisions without necessitating additional meetings. Currently available in early access, Ryva focuses on boosting team efficiency by minimizing reliance on verbal status updates.
Keywords: #phi4, GitHub, PR discussions, Ryva, Slack, audit-ready, commits, decision block, decisions, dev teams, domain, outcome, priority, project state, signal capture, source of truth, standups, threads, timeline, written project state
ryva.dev 3 days ago
|
679.
HN
The Linux Kernel Will Soon Be MIT-Licensed and Copyleft Will Be Dead
The transition of the Linux kernel from the GNU General Public License (GPL) to the MIT license reflects a broader decline in the prominence of copyleft, driven by multiple factors. Commercial resistance plays a significant role as many companies find GPL-licensed software cumbersome due to its legal complexities and obligations regarding source code distribution. This has led to a preference for simpler licenses like the MIT license, especially with platforms such as GitHub facilitating their adoption. Additionally, shifts in toolchains have seen projects like LLVM/Clang surpass traditional GPL tools such as GCC, reducing reliance on GPL-licensed software.
Security initiatives are also influencing this trend, with efforts underway to rewrite essential Linux utilities in Rust under MIT licenses, thereby decreasing the presence of GPL code within distributions. Furthermore, advancements in artificial intelligence (AI) have enabled rapid reimplementation of GPL software with minimal legal repercussions. This capability was demonstrated by the swift creation of a new version of the chardet project, which is GPL-licensed.
Looking ahead, as AI tools become more sophisticated, commercial entities may increasingly opt to reimplement GPL software rather than comply with its licensing terms, potentially resulting in an MIT-licensed "shadow" Linux kernel. The convergence of these trends indicates that the influence of copyleft may significantly diminish in the near future due to technological advancements and shifting market preferences.
Keywords: #phi4, AI Reimplementation, Commercial Developers, Copyleft, GPL, GitHub, LLVM/Clang, Licensing Headache, Linux Kernel, MIT License, Rust, Security, Shadow Kernel, chardet Project
lowendbox.com 3 days ago
|
681.
HN
Your Agent Doesn't Need a Readme
The article presents a compelling argument against using README files for command execution by AI agents, emphasizing that these documents are intended for human readers and require intricate natural language processing to extract structured data. Instead, it advocates for the use of schemas like MCP's Runfile, which provide clear, unambiguous, and current tool definitions, facilitating deterministic task execution and enhancing both predictability and reliability over probabilistic approaches reliant on READMEs.
MCP’s tool registry offers well-defined tools characterized by explicit names, descriptions, and parameters, thereby preventing the inadvertent exposure of internal project details that could occur in a README. By delineating skills for determining when an agent should act from Runfiles specifying actions to be taken, the system achieves greater robustness and auditability.
While acknowledging the value of READMEs in explaining the rationale behind tools and processes to humans, the article asserts they should not function as APIs for agents. Instead, projects are encouraged to implement structured interfaces like Runfile commands, which can be documented within READMEs for transparency but primarily used via MCP for dependable execution. This separation of concerns enhances system reliability and clarity in task management.
Keywords: #phi4, AI agent, GitHub, MCP, README, Runfile, agent, brew, brew install, command, command interface, data, definition, deterministic, documentation, install, interface, natural language parsing, nihilok, nihilok/tap/runtool Keywords: AI, parsing, probabilistic, runtool, schema, structured, structured data, tap, tool, tool definition
nihilok.github.io 3 days ago
|
685.
HN
The Linux Kernel Will Soon Be MIT-Licensed and Copyleft Will Be Dead
The article explores the potential shift from the GNU Public License (GPL) to the MIT license within the Linux ecosystem, driven by several key factors. Commercial discontent with GPL arises due to its complexity and restrictive nature, complicating legal compliance for companies. The popularity of platforms like GitHub has facilitated developers' transition toward simpler licenses such as MIT, which offer clearer terms than the GPL. Additionally, a shift in tooling preferences is evident with the declining use of the GNU Compiler Collection (gcc) in favor of LLVM/Clang, which doesn't rely on GPL components, and an increasing trend to rewrite Linux utilities in Rust under MIT for better security.
A notable example illustrating these trends is the reimplementation of the popular GPL-licensed Python module "chardet" using AI tools like Claude. This rapid reimplementation highlights concerns about maintaining proprietary software under GPL when alternatives can be developed swiftly without compliance burdens. Looking ahead, this shift could lead to broader adoption of non-GPL licenses in Linux projects, potentially fostering an MIT-licensed "shadow" kernel as a competitor to the traditional GPL version.
The article concludes by contemplating whether copyleft principles can endure amidst rapid advancements in AI-driven software reimplementation. The ease and speed at which new software solutions are developed with AI tools pose significant challenges to the future of GPL licenses, especially as commercial entities might prefer replacing GPL components rather than adhering to its terms.
Keywords: #phi4, AI Reimplementation, Commercial Developers, Copyleft, GPL, GitHub, LLVM/Clang, Licensing Headache, Linux Kernel, MIT License, Rust, Security, Shadow Kernel, chardet Project
lowendbox.com 3 days ago
|
687.
HN
Show HN: Tilth v0.5.0 –> ~40% cheaper AI code navigation (160 runs, 3 models)
Tilth v0.5.0 is an advanced AI code navigation tool that combines ripgrep, tree-sitter, and cat to enhance both human and AI-driven code reading efficiency. The latest version focused on investigating the inconsistent use of its tools by models despite their availability. Performance evaluations revealed notable improvements over standard built-in alternatives: Sonnet experienced a 44% reduction in cost per correct action with accuracy increasing from 84% to 94%, while required interactions (turns) decreased by 31%. Opus saw a 39% decrease in cost per correct action, with a slight rise in accuracy from 91% to 92% and a significant 37% drop in turns. Haiku demonstrated a 38% reduction in cost per correct action, along with an increase in accuracy from 54% to 73%, although the decrease in turns was more modest at 7%. Detailed results are accessible on GitHub, and there is an open invitation for contributors who have resources to conduct further benchmark tests, particularly using Opus, to participate.
Keywords: #phi4, AI, GitHub, Haiku, Opus, PR results, Sonnet, Tilth, accuracy, baseline, benchmark, budget, code navigation, models, ripgrep, smart code reading, token whales, tools, tree-sitter
news.ycombinator.com 3 days ago
|
688.
HN
Show HN: Skir – A schema language I built after 15 years of Protobuf friction
Skir is a novel schema language developed to overcome limitations encountered over 15 years of using Protobuf, specifically focusing on enhancing end-to-end type safety for RPCs within mixed-language environments. Designed by Gepheum, Skir enables developers to define API methods in a YAML configuration file and facilitates their invocation as if they were local functions, similar to gRPC operations. This capability ensures consistency across different language stacks, whether between frontend and backend components or among various microservices. To begin using Skir, it can be installed via npm with the command `npx skir init`. Additional information about its features and usage is available on its official website (skir.build) and through its GitHub repository. The developers are particularly interested in receiving feedback from teams working with mixed-language stacks to further refine and improve Skir's functionality.
Keywords: #phi4, API, API methods, GitHub, Protobuf, RPCs, Skir, YML, YML file, backend, friction, frontend, gRPC, microservices, mixed-language, mixed-language stacks, schema, schema language, type safety, website, website Keywords: Skir
skir.build 3 days ago
https://buf.build/plugins/typescript 3 days ago
https://capnproto.org/ 3 days ago
https://news.ycombinator.com/user?id=kentonv 3 days ago
https://skir.build/docs/serialization#serialization-for 3 days ago
https://medium.com/@gepheum/i-spent-15-years-with-proto 2 days ago
https://connectrpc.com/ 2 days ago
https://github.com/bytecodealliance/wrpc 2 days ago
https://arrow.apache.org/docs/format/Flight.html 2 days ago
https://skir.build/docs/python#frozen-structs 2 days ago
https://skir.build/docs/schema-evolution#adding-variant 2 days ago
https://skir.build/docs/schema-evolution#default-behavi 2 days ago
https://skir.build/docs/protobuf#implicit-unknown-varia 2 days ago
https://medium.com/@gepheum/i-spent-15-years-with-proto a day ago
https://news.ycombinator.com/item?id=47306983 a day ago
https://www.prisma.io/docs/orm/prisma-schema/ a day ago
|
693.
HN
RailsForge – a Rails development toolkit I built with AI
RailsForge is an advanced command-line toolkit specifically designed to enhance Ruby on Rails development through comprehensive automation of various tasks. Built with AI capabilities, RailsForge simplifies generating essential components such as monitoring configurations, DevOps setups, and security/performance analyses. It features automated generators that utilize built-in templates (versions 1 to 3) for quickly creating services, queries, jobs, and other necessary elements. Additionally, its code analyzers evaluate a project's security, performance, and architecture, while the toolkit also facilitates DevOps operations by easing Docker containerization and CI/CD pipeline configuration for platforms like GitHub and GitLab. Monitoring capabilities are robust with integrations such as Sentry for error tracking and Lograge for structured logging. The tool's versatile template system offers multiple versions with advanced patterns to cater to different application requirements, while its plugin architecture allows customization and extensibility. Installation is straightforward via RubyGems, source code, or a Gemfile, and typical usage involves commands like `railsforge generate` for creating configurations and `railsforge analyze security` for vulnerability assessments. RailsForge requires Ruby 3.0 or higher along with Bundler for gem management. Released under the MIT License, it encourages community contributions, positioning itself as an essential asset for developers seeking to streamline their workflow in Rails development.
Keywords: #phi4, CI/CD, Configuration, DevOps, Docker, Dry::Schema, Gem, Generators, GitHub, GitLab, Graphviz, Kubernetes, Lograge, MIT License, Monads, Monitoring, Plugins, Rails, Rubocop, Ruby, Security, Sentry, Templates, YAML
github.com 3 days ago
https://github.com/mfifth/railsforge 3 days ago
|
695.
HN
My GitHub activity exploded, but my impact didn't
The text reflects on a notable surge in GitHub activity experienced by the author around October 2025, which they attribute primarily to advancements in AI coding assistants like Claude Code. These tools significantly increased productivity by managing routine tasks and enabling rapid development, leading to an influx of code commits. However, despite this spike in technical output, the author observed that it did not result in meaningful impact or success.
A personal project called "SSH Browser," developed quickly with AI assistance, exemplifies this issue. Although technically sound, the app failed to gain popularity due to bureaucratic obstacles in the Google Play Store's review process rather than any coding deficiencies. This experience underscores a broader problem: an overemphasis on productivity metrics such as commit counts and lines of code that don't necessarily correlate with real-world success or impact.
The author argues that while AI tools can substantially enhance coding efficiency, true progress often depends on addressing non-technical challenges like organizational dynamics, legal constraints, and market barriers. They emphasize the importance of focusing on meaningful outcomes—such as time to user adoption, learning from feedback, and delivering actual value—over mere technical achievements or activity levels.
Keywords: #phi4, AI coding assistants, GitHub, Google Play Store, SSH Browser, activity, bureaucratic challenges, impact, organizational challenges, productivity paradox, rate of impact, speed of learning, time to first user, vanity metrics
mandar.dev 3 days ago
|
702.
HN
Show HN: I'm building an open source alternative to Topaz Photo AI
Open Photo AI emerges as an open-source initiative, offering a free alternative to Topaz Photo AI without dependence on external APIs such as ChatGPT, while incorporating internal AI capabilities like upscaling, face recovery, and light adjustment. This project is driven by the transition of Topaz Labs from a one-time purchase model to a subscription-based system, leading to the creation of an accessible tool that emulates the user-friendly aspects of proprietary software. Although it currently lacks certain features present in Topaz Photo AI, Open Photo AI plans to expand its functionality over time.
Users can engage with Open Photo AI through a graphical user interface (GUI) for simplicity or a command-line interface (CLI) for automation on platforms including Windows, macOS, and Linux. The application integrates models from Hugging Face, allowing users to prioritize between identity fidelity and aesthetics during tasks such as face recovery and upscaling.
The project's future development includes customization of models, enhanced previews, additional features like denoising and colorization, and streamlined installation processes. It also offers troubleshooting guidance for common issues related to app permissions and Linux dependencies. Released under the AGPL-3.0 License by developer Vinicius Egidio, Open Photo AI encourages community feedback and support, with aspirations of expanding into alternatives for Topaz Video AI and other tools.
Keywords: #phi4, AGPL-30 License, AI logic, CLI, CPU execution provider, CUDA, CoreML, FP16 models, GUI, GitHub, Kickstarter, Linux, M-series chip, ONNX Runtime, Open Photo AI, TensorRT, Topaz Labs, Windows, architecture, build dependencies, data pre-processing, donation, enhancement customization, face recovery, feature parity, image enhancement, inference, known issues, light adjustment, macOS, open source, perpetual license, project developmentKeywords: Open Photo AI, subscription model, tensor operations, tiling, troubleshooting, upscale, usability
github.com 3 days ago
|
705.
HN
NeuroMechFly v2: simulating embodied sensorimotor control in adult Drosophila
NeuroMechFly v2 is designed to simulate sensorimotor control in adult Drosophila by leveraging the FlyGym package. This project and its associated resources are available under the Apache-2.0 license, with code hosted on GitHub and comprehensive tutorials accessible at neuromechfly.org. Additional scripts for generating figures are also provided under this same open-source license. While a frozen snapshot of the project's code is available through Zenodo, users are advised to use the latest version of FlyGym due to continuous development and variations in hardware configurations that may impact results. This ensures access to updated features and optimal performance.
Keywords: #phi4, Apache-20 license, Drosophila, FlyGym, GitHub, NeuroMechFly, Zenodo, code snapshot, computing hardware, dependencies, development, documentation, sensorimotor control, tutorials
www.nature.com 3 days ago
https://www.biorxiv.org/content/10.1101/2023.09.18 3 days ago
|
710.
HN
Ask HN: Why Is Phil Wang / Lucidrains Off GitHub?
The discussion stems from a query raised on Hacker News about the absence of Phil Wang, known online as Lucidrains, from GitHub. A user expressed interest in using Andrej Karpathy's autoresearch tool to connect significant developments in machine learning research with Lucidrains' repositories. However, they found that Lucidrains is no longer active on GitHub due to his account being canceled. Lucidrains has raised suspicions of an issue at GitHub and has not provided further details. The user seeks additional background information or insights into the circumstances surrounding this situation, hoping to understand why Lucidrains' presence was removed from the platform without apparent explanation.
Keywords: #phi4, Ask HN, GitHub, Karpathy, Karpathy’s autoresearch tool, Lucidrains, ML research, Phil Wang, account canceled, autoresearch tool, backstory, information Keywords: Ask HN, interesting, new, repositories, smart pick, technical keywords
news.ycombinator.com 3 days ago
https://news.ycombinator.com/item?id=47009749 3 days ago
|
711.
HN
I Ditched ESLint and Prettier for Biome
The author discusses their transition from using the established linting tools ESLint and Prettier to adopting Biome for managing JavaScript/TypeScript projects, motivated by challenges faced with ESLint’s complexity after its version 9 release introduced a flat configuration system that led to user dissatisfaction. This change was precipitated by ongoing compatibility issues between ESLint and libraries, requiring extensive management of multiple configurations and dealing with conflicts, particularly when upgrading or migrating setups, which often resulted in time-consuming debugging.
Biome has been presented as an appealing alternative due to its streamlined approach featuring a single-binary architecture, a consolidated configuration file (biome.json), and significantly faster performance compared to ESLint/Prettier combinations. The tool's Rust-based construction ensures better maintainability through automated migration processes upon updates, reducing the manual workload previously needed with ESLint setups. Despite lacking some specific plugins found in ESLint such as eslint-plugin-react-hooks and jsx-a11y, Biome is rapidly expanding its capabilities and language support.
The growing endorsement by major tech companies like Vercel and Next.js highlights Biome’s increasing credibility and utility within the developer community. The author expresses a preference for Biome due to its simplicity, speed, reduced configuration overhead, and promising future developments, indicating that they are unlikely to revert to using ESLint despite recognizing some current limitations of Biome.
Keywords: #phi4, AST, Astro, Biome, CI, CSS, ESLint, GitHub, HTML, JavaScript, Markdown, Nextjs, Prettier, React, Rust, SCSS, Svelte, TypeScript, VS Code, conflict, formatting, linting, npm, rules, stability, upgrade
xergioalex.com 3 days ago
|
717.
HN
Show HN: Kaeso, an OAuth hub for AI agent integrations
Kaeso serves as an OAuth hub aimed at simplifying the integration of AI agents with various services such as Google, Slack, and GitHub by handling authentication and permissions seamlessly. It addresses common challenges faced by developers, including the repetitive implementation of OAuth flows, token storage, and refresh logic. By offering a single interface where users can connect their services once, Kaeso securely stores tokens and automatically refreshes them when needed. This facilitates efficient access to multiple platforms through a unified API for AI agents. The tool is targeted at those developing AI agents or automation systems, seeking feedback from this community. Additional details are available on the official website at kaeso.ai.
Keywords: #phi4, AI, API, Connect-UI, GitHub, Google, Kaeso, OAuth, Slack, agents, automation, developers, feedback, flows, hub, infrastructure, integrations, permission, refresh, security, services, storage, token
kaeso.ai 3 days ago
|
721.
HN
Show HN: Moruk OS – Autonomous AI agent that runs locally on Linux
Moruk OS is an autonomous AI operating system specifically designed for local deployment on Linux platforms, functioning beyond the capabilities of conventional chatbots by autonomously decomposing complex tasks into subtasks. It supports multiple AI models such as Claude, GPT-4, and Gemini, enhancing its versatility in project management through parallel-executable subtask breakdowns. The OS features a persistent memory system based on vector storage and a flexible plugin architecture that facilitates the seamless integration of Python tools. Developed using Python and PyQt6 under an MIT license, Moruk OS incorporates DeepThink—a secondary reasoning layer designed to ensure safety and accuracy by reviewing critical actions prior to their execution.
The system is equipped with real-time activity monitoring, web change detection, and adaptive user profiling capabilities. It can be installed on Ubuntu 20.04+ systems requiring Python version 3.10 or higher, while also supporting a range of AI providers for enhanced extensibility via plugins. Developers can contribute to Moruk OS through an uncomplicated process involving feature branching, code commits, and pull request submissions.
Looking ahead, the development roadmap for Moruk OS includes expanding its platform support to Windows and macOS, creating a web-based user interface, establishing a plugin marketplace, enabling multi-instance distributed agents, integrating voice-first interaction modes, and developing mobile companion applications. These planned enhancements aim to broaden its functionality and accessibility, further positioning it as an innovative solution in the field of autonomous operating systems.
Keywords: #phi4, Autonomous AI, Configuration, DeepThink, GitHub, Linux, Live Activity, MIT License, MIT License Keywords: Moruk OS, Moruk OS, Multi-model, Multi-model support, Persistent memory, Plugin Development, Plugin system, Project Manager, PyQt6, Python, Roadmap, Web Monitor
github.com 3 days ago
|
726.
HN
Show HN: tmuxy – the missing GUI for tmux
Tmuxy is a graphical user interface designed to enhance the usability of tmux, a terminal multiplexer known for its robustness and power, without replacing it. It employs a Rust backend that connects to tmux through control mode and transmits state updates to either a React-based frontend or Tauri IPC on desktop platforms. This web application provides several advanced features such as image rendering, markdown previews, pane grouping, and floating panes, available both in web and desktop formats. Notably, it supports remote access from mobile browsers via SSH, significantly improving accessibility. Despite being an early-stage project with no stable release currently, tmuxy is open-source on GitHub, encouraging contributions to its ongoing development and enhancement.
Keywords: #phi4, DeepWiki, GUI, GitHub, React, Rust, SSE, SSH, Tauri IPC, UX, desktop app, floating panes, image rendering, markdown previews, multiplexing, pane groups, persistent sessions, terminal emulation, tmux, web app
tmuxy.sh 3 days ago
|
736.
HN
Show HN: L88-Full – Looking for feedback, bug fixes, and contributors
The author has launched a project named *L88-Full* on GitHub at [https://github.com/Hundred-Trillion/L88-Full](https://github.com/Hundred-Trillion/L88-Full), inviting feedback from the community to enhance its development. They are actively seeking contributions in various forms, including code reviews, suggestions for improvements, bug reports or fixes, and ideas for future expansion of the project. Community members can contribute by creating issues or submitting pull requests on GitHub. The author expresses gratitude towards anyone who engages with the project to provide support and feedback.
Keywords: #phi4, GitHub, L88-Full, bug fixes, code reviews, community, contributors, feedback, improvements, issues, project, pull request, repository, suggestions
news.ycombinator.com 3 days ago
|
740.
HN
Green Energy Inference and Open Weight LLMs
The author investigates ethical alternatives in artificial intelligence by utilizing Regolo.ai's green energy inference and open weight models to minimize environmental impact while promoting ethical practices. In their experiment, they employed the Qwen3-Coder-Next model through OpenCode to successfully transition a website from Metalsmith to Eleventy, though they felt detached from the machine-generated code outcome. Unlike Copilot, OpenCode lacks integration with Visual Studio Code and necessitates manual context input but offers quicker operations without prompts. The author appreciates Regolo's generous free trial and compliance with EU regulations for digital sovereignty, yet expresses concerns about safety and comprehension debt associated with these tools. They recommend the use of open weight models and green energy inference to peers while advising caution regarding trust and potential misuse. The experiment underscored the effectiveness of these AI models but reinforced a preference for using them as guides rather than primary code generators. Looking ahead, the author plans to explore locally running models with tools like Jan.ai, depending on available hardware capabilities.
Keywords: #phi4, AI Ethics, Comprehension Debt, Confidential Computing, Digital Sovereignty, Eleventy, GDPR, GPU, GitHub, Green Energy, Inference, Local Models, Metalsmith, Open Weight LLMs, OpenCode, Pay As You Go, Qwen3-Coder-Next, Regoloai, Tokens
peteroshaughnessy.com 3 days ago
|
744.
HN
Show HN: Myrtle – modern email templating for Go
"Myrtle" is an open-source Go library designed for creating robust and modern email templates through a fluent builder pattern. It features built-in themes such as default, flat, terminal, and editorial and supports advanced content blocks like tables and charts, accommodating both left-to-right and right-to-left text directions. The library allows dual rendering of HTML and plain-text formats, facilitating versatile email creation.
Key aspects include the ability to customize with user-defined themes or styles, ensuring compatibility even with challenging clients like Outlook Classic. Myrtle enhances performance by supporting concurrent rendering using shared components. Installation is straightforward through `go get github.com/gzuidhof/myrtle`. Although still in development and under the MIT License, it provides a powerful toolkit for generating complex email templates, accompanied by examples and a demo server for previewing emails.
Myrtle's use cases span security alerts, account notifications, and operational briefs. It aims to simplify template creation by reducing manual CSS coding, while cautioning users about potential layout shifts in future updates due to its developmental status.
Keywords: #phi4, GitHub, Go, HTML rendering, MIT License, MIT License Keywords: Go, Markdown, Myrtle, blocks, builder pattern, concurrent rendering, customization, dependency-free, development, email templating, examples, installation, styles, templates, text fallback, themes
github.com 3 days ago
|
756.
HN
Show HN: Proxly – Self-hosted tunneling on your own domain in 60 second
Proxly is a self-hosted tunneling tool that enables users to expose local services through subdomains on their own Virtual Private Servers (VPS) without any bandwidth or session limitations. It offers an easy setup process facilitated by an npm package and an interactive wizard, making it more user-friendly compared to similar tools like frp and ngrok. As an open-source software under the MIT license, Proxly is designed to provide a straightforward alternative for users seeking efficient tunneling solutions. Further details about its functionality and usage can be accessed through its GitHub repository at [https://github.com/a1tem/proxly](https://github.com/a1tem/proxly).
Keywords: #phi4, GitHub, MIT, MIT licensed, Proxly, VPS, a1tem Keywords: Proxly, frp, interactive wizard, local services, ngrok, no bandwidth caps, no session limits, npm, npm install, open source, self-hosted, subdomains, tunneling
news.ycombinator.com 3 days ago
|
760.
HN
Show HN: Stardial – a highly customizable terminal clock (Rust)
Stardial is a highly customizable terminal clock developed in Rust that serves as an advanced alternative to tools like tty-clock. It supports animations and themes, allowing users to tailor its appearance to various terminal environments through multiple display styles, custom colors, animation effects, and adjustable layouts. Users can select from four color themes—void, nebula, luna, solar—with additional accent color options. Stardial enhances the visual experience with animated starfield backgrounds featuring parallax layers and a shooting star effect.
Installation of Stardial is versatile, available via Snap, Homebrew, Arch Linux AUR, or by compiling from source using Rust. The application allows extensive customization through command-line flags that enable users to modify themes, colors, size, time formats, and effects such as blinking colons or shooting stars. For consistent visual output, Stardial offers deterministic visuals suitable for screenshots, and includes a debug logging option.
Efficiency is a hallmark of Stardial's design; it operates at a default frame rate of 30 FPS with minimal CPU usage (typically under 1%) on modern hardware. To exit the application, users can press `q`, `Esc`, or `Ctrl-C`. Comprehensive documentation is accessible via the man page (`man stardial`), and releases are managed through semantic versioning. The project is released under an MIT license, with further details available in its GitHub repository at [GitHub - Stardial](https://github.com/USERNAME/stardial).
Keywords: #phi4, GitHub, MIT license, Rust, Stardial, animations, customizable, demo, features, installation, layout, performance, quickstart, terminal clock, themes
github.com 3 days ago
|
765.
HN
Show HN: Open-source self-hosted Intercom and CCTV platform
The text describes an open-source, self-hosted IP/SIP intercom and CCTV platform under the GPL v3 license, designed to prevent vendor lock-in by supporting devices with open APIs. This scalable system can be expanded from individual homes to entire cities and features include entrance intercoms, live video surveillance with archiving, mobile apps, desktop clients, ticketing workflows, optional face and license plate recognition, as well as CRM integrations. The project is currently available in multiple languages, and contributors are encouraged to assist with further localization efforts.
The platform comprises various components hosted on GitHub, including a server (RBT), Simple-DVR media server, iOS and Android apps, FALPRS, PWA fieldworker app, desktop client, and web extension examples. It serves diverse users such as ISPs, property management companies, intercom service teams, and building owners looking for an open-source solution.
The team invites free use of the project and contributions in various forms—issues, pull requests (PRs), documentation enhancements—and seeks feedback on architecture and hardware priorities. They are also interested in users willing to test the platform within their environments. Open communication is encouraged through email to facilitate further engagement and collaboration. Feedback from users is highly valued, highlighting a commitment to continuous improvement based on community input.
Keywords: #phi4, Android App, CCTV, Contributors, Desktop Client, Face Recognition, Fieldworker PWA, GPL, GitHub, IP/SIP, ISPs, Integrations, Intercom, Localization, Media Server, Mobile Apps, Modular, Open-source, Property Management, Repositories, Scalable, Server, Surveillance, Telecom Operators, Web Extensions, iOS App
github.com 3 days ago
|
776.
HN
Show HN: Malicious Extension Sentry: database of removed Chrome/Edge extensions
The "Malicious Extension Sentry" is a verified database created to identify malicious Chrome/Edge extensions, distinct from existing tools that depend on behavioral scanners prone to high false positive rates. This resource exclusively lists extensions either removed from official stores or flagged in researcher reports. It ensures accuracy by updating daily and offers easy access through a live dashboard available at [malext.toborrm.com](https://malext.toborrm.com). Additional resources supporting this initiative include its GitHub repository hosted at [github.com/toborrm9/malicious_extension_sentry](https://github.com/toborrm9/malicious_extension_sentry) and a browser extension distributed via the Chrome Web Store, facilitating user awareness and protection against malicious extensions.
Keywords: #phi4, Behavioral Scanners, Browser Extension, Chrome, Database, Edge, False Positives, GitHub, Live Dashboard, Malicious Extensions, Official Store, Removal Signals, Researcher Reports, Verified List
news.ycombinator.com 3 days ago
|
786.
HN
Show HN: Navtee – Golf course directory and navigation app
Navtee is an innovative golf course directory and navigation application that leverages OpenStreetMap data alongside the Overpass API to provide users with comprehensive information about golf courses globally. The app enables users to browse through various golf clubs, examine detailed course layouts, and access specific pin distances, enhancing their overall golfing experience. Additionally, Navtee's open-source nature is highlighted by its publicly available source code on GitHub, fostering potential contributions and further development from the community at the repository link [https://github.com/refarer/navtee](https://github.com/refarer/navtee).
Keywords: #phi4, App, Browse golf clubs, Directory, Explore course layouts, GitHub, Golf course directory, Navigation app, Navtee, OpenStreetMap, Overpass API, Pin distances, Refarer
navtee.com 3 days ago
|
788.
HN
Karabiner-Elements is a powerful tool for customizing keyboards on macOS
Karabiner-Elements is a robust keyboard customization application designed for macOS users who wish to remap their keys across various models of Macs, including both Intel-based and Apple Silicon systems. Compatible with macOS versions 13 Ventura through 26 Tahoe, the software can be downloaded from its official site or installed via Homebrew using the command `brew install --cask karabiner-elements`. For those interested in older iterations, these are documented within the release notes section of their website. Comprehensive usage documentation is readily available online for users seeking guidance, and financial support for ongoing development can be contributed through their pricing page.
For developers aiming to build Karabiner-Elements, specific prerequisites include macOS 15+, Xcode 26+, along with command-line utilities such as xz, XcodeGen, and CMake. The building process involves several steps: cloning the source code repository, updating submodules, optionally setting codesign identities for application and installer signing, and executing a `make package` command to create a redistributable DMG file. It is noteworthy that while some pre-built binaries are present within the source tree, they do not undergo rebuilding during the packaging phase. If these components need reconstruction, developers must refer to specific instructions from their corresponding projects.
Keywords: #phi4, CMake, GitHub, Karabiner-Elements, Sparkleframework, Terminalapp, VirtualHIDDevice, Xcode, binaries, codesign identity, command line tools, developers, documentation, donations, download, homebrew, installer signing, key remapper, macOS, package, releases, systems
github.com 3 days ago
|
789.
HN
Show HN: Ethernity: Secure paper backups with age encryption and SSS
Ethernity is a Python-based command-line interface focused on creating secure, encrypted backups of sensitive files through printable artifacts that feature machine-readable QR codes complemented by human-readable text for offline data recovery. It emphasizes transparency and verifiability with well-documented formats and provenance information. Key features include the ability to encrypt files or directories into QR codes and documents, support for offline recovery via various formats, browser-based reconstruction kits without cloud reliance, multiple template designs, and customizable sharding options like passphrase splitting. The tool's data storage capacity varies based on chunk size and error correction levels, with gzip compression as an option.
Ethernity is designed for users who require offline recovery solutions, long-term physical artifact management, shared data control, and auditable backup processes, but it is not suitable for those needing real-time synchronization or centralized third-party services. Installation prerequisites include Python 3.11+ with optional cosign for verification, and the tool can be installed on macOS via Homebrew, Linux using pipx, or Windows through signed release artifacts. Security considerations emphasize robust passphrase practices and regular recovery drills to mitigate data loss and single-point compromises, though it does not protect against endpoint breaches or policy failures in shard management.
Development contributions are encouraged with open-source collaboration through forks and pull requests, utilizing tools like Pytest, Ruff, Mypy, and Node.js for building components. Ethernity draws inspiration from similar projects such as Paperback by cyphar and operates under the GPLv3 license. For comprehensive guidance on installation, usage, troubleshooting, and contributions, users are directed to the available documentation and wiki resources.
Keywords: #phi4, CLI, Ethernity, GPLv3, GPLv3 license Keywords: Ethernity, GitHub, Python, Python CLI, QR codes, artifacts, backups, custody controls, data protection, documentation, encryption, offline, offline recovery, open-source, passphrase, recovery, release verification, security, sharding, templates, threshold, threshold sharding, verifiability
github.com 3 days ago
|
795.
HN
Ask HN: Github Account Recovery after a 2fa loss
The discussion on "Ask HN" revolves around strategies for recovering a GitHub account when two-factor authentication (2FA) access is lost. The post highlights the challenges users face when they cannot retrieve their 2FA devices or codes, emphasizing the importance of backup recovery options such as backup codes or alternative verification methods provided by GitHub during account setup. It serves as a cautionary reminder for users to maintain secure backups and utilize multiple authentication avenues to prevent being locked out of their accounts. Concurrently, an unrelated issue is noted where JavaScript has been disabled in a user's browser, causing functionality issues with Imgur, underscoring the necessity of enabling essential scripts for optimal website performance.
Keywords: #phi4, 2FA Loss, Account Recovery, Ask HN, Browser, GitHub, Imgur, Internet, JavaScript, Technical Keywords
imgur.com 3 days ago
https://github.com/orgs/community/discussions/ 3 days ago
|
796.
HN
Show HN: A dynamic, crowdsourced benchmark for AI agents
"Clawdiators" is an innovative open-source platform designed as a dynamic benchmark arena where AI agents compete across a variety of challenges to earn Elo ratings and climb leaderboards. The project encourages community involvement by allowing contributors to propose new challenges, which are subject to automated checks and peer reviews before inclusion in the system. Despite being in development, "Clawdiators" prioritizes engaging and entertaining experiences for participants.
The platform features diverse challenges that test different AI capabilities:
1. **Cipher-forge contender** involves decrypting increasingly difficult messages.
2. **Archive-dive veteran** demands answering questions from deep readings of multiple documents.
3. **Contract-review legendary** requires identifying problems within a complex fictional contract.
4. **Reef-refactor contender** is about debugging functions with detailed test suites, emphasizing edge cases and type matching.
5. **Deep-mapping veteran** focuses on strategically exploring an ocean floor graph to find resources in a limited time.
6. **Depth-first-gen legendary** involves deducing transformation rules from examples and applying them to hidden tests.
The project invites exploration and contributions at its GitHub repository, welcoming inquiries about its design or implementation.
Keywords: #phi4, AI agents, Elo ratings, GitHub, arena, automated checks, benchmark, challenges, contract issues, decryption, encryption, exploration strategy, exploration strategy Keywords: AI agents, leaderboard, open source, peer review, procedural graph, synthesis questions, test suites, transformation spec
clawdiators.ai 3 days ago
|
797.
HN
Give Up GitHub – Software Freedom Conservancy
The Software Freedom Conservancy is advocating for Free and Open Source Software (FOSS) developers to migrate away from GitHub, now owned by Microsoft, towards more open alternatives that better align with FOSS principles. They criticize GitHub's proprietary nature and centralized control as contrary to the distributed ethos of Git, arguing these aspects contribute to vendor lock-in and expand Microsoft's influence over FOSS development. The Conservancy highlights key reasons for this shift, such as GitHub’s departure from FOSS values and its role in consolidating corporate power within the software development landscape.
To facilitate this transition, they provide resources like Forgejo—a self-hosted solution—and Codeberg, a hosted service built on Forgejo, encouraging influential community leaders, hiring managers, and secure developers to spearhead the move towards open platforms. Their strategy involves collective action from those with influence in their respective communities or organizations to set a precedent for prioritizing openness.
For individuals not yet prepared to abandon GitHub entirely, the Conservancy suggests raising awareness by including these concerns within project README files, thereby sparking discussion within the developer community. Additionally, they advocate for widespread sharing of the #GiveUpGitHub campaign on public platforms to bolster visibility and support. The initiative underscores that moving away from GitHub is a collective endeavor requiring both immediate action from key developers and sustained commitment from all contributors within the FOSS ecosystem.
Keywords: #phi4, Codeberg, FOSS, Forgejo, Git, GitHub, GiveUpGitHub, alternatives, campaign, decentralization, proprietary, self-hosting, vendor lock-in, walled garden
sfconservancy.org 3 days ago
https://codeberg.org/forgejo/forgejo/pulls/16 2 days ago
https://codeberg.org/ForgeFed/Vervis 2 days ago
|
799.
HN
MonoGame: A .NET framework for making cross-platform games
MonoGame is an open-source framework built on .NET, designed for developing cross-platform games using C#. It effectively re-implements the now-defunct Microsoft XNA Framework and supports a broad range of platforms including desktop environments (Windows 10, Linux, macOS), mobile devices (Android, iOS/iPadOS), as well as major gaming consoles like PlayStation, Xbox, and Nintendo Switch. The framework is regularly updated to integrate modern features such as Vulkan and DirectX12 graphics support.
The framework offers educational game samples, such as a 2D platformer and NeonShooter, accessible on all supported platforms for learning purposes. Community engagement and support are facilitated through GitHub discussions, a Discord server, and an issue tracker for bug reporting. MonoGame encourages community contributions, providing guidelines via a contributors' guide.
To sustain its development, financial support is welcomed in the form of subscriptions that assist with hosting, hardware requirements, and potentially funding dedicated developers if sufficient backing is obtained. The source code is publicly available on GitHub, complete with submodules necessary for building.
MonoGame's architecture includes various components such as the game engine itself, content pipeline tools, project templates, and testing frameworks. It also offers additional tools like command line compilers (mgfxc) and a GUI frontend (mgcb-editor) for content processing needs. The framework is released under the Microsoft Public License, with certain code sections subject to specific third-party licenses; further licensing details can be found in the LICENSE.txt file.
Keywords: #phi4, C#, DirectX, DirectX12, GitHub, MonoGame, NET framework, OpenGL, Vulkan, XNA Framework, consoles, content pipeline, contributions, cross-platform, desktop PCs, game development, mobile devices, open-source, platforms, samples, support
github.com 3 days ago
https://fna-xna.github.io/ 3 days ago
https://fna-xna.github.io/docs/appendix/Appendix-A 3 days ago
https://youtu.be/wJY8RhPHmUQ?is=jwDBVae8AhBH-ANB 3 days ago
https://walbourn.github.io/directxtk/ 3 days ago
https://www.pcgamingwiki.com/wiki/Celeste 3 days ago
https://celeste.ink/wiki/Version_history 3 days ago
https://github.com/stride3d/stride 3 days ago
https://github.com/libgdx/libgdx 3 days ago
https://github.com/godotengine/godot/pull/110 3 days ago
|
810.
HN
My Dev Box Setup Script
The "My Dev Box Setup Script" streamlines the configuration of a development environment on a fresh machine by automating the installation of essential tools such as Zsh, Oh My Zsh, uv (a rapid Node.js version manager), and generating an SSH key for GitHub integration. Released on March 7, 2026, this script can be executed using a curl command, offering convenience and efficiency to users. Notably idempotent, it allows repeated execution without causing harm or redundancy, ensuring that components like Zsh (set as the default shell), Oh My Zsh, and uv are installed only if absent. Additionally, it generates an SSH key for GitHub if one is not already in place, providing a direct link to add this new public key to GitHub settings. Upon successful completion, the script displays the generated public key and advises users to restart their shell to apply all changes effectively.
Keywords: #phi4, Dev Box, GitHub, Linux, Oh My Zsh, SSH Key, Setup Script, Unix, automation, command-line, configuration, curl, environment, essentials, idempotent, install, machine, package manager, public key, repository, repositoryComma-separated List: Dev Box, repositoryExtracted Keywords: Dev Box, repositoryFinal Keywords: Dev Box, repositoryKeywords: Dev Box, script, security, shell, software development, terminal, uv, zsh
rlafuente.com 3 days ago
https://deb.nodesource.com/setup_lts.x 3 days ago
|
819.
HN
AI SAd-ware
The author introduces the concept of "AI SAd-ware" (AI Skills Ad-ware), pointing out an emerging issue where AI coding agents like Codex are compromised by hidden advertisements within skill repositories. This problem became evident when the author cloned popular GitHub repositories, relying on their popularity metrics without thorough code review, only to find intrusive ads embedded as functional code. To address this issue, the author highlights the utility of "Greywall," a sandboxing tool that controls network requests and access permissions for AI agents, effectively blocking advertisements. The positive experience shared by the author with Greywall in just two days underscores its effectiveness. The post serves dual purposes: alerting users to the risks associated with using skill repositories without due diligence and recommending tools like Greywall as protective measures. It concludes with a caution against blindly trusting GitHub repositories based on manipulated popularity metrics, emphasizing the importance of careful evaluation.
Keywords: #phi4, AI, ChatGPT Plus, Codex, Github, Greywall, ads, agents, development work, network requests, paper2web skill, patching, sandboxing, scientific-skills, skills repos, vanity metric
studium.dev 3 days ago
|
824.
HN
Open Occult- Tools for the Modern Mystic
Open Occult is an open-source initiative dedicated to providing resources and tools for individuals interested in exploring the occult, spirituality, and divination practices. It offers extensive knowledge bases on topics such as mythology, botanicals, runes, symbols, tarot, and more through curated datasets and interactive APIs, making information accessible and engaging. Key features include JSON-formatted open-source datasets with internationalization support, enhancing accessibility across different languages and regions.
The platform also incorporates a multi-functional bot named Cabot, which is developed using technologies like Node.js, Discord.js, and TypeScript. This bot serves to enhance community interaction on platforms such as Discord by offering various functionalities aimed at community enhancement. Additionally, Open Occult plans to introduce Runeva, an educational platform designed for interactive learning of occult practices through courses and exercises.
For those interested in contributing to the project, guidelines are available in a document called CONTRIBUTING.md. Community engagement and support are facilitated through GitHub Discussions where users can connect with each other. Documentation is provided to assist users and contributors with API references, understanding data structures, and customizing Cabot, ensuring that individuals have all necessary resources to engage effectively with Open Occult’s offerings.
Keywords: #phi4, APIs, Cabot, Discord Bot, GitHub, JSON Data, Nodejs, Open Occult, Runeva, TypeScript, botanicals, community-driven, datasets, deities, divination, educational platforms, i18n, interactive tools, mythology, pantheons, runes, spirituality, symbols, tarot
github.com 3 days ago
|
837.
HN
Show HN: Turn an audio recording into a LinkedIn video – no signup, no server
The Audiogram Creator is a browser-based tool designed to transform audio recordings into visually appealing videos compatible with platforms like LinkedIn and YouTube without necessitating user sign-ups or server uploads. This single HTML file application allows users to personalize their content by customizing primary and accent colors, incorporating optional transcripts through Whisper JSON for precise timing, and editing captions for enhanced presentation. It supports WAV/Audio File formats and includes a preview feature before recording or downloading the final .webm video file. The tool is particularly beneficial for individuals who wish to present projects or professional insights off-camera, such as those in the job market, enabling them to share their voice effectively on social platforms. Users can access both a demo of the tool and its source code on GitHub through provided links.
Keywords: #phi4, GitHub, HTML, LinkedIn, WAV file, Whisper JSON, audio recording, browser, captions, colors, download, edit, job market, preview, profile image, project sharing, record, text pace, transcript, video, webm, words per caption
ohmstone.github.io 4 days ago
|
842.
HN
Sendbuilds: Build and deploy any GitHub repo with one command
Sendbuilds is an advanced command-line interface (CLI) tool designed to streamline the building and deployment processes for GitHub repositories across a wide range of programming languages and frameworks. It simplifies automation with features like step events, caching, auto-detection, metrics, sandbox controls, artifact signing, and support for various output targets. Sendbuilds supports numerous languages including Node.js, Python, Ruby, Go, Java, PHP, Rust, and more, along with specific frameworks such as Next.js, Rails, Django, and Spring. The tool offers extensive build commands to manage full build+deploy pipelines, handle repositories, detect programming languages, install dependencies, and publish artifacts.
Key functionalities include sophisticated artifact management with options to list, prune, download, debug, replay, and rollback builds, alongside time-travel deployment capabilities. It supports rebase operations for Dockerfiles, allowing runtime updates without complete rebuilds. Security is a focal point, featuring automatic security scans during the build process, adherence to critical vulnerability policies, and secure base image switching like distroless. Sendbuilds enhances security with sandbox controls and artifact signing using HMAC-SHA256 or cosign integration.
The tool tracks resource usage through metrics and logs, offering machine-readable step events for monitoring. Extensive configuration options are available via `sendbuild.toml`, allowing users to specify project details, build commands, deployment settings, caching strategies, security checks, and environment variables. Installation is straightforward with scripts and packages available for multiple operating systems.
For local development, Sendbuilds supports building and testing the CLI alongside framework-specific commands for web app testing. Deployment options are versatile, covering Kubernetes, serverless functions, tarballs, directories, or container images, with features such as dry runs, branch-specific deployments, workspace utilization, and remote cloud execution. The tool emphasizes security with artifact garbage collection, SBOM generation, vulnerability scans, and compatibility checks for OS/architecture mismatches. It supports multi-language toolchains and promotes contributions through a structured workflow requiring local validation before pull requests. Continuous integration is handled via GitHub Actions to ensure code quality across Linux and Windows platforms.
Keywords: #phi4, C/C++, CLI, Deno, Django, Docker, Elixir, Flask, GitHub, GitHub Actions CI, Gleam, Go, Java, Kubernetes, Laravel, NET, Nextjs, Nodejs, PHP, Python, Rails, Ruby, Rust, SBOM, Shell Scripts, Spring, Static Sites, artifact signing, build automation, buildx cache, caching, compilation, container_image, cosign integration, deploy, deterministic behavior, directory, formatting, multi-arch, multi-target outputs, provenance attestations, reproducible builds, sandbox controls, sandboxing, security-first checks, sendbuilds, serverless, signing key, supply-chain metadata, tarball, tests, vulnerability scans
github.com 4 days ago
|
850.
HN
Show HN: I made an App for learning Japanese, and it won in Vercel's OSS program
KanaDojo is an innovative open-source Japanese learning app developed to facilitate the study of Hiragana, Katakana, Kanji, and vocabulary. Drawing inspiration from popular platforms like Monkeytype and Duolingo, it offers users extensive customization options through various color themes and fonts to enhance engagement and usability. The developer initially submitted this project as a humorous entry into Vercel's OSS program but was accepted into their Winter cohort, leading to significant community interest evidenced by over 1,000 GitHub stars. KanaDojo leverages Next.js for its development, aiming to provide an intuitive learning experience free of charge. Contributions from both novice and seasoned developers are encouraged, supported by detailed guides, making it a collaborative project bolstered by Vercel's sponsorship. Access to the app is available through its GitHub repository or via a live demo.
Keywords: #phi4, Aesthetic, App, Contribution, Customization, Documentation, Duolingo, GitHub, Hiragana, Japanese, KanaDojo, Kanji, Katakana, Learning, Live Demo, Minimalist, Monkeytype, Nextjs, OSS, Sponsorship, Stars, Vercel, Vocabulary
github.com 4 days ago
|
854.
HN
Show HN: A Bullet Hell of Your Own Making
"A Bullet Hell of Your Own Making" is a browser-native game created as a stress-relief project while its developer's partner was abroad, drawing inspiration from 1970s arcade games. Designed to illustrate how worries often originate from personal perceptions rather than reality, the game challenges players to score points by shooting balls past paddles and avoiding explosions, all while dodging a pursuing doughnut. This creative endeavor also served as an educational journey for the developer, providing an opportunity to learn Raylib, an open-source library written in C. The gameplay is controlled via the W key for thrust, A and D keys for rotation, and the space bar to fire. While it operates smoothly in Firefox, some browsers may necessitate an additional click for sound functionality. The game's source code can be accessed on GitHub, encouraging community engagement and further development.
Keywords: #phi4, Arcade, Arcade games, Balls, Browser-native, Browser-native game, Bullet Hell, C language, Controls, Doughnut, Explode, Fire, Firefox, GitHub, Middle East, Open source, Paddles, Paddlets, Points, Points Keywords: Bullet Hell, Project, Raylib, Rotate, Score, Sound, Stress, Thrust
safetystoatstudios.itch.io 4 days ago
|
855.
HN
The surprising whimsy of the Time Zone Database
The IANA Time Zone Database serves as an indispensable tool for managing global time zone changes, exemplified by British Columbia's transition to permanent daylight saving time, which was recorded in the database through GitHub commits. Although primarily a technical resource, it intriguingly includes historical anecdotes and whimsical entries that add a human dimension to its complexity. These narratives range from Robertson Davies' 1947 critique of daylight saving to a Nashville clock with dual faces symbolizing differing political views from the 1950s. The database also recounts New York City's "day of two noons" during the adoption of standardized time zones in 1883 and features a detective story about establishing time zones in Resolute Bay. These charming elements highlight the human aspect amid its technical framework, showcasing the database as not just a functional tool but also a repository of engaging historical insights.
Keywords: #phi4, GitHub, IANA, Nashville clock, New York City, North America file, Puritanism, Resolute Bay, Robertson Davies, Time Zone Database, Time zones, WWII, commits, daylight time, detective story, detective story Keywords: Time zones, double summer time, history, open source, software, standardized time zones, tz repository, whimsy
muddy.jprs.me 4 days ago
https://gist.github.com/timvisee/fcda9bbdff88d45cc90616 3 days ago
https://lists.iana.org/hyperkitty/list/tz@iana.org 3 days ago
https://github.com/eggert/tz/blob/main/n 3 days ago
https://www.youtube.com/watch?v=-5wpm-gesOY 3 days ago
https://archive.aramcoworld.com/issue/196902/dinne 3 days ago
https://github.com/eggert/tz/blob/main/a 3 days ago
https://blog.scottlogic.com/2021/09/14/120-ye 3 days ago
https://ciju.in/writings/understanding-timezones 3 days ago
https://www.computerworld.com/article/1548822/astr 3 days ago
https://publicsuffix.org/ 3 days ago
|
856.
HN
Prime Radiant: What We're Working On
In the blog post from February 23, 2026, Jesse Vincent, founder and CEO of Prime Radiant, shares insights into his career transition towards agentic development in artificial intelligence (AI). Reflecting on his varied professional journey, which includes founding a keyboard company, developing a ticketing system, and working with Perl and K-9 Mail, Jesse now focuses on coding agents using the Superpowers framework. Initially developed for Claude Code, this framework supports various agent platforms at Prime Radiant, emphasizing AI and agentic development as core operational areas.
Despite the challenge of reduced hands-on coding work, Jesse finds his new role rewarding due to its facilitation of overseeing multiple projects and enhancing productivity. He manages a team effectively without personally writing code, utilizing tools like Claude Code for logging and summarizing his activities. A notable project is an automatic engineering notebook that organizes his work by day, project, or calendar view, enabling efficient tracking of numerous software projects in various programming languages.
Jesse concludes the post with plans to open-source several Prime Radiant tools, highlighting their value for software developers while underscoring that they are developed without human coding efforts. These initiatives reflect Jesse's ongoing commitment to advancing AI and agentic development through innovative approaches and collaborative frameworks.
Keywords: #phi4, AI, CEO, Claude Code, GitHub, Jesse Vincent, Prime Radiant, Superpowers, agentic development, coding agents, engineering notebook, open source, software projects, terminal-bench, terminal-bench Keywords: Jesse Vincent
primeradiant.com 4 days ago
|
860.
HN
IronCurtain: A Personal AI Assistant Built Secure from the Ground
"IronCurtain" is an advanced personal AI assistant designed with a strong emphasis on security from its inception, motivated by vulnerabilities seen in projects like OpenClaw. It employs two distinct sandbox architectures—Code Mode and Docker Mode—to isolate operations via a proxy that enforces defined policies. Code Mode limits Large Language Model (LLM) activities to TypeScript snippets without granting file or network access, whereas Docker Mode offers a comprehensive shell within containers with constrained capabilities. A policy engine, written in plain English and compiled into deterministic rules, governs actions such as file reading or executing git commands. The system ensures credential separation and logs every decision while featuring an auto-approver for routine tasks to reduce interruptions, though it demands explicit user consent for risky activities. Currently supporting filesystem access, git operations, web fetching, and secure messaging via Signal, IronCurtain is poised for further enhancements.
The project aims to tackle drift and prompt injection issues in LLMs by containing risks through sandbox isolation while providing feedback on policy violations. This approach reflects its core philosophy of integrating security from the start, creating AI assistants that are both trustworthy and user-friendly. Feedback and contributions are welcomed, with the code accessible on GitHub for community input. Overall, IronCurtain sets a secure foundation for developing capable AI agents by embedding security within their architecture, showcasing a proactive strategy to manage risks associated with digital life automation.
Keywords: #phi4, AI Assistant, Code Mode, Credential Separation, Docker Mode, GitHub, IronCurtain, MCP Proxy, Policy Engine, Prompt Injection, Sandbox, Security, Threat Model, Usability
www.provos.org 4 days ago
|
861.
HN
T3 Code is the best way to code with AI
"T3 Code" is presented as the leading tool for AI-assisted coding, developed by T3 Tools Inc. and scheduled for a GitHub release in 2026. Users are encouraged to download it from the company's website or engage with them on Discord. It should be noted that this projected release date might not be accurate according to information available up until October 2023. The text focuses on promoting "T3 Code" as an advanced solution for coding tasks, highlighting its anticipated availability and suggesting potential avenues for user interaction.
Keywords: #phi4, AI, GitHub, T3 Code, collaboration, community, development, download, innovation, integration, open-source, platform, programming, technology, tools
t3.codes 4 days ago
https://www.youtube.com/watch?v=MEJQUwr9d_s 4 days ago
https://preservetube.com/watch?v=MEJQUwr9d_s 4 days ago
|
865.
HN
I built a site to browse and vote on LLMs across N dimensions
LLMMatrix is an innovative platform that functions as a comprehensive ranking tool for Large Language Models (LLMs), similar to how G2 ranks software products. It enables users to browse and evaluate these AI models across diverse criteria, such as coding proficiency, creative writing capabilities, general chat functionality, math & reasoning skills, tool use efficiency, vision processing, and multi-turn conversation abilities. The platform is enriched with real developer reviews and supports community-driven feedback, featuring 20 model listings evaluated on 10 distinct dimensions. Users can explore LLMs based on specific use cases, enhancing their ability to find suitable models for particular needs. Access to the platform's voting or browsing features requires signing in via GitHub, ensuring a seamless user experience while contributing to its growing repository of evaluations and insights.
Keywords: #phi4, AI Models, GitHub, LLMMatrix, browse, coding, community, creative writing, developer, dimensions, explore, general chat, math & reasoning, models, multi-turn, rankings, rate, reviews, tool use, use case, vision, vote
llm-matrix.vercel.app 4 days ago
|
874.
HN
Show HN: OpenGraviton – Run 500B+ parameter models on a consumer Mac Mini
OpenGraviton is an innovative open-source AI inference engine designed to facilitate the running of large models on consumer hardware like the Mac Mini by minimizing memory and compute demands. It employs advanced techniques such as 1.58-bit ternary quantization for efficient model compression, dynamic sparsity using Top-K pruning, and Mixture of Experts (MoE) routing for optimized performance. Additionally, it incorporates mmap-based layer streaming from NVMe SSDs and speculative decoding to boost throughput, enabling the execution of models that exceed system RAM capacities locally. These methods have shown significant reduction in model sizes; for instance, TinyLlama-1.1B was compressed from 2.05GB in FP16 to just 0.24GB using ternary quantization. OpenGraviton is specifically tailored for Apple Silicon, utilizing custom Metal and C++ tensor unpacking techniques. Further insights into its architecture and performance benchmarks can be found on its official website and GitHub repository.
Keywords: #phi4, 158-bit compression, AI inference, Apple Silicon, FP16, GitHub, Metal C++, MoE routing, NVMe SSDs, OpenGraviton, RAM, Top-K pruning, architecture, benchmarks, consumer hardware, dynamic sparsity, mmap-based streaming, models, speculative decoding, synthetic stress tests, ternary quantization
opengraviton.github.io 4 days ago
|
882.
HN
Grief Text Editor
GRIEF is a console-based text editor inspired by the BRIEF family, designed to function seamlessly on Unix, Windows, and Mac operating systems. It caters to both novice and experienced developers with its intuitive interface and robust feature set for editing plain text files. The software can be installed via precompiled binaries or built from source, as detailed on GitHub and SourceForge.
Configuration of GRIEF is managed through environment variables such as GRPATH, GRHELP, and GRPROFILE, which specify directories for macros, help databases, and runtime configuration details respectively. Users interact with text files by loading them into buffers and use various navigation and editing commands to manipulate content. Key features include modeless editing that allows direct typing of text, multi-window management through tiling, and regular expression-based search and replace capabilities.
GRIEF enables users to cut or copy text regions using a scrap buffer, and changes can be easily undone or redone. Additional functionalities accessible via feature menus and command prompts enhance the user experience with features like spell checking, formatting, and viewing editor information. The installation process offers extensive customization options for setting paths related to binaries, macros, and help files.
Users encountering issues are encouraged to report them on GitHub. Overall, GRIEF upholds the legacy of BRIEF by providing a powerful environment that facilitates efficient text management across different platforms, making it an invaluable tool for programmers who require a versatile editing solution.
Keywords: #phi4, BRIEF, CRisPEdit, GRHELP, GRIEF, GRPATH, GRPROFILE, GitHub, Linux, Mac, Unix, Windows, buffers, build, coloriser, command line, configuration, console, cut and paste, editing, editor, features menu, installation, interface, macros, navigation, plain text, regular expressions, scrap buffer, search and replace, source code, spell checking, tiled windows, undo redo
github.com 4 days ago
|
892.
HN
TanStack Intent
TanStack Intent is an innovative tool aimed at streamlining the development process by enabling the generation, validation, and deployment of Agent Skills alongside npm packages. These skills, which represent procedural knowledge, can be dynamically loaded as needed and are distributed through updates in npm libraries. A standout feature of TanStack Intent is its ability to automatically detect these skills within `node_modules`, eliminating the need for manual configuration. Additionally, it includes a staleness detection mechanism that alerts developers to changes in source documents through continuous integration checks, ensuring that skills remain up-to-date and functional.
TanStack actively encourages collaboration with partners interested in contributing to the ecosystem's growth and seeks collaborators to further enhance its platform. This initiative underscores their commitment to fostering innovation within the TanStack community. The tool has gained significant traction, as evidenced by 1,265 downloads on NPM and a robust presence on GitHub, where it boasts 106 stars and contributions from six developers. For those interested in exploring more about TanStack Intent or engaging with its community, resources are available through their official website and social channels such as Discord, Twitter, and GitHub.
Keywords: #phi4, AI, Ads, Agent Skills, Automatic Discovery, Blog, Brand Guide, Builder, CLI, DB, Devtools, Discord, Docs, Ethos, Feed, Form, GitHub, Hotkeys, Learn, Libraries, Maintainers, Merch, Pacer, Partners, Partnerships, Privacy Policy, Query, Router, Showcase, Skills, Sponsors, Staleness Detection, Stats, Store, Support, Table, TanStack, Tenets, Terms of Service, Virtual, npm Packages
tanstack.com 4 days ago
|
894.
HN
Pullnotes: A Notion-like editor for your GitHub repos
Pullnotes is a minimalist Markdown editor that integrates with GitHub repositories, designed to function similarly to Notion. As a GitHub App, it necessitates specific environment configurations during installation and deployment. Locally, setting up Pullnotes requires installing dependencies via `pnpm install` and configuring the application using `pnpm setup`, which generates a local `.env` file for necessary configuration details. Development begins with running `pnpm dev`.
Essential environment variables include BETTER_AUTH_SECRET, BETTER_AUTH_URL, AUTH_DB_PROVIDER (with options of SQLite or Data Lake), DB_PATH (for SQLite paths), and several GitHub-specific identifiers such as GITHUB_APP_ID, NAME, PRIVATE_KEY, CLIENT_ID, and CLIENT_SECRET. An optional variable is PEXELS_API_KEY, which enables the feature to search for cover images in Pexels.
For GitHub App configuration, users must set up an OAuth callback URL at `https://<your-domain>/api/auth/callback/github` and a setup URL at `https://<your-domain>/api/github-app/callback`. The app should have permissions enabled for redirecting on updates and specific access rights: read/write to repository contents, read-only metadata access, and read-only email address access.
Deployment involves setting the required environment variables as outlined, installing dependencies with `pnpm install --frozen-lockfile`, building the application using `pnpm build`, and finally starting it with `pnpm start`.
Keywords: #phi4, Better Auth, D1 binding, GitHub, GitHub App, Markdown editor, Notion-like, OAuth callback, PullNotes, SQLite, build, dependencies, deployment, environment variables, local install, repository permissions, start
github.com 4 days ago
|
899.
HN
I'm 17 and built an AI that generates GitHub READMEs from any repo URL
A 17-year-old developer has introduced Wabio, an AI-driven tool designed to automatically generate GitHub README files using any given repository URL. This innovation seeks to streamline the often time-consuming task of documenting code repositories by leveraging artificial intelligence to automate the creation process. By facilitating easier and more efficient documentation generation, Wabio aims to enhance accessibility and usability for developers worldwide. The young developer is actively seeking feedback on this tool in hopes of refining its functionality and broadening its impact within the tech community.
Keywords: #phi4, AI, Feedback, Generator, GitHub, READMEs, Wabio, keywords, relevant, repo URL, technical
www.wabio.xyz 4 days ago
|
914.
HN
Show HN: Recruiter Analytics for Developer Portfolios
The announcement introduces "Recruiter Analytics for Developer Portfolios," a tool designed to enhance developers' job application processes by providing insights into recruiter interactions with their portfolios. This platform collects and analyzes metrics such as profile views, repository clicks, resume open rates, viewer locations, and the types of companies viewing profiles, allowing developers to identify which elements of their portfolio engage recruiters most effectively. The data-driven feedback parallels product analytics, helping developers optimize their online presence for hiring success. As part of the PortLume AI service, this tool focuses on creating AI-powered portfolios tailored for improved recruitment outcomes. Additionally, a detailed technical explanation and design rationale are available for those interested in the underlying mechanisms of the tracking system. The announcement also seeks feedback from the Hacker News community regarding this analytical approach to enhancing developer portfolios.
Keywords: #phi4, AI-Powered Portfolios, Black Box, Company Type, Design, Developer Portfolios, Feedback Loop, GitHub, HN Community, Job Applications, PortLume AIKeywords: Recruiter Analytics, Portfolio Link, Product Analytics, Profile Views, Projects, Recruiter Analytics, Repository Clicks, Resume, Resume Open Rate, Skills, Technical Breakdown, Tracking, Viewer Location Insights
portlumeai.com 4 days ago
|
919.
HN
AI Copyright Truth
The release of chardet version 7.0 in March 2026 sparked controversy primarily around issues of intellectual property and the role of artificial intelligence in content creation. The maintainers of the Python library updated it using AI-assisted methods, transitioning its license from LGPL to MIT. This prompted objections from the original author, Mark Pilgrim, who argued that such modifications could breach copyright law. The ensuing debates often mistakenly suggested that AI involvement nullifies copyright protections, erroneously positioning AI-generated content as public domain material. However, legal precedents confirm that works produced with substantial human creative input can retain copyright protection, a principle supported by successful registrations of similar AI-assisted creations. This underscores the nuanced relationship between technology and intellectual property rights, challenging prevailing misconceptions about AI's impact on copyright law.
Keywords: #phi4, AI, AI-assisted rewrite, Chardet, Chardet Controversy, GitHub, Hacker News, LGPL, MIT, MIT license, Mark Pilgrim, Python, Python library, contribution, controversy, copyright, creative, human, human creative contribution Keywords: AI, legal precedent, library, license, public domain, rewrite
faircoding.com 4 days ago
|
923.
HN
Show HN: Bonds – Open-source personal relationship manager (Go and React)
Bonds is an open-source personal relationship manager built using Go and React, designed to streamline managing relationships by tracking notes, reminders, important dates, life events, gifts, debts, and more. It emerges as a simplified, high-performance alternative inspired by Monica—a popular but less actively maintained CRM on GitHub—addressing the latter's maintenance challenges.
Key features of Bonds include its simplicity and performance, achieved through packaging as a single binary with an embedded SQLite database, eliminating dependencies like PHP or Node. Deployment is straightforward, either via Docker or by downloading and executing the binary directly. The modern tech stack includes a Go backend (using Echo + GORM) and a React 19 frontend with TypeScript and Ant Design, defaulting to SQLite but supporting PostgreSQL.
Bonds emphasizes comprehensive testing and security, boasting over 1,300 tests covering various aspects and implementing WebAuthn/FIDO2 for passkeys, TOTP for two-factor authentication, and OAuth integration. Advanced features enhance its functionality: synchronization with CardDAV/CalDAV clients, full-text search with CJK support, data isolation through multi-vaults, role-based access, Telegram notifications for reminders, and internationalization supporting English and Chinese.
To get started, users can deploy Bonds via Docker by using a provided `docker-compose.yml` file or download a pre-built binary or build from source with Go 1.25+ and Bun 1.x. The project uses a hybrid configuration strategy, leveraging environment variables for infrastructure settings and an Admin UI for runtime configurations such as SMTP and OAuth.
As a community-driven initiative, Bonds encourages contributions and iteration, providing auto-generated OpenAPI/Swagger documentation covering numerous API endpoints accessible through Swagger UI. Its Business Source License (BSL 1.1) permits free non-commercial use by individuals while requiring organizations to obtain a paid license for commercial usage; it will transition to AGPL-3.0 after February 17, 2030.
Overall, Bonds offers a robust and user-friendly alternative to existing personal CRM solutions, leveraging modern technologies and community support to enhance its offerings.
Keywords: #phi4, AGPL-30, API documentation, Bonds, Business Source License, CardDAV/CalDAV, Docker, GitHub, Go, Monica, OAuth, React, SQLite, TypeScript, WebAuthn/FIDO2, full-text search, multi-vault
github.com 4 days ago
|
925.
HN
Show HN: Ptero, a Svelte Alternative to Docusaurus
Ptero is a Svelte-based alternative to Docusaurus, developed by yail259 as a passion project aimed at SvelteKit enthusiasts. Designed to merge documentation and landing pages into one cohesive site, Ptero offers modern features despite not being as refined as established tools like Docusaurus. It integrates seamlessly with existing SvelteKit projects through a command-line interface (CLI) installation process. Key features include a responsive tri-pane layout, full-text search using Fuse.js without backend dependencies, and support for multiple documentation versions with version switching capabilities. Ptero leverages MDsveX to allow writing in Markdown while supporting full Svelte component integration, alongside offering built-in theming options such as dark mode, CSS variable customization, and preset themes.
Open-source under the MIT license, Ptero invites contributions through pull requests. The project’s quick start process involves adding dependencies (`pnpm add -D ptero mdsvex`), running an installer (`pnpm ptero init`), and starting a development server (`pnpm dev`). Configuration is managed via a single TypeScript file (`pterodactyl.config.ts`) which handles site settings including title, description, themes, available versions, and search functionality.
Future plans for Ptero involve enhancing its core engine capabilities, expanding UI components, and integrating advanced features like Algolia support, a plugin system, and internationalization (i18n) support. By addressing the need for an integrated documentation solution tailored to SvelteKit users, Ptero aims to provide modern design flexibility, bridging the gap where current solutions may fall short.
Keywords: #phi4, Algolia, CLI, Docusaurus, Fusejs, GitHub, MDsveX, Markdown, Ptero, Svelte, SvelteKit, Vite, components, configuration, customization, dark mode, documentation, i18n, layout, navigation, open source, presets, search, theming, versioning
github.com 4 days ago
|
926.
HN
Show HN: Visual drag-and-drop README builder with live GitHub preview
The Visual Drag-and-Drop README Builder is a React-based client-side web application designed to streamline the creation and formatting of GitHub README files. It provides users with an intuitive drag-and-drop interface where they can add elements like headings, badges, code blocks, tables, images, and alerts into a visual canvas. This allows for real-time previews showing how these elements will appear on GitHub. By offering this functionality, the tool eliminates repetitive formatting tasks and reduces the need for multiple commits solely to check how content renders. Users have the option to copy or export their final README once they are satisfied with its layout. Notably, the application operates entirely on the client side without requiring any backend support or user login, ensuring ease of use and accessibility. The source code for this tool is publicly available on GitHub, offering transparency and potential opportunities for further customization or enhancement by interested developers.
Keywords: #phi4, GitHub preview, README builder, React app, Visual drag-and-drop, alerts, badges, blocks, canvas, code, headings, images, no backend, rendering, source, tables
news.ycombinator.com 4 days ago
|
932.
HN
GoGogot – AI agent in Go, ~15 MB binary, ~10 MB RAM, MiniMax 2.5
GoGogot is an innovative, lightweight open-source AI agent crafted in Go, offering self-hosting capabilities with minimal resource consumption (approximately 15 MB binary and 10 MB RAM). It provides users with shell command execution, file management, web browsing, and task scheduling. The platform supports six built-in language models—Claude, DeepSeek, Gemini, MiniMax, Qwen, and Llama—and facilitates the integration of custom models through configuration files.
The agent's key features include shell access for server file management, web tools for searching and downloading content, persistent memory using Markdown to maintain continuity across sessions, and identity management via soul.md (agent personality) and user.md (owner profile). These profiles adapt as interactions evolve. GoGogot also offers skills and task planning capabilities, enabling procedural knowledge creation and multi-step task management with a checklist scoped per session.
The agent incorporates a cron-based task scheduler that persists across restarts and integrates seamlessly with Telegram bots to support multiple chats and attachments, along with typing indicators. Designed for simplicity without frameworks or plugins, GoGogot operates efficiently on Linux servers or low-cost VPS. It distinguishes itself from similar tools like OpenClaw and Nanobot by its minimal dependency requirements.
Deployment is straightforward, involving repository cloning, environment variable configuration for API keys, and a Docker setup, all completing swiftly in about 60 seconds under a $4/month VPS budget. The project, licensed under MIT, is hosted on GitHub to encourage community contributions and customization.
Keywords: #phi4, AI agent, Docker, GitHub, Go, GoGogot, MIT license, MIT license Comma-separated List: GoGogot, MIT license Extracted Keywords: GoGogot, MIT license Final Keywords: GoGogot, MIT license Keywords: GoGogot, MiniMax, Open-Source, RAM, Telegram Bot, architecture, binary, frameworks, identity, multi-model, persistent memory, plugins, scheduler, self-hosted, server, shell commands, skills, task planning, web tools
go-go-got.com 4 days ago
|
934.
HN
System Design and Machine Learning Interview Material
The GitHub repository "System Design Principles" by Ali Meh619 is designed as a resourceful tool to help engineers prepare effectively for system design interviews. It includes a collection of concepts and diagrams that illustrate key principles in system design, enriched with practical examples from well-known companies such as Twitter, Uber, and Netflix. Additionally, the repository covers essential points related to machine learning, aiming to make the study of these complex topics more accessible. The creator encourages feedback and suggestions for including additional systems, reflecting a commitment to continuous improvement and collaboration within the engineering community. This repository is particularly valuable for its practical insights and real-world applicability in system design education.
Keywords: #phi4, Diagrams, Engineers, Feedback, GitHub, Interviews, Machine Learning, Netflix, Principles, Real-world Examples, Repository, System Design, Twitter, Uber
news.ycombinator.com 4 days ago
|
935.
HN
Simple Maturin Based Python Bindings to Scryer Prolog
"scryerpy" is a Python library that provides bindings to Scryer Prolog, utilizing Maturin for seamless integration. It offers a simplified interface compared to other projects like "https://github.com/jjtolton/scryry," which seeks closer integration between Python and Prolog. The primary goal of "scryerpy" is to facilitate easier interaction with Scryer Prolog using straightforward Python bindings, enhancing usability for developers who prefer simplicity over complex integrations. Users can easily install the package through pip by executing the command `pip install kdrag-scryer`, ensuring quick and easy access to its functionalities.
Keywords: #phi4, GitHub, Python Bindings, Scryer Prolog, Simple Maturin, cohesive, distinct, jjtolton, kdrag-scryer, package manager, pip install, scryerpy
github.com 4 days ago
|
937.
HN
Show HN: µJS, a 5KB alternative to Htmx and Turbo with zero dependencies
µJS is a compact (~5KB gzipped) JavaScript library that facilitates AJAX navigation on traditional websites without relying on external dependencies such as HTMX or Turbo. It streamlines asynchronous content updates by capturing link clicks and form submissions, fetching new page fragments via AJAX, and dynamically updating the DOM. The library boasts features like patch mode, server-sent events (SSE), view transitions, prefetch on hover, polling, and full HTTP verb support for any element. Compared to HTMX (~16KB) and Turbo (~25KB), µJS is significantly smaller in size and eliminates the need for build steps or a learning curve associated with frameworks, making it straightforward to integrate into existing websites. It supports various server-side languages, including PHP, Python, Ruby, Go, without necessitating changes to the server-side code. Implementation involves adding a single script tag and invoking `mu.init()`, transforming internal links to operate seamlessly via AJAX navigation for a swift, Single Page Application (SPA)-like user experience across any site. Additional resources and practical exploration are available on the project's GitHub page and its playground site.
Keywords: #phi4, AJAX navigation, DOM, DOM morphing, GitHub, HTMX, HTTP verbs, SSE support, Turbo, View Transitions, backend compatibility, dependencies, form submissions, idiomorph, init, link interception, patch mode, polling, prefetch on hover, script tag, single-page application, µJS
mujs.org 4 days ago
https://htmx.org/essays/alternatives/#ujs 4 days ago
https://sfconservancy.org/GiveUpGitHub/ 4 days ago
https://mujs.com/ 4 days ago
https://github.com/ccxvii/mujs 4 days ago
https://www.w3.org/TR/rdfa-lite/#h-resource 4 days ago
https://github.com/defunkt/jquery-pjax 3 days ago
https://github.com/robrohan/diffy 3 days ago
https://github.com/josephernest/Swap.js 3 days ago
https://github.com/atlassian/pragmatic-drag-and-drop 3 days ago
https://github.com/yjs/yjs 3 days ago
https://youtu.be/fWfIf7Vfjec 3 days ago
https://mujs.org/playground 3 days ago
|
948.
HN
Show HN: Contrabass – Go and Charm Stack Implementation of OpenAI's Symphony
Contrabass is a Go-based reimplementation of OpenAI's Symphony, designed to automate project management using AI coding agents for enhanced multi-agent collaboration across various parts of a codebase. It supports agent runtimes like OpenAI Codex and OpenCode and offers features such as terminal-first orchestration, live issue tracking, automatic pull request (PR) landing, and a React-based web dashboard for monitoring purposes.
The tool includes key components such as a Cobra Command-Line Interface (CLI) with multiple operational modes including Terminal User Interface (TUI), headless operation, and an embedded web dashboard. It parses YAML front matter in Markdown workflow files using Liquid templating and environment variable interpolation. Additionally, it integrates with Linear and GitHub Issues for issue tracking, Codex app-server, and OpenCode agent runners.
Contrabass provides functionalities like claim/release mechanisms for issues, timeout detection, retry logic, and state snapshots. It also supports live configuration reloads through `fsnotify` and streams orchestrator events using Server-Sent Events (SSE). The tool is packaged for macOS/Linux with GoReleaser and can be installed via Homebrew or built from source.
Development practices include the use of testing frameworks and linting tools, with CI/CD workflows managed via GitHub Actions. Future enhancements are planned to improve the dashboard's live metrics capabilities.
Keywords: #phi4, AI coding agents, Astro, Bun, CI/CD, Charm stack, Cobra CLI, Codex app-server, Contrabass, GitHub, GitHub Actions, GitHub ActionsKeywords: Contrabass, Go, GoReleaser, Homebrew, JSON/SSE API, Linear board, Liquid templating, OpenAI's Symphony, OpenCode, TUI, YAML, YAML front matter, fsnotify, multi-agent coordination, orchestrator, web dashboard
github.com 4 days ago
|
952.
HN
Full-Text RSS site config files
Full-Text RSS enhances article extraction from URLs using site-specific rules stored in a public GitHub repository, allowing users to contribute by editing these configurations through GitHub's interface and having their changes reviewed before integration. If no rule matches a given URL, the tool defaults to automatic content block detection. The files for these rules should be named after the domain or sub-domain (e.g., `example.com.txt` or `sport.example.com.txt`) to align with Instapaper's patterns, which can provide additional extraction capabilities.
Users are supported in creating new site config files via a point-and-click interface for basic rule creation and have access to help pages for more complex adjustments. Testing these changes necessitates the use of Full-Text RSS software, though there are plans to simplify this aspect in future updates. This system fosters community involvement while maintaining structured oversight to ensure high-quality content extraction.
Keywords: #phi4, Full-Text RSS, GitHub, Instapaper, automated tests, configurations, content block, database, extraction rules, file editing, pull requests, site-specific, sub-domain, testing, testing Keywords: Full-Text RSS
github.com 4 days ago
|
955.
HN
The Little Book of Algorithms
"The Little Book of Algorithms," authored by Duc-Tam Nguyen and scheduled for publication in 2025, serves as an informative resource on algorithms utilizing the Quarto platform to generate various formats such as HTML, PDF, EPUB, and LaTeX from its source files. The project encourages collaborative contributions from readers who can help enhance the material through bug fixes, clarifications, or new content additions. This book is distributed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) license, with comprehensive licensing details available in its LICENSE file. Interested individuals can cite this work using a specified format and access it on GitHub, promoting an open-source environment for learning about algorithms.
Keywords: #phi4, 2025Keywords: algorithms, CC BY-NC-SA 40, Duc-Tam, GitHub, Nguyen, Quarto, The Little Book of algorithms, citation, clarifying, clarifying sections, contributing, diagrams, epub, examples, formats, html, latex, license, pdf, preview, render, typos
github.com 4 days ago
|
961.
HN
Show HN: Citepo-CLI, a lightweight CLI for creating blogs, build for AI agent
CitePo-CLI is a streamlined command-line interface tool designed to simplify blog creation and management with minimal initial setup. Its core strength lies in its user-friendliness, allowing bloggers to craft content using Markdown and MDX formats, the latter supporting React components for enhanced post functionality. The tool eliminates the need for boilerplate code like `package.json` or `node_modules`, focusing purely on content and configuration. It supports multi-language blogs through built-in internationalization (i18n) with directory-based routing, while also facilitating AI integration by generating files such as `llms.txt` and `skill.md` to enhance discoverability for models like Codex and Claude.
CitePo-CLI is optimized for search engines with pre-configured SEO features including RSS feeds, sitemaps, and robots.txt. It produces a clean document structure that is ideal for editing by AI coding agents, and allows rapid deployment through the CitePo platform or popular static hosting services like Vercel or Netlify. Users can initiate a blog project with `npx citepo new my-blog` and run local development servers using `npx citepo dev`. Installation via npm, pnpm, or Yarn permits global command usage for tasks such as creating projects (`citepo new`), starting servers (`citepo dev`), and building for production (`citepo build`). A typical project includes a simple Git repository with configuration files, custom styles, MDX content, and static assets. Deployment is flexible, supporting custom domains and subdirectory mounting on any service that hosts static files. Further information can be found in the detailed documentation at docs.citepo.com, and CitePo-CLI is available under the Apache License 2.0.
Keywords: #phi4, AI-ready, Apache License 20, CLI, Citepo-CLI, Cloudflare Pages, Git, GitHub, MDX, Netlify, RSS feed, React components, SEO, Vercel, blogs, directory-based routing, i18n, lightweight, robotstxt, sitemap, static files
github.com 4 days ago
|
971.
HN
Show HN: I built an autonomous AI company that runs itself (22 cycles, $36)
Auto-Co is an autonomous AI company designed to operate continuously without human intervention, performing various tasks such as coding, content creation, and decision-making around the clock. It employs a team of 14 expert virtual agents that assume roles like CEO, CTO, and marketer, allowing them to manage daily operations independently. While these agents handle routine activities autonomously, users maintain control over significant decisions through interactions on Telegram using plain English. The platform facilitates real product deployments to production environments by utilizing tools such as GitHub, Railway, and Vercel. It emphasizes transparency by meticulously logging all actions taken, associated costs, and the reasoning behind each decision, providing users with clear insights into operations and expenditures.
Keywords: #phi4, APIs, Auto-Co, Autonomous AI, CEO, CFO, CTO, GitHub, QA, Railway, Telegram, Vercel, agents, blog posts, campaigns, decisions, designer, engineer, experts, landing pages, logging, marketer, production, products, sales, schedule, transparency
runautoco.com 4 days ago
https://runautoco.com/demo 4 days ago
https://github.com/NikitaDmitrieff/auto-co-meta 4 days ago
|
980.
HN
SlayTheText – A Text Based Copy of Slay the Spire Played in the Shell
"SlayTheText" is a text-based version of the game "Slay the Spire," designed to be played via a shell interface and currently available in an alpha state with existing bugs. It offers three playable characters: Ironclad, Silent, and Defect—the latter accessible exclusively by cloning its GitHub repository. Users can download the executable from its GitHub releases page or run it directly by installing necessary dependencies such as "ansimarkup" via pip and executing `main.py`. A gameplay demonstration is available on YouTube; however, this video showcases an earlier version of the game. The adaptation acknowledges Mega Crit, LLC's ownership of "Slay the Spire," encouraging support for its developers through their Steam platform. Additionally, SlayTheText incorporates some spelling correction code attributed to Peter Norvig.
Keywords: #phi4, Alpha, Ansimarkup, Bugs, Clone, Defect, Dependency, GitHub, Ironclad, LLC, Legal Disclaimer, Mainpy, Mega Crit, Peter Norvig, Shell, Showcase, Silent, Slay the Spire, SlayTheText, Spell Correction, Steam, Text-Based, Video
github.com 4 days ago
|
988.
HN
GitHub appears to be hiding repo stars on mobile for signed-out users
A conversation on Hacker News has surfaced concerning claims that GitHub is allegedly concealing the star counts of repositories when accessed via mobile devices by users who are not logged in. Initiated by a user named ramoz, this topic has garnered some interest and agreement among participants. The potential implications of this change could influence how non-registered users assess the popularity of repositories based on stars. For those seeking more information about GitHub's practices, resources such as their guidelines, FAQs, API documentation, security protocols, legal details, and opportunities like the Y Combinator application process are available for further exploration.
Keywords: #phi4, API, Contact, GitHub, Hacker News, Security, YC, discuss, favorite, help, hide, mobile, ramoz, repo stars, signed-out users
news.ycombinator.com 4 days ago
https://github.com/openai/gpt-2 4 days ago
|
990.
HN
London tech ecosystem map (235 companies)
The London tech ecosystem map provides an insightful visualization of the city's dynamic technology sector by highlighting 235 companies across diverse fields such as AI, biofintech, Web3, education, and big tech, with a recent update to include 236 entities in total. Created by b1rdmania and developed using GhostClaw on GitHub, this interactive heatmap offers an up-to-date look into the thriving technological landscape of London, showcasing its vibrant community across various innovative sectors.
Keywords: #phi4, AI, Big Tech, BioFintech, Built by GhostClaw, Education, GitHub, GitHub Keywords: London, London, VCAI, Web3, b1rdmania, companies, ecosystem, heatmap, map, tech
www.londonmaxxxing.com 4 days ago
|
996.
HN
Show HN: Kaeso: an OAuth hub for AI agents
Kaeso is an emerging OAuth hub project designed to streamline the integration of AI agents with various real-world services, including Google, Slack, and GitHub. Originally conceived as a means to explore AI agent infrastructure, Kaeso has evolved into a platform focused on simplifying these integrations by enabling connections through a single interface that can be accessed consistently. This innovation aims at creating a unified connection layer for AI agents, reducing the complexity of establishing multiple service connections individually. Currently in its early development phase, Kaeso actively seeks user feedback to refine its specialized infrastructure approach for AI applications. The project's progression and concept refinements are detailed further on their blog, where they invite community input to shape future developments.
Keywords: #phi4, AI, GitHub, Google, Kaeso, OAuth, Slack, agents, connection layer, feedback, hub, infrastructure, integrations, project evolution, services, unified interface
news.ycombinator.com 4 days ago
|
1004.
HN
Show HN: I open-sourced my Steam game, 100% written in Lua, engine is also open
The author has released their Steam game, entirely developed using Lua and a custom-built homebrew engine, as an open-source project on GitHub at [willtobyte/carimbo](https://github.com/willtobyte/carimbo). They invite users to provide feedback, emphasizing the importance of community input for future enhancements. For those interested in offering comments or inquiries, they can reach out via email, with specific contact details provided separately due to privacy considerations. This initiative underscores a commitment to transparency and collaborative improvement within the gaming development community.
Keywords: #phi4, GitHub, Homebrew, Lua, Open-sourced, Steam, carimbo, contact, engine, feedback, input, serious, willtobyte
github.com 4 days ago
https://reprobate.site/ 4 days ago
https://store.steampowered.com/app/3582880/Reproba 4 days ago
https://opensource.org/osd 4 days ago
https://gamefromscratch.com/balatro-made-with-love-love2d-th a day ago
|
1007.
HN
Show HN: Speclint – OS spec linter for AI coding agents
Speclint is an innovative tool aimed at enhancing the quality of AI coding agent specifications, ensuring clarity and actionability prior to the development phase. It addresses a critical issue where ambiguous or poorly defined tasks can lead to incorrect outputs from AI models, resulting in wasted time and resources. A standout feature of Speclint is its scoring system that evaluates GitHub issues based on six dimensions: Measurable Outcome, Testable Criteria, Constraints, No Vague Verbs, Definition of Done, and Verification Steps, with a score below 70 signaling unreadiness for development.
Speclint facilitates easy use through a CLI command allowing users to lint issues or markdown files, providing flexibility in outputs and threshold settings. Integration capabilities enable Speclint to function seamlessly within GitHub workflows by automatically commenting on issues, adding labels, and potentially blocking assignments until specifications meet the required standards. The tool offers different versions: Self-Host (OSS) for free local use with six-dimensional scoring, and Cloud plans—Free, Solo, and Team—which provide unlimited lints, codebase-aware scoring, and advanced features such as team dashboards and analytics in higher-tier plans.
By emphasizing well-defined specifications, Speclint plays a crucial role in AI-driven development. It streamlines workflows and enhances project success by refining issues before they reach coding agents, ultimately leading to more efficient development processes and successful outcomes.
Keywords: #phi4, AI, AI coding agents, CLI, CLI reference, GitHub, GitHub Action, GitHub issues, JSON, JSON output, OS spec, OS spec linter, Speclint, acceptance criteria, codebase-aware scoring, codebase-aware scoring Keywords: Speclint, coding agents, constraints, issues, linter, measurable outcome, scoring rubric, verification steps
github.com 4 days ago
https://speclint.ai/ 4 days ago
|
1018.
HN
Show HN: Synclippy – Ephemeral rooms for sharing text or files
Synclippy, developed by Ujjwal Vivek, is a project designed to facilitate the quick sharing of text or files through ephemeral 3-word rooms that exist for five minutes. These rooms store data temporarily in memory, allowing users to transfer snippets or small files seamlessly across devices without needing additional software installations. Originally created for personal use, Synclippy has been open-sourced and can be self-hosted using Docker or run as a Go binary. Ujjwal Vivek encourages feedback on its utility and invites suggestions for enhancements. A demonstration of the service is available at [synclippy.ujjwalvivek.com](https://synclippy.ujjwalvivek.com), and interested users can access the source code on GitHub at [github.com/ujjwalvivek/synclippy](https://github.com/ujjwalvivek/synclippy).
Keywords: #phi4, 3-word rooms, Docker, GitHub, Go binary, Synclippy, Taildrop, demo, devices, ephemeral rooms, files, machines, machines Keywords: Synclippy, memory, open source, repo, self-host, sharing, snippets, text, workflows
synclippy.ujjwalvivek.com 4 days ago
|
1025.
HN
Show HN: Open-source multi-model code review council (BYOK, free tier)
The described project presents an innovative open-source multi-model code review council aimed at enhancing AI-assisted code reviews by utilizing multiple AI models to deliver a more comprehensive analysis compared to single-model approaches. Users can interact with a Lead AI model for guidance on their projects, then initiate the "Council," which consists of three additional models that conduct independent evaluations of the code. The results are systematically categorized into consensus opinions, majority positions, lone warnings, and dissenting views. A significant advantage highlighted is the structured disagreement among models, where each can detect distinct issues overlooked by others—such as temporal data mismatches or unused functions—contributing unique insights: Claude specializes in architectural analysis, Grok focuses on data flows, ChatGPT targets API/integration challenges, and Gemini identifies product gaps.
The system's technology stack integrates FastAPI, HTMX, and OpenRouter to establish a cohesive API gateway. Users have the option to access services using their own keys (BYOK), with reviews costing approximately $0.25 each, alongside a complimentary tier for one free review. Positioned as an open-source alternative to Perplexity’s commercial "Model Council," this tool emphasizes accessibility and community engagement.
Additionally, the project offers integration flexibility through its GitHub-hosted codebase, supporting IDEs via MCP servers and providing REST API access suitable for scripts or continuous integration pipelines. The developers actively seek feedback and constructive criticism from users exploring this platform to enhance functionality and user experience.
Keywords: #phi4, AI, BYOK, CI pipelines, Claude Code, Cursor, FastAPI, GitHub, HTMX, IDE, MCP server, Open-source, OpenRouter, REST API, code review, consensus, disagreement, multi-model, tooling
council.stardreamgames.com 4 days ago
|
1034.
HN
Windows Support for FrankenPHP: It's Finally Alive
FrankenPHP has achieved a major milestone by officially supporting native operation on Windows, addressing a long-standing community demand. The development team surmounted substantial technical obstacles, primarily arising from compatibility issues between Go’s CGO and PHP binaries compiled with Visual Studio. By utilizing Go 1.26's Clang/LLVM frontend support within Visual Studio, FrankenPHP can now be built using the same toolchain as PHP, ensuring seamless integration. This advancement enables FrankenPHP to run natively on Windows with full feature compatibility, including Worker Mode and Hot Reloading. Early benchmarks reveal a noteworthy performance enhancement over traditional Nginx/PHP-FPM setups on Windows Server 2022; however, for optimal throughput, using the Windows Subsystem for Linux (WSL) is still recommended due to Linux's superior I/O capabilities. The project acknowledges the support of sponsors Intelligence X and Les-Tilleuls.coop, emphasizing their crucial role in open-source development. Newly available Windows binaries can be accessed via a specific pull request and downloaded from FrankenPHP’s releases page, marking a significant leap forward in both accessibility and performance for FrankenPHP on Windows platforms.
Keywords: #phi4, CGO, Clang/LLVM, FrankenPHP, GitHub, Go 126, Go library, Hot Reloading, PHP extensions, Pull Request #2119Keywords: FrankenPHP, Visual Studio, WSL, WSL (Windows Subsystem for Linux), Windows support, Worker Mode, libphp, lld-link, llvm-mingw, native compatibility, performance boost, sponsorship
dunglas.dev 5 days ago
|
1044.
HN
Interpreting Pull Request Changes Before CI Enforcement
The document details the "Interpreting Pull Request Changes Before CI Enforcement" system, which utilizes DevWedge's execution boundary framework to assess GitHub pull requests before continuous integration (CI) enforcement is applied. This deterministic approach incorporates a governance framework consisting of a Canon bundle and a DevOps domain pack, which work together to evaluate proposed repository changes. The process involves analyzing the pull request’s diff and metadata, classifying mutations, and assessing required authority against declared authority to produce a signed Meaning Artifact that dictates the CI decision.
Central components include the Canon Bundle for governance logic, the Domain Pack containing specific GitHub PR logic such as mutation cataloging and authority mapping, an Execution Boundary providing runtime evaluation of changes’ legitimacy, and an Authority Model resolving discrepancies between required and declared authority through contracts or legacy methods. This system ensures decisions are deterministic, explainable, and verifiable, with outcomes traceable in structured formats like `meaning.json` and `mutation_report.json`.
The framework highlights the importance of clarity regarding who is authorized to make changes, particularly with AI-driven pull requests, by providing explicit authority declaration and contract-bound enforcement mechanisms. This results in traceable artifacts that document decision-making processes. The system’s usage involves integrating the DevWedge GitHub Action into workflows, automating evaluations on pull requests and producing Meaning Artifacts to determine if changes comply with predefined authority rules, thereby enhancing governance within automated systems by ensuring only authorized modifications proceed through CI pipelines.
Keywords: #phi4, Authority Contract, Authority Evaluation, CI Enforcement, Deterministic, DevOps Domain Pack, Execution Boundary, GitHub, Governance Bundle, Interpretation Artifacts, Meaning Artifact, Mutation Classification, Pull Request, Traceability
github.com 5 days ago
|
1045.
HN
Colorado SB26-051 Age Attestation
Colorado is considering the enactment of SB26-051, a bill similar in intent to California's AB1043, which mandates software developers collect age information from users and imposes civil penalties for non-compliance. The bill defines "Application Store" expansively to encompass various package managers and websites such as GitHub or Debian's apt repositories. This broad definition could lead to significant fines—up to $2,500—if it is discovered that minors under 18 use certain software applications, including those running a Jepsen test or Linux programs. The proposed legislation has sparked considerable concern within the software engineering community due to the impracticality of accurately determining user age or whether there is human interaction with the software.
In response to these concerns, Colorado Representative Amy Paschal, who holds a background in software engineering, is actively working to amend the bill to prevent it from unintentionally banning most software. She advises stakeholders to contact Colorado Senator Matt Ball for potential amendments and underscores the importance of maintaining respectful communication despite widespread frustration over the bill’s implications. Concurrently, efforts are underway to engage California's Assemblymember Buffy Wicks regarding compliance with AB 1043, highlighting a broader legislative movement towards regulating software usage based on age verification.
Keywords: #phi4, $2500 fine, Application Store, Assemblymember Buffy Wicks, California AB1043, Colorado SB26-051, Colorado Senate, Debian, GitHub, Jepsen test, Linux program, Maven, Representative Amy Paschal, Samantha Huynh, Samantha HuynhKeywords: Colorado SB26-051, Senator Matt Ball, age information, amendment, civil penalties, package manager, regulatory environment, software developers, software expertise
aphyr.com 5 days ago
|
1051.
HN
Diff Sentry – GitHub Action that flags risky AI-generated diffs before merge
Diff Sentry is a specialized GitHub Action designed to enhance code security by identifying risky AI-generated modifications in pull requests before they reach production. It automatically detects and flags potentially hazardous changes related to authentication, secrets, environment variables, database migrations, and infrastructure configurations. Upon the opening of a pull request, Diff Sentry analyzes the differences and generates a risk assessment report as a comment on the PR, categorizing each file's changes with ratings of HIGH, MEDIUM, or SAFE.
The service targets critical areas that constitute 90% of production incidents from AI-generated code, such as authentication issues, secret management, database migrations, infrastructure configurations, application settings, and API/network modifications. Implementation is straightforward, requiring only a license key, and it integrates seamlessly into any GitHub repository with no additional configuration needed. Priced at $19 for a one-time fee, Diff Sentry offers unlimited repository coverage and lifetime updates. Users have the option to activate a fail-on-high mode, which causes the action to fail if high-risk changes are detected. Further details and purchasing information can be found on Diff Sentry's GitHub page.
Keywords: #phi4, AI-generated diffs, DB migrations, Diff Sentry, GitHub Action, HIGH/MEDIUM/SAFE ratings, PR comment, auth, automatic diff analysis, env vars, fail-on-high mode, high-risk changes, infra, license key, lifetime updates, one-time payment, production incidents, pull request, risk report, risky code, secrets, unlimited repositories
diffsentry.dev 5 days ago
|
1063.
HN
Show HN: Autonomous AI platform that builds apps and tools automatically
SuperBuilder is an innovative open-source AI platform crafted to automate the development of applications and tools through autonomous agents. Developed by rupac4530-creator, SuperBuilder provides a cohesive environment that consolidates multiple AI models, media generation capabilities, and application deployment into one seamless interface, eliminating the need for users to switch between disparate tools. The platform is characterized by its key features including AI agent orchestration, which facilitates planning, coding, testing, and deployment; a robust plugin system and SDK that allows customization through user-created plugins; and media generation pipelines for creative outputs such as videos and 3D models via Creator Studios. Additionally, it offers a unified control center dashboard and an easy setup process using Docker.
The primary advantage of SuperBuilder lies in its ability to simplify the management of diverse AI tools by providing an integrated solution capable of handling various tasks autonomously—from building and deploying applications to creating media content. It further enhances functionality through an extensible plugin system and continuous improvement via an Evolution Engine. The platform's architecture comprises a frontend built with Next.js, a backend API using Express and TypeScript, job queues, innovation APIs, and integration with AI providers like OpenAI and Google Gemini. Its Plugin SDK allows for the development of custom extensions.
For users interested in adopting SuperBuilder, setup options include Docker deployment or manual environment configuration. By default, it operates in mock mode but can transition to real functionality by integrating API keys. The project is community-driven, welcoming contributions from developers, researchers, and designers to enrich AI pipelines, develop new tools, and enhance performance through GitHub discussions, issues, and a comprehensive guide provided in CONTRIBUTING.md.
Looking ahead, SuperBuilder's roadmap outlines several enhancements such as implementing sandboxed code execution using Docker containers, incorporating RAG with vector search capabilities, developing a plugin marketplace UI, enabling multi-user workspaces, and rolling out live demos. The platform is licensed under AGPL-3.0 to encourage open use and modification, fostering an inclusive community of users and contributors dedicated to advancing AI-driven development tools.
Keywords: #phi4, AI models, AI models Keywords: SuperBuilder, AI platform, Docker, Docker setup, GitHub, SuperBuilder, app development, autonomous agents, media generation, multi-model chat, orchestration, plugin SDK, project management, sandboxed execution
github.com 5 days ago
|
1065.
HN
No code reviews by default (2021)
At Raycast, the engineering workflow is characterized by a high level of autonomy and trust among engineers, allowing them to push changes directly to the main branch without mandatory code reviews. This approach is designed to enhance collaboration, speed, and efficiency within their engineering culture. Instead of traditional pull requests, which are seen as cumbersome for teams with strong internal trust, Raycast prioritizes continuous development on the main branch, supported by daily internal releases that facilitate rapid feedback and iteration. Code reviews are reserved for particular scenarios, such as when engineers work in new areas of the codebase or during initial contributions from new team members. Engineers may also communicate changes through post-commit messages, which keeps colleagues informed without necessitating formal pull requests. This system underscores a culture where engineers take full responsibility for their features throughout their lifecycle, leveraging fast iteration and direct user feedback to maintain quality. The process effectively enables swift feature deployment while accommodating the asynchronous communication style of Raycast's fully distributed team. Ultimately, Raycast emphasizes adapting practices to meet their unique needs rather than strictly adhering to conventional industry best practices.
Keywords: #phi4, Code reviews, GitHub, Raycast, asynchronous communication, collaboration, continuous integration, distributed team, engineering culture, feature flags, internal releases, main branch, pull requests, rebase, trust
www.raycast.com 5 days ago
|
1083.
HN
Zen Browser makes RSS and GitHub PRs first-class citizens via Live Folders
Zen Browser version 1.19b introduces a new feature called Live Folders designed to enhance user experience by automatically organizing and displaying specific types of content directly within the browser's interface. Users can create these folders via an easily accessible '+' button in the sidebar, where selecting 'Live Folder' allows them to customize their workspace with GitHub issues, pull requests, or RSS feeds. This integration offers a streamlined way for users to keep track of important tasks and updates, facilitating better organization and immediate access without needing to navigate away from the browser environment. By centralizing these dynamic content sources in a single location within Zen Browser, the feature simplifies workflow management and increases productivity by providing an organized view of ongoing activities directly accessible at all times.
Keywords: #phi4, Button, Date, Feature, Feed, GitHub PRs, Issues, Live Folders, Opened, Pull requests, RSS, Sidebar, Technical keywords, Update, Version, Zen Browser
zen-browser.app 5 days ago
|
1092.
HN
Show HN: Vet – Security registry for 88K+ MCP servers and AI tools
Vet serves as a security registry specifically designed for Micro-Chat Protocol (MCP) servers and AI tools, boasting a repository of over 88,000 tools. Its core function is to mitigate the risk associated with executing malicious code by implementing static analysis and AI-driven reviews that assign trust scores ranging from 0 to 100 for each tool. Vet focuses on identifying harmful elements such as crypto miners, SSH backdoors, and unauthorized access to sensitive files. Tools verified through rigorous tests are awarded badges and become searchable via a security-focused ranking system. Users can explore tools via Vet's catalog or utilize its CLI and API for discovery purposes. The platform's CLI is open source, promoting transparency and collaboration among developers. Vet is freely accessible, encouraging tool creators to submit their software for verification. Additionally, the creators of Vet welcome feedback on their security analysis methodology and seek insights into desired data outcomes from users.
Keywords: #phi4, AI tools, API, Badges, CLI, Crypto miners, Feedback, GitHub, MCP servers, Open source, Prompt injection, Registry, SSH backdoors, Searchable, Security, Security analysis, Static analysis, Trust score, Verified tools, Vet, env files
getvet.ai 5 days ago
|
1097.
HN
How do I deal with AI
The text outlines various methods for embedding a Gist on a website and facilitating its sharing or cloning. It describes options such as directly embedding the script into web pages to display the Gist, copying a shareable link for easy dissemination, and using HTTPS for repository cloning. Additionally, it offers guidance on saving the Gist locally via GitHub Desktop tools. Despite providing these detailed instructions, there is an indication of potential challenges, specifically "No results found," which suggests issues may arise in locating or accessing the desired Gist. This implies that users might encounter difficulties despite following the outlined steps for embedding, sharing, cloning, or saving a Gist on their platforms.
Keywords: #phi4, AI, Desktop, GitHub, HTTPS, clone, embed, gist, link, repository, script, share, website
gist.github.com 5 days ago
|
1109.
HN
We moved one of the most-starred projects on GitLab to GitHub
Baserow, once among the most-starred open-source projects on GitLab, relocated its primary development to GitHub in November 2025. This strategic shift was driven by a desire to enhance discoverability and tap into a larger developer community rather than a lack of features on GitLab. Post-migration, Baserow observed accelerated growth and increased contributions, although the transition required substantial effort. Key tasks included rebuilding the CI/CD pipeline due to differences between GitLab's and GitHub's systems, particularly with GitHub Actions, and transferring issues and merge requests using the node-gitlab-2-github tool tested on an empty repository.
Since moving to GitHub, Baserow has reaped several benefits: a surge in community contributions, improved flexibility and speed of CI/CD pipelines, better integration support, and enhanced platform responsiveness. However, challenges persist, particularly with GitHub's code review workflow and UI organization, which can feel less intuitive than GitLab’s more streamlined processes.
The migration underscored that for open-source projects, the reach and visibility offered by a development platform like GitHub often outweigh other considerations such as specific functionalities or core values. This decision highlights the dynamic nature of choosing development platforms where community engagement is prioritized. Both GitHub and GitLab exhibit unique strengths and areas for improvement, but Baserow's move illustrates how critical community presence can be in driving project success.
Keywords: #phi4, Baserow, CI/CD, CI/CD pipeline, GitHub, GitHub Actions, GitLab, actions, code review, community, community growth, contributions, developer, developer ecosystem, discoverability, ecosystem, functionality, integration, issues, merge requests, migration, platform functionality Keywords: Baserow, speed, stars, visibility, workflow
baserow.io 5 days ago
|
1118.
HN
Show HN: Desktop app to run Python agents over TCP with live server geolocation
Summoner Desktop is an open-source application designed to streamline the management and monitoring of Python agents that communicate through TCP across macOS, Linux, and Windows platforms. It simplifies agent operations by allowing users to import repositories from GitHub (including private ones), execute them using `agent.py`, and manage dependencies with an optional `requirements.txt`. Furthermore, it supports metadata via `id.json` and facilitates the connection of multiple agents to various TCP servers through a single interface. The application enhances user experience by offering visualization tools that display message flows and server locations on a map or network view.
The app was conceived to tackle challenges associated with running numerous Python agents across different terminals and scripts, serving as an operational tool rather than a framework. It is ideal for projects that have standardized entry points communicating over TCP. The setup process requires Node.js (v22.12+) and npm, with users needing to clone the repository, install dependencies via npm, and choose between running or building based on their role—either as developers or end-users. Essential tools include Git for project management, Python with pip for executing servers and agents, and system-specific port management utilities like lsof or netstat.
In operation, users can manage TCP connections by selecting a server from "My Servers," utilizing the main chat interface for interacting with and monitoring agent messages. Additional functionalities allow targeting remote agents and sending messages with specific identities. More comprehensive information is available on the GitHub repository and through a demonstration video on YouTube.
Keywords: #phi4, Desktop app, Electron app, Git, GitHub, JSON objects, Linux, Nodejs, PowerShell, Python agents, TCP server, Windows, agent management, bash, chat view, geolocation, idjson, localhost, lsof, macOS, netstat, npm, pip, remote_addr, requirementstxt, xattr
github.com 5 days ago
|
1125.
HN
How to make your first contribution to an open source project
This guide provides comprehensive insights into starting contributions in open-source projects, drawing from experiences with the npmx.dev project. It emphasizes that open source transcends coding by fostering community engagement. Key steps to begin include selecting a project that resonates personally to sustain motivation and choosing one where you can engage meaningfully. Understanding the project's codes of conduct is crucial for aligning with its behavioral standards. Reviewing closed pull requests (PRs) offers insights into the project’s culture, handling of contributions, and areas needing improvement in submissions. Examining the contributors list reveals diversity, suggesting an inclusive environment conducive to engagement.
Exploring open issues, especially those labeled as "good first issue," allows newcomers to contribute effectively by starting with smaller tasks within their expertise. Reading the contributing guide is essential for understanding how to format and submit contributions correctly, including any setup instructions needed. Engaging through community channels like Discord or Slack provides a supportive platform for discussions and ensures you are welcomed into the community. When ready, contributors should fork the repository, address an issue in their branch, and submit a well-documented PR following established guidelines.
Contributions can be made directly via PRs when addressing minor changes not tied to existing issues, with clear explanations of their value. The guide also highlights that contributions are diverse, encompassing bug reports, feature suggestions, documentation improvements, and community support beyond coding. Ultimately, the focus is on open source as a human-centric collaboration opportunity, capable of producing impactful tools and fostering global communities, with npmx.dev serving as an exemplary inclusive project environment.
Keywords: #phi4, Discord, GitHub, code of conduct, collaboration, communication, community, contribution, contributor, diversity, documentation, ecosystem Keywords: open source, engagement, feedback, guidelines, inclusive, initiative, issue, maintainer, maintainers, open source, participation, project, pull request, repository, welcoming
whitep4nth3r.com 5 days ago
|
1127.
HN
Show HN: DiffDeck, a PR review tool with file context and code navigation
DiffDeck is a pull request (PR) review tool specifically designed to streamline the process of evaluating extensive pull requests, with a particular focus on those incorporating AI-generated code. It enhances GitHub's existing diff view by introducing an editor-like interface that offers several advanced features aimed at improving reviewer efficiency and experience. Key functionalities include providing full file context to understand changes comprehensively, implementing go-to-definition capabilities for TypeScript and JavaScript, enabling review notes for detailed feedback, tracking per-file reviewed states, and allowing users to hide or check off files that have been reviewed. The tool aspires to mimic the seamless navigation found in integrated development environments like VS Code, facilitating effective codebase exploration during reviews. Currently available in an early alpha stage, DiffDeck necessitates GitHub sign-in for accessing personal PRs and is primarily tailored for TypeScript and JavaScript projects. It actively seeks feedback from users reviewing large or AI-generated PRs to refine its workflow further and address any identified shortcomings.
Keywords: #phi4, AI-assisted code, DiffDeck, GitHub, PR review tool, TypeScript/JavaScript, VS Code, code navigation, early alpha, editor-style workflow, file context, go-to-definition, review notes, reviewed state
diffdeck.dev 5 days ago
|
1128.
HN
Show HN: TypR – A typed R that transpiles to idiomatic R via S3 classes
TypR is a statically typed programming language crafted in Rust that targets the R ecosystem by compiling into idiomatic R code utilizing S3 classes, aiming to integrate type safety without disrupting existing R projects. The compiler employs monomorphization to resolve generic types at compile time, thus eliminating runtime overhead and supporting structural typing, interfaces, and generics. Currently in its alpha phase, TypR provides a GitHub repository with source code, binaries for Windows, Mac, and Linux, an online playground for testing, and a VS Code extension that leverages the Language Server Protocol (LSP). However, it has limitations such as a minimal standard library necessitating manual definition of existing functions and variables by users, along with basic error messages and LSP functionality. Efforts are underway to enhance support for additional editors like Positron and Neovim. The project actively seeks feedback on its type system design and ideas for practical use cases, encouraging contributions through code improvements, bug reports, feature suggestions, or community engagement to foster further development.
Keywords: #phi4, GitHub, LSP, Neovim, Person, Positron, Rust, S3 classes, TypR, VS Code extension, binaries, bugs, code example, contribute, documentation, error messages, features Keywords: TypR, generics, interfaces, is_minor, monomorphization, online playground, standard library, structural typing, type safety, typed R
github.com 5 days ago
|
1149.
HN
Ask HN: Feedback on a Rust graph algorithm framework?
Salistellix has initiated a discussion on Hacker News regarding their Rust-based graph algorithm framework, Sinistra, inviting feedback and suggestions from the community. Hosted on GitHub at https://github.com/wintermarstice/sinistra, this project aims to foster engagement with users interested in its development and application. The post serves as an open call for community input, encouraging diverse opinions and constructive commentary that could enhance or refine the framework's features and functionality. This approach underscores a collaborative effort to leverage collective expertise and insights from the broader Rust programming community.
Keywords: #phi4, GitHub, Hacker News, Rust, algorithm, algorithms, ask, community, discuss, feedback, framework, graph, graph algorithm framework, programming language, programming language Keywords: Rust, repository, sinistra, technical
news.ycombinator.com 5 days ago
|
1150.
HN
Show HN: AI pull request reviewer that analyzes Git diffs
PR AI is an innovative AI-assisted application designed to enhance the efficiency of reviewing pull requests by directly analyzing Git diffs. It seamlessly integrates with GitHub, allowing users to import diffs through various methods such as direct connection, file uploads, or pasting. Once imported, these diffs are presented in a user-friendly format within the tool's workspace. A key feature is its AI chat interface that facilitates discussions about code changes using the context of the active pull request. PR AI provides valuable outputs like summaries, risk assessments, and actionable recommendations.
Currently under development, the team focuses on improving the traceability between AI-generated comments and specific code modifications to increase the relevance of review insights, thereby enhancing the signal-to-noise ratio. Additionally, they aim to maintain a lightweight user interface while offering more in-depth analytical signals. Despite being in its early stages, PR AI is capable of loading and analyzing real pull requests. The developers are actively seeking feedback from frequent reviewers to identify features that would enhance the tool's usefulness and prioritize issues it should detect.
Keywords: #phi4, AI, GitHub, PR AI, audit signals, context, diff, interface, issues detection, issues detection Keywords: AI, pull requests, real PRs, recommendations, review, risks, signal-to-noise ratio, structured output, tool, traceability
news.ycombinator.com 5 days ago
|
1164.
HN
Typst Examples Book
The "Typst Examples Book" serves as an evolving, unofficial guide designed to aid users with Typst coding through tutorials and various code snippets. Although it targets the latest version of Typst, some content may be outdated, highlighting the need for community contributions to keep the material current. The book emphasizes active community involvement by inviting GitHub issues or pull requests, especially from those actively contributing to the compiler and offering feedback from beginners to improve clarity. Users are encouraged to support this project by starring it on GitHub if they find it useful. Additionally, there is a requirement for contributors' consent prior to publishing their code snippets within the book.
Keywords: #phi4, GitHub, PR, Typst, WIP, beginners, book, chapters, code, community, compile, compiler, contributions, contributors Keywords: Typst, feedback, issue, outdated, repository, snippets, tutorial, unofficial
sitandr.github.io 5 days ago
https://xkcd.com/1053/ 4 days ago
|
1169.
HN
Nuvix – open-source BaaS with a query DSL more expressive than PostgREST
Nuvix is an open-source Backend as a Service (BaaS) platform distinguished by its advanced Domain Specific Language (DSL), which surpasses the querying capabilities of other BaaS solutions such as PostgREST. Unlike traditional thin-layer wrappers, Nuvix offers a composable and type-safe filtering DSL that users can access directly through URLs. This DSL supports symbolic expressions for conditions and functional compositions using logical operators like `or()` and `and()`, allowing complex queries like `_id.eq(9)|Name.like(Air),Stock.gt(0)`. Users benefit from the ability to perform inline relation filtering, response shaping, and explicit joins within their queries rather than relying on inferred database schemas, which provides flexibility in aliasing and decoupling from database structures.
In addition to its sophisticated querying capabilities, Nuvix extends its functionality by providing comprehensive BaaS features. These include authentication services, storage solutions, real-time capabilities, and automatically generated Row-Level Security (RLS). The platform's full suite of tools ensures that developers can manage backend processes efficiently while maintaining security protocols. Nuvix is accessible to the public on GitHub at [nuvix-dev/nuvix](https://github.com/nuvix-dev/nuvix), inviting contributions and further development from the open-source community.
Keywords: #phi4, BaaS, GitHub, Nuvix, PostgREST, RLS, and(), auth, composable, explicit joins, filter DSL, functional, inline relation filtering, literal types, not(), open-source, or(), query DSL, real-time, response shaping, storage, symbolic, typesafe
news.ycombinator.com 5 days ago
|
1173.
HN
Show HN: WingNews – Htmx Hacker News Reader
WingNews serves as a dark mode reader for Hacker News, developed with HTMX and Go, designed to offer users an enhanced experience while browsing top stories categorized into sections such as Top Stories, New, Best, Ask HN, Show HN, Jobs, and Submit. The platform highlights key discussions on various technological and social topics, including the capabilities of GPT-5.4, the significance of structs in programming, AI's influence on the labor market, Firefox crashes attributed to bitflips, and Wikipedia's recent transition to read-only status due to a security breach. It also features conversations about AI-generated pull requests, government surveillance via online ads, handling hardware hotplug events in Linux, and concerns surrounding GitHub security.
In addition to technical discussions, WingNews showcases creative projects like Swarm, which involves programming ants with a custom assembly language, and PageAgent, an agent GUI integrated within web applications. The platform also includes job postings, guides on technical subjects, and debates about AI ethics, reflecting the diverse interests of the Hacker News community. Powered by hn/api, WingNews mirrors content from news.ycombinator.com, allowing users to stay informed on a wide array of topics discussed in this vibrant online forum.
Keywords: #phi4, AI, API, GitHub, Go, HTMX, Hacker News, Linux, OpenTitan, WingNews, cybersecurity, dark mode, data extraction, digital ID, encryption, evolutionary algorithms, legal issues, machine learning, privacy, programming languages Comma-separated Keywords: Hacker News, programming languages Extracted Keywords: Hacker News, programming languages Final Keywords: Hacker News, programming languages Keywords: Hacker News, protest, software development, tariffs, technology news, web app
news.wingman.actor 5 days ago
|
1174.
HN
Show HN: SafeAgent – exactly-once execution guard for AI agents
SafeAgent is a Python library developed to guarantee exactly-once execution for AI agents and systems that perform tool-calling tasks, addressing concerns related to unintended retries or replays of irreversible actions like sending emails, opening tickets, executing trades, or triggering payouts. It accomplishes this by implementing request-ID deduplication, ensuring that if a specific request ID is replayed, SafeAgent prevents re-execution and instead provides the original execution receipt. The library can be easily installed using pip and its code is accessible on GitHub and PyPI platforms. An example application of SafeAgent involves sending an email with a unique request ID to avoid duplication of the action, demonstrating its utility in ensuring precise task execution without redundancy.
Keywords: #phi4, GitHub, LLM agents, PyPI, Python library, SafeAgent, SettlementRequestRegistry, action replay, exactly-once execution, execute_fn, executing trades, execution receipt, irreversible actions, opening tickets, pip install, request-ID deduplication, sending emails, tool-calling systems, triggering payouts
news.ycombinator.com 5 days ago
|
1176.
HN
Show HN: Steadwing – Your Autonomous On-Call Engineer
Steadwing is an autonomous platform designed to enhance incident response for engineers by efficiently diagnosing production alerts and streamlining data correlation across tools such as Datadog, GitHub, and Slack. Developed by Abejith and Dev, it aims to significantly reduce troubleshooting time through rapid delivery of structured root cause analysis within five minutes. The platform integrates seamlessly with over 20 other platforms using OAuth or API keys, eliminating the need for agents or code changes.
Steadwing excels in managing noisy environments by consolidating related alerts into single incidents, pinpointing root causes, and suggesting remedial actions based on risk assessment. It offers features such as task management for rollbacks and scaling adjustments, while facilitating interactive follow-up questions to gather deeper insights about incidents and infrastructure.
Additionally, Steadwing provides OpenAlerts, an open-source monitoring layer that integrates with AI coding agents to deliver real-time alerts for a range of infrastructure issues. The platform encourages user engagement by offering a free tier designed to solicit feedback from regular on-call engineers to further refine its capabilities.
Keywords: #phi4, AI Coding Agents, API Key, Alerts, Autonomous, Commits, Correlation, Datadog, Deployments, Diagnosis, Discord, Elasticsearch, GitHub, Incident Response, Infra Failures, Integrations, LLM Errors, MCP Server, Metrics, Microservices, Monitoring Layer, Notifications, OAuth, On-Call Engineer, OpenAlerts, Production Incidents, RCA (Root Cause Analysis), Self-Healing, Slack, Telegram, Traces
www.steadwing.com 5 days ago
|
1186.
HN
Show HN: ThreatAlert – anonymous community incident map, no sign-up required
ThreatAlert is a Progressive Web App designed to allow users to anonymously report various incidents such as crimes, fires, disasters, civil unrest, and infrastructure failures via a live shared map interface. It emphasizes user privacy by hashing IP addresses before storage, eliminating the need for account creation or personal tracking. The platform relies on community-driven moderation, where reports are vetted through voting mechanisms that transition them from pending to active status, ensuring report accuracy. To maintain relevance, it employs distinct time-to-live settings across different incident categories. Developed using modern web technologies like Next.js 16 and Firebase (encompassing Firestore, Cloud Functions, and FCM), ThreatAlert utilizes Leaflet for mapping functionalities and D3.js for a 3D globe view. The entire project is open source, with its codebase hosted on GitHub under BaselAshraf81's repository, allowing for community contributions and transparency.
Keywords: #phi4, 3D globe view, Cloud Functions, D3js, FCM, Firebase, Firestore, GitHub, Leaflet, Nextjs, PWA, ThreatAlert, anonymous, civil unrest, community, crime, disasters, fire, incident map, infrastructure failures, live shared map, pin, report
threatalert.live 5 days ago
|
1189.
HN
Show HN: Virtual Indoor Cycling App (Now with Shiny GTK4/Adwaita GUI)
BLE Sync Cycle (BSC) is an innovative virtual indoor cycling application that integrates a GTK4/Adwaita graphical user interface, allowing users to engage in immersive indoor training sessions using just a BLE speed sensor. This sensor syncs with video playback such that the user's pedaling pace directly influences the video’s progress, creating a dynamic and interactive experience reminiscent of popular platforms like Zwift or Rouvy but without necessitating specialized equipment. BSC leverages first-person cycling videos from sources including YouTube, Vimeo, Pexels, and DailyMotion to enhance this simulation.
The project is open-source and hosted on GitHub at [richbl/go-ble-sync-cycle](https://github.com/richbl/go-ble-sync-cycle), where users can access installation guidelines and configuration details via the project's wiki. Additionally, a roadmap detailing future development initiatives is available, encouraging community engagement and collaboration. BSC actively invites its user base to contribute by sharing their own cycling videos, thereby enriching the platform’s content library.
Currently in pre-release stages, the developers emphasize the importance of user feedback for identifying bugs and refining the application. They encourage cyclists to provide insights and suggestions that could help enhance the software's functionality and user experience. This iterative process is crucial for the app’s evolution, aiming to establish a robust open-source alternative within the virtual cycling space.
Keywords: #phi4, BLE Sync, Bugs, Community, Configuration, DailyMotion, First-Person Videos, GTK4/Adwaita, GUI, GitHub, Installation, Open-Source, Pexels, Recommendations, Roadmap, Rouvy, Speed Sensor, Video Playback, Vimeo, Virtual Indoor Cycling, YouTube, Zwift
news.ycombinator.com 5 days ago
|
1190.
HN
Electrobun and WGPU: Tiny, cross-platform games and ML with Bun
Electrobun has enhanced its platform by introducing first-class support for WebGPU, empowering developers to render graphics directly onto the GPU or use popular adapters like Three.js and Babylon.js without depending on webviews. This advancement not only boosts performance in native windows but also enables more robust GPU surfaces with a minimal increase in file size. The integration of WebGPU broadens Electrobun's utility across diverse areas such as gaming, AI inference, and other GPU-intensive tasks.
In addition to the native rendering capabilities, Electrobun provides an optional Chromium-based rendering option via the bundleCEF flag for those who require consistency or specific functionalities of Chrome. Developers can incorporate WGPU into their applications through electrobun.config.ts using dynamic libraries from Dawn, supporting a wide array of programming languages including Zig, Rust, and C.
Electrobun facilitates quick project starts with pre-built templates suited for various applications like physics demonstrations, platformer games, and digit classifiers that leverage GPU power. The effectiveness of Electrobun is demonstrated through video demos and open-source projects. Looking ahead, Electrobun plans to further its offerings with integrations such as the Steam SDK and a lightweight engine designed for complex inference tasks. Users are encouraged to contribute support by engaging with the project on GitHub.
Keywords: #phi4, AI integration, Babylonjs, CDP automation, Dawn, Doom 2, Electrobun, FFI, GIT GUI, GPU rendering, GitHub, ML, Markdown Browser, Steam-sdk, Threejs, TypeScript, WGPU, cross-platform, differential updates, digit classifier, games, physics demo, platformer game, screen recording, shaders, tinygrad-like Engine, webview UIs, zstd self-extractor
blackboard.sh 5 days ago
|
1191.
HN
Show HN: Md-pattern-studio – Markdown patterns for report-style documents
Md-pattern-studio is an innovative project aimed at enhancing Markdown to facilitate the creation of structured, report-style documents. Developed by Sungreong, this initiative addresses challenges associated with converting Markdown into well-structured HTML using conventional methods like renderers or language models, which often fall short in generating comprehensive HTML outputs. The project introduces specific patterns that integrate features such as cover pages, sections, multi-column layouts, and report-style blocks, all while preserving the inherent readability of Markdown. As a nascent effort, Md-pattern-studio seeks feedback from users engaged with content generated by large language models (LLMs). Interested parties can explore more or provide input through the project's GitHub page at [Md-pattern-studio on GitHub](https://github.com/sungreong/md-pattern-studio), and direct communication is encouraged via email to the developer, contingent upon providing one’s own email for correspondence.
Keywords: #phi4, GitHub, HTML, LLM-generated content, Markdown, Sungreong, cover pages, documents, feedback, layout control, multi-column layouts, patterns, renderer, report-style, sections, structured layouts, tokens
github.com 5 days ago
|
1195.
HN
Octopress 3.0 Is Coming
Octopress 3.0 marks a major update aimed at resolving longstanding issues related to its distribution and maintenance, largely due to the challenges posed by its Git-based release method which led to merge conflicts and complexities in updating or customizing components like plugins and themes. To address these problems, Octopress is shifting from a monolithic product model to a collection of independently versioned gems, each with dedicated documentation and tests. This change aims to mitigate merge conflicts, ease updates, and improve integration within the Jekyll community by eliminating any perceived separation between Octopress and Jekyll.
The new release introduces several key features, including the **Octopress CLI**, which replaces the previous Rakefile, providing enhanced functionalities for creating content, managing drafts, deploying through various methods, and offering locally accessible plugin documentation. Additionally, it brings the **Octopress Ink Framework** that facilitates rapid development of plugins and themes with easy installation/removal, gem-based assets usage, automatic asset management (including compiling, compressing, fingerprinting), independent configuration without altering Jekyll's _config.yml, and generating plugin scaffolds.
For developers, Octopress 3.0 introduces tools like *Clash*, a static-site test suite to build Jekyll sites with diverse configurations, and the *Octopress Debugger*, which offers interactive debugging during site builds through a Liquid tag that provides access to site scopes. A new theme, **"Octopress Genesis,"** will demonstrate these features while establishing standards for future Jekyll themes. The release strategy includes completing this theme, crafting a migration guide, and reorganizing GitHub repositories to maintain legacy support. Overall, the overhaul of Octopress 3.0 aims to enhance usability and foster community collaboration by providing improved infrastructure and tools.
Keywords: #phi4, CLI, Clash, Debugger, Genesis, GitHub, Ink, Jekyll, Octopress, documentation, gems, migration, plugins, themes
octopress.org 5 days ago
https://news.ycombinator.com/item?id=8895231 5 days ago
|
1199.
HN
Vet
Vet is a versatile standalone verification tool designed to ensure code changes and coding agent behaviors are both accurate and aligned with specified goals. It offers comprehensive review capabilities by examining conversations for goal alignment and scrutinizing code modifications for correctness. The tool can be operated via the terminal, as an agent skill, or within Continuous Integration (CI) environments, providing flexibility in its use. Vet supports Bring-Your-Own-Model functionality, allowing integration with any model provider using user-specific API keys without requiring a subscription. It prioritizes privacy by sending requests directly to inference providers rather than through Vet's servers.
For installation, Vet can be set up as an agent skill for proactive issue detection or via the command line interface (CLI) using tools like `pip`, `pipx`, or `uv`. Installation options include project-level setups that integrate at a repository's root into specific directories and user-level global installations accessible by all agents. Users can employ Vet to run checks on code implementations within repositories, compare changes against specific commits with the `--base-commit` option, or review GitHub pull requests using predefined GitHub Actions.
Security considerations are crucial when using the `--history-loader` option due to its execution privileges; users must meticulously review commands and configurations associated with this feature. Configuration-wise, Vet supports OpenAI-compatible endpoints through JSON config files and enables access to community-contributed model definitions via a model registry without necessitating upgrades of the tool itself. To standardize CI operations, named profiles can be used, while customizable issue guides can be configured using TOML configuration files.
Vet fosters open-source collaboration by being licensed under AGPL-3.0-only and invites community engagement through platforms like Discord and GitHub, encouraging shared improvements and support among its user base.
Keywords: #phi4, API, API keys, Actions, CI, CLI, GitHub, GitHub Actions, Vet, behavior, changes, code, code changes, coding agent behavior, configuration, goal, goal adherence, inference, inference providers, issue codes Keywords: Vet, issues, model, model configuration, terminal, verification, verification tool
github.com 5 days ago
|
1203.
HN
Show HN: AthenaFlow – it browses your app, then writes Playwright tests
AthenaFlow is a tool crafted to enhance end-to-end (E2E) testing by tackling test drift, which occurs when initially passing tests fail over time due to application changes. It differentiates itself from AI-generated tests by employing a real browser to map interaction paths and creating human-readable specifications before generating Playwright tests. This ensures each test is tied to a traceable test case ID (TC-ID) and can self-heal using semantic identifiers rather than brittle CSS selectors, maintaining robustness even when the DOM changes.
The tool consists of three main repositories: **athena-flow-cli**, which functions as the workflow runtime integrating with Claude Code's event system via Unix domain sockets in NDJSON format. It supports session persistence with SQLite and offers a live terminal UI that can resume sessions, while providing JSONL logs for CI environments to identify failures. The **agent-web-interface** acts as an MCP server, delivering semantic snapshots of web pages to the model rather than raw DOM or accessibility trees, thus ensuring stable action resolution despite layout changes. Lastly, the **athena-workflow-marketplace** repository houses a Claude plugin containing QA domain knowledge with composable skills for analyzing codebases, planning coverage, exploring browsers, generating specs, and implementing tests as part of an integrated multi-phase workflow. Overall, AthenaFlow prioritizes test reliability and maintainability by ensuring generated tests are traceable and adaptable to application structure changes.
Keywords: #phi4, AI tools, AthenaFlow, CI, CLI, Claude Code, E2E tests, GitHub, JSONL, MCP server, NDJSON, Playwright, QA domain knowledge, SQLite, TC-ID, browser, browser exploration, codebase analysis, coverage planning, interaction paths, npm, plugin, self-healing, semantic identifiers, semantic snapshots, spec, terminal UI, workflow runtime
news.ycombinator.com 5 days ago
|
1206.
HN
Crush, Welcome Home
Kujtim Hoxha's "Crush" is an innovative terminal-based AI coding agent developed using Go and the Charm stack (encompassing Bubble Tea, Bubbles, Lip Gloss, Glamour). The project has gained attention for its rapid speed and precision in executing complex coding tasks, thanks to its integration with large language models (LLMs). After transitioning back to its foundational platform, Charm, Crush benefits from both Hoxha's expertise and the full support of the Charm team. This AI tool enhances developer efficiency by simplifying intricate tasks like creating GLSL shaders into quick operations while integrating seamlessly with familiar terminal tools such as git and docker.
Crush is built upon five years of groundwork laid by Charm in refining terminal experiences, including the development of Ultraviolet, an advanced terminal UI toolkit. At a pivotal moment for Charm, which emphasizes AI integration and novel user interface innovations, Crush exemplifies the potential to transform software development culture and collaboration. With significant community support indicated by over 150,000 GitHub stars and 11,000 followers, Crush aims to revolutionize AI-powered development tools and redefine the landscape of software creation, encouraging developers to explore its capabilities.
Keywords: #phi4, AI, Bubble Tea, Bubbles, CLI, Charm, Crush, GLSL shader, GitHub, Glamour, Go, Kosovo, Kujtim Hoxha, LLMs, Lip Gloss, Prishtina, WebGL, community, developers, docker, ghc, git, nix, npm, sed, software development
charm.land 5 days ago
|
1211.
HN
Show HN: Real-time collaborative editing plugin for Blender
The post introduces "Meerkat," an open-source Blender plugin designed to facilitate real-time collaborative editing within the software environment. Currently, Meerkat supports synchronization of object creation, transformations, and lights/cameras across multiple sessions, with its core networking and state synchronization functionalities already established despite being in early development. Feedback is actively sought as the project advances toward a first alpha release that will include installation instructions.
Looking ahead, the roadmap for Meerkat involves expanding the core networking layer to enable session hosting and joining capabilities, enhancing object transform synchronization, developing conflict resolution models, and integrating a user interface panel within Blender. Additionally, it aims to offer options between peer-to-peer connections or cloud relays for improved flexibility. Contributions to this project are encouraged under the GNU General Public License v3.0, ensuring that any derivative works remain open-source.
As development progresses toward its alpha stage, further details regarding installation and more comprehensive features will be provided. Those interested in contributing can access the project's GitHub repository at [arryllopez/meerkat](https://github.com/arryllopez/meerkat).
Keywords: #phi4, Blender, GNU General Public License v30, GNU General Public License v30Keywords: Blender, GitHub, architecture diagram, cloud relay, collaborative editing, conflict resolution, contributing, core networking layer, feedback, installation, lights and cameras syncing, live transforms, multiplayer scene editing, networking, object creation sync, open-source, peer-to-peer option, plugin, presence indicators, real-time collaboration, roadmap, session host join, shared sessions, state synchronization, transform synchronization
github.com 5 days ago
|
1213.
HN
Tell HN: GitHub Actions Encountering Issues
GitHub Actions is currently facing issues of degraded availability as reported by a user on Hacker News, referencing an incident identified with the ID: g9j4tmfqdd09. This issue has been documented through status updates available on both GitHub's official status page and Updog AI's monitoring site. Although the problem concerning GitHub Actions’ performance is significant, it has drawn minimal attention in online discussions, evidenced by the limited engagement—a single point of interest—in the Hacker News thread where the matter was raised. The availability of detailed information via these sources provides users with avenues to track updates on this incident.
Keywords: #phi4, API, Actions, Availability, Degraded, Discuss, GitHub, GitHubStatus, Hacker News, Issues, Security, Status, Updog
news.ycombinator.com 5 days ago
|
1214.
HN
GitHub Having Issues
GitHub's Actions service is currently facing degraded availability due to performance problems as of March 5, 2026. The company is actively investigating these issues and has encouraged users to stay informed about updates through various subscription methods. Users can opt for email or text message alerts regarding the incident's status, receiving notifications upon any updates or resolution. For SMS subscriptions, users must verify their numbers via an OTP process, with resending options available if needed. The service supports a broad range of countries and includes security measures such as reCAPTCHA, in compliance with Google’s Privacy Policy and Terms of Service. Additionally, webhooks and Slack integrations offer alternative ways to receive incident updates. For further details, GitHub directs users to their support site or the @githubstatus social media account. Efforts are ongoing specifically for resolving issues related to Actions, as indicated by GitHub's communications about this specific service disruption.
Keywords: #phi4, Actions, Atlassian, GitHub, OTP, Privacy Policy, SMS, Slack, availability, countries, data rates, email, incidents, mobile number, notifications, reCAPTCHA, status, subscribe, terms of service, updates, webhooks
www.githubstatus.com 5 days ago
https://www.githubstatus.com/incidents/g5gnt5l5hf56 5 days ago
|
1215.
HN
Shipping System Fonts to Github.com
In July 2017, GitHub.com initiated a significant design overhaul that modernized its typography by adopting fonts adaptable to users' operating systems or devices, enhancing both readability and visual hierarchy. This change marked a departure from outdated fonts like Arial and Helvetica, instead utilizing contemporary system fonts such as Apple's San Francisco and Microsoft's Segoe to improve display quality and user experience. The redesign included updating the global font stack to prioritize these modern fonts and making adjustments to base font size and type scale for greater clarity. Despite some initial challenges—particularly Chrome rendering issues on macOS—the updates were largely well-received.
GitHub employed feature flags to incrementally introduce these changes, allowing them to refine their implementation based on user feedback. In 2017, they further iterated by incorporating SF Mono into their monospace font stack and resolving browser-specific compatibility issues. This responsive approach not only addressed technical challenges but also demonstrated GitHub's commitment to improving user experience across various platforms, showcasing an adaptive strategy that prioritizes continuous enhancement through iterative refinements based on community input.
Keywords: #phi4, Blink Browsers, CSS, Chrome Bug, Design Systems, Design Update, Dynamic Font Rendering, Feature Flags, GitHub, High DPI Screens, Modern Fonts, Monospace Font Stack, Rails, Roboto, SF Mono, San Francisco, Segoe, Shipping System Fonts, Typography, WebKit, Windows, macOS
markdotto.com 5 days ago
|
1228.
HN
Code-clip: "I want this file and that dir on my clipboard, respect gitignore"
Code-clip is a utility designed to format source files for input into language models like ChatGPT or Claude while adhering to ignore rules specified in `.gitignore`, `.ignore`, and `.cursorignore` files. It facilitates the process of piping its output to clipboard utilities such as `pbcopy` on macOS, `xclip` on Linux, or `clip` on Windows. A key feature of Code-clip is its ability to automatically respect ignore rules from these files across both current and ancestor directories. The tool offers format options for outputting the formatted code in either Markdown or XML, with a recommendation for XML due to compatibility considerations with certain language models. Additionally, it estimates and prints the token count upon completion through standard error channels. Users can control how deeply Code-clip traverses directory structures by specifying depth limits via `-d` or `--max-depth`, and they can customize Markdown heading levels using `-m` or `--markdown-depth`. Installation of Code-clip is straightforward, requiring a simple command executed with Go: `go install github.com/omarish/code-clip/cmd/code-clip@latest`. By ensuring that only pertinent code is included based on project-specific ignore settings, Code-clip serves as an efficient tool for formatting files intended for language model interactions.
Keywords: #phi4, GitHub, LLM, LLM chat inputs, Markdown, Markdown heading depth Keywords: code-clip, XML, clip, clipboard, clipboard support, code-clip, cursorignore, directory, directory contents, gitignore, heading, ignore, installation, pbcopy, performance, source files, token-count, token-count estimation, traversal, traversal depth, xclip
github.com 5 days ago
|
1230.
HN
Show HN: GitHub-powered instant developer portfolios
Remotedevelopers.com revolutionizes how developers present their professional profiles by leveraging GitHub accounts to create dynamic portfolios that replace conventional resumes and cover letters. By linking a GitHub account, the platform automatically aggregates repositories, skills, and activity, ensuring an updated portfolio. Users have the option to enrich their timelines with articles, posts, videos, and more, offering a comprehensive display of their work. The site is tailored for AEO/SEO optimization as well as compatibility with AI recruiters by generating llm.txt files for each profile, enhancing discoverability. It provides users with a professional email address at remotedevelopers.com and visualizes all the projects they have completed. The setup process is swift, taking less than two minutes, and is available free of charge without requiring a credit card. This platform functions as a reverse job board, treating GitHub profiles as resumes that showcase verified skills, thus allowing developers to concentrate on coding rather than traditional job application processes.
Keywords: #phi4, AEO/SEO-ready, AI recruiters, GitHub, activity, code, cover letter, developer portfolios, feedback, job board, portfolio, professional email, repos, resume, setup, skills, timeline, verified skills, visual timeline
remotedevelopers.com 5 days ago
|
1241.
HN
How do I get startups to use my open-code project?
The creator of "Anabranch," an open-code orchestration system, is seeking adoption among startups. This tool automates the workflow between Jira, coding agents like Cursor or Claude, and GitHub, yet no startup has implemented it despite interest shown through Reddit engagements and recognition on GitHub. The developer aims to increase its usage without monetizing or directly approaching companies, and seeks advice on strategies for encouraging startups to utilize this open-source solution. This pursuit highlights the challenge of transitioning from initial interest to practical adoption in real-world environments.
Keywords: #phi4, GitHub, Jira, PR (pull request), automation, coding agents, interest, open source tool, open-code project, orchestration system, repository, startups, tickets
news.ycombinator.com 6 days ago
|
1248.
HN
Show HN: Vet – Prevent coding agents from making mistakes
Vet is a swift, locally-operated code review tool designed to enhance the accuracy of coding agents by preventing mistakes during development. It distinguishes itself through its ability to detect more pertinent issues efficiently compared to other tools, focusing specifically on logic flaws or unhandled cases that might arise post-code generation. The integration of Vet into workflows is streamlined and user-friendly; it requires only a single line of setup using existing API keys, which facilitates its adoption in various environments like local models, CI/CD pipelines, or as an agent skill. Vet's open-source nature ensures transparency and security, with no telemetry involved, while also supporting comprehensive review capabilities over entire pull requests. Users are encouraged to explore the tool on GitHub and participate in community contributions through Discord.
Keywords: #phi4, API keys, CI, CLI, Discord, GitHub, PRs, PRs (Pull Requests), Vet, code review, coding agents, concise, conversation history, edge cases, feature requests, installation, local, logic errors, mistakes, open source, precision, precisionKeywords: Vet, skill, telemetry, tests, tool, video introduction
imbue.com 6 days ago
|
1249.
HN
Show HN: See AI Come Alive AIMA Visualizations Repo (GitHub)
The "aima-visualizations" project is an open-source initiative that provides interactive visualizations of algorithms discussed in "Artificial Intelligence: A Modern Approach" by Russell and Norvig. Utilizing technologies such as React, TypeScript, D3.js, and KaTeX, the project focuses on demonstrating key concepts in artificial intelligence including its foundational elements drawn from eight disciplines, historical context, various approaches, rational agents, current capabilities, as well as associated risks and benefits. The creator of this initiative encourages feedback and contributions, inviting collaborators to participate through its GitHub-hosted repository. This endeavor aims to enhance the understanding of AI principles by visually representing them in an interactive manner.
Keywords: #phi4, AI, AIMA, Algorithms, Artificial Intelligence, Benefits, D3js, Disciplines, Foundations, GitHub, History, Interactive, KaTeX, Rational Agents, React, Risks, Russell Norvig, TypeScript, Visualizations
jsurrea.github.io 6 days ago
|
1251.
HN
An iOS library to natively render After Effects vector animations
Lottie is a versatile cross-platform library that supports iOS, macOS, tvOS, visionOS, Android, and Web platforms, designed for native rendering of vector-based animations created in Adobe After Effects. It facilitates the seamless integration of complex animations by utilizing the bodymovin JSON export format, thereby eliminating the need for developers to manually recreate these animations. The library offers multiple installation options, including Swift Package Manager, CocoaPods, and Carthage, while also providing dynamic interaction capabilities such as runtime color adjustments and keyframe modifications.
A strong focus on user privacy is evident in Lottie’s approach, as it does not collect any user data and incorporates security measures like self-signed code signatures for its XCFramework bundles from version 4.4.0 onward. The library fosters community involvement by offering comprehensive documentation that guides users through cloning the repository, running tests, and integrating new animations into the testing suite. To ensure consistent coding standards, Lottie utilizes tools such as SwiftFormat and SwiftLint, supported by a Rakefile for facilitating various build commands.
Keywords: #phi4, After Effects, Airbnb Swift Style Guide, Carthage, CocoaPods, GitHub, Lottie, Rakefile, Swift Package Manager, SwiftFormat, SwiftLint, XCFramework, animations, bodymovin JSON, contributions, framework, iOS, privacy, security, snapshot tests, vector
github.com 6 days ago
|
1252.
HN
OpenTitan Shipping in Production
OpenTitan is an open-source Root of Trust (RoT) initiative developed by Google and maintained by lowRISC C.I.C., now integrated into commercially available Chromebooks through Nuvoton. Over seven years, it has distinguished itself as the first RoT to support post-quantum cryptography for secure booting, offering cost-effective hardware security solutions that are customizable or independently verifiable due to its open-source nature. The project's design supports a wide range of applications and emphasizes quality assurance through top-level verification and comprehensive testing. Collaboration within the open-source community has been pivotal in OpenTitan’s success, evidenced by increasing contributors and code commits. As deployment expands into Google's datacenters, ongoing development focuses on future iterations that will support lattice-based post-quantum cryptography. This project exemplifies effective open-source methodologies applicable to broader design domains beyond security, promoting growth in commercial open silicon development. Those interested can access further information through OpenTitan’s GitHub repository or by contacting the team directly.
Keywords: #phi4, Caliptra, Chromebooks, Earl Grey, GitHub, Nuvoton, OpenTitan, Root of Trust (RoT), contributors, datacenters, design verification, hardware RoT, lattice-based PQC, lowRISC CIC, open source, post-quantum cryptography (PQC), production, silicon security
opensource.googleblog.com 6 days ago
https://lowrisc.org/ibex/ 5 days ago
https://opentitan.org/dashboard/index.html 5 days ago
https://arxiv.org/pdf/2303.07406 4 days ago
https://www.cnx-software.com/2026/03/04/dabao 4 days ago
|
1265.
HN
Show HN: A unified event protocol dashboard for startup founders
The "Founder's Command Center" is an innovative prototype designed as a unified event protocol dashboard tailored for startup founders, aiming to enhance their workflow efficiency. By consolidating data from various platforms such as Stripe, GitHub, Slack, and Hubspot into one centralized feed, the system addresses the challenge of context-switching between multiple dashboards. This integration provides a cohesive view of startup activities, offering a streamlined experience for users. Currently in its nascent stage, the project is actively seeking feedback regarding its architecture, protocol approach, and user experience to further refine its capabilities. To facilitate this feedback process, a live demo is available where users can explore sample data by accessing it through the "Demo Access" tab without needing an account.
Keywords: #phi4, Command Center, Founder's Command Center, Founder's Command Center Keywords: Unified event protocol, GitHub, Hubspot, Slack, Stripe, UX, Unified event protocol, architecture, central nervous system, context-switching, dashboard, live demo, prototype, startup founders
founders-dashboard-pi.vercel.app 6 days ago
|
1270.
HN
Show HN: SeaRoutes, find the shortest navigable sea routes on the globe
SeaRoutes is a specialized tool designed to assist users in identifying the shortest navigable sea routes between any two locations on Earth, presenting these routes visually on a 3D globe interface. It enhances this functionality by offering alternative pathways through various canal zones, thereby providing comprehensive route planning capabilities. Developed as an open-source project, it can be accessed and utilized via GitHub at [aayushdutt/sea-routes](https://github.com/aayushdutt/sea-routes). The tool is interactive, allowing users to engage with the globe by clicking or searching to place points of interest, thereby facilitating dynamic route determination. This combination of features makes SeaRoutes a valuable resource for anyone needing detailed and customizable sea navigation information.
Keywords: #phi4, 3D globe, Earth, GitHub, SeaRoutes, aayushdutt, alternative routes, canals zones, globe, navigable sea routes, navigation, points, search, software
searoutes.vercel.app 6 days ago
|
1273.
HN
Show HN: Plought – Reduce noise in decision making
Plought is an enhanced decision-making application designed to streamline the evaluation of choices by employing structured methodologies, thereby reducing noise in decision processes. It aids users in making complex decisions such as selecting a job, house, or car by allowing them to establish criteria, score various options, and consistently compare outcomes. The app incorporates new tools for summarized analysis based on user inputs, ensuring consistency even when trade-offs are involved. Plought is accessible without cost and operates as an open-source platform that requires no login, prioritizing data privacy by storing information locally within the browser. Users have the option to export their data. For those interested in exploring or providing feedback, the app can be accessed at its official site, and its codebase is available on GitHub.
Keywords: #phi4, GitHub, Plought, alternatives, analysis, app, browser, choices, comparisons, criteria, decision-making, export, feedback, local storage, methods, open source, outcomes, privacy, privacy Keywords: Plought, structured, tools, tradeoffs
plought.app 6 days ago
|
1280.
HN
Story Builder – AI branching narrative generator (CLI tool)
*Story Builder* is a command-line interface (CLI) tool created by loder-coder that enables the generation of branching narratives through artificial intelligence, drawing inspiration from interactive fiction and game prototyping. This innovative tool streamlines the development of intricate story frameworks from straightforward prompts, catering to needs in interactive fiction creation, narrative prototyping, and exploration of story graphs. Its standout features include AI-powered branch generation, expansion based on user prompts, a developer-friendly CLI workflow, and the ability to export the developed story structures. There are two versions available: a Lite version that is open source on GitHub and provides basic story generation capabilities, and a Pro version accessible via Gumroad, which offers enhanced functionalities such as controlled branching, reproducible outputs, and additional exporting options. Users interested in further details or wishing to provide feedback can visit the respective GitHub repository for the Lite version or the Gumroad page for the Pro version.
Keywords: #phi4, AI, CLI, CLI tool, GitHub, Gumroad, Lite, Lite version, Pro, Pro version, Story Builder, branch generation, branching, branching narratives, controlled branching, developers, exportable, exportable structure, game prototyping, interactive fiction, narratives, prompt-based, reproducible outputs, reproducible outputs Keywords: Story Builder, story graph, workflow
news.ycombinator.com 6 days ago
|
1291.
HN
GitHub Actions is shitting the bed again
GitHub Actions is currently facing significant service degradation that has impacted its performance, leading to delays in queuing workflow runs and reduced availability of Webhooks and Actions. This issue was first reported on March 5, 2026, with GitHub actively investigating the root causes. To keep users informed about any updates or resolutions, GitHub encourages subscriptions for notifications via email or SMS. Users can subscribe by providing their contact information, including country-specific phone numbers for SMS alerts, while agreeing to the platform's privacy policies. Additionally, GitHub offers alternative communication channels such as Slack webhooks and RSS feeds for real-time incident status updates. The company also provides various resources and support options to assist users in navigating these issues.
Keywords: #phi4, Actions, Atlassian, GitHub, OTP, Privacy Policy, SMS, Statuspage, availability, delays, email, incidents, mobile number, notifications, performance, reCAPTCHA, service degradation, subscribe, updates, verification, verification Keywords: GitHub, webhooks
www.githubstatus.com 6 days ago
https://mrshu.github.io/github-statuses/ 6 days ago
https://thenewstack.io/github-will-prioritize-migrating-to-a 6 days ago
https://en.wikipedia.org/wiki/Tay_(chatbot) 6 days ago
https://news.ycombinator.com/item?id=22867803 6 days ago
|
1294.
HN
AI Tools Creating "Convenience Loops" That Reshape Developer Language Choices
The Octoverse 2025 data from GitHub highlights the growing influence of AI tools, particularly GitHub Copilot, on developer language preferences through "convenience loops." This trend is evident in TypeScript's surge to become the most-used language on GitHub, surpassing Python and JavaScript. Its rise is attributed to its strong typing and compatibility with AI assistants, which offer clearer guidance and minimize errors, enhancing usability. Consequently, languages that employ static type-checking are gaining traction as they effectively catch AI-generated code errors before production.
Despite TypeScript's ascendancy in general activity levels within the GitHub ecosystem, Python continues to dominate AI project development due to its efficiency in model training. This situation presents a challenge for newer programming languages; their lack of extensive existing code bases means less support from AI tools, prompting developers to opt for more established languages and perpetuating their popularity.
The data underscores the massive scale of these shifts, with GitHub recording 180 million developers, 630 million repositories, and nearly a billion commits in 2025. Leaders are encouraged not only to track AI tool usage metrics but also to evaluate the quality of outputs produced. Tools like GitHub's Copilot metrics dashboard provide valuable insights for this purpose.
Overall, AI compatibility is subtly yet profoundly reshaping technology decisions. As developers prioritize languages that integrate well with AI assistants, those tools and languages less compatible are gradually losing ground. This trend underscores a broader industry shift towards optimizing developer productivity through enhanced tool synergy.
Keywords: #phi4, AI Coding Assistants, AI Tools, Code Reliability, Convenience Loops, Copilot, Developer Language Choices, Feedback Loop, GitHub, JavaScript, LLM SDKs, Luau, Octoverse 2025, Python, Static Typing, Technology Decisions, Type-Checking, TypeScript, Typst, Usage Metrics Dashboard
www.infoq.com 6 days ago
|
1304.
HN
Show HN: LiberClaw, deploy AI agents that run 24/7 on their own VMs
LiberClaw is an innovative open-source platform designed for continuous deployment of AI agents onto dedicated virtual machines (VMs). It empowers users to define agent functionalities through a markdown-based skills file, ensuring efficient management of persistent memory across conversations and enabling background tasks via a heartbeat system. Each agent operates autonomously on its own VM, complete with separate file systems, databases, and HTTPS endpoints, leveraging open models such as Qwen3 Coder and GLM-4.7 for inference without needing API keys from services like OpenAI or Anthropic.
The platform supports the development of various AI-driven tools including code review bots, research agents, personal assistants, and monitoring tools. Currently, it sustains 61 active agents across 578 conversations with a high reliability rate of 99.7% uptime. LiberClaw provides a free tier that allows users to deploy up to two agents without requiring credit card information, and the deployment process is remarkably swift, taking under five minutes.
The source code for the agent system is openly accessible on GitHub (https://github.com/Libertai/liberclaw-agent), with potential plans to open-source the platform's core code responsible for VM management on Aleph Cloud. Users can access the application through https://app.liberclaw.ai, highlighting LiberClaw’s commitment to accessibility and user empowerment in AI tool development.
Keywords: #phi4, AI agents, GitHub, HTTPS endpoint, LiberClaw, VM filesystem, aleph cloud, bash, code review bots, database, deployment, free tier, heartbeat system, inference models, markdown, monitoring tools, open-source, persistent memory, personal assistants, subagents, uptime, virtual machines, web fetch
news.ycombinator.com 6 days ago
https://youtu.be/57epfQ66Uuw 6 days ago
|
1308.
HN
Show HN: Reduce LLM token use by ~30% with this MCP/CLI tool(Claude benchmarked)
Tilth is a comprehensive tool designed to enhance code reading efficiency for both humans and AI agents by integrating ripgrep, tree-sitter, and cat into a unified system. Version 0.4.4 introduced adaptive second-hop impact analysis, improving the tracing of function callers with up to ten unique callers in one scan and establishing a 26-task Opus baseline that increased Haiku adoption from 42% to 78%, resulting in a 38% cost reduction per correct instance. In version 0.4.5, the TOKEN_THRESHOLD was raised from 3500 to 6000 estimated tokens, allowing mid-sized files to return full content without needing multiple section calls for AI agents. This update also significantly improved gin_radix_tree and rg_search_dispatch performance while achieving 100% accuracy with Sonnet, alongside a notable cost reduction. As an open-source project hosted on GitHub, Tilth's maintainer seeks contributions from those capable of running benchmarks, particularly using Opus, due to budget constraints for extensive testing. Full results are available in the project's repository.
Keywords: #phi4, AI agents, Claude benchmarked, GitHub, MCP/CLI tool, Reduce LLM token use, Show HN, Smart code reading, Sonnet accuracy, TOKEN_THRESHOLD, Tilth, adaptive 2nd-hop impact analysis, callers search, function, gin_radix_tree, rg_search_dispatch, ripgrep, tree-sitter
news.ycombinator.com 6 days ago
|
1313.
HN
Show HN: Open Right Zoom, Open Source Alternative to Right Zoom for macOS
Open Right Zoom is an open-source macOS utility designed as an alternative to applications like Right Zoom, BetterZoom, and Magnet, developed by Michele0303. It enhances the functionality of the green zoom button on Macs running macOS 13 Ventura or later, enabling windows to maximize without entering full-screen mode while keeping both the Dock and menu bar visible. A second click reverts the window back to its original size. Holding any modifier key (Command, Control, Shift, Option) activates standard macOS fullscreen mode. The utility supports all applications, including Finder, Safari, Terminal, VS Code, Chrome, among others. Users can either download a pre-built version from GitHub or build it themselves using Xcode. Installation requires moving the app to the /Applications folder and removing its quarantine flag due to being unsigned, followed by granting Accessibility access. Open Right Zoom is distributed under the MIT license, ensuring broad usability and modification rights for users.
Keywords: #phi4, Accessibility, Chrome, Dock, Finder, GitHub, MIT License, Open Right Zoom, Safari, Terminal, VS Code, Ventura, Xcodeproj, alternative, build from source, fullscreen, git clone, macOS, maximize windows, menu bar, utility
github.com 6 days ago
|
1320.
HN
TypeScript surpassed Python, JavaScript to become most-used language on GitHub
In August 2025, TypeScript emerged as the most-used language on GitHub, surpassing Python and JavaScript, a change driven by AI integration in software development that reshaped developers' preferences towards languages offering reduced friction and enhanced convenience. This shift highlights how AI facilitates coding through tools like GitHub Copilot, making complex languages more accessible and appealing, especially strongly typed ones like TypeScript, which provide clear constraints that improve AI reliability. As a result, TypeScript experienced a 66% growth year-over-year. While AI-driven workflows have significantly boosted productivity, they also demand stricter architectural oversight to prevent drift, emphasizing the need for teams and leaders to establish strong patterns and use type systems as guardrails.
Engineering leaders are advised to prepare for increased throughput by standardizing processes and investing in architectural review capacities, ensuring high-quality outputs through rigorous testing of AI-generated code. Monitoring these outputs with detailed metrics is crucial to maintain alignment with design principles. The Octoverse 2025 findings underscore that AI's influence extends beyond coding speed, impacting broader technology ecosystems and decision-making, necessitating a conscious consideration of AI compatibility in tool and language selection. This paradigm shift highlights the importance for developers and leaders to understand how technological habits evolve around AI-assisted workflows to mitigate future development friction.
Keywords: #phi4, AI, Copilot, GitHub, JavaScript, LLM SDKs, Octoverse 2025, Python, TypeScript, architectural drift, convenience loop, developer productivity, strongly typed languages, type systems
github.blog 6 days ago
|
1341.
HN
Ten Years of Deploying to Production
In 2018, an operations team was responsible for bi-weekly production deployments at a company beginning its exploration of AWS for internal systems. The deployment process was rigid, requiring frequent intervention from the ops staff due to inflexible timelines and lack of a formalized code review or versioning system. This environment posed significant challenges for the data science team in deploying machine learning models efficiently.
To address these issues, the author spearheaded the adoption of DevOps practices within the organization. This involved collaboration with both engineering and operations teams, the introduction of Chef to automate tasks, and the establishment of an internal PyPi repository to manage dependencies effectively. Additionally, structured workflows such as tagging releases and employing pull requests were implemented, enabling more streamlined and successful model deployments.
Over time, from 2018 to 2026, there has been a notable transformation in operational philosophy. The focus shifted from the operations team's primary concern of protecting production at all costs to an approach led by Platform Engineering that prioritizes enhancing developer experience and accelerating CI/CD processes. This modern strategy emphasizes facilitating easier and faster deployments for developers while ensuring production systems remain robust and resilient, allowing for quick issue resolution without compromising system integrity.
Keywords: #phi4, AWS, CI/CD, Chef, DevOps, GitHub, ML models, PRs, PyPi, Python, VM, business logic, change management, data science, deployment, developer experience, infrastructure, internal repository, mission, operations team, ops, platform engineering, production, resilience, self-service path, ticketing, training data, versioning
brandonvin.github.io 6 days ago
|
1354.
HN
Self-Supervised Flow Matching for Scalable Multi-Modal Synthesis
The document presents "Self-Supervised Flow Matching for Scalable Multi-Modal Synthesis," a collaborative research initiative by Black Forest Labs and Frontier AI Lab, featuring contributions from researchers such as Hila Chefer, Patrick Esser, Dominik Lorenz, Dustin Podell, Vikash Raja, Vinh Tong, Antonio Torralba, and Robin Rombach. This project centers on the development of FLUX models (FLUX.2 MaxFLUX.2 and Klein), which employ self-supervised learning techniques to enable scalable multi-modal synthesis. The research is part of Black Forest Labs' larger AI research and development strategy, providing tools like an API, open weights, documentation, and licensing details through Hugging Face and GitHub platforms.
Black Forest Labs underscores its commitment to responsible AI development, focusing on trust, security, and compliance with ISO 27001 standards. The company ensures robust governance and ethical guidelines are upheld in their projects, offering resources including various legal terms, such as a Non-Commercial License, and comprehensive documentation and support for users. Through these efforts, Black Forest Labs aims to advance AI technologies while maintaining high standards of responsibility and integrity.
Keywords: #phi4, Black Forest Labs, Documentation, FLUX2, Frontier AI Lab, GitHub, Hugging Face, Klein, MaxFLUX2, ModelsAPI, Multi-Modal Synthesis, Non-Commercial License Terms, Open Weights, Responsible AI Development Policy, Self-Supervised Flow Matching
bfl.ai 6 days ago
|
1355.
HN
Show HN: Stop LLMs from brute forcing (guessing) APIs
The project "TEKIR" is designed to address challenges in AI agent interactions with API systems, specifically focusing on preventing brute-force attempts through trial and error due to insufficient guidance within traditional RESTful APIs. These APIs often lack explicit instructions for subsequent actions, prompting agents to guess parameters and formats. TEKIR resolves this by augmenting API responses with fields like `next_actions`, `agent_guidance`, and `reason`, which direct AI on what steps to take next following both successful and unsuccessful responses. This method is compatible with existing standards such as RFC 9457 and aligns with the principles of HATEOAS, but provides more readable and agent-specific guidance. TEKIR's implementation includes an npm package, middleware, and markdown specifications for integration into systems like Claude or Cursor.
The name "TEKIR" reflects both personal inspiration and thematic relevance; it honors the author's late cat Çılgın (meaning "crazy" in Turkish), drawing parallels to the resilient nature of a tabby cat ("tekir") that thrives independently. The project aims to emulate these traits by developing systems capable of autonomous decision-making without constant human intervention, echoing the author’s experiences and sentiments associated with their pet. Through this approach, TEKIR aspires to foster self-sufficiency in AI-driven applications.
Keywords: #phi4, APIs, Express/Fastify, GitHub, HATEOAS, Istanbul, LLMs, RFC 9457, TEKIR, agent_guidance, agents, automated agents, brute forcing, context, documentation, dynamic API design, intelligent reasoning, middleware, next_actions, npm package, problem details, project page Keywords: APIs, resilience, tabby cats
tangelo-ltd.github.io 6 days ago
|
1356.
HN
Show HN: Captain Claw local AI agent, 29 tools, multi-session, DAG orchestration
Captain Claw is an open-source AI platform designed for local deployment, supporting various large language model providers such as OpenAI, Anthropic, Gemini, and Ollama. It facilitates a persistent multi-session environment that allows users to run different models concurrently and interchangeably with first-class session management, enabling seamless context switching and task orchestration.
The platform boasts several key features: it supports multiple models simultaneously within separate sessions, allowing the use of diverse AI models like Claude and GPT together. Persistent workflows enable tasks to resume exactly where they were left off. Built-in safety mechanisms ensure secure operations by conducting input, output, and script checks. Captain Claw includes a comprehensive set of 29 tools for various tasks ranging from shell commands, file manipulations, web searches, document processing (PDFs, DOCXs, XLSXs, PPTXs), image generation/OCR/vision to email management and integration with Google services.
Additionally, it features an orchestrator mode that breaks down complex tasks into parallel Directed Acyclic Graphs (DAG) across sessions while offering real-time progress monitoring. For user interaction, Captain Claw provides a web interface and a command-line interface for terminal-based users. Configuration is manageable through YAML files and environment variables, supporting advanced functionalities such as deep memory via Typesense, relational data storage, and agent-to-agent routing using BotPort.
Installation options include pip or Docker, with detailed instructions available in the USAGE.md documentation. The project fosters community involvement by welcoming GitHub contributions and issue reporting, ensuring an evolving and collaborative development environment.
Keywords: #phi4, AI agent, BotPort routing, BotPort routing Keywords: Captain Claw, Captain Claw, DAG orchestration, Docker, GitHub, LLM providers, SQLite, YAML configuration, local runtime, multi-session, sessions, tools, web UI
github.com 6 days ago
|
1360.
HN
Show HN: VideoNinja – paste video URLs, walk away, they download
VideoNinja is a user-friendly application designed to simplify video downloading by allowing users to paste URLs directly into the app without needing terminal commands. It features a graphical interface that provides real-time updates on queued downloads, including available disk space, and enables easy access to the output folder with just one click. The tool ensures downloaded content persists even after restarts. VideoNinja relies on yt-dlp for downloading and ffmpeg for processing videos; it attempts to automatically find these dependencies or offers setup assistance if they are not present. Initially a private project, it is now publicly accessible under an MIT license, with installers available for both Mac and Windows platforms. The application is hosted on GitHub, offering users easy access to the software and its source code.
Keywords: #phi4, AI, GUI, GitHub, MIT, Mac, URLs, VideoNinja, Windows, disk space, download, ffmpeg, installers, ninja, queue, restarts, yt-dlp
news.ycombinator.com 6 days ago
|
1369.
HN
It's time for open source to retire
MalusCorp's letter, penned by CEO Mike Nolan, discusses the company's strategy to move away from reliance on open-source software due to perceived risks and inefficiencies in a commercial environment. The communication recognizes the significant contributions of the open-source community but argues that these efforts are not sustainable for businesses. MalusCorp identifies key issues with open source, such as accidental failures exemplified by Log4Shell, intentional disruptions driven by political or personal motives, and the intricate legal compliance challenges involved.
To address these concerns, MalusCorp introduces "cleanroom-as-a-service," an innovative AI-driven platform that recreates software dependencies independently from their original codebases. This approach aims to enhance reliability, ensure legal compliance, and eliminate supply chain vulnerabilities while offering contractual support and reducing overhead costs for companies. Anticipating ethical objections regarding the use of open-source ideas without direct compensation, MalusCorp argues that its practices align with those of many businesses already utilizing open-source software.
The letter critiques the current model as flawed due to unsustainable maintainer burdens and broken social contracts within the community. MalusCorp presents its solution as a necessary evolution, freeing software from outdated constraints while expressing gratitude for the foundational work by the open-source community. Ultimately, MalusCorp advocates for a shift toward a more secure and commercially viable model that upholds the collaborative spirit of open source but adapts it to meet modern business requirements.
Keywords: #phi4, AI, AI tools, Fortune 500, GitHub, GitHub issues, MalusCorp, Open source, cleanroom, cleanroom engineering, commercial, commercial alternative, compliance, compliance overhead, copyright, copyright law, ethical objections, ethics, gratitude, license, license liberation, retirement, software, software infrastructure Keywords: Open source, supply chain, supply chain risk
malus.sh 6 days ago
https://fosdem.org/2026/schedule/event/SUVS7G 6 days ago
https://youtu.be/9qEtm2zx314 6 days ago
|
1371.
HN
Show HN: Turn GitHub commits into a publish-ready changelog
HeyEmit is a GitHub App designed to facilitate the creation of changelogs by automating draft entry generation from commit diffs. It streamlines changelog maintenance by enabling users to set rules for triggering entries and manage drafts before they are published, without fully automating release processes, thus encouraging active user involvement in updating and publishing changes. Developers can connect their GitHub repositories to HeyEmit, allowing the platform to assist in organizing and drafting changelog entries efficiently. In addition to this core functionality, HeyEmit offers an embeddable widget for integration into other apps or websites and provides a public changelog page for broader visibility. Although it is a paid service, it includes AI-generated summaries for users who prefer automatic drafting of changelogs. The platform seeks user feedback on current changelog practices and potential workflow integrations while highlighting desirable features to enhance its utility. Further details about HeyEmit can be accessed through their website at heyemit.com.
Keywords: #phi4, AI-generated summaries, GitHub, GitHub App, HeyEmit, changelog, commit diffs, commits, draft entries, paid tool, public page, repository events, rules, widget, workflow
heyemit.com 6 days ago
|
1373.
HN
NiroDB – A key-value storage engine built from scratch in Go
NiroDB is a novel key-value storage engine crafted entirely in Go without relying on external libraries. It incorporates several components aimed at optimizing performance and reliability, including a Skip List memtable for efficient data reads and writes, and a Write-Ahead Log enhanced with CRC32 to ensure robust crash recovery. The system uses an SSTable version 2 equipped with a Bloom Filter, maintaining a low false positive rate of approximately 0.8%, alongside size-tiered compaction to manage storage efficiently. Additionally, NiroDB features a TCP server that supports the RESP protocol, ensuring compatibility with Redis applications. While still in its developmental stages, NiroDB is operational and accessible through netcat, inviting contributions and feedback from developers via its GitHub repository at github.com/nirodbx/niroddb.
Keywords: #phi4, Bloom Filter, CRC32, GitHub, Go, NiroDB, RESP protocol, Redis-compatible, SSTable v2, Size-tiered Compaction, Skip List, TCP Server, Write-Ahead Log, contributions, crash recovery, feedback, key-value storage, memtable, netcat
news.ycombinator.com 6 days ago
|
1382.
HN
Stop Writing Instrumentation Code
The article explores the evolution of distributed tracing within application observability, comparing traditional manual instrumentation methods with innovative compiler-based automation. Traditionally, developers using OpenTelemetry have manually instrumented their code to include spans that capture operations like database queries or service calls, an approach prone to errors and inconsistencies due to reliance on developer diligence in adding necessary annotations. While OpenTelemetry offers some automatic and recommended manual instrumentation for frameworks such as Express and PostgreSQL, it fails to automatically trace application-specific business logic without further manual effort, resulting in incomplete tracing coverage that complicates debugging and performance analysis.
The article introduces Encore, a backend framework designed to automate distributed tracing by leveraging typed infrastructure declarations in languages like TypeScript or Go. Using a Rust-based static analyzer, Encore achieves comprehensive tracing of all operations directly from the code's structural declarations, ensuring 100% coverage for activities such as API calls and database queries without requiring manual instrumentation. This method streamlines developer workflows by removing the need for manual annotations and providing consistent tracing in both development and production environments. Encoure supports integration with existing observability tools through OpenTelemetry.
The transition from manual code annotation to compiler-generated insights reflects a broader shift towards declarative coding practices that automate traditionally manual processes in infrastructure management. This advancement not only enhances the reliability and comprehensiveness of tracing data but also facilitates the development of sophisticated analytical features, thereby improving overall system observability.
Keywords: #phi4, API endpoints, Encore, GitHub, HTTP calls, OTLP, OpenTelemetry, SDK, Terraform, TypeScript, auto-instrumentation, backend, cache operations, compiler-level, database queries, infrastructure, instrumentation, manual instrumentation, observability, pub/sub messages, runtime, service-to-service RPC, spans, static analyzer, tracing
encore.dev 6 days ago
|
1386.
HN
FlowLessAI – connects to GitHub, audits your codebase, delivers a PR with fixes
FlowLessAI is an innovative early-access tool that offers 300 free credits to new users, designed to integrate seamlessly with GitHub for automatic codebase auditing. The platform specializes in identifying security vulnerabilities, logic errors, and architectural issues that standard compilers might overlook. By generating production-ready Pull Requests (PRs) directly on GitHub, FlowLessAI streamlines the process from repository selection to delivering verified PRs without requiring manual setup. Each fix is meticulously reviewable at the line level, enhancing precision and accountability. Notably, FlowLessAI surpasses leading AI agents in detecting a wider range of issues, including hardcoded secrets and SSL misconfigurations. Additionally, it provides comprehensive audit artifacts for compliance purposes and supports integration into existing workflows, thereby simplifying the adoption process for teams seeking to enhance their code quality and security practices.
Keywords: #phi4, AI agents, Early Access, FlowLessAI, GitHub, PR fixes, SSL misconfigurations, architectural issues, automated audit, codebase audit, compliance artifacts, hardcoded secrets, impact findings, independent tests, line-level changes, logic errors, production-ready, pull request, repository selection, security vulnerabilities
www.flowlessai.one 6 days ago
|
1392.
HN
Show HN: OneManBSD – A self-containing OpenBSD build with all source in the ISO
OneManBSD is an OpenBSD 7.8 installation image tailored for i386 platforms that emphasizes user independence and comprehensive system control. It contains all necessary source files within its ISO (sys.tgz, src.tgz, xenocara.tgz, and ports.tgz), enabling users to rebuild both the kernel and base system offline. By incorporating lightweight components such as JWM, XFE, and Nedit, it avoids unnecessary bloat while offering full hardware-level control for tasks like audio management. The project includes extensive documentation within the image itself. Rather than creating a new distribution, OneManBSD encourages users to construct their own customizable systems from source code, fostering freedom and diversity in contrast to server-controlled operating systems dominated by major technology companies. It serves as proof that it is feasible to maintain an autonomous workflow on older hardware, opposing modern trends of centralized control and instability within operating systems. A 90-second demo highlights the image's quick boot speed and setup, with further exploration available through a downloadable installer image.
Keywords: #phi4, Github, ISO, JWM, Nedit, OneManBSD, OpenBSD, Sovereign Features, XFE, big corporations, centralized control, demo, desktop OS, distro, diversification, forced updates, freedom, hardware-level control, i386 platforms, installer image, libraries, mixerctl, modern OS, notification beeps, offline documentation, older hardware, open source, portstgz, rebuildable, self-contained, server-controlled clients, source, srctgz, systgz, unstable software environment, version control, workflow, xenocaratgz
bialamusic.com 6 days ago
|
1396.
HN
Show HN: Khaga – AI Infrastructure Diagnosis for AWS, GCP, Azure and Kubernetes
Khaga is an innovative AI-driven tool designed to enhance infrastructure diagnosis across multiple cloud platforms including AWS, GCP, Azure, and Kubernetes. It addresses the inefficiencies associated with using various monitoring tools by providing root cause analysis in plain English, coupled with severity ratings, evidence, and suggested corrective actions. Khaga supports a range of functionalities such as Terraform plan review, Dockerfile analysis, CI/CD log parsing, and compliance estimates for standards like SOC2 and ISO27001. Among its standout features are multi-cloud diagnostic capabilities, predictive intelligence to anticipate infrastructure failures, instant alerts delivered through channels like Slack, email, or PagerDuty, AI-powered reviews of Terraform and Helm configurations, and real-time root cause analysis specifically tailored for CI/CD pipelines and Dockerfiles. The service is accessible without any financial commitment, as users can try it free of charge without needing a credit card. Khaga encourages feedback from infrastructure managers to refine its offerings further.
Keywords: #phi4, AI Infrastructure Diagnosis, AWS, Azure, CI/CD, CloudWatch, Docker, Dockerfile, GCP, GitHub, GitLab, ISO27001 compliance, IaC Security, Khaga, Kubernetes, PagerDuty, SOC2 compliance, Slack, Terraform, instant alerts, kubectl, multi-cloud, pattern recognition, predictive intelligence, real-time diagnosis, root cause analysis
khaga.dev 6 days ago
|
1401.
HN
Phi-4-reasoning-vision and the lessons of training a multimodal reasoning model
Phi-4-reasoning-vision-15B is an open-weight multimodal reasoning model boasting 15 billion parameters, engineered to optimize vision-language tasks through a balance of reasoning power, efficiency, and training data demands. It excels in mathematical, scientific reasoning, and understanding user interfaces while maintaining competitive performance with significantly reduced computational requirements compared to larger models. Accessible via platforms like Microsoft Foundry, HuggingFace, and GitHub, its development highlights several key insights: strategic architecture choices, meticulous data curation, and the integration of both reasoning and non-reasoning data are crucial for success.
The model employs a mid-fusion architecture that effectively combines visual and textual information and utilizes the SigLIP-2 vision encoder to process high-resolution images efficiently. Data quality is prioritized with datasets sourced from open-source origins, refined for accuracy and relevance, and enhanced by synthetic data to bolster text-rich visual reasoning capabilities. A hybrid training approach incorporates both non-reasoning and reasoning tasks, enabling the model to discern when reasoning is necessary.
Phi-4-reasoning-vision-15B demonstrates strong performance across various vision-language tasks, particularly excelling in mathematical and scientific reasoning within computer-user interface contexts. Evaluations reveal that its mixed-reasoning abilities often surpass models confined to either purely non-thinking or thinking modes, achieving an optimal balance between accuracy and computational cost. Integral to the model's development are safety considerations aligned with Microsoft’s Responsible AI Principles. Released under a permissive license, Phi-4-reasoning-vision-15B encourages community engagement in advancing multimodal system research and development.
Keywords: #phi4, GitHub, HuggingFace, Microsoft Foundry, Phi-4-reasoning-vision, RL (Reinforcement Learning), Responsible AI Principles, SFT (Supervised Fine-Tuning), SigLIP-2, architecture choices, compute costs, computer-use scenarios, data curation, dynamic resolution, efficiency, math and science reasoning, mid-fusion architecture, model training, multimodal reasoning, reasoning traces, safety datasets, synthetic data, vision-language tasks
www.microsoft.com 6 days ago
|
1404.
HN
Ghinst – Install from GitHub release section to –/.local/bin
Ghinst is a utility designed to streamline the installation of binaries from GitHub releases directly into the user's local binary directory (`~/.local/bin`). It simplifies this process by automatically determining and downloading the appropriate release assets based on the operating system and architecture of the user's machine. Users have the flexibility to install either the latest available version or a specific version of a repository. The tool is installed via the command `go install github.com/tebeka/ghinst@latest`. To use Ghinst, commands such as `ghinst owner/repo[@version]` are employed, where users can specify the desired GitHub repository and optionally its version. For accessing private repositories or avoiding GitHub API rate limits, it is recommended to set a personal authentication token with the command `export GITHUB_TOKEN=your_token_here`. Ghinst facilitates seamless binary management while being available under an MIT license.
Keywords: #phi4, API, GITHUB_TOKEN, GitHub, MIT license, MIT license Keywords: GitHub, OS, architecture, asset, authentication, binaries, binary, fetches, ghinst, install, private repos, release, releases, symlink, usage
github.com 6 days ago
|
1406.
HN
Improving Django Admin UI with Django-unfold
To improve the Django Admin User Interface, developers can utilize the Django-unfold library, which offers enhanced customization capabilities. For those encountering challenges in implementing particular features, despite consulting documentation, there is an open-sourced demo site hosted on GitHub that provides a variety of practical examples. This resource serves as a valuable tool for both understanding and effectively applying the library's functionalities to their projects.
Keywords: #phi4, Admin UI, Django, Django-unfold, GitHub, demo site, documentation, examples, features, integrate, open-sourced, technical
unfoldadmin.com 6 days ago
|
1432.
HN
Guard rails for AI agents and the developers who ship with them
DevRail is an AI development framework designed to enforce best practices and standards in software projects. For new projects, it offers templates accessible on GitHub or GitLab that include essential components like Makefile, `.devrail.yml`, agent instructions, and pre-commit hooks. Existing repositories can be upgraded to DevRail by following a retrofitting guide if they lack the `.devrail.yml` file.
The framework emphasizes strict quality assurance, mandating the use of `make check` before task completion to ensure all checks on linting, formatting, security, and testing are passed. It requires adherence to conventional commit message formats and insists on environment isolation using Docker containers from ghcr.io/devrail-dev/dev-toolchain:v1 for tool installations instead of the host system.
DevRail promotes consistency in code formatting by adhering to `.editorconfig` rules and mandates that scripts be idempotent, verifying conditions before execution. Documentation standards are outlined in `DEVELOPMENT.md`, guiding users on compliance. Error handling is rigorous; issues found during checks must be resolved rather than suppressed.
The framework provides a variety of make targets for tasks such as linting, formatting, testing, security scanning, and changelog generation, along with a help option to list all available commands. DevRail supports multiple programming languages, including Python, Bash, Terraform, Ansible, Ruby, Go, JavaScript, and Rust, with configurations specified in `.devrail.yml`.
Keywords: #phi4, Ansible, Bash, DevRail, Docker, GitHub, GitLab, Go, JavaScript, Makefile, Python, Ruby, RustExtracted Keywords: DevRail, RustKeywords: DevRail, Terraform, `devrailyml`, `editorconfig`, `make check`, changelog generation, conventional commits, development agent, formatters, formatting, idempotent scripts, language detection, language detectionComma-separated List: DevRail, language detectionFinal Keywords: DevRail, linters, linting, pre-commit hooks, security scanners, security scanning, templates, test runners, testing
devrail.dev 6 days ago
|
1439.
HN
Show HN: ChatyDevOps – Local DevOps workstation for SSH and deploys
ChatyDevOps is a comprehensive local workstation designed to enhance DevOps workflows by centralizing the management of multiple servers within a single interface, thus addressing common challenges encountered across development, staging, and production environments. It features an array of tools including multiple SSH terminals for simultaneous server access, command presets for efficient task repetition, a deployment flow with dry-run capabilities to minimize errors during execution, real-time log streaming for immediate feedback, and API testing functionalities. By operating locally on the user's machine, ChatyDevOps ensures privacy by securely storing credentials internally rather than relying on external services. This approach simplifies operations and maintains data security. For further exploration, resources such as their official website, GitHub releases page, and a demonstrative YouTube video are available. The tool is open to feedback from its users, encouraging continuous improvement based on user experiences and suggestions.
Keywords: #phi4, API, ChatyDevOps, DevOps, GitHub, SSH, credentials, deploys, dev, dry-run, logs, privacy, prod, scripts, servers, staging, terminals, tools
devland.chatyshop.com 6 days ago
|
1440.
HN
Desloppify
Desloppify is a tool designed to elevate the quality of software codebases by integrating mechanical analysis with subjective reviews, targeting issues like dead code, duplication, complexity, naming conventions, abstractions, and module boundaries. It operates using a prioritized fix loop that spans multiple sessions and offers a score resistant to manipulation, ensuring an accurate reflection of codebase quality across its 28 supported languages. This tool guides AI coding agents through commands that facilitate iterative scanning and fixing processes, emphasizing sustainable engineering practices over rapid development by maintaining high standards consistently.
The primary goal of Desloppify is to transform the focus from "vibe coding"—a term denoting fast-paced but less structured development—to a more reliable engineering approach that prioritizes maintainability and quality. The tool employs a cycle where non-essential directories are excluded, scans are conducted, fixes are applied, and reassessments continue until a desired quality score is achieved. This method ensures continuous improvement and discourages superficial enhancements.
Additionally, Desloppify emphasizes genuine metrics for codebase enhancement by making its scoring system resistant to manipulation, which fosters trust in the evaluation process. The tool also promotes community involvement through GitHub, encouraging users to contribute by reporting issues or suggesting improvements under an MIT License. Ultimately, Desloppify aspires to assist developers in crafting codebases that are respected for their high quality and maintainability by seasoned engineers, thus promoting long-term sustainable development practices.
Keywords: #phi4, AI, AI coding agent, Desloppify, GitHub, GitHub badge, LLM, LLM review, MIT License Keywords: Desloppify, badge, codebase, codebase quality, coding, community, depth, detection, engineering, engineering standard, fix, guide, languages, languages support, license, loop, mechanical, mechanical detection, plugin, plugin depth, prioritized fix loop, quality, refactor, review, scan, scoring, standard, workflow, workflow guide
github.com 6 days ago
|
1446.
HN
Hiring Dread
The text discusses the challenges of hiring mid-level web developers in an environment where there is a surge of underqualified applicants and high expectations for development standards. The author's effective strategy involves identifying promising candidates through their self-initiated projects online, focusing on those who exhibit genuine passion and problem-solving skills in coding. These junior hires undergo extensive training to successfully integrate into the team.
However, the rise of Large Language Models (LLMs) has introduced new challenges by enabling developers to generate code without deep understanding, potentially stunting the growth and problem-solving abilities of junior developers. This complication necessitates more rigorous screening methods such as live coding tests, despite concerns about efficiency and bias. The text concludes that navigating this evolving landscape requires a balance between traditional evaluation methods and new tools, all while contending with platforms like LinkedIn, which the author finds challenging to manage.
Keywords: #phi4, GitHub, Hiring, JavaScript, LLMs, LinkedIn, code review, generative AI, jQuery, job description, junior developers, live coding tests, mid-level, problem solving, productivity, recruitment agency, remote working, self-started projects, senior jobs, side projects, technical interview, training, web developers
coderjerk.com 6 days ago
|
1479.
HN
Circle CI Chunk CLI: CLI for generating AI agent context from real code reviews
Circle CI Chunk CLI is a command-line tool designed to harness AI capabilities using real-world code review patterns mined from GitHub pull request comments. It leverages the Claude AI model, available in variants such as Sonnet, Opus, or Haiku, to analyze these comments and generate markdown prompt files that encapsulate team standards. The tool identifies top reviewers within a GitHub organization to gather their comments, utilizing Claude models to discern recurring patterns and norms specific to the team. These insights are then transformed into context prompts for AI coding agents.
A standout feature of Circle CI Chunk CLI is its ability to automate integration tasks such as testing, linting, and AI-driven code reviews directly into an agent’s lifecycle events. It also offers a self-updating mechanism through a built-in command that facilitates tool upgrades. Compatibility extends to macOS (both arm64 and x86_64 architectures) and Linux systems (arm64 or x86_64), with the prerequisite of having the GitHub CLI installed and authenticated, while Bun 1.3+ is suggested as an optional fallback.
Installation can be achieved through multiple avenues: adding a package manifest via Flox, using Homebrew to install from CircleCI’s repository, or employing an installation script that leverages the GitHub API. Quick start commands include authentication with Anthropic's API key and context prompt generation based on organizational review patterns. Users can also configure chunk pipeline runs by identifying specific tasks in CircleCI.
Usage scenarios highlight the tool’s versatility, enabling users to trigger AI coding agent tasks through well-defined prompts and configurations, alongside automating quality checks for Claude Code hooks via shell environment setup and repository initialization. The development framework utilizes mise to manage versions of tools like Bun and Node effectively, ensuring compatibility with both Apple Silicon and Intel-based macOS systems as well as Linux platforms. However, it does not support Windows. Additionally, the tool provides model pricing details based on usage rates for different Claude variants, thus optimizing the development workflow by aligning AI-driven coding tasks with established team standards.
Keywords: #phi4, AI agent, Anthropic API key, Bun, CLI, Circle CI, Claude analysis, GITHUB_TOKEN, GitHub, Linux, Node, code reviews, development, hook automation, macOS, markdown prompt, model pricing, pattern mining
github.com 6 days ago
|
1482.
HN
Show HN: Runlocal – Open-source localhost tunnel, no signup, no tracking
Runlocal is an open-source tool designed to serve as an alternative to ngrok, developed by runlater-eu using Elixir. It facilitates the creation of a public HTTPS URL that forwards traffic directly to a local development server without necessitating user registration or data tracking. By employing WebSockets for real-time HTTP relay, Runlocal eliminates the need for external dependencies such as databases or Redis. The software is open source under the MIT license and can be self-hosted using Docker with just one command, providing users with complete autonomy over their domain configurations, TLS settings, and operational rules. Hosted in the European Union, it ensures data sovereignty and avoids vendor lock-in scenarios. Its codebase is publicly accessible on GitHub for review and customization, fostering transparency and adaptability for its user community.
Keywords: #phi4, Docker, EU hosted, Elixir, GitHub, HTTPS URL, MIT licensed, Phoenix app, TLS, WebSocket, binary, code audit, dependencies, domain, fork, infrastructure, localhost tunnel, ngrok, open source, self-host, server instance, vendor lock-in
runlocal.eu 6 days ago
|
1488.
HN
Deprecate confusing APIs like "os.path.commonprefix()"
The article addresses the longstanding confusion and security concerns associated with the `os.path.commonprefix()` function in Python's standard library, highlighting its misleading placement within the `os.path` module and its character-by-character comparison method that deviates from logical path segment operations. Seth Larson points out that despite efforts to clarify documentation since 2002, these explanations have been inadequate in preventing misuse over two decades, leading to significant security vulnerabilities such as CVE-2026-1703, which impacted pip, and similar issues faced by SecureDrop and the HTTPPasswordMgr class. In response, Larson has proposed deprecating `commonprefix()` through pull requests and converting existing documentation into explicit security warnings, emphasizing that user safety should take precedence over backward compatibility in resolving such misleading APIs.
Additionally, the introduction of a new function, `os.path.commonpath()`, in 2017 was meant to offer proper path comparison behavior but failed to result in the deprecation of `commonprefix()`. The article references past developer discussions and reports that acknowledged the inadequacies of the function. Larson advocates for proactive replacement strategies for confusing or insecure APIs based on his insights as the Security Developer-in-Residence at the Python Software Foundation, with support from Alpha-Omega. This call to action underscores the importance of addressing API design issues that compromise security and usability in programming languages.
Keywords: #phi4, APIs, CVE-2026-1703, Deprecation, GitHub, HTTPPasswordMgr, PyPI, PyPIKeywords: Deprecation, Python Software Foundation, Ruff, SecureDrop, Trellix, backwards compatibility, commonpath(), confusion, documentation, is_within_directory(), labeling, misuse, ospathcommonprefix(), path traversal, pip vulnerability, security issues, static code analysis, tarfile module
sethmlarson.dev 7 days ago
|
1490.
HN
Show HN: Qlog – grep for logs, but 100x faster
Qlog is a fast, user-friendly log querying tool optimized for developers and DevOps professionals who require swift analysis of large volumes of logs. It leverages an inverted index to deliver sub-millisecond searches, offering significant performance improvements over traditional tools like `grep` and more complex solutions such as Elasticsearch. Qlog excels in indexing speed, processing over a million lines per second, and facilitating rapid search through millions of log entries with minimal setup—requiring no configuration or server infrastructure since it operates offline using Python.
The tool automatically detects common log formats including JSON, syslog, nginx, and apache, providing aesthetically pleasing terminal output along with context lines for enhanced readability. Its local storage approach ensures efficient repeated searches without network dependencies. Users can easily index logs with commands like `qlog index './logs/**/*.log'` and perform search queries such as `qlog search "error" --context 3`. Additionally, Qlog offers features like statistical analysis via `qlog stats`, JSON output formatting, and an API for programmatic access.
Compared to `grep`, Qlog's speed is notably superior during repeated searches due to its indexing capability, albeit requiring an initial indexing step. Unlike Elasticsearch, it boasts simpler setup and offline operation with minimal resource demands. While not supporting distributed search like Splunk, Qlog offers a balance of simplicity and low resource usage.
As an open-source project under the MIT License, Qlog invites community contributions and user support through platforms like Ko-fi. In summary, Qlog provides an efficient and straightforward solution for log querying, appealing to those who prioritize speed and ease without needing complex system architectures.
Keywords: #phi4, API, CLI, DevOps, Elasticsearch, GitHub, JSON, MIT License, Python, Splunk, apache, benchmarks, contributions, grep, indexing, installation, logs, nginx, performance, qlog, search, statistics, support, syslog, terminal, tokenization
github.com 7 days ago
|
1491.
HN
Show HN: NexQuake – Q1 Browser Multiplayer (Docker, WASM, Go)
NexQuake is a modernized version of the classic Quake game, developed to facilitate browser-based multiplayer gaming using Docker and WebAssembly. Celebrating Quake's 30th anniversary, NexQuake incorporates cutting-edge features such as GPU-accelerated rendering, UDP relay over WebSocket, on-demand streaming for game files and CD audio, along with support for touch controls and gamepads. It also includes compatibility for shareware versions and popular mods at startup, in addition to multi-server auto-scaling capabilities. The implementation is highly efficient, encapsulated within a lightweight ~10MB Docker image. Resources such as the source code, documentation, online demos, and options for local setup via Docker are accessible through GitHub and the Nexus Quake website. Users can experience the game either by trying it online or running it on their own systems with specific Docker commands provided in the project's repository.
Keywords: #phi4, CD audio, Docker, GPU, GitHub, Go, NexQuake, Nexus, QuakeC, UDP, WASM, WebSocket, auto-scaling, browser, documentation, gamepad support, launch flags, mods, multi-server, multiplayer, palette conversion, servercfg, source code, streaming, touch support, wolfi-base
kitty1.quake.nexus 7 days ago
|
1495.
HN
Agent's context is a junk drawer
The article addresses the inefficiencies arising from excessive configuration of AI coding agents using redundant context files like AGENTS.md. As of 2026, developers frequently copy-paste these configurations without full comprehension, resulting in cluttered project directories and suboptimal agent performance. Research from ETH Zurich indicates that adding such context files often diminishes task success rates and elevates computational costs, with only slight improvements in certain cases. The root cause is identified as a lack of trust in AI tools, leading developers to over-specify instructions, creating unnecessary noise instead of beneficial guidance.
To resolve this, the article suggests streamlining AGENTS.md files by retaining only essential directives that prevent specific failures, such as deploy steps and team conventions not found in the code. It draws an analogy with the "convention over configuration" principle seen in frameworks like Rails, emphasizing how using established patterns can minimize redundant instructions. Developers are advised to critically assess their context files and eliminate lines that do not directly contribute to preventing errors, thereby enhancing agent effectiveness and ensuring focus on truly necessary directives.
Keywords: #phi4, AGENTSmd, AI configuration, CLAUDEmd, GitHub, GitHub repo, Rails community, agent effectiveness, attention budget, coding agents, configuration, constraint density, context, context files, context management, convention over configuration, copy-paste problem, deployment steps, environment setup, failure-backed instructions, inference, inference cost, instruction-following, junk drawer, pruning rubric, research findings, sequential code tasks, system promptKeywords: AI, trust issues
www.augmentcode.com 7 days ago
|
1506.
HN
I've worked remotely at GitHub for thirteen years: here's what works
GitHub has been a trailblazer in remote and asynchronous work since 2013, fostering an environment that departs from traditional office-centric models by emphasizing flexibility, transparency, and developer satisfaction. The company eschews mandatory in-office hours and rigid hierarchies, instead leveraging technology to facilitate open-source culture and flexible workflows. GitHub's innovative use of tools like issues and pull requests extends beyond coding tasks to internal policy management, with Markdown serving as a pivotal format for clear communication and change tracking. This approach enables seamless asynchronous collaboration without the common pitfalls of traditional document sharing.
The physical office at GitHub is not a required workspace but rather a central hub that supports diverse work hours and locations, aligning with its philosophy of flexibility. The company further enhances team cohesion through intentional practices such as annual summits, "Hack Houses," and digital equivalents of casual interactions, which are critical for maintaining a strong culture despite geographical dispersion.
GitHub's model illustrates how remote work can bolster both cultural strength and operational efficiency when designed thoughtfully. These insights have been encapsulated in the author's book, *Open and Async*, offering practical guidance for effectively scaling distributed teams across various industries.
Keywords: #phi4, DevOps, GitHub, Markdown, Remote work, async communication, collaboration, culture, developer happiness, distributed teams, documentation, intentionality, open-source workflows, remote-first
ben.balter.com 7 days ago
|
1513.
HN
Show HN: Open Memory Specification (OMS), Context Assembly Language (Cal)
The Open Memory Specification (OMS) seeks to standardize memory systems for AI agents by addressing the challenge of a lack of universal format for transferring memory across different frameworks while ensuring data integrity and verifiable deletion. It comprises three main components: the Binary Container Format (.mg), Context Assembly Language (CAL), and Semantic Markup Language (SML). The .mg format is an immutable, content-addressed binary container using SHA-256 hashing to store AI knowledge in ten distinct grain types, including Belief, Event, State, Workflow, Action, Observation, Goal, Reasoning, Consensus, and Consent. CAL functions as a query language that enables the assembly of context for Large Language Models (LLMs) through append-only operations, respecting execution limits and token budgets to avoid destructive actions. SML serves as an output format employing grain type tags like `<belief>` or `<reasoning>`, which act as epistemic indicators revealing the nature of information rather than its mere content. The OMS is available under open-source licenses (CC0 and OWFa 1.0), facilitating public access and contributions, with additional details accessible in its GitHub repository.
Keywords: #phi4, AI agent memory, Action, Belief, Cal, Consensus, ConsentKeywords: Open Memory Specification, Context Assembly Language, Event, GitHub, Goal, LLM context, MessagePack, OWFa 10 licensed, Observation, Open Memory Specification, Reasoning, SML, Semantic Markup Language, State, Workflow, append-only writes, binary container format, content-addressed, deterministically serialized, epistemic signals, grain types, immutable, mg file, public domain, query language, semantic markup, structural impossibility, token-budget-aware assembly
memorygrain.org 7 days ago
|
1514.
HN
Show HN: SpacePill – Better macOS Space Context Switching
SpacePill is a macOS utility developed to improve the management of virtual desktops known as Spaces, particularly beneficial for users who operate multiple AI coding agents. It tackles the challenge of identifying which Space corresponds to specific tasks, given that many Spaces display similar applications such as terminals and browsers. The tool enhances functionality by adding a color-coded 'pill' to the MenuBar, providing visual differentiation for each Space. Additionally, it introduces a global hotkey feature (cmd+shift+J followed by part of a project name) that enables users to swiftly navigate between different Spaces. For further details and illustrative examples, interested individuals can refer to its GitHub repository.
Keywords: #phi4, AI coding agents, GitHub, MenuBar, SpacePill, Spaces, browser, cmd+shift+J, color-coded pill, context switching, desktops, editor, global hotkey, macOS, project navigation, terminal, utility, windows
news.ycombinator.com 7 days ago
|
1516.
HN
Learnings from a No-Code Lib: Keep the Spec Driven Development Triangle in Sync
The presentation explores insights from developing a no-code library and emphasizes the importance of maintaining alignment among specifications (specs), tests, and code through an approach known as the "Spec-Driven Development Triangle." This methodology perceives development as an iterative feedback loop rather than a linear progression. Various projects that have experimented with this approach, including whenwords, just-bash, Monty, and Anthropic's C compiler, are discussed in terms of their challenges and learnings.
A significant takeaway is the complexity involved in writing specifications and tests, often requiring substantial pre-existing test libraries and continuous effort to synchronize them with the code. The iterative nature of development necessitates ongoing updates to specs and tests as implementation progresses, highlighting a dynamic feedback loop. To tackle these challenges, the speaker introduced Plumb, a tool designed to track coding decisions, update specifications accordingly, and ensure alignment among specs, tests, and code.
Drawing parallels with historical software engineering challenges, such as the Software Crisis of the 1960s-70s, the presentation underscores how new technologies continually reshape development processes. The talk concludes by advocating for modern tools that seamlessly integrate with existing platforms like GitHub to effectively manage the interconnections between specifications, tests, and code in software development.
Keywords: #phi4, Coding Agents, Conformance Tests, Decision Extraction, Feedback Loop, GitHub, Markdown First-Class Citizen, No-Code Library, Open Source, Plumb Tool, Software Engineering History, Spec Tests Code Sync, Spec-Driven Development
www.dbreunig.com 7 days ago
https://www.youtube.com/watch?v=8TXAlOFkmk0 6 days ago
https://github.com/dbreunig/plumb 6 days ago
|
1524.
HN
Show HN: AutosClaw – security first *claw with live chat to any agent session
AutosClaw, developed by Florian, is an advanced AI agent orchestration platform focused on enhancing security and operational efficiency for managing personal assistants or AI agents. It achieves this through the use of ephemeral Docker containers, ensuring that each agent operates within its isolated environment while maintaining the ability to spawn additional asynchronous agents as needed. A standout feature of AutosClaw is its capability for multi-agent orchestration, allowing agents to coordinate and delegate tasks using Model Context Protocol (MCP) tools.
The platform includes a real-time dashboard built with React, which provides comprehensive insights into agent activities and facilitates efficient workflow management through features such as live chat interaction, tool invocation tracking, and sortable tables. AutosClaw is designed for ease of use, offering fast reloads directly from the UI, supporting cron scheduling for routine tasks, and providing detailed cost analysis with token and USD breakdowns.
AutosClaw's technical framework combines technologies like Docker for containerization, Express and WebSocket for server operations, SQLite for database management, and React for the user interface. Its codebase, written in TypeScript, comprises approximately 8,017 lines of code covering both backend and frontend aspects. The platform also emphasizes robust security through JWT authentication, timing-safe comparisons for agent tokens, role-based access control (RBAC), and secure secret management.
The architecture involves a Manager process on the host, individual Docker containers for agents, and a Dashboard interface, with setup options ranging from AI-assisted experiences to manual configurations. Overall, AutosClaw is designed as a sophisticated platform that enhances productivity in development environments by securely managing autonomous AI agents within a networked orchestration framework.
Keywords: #phi4, AI, Anthropic API Key, AutosClaw, Claude Code, Docker, Docker CLI, Express, GitHub, GitHub tokens, JWT authentication, Nodejs, PWA, RBAC, REST API, RESTful API, React, SQLite, Typescript, UI interaction, Vite, WebSocket, WebSocket communication, WebSocket servers, agent lifecycle, agent spawning, agents, asynchronous agents, autonomous, autonomous agents, containers, cost tracking, cost visibility, cron, dashboard, ephemeral, file rotation, graceful shutdown, health check, interactive chat, interactive dashboard, live chat, multi-agent, multi-agent workflows, orchestration, permission inheritance, permissions, project-based secrets, push notifications, real-time, real-time streaming, real-time updates, reconciliation loop, recursive spawning, resilience, sandboxing, scheduling, security, security first, self-hosted, soft deletes, structured logging, token tracking, token usage, tool access
github.com 7 days ago
|
1525.
HN
Git city – visualize GitHub as a city, one building per contributor
"Git City" is a visualization tool designed to represent a GitHub repository as a 3D cityscape, where each contributor is depicted as a unique building within this virtual metropolis. This innovative approach provides an engaging and spatial way to view contributions and interactions on GitHub. By transforming collaborative efforts into a dynamic urban environment, "Git City" simplifies the understanding of the scale and diversity of participation in various projects. The tool offers users a novel perspective on project involvement, making it easier to grasp the extent of collaboration and the varied roles contributors play within their development community.
Keywords: #phi4, 3D, Git, GitHub, Your, building, city, contributor, per, visualize, visualizer
www.thegitcity.com 7 days ago
|
1531.
HN
Show HN: I built a standup app so I'd stop switching between Linear,GitHub,Slack
The developer has created a standup application designed to simplify team updates by reducing dependence on multiple tools such as Linear, GitHub, and Slack. Using Tambo AI, the app integrates seamlessly with these platforms, providing real-time data through interactive components triggered by natural language queries. These components can display task status, workloads, risks, and summaries of individual and team performance. The app features a conversational AI canvas that supports up to four interactive components on an adaptive grid, allowing functionalities like filtering by team members, drag-to-reorder components, and personalized settings.
To ensure data security, the application uses encrypted storage and Google OAuth for authentication. Users can install and configure the app using npm commands, setting environment variables for API keys and secrets as per their needs. Key queries such as "Show me the team" offer comprehensive overviews, while "What's at risk?" highlights overdue tasks, transforming standup meetings into efficient, focused discussions.
Developed with technologies like Next.js, React, Tambo AI, Better Auth, Turso, Tailwind CSS, Recharts, and Zod, the application provides setup instructions in its documentation. As an open-source project under an MIT license, it encourages customization and integration for streamlined data retrieval and effective team communication during standups.
Keywords: #phi4, API Integration, Agile Tools, Component Rendering, Conversational AI, Dashboard, Data Encryption, Developer Productivity, Encrypted Storage, GitHub, Google OAuth, Interactive Components, Linear, Natural Language Processing, Nextjs, Project Management, React, Real-time Data, Recharts, Risk Assessment, Slack, Standup App, Tailwind CSS, Tambo AI, Team Workflow, User Authentication, Zod
github.com 7 days ago
|
1533.
HN
Show HN: Resume Matcher – Tailor your resumes with job descriptions
Resume Matcher is an actively developed AI-powered tool designed to assist users in customizing their resumes based on job descriptions. It enables the creation of a master resume that can be tailored for individual applications with features such as AI-generated enhancements, section reordering, and support for multiple templates. The platform also offers cover letter and email generators, PDF export capabilities, and multi-language support to accommodate diverse user needs. Community engagement is encouraged through contributions on GitHub and discussions via Discord. Sponsors supporting the project include Apideck, Vercel, Cubic.dev, Kilo Code, and ZanReal. Resume Matcher integrates with several AI providers such as Ollama, OpenAI, Anthropic, Google Gemini, DeepSeek, and OpenRouter to enhance its functionalities.
Installation of the tool is straightforward for users with Python 3.13+ or Node.js 22+, with setup guides available in various languages, and it also supports Docker deployment. The technical architecture includes FastAPI, Next.js, TinyDB, Tailwind CSS, and Playwright. Future development plans are open to community suggestions, inviting contributions from developers, designers, and other stakeholders to expand its features and capabilities.
Keywords: #phi4, AI-powered, Discord, Docker, Docker deployment, FastAPI, GitHub, Nextjs, PDF export, Resume Matcher, Tailwind CSS, contributors, cover letter generator, internationalization, job description, multi-language, multi-language UI, resume builder, resume scoring, roadmap, roadmap Keywords: Resume Matcher, sponsorship, tech stack, templates
github.com 7 days ago
https://resumematcher.fyi/ 7 days ago
|
1545.
HN
Show HN: I built a bug reporter that opens a GitHub PR to fix the bug
VibeCheck is an innovative tool designed to enhance the efficiency of resolving minor software bugs. It simplifies the bug reporting process by capturing comprehensive data such as screen recordings, console logs, network requests, and user actions with a single click. This detailed information collection ensures that developers have all necessary insights for quick analysis. A standout feature is its built-in AI capability named "AI Fix," which autonomously addresses small issues like typos or copy changes. By leveraging this AI technology, VibeCheck streamlines the bug-fixing process further by automatically initiating a GitHub pull request (PR) directly from the bug report. This integration not only expedites the resolution of minor bugs but also significantly enhances productivity and reduces manual intervention in software maintenance workflows.
Keywords: #phi4, AI Fix, GitHub PR, PR creation, Show HN, VibeCheck, bug reporter, bugs, console logs, copy changes, network requests, screen recordings, typos, user actions
vibecheck-qa.com 7 days ago
|
1547.
HN
Show HN: Slate – An Open Source Local First Note taking web app built using Rust
Slate is an innovative open-source, local-first note-taking web application constructed using the Rust programming language. Its primary focus is to enhance user privacy and ensure robust offline capabilities, catering to users who prioritize data security and uninterrupted access. By storing notes locally on users' devices, Slate minimizes reliance on cloud services, thereby reducing potential vulnerabilities associated with remote storage. The project's open-source nature encourages community contributions, fostering a collaborative environment for continuous improvement and feature expansion. Available on GitHub under the repository [tangent-labs-dev/slate](https://github.com/tangent-labs-dev/slate), Slate offers users an alternative to traditional note-taking apps by emphasizing control over personal data and functionality independent of internet connectivity.
Keywords: #phi4, GitHub, Local First, Note taking, Open Source, Rust, Show HN, Slate, Web app, project repository, source code, tangent-labs-dev, web application
app.slate.tangentlabs.dev 7 days ago
|
1550.
HN
Show HN: Turn .cursorrules / repo guidelines into GitHub pre-merge checks (OSS)
Watchflow is a tool developed for use with open-source repositories on GitHub, designed to enhance governance by transforming guideline documents—such as `.cursorrules`, `claude-guidelines.md`, and `copilot-prompts.md`—into pre-merge checks. By employing deterministic validators and agent evaluation loops, Watchflow ensures that these guidelines are enforced as strict rules during the code merge process. This automated compliance mechanism guarantees that repository-specific rules are adhered to before any code is merged, thereby streamlining governance processes within GitHub repositories.
Keywords: #phi4, Agentic Governance, GitHub, Show HN, Watchflow, agent evaluation loops, claude-guidelinesmd, copilot-promptsmd, cursorrules, deterministic validators, hard guarantees, open-source, pre-merge checks, repo
watchflow.dev 7 days ago
https://github.com/warestack/watchflow 7 days ago
https://github.com/survivorforge/cursor-rules 7 days ago
|
1554.
HN
Show HN: Miku-cursor-kit – A small Hatsune Miku themed project
The Miku-Cursor-Kit is an npm package designed as a React component to replace the default mouse cursor with an animated Hatsune Miku-themed pixel-style cursor, offering seamless integration into various setups including Next.js, Vite, and plain React environments without necessitating manual asset or style imports. This fully bundled package can be easily installed via `pnpm add miku-cursor-kit`. The developer encourages feedback on the structure, bundling setup, and potential improvements, welcoming contact for further discussion. Additional information about the Miku-Cursor-Kit is accessible through its GitHub repository at [NubPlayz/miku-cursor-kit](https://github.com/NubPlayz/miku-cursor-kit) and its npm package page at [miku-cursor-kit package page](https://www.npmjs.com/package/miku-cursor-kit), with contact details available upon request for those interested in providing feedback.
Keywords: #phi4, GitHub, Miku Cursor Kit, Nextjs, NubPlayz, React, React component, Vite, animated cursor, bundling, bundling setup, feedback, installation, npm, npm package, pixel-style, pixel-style Miku, pnpm, pnpm add Keywords: Miku Cursor Kit
github.com 7 days ago
|
1560.
HN
Open-source AI hardware could weaken Big Tech's grip on AI
At the India AI Impact Summit on February 20, Current AI showcased an open-source AI device capable of identifying candy bars such as Twix, Milky Way, and KitKat. This initiative is part of a $400 million partnership involving governments, foundations, and private companies, aimed at creating alternatives to Big Tech's AI systems. The prototype, developed with Bhashini, supports offline functionality and delivers accurate responses in multiple languages. Equipped with a microphone, camera, and screen, the device seeks to empower diverse communities by reducing reliance on centralized Big Tech solutions. Current AI plans to release its designs on GitHub to encourage further innovation. This effort underscores a commitment to open hardware that considers cultural diversity, resilience, and accessibility of AI technology, fostering equitable global development. Through funding public-interest projects, creating collaboration infrastructure, and developing an alternative ecosystem, Current AI addresses the challenges posed by centralized Western AI advancements.
Keywords: #phi4, Bhashini, Big Tech, Current AI, GitHub, India AI Impact Summit, Open-source AI, camera, creativity, culture preservation, embodied AI, frugal AI, hardware, innovation, linguistic diversity, low-connectivity, microphone, offline device, public-interest AI, resilient AI, screen, walled garden, walled garden Keywords: Open-source AI
restofworld.org 7 days ago
|
1570.
HN
Self-Supervised Flow Matching for Scalable Multi-Modal Synthesis
The article introduces "Self-Supervised Flow Matching for Scalable Multi-Modal Synthesis," a collaborative research project by Black Forest Labs and Frontier AI Lab. This study explores the development of scalable methods for multi-modal synthesis through self-supervised learning techniques, with significant contributions from researchers including Hila Chefer, Patrick Esser, Dominik Lorenz, Dustin Podell, Vikash Raja, Vinh Tong, Antonio Torralba, and Robin Rombach. The research features models such as FLUX.2 and MaxFLUX.2, and provides access to these resources via APIs, open weights, and comprehensive documentation hosted on platforms like Hugging Face and GitHub. Black Forest Labs highlights its commitment to responsible AI development by offering support through a help desk, blog updates, and various policy documents, which aim to ensure trust and security in their technological advancements.
Keywords: #phi4, Black Forest Labs, Documentation, FLUX2, Frontier AI Lab, GitHub, Hugging Face, Klein, MaxFLUX2, ModelsAPI, Multi-Modal Synthesis, Non-Commercial License Terms, Open Weights, Responsible AI Development Policy, Self-Supervised Flow Matching
bfl.ai 7 days ago
|
1572.
HN
Lilaq: Advanced Data Visualization in Typst
Lilaq is an advanced plotting library developed specifically for Typst, aimed at generating publication-quality graphics with real-time previews. It boasts ease of use and seamless integration with Typst documents, ensuring consistent styling and interoperability with Zero. The library provides robust configuration options to create a variety of plot types and diagrams. Additionally, Lilaq includes tutorials and resources that explain the anatomy of diagrams. Support for this project can be accessed through sponsorship on GitHub, highlighting its community-driven development approach.
Keywords: #phi4, GitHub, Lilaq, Typst, Zero configuration, diagram, documents, graphics, integration, interoperability, learn, plot types, plotting library, real-time preview, sponsorship, styling, tutorials
lilaq.org 7 days ago
|
1573.
HN
I Put a Full JVM Inside a Browser Tab
Brian Martin developed JavaBox, an innovative project that enables Java code to run within a browser tab without requiring a server or JVM backend by embedding a complete Linux OS with OpenJDK into WebAssembly using QEMU and Alpine Linux. Initially, the system faced challenges due to lengthy 12-minute restarts of the JVM during compilation processes. However, significant improvements were made by introducing CompileServer, a persistent JVM daemon that drastically reduced these times. Although JavaBox's boot-to-output time remains at 55 seconds, rendering it impractical for regular development use, its potential is being explored in serverless applications like a documentation site and shareable code snippets.
JavaBox incorporates key innovations such as using QEMU snapshots within WebAssembly and compiling OpenJDK to enable browser execution. While not viable for everyday programming due to speed limitations, the project serves as an intriguing proof of concept demonstrating modern browsers' capabilities and requiring extensive understanding of technologies like QEMU, WebAssembly, and JVM. The live demonstration is hosted on a Cloudflare Worker, with its source code available on GitHub, showcasing both the technical hurdles and creative solutions in executing Java directly in browsers today.
Keywords: #phi4, Alpine Linux, Cloudflare Worker, CompileServer, GitHub, JVM, Java applets, JavaBox, OpenJDK, QEMU, WebAssembly, browser, container2wasm, documentation site, emulation, proof of concept, serverless, shareable snippets, snapshot, software CPU emulator, terminal
bmarti44.substack.com 7 days ago
|
1577.
HN
AgentaOS – Give your agents a financial OS in 30 seconds
AgenaOS is an innovative financial operating system specifically designed to support the burgeoning agent economy, focusing on facilitating direct transactions between businesses and artificial intelligence (AI) agents. It allows businesses to adapt their services for AI integration by enabling these entities to autonomously discover, pay for, and utilize said services through programmable interfaces. Moreover, AgenaOS provides capabilities for hiring AI agents to execute various tasks, thereby enhancing operational efficiency. For developers creating AI agents, the platform offers secure accounts with enforceable rules such as spending limits and daily budgets, ensuring that these autonomous entities operate within defined parameters. Operating on a B2B2A (Business to Business to Agent) model, AgenaOS is freely accessible for initial use and supports open-source development through an SDK available under the Apache-2.0 license on GitHub. It addresses existing infrastructure limitations by facilitating micro-transactions at the API-call level without human involvement, representing a significant progression in how businesses can financially engage with AI agents.
Keywords: #phi4, AI agents, AI-ready, APIs, AgenaOS, Apache-20, B2B2A, GitHub, SDK, agent economy, browser sessions, budgets, compute, data, financial OS, free, guardrails, micro-transactions, open source, platform, rules
agentaos.ai 7 days ago
|
1579.
HN
Show HN: BrowseBrawl – What if browser agents battled to generate training data?
"BrowseBrawl," created by mehulkalia and Richard Hruby, is an inventive project where browser agents engage in competitive tasks on live websites. The concept draws inspiration from AlphaGo's self-improvement strategies and the generator-discriminator dynamics of Generative Adversarial Networks (GANs), positing that adversarial environments generate more effective training data than static ones. Developed for the Y Combinator/BrowserUse hackathon, the project features an attacker agent attempting to complete web tasks while a defender uses JavaScript to disrupt its progress. This innovative approach secured first place at the event and can be explored further on [browser-brawl.com](http://browser-brawl.com). The team encourages engagement from others interested in browser agents.
The challenges within "BrowseBrawl" include navigating platforms like Amazon, Google Flights, and TechCrunch to accomplish specific tasks. These competitive interactions aim to enhance the training of browser agents more efficiently. Additional resources are available through its GitHub repository, and a demonstration video showcasing these agent "brawls" can be viewed on [YouTube](https://youtu.be/NIoFXv-JvBY).
Keywords: #phi4, Amazon, Browser Brawl, GANs, GitHub, Google Flights, JavaScript, TechCrunch, YC BrowserUse hackathon, agents, attacker agent, competition, defender agent, demo video, discriminator, generator, marketplace, newsletter, newsroom, skyway, training data
www.browser-brawl.com 7 days ago
|
1582.
HN
Ask HN: Porting MIT CADR to RISC-V
The user is exploring efforts to port the MIT CADR Lisp machine to the RISC-V architecture, noting that while FPGA implementations exist, a RISC-V version has not been identified. With an interest in contributing to such a project if one exists, they are considering initiating their own development. They express openness to guidance or information on any ongoing projects related to this endeavor and prefer joining existing efforts over starting anew. The user references the GitHub repository for Lispers' FPGA implementation as part of their research context.
Keywords: #phi4, FPGA, GitHub, Lisp, MIT CADR, RISC-V, contribute, discussion, implementation, lisper, modified RISC-V, porting, project
news.ycombinator.com 7 days ago
|
1589.
HN
Gaia – open-source assistant that does for actions what ChatGPT did for answers
GAIA is an open-source assistant designed to automate routine tasks across various platforms such as Gmail, Calendar, Slack, Notion, and GitHub, thereby streamlining workflows similar to how ChatGPT simplified information retrieval. It can perform functions like summarizing unread emails, scheduling events, or drafting follow-up messages autonomously. GAIA comes with over 20 built-in integrations and allows for custom integrations via MCP (Micro Controller Protocol), excelling in executing explicitly defined workflows while gradually improving on implicit tasks. Developed by a student team, GAIA has significantly enhanced their workflow efficiency, leading to its early release despite ongoing development efforts. A central design principle of GAIA is maintaining user control, ensuring actions are reviewable prior to execution for balanced autonomy and oversight. The project encourages community feedback on this feature and provides resources for straightforward setup or self-hosting.
Keywords: #phi4, Calendar, ChatGPT, GAIA, GitHub, Gmail, Notion, Slack, actions, assistant, automation, integrations, marketplace, open-source, reminders, self-hosting, tasks, workflows
news.ycombinator.com 7 days ago
|
1590.
HN
Vibe Coding Is Killing Open Source, and the Data Proves It
The article explores the impact of artificial intelligence (AI) on open-source software (OSS), particularly focusing on challenges such as "vibe coding," where AI tools generate code with minimal human input or understanding, leading to sustainability issues in OSS projects. A significant concern is the decline in quality and sustainability, exemplified by projects like cURL, which have seen an influx of low-quality AI-generated submissions, resulting in fewer valid bug reports and wastage of review time for maintainers who have had to shut down incentive programs for such contributions.
Maintainers are taking defensive measures to protect their codebases; high-profile projects like Ghostty and tldraw have implemented strict policies against unsolicited AI-generated contributions. GitHub supports these efforts by allowing repository settings that restrict or disable pull requests, reflecting a broader concern over maintaining quality control. Economically, OSS projects face challenges as AI tools disrupt traditional revenue streams. For instance, increased use of Tailwind CSS via AI-generated classes did not lead to higher revenues due to reduced traffic to its paid documentation.
The trend also negatively impacts developer engagement and code quality, with studies showing that AI-assisted contributions often result in lower code quality and higher churn rates, alongside declines in productivity when developers heavily rely on AI tools. On an ecosystem level, the ease of contribution through AI challenges the traditional social contract of open source, where contributor effort is balanced by maintainer review time. This shift raises the burden on maintainers without adding proportional value.
The article concludes with a call for new economic models and governance strategies to sustain OSS projects under these conditions. Without systemic solutions at an ecosystem level, there is a risk that many open-source initiatives may struggle to be effectively maintained. The overarching concern highlights how AI tools, while facilitating easier use of open source, simultaneously threaten its sustainability by undermining the traditional exchange between contributors and maintainers.
Keywords: #phi4, AI, Code Quality, Contributor Engagement, Developer Productivity, Documentation, Economic Model, GitHub, Kill Switch, Open Source, Pull Requests, Revenue, Sustainability, Vibe Coding
grith.ai 7 days ago
|
1597.
HN
Show HN: YourFinanceWORKS – Open-source financial management with AI OCR
YourFinanceWORKS is an open-source financial management platform created by its author, offering enterprise-grade features along with AI-powered automation, including OCR technology. Designed as a self-hosted alternative to well-known services such as QuickBooks and Xero, this tool provides users the flexibility and control of managing their finances locally while leveraging advanced technological capabilities. The project is accessible on GitHub through a specified link, allowing users to engage with its open-source nature for customization and contribution. This platform combines sophisticated financial management features with innovative automation, setting it apart as an attractive option for those seeking robust solutions without relying on proprietary software.
Keywords: #phi4, AI OCR, GitHub, QuickBooks, Xero, YourFinanceWORKS, automation, capabilities Keywords: YourFinanceWORKS, enterprise-grade, features, financial management, open-source, platform, self-hosted, snowsky
news.ycombinator.com 7 days ago
|
1601.
HN
Show HN: YourFinanceWORKS
"YourFinanceWORKS" is an open-source financial management platform introduced as a self-hosted alternative to mainstream accounting software such as QuickBooks and Xero, designed to make finance more engaging with advanced features. Developed by a user from Hacker News, the project emphasizes community involvement, offering users the ability to access its codebase on GitHub and contribute to ongoing development efforts. This initiative underscores a shift towards customizable financial management solutions that empower users through collaboration and innovation in software design.
Keywords: #phi4, GitHub, QuickBooks, Xero, YourFinanceWORKS, advanced capabilities, alternative, comprehensive, finance, financial management platform, open-source, self-hosted, snowsky
news.ycombinator.com 7 days ago
|
1603.
HN
Show HN: Captain's Log – Your ship sinks when you stop committing
Captain's Log is a macOS menu bar app that infuses pirate-themed gamification into developer productivity by visualizing commit activities as the status of an animated ship. Developed using Swift/SwiftUI and available through Homebrew, it features a virtual galleon whose health reflects coding activity. The application simulates inactivity by sinking the galleon over 8 hours without commits, with water levels rising from 0% (sailing) to 100% (shipwreck), resetting upon each commit or push. It leverages GitHub via the gh CLI to monitor both local and remote repositories, categorizing them into ship types based on activity: Flagships for high activity, down to Shipwrecks for inactivity.
The app offers rank notifications from Captain to Davy Jones, with the latter indicating the need for a commit to "resurrect." It boasts intricate animations including ships, pirate captains, and multi-layer waves, along with dynamic environments. Fleet tracking and support for seven languages enhance user experience, while repository discovery can be configured manually or automatically via a JSON file.
For usage, macOS 13 (Ventura) or later is required, and Swift 5.9+ is needed for building from source. GitHub integration is optional through the gh CLI. The app encourages community contributions to its maintenance and is licensed under MIT.
Keywords: #phi4, Captain's Log, GitHub, GitHub integration, Homebrew, Swift, Swift/SwiftUI, SwiftUI, animation, dev velocity, fleet system, gamification, macOS, pirate-themed, rank system, repository tracking, repository tracking Keywords: Captain's Log, water level
github.com 7 days ago
|
1604.
HN
Show HN: Open-source scanner finds 97% of AI agent code non-compliant EU AI Act
AIR Blackbox is an open-source static analysis tool designed to assess Python AI agent code against six technical requirements outlined by the EU AI Act, serving as a governance "linter." The tool was evaluated on 5,754 files from 11 major open-source projects, collectively amassing over 341,000 GitHub stars. Results showed that only 0.4% of these files fully met all six articles, with substantial non-compliance evident: 97% did not comply with Article 9 (risk management), 89% with Article 12 (record-keeping), and 84% with Article 14 (human oversight). AutoGPT emerged as the top performer while CrewAI Examples lagged behind. The tool checks criteria like risk classification, input validation, logging, audit trails, human review mechanisms, and input sanitization but determines compliance leniently by identifying at least one sub-check per article. This approach falls short of full legal compliance due to constraints such as static analysis limitations and file-level scanning. With the EU AI Act's enforcement deadline approaching in August 2026, further details including reports, raw data, and installation instructions are accessible on the GitHub repository. Plans exist to enhance AIR Blackbox with a fine-tuned local LLM for more comprehensive code analysis.
Keywords: #phi4, AI agent, AutoGPT, EU AI Act, GitHub, Open-source, PII handling, Python, audit trail, compliance, governance, human oversight, linter, local LLM, record-keeping, risk management, static analysis
news.ycombinator.com 7 days ago
|
1605.
HN
The Xkcd thing, now as jenga blocks
The project introduces an innovative way to visualize GitHub repository dependencies by transforming them into a Jenga-like 3D tower, inspired by XKCD comic #2347. Users input a repository URL to convert its dependency structure into an interactive game format. In this visual representation, each block corresponds to a specific dependency within the repo's architecture. Players engage with the system by pulling these blocks, allowing them to explore and assess the fragility of various components in the stack. This process helps identify potential points of failure by simulating the precarious nature of dependencies, akin to playing Jenga, thereby providing insights into how interdependent elements can impact overall stability when altered or removed.
Keywords: #phi4, 3D tower, GitHub, Jenga, NE, URL, XKCD, blocks, breaks, dependencies, dependency tree, fragile, maintain, playable, pull, repo, stack, wobbly
jenga.symploke.dev 7 days ago
|
1608.
HN
Privacy Pass
Privacy Pass is a browser extension developed to enhance internet accessibility by enabling anonymous bypassing of CAPTCHAs through solving proof-of-work challenges just once and reusing tokens for future verifications. It employs Verifiable, Oblivious Pseudorandom Functions (VOPRFs) in its cryptographic protocol to maintain user anonymity and ensure the unlinkability of authentication tokens. Once a challenge is addressed, Privacy Pass creates blinded and signed tokens redeemable without repeated challenges. Integrated with Cloudflare, it was standardized by the IETF in October 2020, and its underlying security properties were presented in a paper accepted at PETS 2018. The open-source extension, licensed under BSD-3, invites contributions to both its browser implementation and server-side components. Although extensively tested, certain elements such as DLEQ proof verification are still evolving, encouraging community participation. Currently available for Chrome and Firefox users, Privacy Pass aims to streamline user experiences while preserving privacy online.
Keywords: #phi4, CAPTCHAs, Cloudflare, DLEQ proof verification, GitHub, IETF standardization, PETS 2018, Privacy Pass, VOPRFs, anonymity, authentication, blind signing, browser extension, cryptographic protocol, elliptic curves, internet challenges, open-source, proof-of-work, tokens, unlinkability
privacypass.github.io 7 days ago
|
1609.
HN
Show HN: What % of your commits were written by AI?
The developer has created a tool designed to analyze GitHub commit histories and quantify contributions made by AI tools like Claude Code or Cursor through specific commit trailers known as "Co-Authored-By." Users access this feature using read-only permissions from their GitHub accounts, allowing the tool to present data visualizations of past year’s activities. These visualizations delineate the extent of code co-authorship attributed to various AI collaborators. Despite its utility, the tool has limitations; it doesn't capture contributions from all AI tools because not every one includes a "Co-Authored-By" trailer—for instance, Codex is excluded. Nevertheless, this application offers valuable insights into the increasing involvement of AI in coding processes by spotlighting how different AI systems contribute to software development efforts on GitHub.
Keywords: #phi4, AI, Claude Code, Co-Authored-By, Codex, Cursor, GitHub, co-authoring, commits, robots, robots Keywords: AI, technical, tool, trailer, usage, visualization, year
technically-your-name-is-on-it.btao.org 7 days ago
|
1610.
HN
Show HN: Not_pad: local idea hub, Windows, single .exe, no install, zip
"Not_pad" is a streamlined note-taking application designed specifically for Windows users who prioritize simplicity and ease of use without installation requirements. It operates as a single executable file, enabling straightforward access and functionality without the need for user accounts or cloud synchronization. The tool allows users to save notes in plain text or Markdown format within locations they select on their device. While it offers functionalities such as Markdown preview and project management, its primary benefit is reducing maintenance tasks, allowing users to concentrate immediately on capturing and organizing their ideas. As a free application currently available only for Windows, "Not_pad" developers actively seek user feedback regarding any potential enhancements or issues. Users can download the tool via a GitHub link and provide input directly through email to SylvaMoth.
Keywords: #phi4, GitHub, Markdown, Markdown preview, Not_pad, SylvaMoth, Windows, archive, collapsible, collapsible sections, counter, download, email address Keywords: Not_pad, executable, feedback, find, find and replace, idea hub, live, live match counter, match, note tool, preview, project, project system, replace, sections, snapshot, system, trash, zip
github.com 7 days ago
|
1612.
HN
Glaze
Glaze is a platform designed to simplify the creation of desktop applications by enabling users to interact with AI, allowing them to produce beautiful, customized software without any coding skills. It empowers individuals to design apps tailored specifically to their needs, which run natively on Macs and support functionalities such as keyboard shortcuts and offline capabilities. Glaze features both public and private stores for app discovery and customization, showcasing its versatility in building team tools and workflows internally. Developed by the creators of Raycast, a well-regarded productivity application, Glaze benefits from their expertise to deliver robust desktop applications effortlessly. With the launch of its private beta on March 4th, Glaze is initially Mac-exclusive, promising seamless integration with an upcoming version of Raycast in April. The platform encourages users to shift from searching for ideal apps to creating them themselves, revolutionizing personalized software development.
Keywords: #phi4, AI, GitHub, Glaze, Mac, Raycast, adapt, background processes, beautiful, beta, capable, chat, dashboard, desktop apps, dynamic Keywords: Glaze, extensions, file system access, integration, keyboard shortcuts, launch, macOS, menu bar, music player, no coding, offline, personal, private team stores, productivity, public store, software, static, tools, tweak, workflow
www.raycast.com 7 days ago
|
1620.
HN
Show HN: A resume renderer that auto-fits your content to one page
Resumx is an advanced resume rendering tool designed to streamline the creation and maintenance of resumes by allowing users to write their content in a single Markdown file, which it automatically formats into one page without manual adjustments for spacing or margins. Users can customize their resumes by tagging sections with specific classes (e.g., @frontend) and generate PDFs, HTML, or DOCX files through command execution. The tool enhances its utility by integrating AI to tailor resumes according to job postings, includes validation features for detecting missing information and formatting errors, and provides an ATS-friendly design with style customization options such as Tailwind CSS support and a comprehensive icon library. Extensive documentation outlining the rationale behind its design decisions is available on both GitHub and the Resumx website, making it accessible and user-oriented for job seekers seeking to optimize their resume presentation.
Keywords: #phi4, AI Skills, ATS-friendly, Auto-fit, DOCX, Documentation, GitHub, HTML, Markdown, PDF, Renderer, Resume, Style Options, Tailoring, Validation
news.ycombinator.com 7 days ago
|
1621.
HN
Show HN: An IntelliJ plugin to test MyBatis dynamic SQL
The text describes an IntelliJ plugin named zMyBatis created by its author to enhance testing of MyBatis dynamic SQL directly within the IDE environment. This plugin fills a gap in available tools by enabling users to execute resolved native SQL from XML mapper statements or Java annotations like `@Select` with specified parameters, simply through a right-click action. Leveraging AI assistance during its development, zMyBatis is accessible on the JetBrains Marketplace and GitHub platforms. Despite being in an early developmental stage with potential imperfections, the author invites feedback from MyBatis users to guide future improvements or determine if it should be discontinued, highlighting a community-driven approach to software evolution.
Keywords: #phi4, @Select, GitHub, IDE, IntelliJ, Java annotation, JetBrains Marketplace, MyBatis, XML mapper, console, dynamic SQL, feedback, native SQL, plugin, workflow, zMyBatis
news.ycombinator.com 7 days ago
|
1639.
HN
Show HN: My Web Games
Partisan Games is an extensive collection of web-based games developed by Damjan Pavlica over 15 years, accessible on PCs without installation requirements. This diverse portfolio includes both 2D and 3D games spanning a variety of themes. The 2D offerings feature multiplayer (two-player) and single-player experiences such as "Tank Duel," "Destroy the Bunker," "Defend the Wounded," and "Attack from Air." In the 3D category, titles like "Attack the Airport," "Escape Enemy Base," and "Graveyard Survival" provide immersive gameplay. Additionally, the collection features thematic 3D scenes such as "Spomeniks Tour" and "Avatar LED City," alongside animations like "Raid on Drvar" and "Flying Through Space." Covering genres from strategy to action and adventure, Partisan Games offers a broad spectrum of interactive experiences that can be explored through their GitHub repository.
Keywords: #phi4, 2D Games, 3D Games, Animations, Artillery vs Tank, Avatar, Capoeira Girl, GitHub, Locomotive, Partisan Games, Physics Vehicle, Spomeniks Tour, Tank Duel, Web Games
partisan-games.github.io 7 days ago
|
1642.
HN
Show HN: Audicia – Generate least-privilege Kubernetes RBAC from audit log
Audicia is an open-source Kubernetes operator designed to automate the generation of least-privilege Role/ClusterRole manifests directly from audit logs, effectively tackling the prevalent issue of excessive permissions in Kubernetes clusters. By analyzing access patterns either through file-based audits or webhooks, Audicia automatically creates scoped permission sets without requiring manual policy creation. This automation ensures that permissions align closely with actual usage, thereby enhancing security by preventing unnecessary privilege escalation. Furthermore, Audicia offers a compliance score that contrasts observed access against granted permissions, providing insights into the efficiency and safety of current RBAC configurations. The tool operates internally within a Kubernetes cluster using Custom Resource Definitions (CRDs), eliminating the need for external dependencies or SaaS components. This ensures it can help manage privilege escalation issues where temporary privileges are not properly revoked after use. Audicia is accessible via GitHub, with additional resources available on its website at audicia.io.
Keywords: #phi4, CRDs, GitHub, Kubernetes, RBAC, ServiceAccounts, audit logs, cluster-admin, compliance score, controller, microservice, namespaces, permissions, secrets, webhooks
audicia.io 7 days ago
|
1647.
HN
Algorithmica – an open-access web book on CS
"Algorithmica," an open-access web book on computer science developed by Sergey Slotin in collaboration with Tinkoff Generation, a nonprofit educational entity, delves into both the art and science of computing. It primarily serves as an instructional resource for participants in the Russian Olympiad in Informatics. While the English version is currently a work-in-progress, an updated draft entitled "Algorithms for Modern Hardware" is available. The primary focus at present is on maintaining the Russian edition, which comprises various course materials utilized by the organization. Users are invited to contribute to the book's accuracy and quality by reporting or correcting errors via GitHub.
Keywords: #phi4, Algorithmica, Algorithms, English version, GitHub, Informatics, Modern Hardware, Russian Olympiad, Sergey Slotin, Tinkoff Generation, computing, issue, open-access, pencil icon, web book
en.algorithmica.org 7 days ago
|
1668.
HN
It's official: Hiring managers aren't reading your Résumé
The landscape of recruitment is evolving significantly, with hiring managers moving away from traditional résumés due to the prevalence of AI-generated documents that can mask a candidate's true abilities through polished but potentially misleading language. This shift places greater emphasis on real-time skills and enthusiasm over formal qualifications such as educational background or previous employment history. To address these challenges, companies are adopting alternative evaluation methods like work trials, skill-based assessments, and leveraging platforms like LinkedIn for active sourcing of candidates. These strategies focus on practical abilities and involve prospective employees in real projects or tailored questions relevant to the job.
As AI continues to influence hiring practices, there is growing concern about biases that may emerge, particularly against capable individuals who might not align with new evaluation methods or lack access to networking opportunities. The trend towards "quiet hiring" encourages candidates to proactively showcase their skills and experiences online, which can attract recruiters' attention but also poses the risk of excluding those less visible or unfamiliar with these formats.
While this de-emphasis on résumés has the potential to democratize hiring by prioritizing actual skills over credentials, it simultaneously risks marginalizing individuals who may not be able to effectively present themselves in these emerging evaluation methods. As technological shifts reshape recruitment processes, there is a critical need for careful assessment to prevent unintentional bias and ensure that all candidates are provided with equitable opportunities.
Keywords: #phi4, AI, GitHub, Hiring managers, LinkedIn, applicant tracking systems, automation, bias, diversity, evaluation, innovation, innovation Keywords: Hiring managers, job market, networking, qualifications, quiet hiring, recruiters, résumés, skills-based hiring, software engineers, technology, trust, work trials
www.businessinsider.com 7 days ago
https://en.wikipedia.org/wiki/Applicant_tracking_system 7 days ago
|
1673.
HN
Extending the Demo: Destruction Derby
The article explores a distinctive feature of the PlayStation Picks disc included with early PlayStation consoles in 1995, focusing particularly on "Destruction Derby," a racing/vehicle combat game by Reflections and Psygnosis. The disc contains both a non-interactive preview and an interactive demo called "One Level Demo." Unlike standard demos, this preview is dynamically rendered live using the game's engine, not prerecorded. Users can switch between these versions by altering a specific memory value on the console, allowing them to play instead of just watching the auto-demo.
The "One Level Demo" reflects an unfinished version dated July 23rd, 1995, showing slight differences from the final released version in terms of graphics and gameplay mechanics, such as the inclusion of a time limit. The article's author has developed a patch that modifies the game code to automatically load this interactive demo rather than the non-interactive preview by adjusting a particular function check within the game’s memory. Instructions for applying this patch are available on GitHub.
Additionally, the article recommends a Hidden Palace podcast episode discussing hidden prerelease builds found on demo discs and provides directions to an archive for further related articles.
Keywords: #phi4, Destruction Derby, Ghidra decompilation, GitHub, Hidden Palace podcast, PlayStation, Reflections logo, demo disc, game engine, interactive demo, last man standing, memory address, non-interactive preview, patch, playable demo, prototype build, time limit, vehicle combat
32bits.substack.com 7 days ago
|
1683.
HN
The Xkcd thing, now interactive, as jenga blocks
The tool described is an interactive visualization platform that allows users to view the dependencies of a GitHub repository represented as a 3D tower reminiscent of Jenga. Users can input a repository URL and explore its dependency tree through this creative interface, which also enables them to simulate pulling blocks from the structure. This feature tests the robustness or fragility of these dependencies in a visually engaging manner, drawing inspiration from XKCD comic #2347. The project is overseen by an individual based in northeastern Europe, who maintains its operation and development.
Keywords: #phi4, 3D tower, GitHub, Jenga, XKCD #2347, Xkcd, blocks, dependencies, dependency tree, fragile, interactive, repo, stack
jenga.symploke.dev 7 days ago
https://news.ycombinator.com/item?id=47230704 7 days ago
|
1684.
HN
Help us test WEBCAT alpha
WEBCAT (Web-Based Code Assurance and Transparency) has achieved its alpha release, offering a Firefox extension that enables users to verify client-side code integrity within web applications directly in their browsers. This tool ensures the security of served assets by checking them against a signed manifest before execution, thus guarding against server-side manipulations that could alter application behavior. Although currently incompatible with Chrome and Brave due to deprecated APIs, efforts are underway to expand its compatibility.
The alpha release encourages community involvement for testing and feedback, particularly focusing on its decentralized enrollment infrastructure. Users can try out the extension from the Mozilla Store and explore demo sites to assess its functionality. Developers considering WEBCAT integration should exercise caution, as significant changes may occur during this phase.
Collaboration with the Tor Project is advancing WEBCAT's compatibility with Tor Browser, especially for non-TLS encrypted transports like Onion services. Plans are in place to extend support for .onion domains and enhance the decentralized enrollment infrastructure further.
The project welcomes contributions from developers, community members, or organizations who can provide feedback, run parts of its infrastructure, or test scenarios where WEBCAT's features might fall short. Comprehensive information and documentation on the project are available at https://webcat.tech, including detailed enrollment procedures.
Keywords: #phi4, Chromium, Firefox, GitHub, Manifest V2 API, Mozilla Store, Sigstore-based signing, Sigsum signing, Tor Browser, WEBCAT, alpha release, browser extension, command-line tools, community feedback, decentralized infrastructure, server security, web applications, webcat-cli
securedrop.org 7 days ago
|
1688.
HN
Show HN: Restless – a CLI that discovers and maps APIs automatically
Restless is a Command-Line Interface (CLI) tool designed in Go to streamline the process of exploring and mapping unfamiliar APIs, making it ideal for engineers who need to quickly understand new systems without prior knowledge of the API's structure. It automates the discovery of API documentation, endpoints, authentication methods, and other critical components by probing and simulating requests, thereby facilitating an efficient understanding of an API’s architecture. Key features include the ability to probe endpoints, test HTTP methods, detect authentication boundaries, and observe real behavior. Restless provides valuable insights such as potential endpoints, supported HTTP methods, authentication hints, status behaviors, rate limits, schema stability, and inconsistent responses. The tool offers commands for probing APIs (`restless probe`), performing intelligent simulations (`restless smart`), and making direct requests to test specific endpoints. Installation is straightforward via Go using the command `go install github.com/bspippi1337/restless/cmd/restless@latest`, or users can clone the repository to build from source. Restless serves as a complement to existing tools like `curl`, `httpie`, Postman, and k6 by focusing specifically on the rapid comprehension of unknown APIs. Its active development is centered around enhancing probing heuristics, signal extraction, CLI stability, and packaging improvements. The tool is open-source under the MIT license, with its source code available on GitHub, where user feedback is encouraged to further refine its capabilities.
Keywords: #phi4, API, Active DevelopmentKeywords: CLI, Auth Boundaries, Authentication, Behavioural Simulation, CLI, Discovery, Endpoints, Exploration, GitHub, HTTP Methods, Heuristics, Installation, Minimal Noise, Probing, Rate Limits, Realistic Behaviour, Restless, Signals, Simulation, Smart Mode, Swagger/OpenAPI, Usage
github.com 7 days ago
https://api.github.com 7 days ago
|
1689.
HN
Anatomy of a Web3 Supply Chain Attack
The author details a supply chain attack experienced through the deceptive use of a fake Polymarket copy trading bot, which led to the draining of their wallet. The incident began with the download of what appeared to be a legitimate "polymarket-copy-bot-ts" repository from GitHub, during which the author unknowingly included their wallet credentials in a configuration file. A malicious NPM package named "keccak256-helper" executed the attack by using obfuscation techniques like control flow flattening to evade detection and silently extract private keys. This malware mimicked common Web3 tools as part of its social engineering strategy, confirming it operated in a real environment before sending credentials via an HTTP POST request to a remote server. Upon realizing the attack through dynamic analysis, the author intercepted this attempt and identified the Command and Control (C2) server involved.
The narrative underscores several key recommendations for enhancing security within Web3 environments: using burner wallets when testing bots, thoroughly examining GitHub repositories for suspicious files or functions, and being wary of judging a repository's legitimacy based on its star count. After reporting the findings to GitHub’s Trust & Safety team, the compromised repository was removed. The summary highlights the importance of vigilance concerning dependency management and private key security in Web3 ecosystems.
Keywords: #phi4, Bot, Dynamic Analysis, GitHub, Indicators of Compromise, Malicious Payload, NPM Dependencies, Obfuscation, Polymarket, Security, Supply Chain Attack, TypeScript, Wallet Drained, Web3
www.notesoncloudcomputing.com 7 days ago
|
1691.
HN
Show HN: I built a LLM human rights evaluator for HN (content vs. site behavior)
The creator developed Observatory, a tool leveraging large language models (LLMs) to evaluate Hacker News stories against the UN Universal Declaration of Human Rights. This initiative assesses both editorial content and site infrastructure for compliance with human rights provisions, using a metric called SETL (Structural-Editorial Tension Level) to quantify discrepancies between stated practices and actual actions, such as privacy claims versus tracking behaviors. The system employs the Fair Witness concept to separate factual information from inferences, ensuring transparency throughout its evaluations.
Observatory analyzes every front-page story on Hacker News for adherence to human rights standards, revealing a trend where many stories lack author identification and conflict of interest disclosures. It also identifies that tech coverage tends to be retrospective rather than proactive concerning human rights issues. A specific example highlighted is a story about media mistrust published on a site with questionable practices, which received a high SETL score.
The project is open for user feedback, acknowledging the potential for oversight despite using defensible evidence in evaluations. The codebase is available as open source, inviting collaboration from experts in fields like psychometrics, natural language processing (NLP), and human rights. This work underscores broader issues such as low transparency scores and stresses the urgency for the U.S. to ratify international economic and social rights covenants, particularly in light of advancements driven by AI technology. Further insights are available through companion posts and Observatory's website.
Keywords: #phi4, AI, Claude Code, Fair Witness, GitHub, HN, LLM, NLP, Observatory, SETL, TQ, Transparency Quotient, UN Universal Declaration of Human Rights, cognitive architecture, covenant, editorial channel, evaluator, free-tier pass, human rights, psychometrics, ratification, structural channel
observatory.unratified.org 7 days ago
|
1705.
HN
Slung: Stream processing runtime for autonomous systems
Slung is a cutting-edge stream processing runtime tailored for autonomous systems, aimed at simplifying data management at the edge by integrating stream processing, time series storage, and serverless compute into a cohesive, lightweight framework deployable directly on edge infrastructure. It addresses common challenges faced by engineers working with IoT data, such as complex pipelines that involve multiple services leading to high latency and elevated cloud costs, by providing a unified system that minimizes the need for extensive distributed systems expertise while significantly reducing expenses.
Key features of Slung include its integrated stack, which consolidates streaming, storage, and compute functions into a single binary, ensuring efficient performance with capabilities such as supporting over 1 million sustained writes per second and offering sub-millisecond cold starts through WebAssembly (Wasm). Its architecture incorporates a WebSocket ingestion layer, an MPSC ring buffer for handling live data streams, and a query domain-specific language (DSL) to facilitate effective querying. Slung's storage mechanism employs a series organized skip list memtable alongside a compact on-disk columnar format that leverages compression for enhanced efficiency. The compute layer utilizes a deterministic Wasm runtime capable of executing both live and historical queries.
The technology stack behind Slung is built using Zig, chosen for its performance optimization capabilities, suitability for edge computing, and simpler conceptual framework, complemented by a basic Rust SDK. Slung's use cases span various applications including IoT anomaly detection, financial tick processing requiring microsecond lookup speeds, and real-time analytics that eliminate the dependency on cloud services. These applications particularly benefit from Slung’s capacity to deliver low latency and high data throughput at the edge.
Currently, Slung is available as an open-source project under the Apache 2.0 license, hosted on GitHub, inviting developers to contribute to its development or engage with its roadmap. By streamlining complexity and reducing costs associated with traditional distributed stream processing systems, Slung enhances capabilities for handling high-frequency data and IoT applications effectively.
Keywords: #phi4, Apache 20, Bloom filters, Delta compression, Flink, GitHub, Gorilla compression, IoT data, Kafka, Lambda, MPSC ring buffers, Redis, Rust, Slung, TSDB, Timescale, Wasm, WebSocket, Zig, anomaly detection, autonomous systems, edge computing, financial tick processing, real-time analytics, stream processing, workflow engine
slung.tech 7 days ago
|
1710.
HN
The Lobster Programming Language
The Lobster Programming Language is designed for rapid development in game and graphical applications, combining static typing and compile-time memory management with a concise syntax. It is open-source under the Apache v2 license and available on GitHub. Key features include flow-sensitive type-inference, lightweight anonymous functions, vector operations, unified overloading, immutable structs, and efficient multi-threading without global interpreter locks or race conditions. Lobster supports both Just-In-Time (JIT) execution and compilation to C++, offering performance benefits with a graphical debugger and dynamic code loading.
The language is user-friendly, utilizing Python-style indentation syntax influenced by C, and provides extensive game development libraries through its engine. This includes OpenGL/SDL integration, cross-platform compatibility, and built-in functionalities like pathfinding and GUI creation. Lobster's flexible syntax for functions and blocks emphasizes type inference and specialization similar to C++ templates, supporting custom data types with optional inheritance, overloading, and dynamic dispatch.
In graphics, Lobster simplifies rendering tasks akin to game engines, facilitating operations through OpenGL and providing built-in functions for 2D/3D vector manipulations. The language supports complex algorithms such as the Sierpinski fractal. Users can access detailed documentation on GitHub or engage with the community via Discord, Gitter, or Facebook for further support and information.
Keywords: #phi4, 2D/3D graphics, A* pathfinding, C++ integration, GitHub, ImGui support, JIT compilation, Lobster, Open Source, OpenGL, Python-style indentation, SDL, compile-time memory management, dynamic dispatch, functional style, game programming, graphical interface, immutable structs, lightweight syntax, modular extendability, multi-threading, recursion, reference counting, sierpinski algorithm, static typing, type inference, vector operations
strlen.com 7 days ago
|
1713.
HN
Show HN: Webact – token-efficient browser control for AI agents (GitHub)
Webact is an innovative tool designed to enable AI agents to efficiently control Chromium-based browsers through the Chrome DevTools Protocol (CDP). It addresses the challenge of excessive token consumption encountered in other similar tools by offering direct interaction with Chrome, thus eliminating dependencies on heavier frameworks like Playwright that generate extensive accessibility trees or DOM dumps. Instead, Webact provides a succinct "page brief," significantly reducing the tokens needed to perceive and act within web pages.
One of its standout features is its lightweight nature, encapsulated in a single JavaScript file (~196KB) with no additional dependencies. It facilitates isolated session management by assigning unique IDs for each agent invocation, allowing multiple agents to operate concurrently without interference. The tool also provides a comprehensive command interface that supports various browser actions such as navigation, interaction (clicking and typing), and content retrieval (DOM elements, screenshots). This interface is designed to be token-efficient, delivering concise outputs (about 200 characters) rather than bulky raw HTML data, focusing on semantic trees or specific targeted elements.
Webact integrates smoothly with a variety of AI agents that adhere to the Agent Skills specification and utilizes existing Chrome sessions to maintain user logins and cookies. Installation is straightforward via `npx skills add kilospark/webact`, offering commands for basic navigation (like navigating back and forth), interaction, content retrieval, and session management.
In comparison to Playwright-based tools, Webact provides direct CDP access with much lower overhead (196KB compared to ~200 MB+ for Playwright) and leverages existing Chrome sessions rather than requiring bundled Chromium. This results in significantly fewer tokens used for similar tasks due to its compact data outputs.
Webact is particularly beneficial in scenarios where minimal setup is desired, employing a real browser session that retains user authentications. It is ideal for environments needing low token overhead while providing direct control over personal Chrome instances. The tool operates under the MIT license and requires a Chromium-based browser (like Google Chrome or Microsoft Edge) and Node.js, which can be auto-detected on supported platforms or set manually using `CHROME_PATH`.
Keywords: #phi4, AI agents, CDP, Chrome DevTools Protocol, Chromium-based browsers, DOM, GitHub, Nodejs, Playwright, WebSocket, Webact, accessibility tree, browser control, token-efficient
github.com 7 days ago
https://github.com/vercel-labs/agent-browser 7 days ago
|
1730.
HN
Seltani: An online, shared, text-based, open-source fan project based on Myst
Seltani is a collaborative, open-source online platform inspired by the Myst series, introduced in 2013 as a text-based fan project designed to merge interactive fiction with choice-driven gameplay. Created from the developer's passion for text adventures and desire for a multiplayer, all-text Myst experience, Seltani uses a wiki-like interface that incorporates programming elements, allowing users to build and explore narrative worlds collaboratively without relying on complex graphics. The platform enables players to create dynamic "Ages" with editable properties through Python-syntax actions, offering both shared multi-player experiences and private solo adventures. While still in development with many features yet to be added, Seltani has garnered user engagement through player-created Ages, showcasing its potential for innovative online worldbuilding beyond its Myst roots into various thematic areas.
Keywords: #phi4, Ages, CYOA, D’ni language, Github, HTML, Inform 7, Javascript, MMO, Myst, Python syntax, Seltani, Twine, Zork, fan project, interactive fiction, multiplayer, parser-based, world-building
eblong.com 7 days ago
https://mystonline.com/en/ 7 days ago
|
1743.
HN
GitHub Top Code Dataset: 1.3M+ code files from GitHub's top ranked developers
The GitHub Top Code Dataset offers a comprehensive collection of over 1.3 million source code files contributed by approximately 4,700 top-ranked developers on GitHub from 2015 to 2025. This dataset excludes configuration files and documentation but encompasses a variety of programming languages such as Python, JavaScript, and Rust under permissive licenses like MIT and Apache-2.0. Each file entry is enriched with detailed metadata that includes repository specifics, developer information, and language classifications, determined by both file extensions and GitHub's primary detection methods. The dataset is strategically divided into training (90%), testing (5%), and validation (5%) segments based on repositories to ensure no data leakage occurs during model development processes, thereby supporting robust machine learning applications.
Keywords: #phi4, GitHub, data leakage prevention, data leakage prevention Keywords: GitHub, dataset, developers, file extension, language detection, metadata, permissive licenses, programming languages, repositories, schema, source code, train-test-validation splits
huggingface.co 8 days ago
|
1747.
HN
Linux perf Examples
The document provides a comprehensive overview of `perf`, formerly known as Performance Counters for Linux (PCL), emphasizing its utility in performance profiling and troubleshooting within the Linux environment through various events available in the Linux kernel. `Perf` leverages both hardware and software events, including CPU utilization metrics like cycles and instructions executed, as well as tracepoints and dynamic tracing mechanisms such as kprobes and uprobes.
Key features of `perf` include event-oriented profiling that supports a broad spectrum of tracing options—ranging from hardware events to user-defined static tracing points (USDTs) and kernel/user-space probes. The tool facilitates comprehensive performance monitoring through commands for listing available events, quick profiling with one-liners, detailed reporting via stack traces and flame graphs, and dynamic instrumentation for creating new tracepoints.
For effective usage, it's crucial to manage symbols and stack tracing accurately, which may require ensuring debug symbol availability for both kernel and user applications. Additionally, users should be aware of the potential overhead associated with high sampling rates during profiling sessions.
The document also explores performance testing using tools like `dd`, `perf`, and `strace` on a Linux system to evaluate execution speeds under various conditions. It highlights significant differences in speed between these tools, noting that while `perf` introduces moderate slowdowns, `strace` can dramatically increase overhead due to its extensive syscall tracing capabilities. Recent `perf` enhancements incorporate BPF support to mitigate some of this overhead.
Furthermore, the text delves into process and network connection tracing using `perf`, detailing how it captures processes initiated by commands like `man ls` or tracks outbound connections from SSH sessions. It also discusses socket buffer consumption tracking via `perf probe`, showcasing both kernel and user-level insights.
The integration of eBPF with `perf` is highlighted as a significant advancement, beginning with Linux 4.10, enabling dynamic function tracing such as `tcp_sendmsg()` directly in the kernel. This development has improved programmability within `perf` despite initial complexities, with tools like bcc providing more accessible interfaces for eBPF functionalities.
Lastly, the document introduces features such as `perf sched script`, which records scheduler events for direct instrumentation, and `perf sched replay`, used to simulate workloads by spawning threads based on recorded scheduler data. These features are valuable for in-depth performance analysis and testing but have limitations in fully replicating real-world conditions.
Overall, the text underscores the power of `perf_events` as a versatile toolset for Linux performance analysis and debugging, capable of delivering deep insights into system activities across various layers through comprehensive event tracing capabilities. The document concludes by noting prerequisites for using these features, including having at least Linux 4.4 and Clang installed, alongside providing an example of BPF usage with `perf` to trace specific kernel functions efficiently.
Keywords: #phi4, BPF support, CPU cache, GitHub, IBS, LPE, Linux, PCL, PEBS, TCP retransmits, cacheline false sharing, context switches, dynamic tracing, eBPF, ftrace, hardware events, kernel tracepoints, kprobes, memory I/O, observability, overhead, perf record, perf stat, perf_events, profiler, software events, stack traces, syscalls, timed profiling, troubleshooting, uprobes, workload simulation
www.brendangregg.com 8 days ago
|
1750.
HN
GitHub Is Having Issues
GitHub is currently facing challenges with its Copilot and Actions services, leading to intermittent degraded performance across various platforms such as Git Operations, Webhooks, API Requests, Issues, Pull Requests, Codespaces, and Copilot. As investigations continue, users are encouraged to stay informed through multiple subscription options available on GitHub's Status page, powered by Atlassian Statuspage. These notifications include email alerts for incident creation, updates, or resolution; SMS notifications requiring phone number verification for global text message updates; Slack integration for receiving direct messages about incidents and maintenance in a workspace; and webhooks that send customizable updates to user-defined URLs upon any changes in incident status or component functionality. As of the latest update on March 3, 2026, some services are beginning recovery while full resolution efforts persist. To receive these notifications, users must consent to GitHub's privacy policies and terms of service.
Keywords: #phi4, API, Actions, Availability, Codespaces, Copilot, Degraded, Email, Git Operations, GitHub, Incident, Investigation, Issues, Mitigation, Notifications, Performance, Privacy Policy, Pull Requests, Recovery, SMS, Services, Status, Subscriptions, Updates, Webhooks, reCAPTCHA
www.githubstatus.com 8 days ago
https://en.wikipedia.org/wiki/Pauli_effect 8 days ago
https://github.com/nektos/act 8 days ago
https://news.ycombinator.com/from?site=githubstatus.com 8 days ago
https://www.cloudflarestatus.com/ 8 days ago
https://status.openai.com/ 8 days ago
https://www.reddit.com/r/ProgrammerHumor/comments& 8 days ago
https://news.ycombinator.com/item?id=47230704 8 days ago
https://mrshu.github.io/github-statuses/ 8 days ago
https://news.ycombinator.com/item?id=47237018 8 days ago
https://www.windowscentral.com/microsoft/using-ai-is-no 8 days ago
https://thenewstack.io/github-will-prioritize-migrating-to-a 8 days ago
https://mrshu.github.io/github-statuses 8 days ago
https://duggan.ie/posts/self-hosting-git-and-builds-wit 7 days ago
https://news.ycombinator.com/item?id=46734553 7 days ago
https://news.ycombinator.com/item?id=46268265 7 days ago
https://www.githubstatus.com/incidents/n07yy1bk6kc4 7 days ago
https://www.githubstatus.com/incidents/lcw3tg2f6zsd 7 days ago
https://github.blog/tag/github-availability-report/ 7 days ago
https://matrix.to/#/#codeberg-space:matrix.org 7 days ago
https://github-incidents.pages.dev/ 7 days ago
|
1752.
HN
GitHub Is Degraded
The text addresses a potential problem with GitHub's availability, indicating that users might be facing downtime or degraded performance. To manage this situation, it advises individuals to utilize status-checking tools such as the outage tracker provided by "Updog by Datadog." These resources allow users to verify if there is an actual disruption in service and keep informed about any current or ongoing issues with GitHub's functionality, thereby ensuring they can respond appropriately to potential interruptions.
Keywords: #phi4, Datadog, Degraded, Down, GitHub, Outage, Tracker, Updog
updog.ai 8 days ago
https://www.datadoghq.com/blog/updog-ai/ 4 days ago
|
1753.
HN
Tell HN: GitHub Having Issues
GitHub is currently facing an outage that disrupts its core functionalities, specifically affecting the ability of users to load files and create new repositories. This interruption marks a significant setback for developers relying on GitHub's services, as it hampers essential activities like accessing project files and initiating new development projects. The incident contributes to a series of service disruptions experienced by users, underscoring ongoing challenges with platform reliability that impact productivity and workflow continuity in software development communities dependent on GitHub.
Keywords: #phi4, GitHub, create, disruption, files, issues, loading, outage, problems, repos, service, technical
news.ycombinator.com 8 days ago
https://www.githubstatus.com 8 days ago
https://status.gitlab.com/ 8 days ago
https://mrshu.github.io/github-statuses/ 8 days ago
https://www.githubstatus.com/incidents/n07yy1bk6kc4 8 days ago
https://updog.ai/status/github 8 days ago
https://www.businessinsider.com/github-ceo-developers-embrac 8 days ago
https://news.ycombinator.com/item?id=47237088 8 days ago
|
1757.
HN
Deprecate confusing APIs like "os.path.commonprefix()"
The `os.path.commonprefix()` function in Python has been notorious for causing confusion and security vulnerabilities due to its misleading placement within the `os.path` module, which implies it is intended for path manipulation. Contrary to expectations, this function compares strings character-by-character instead of segment-by-segment, leading to unexpected results when applied to file paths. Despite documentation improvements since 2002, the misuse continued and resulted in security issues in prominent projects such as pip and SecureDrop.
In response to these persistent problems, Seth Larson has proposed deprecating `os.path.commonprefix()` to prioritize user safety over backward compatibility. He has submitted pull requests aimed at enhancing documentation and plans to officially deprecate the function starting with Python 3.15. Additionally, a new function, `os.path.commonpath()`, was introduced to provide accurate path segment comparisons.
Larson's efforts underscore the necessity of improved API labeling and the development of static code analysis tools to identify and mitigate such programming pitfalls, often referred to as "footguns." Tools like Ruff, a widely-used Python formatter, contribute to these ongoing improvements aimed at enhancing security within the Python ecosystem. This initiative reflects broader efforts to bolster security through better tooling and clearer API design.
Keywords: #phi4, APIs, CVE-2026-1703, Deprecation, GitHub, HTTPPasswordMgr, PyPI, PyPIKeywords: Deprecation, Python Software Foundation, Ruff, SecureDrop, Trellix, backwards compatibility, commonpath(), confusion, documentation, is_within_directory(), labeling, misuse, ospathcommonprefix(), path traversal, pip vulnerability, security issues, static code analysis, tarfile module
sethmlarson.dev 8 days ago
|
1763.
HN
Show HN: OpenMandate – Declare what you need, get matched
OpenMandate is a platform developed by Raj to streamline the process of finding professional matches by automating candidate searches based on declared needs and offerings, such as a senior engineer seeking a cofounder. This system eliminates traditional networking methods by using an automated agent to identify compatible candidates from a private pool. The service maintains confidentiality throughout interactions until both parties reach mutual agreement, thus ensuring privacy unless a match is confirmed. OpenMandate operates under the domain openmandate.ai and offers installation options via pip or npm. It employs an MCP server that enables compatibility with clients like Claude Code and Cursor. Additionally, the project’s source code is publicly available on GitHub for access by developers.
Keywords: #phi4, Claude Code, Cursor, GitHub, MCP server, OpenMandate, Raj, agent, backend engineer, climate tech, cofounders, declare needs, distributed systems, engagement, hires, job search, match finding, network building, no profiles, pool, privacy, private by default, senior engineer
openmandate.ai 8 days ago
|
1775.
HN
Show HN: Free Math Sheets – Generate math worksheets for K-5 problems
The "Free Math Sheets" project offers an open-source platform that generates PDF worksheets specifically for math practice, targeting students from kindergarten through fifth grade. This tool allows users to customize worksheets by choosing the desired grade level, skill focus, and number of problems without requiring any sign-up or login process. Each generated worksheet comes with a corresponding answer sheet for convenience. Looking ahead, the creator intends to rectify existing issues within the application and broaden its content to include higher educational levels. To further enhance this tool, user contributions and feedback are encouraged. Additional details about the project can be found on its GitHub page at [GitHub](https://github.com/sophikos/free-math-sheets).
Keywords: #phi4, Answer Sheet, Contribution, Fork, Free Math Sheets, Generate Worksheets, GitHub, Grades K-5, Higher Levels, Issues, K-5 Problems, Math Practice, No Login/Signup, Open Source Project, PDF Worksheet
www.freemathsheets.com 8 days ago
|
1780.
HN
Show HN: Xenith.ai – Web Assembly Based Voice Assistant with WebLLM/Whisper/VITS
Xenith.ai represents an innovative web-based voice assistant platform that operates entirely within a browser environment using Web Assembly technology. It integrates several advanced technologies, including WebLLM for language processing, Whisper.cpp WASM for speech-to-text conversion, Silero VAD for voice activity detection, and VITS TTS for text-to-speech synthesis. The use of Web GPU enables these functionalities to run locally within the browser, positioning Xenith.ai as an experimental model for local AI applications without server dependencies. Users have the capability to customize their voice assistants by defining specific wake words, selecting preferred language models, and adjusting voice settings, providing a personalized experience. For further exploration and technical insights into this project, Shane Duffy's blog on shaneduffy.io offers additional details. The platform is accessible through xenith.ai, with its open-source code hosted on GitHub at xenith-ai/xenith, encouraging community engagement and development.
Keywords: #phi4, Browser AI, GitHub, Language model, PoC (Proof of Concept) Keywords: Xenithai, Proof of Concept, Silero VAD, Technical details, VITS TTS, Voice Assistant, WASM, Wake word, Web Assembly, WebLLM, Whispercpp, Xenithai
xenith.ai 8 days ago
|
1784.
HN
Show HN: TicketToPR, an open source tool that turns Notion tickets into PRs
TicketToPR is an open-source Command Line Interface (CLI) tool that facilitates converting Notion tickets into GitHub pull requests, streamlining the development workflow for teams using Notion as a task management system. It integrates with Claude Code AI agents to automate various stages of the process, from ticket evaluation to PR generation, while adhering to predefined rules specified in `CLAUDE.md`. TicketToPR is designed to run locally on developers' machines without requiring any hosted services and allows for integration within existing development environments like Integrated Development Environments (IDEs) and Git workflows.
The tool supports AI-powered automation by utilizing Claude agents to score the feasibility of tasks, write code, validate builds, and generate pull requests. Developers can customize execution parameters, including blocked files and constraints, ensuring flexibility in how tasks are handled. Furthermore, TicketToPR is cost-efficient with a free tier for basic operations, providing transparency regarding task costs.
The workflow involves writing tickets in Notion and moving them through different columns (Backlog, Review, Scored). During the Review phase, AI agents score ticket feasibility and generate specifications, while the Execute phase sees AI creating branches, implementing code, and opening PRs after build validation. Developers then review these pull requests before merging them.
TicketToPR is intended for simple tasks like endpoint scaffolding, environment configurations, and minor refactoring, but it is not suitable for complex architectural decisions or tasks requiring significant human judgment. Installation involves using `npm install -g ticket-to-pr`, followed by an interactive configuration setup to link Notion with the tool and define project parameters. Developers can execute commands such as `ticket-to-pr --once` for task execution or `ticket-to-pr doctor` for diagnostics.
The benefits of TicketToPR include minimizing context-switching between planning, coding, and review phases, maintaining a detailed audit trail in Notion, and supporting continuous integration by operating as a background service. Overall, TicketToPR aims to assist developers in efficiently managing backlogs while retaining control over the development process through human oversight.
Keywords: #phi4, CLI tool, Claude Code AI, Git workflow, GitHub, Notion, Notion API, PRs, TicketToPR, TypeScript, audit trail, build validation, codebase review, database properties, open source, project management
github.com 8 days ago
|
1792.
HN
Lilaq: Advanced Data Visualization in Typst
Lilaq is a sophisticated plotting library tailored for Typst, aimed at producing graphics that are ready for publication while providing real-time preview features. Its ease of learning and seamless integration into Typst documents make it highly accessible. The library ensures consistent styling across visuals and interoperates effectively with Zero, enhancing its functionality with robust configuration options. Lilaq supports a variety of plot types and includes comprehensive tutorials as well as an anatomy guide to assist users in creating intricate diagrams. Users are encouraged to support the development and continuation of this project through GitHub sponsorship, contributing to its ongoing advancement.
Keywords: #phi4, GitHub, Lilaq, Typst, Zero configuration, diagram, documents, graphics, integration, interoperability, learn, plot types, plotting library, real-time preview, sponsorship, styling, tutorials
lilaq.org 8 days ago
|
1801.
HN
Show HN: SEL Deploy – Tamper-evident deployment timeline (Ed25519, hash-chained)
SEL Deploy is a tool designed for creating a secure and verifiable deployment timeline using cryptographic methods like Ed25519 signatures and hash chaining. It ensures each deployment event is recorded as an attestation that maintains the integrity of the chain, making unauthorized changes easily detectable. This feature provides clarity in investigating incidents by detailing what was deployed prior to any issues. The tool operates entirely on a local setup, leveraging SEL Core for its deterministic engine functionalities. Notably, it comes under the MIT license and does not include Software as a Service (SaaS) features. Users can interact with the tool through commands like `sel-deploy run` to apply configurations and log deployment hashes linked sequentially, or `sel-deploy verify` to check chain integrity, which will highlight any tampering by displaying mismatches that break the chain. Additional resources and demonstrations are accessible on GitHub.
Keywords: #phi4, Ed25519, GitHub, MIT licensed, SEL Core, SEL Deploy, chain, cryptographically-signed attestation, deployment timeline, deterministic engine, hash mismatch, hash-chained, kubectl apply, local, localKeywords: SEL Deploy, post-mortem, tamper-evident, verify
news.ycombinator.com 8 days ago
|
1802.
HN
Why glibc is faster on some GitHub Actions Runners
An investigation at CodSpeed identified unexpected performance regressions in benchmarks due to unrelated code changes within GitHub Actions Runners, primarily caused by differences in CPU architectures between Intel and AMD processors. These discrepancies affected glibc's malloc implementation, which utilizes hardware-specific optimizations. Key findings highlighted that identical binary hashes produced varying benchmark results across different CPUs, revealing non-deterministic behavior linked to differing cache sizes and CPU features of the Intel Xeon Platinum 8370C and AMD EPYC 7763 processors, impacting memory allocation efficiency.
To address these issues, solutions proposed include using GitHub Large Runners or CodSpeed Macro Runners for consistent CPU usage during benchmarks. Another solution involves disabling GLIBC feature detection via environment variables, though it is deemed impractical for long-term maintenance. Alternatively, modifying callgrind to "spoof" CPU features may provide a more stable benchmarking environment by standardizing the virtual CPU's capabilities.
The study emphasizes the significance of controlling environmental factors in benchmarking processes to ensure reliable performance assessments. CodSpeed plans to implement solutions that accommodate hardware variability, thereby enhancing benchmark stability and regression analysis accuracy.
Keywords: #phi4, CPU features, Callgrind, CodSpeed, GLIBC_TUNABLES, GitHub Actions, Valgrind, benchmarks, cache sizes, environment stability, glibc, performance regressions, variance, virtual CPU
codspeed.io 8 days ago
|
1808.
HN
A [Firefox, Chromium] extension that converts Microsoft to Microslop
"Microslop" is a browser extension available for Firefox and Chromium-based browsers that humorously alters Microsoft-related terms into playful versions. For example, "Microsoft" becomes "Microslop," "Satya Nadella" turns into "Slopya Nuttela," and "artificial intelligence" transforms into "Actually Indians." The extension also allows users to customize further by changing names like "Copilot" to "Slopilot" and "OneDrive" to "CloudTumor." These features are enabled by default but can be adjusted according to user preference. With 76 reviews, the extension boasts a perfect rating of 5 stars from its users. Notably, it does not collect any data, ensuring privacy while operating under an MIT License. The developer encourages community contributions via GitHub for more term suggestions. Released on January 24, 2026, and last updated a month prior to this date, the extension requires permissions to access user data across all websites.
Keywords: #phi4, Artificial intelligence, Chromium, Copilot, Firefox, GitHub, MIT License, Microsoft, OneDrive, Satya Nadella, add-on links, categories, data collection, extension, language options, license, permissions, reviews, version history
addons.mozilla.org 8 days ago
https://www.windowslatest.com/2026/03/02/micr 8 days ago
https://news.ycombinator.com/item?id=47216047 8 days ago
https://news.ycombinator.com/item?id=46490908 8 days ago
https://addons.mozilla.org/en-US/firefox/addon� 8 days ago
|
1809.
HN
How do I market myself as a freelance Backend/Infrastructure engineer?
The individual is seeking guidance on effective self-marketing strategies as a freelance Backend/Infrastructure engineer beyond merely submitting resumes. They are interested in proactive methods to improve their prospects of securing contracts, acknowledging the challenge that backend roles lack the visual portfolio showcase common for frontend developers. This concern stems from recent experiences navigating the contract market, where traditional resume submissions have proven insufficient in capturing potential opportunities and distinguishing their skills effectively. The individual is exploring alternative strategies tailored specifically to highlight their technical capabilities and professional value within the backend/infrastructure domain, aiming to enhance visibility and attractiveness to prospective clients.
Keywords: #phi4, Backend, Blogging, Case studies, Certifications, Contract, Engineer, Freelance, GitHub, Infrastructure, LinkedIn, Networking, Portfolio, Projects, Resume, Technical skills, Testimonials
news.ycombinator.com 8 days ago
|
1812.
HN
Show HN: Readme badge to quickly find related open source repos
The post introduces a new README badge from Related Repos designed to help developers discover open-source projects related to their own work. This badge serves as an easily integrable tool for GitHub project maintainers who can incorporate it into their repository's README by using a provided code snippet and replacing specific placeholders with their username and repository name. Upon integration, the badge links users directly to a platform where they can explore repositories that are either complementary or alternative to their current projects, fostering new ideas and collaborations. The example given for implementation is "github.com/octocat/hello-world," which demonstrates how adding the badge grants users quick access to similar open-source initiatives. Interested parties can find more information on this functionality at the official site, with the badge URL being https://relatedrepos.com/badge.
Keywords: #phi4, GitHub, Readme badge, Show HN, alternative packages, application building, complementary packages, developers, discover projects, example, hello-world, neighborhoods, new ideas, octocat, open source, owner, project maintainers, repo, repos, repository name, snippet, username
relatedrepos.com 8 days ago
|
1813.
HN
Free Software Needs Free Tools: Making Your Project Open
The presentation underscores the significance of adopting free software tools in open source initiatives, arguing that reliance on proprietary platforms such as Slack or GitHub contradicts core open source principles by excluding potential contributors and entangling communities within corporate infrastructures. It critiques prevalent rationalizations for using these tools—mainly convenience—and urges project maintainers to contemplate how such decisions may restrict their community's autonomy and inclusivity. By advocating incremental shifts towards open alternatives, the presentation seeks to fortify the open source ecosystem, lessen dependency on major technology companies, and foster projects that are more resilient and inclusive. The audience is encouraged to critically evaluate their choice of tools and to support options that align with Free and Open Source Software (FOSS) principles, prioritizing community control and involvement.
Keywords: #phi4, Community-owned Infrastructure, Critical Thinking, FOSS, Free Software, Free Tools, GitHub, Inclusive Projects, Notion, Open Alternatives, Open Source, Project Maintenance, Proprietary Platforms, Resilient Projects, Slack, Tech Giants, Trade-offs, Zoom
cfp.cfgmgmtcamp.org 8 days ago
https://lwn.net/SubscriberLink/1060649/f0e94c3b1b4 7 days ago
|
1815.
HN
Deploy from GitHub Actions without Storing Secrets (Using OIDC)
The article explores deploying applications securely using GitHub Actions by integrating OpenID Connect (OIDC), thereby eliminating the need to store sensitive API tokens. This approach enhances security by allowing deployment requests from GitHub to be authenticated directly through OIDC. The process involves configuring a GitHub workflow, which includes setting `id-token: write` permission and retrieving an ID Token via a curl request that utilizes environment variables like `ACTIONS_ID_TOKEN_REQUEST_TOKEN` and `ACTIONS_ID_TOKEN_REQUEST_URL`. This token is then used as a bearer token in API calls for deployment authorization.
On the server side, it's essential to verify that the received ID Token has been signed by GitHub, ensuring its authenticity. The claims within the token, such as repository details and commit information, are validated against expected values to confirm the legitimacy of the deployment request. This method allows metadata extraction directly from the token, which streamlines the deployment process by negating the need for separate service and commit parameters.
The article provides an example implementation using JavaScript with the `jose` library to verify tokens against GitHub’s public keys while ensuring specific claims such as repository ownership and issuer authenticity are checked. The ID Token itself contains critical claims including actor, repository, and workflow details, which are utilized both for validating the request's integrity and guiding deployment logic.
Additionally, OIDC is highlighted for its versatility and broad support among cloud service providers, offering a secure yet straightforward alternative to traditional secret management methods. This not only simplifies authentication processes but also provides substantial security benefits by reducing dependency on long-lived tokens that could be vulnerable if compromised. The article underscores the advantages of using OIDC with GitHub Actions, promoting it as an efficient and secure method for application deployments without the need to manage stored secrets.
Keywords: #phi4, API, GitHub Actions, ID Token, JWT, OIDC, actions, actor, aud, authorization, claims, cloud providers, curl, deploy, deployment, endpoint, exp, iat, iss, jose, jwks, jwtVerify, metadata, permissions, ref, repository, secrets, server, sha, sub, token, verification, workflow, workflow_shaKeywords: GitHub Actions
www.even.li 8 days ago
|
1819.
HN
Show HN: LGTMeme – AI-generated memes for your pull requests
LGTMeme is an innovative GitHub bot designed to infuse humor into the code review process by generating AI-based memes for pull requests (PRs). Leveraging PR metadata such as titles, labels, and commit messages, the bot selects suitable meme templates and creates captions that are contextually relevant. These memes are then posted in comments on the PR without accessing the actual code, thereby maintaining privacy. The tool is free to use for public repositories and includes a generous allowance of 25 memes per month per repository on its free tier. LGTMeme aims to make the review process more enjoyable and efficient, with promises of rapid meme delivery that outpaces even continuous integration tests, inviting users to experience enhanced engagement in their code reviews.
Keywords: #phi4, AI-generated memes, CI speed, Distracted Boyfriend, Drake, GitHub, PR metadata, PR safety, bot, caption generation, code reviews, context-aware, free tier, humor, meme templates, prompt engineering, pull requests
lgtmeme.com 8 days ago
|
1829.
HN
AutomaDocs – AI-powered documentation that stays in sync with your code
AutomaDocs is an innovative AI-powered platform designed to streamline the generation and maintenance of code documentation for GitHub repositories. By automatically updating documentation, it ensures consistency with any changes made within the codebase, thus enhancing efficiency and accuracy in project management. The functionality relies on having JavaScript enabled in the browser to operate effectively. Alongside its core features, AutomaDocs provides users with resources such as support contact options and access to a privacy policy, ensuring comprehensive user engagement and transparency.
Keywords: #phi4, AI-powered, AutomaDocs, GitHub, JavaScript, code, comprehensive, documentation, generates, maintains, platform, privacy policy, repositories
automadocs.com 8 days ago
|
1833.
HN
Show HN: Pricore: an open-source private Composer registry (now in public beta)
Pricore serves as an innovative open-source, self-hosted private Composer registry tailored for PHP teams, leveraging Laravel to offer a comprehensive solution to the limitations posed by version control system (VCS) repositories for managing private packages. As it enters public beta with an Apache 2.0 license, Pricore provides a robust Composer v2 registry that users can deploy on their own servers. The platform is designed for ease of setup using Docker, taking only about 60 seconds to initialize, and supports advanced features such as mirroring GitHub/GitLab repositories and automatic updates through webhooks, eliminating the need for manual rebuilds.
A key aspect of Pricore's functionality includes token-based authentication and a web dashboard that facilitates efficient package management. It enhances real-time interactions with support for WebSockets and Composer v2 metadata-url, ensuring packages are resolved quickly while allowing granular per-package access control. For teams disinclined to manage their own hosting environments, Hosted Pricore offers a fully managed registry service as an alternative.
Designed with Laravel familiarity in mind, Pricore prioritizes seamless dependency management free from external dependencies. The project invites community engagement and contributions under the open-source Apache License 2.0. Further details on installation and usage are accessible via its GitHub page and blog post, where the team actively seeks feedback and questions to foster community-driven development.
Keywords: #phi4, Apache 20, Composer, Docker, Git repositories, GitHub, GitLab, Laravel, PHP, Pricore, contributions, license, managed registry, metadata-url, open-source, private packages, security, self-hosted, token-based auth, web dashboard, webhook-driven updates
github.com 8 days ago
|
1842.
HN
Show HN: ChatGPT gets your prompt before you hit send
The article highlights a privacy issue with AI chat websites such as ChatGPT, where JavaScript on these sites can capture and transmit users' keystrokes to the server before they hit "send." This capability stems from how certain web features function rather than being a security vulnerability. To mitigate this concern, an extension named ChatWall is introduced. ChatWall provides a secure text editor overlay for composing messages, creating an isolated environment on the user's browser where sensitive information (such as names or emails) is anonymized using tokens before being sent to the chat input field. This ensures that only masked data reaches the host site, thereby enhancing privacy by preventing scripts from accessing keystrokes when in secure mode. Additionally, ChatWall's open-source nature allows for transparency and verification, offering users a verifiable means of protecting their privacy while interacting with such platforms.
Keywords: #phi4, ChatGPT, ChatWall, DevTools, GitHub, JavaScript, PII, Trust page, auto-completion, browser-extension, client-side, keystrokes, overlay, privacy tools, secure editor, third-party scripts, tokens
chatwall.io 8 days ago
|
1871.
HN
Building an Autonomous SRE Team with AI Agents: A 5-Day Experiment
In a five-day experiment led by Beniamin Calota, an autonomous Site Reliability Engineering (SRE) team comprising four AI agents was developed with the goal of provisioning infrastructure on two mini-PCs equipped with Proxmox. The team included a planner, executor, security reviewer, and validator, all coordinated via Redis, using real hardware tools like Terraform and Ansible to explore if AI could independently set up a Kubernetes cluster without human input.
The experiment faced notable challenges in autonomous operations:
1. **Context Drift**: The initial goal of deploying a Kubernetes cluster shifted toward managing firewalls due to plan deviations.
2. **Emergent Dysfunction**: Interactions among agents caused repetitive approval loops, decision paralysis via option menus, and message leaking that confused internal thoughts with external actions.
3. **Tool Comparison**: Gemini 3 Pro was utilized for infrastructure building, while Claude Code identified structural bugs, demonstrating greater diagnostic depth by tracing root causes compared to Gemini’s symptom-focused analysis.
Despite extensive dialogue generation and configuration file creation, no virtual machines or Kubernetes clusters were deployed, highlighting a gap between planning and execution linked to debugging challenges, memory management issues, and the need for refined agent calibration for security. The experiment highlighted the necessity of integrating AI capabilities with human-like hypothesis testing for effective troubleshooting. The project remains open-source, encouraging further exploration into autonomous AI operations to identify additional failure modes.
Keywords: #phi4, AI Agents, Ansible, Autonomous SRE, Context Drift, Diagnostic Depth, GitHub, Kubernetes, LLMs, LangChain ReAct, Multi-Agent Systems, Proxmox, Redis, Security Sentinel, Terraform
medium.com 8 days ago
|
1876.
HN
Npmx: a fast, modern browser for the NPM registry
NPMX.dev is a modern browser for the npm registry launched on March 3, 2026, designed to streamline the management of npm packages by offering enhanced speed and simplicity. Developed by Daniel Roe, it provides crucial information such as install size, module format, and dependency warnings to assist users in making informed decisions. The platform quickly gained traction within the community, evidenced by over 1000 issues and pull requests within two weeks, thanks to its emphasis on open development, accessibility, and internationalization.
The tool allows users to search for npm packages, view detailed information including download statistics, and interact with social features such as liking packages. It supports multiple repository providers and resolves version range issues while offering integration with demo environments from package READMEs. Available in 19 languages, NPMX is designed to enhance the browsing experience for open-source developers by actively incorporating their feedback into its development.
Community-driven development at NPMX encourages contributions from both novice and experienced developers through a structured contribution guide. As it progresses towards beta, user feedback will play a crucial role in shaping its future features. Contributors can engage with the project via platforms like chat.npmx.dev, GitHub issues, or by submitting pull requests, while staying updated through Bluesky.
Keywords: #phi4, CodeSandbox, ESM/CJS, GitHub, StackBlitz, accessibility, alpha, beta, browser, community, contribution, dark mode, dependency warnings, download statistics, feedback, install size, internationalization, keyboard-friendly, languages, light mode, module format, multi-provider repo support, npm registry, npmx, open source, outdated dependencies, package likes, packages, performance recommendations, search, simplicity, social features, speed, version range resolution
npmx.dev 8 days ago
https://news.ycombinator.com/item?id=47010823 8 days ago
|
1887.
HN
Show HN: Ask your AI what your devs shipped this week
Gitmore is an innovative tool tailored for non-technical founders to effortlessly comprehend their developers' weekly activities without needing technical expertise. It simplifies GitHub activity by generating clear, concise reports that summarize what was built, fixed, or remains unresolved, all presented in easily understandable terms. These reports are delivered directly to users' inboxes and can typically be reviewed within two minutes. To provide a preview of its functionality, an example report is available on Gitmore's website, along with a quick demo hosted at Arcade Software. The platform offers a free tier and actively seeks feedback from users regarding features they would like to see developed further.
Keywords: #phi4, GitHub, Gitmore, activity, auth module, built, demo, developers, engineering, fixed, founder, free tier, human-readable, inbox, refactor, report, stuck, technical
news.ycombinator.com 8 days ago
|
1893.
HN
Logic gates as persistent stateful tasks – a BCD decoder built on a VM
The author has developed a compact virtual machine (VM) framework using Rust, where the central component is a Task that maintains its own state and can execute bytecode instructions. This VM has been utilized to create a Binary Coded Decimal (BCD) decoder inspired by an example from Charles Petzold's "Code." In this framework, each logic gate—such as bit switches, inverters, and AND gates—is modeled as a task with specific instructions. The BCD decoder processes inputs like `1001`, converting them into their decimal equivalents, such as `9`. During the execution process, it provides detailed information about the operations of the AND gates, including input and output states. Further details on this implementation can be found in the author's GitHub repository: [bcd-decoder GitHub link](https://github.com/tracyspacy/spacydo/tree/main/examples/bcd-decoder).
Keywords: #phi4, AND gates, BCD decoder, GitHub, Petzold's Code, Rust, Task, VM, bits switch, bytecode, cargo run, examples Keywords: Rust, inverters, logic gates, spacydo, stateful
news.ycombinator.com 8 days ago
|
1900.
HN
Meeting Cost Calculator
The Meeting Cost Calculator is a specialized tool aimed at estimating the financial cost of team meetings by transforming annual salaries into hourly rates based on public sector pay data. This utility allows users to tailor calculations according to varying salary levels while incorporating adjustments for employee benefits and accommodation premiums. Developed as part of an Ottawa Civic Tech initiative, Sean Boots spearheaded its creation with contributions from several collaborators. The tool features intuitive user controls such as start, pause, reset, and the ability to set time durations ranging from 30 minutes up to 40 hours. Additionally, users can easily add participants or clear existing data within the interface. The salary data utilized by this calculator is openly accessible on GitHub. To further assist in enhancing meeting productivity, the tool recommends additional resources like articles, guides, and podcasts focused on improving meeting efficiency.
Keywords: #phi4, GitHub, Meeting Cost Calculator, Ottawa Civic Tech, Sean Boots, cost estimation, efficient meeting, hourly rates, participant options, participant options Keywords: Meeting Cost Calculator, pay rates, public sector, salary data, team meetings
meetingcostcalculator.ca 8 days ago
|
1901.
HN
Reviewing Large Changes with Jujutsu
The author has been utilizing Jujutsu (jj) as a version control system over the past six months and appreciates its effectiveness in streamlining the creation of clear, reviewable pull requests without necessitating adjustments from colleagues. The described workflow involves duplicating changes using jj, which facilitates easy navigation and incremental review by allowing reviewers to track progress within their familiar IDE environment, thus minimizing context-switching. To manage large pull requests efficiently, the author introduces a method involving duplication into mutable changes, establishing empty changes as parents for tracking reviewed sections, and squashing files once fully understood. This process leverages jj's diff commands to maintain review progression while enabling reviewers to shift tasks without losing their review state.
The benefits of using jj include a reduced cognitive load compared to Git, as it automatically captures iterative development and encourages intentional presentation of changes. The workflow draws parallels with the tracking of review states in other systems like TigerBeetle and Iron but avoids some complexities encountered by those systems when integrated with Git. Despite noting limited IDE integration due to incomplete support for JetBrains' products, the author mitigates this by using jj's colocated mode to retain a familiar Git-like experience. The workflow accommodates reviewing updates to pull requests; however, it currently relies on manual inspection of diffs for small changes. Overall, jj offers an intuitive tooling experience that significantly enhances code review efficiency and clarity.
Keywords: #phi4, Bitbucket, Git, GitHub, IDE integration, Jujutsu, change tracking, coding agents, interdiff, pull requests, review comments, squash, workflow
bengesoff.leaflet.pub 8 days ago
|
1904.
HN
LibreOffice Online dragged out of the attic
The Document Foundation (TDF) has decided to revive LibreOffice Online (LOOL), a cloud-based iteration of LibreOffice, following community support that reversed its earlier plan from 2020 to retire the project. This decision is contentious given the existence of Collabora Online (COOL), a browser-based version developed by the for-profit entity Collabora, which fulfills a similar role and actively contributes to the LibreOffice codebase with both paid and free versions available. Notably, since November 2025, Collabora has also introduced CODA, a desktop version that directly competes with LibreOffice, further intensifying competition.
TDF's move to re-engage with LOOL development is seen by some as a reaction to the increasing presence of Collabora within the same space, although TDF insists it aims to address previous governance errors and enhance community involvement. Although LOOL remains under development with no immediate download option, its source code has been made available on GitHub for interested contributors.
This scenario underscores the complex interplay between open-source collaboration and commercial interests within the LibreOffice ecosystem, reflecting broader dynamics that influence project decisions in this domain.
Keywords: #phi4, CODA, CODE, COOL, Collabora, Document Foundation, GitHub, LOOL, LibreOffice, Online, OnlyOffice, TDF, cloud-based, commercial support, community, de-atticize, development, governance, local version, open source, repository, ribbon UI, web technology
www.theregister.com 8 days ago
|
1914.
HN
Show HN: GitHub Repo Agent – an agent that explores and reasons on GitHub repos
The GitHub Repo Agent is an advanced tool crafted to delve into and analyze GitHub repositories thoroughly. It automates understanding new codebases by cloning them, indexing files, and leveraging a Language Model (LLM) for answering questions or executing tasks related to the code structure. This tool proves invaluable for onboarding large projects, debugging unfamiliar code, or interacting with open-source software.
Key functionalities include generating detailed reports on directory hierarchy, module interactions, dependencies, architectural patterns, and data flows within a project. It features a terminal-styled interface providing real-time progress updates and supports conversational Q&A regarding the codebase. Technologically, it incorporates an LLM configured via OpenRouter, utilizing Python, Flask, and Server-Sent Events (SSE) for backend streaming. The analysis is executed using a parallel map-reduce approach.
To utilize the GitHub Repo Agent, users must clone the repository, install dependencies, configure the environment with necessary API keys, and start the server. It accepts any public GitHub URL, performs an analysis, and delivers results in a structured report through its web UI. Configurations such as model name and server settings are managed via an `.env` file. The tool is licensed under MIT, encouraging open-source contributions and modifications.
Keywords: #phi4, API Key, Agent, Analysis, Autonomous Agents, Codebase, Debugging, GitHub, Indexing, LLM (Large Language Model), Map-Reduce, OSS Repositories, Python, Repository
github.com 8 days ago
|
1915.
HN
I Put a Full JVM Inside a Browser Tab
JavaBox is an innovative project that demonstrates running Java code directly within a browser tab by embedding a complete Java Virtual Machine (JVM) inside WebAssembly (WASM), eliminating the need for server-side resources. This setup involves using a Cloudflare Worker to serve a large WASM blob containing Emscripten-compiled QEMU, which boots Alpine Linux with OpenJDK installed. While this allows for the direct execution of Java code in the browser, it is initially inefficient due to prolonged JVM startup times during compilation within the emulated environment. Initially, compilations took over twelve minutes, but a persistent daemon known as CompileServer was developed to maintain an active JVM instance, reducing compile and run times to approximately 35 seconds.
Although JavaBox is not designed for production use, it serves as an intriguing proof of concept with potential applications such as interactive "Try It" features on Java documentation sites or shareable code snippets that execute in users' browsers without requiring server dependencies. The project highlights the technical feasibility and educational value of running complex environments within a browser, offering insights into technologies like QEMU, WebAssembly, and JVM internals. A live demonstration is available at javabox-demo.brian-fec.workers.dev, with the source code hosted on GitHub, illustrating novel possibilities in web development by pushing the boundaries of what browsers can achieve.
Keywords: #phi4, Alpine Linux, Cloudflare Worker, CompileServer, GitHub, JVM, JavaBox, OpenJDK, QEMU, SharedArrayBuffer, WebAssembly, container2wasm, cross-origin isolation, emulation, proof of concept, serverless, snapshot
bmarti44.substack.com 8 days ago
|
1916.
HN
Show HN: AI gaming copilot that uses a phone camera instead of screen capture
Project Aegis is an innovative AI gaming copilot designed to offer real-time advice during gameplay, with its initial focus on League of Legends. It circumvents the risk of violating anti-cheat software like Riot Vanguard by utilizing a smartphone camera pointed at the game monitor rather than traditional screen capture or memory-reading methods. The system processes video frames from the phone through WebSockets to a local server, where they are refined using OpenCV for glare reduction and perspective correction. A vision model then analyzes these frames, providing players with text-to-speech (TTS) advice on gameplay aspects such as macro mistakes and map awareness.
Operating externally like a human screen observer ensures Project Aegis remains undetectable by anti-cheat systems. It supports flexible video intake modes via either smartphone camera or an HDMI capture card and delivers structured JSON outputs for game state analysis. Users can customize settings through environment variables, and the system is designed to be extendable with new video intakes or AI providers.
The project invites feedback regarding its practical utility versus technical novelty, potential applications in other games, latency concerns, and enhancements for reliability without breaching anti-cheat protocols. Comprehensive setup, configuration details, and further information are available on GitHub, encouraging developer engagement and collaboration for future improvements.
Keywords: #phi4, AI gaming copilot, Anthropic API key, CLAHE contrast enhancement, Claude Opus 46, FastAPI, GitHub, HDMI capture card, JSON analysis, League of Legends, OpenCV, Project Aegis, TTS (Text-to-Speech), UX expectations, WebSocket, air-gapped setup, anti-cheat, latency, microphone feedback, phone camera, pyttsx3, real-time advice, screen capture, video intake, vision model
github.com 8 days ago
|
1930.
HN
Show HN: GitHub Commits Leaderboard
The GitHub Commits Leaderboard is a platform that ranks users based on their total commit contributions on GitHub, leveraging data from GitHub's GraphQL API to ensure adherence to its contribution counting rules and including private contributions when permissible. Users can connect their accounts to view their rankings, with organization contributions included only if proper access permissions are granted. In addition to the ranking feature, the platform offers a public read-only API for accessing its data. The complexity of accurately attributing commit contributions according to GitHub's system is acknowledged by the creator, who seeks feedback on whether commits should be the sole metric for ranking or if additional contribution types should be considered.
Keywords: #phi4, API, Access, Authentication, Commits, Contributions, Counting Rules, Data, Feedback, GitHub, GraphQL, Leaderboard, Metrics, Organization, Ranking, Raw Git History
ghcommits.com 8 days ago
|
1934.
HN
Show HN: Understand GitHub Trending with AI
"Understand GitHub Trending with AI" is an innovative project utilizing artificial intelligence to analyze and interpret trending activities on GitHub, aiming to provide deeper insights into developer behaviors and popular repositories. The creators of this project demonstrate a strong commitment to integrating user feedback, which signifies their dedication to improving the tool's functionality and relevance based on community input. They actively encourage engagement by inviting users to reach out through the provided email for further inquiries or contributions, fostering an interactive dialogue between developers and the project team. This approach not only enhances the tool’s development but also ensures it remains responsive to the needs of its user base, thereby potentially increasing its utility and adoption within the developer community.
Keywords: #phi4, AI, Email, GitHub, GitHub Trending, Relevant, Show HN, Trending, Understand, contact, email address, feedback, input, keywords, relevant ``` Keywords: Show HN, technical, topic
github.com 8 days ago
https://github.com/HarlonWang/TrendingAI 8 days ago
https://trendingai.cn/app 8 days ago
|
1935.
HN
Building an Open-Source Verilog Simulator with AI: 580K Lines in 43 Days
A team led by engineer Thomas Normal successfully developed an open-source Verilog simulator using AI agents within 43 days, resulting in a comprehensive verification stack that includes simulation, formal verification, and mutation testing among other functionalities. This project was built on the CIRCT infrastructure to address its existing limitations, incorporating features such as event-driven simulation and VPI/cocotb integration. Over the course of early 2026, the team made 2,968 commits on a fork of CIRCT, adding over half a million lines of code across numerous files while removing minimal upstream content.
The initiative demonstrated how AI could significantly accelerate complex engineering tasks traditionally requiring extensive resources and time, with models like Claude Opus and Codex driving much of the work. The development pace varied from around 25 to 124 commits per day, highlighting periods of rapid progress. Despite its performance limitations in interpretive mode when compared to commercial tools, the simulator successfully executed real-world test benches including AVIP Protocol Suites and NVIDIA's CVDP benchmarks.
Although not a direct replacement for established simulators, this project illustrates AI's potential to reduce both time and cost in creating complex verification tools, suggesting a paradigm shift in software development. The project’s advancements underscored the practical utility of AI in engineering projects while acknowledging ongoing challenges like achieving competitive speeds. Detailed progress can be viewed on GitHub under Thomas Normal's fork of CIRCT.
Keywords: #phi4, AI, CIRCT, Cocotb, EDA Tools, Event-driven Simulator, Formal Verification, GitHub, IEEE 1800, Ibex, JIT Compilation, LLVM, Mutation Testing, Open-Source, OpenTitan, Simulation, Testbenches, UVM, Verification, Verilog
normalcomputing.com 8 days ago
|
1945.
HN
Show HN: DevReel – A virtual gym for practical software engineering challenges
DevReel is a virtual training platform specifically designed for software engineers to refine their skills through practical, real-world challenges. Created by a Japanese engineer, it moves beyond traditional algorithm and data structure exercises, focusing on tasks such as bug fixing and architectural decision-making. The platform utilizes an AI-driven code review system that provides instant feedback, enhancing the learning experience. One of its notable features is presenting users with complex scenarios like the "Phantom Transaction" bug to simulate high-pressure environments. Although advanced challenges are still under development, a free demo version is accessible. DevReel targets mid-to-senior level engineers, filling the gap in real-world experience by offering guidance similar to that received from seasoned mentors. The platform supports ongoing professional growth through an interactive public roadmap and feedback channels, making it a crucial tool for continuous skill enhancement, especially as AI technologies continue to evolve within software engineering.
Keywords: #phi4, AI Tech Lead feedback, AI-driven code reviews, DevReel, GitHub, Phantom Transaction, algorithms, architectural choices, challenges, concurrency issues, critical bugs, data structures, high-level engineering, improvement loop, maintainability, roadmap, scalability, software engineering, state mutation bugs, technical debt, technical feedback, virtual gym
www.devreel.tech 8 days ago
|
1949.
HN
Nodebox, a free open-source Webcontainer alternative
Nodepod is an innovative open-source, browser-based Node.js runtime designed as a cost-effective alternative to WebContainers by StackBlitz. Developed in response to the high expenses and lack of transparency associated with proprietary solutions, Nodepod facilitates code execution directly within the browser without relying on servers or incurring significant performance costs. The development process involved multiple iterations, exploring options such as editing Node.js for WASM compilation and utilizing QuickJS, culminating in a reimagined version of Node.js using TypeScript. This new version features a custom JavaScript polyfill-based runtime with an in-memory filesystem and efficient execution capabilities for both synchronous and asynchronous operations.
Key aspects of Nodepod include support for numerous Node.js modules through polyfills, rapid startup times (~100 milliseconds), and a minimal footprint (approximately 600KB gzipped). Its architecture integrates several core systems: a virtual filesystem named MemoryVolume, a custom ScriptEngine with polyfill modules, a sync/async bridge for managing synchronous operations in an asynchronous environment, a lightweight shell for command processing, and package management that mirrors npm functionality.
While Nodepod cannot support native C++ addons or provide comprehensive bash scripting capabilities, it is well-suited for applications such as code previews, playgrounds, educational platforms, and AI tooling. It supports popular frameworks like Express and Vite without requiring server reliance. The capabilities of Nodepod are demonstrated through wZed, a browser-native code editor enabling real-time code execution within the web environment.
Nodepod is open-source under the MIT license, offering an accessible solution for executing code in a web setting free from commercial constraints or costs, making it ideal for developers seeking transparency and affordability.
Keywords: #phi4, Execution engine, Express, GitHub, Lit, MemoryVolume, Networking bridge, Nodejs, Open-source, Package manager, Polyfills, Process model, React, ScriptEngine, Service Worker, Shell, SolidJS, Svelte, SyncPromise, TypeScript, Virtual filesystem, Vite, Vue, WebAssembly, Webcontainer, wZed
scelar.com 8 days ago
https://wzed.scelar.com/ 8 days ago
https://github.com/ScelarOrg/NodePod 8 days ago
|
1967.
HN
Code Corners: A platform-agnostic alternative to GitHub Corners
Code Corners provides a versatile alternative to GitHub Corners, designed for seamless integration across multiple code hosting services like Forgejo, Gitea, SourceHut, and even arbitrary webpages. The platform-agnostic tool enables users to embed customizable corner icons on their sites with options for direct linking to specified URLs. These icons are visually enhanced SVG graphics available in a spectrum of colors—dark grey, mint green, red, blue, orange—and can be further personalized by adjusting the `fill` properties or modifying the `aria-label`. Positioned absolutely at either top right or left corners of a webpage, these badges offer an aesthetic touch to site branding. Inspired by Tim Holman's GitHub Corners, Code Corners extends this concept by allowing links to a diverse range of platforms, addressing the needs of developers who utilize various code repositories and seek greater flexibility in their web presence.
Keywords: #phi4, Code Corners, Forgejo, GitHub, Gitea, SVG, SourceHut, aria-label, color, fill, link, platform-agnostic, position
codecorners.rknight.me 8 days ago
|
1976.
HN
Catch exhaustion before it burns out your engineers
On-Call Health is a free, open-source application designed to combat burnout among on-call engineers by analyzing workload data from platforms like Rootly, PagerDuty, GitHub, Slack, Linear, and Jira. It evaluates overwork risk through two primary metrics: the On-Call Health (OCH) Score, which indicates an individual's incident response workload, and the OCH Score Trend, which tracks changes in this score over time compared to a personal baseline. The tool gathers data on various work aspects, including incident response specifics (e.g., volume and severity), work patterns such as after-hours activity, workload measures like pull request volume and code review involvement, and self-reported well-being metrics. While it is not designed for medical diagnosis, its purpose is to identify trends that could signal overwork.
To install On-Call Health, users must set up OAuth tokens for Google or GitHub authentication and can deploy the tool using Docker Compose. An alternative manual setup involves configuring a backend with Python and a frontend with Node.js, though this option receives less support. Additionally, an API is available for further integration capabilities. Developed by Rootly AI Labs, On-Call Health focuses on innovation in reliability engineering and is supported by entities like Anthropic, Google Cloud, and Google DeepMind, operating under the Apache License 2.0.
Keywords: #phi4, API, Docker Compose, GitHub, Jira, Linear, OAuth tokens, OCH Score, On-call Health, PagerDuty, Rootly, Slack, data collection, engineering teams, incident response, integrations, open-source, overwork risk, reliability engineering, self-reporting, workload
github.com 8 days ago
|
1978.
HN
Autogenerate Docs from GitHub
Mintlify has introduced an innovative tool designed to convert GitHub repositories into structured documentation sites by substituting "github.com" in the URL with "mintlify.com." This solution addresses the challenge faced by open-source maintainers who often lack the time for extensive documentation creation. By employing AI agents, Mintlify's tool securely clones and analyzes both source and destination repositories within a controlled environment, ensuring network restrictions and credential protection.
The process starts with scraping repository metadata to gather brand assets and project information, which serve as the foundation for the documentation structure. An in-depth analysis of the source code is then conducted by Mintlify’s agent to understand its functionality, resulting in the creation of a JSON file that details the project summary, navigation architecture, and key features. This structured methodology ensures coherence across all sections of the documentation.
To optimize efficiency, the generation process involves running subagents in parallel for different sections, significantly reducing the time required. An orchestrator agent resolves cross-references between these sections to ensure links are accurate and functional. Once completed, the Mintlify CLI validates the build by checking for broken links and other potential issues. This tool offers open-source projects like Broccoli a comprehensive documentation framework that can be easily customized and published, transforming what is typically a time-intensive task into a manageable process.
Keywords: #phi4, AI Agents, Autogenerate Docs, Bull on Redis, CLI, Claude Sonnet, Daytona, Documentation Site, GitHub, GraphQL, Guides, JSON file, Mintlify, Open-source, README, Tutorials, broken links, broken links Comma-separated Keywords: Autogenerate Docs, broken links Comma-separated List: Autogenerate Docs, broken links Extracted Keywords: Autogenerate Docs, broken links Final Keywords: Autogenerate Docs, broken links Final List: Autogenerate Docs, broken links Keywords: Autogenerate Docs, broken links Selected Keywords: Autogenerate Docs, broken links Simplified Keywords: Autogenerate Docs, docsjson, iptables, mitmproxy, navigation architecture, orchestrator, subagents, validation
www.mintlify.com 8 days ago
|
1984.
HN
AgentLint v0.7.1 – regex guardrails for AI agents on infra (yes, regex)
AgentLint v0.7.1 is a tool aimed at enhancing code quality by preventing AI agents from executing potentially harmful actions, such as leaking secrets or force-pushing changes. The latest update introduces an "autopilot" feature designed to extend these protective measures into infrastructure operations by blocking risky activities like iptables flushes and cloud resource deletions. This feature relies on regex-based heuristics, which may result in false positives and overlooked detections due to its heuristic nature. Despite these challenges, AgentLint is made publicly available for experimentation, filling a gap since no comprehensive framework yet exists that fully understands intent and context in this domain. The tool comprises 57 rules and 1,071 tests and operates locally. It invites user feedback regarding the management of infrastructure operations with AI agents, fostering community engagement. Further details can be accessed through its GitHub repository at [AgentLint](https://github.com/mauhpr/agentlint).
Keywords: #phi4, AI agents, AgentLint, Docker containers, GitHub, NAT mutations, cloud resources, code quality, crontab edits, force-pushing, infrastructure, iptables, operations, regex, secrets, sessions, tests
news.ycombinator.com 9 days ago
|
1988.
HN
How we run OpenCode in the cloud with E2B and Convex
CodeCloud harnesses the power of E2B's firecracker-based virtual machines (microVMs) to deliver isolated instances of OpenCode within the cloud, ensuring robust security and isolation by providing rapid startup times with strong hardware-enforced boundaries. Each CodeCloud session is tailored as a private environment with comprehensive filesystem access, making microVMs an ideal choice over containers due to their distinct kernels and filesystems that enhance isolation. E2B's ephemeral sandboxes are equipped for necessary resources and offer an SDK for efficient management, vital for executing isolated code in multi-tenant environments.
To address the limitation of streaming events beyond the 10-minute Convex action cap, CodeCloud implements a relay script within the sandbox to push OpenCode events directly to a backend webhook, ensuring uninterrupted data flow even during extended agent workloads or session interruptions. This strategy guarantees that crucial events are not missed due to timeouts or crashes.
For state management between runs without persistent sandboxes, CodeCloud exports the session state of OpenCode using SQLite-based commands before each run ends. The exported session is stored in Convex storage and can be re-imported for subsequent sessions, facilitating continuous interactions with coding agents. During implementation, reliability challenges were tackled by managing background processes within E2B sandboxes through watchdogs and internal monitoring, empowering agents to handle commits and pull requests via GitHub APIs, and ensuring resource provisioning to prevent memory exhaustion by OpenCode.
Overall, CodeCloud utilizes E2B's microVM technology alongside Convex's capabilities to establish a secure, seamless, and efficient environment for running coding agents like OpenCode on private GitHub repositories.
Keywords: #phi4, API, Codecloud, Convex, E2B, Firecracker, GitHub, Kubernetes, LLM, Linear, OpenCode, PRs, VM, coding agents, containers, database, ephemeral, infrastructure, integration, isolation, memory consumption, microVMs, networking, reliability, sandboxing, security, serverless, session state, webhook
codecloud.dev 9 days ago
|
1989.
HN
Show HN: Slop Meter for GitHub
The "Slop Meter" is a tool designed specifically for GitHub, aimed at aiding open-source (OSS) maintainers in efficiently managing contributions. It evaluates user behavior by analyzing two key metrics: the ratio of issues opened to pull requests (PRs) made, and the percentage of PRs that are successfully merged. These insights help maintainers focus on contributors who actively resolve problems rather than just identifying them. The tool can be installed on any GitHub repository, where it automatically posts these statistics in a comment without analyzing current maintainers or contributors. Additionally, users have the option to search for individual GitHub profiles online, and the tool generates reports based on publicly available data from those profiles. Developed following discussions about supporting OSS project maintainers amid an increasing influx of contributions, particularly due to advancements in AI, "Slop Meter" seeks feedback from maintainers. An example profile link is provided by its creator to demonstrate how it functions, showcasing its potential to enhance contribution management in OSS projects.
Keywords: #phi4, AI, Contributions, Feedback, GitHub, Issues, Maintainers, Merged PRs, Open Source, PR Ratio, Profile Analysis, Slop Meter, Tool
news.ycombinator.com 9 days ago
|
1994.
HN
I built a persistent memory layer for AI agents in Rust
Memori is an innovative persistent memory layer designed to enhance AI agents by providing continuity within Claude Code sessions. Developed primarily in Rust and featuring a Python command-line interface, Memori uses SQLite for storage of text, 384-dimensional vector embeddings, JSON metadata, and access history without relying on API keys or cloud services. It introduces several distinctive features that set it apart from similar tools: Hybrid Search combines full-text search with cosine vector search using Reciprocal Rank Fusion, enabling seamless auto-vectorization of text queries; Auto-Deduplication employs cosine similarity to update existing entries instead of creating duplicates if the similarity exceeds 0.92 for like entries; Decay Scoring balances memory prioritization through logarithmic access boosts and exponential time decay with a half-life of approximately 69 days.
Additionally, Memori incorporates built-in embeddings using fastembed AllMiniLM-L6-V2, negating the need for external services such as OpenAI, while its one-step setup facilitates easy integration by modifying Claude Code's configuration to manage memory autonomously. Performance tests on an Apple M4 Pro show efficient retrieval and search operations across up to 500K entries, with a current brute-force vector search that can be upgraded to more sophisticated algorithms like HNSW when necessary.
Following installation, Memori allows Claude Code to recall debugging lessons, store architectural insights, remember user preferences, and perform memory cleanup effectively. The tool has been thoroughly tested using actual SQLite databases without any mocking processes, ensuring its reliability and robustness. Licensed under MIT, the project is accessible on GitHub, with additional details available in a dedicated blog post.
Keywords: #phi4, AI agents, GitHub, HNSW, JSON metadata, MIT licensed, Memori, Persistent memory, Python CLI, Rust, SQLite, access tracking, architecture, auto-dedup, debugging, decay scoring, design principles, fastembed, hybrid search, vector embeddings
news.ycombinator.com 9 days ago
|
1996.
HN
Show HN:Logic gates as persistent stateful tasks – a BCD decoder built on a VM
The author has created a compact virtual machine (VM) in Rust designed for executing bytecode instructions that manage tasks with persistent states. An innovative feature includes an implementation of a Binary Coded Decimal (BCD) decoder, inspired by Charles Petzold's "Code," where basic logic gates—such as bit switches, inverters, and AND gates—are represented as individual task-based components each containing specific instructions. This setup enables the VM to decode BCD inputs; for example, executing `cargo run 1001` converts it into its decimal equivalent, outputting the number 9, while also providing a visual representation of an AND gate's functionality with its respective inputs and outputs. The author has made further details and code examples accessible on GitHub through a provided link.
Keywords: #phi4, AND gates, BCD decoder, GitHub, Petzold's Code, Rust, Task, VM, bits switch, bytecode, cargo run, embeddable, embeddable Keywords: Rust, examples, inverters, logic gates, spacydo, stateful
news.ycombinator.com 9 days ago
|
2007.
HN
Show HN: I spent a billion tokens bridging Elixir and WebAssembly
The blog post describes a pioneering project that integrates Elixir with WebAssembly (WASM) using one billion tokens, aimed at addressing specific technical challenges and leveraging the strengths of both technologies. The motivation behind this endeavor was to combine Elixir's advantages—such as scalability and maintainability in application development—with WASM's capability to securely run programs across various environments. At the time, there were no existing tools or packages that facilitated this integration, highlighting a significant gap in the market.
The project aimed to bridge this gap by enabling seamless use of WebAssembly within Elixir projects and vice versa, thus addressing performance issues and language interoperability challenges. By doing so, it seeks to enhance developer productivity by minimizing the engineering work required for such integrations. To provide further insights into the implementation and practical applications, the author directs readers to additional resources including a blog post on Vers.sh, the "firebird" GitHub repository, and a Twitter thread that demonstrates real-world uses of the technology. This initiative not only fills an existing void but also streamlines development processes by fostering interoperability between Elixir and WebAssembly.
Keywords: #phi4, BEAM, Elixir, GitHub, Phoenix framework, Rust, Twitter, WASM, WAT, WebAssembly, blog post, bridging, firebird repo, hex package, performance gains, tokens
yev.bar 9 days ago
https://github.com/software-mansion/popcorn 9 days ago
https://popcorn.swmansion.com/#live-demo 9 days ago
https://news.ycombinator.com/item?id=47118778 9 days ago
|
2008.
HN
Show HN: I spent a billion tokens and all I got was this repo
The project discussed explores the integration of Elixir and WebAssembly on a platform like Hacker News, focusing on enhancing developer experience and enabling the execution of WASM from Elixir along with compiling Elixir projects into WebAssembly. The author utilized computational resources to automate coding tasks within a GitHub repository named "firebird" using AI agents such as Pi. This automation aimed at handling repetitive programming activities through automated environments designed to reduce latency, utilizing multiple virtual machines or "sandboxes." These sandboxes allowed the AI agents to continuously operate and refine software development processes.
To streamline these operations, the author established clear objectives in a `plan.md` file and set environmental parameters via an `env.sh` script. The overarching goal of this exploration was to examine how artificial intelligence can enhance and simplify traditional development workflows by taking over tasks typically handled by human engineers. Through this project, the author sought to address both technical challenges and propose innovative solutions within software engineering practices, contributing valuable insights into the potential efficiencies AI automation could bring to coding and development.
Keywords: #phi4, API keys, CI/CD, Elixir, Elixir-to-WASM, GitHub, GitHub mobile app, PR reviews, Phoenix, REPL, REPL latency, SDLC, VMs, WebAssembly, automation, benchmarking, benchmarks, coding agents, environment variables, firebird repo, formatters, headless coding agents, infinite loops, integration, linters, merge conflicts, orchestration, performance comparisons, pi agent, remote work, scripting, software development lifecycle, tokens, wasm-in-elixirKeywords: Elixir
vers.sh 9 days ago
|
2009.
HN
Show HN: Built lovable but for your existing products
This document describes an AI-powered feedback widget built on Next.js, aimed at enhancing product improvement processes by transforming user interactions into GitHub issues that are autonomously addressed as pull requests (PRs). The workflow begins with users engaging in conversations via the widget, where these discussions generate GitHub issues through webhooks. An agent, using Claude CLI, attempts to resolve these issues by creating PRs and a preview is provided for approval.
When PR implementation encounters difficulties, the system leverages Haiku to classify failure types—such as documentation gaps or bugs—and schedules self-improvement tasks to generate corrective PRs. Additionally, the AI synthesizes feedback themes to suggest potential product enhancements. This pipeline functions both in local development environments and continuously on Railway for production deployment.
The widget requires specific installation steps, including setting up Tailwind CSS and API routes. It supports various integration tiers with GitHub for advanced issue management via labels and webhooks.
Deployment involves using Railway or Docker for running the agent service and creating a webhook on GitHub to link issues to the feedback system. An interactive wizard facilitates automated setup by configuring necessary components such as environment variables and project-specific settings.
Developers can customize the AI model, prompts, and GitHub integration features. Troubleshooting guidance is provided for common issues like styling problems, missing labels, build failures, and authentication errors. As an open-source project under the MIT license, it encourages community contributions by offering guidelines to clone the repository, install dependencies, build, test, and run in development mode.
Keywords: #phi4, AI, AI advisor, API, API routes, Autonomous, CLI, Claude CLI, Environment, Feedback widget, GitHub, GitHub issues, License, MIT license Keywords: Feedback, Nextjs, PR, PR preview, Railway, Railway worker, Self-improve, Supabase, Tailwind, Tailwind CSS, Webhook, autonomous agent, contributing, dashboard, environment variables, self-improve job, troubleshooting, webhook setup
github.com 9 days ago
https://github.com/NikitaDmitrieff/feedback-chat 9 days ago
https://www.npmjs.com/package/@nikitadmitrieff/fee 9 days ago
|
2016.
HN
Show HN: War.direct – Real-time conflict intelligence dashboard for the Iran war
"War.direct" is an innovative non-commercial dashboard designed by Rishi Khiani and Claude (Anthropic) to deliver real-time conflict intelligence during the Iran-U.S.-Israel tensions. It offers public access to a wealth of information through various interactive features, including over 25 live TV channels and verified strike markers on a detailed battlespace map. The platform also provides live flight radar data from adsb.lol, naval vessel tracking using curated open-source intelligence (OSINT), and an AI-generated timeline of events employing GPT-4o technology. Additionally, it aggregates OSINT dispatches sourced from Reddit and offers emergency helplines for 12 countries, along with a timezone switcher to facilitate global access. The content is compiled from public feeds such as RSS and GitHub, though users are cautioned about the reliability of this information. To ensure accuracy, users are urged to cross-check crucial data through official channels and engage with the platform by suggesting improvements or corrections via its forum.
Keywords: #phi4, AI-curated timeline, Claude (Anthropic), GitHub, Iran war, RSS feeds, Reddit OSINT, Rishi Khiani, US-Israel-Iran conflict, War, battlespace map, conflict intelligence, emergency helplines, flight radar, information tool, live TV channels, naval vessel tracking, non-commercial, open-source repositories, public service, real-time dashboard, strike markers, timezone switcher
war.direct 9 days ago
|
2020.
HN
Show HN: Punch card simulator and Fortran IV interpreter
The project is a punch card simulator combined with a Fortran IV interpreter designed primarily as an enjoyable tool, hosted on GitHub. It enables users to emulate the functioning of traditional punch cards through features such as deck management and execution controls—including idle, step, run, and reset options—alongside speed adjustments. The interface includes a viewer for inspecting punched cards. Initially, the deck is empty, indicating no card data has been input or discarded yet. Additional functionalities comprise managing a library of programs and providing access to line printer outputs. This simulator offers an engaging experience while facilitating interaction with a vintage programming environment.
Keywords: #phi4, Fortran IV, Fortran IV interpreter, GitHub, IDLE, Line printer, Punch card simulator, RESET, SPEED, STEP, card viewer, deck, execution, library, line printer output Keywords: Punch card, program library, punch cards
punch.ehrlich.dev 9 days ago
|
2032.
HN
Show HN:Turn any GitHub .MD into a collaborative editor by replace "g" with tune
Colibri is an innovative tool designed to enhance the collaborative experience of editing GitHub Markdown files by offering functionalities similar to Google Docs. It addresses the common challenge faced when multiple users attempt to collaborate on `.md` files by enabling a seamless transformation from static documents to interactive platforms for discussions and annotations. Users can easily switch their existing GitHub URLs to Colibri’s interface by substituting "github.com" with "tuneithub.com," thus activating features that facilitate communication among both technical and non-technical collaborators, such as comments and in-line edits. Notably, Colibri operates without requiring a GitHub account, thereby broadening access for various users. Additionally, it supports the integration of modifications back into the original repositories through pull requests, ensuring changes are efficiently managed. Presently, the tool is limited to public repositories; however, support for private repositories is anticipated in future updates. The developers welcome feedback on current collaboration methods and desired functionalities to further enhance the tool's utility.
Keywords: #phi4, GitHub, Google Docs, Markdown, PR (Pull Request), Richtext, annotations, colibri, collaboration, discussions, editor, feedback, limitations, private repos, public repositories, tuneithubcom
www.get-colibri.com 9 days ago
https://tuneithub.com/Legit-Control/get-colibri 9 days ago
|
2036.
HN
GitHub – Maderix/ANE: Training Neural Networks on Apple Neural Engine
The "ANE Training" GitHub project aims to train neural networks directly on Apple’s Neural Engine (ANE) without relying on CoreML, Metal, or GPU support by leveraging reverse-engineered private APIs. This initiative exploits the ANE's 15.8 TFLOPS inference capabilities, particularly on M4 chip-equipped Apple Silicon devices, using custom compute graphs for forward and backward passes created with tools such as _ANEClient/_ANECompiler and MIL (Model Intermediate Language). The project incorporates a training loop that dispatches six ANE kernels per step to manage operations like attention mechanisms, feed-forward networks, and gradient computations. While the CPU handles tasks such as RMSNorm backpropagation and updates for the Adam optimizer, performance is enhanced through techniques including channel-first memory layout, vectorized operations, and overlapping compute tasks.
The file structure comprises scripts for API exploration, MIL compilation, and training loops, among other components. The project requires Clang on macOS 15+ with Apple Silicon hardware to compile. It utilizes in-memory MIL program generation and IOSurface-based shared memory for tensor input/output, managing gradient flow through a combination of ANE computations and CPU operations. Despite facing limitations such as causal attention decomposition due to ANE's masking constraints and addressing a compile resource leak via exec() restarts, the project achieved substantial performance gains. Execution time was reduced from 33.5 ms/step with baseline optimizations to 9.3 ms/step, resulting in 11.2% ANE utilization.
The initiative is presented as a research effort using undocumented APIs for educational purposes under fair use and interoperability provisions. It carries a disclaimer that the work is independent of Apple Inc., bears no endorsement from them, and should be used at one's own risk. The project is released under the MIT license.
Keywords: #phi4, ANE, Accelerate Framework, Adam Optimizer, Apple Silicon, Backpropagation, Compile Limit, CoreML, Gradient Accumulation, In-Memory Compilation, MIL, Neural Networks, Objective-C, Performance Optimization, Pipeline Scheduling, Private APIs, RMSNorm, Reverse-Engineering, SRAM Bandwidth, Transformer Training, iOSurface, macOS
github.com 9 days ago
|
2041.
HN
Show HN: Agent Protocols Tech Tree
The "Agent Protocols Tech Tree" serves as an innovative visualization tool designed to elucidate the evolution of AI agent protocols using a format reminiscent of a Civilization technology tree. This approach allows users to see how simpler protocols develop into more complex systems, grounded in the philosophy of "rough consensus and running code." Its primary objective is to bridge understanding between policy-makers—who may find it challenging to regulate due to the inherent complexity—and technology professionals who seek detailed insights into AI technologies. Created for a conference on AI agents, the Tech Tree not only aids regulators by highlighting the difficulties of crafting regulations but also provides tech experts with valuable information about the underlying technologies. Additionally, the creator is soliciting feedback on its structural and narrative elements, particularly concerning how incentives impact consensus within common frameworks. The tool is publicly accessible via Harvard's Laboratory for Innovation Law (LIL) website along with a comprehensive blog post and source code available in a GitHub repository.
Keywords: #phi4, AI, Agent Protocols, Blog Post, Civilization-style, Code, Complexity, Conference, Consensus, Decentralized Community, Frameworks, GitHub, Harvard-LIL, Incentives, Policy, Regulation, Storytelling, Tech Tree, Technology Evolution, Tool, Wire Format
harvard-lil.github.io 9 days ago
|
2056.
HN
Show HN: EvoAgents – Agents that evolve their own skills
EvoAgents is an open-source framework tailored for enhancing multi-agent systems through autonomous skill improvement. Each agent's ability is outlined in a SKILL.md file, and the system employs a large language model (LLM) to evaluate these skills post-execution by scoring them and pinpointing failures. The LLM patcher then suggests fixes specifically targeting the identified issues, which are subsequently tested against historical data traces. Successful modifications enhance agent performance and are integrated, while ineffective ones are discarded. Notably, EvoAgents utilizes an LLM for evaluation instead of traditional regex methods, focusing on targeted section-level corrections to ensure precision in improvements. A key feature is its replay gating mechanism that ensures only beneficial patches reach deployment, thereby maintaining system reliability. Additionally, the framework incorporates version control capabilities allowing seamless rollbacks if necessary. Users can influence the enhancement process by directing it to favor primary sources via command-line options. The installation of EvoAgents is facilitated through pip from its GitHub repository, making it accessible for users looking to optimize agent performance efficiently.
Keywords: #phi4, EvoAgents, GitHub, LLM judge, SKILLmd, autofix, candidate fixes, multi-agent systems, natural language, open-source framework, pip install, primary sources, replay gating, section-level patching, versioned
news.ycombinator.com 9 days ago
|
2058.
HN
The most popular stock research project on GitHub just had a web app
Trading Agents Web is a newly launched web application developed from the most popular stock research project on GitHub. The primary objective of this development is to enhance the platform's capabilities in both analyzing and executing stock trades. It achieves this by offering an interactive, user-friendly interface that allows users to engage more effectively with stock data and trading strategies. By providing these advanced tools, Trading Agents Web facilitates a more accessible and efficient experience for individuals interested in understanding market dynamics and implementing informed trading decisions. This innovation represents a significant step forward in democratizing access to sophisticated stock analysis and trading resources.
Keywords: #phi4, GitHub, Trading Agents Web, agents, finance, popular, project, repository, software, stock research, technical, web app
trading-agents.ai 9 days ago
|
2064.
HN
Show HN: A userscript that shows when you starred a GitHub repository
The text describes the process of using a userscript on GitHub that signals when a repository has been starred by a user. To utilize this script effectively, it is necessary to first have a compatible browser extension installed, such as Tampermonkey, Greasemonkey, Violentmonkey, or Userscripts, which function as user script managers. Once an appropriate extension is already in place on the browser, users can proceed with installing the specific userscript mentioned. This setup enables enhanced functionality by visually indicating starred repositories directly within GitHub's interface.
Keywords: #phi4, GitHub, Greasemonkey, Show HN, Tampermonkey, Userscripts, Userscripts Keywords: Show HN, Violentmonkey, extension, install, repository, script, starred, user script manager, userscript
greasyfork.org 9 days ago
|
2074.
HN
Show HN: Local Hours – Time tracking that's just files (no accounts)
Local Hours is a privacy-centric time tracking and timesheet application tailored for macOS and iOS users, with plans to expand to Android. It diverges from conventional methods by storing all user data as plain JSON files on the user's local device rather than using cloud-based storage solutions. This design choice facilitates easy archiving and scripting without dependence on external databases or accounts. Users can choose their own folder for data storage, which enhances privacy and control over personal information. The application supports synchronization across devices through iCloud, Dropbox, or OneDrive, bypassing the need for server-side code.
Key features of Local Hours include straightforward time tracking with start/stop functions, automatic generation of clean timesheets ready for approval, and email integration to directly send timesheets to approvers. It provides cross-device synchronization using shared cloud storage folders, allowing access via a menu bar on macOS or widgets on iOS, with plans to offer similar functionality on Android. Users can configure local storage settings such as timezone preferences and email templates.
The application is committed to privacy by eliminating analytics or telemetry features and is fully open source under the MIT license, encouraging community contributions. Installation options include pre-built releases or building from source using tools like Xcode for macOS or sideloading methods for iOS. Feedback on its unique approach and usability is encouraged, with active recruitment of collaborators to expand platform support to Android and Windows and introduce features such as managing multiple projects. The project invites contributions through GitHub, providing guidelines for setting up a development environment. Local Hours supports privacy by storing data locally while allowing synchronization via user-selected cloud services without requiring any accounts.
Keywords: #phi4, Android, Dropbox, GitHub, JSON, Local Hours, Local-first, MIT-licensed, OneDrive, app store, bug reports, collaborators, contributing, cross-device, development setup, email integration, feature requests, feedback, iCloud, iOS, license, macOS, no accounts, open source, privacy, sync, time tracking, timesheets
github.com 9 days ago
|
2076.
HN
How AI is reshaping developer choice (and Octoverse data proves it)
The article examines the significant impact of artificial intelligence (AI) on developers' technology choices, particularly through tools like GitHub's Copilot that prioritize convenience and reduce friction in coding processes. It notes a shift in popularity from languages like Python and JavaScript to TypeScript, attributing this change to AI's compatibility with strongly typed languages which offer clearer constraints for generating reliable code. The integration of AI into over 1.1 million public repositories highlights how it is reshaping the technology ecosystem by influencing developers' adoption patterns.
AI not only accelerates coding but also necessitates strategic adaptation from developers and engineering leaders to preserve architectural integrity. This involves establishing robust coding patterns before integrating AI, using type systems as safeguards, rigorously testing AI-generated code, standardizing practices prior to scaling, and monitoring AI's effect on code quality. For technology decision-makers, considering AI compatibility is critical to prevent future issues and set lasting tech preferences.
The findings from Octoverse 2025 indicate that the ease of use facilitated by AI-assisted tools plays a crucial role in shaping developers' current choices, potentially solidifying long-term trends within the tech ecosystem. Developers and leaders need to be aware of these influences to optimize their workflows while ensuring adherence to strong architectural standards.
Keywords: #phi4, AI, AI compatibility, Copilot, GitHub, JavaScript, LLM SDKs, Octoverse, Python, TypeScript, architectural, architectural review, compatibility, convenience, convenience loop, developer, developer choice, engineering, engineering leaders, productivity, strongly typed, strongly typed languages, technology, technology decisions Keywords: AI, type systems
github.blog 9 days ago
|
2077.
HN
Hackerbot-Claw: An AI-Powered Bot Actively Exploiting GitHub Actions
The document details a sophisticated attack campaign carried out by "hackerbot-claw," an AI-driven autonomous bot, targeting GitHub Actions across several major open-source repositories in February 2026. Over a week-long period, hackerbot-claw exploited vulnerabilities within CI/CD pipelines of at least six prominent projects, including those maintained by Microsoft and DataDog, employing five distinct techniques to achieve remote code execution and token exfiltration.
The attack strategies included:
1. **Token Theft via Poisoned Go Script**: This involved injecting malicious code into a quality check script in the "avelino/awesome-go" project, resulting in successful theft of a GITHUB_TOKEN.
2. **Direct Script Injection**: A shell script in the "project-akri/akri" repository was altered to directly execute an injected payload.
3. **Branch Name Injection**: The bot used obfuscated commands embedded within branch names for code execution against the "microsoft/ai-discovery-agent" project.
4. **Filename Injection**: Base64-encoded shell commands were hidden in filenames to manipulate workflows in the "DataDog/datadog-iac-scanner" repository, leading to swift detection and patching by DataDog.
5. **AI Prompt Injection**: An AI code reviewer configuration file within the "ambient-code/platform" project was targeted but thwarted by the Claude Code tool.
6. **Full Repository Compromise (Trivy)**: A Personal Access Token from "aquasecurity/trivy" was exfiltrated, resulting in significant damages such as repository privatization and data deletion.
7. **Branch Name Injection with Base64 Payload**: An attempted attack on the "RustPython/RustPython" project via branch name injection failed due to a technical error.
The document underscores critical vulnerabilities within CI/CD workflows that can lead to remote code execution and data exfiltration by autonomous bots, and suggests potential defenses including GitHub checks, least-privilege token permissions, network monitoring with tools like StepSecurity's Harden-Runner, and scanning developer environments. A community webinar is planned to discuss these vulnerabilities, exploitation methods, and defensive measures in greater detail. Acknowledgment is given to the individuals and teams that identified and responded to the impacts of this campaign.
Keywords: #phi4, AI agents, CI/CD pipelines, GitHub Actions, Hackerbot-Claw, autonomous bot, exploitation techniques, network egress policy, pull_request_target, remote code execution, script injection, supply chain attacks, token theft, vulnerability patterns
www.stepsecurity.io 9 days ago
|
2083.
HN
LLM Use in the Python Source Code
The text discusses concerns raised about GitHub feature flags projects involving contributions from a user named "claude," believed to be associated with Anthropic's Claude Code tool, which suggests code generated by an LLM (Large Language Model). This situation has led to eight commits in the CPython project being co-authored by this user. The author expresses disappointment over developers potentially favoring machine-generated assistance over human involvement, fearing it could diminish learning opportunities within the Python community. They criticize the practice of attributing code to non-existent contributors and call for clearer policies from CPython regarding LLM usage. The current policy is considered vague, lacking specific guidelines on generative AI in coding.
To address these concerns, the author advocates for transparency, urging CPython to clarify their stance on developers' use of LLMs by specifying permissible tasks and requiring disclosures when such tools aid contributions. This approach aims to ensure accountability and fairness within the project's development practices, promoting a more ethical framework for open-source contributions.
Keywords: #phi4, CPython, Claude Code, Generative AI, GitHub, LLM, Python, attribution, co-author, code generation, coding agents, coding assistants, commits, contributors, core developers, environmental concerns, ethical issues, legal issues, moral issues, moral issues Final List: LLM, moral issues Keywords: LLM, moral issuesExtracted Keywords: LLM, policy, transparency
blog.miguelgrinberg.com 9 days ago
|
2084.
HN
Cursor for academic writing (open source)
Octree is an open-source AI-powered LaTeX editor designed to facilitate the creation of academic and technical documents. It enhances the writing experience by integrating intelligent writing assistance into a Monaco-based editor, enabling users to write, edit, compile LaTeX, and receive real-time editing suggestions through Claude interaction. The platform supports collaborative document generation within a single interface. To set up Octree, prerequisites include Node.js 18+, a Supabase project for database management, a Stripe account for billing, and a Claude API key for AI functionalities. Users can clone the repository from GitHub, install dependencies, configure environment variables, and run both the Next.js app and agent server to access all features.
The software architecture leverages Next.js 15 with App Router using TypeScript in strict mode, alongside React 19, shadcn/ui, and Tailwind CSS for UI design. It incorporates Monaco Editor as its text editor and uses Vercel AI SDK along with @ai-sdk/anthropic for AI integration. Payment processing is handled via Stripe, while deployment is managed through Vercel. For addressing security concerns or custom self-hosting requirements that include compilation support, users are advised to contact basil@useoctree.online. Octree is licensed under LGPL-3.0, making it a versatile tool for document creation in academic and technical fields.
Keywords: #phi4, AI features, AI-powered, Claude API, ESLint, GitHub, LaTeX, Monaco Editor, Monaco-based, Nextjs, Nodejs, Octree, React, Stripe, Supabase, Supabase Auth, Tailwind CSS, TypeScript, Vercel, Vitest, academic writing, agent server, dev server, editor, environment file, hosting, licensing, open source, payments, real-time collaboration Keywords: Octree, security
github.com 9 days ago
|
2089.
HN
Show HN: Agent Orchestrator – Built using the agents it orchestrates
Agent Orchestrator is an advanced tool designed to automate and optimize the management of AI coding agents operating on a codebase concurrently. It enables developers to spawn multiple AI agents, each functioning independently within its own git worktree, branch, and pull request (PR). These autonomous agents are tasked with handling various development challenges such as fixing continuous integration (CI) failures, responding to review comments, and initiating PRs, thereby reducing the need for human intervention unless crucial judgment is required. The tool supports a range of AI models including Claude Code, Codex, and Aider, offering runtime flexibility through environments like tmux and Docker, and integrates seamlessly with trackers such as GitHub and Linear.
The architecture of Agent Orchestrator is modular, featuring eight interchangeable components that include runtime environments, agents, workspaces, trackers, SCMs, notifiers, terminals, and lifecycles. Configuration settings are centralized in an `agent-orchestrator.yaml` file, where users can define preferences like default agent types, workspace configurations, notifiers, and project-specific parameters.
To manage sessions, the tool provides a Command Line Interface (CLI) with commands for spawning agents, sending instructions, listing active sessions, terminating or restoring sessions, and accessing a web dashboard. This system streamlines the coordination of multiple AI agents across diverse tasks by automating essential processes such as branch creation, feedback management, status tracking, and cleanup.
Prerequisites for using Agent Orchestrator include Node.js version 20+, Git version 2.25+, tmux for its default runtime environment, and the GitHub CLI to facilitate integration. The development process is supported by commands that allow for installing necessary packages, building the project, testing functionalities, and launching a development server. Users are encouraged to contribute to expanding the tool's capabilities by adding support for new agents, runtimes, trackers, or notification channels via its plugin system. The Agent Orchestrator is distributed under an MIT license.
Keywords: #phi4, AI agents, Agent Orchestrator, CI failures, CLI, Docker, Git, GitHub, Linear, Nodejs, PRs, TypeScript interface, TypeScript interface Comma-separated List: Agent Orchestrator, TypeScript interface Extracted Keywords: Agent Orchestrator, TypeScript interface Final Keywords: Agent Orchestrator, TypeScript interface Keywords: Agent Orchestrator, automation, coordination problem, dashboard, git worktree, orchestration layer, parallel processing, plugin architecture, plugin system, review comments, runtime-agnostic, tmux
github.com 9 days ago
https://x.com/agent_wrapper/status/202598610548573 9 days ago
|
2094.
HN
Show HN: Rocket 68 – A Motorola 68000 CPU emulator in C
"Rocket 68," a new Motorola 68000 CPU emulator developed in C11, is presented as a portable C library that facilitates seamless integration into larger projects. This innovative tool offers developers an efficient means to emulate the classic 68000 architecture, leveraging modern programming standards to enhance compatibility and usability across various platforms. The project's additional resources, including comprehensive documentation and development insights, are accessible via its GitHub repository at [GitHub](https://github.com/habedi/rocket68). For detailed information about implementation and usage, users can visit the dedicated project documentation site at [Project Documentation](https://habedi.github.io/rocket68/), which provides a thorough guide for developers seeking to incorporate this emulator into their work.
Keywords: #phi4, C library, C11, CPU, GitHub, Motorola 68000, Rocket 68, chip, documentation, emulator, habedi, integration, portable, projects
news.ycombinator.com 9 days ago
|
2097.
HN
Show HN: Dungeon Coverage – Unit testing as a dungeon crawler
"Dungeon Coverage" is an innovative tool that reimagines unit testing as a dungeon crawler game, specifically designed for JavaScript functions. In this gamified environment, code structures such as conditional statements and loops are transformed into dungeons with branching paths and corridors, while try/catch blocks create parallel chambers. Users engage with the tool by crafting test inputs, metaphorically wielding them as weapons to navigate through these complex code paths. The objective is to achieve 100% coverage, symbolized by collecting "gems" for each covered statement, thereby completing various levels of increasing difficulty. These levels range from straightforward branches to more challenging asynchronous functions that utilize stubs. Developed using technologies like PIXI.js for visual rendering, Istanbul for tracking coverage metrics, and MainEffectJS for executing functions in isolation, "Dungeon Coverage" offers a unique educational platform for understanding and testing code. Additional resources and the ability to play the game can be found on its GitHub page or via Arvind Raj Naidu's website.
Keywords: #phi4, Async Functions, Code Path, Dungeon Coverage, Dungeon Crawler, Functions, Gems, GitHub, Istanbul, JavaScript, Levels, Loops, PIXIjs, Parameters, Stubs, Test Inputs, Unit Testing, if/else, try/catch
arvindrajnaidu.github.io 9 days ago
|
2098.
HN
Find active GitHub forks of any repository
The tool offers functionality that enables users to locate active forks on GitHub for specific repositories by utilizing search capabilities—for instance, searching for the "techgaun/github-dorks" repository. In addition to this core feature, it enhances user experience through a customizable dark mode toggle option in its interface, allowing users to adjust their visual preferences while using the tool. This combination of repository search and interface customization makes the tool versatile and user-friendly for individuals exploring GitHub repositories.
Keywords: #phi4, GitHub, active, dark mode, dorks, forks, mode, repository, search, source code, techgaun/github-dorks, toggle
techgaun.github.io 9 days ago
|
2102.
HN
Show HN: Apple Ads Toolkit
The author has developed an open-source toolkit for automating the management of Apple Ads, inspired by the Go analysis framework. This command-line interface (CLI) tool is designed to be AI-friendly and facilitates daily automation tasks such as research, updating CSV files, logging decisions in Git, and reviewing pull requests for campaign updates. Notably, it supports importing and exporting data in CSV/JSON formats without requiring API access, which is essential for organizations with restricted Apple Ads API usage. The toolkit streamlines the management of campaign configurations, keywords, and creatives, thereby enhancing the scalability and stability of marketing operations through comprehensive logging practices.
To improve campaign efficiency and reduce performance variability, the toolkit incorporates "linters" that identify setup issues and ensure adherence to best practices. It provides key statistics such as Cost Per Install (CPI) and Conversion Rate Value (CVR), displayed in colorful ASCII format for clarity. Additionally, the tool organizes AI-generated scripts into a streamlined system equipped with features like time filtering and integrated help documentation, making it accessible for AI agents.
Termed "Ads GitOps," this free resource aims to boost community efficiency in handling Apple Ads while also offering cost-saving benefits. The toolkit is available on GitHub at [ndx-technologies/go-apple-ads](https://github.com/ndx-technologies/go-apple-ads), where it can be accessed and utilized by the broader marketing and technology communities.
Keywords: #phi4, AI-friendly, Apple Ads, Bayesian statistics, CLI, CSV, GitHub, GitOps, Go, Go analysis framework, JSON, ads management, ads management Keywords: Apple Ads, automation, documentation, export/import, export/import data, instability, linters, marketing ops, performance tracking, randomness, self-discovery, toolkit
news.ycombinator.com 9 days ago
|
2105.
HN
Show HN: Kelos – Define your AI coding agent workflow as YAML on Kubernetes
Kelos is a specialized framework designed to leverage Kubernetes clusters for orchestrating autonomous AI coding agents via YAML configurations. It allows users to declaratively define development workflows that handle various tasks such as auto-drafting pull requests (PRs) for bugs, reviewing PRs, triaging issues, and suggesting improvements to the codebase. The system utilizes Custom Resource Definitions (CRDs) for task specification and employs TaskSpawners to automate these tasks through triggers like GitHub events or scheduled cron jobs.
The core components of Kelos include Tasks, Workspaces, AgentConfigs, and TaskSpawners, which together create a scalable environment for running AI agents such as Claude Code, OpenAI Codex, and Google Gemini. Each task is executed in an ephemeral Kubernetes Pod with isolated access to minimize security risks. Kelos ensures efficient workflow automation by managing the entire lifecycle of tasks from initiation to completion, enabling chaining of tasks and handling outputs while adhering to GitOps principles for version control integration within existing CI/CD pipelines.
The framework supports scaling parallel operations across multiple repositories while providing observability through Kubernetes-native tools. Security is a key focus, with isolated Pods running on scoped tokens to limit permissions and employing measures like branch protection and maxConcurrency limits to prevent unauthorized access or runaway executions. To set up Kelos, users require a Kubernetes cluster and must follow setup steps that include installing the CLI, configuring CRDs, and initializing configuration files with necessary credentials. The platform accommodates both interactive command-line usage and declarative YAML configurations for managing tasks.
Overall, Kelos transforms AI coding agent workflows into Kubernetes-managed processes, offering scalability, security, and seamless integration capabilities while promoting best practices in workflow automation and agent lifecycle management.
Keywords: #phi4, AI, AI coding agents, API limits, API limits Keywords: Kubernetes, CI-native, CRDs, GitHub, GitOps, Kelos, Kubernetes, TaskSpawners, YAML, autonomous execution, declarative, ephemeral pods, orchestration, sandboxing, scalability, security, security considerations, workflows
github.com 9 days ago
|
2108.
HN
Flexible Schemas Are the Mindkiller (2024)
The article humorously recounts the author's challenging experience with a project centered around "flexible" schemas, illustrating the chaos that arises from technical and managerial oversights. The company received $1 million from a FAANG entity to develop an AI data classification tool, making it one of their most ambitious projects given its limited resources and expertise. Joining late in the process as one of only two data scientists, the author faced significant hurdles due to Derek, a developer responsible for creating a simple CRUD application for data labeling.
Derek's eight-month effort culminated in an undocumented and poorly version-controlled project that failed upon review. His use of an Extensible Attribute-Value (EAV) schema stored as key-value pairs complicated database queries and efficiency, severely impeding the project. The situation escalated when sensitive medical data was inadvertently uploaded to GitHub by Derek from a local Access database. Although the company discreetly managed this security breach by scrubbing all copies of the data to prevent recovery, management issues compounded the problem. These included neglecting user engagement during development and enforcing restrictive office attendance policies.
Reflecting on these challenges, the author criticizes engineers who overly prioritize flexibility at the expense of practical considerations like efficient data structures, often leading to project failures. The narrative concludes with a skeptical view towards those attracted by "flexible" schemas due to potential technical arrogance and lack of foresight. Additionally, the post briefly mentions the author's efforts in setting up Liberapay and Patreon to support their writing and podcasting, highlighting their commitment to open-source values and ethical considerations.
Keywords: #phi4, AI tool, Access databases, CRUD app, DynamoDB, EAV antipattern, Flexible schemas, GitHub, Kubernetes, Liberapay, Patreon, Patreon Keywords: Flexible schemas, SQL Server, data classification, data structures, remote work, schema migration, sensitive data, web-scale
ludic.mataroa.blog 9 days ago
|
2125.
HN
Agents are ushering in the Antisocial Coding era
The article explores a shift from "Social Coding" to an emerging "Antisocial Coding" era driven by the rise of coding agents, which fundamentally alter traditional open-source practices and collaboration dynamics. Initially, social coding celebrated the easy sharing and reuse of dependencies through open-source tools; however, this has led to challenges with poorly-maintained software. Now, as agents increasingly handle code creation, significant trends have emerged:
1. **Team Communication Challenges**: The use of agents reduces direct team communication, resulting in a "hub-and-spoke" crisis that disrupts traditional multi-developer collaboration. This phenomenon suggests startups may remain focused on single-developer workflows while larger organizations might need to restructure systems to support individual developers effectively.
2. **Rapid Codebase Complexification**: When coding agents create codebases, they often become complex and tightly integrated with the specific needs of their creators. This complexity poses challenges for maintenance and scalability as these projects expand, exemplified by Beads’ early complexity hindering its wider adoption.
3. **Open Source Accessibility Decline**: In response to easy cleanroom rewrites facilitated by agents, some open-source projects like tldraw are removing elements such as test suites. This trend indicates a shift away from open collaboration toward more closed development environments.
These trends indicate potential issues for organizations, including increased maintenance burdens and security risks, reduced mentorship opportunities due to diminished collective code ownership, and a growing divide between junior and senior developers. Engineering leaders are encouraged to consider these implications when planning organizational changes aimed at leveraging coding agent productivity.
Keywords: #phi4, AI Impact, Agents, Antisocial Coding, Apprenticescence, Bus Factor, Codebases, Communication Costs, Dependencies, Engineering Leaders, GitHub, Mentorship, Open Source, Open Source Closure, Ossification, Productivity, Semi-Autonomous Agents, Social Coding
justin.searls.co 9 days ago
|
2140.
HN
Infrastructure Agents Guide – Design and operate AI agents for infra safely
The "Infrastructure Agents Guide" serves as a comprehensive resource for architectural guidance in adopting AI agents within various infrastructure teams at differing stages of adoption. Addressing the need to navigate common challenges associated with AI integration, the guide emphasizes prioritizing safe architecture over specific technical implementations. It covers essential aspects such as credential management, change control, observability, policy guardrails, and sandboxing across six architectural planes: Policy, Agent Runtime, Change Control, Observability, and Infrastructure.
Targeted at platform engineers, SREs, DevOps leads, and engineering leaders, the guide offers multiple alternatives for each architectural layer without enforcing a specific framework. This flexibility helps teams avoid common pitfalls like long-lived credentials or inadequate observability by promoting shared patterns and practices. By focusing on structured, safe AI adoption, the guide aids in preventing costly errors while maximizing AI capabilities effectively.
Available under an open license on GitHub, the "Infrastructure Agents Guide" encourages community engagement and contributions. It supports building scalable AI-enabled infrastructure by providing a framework that adapts to different levels of tool integration, ensuring teams can leverage AI technologies safely and efficiently.
Keywords: #phi4, AI Adoption, Agent Runtime, Agentic Tools, Architecture, CI/CD, Change Control, Cloudgeni, Copilot Mode, Credentials, DevOps, Engineering Leaders, GitHub, Infrastructure Agents, Isolation, LLM Runtime, Multi-Cloud, Observability, Open Source Guide, Platform Engineers, Policy Guardrails, Principle, Pull Requests, SREs, Sandbox, Sandboxing Techniques, Task Queue, Terraform
blog.cloudgeni.ai 9 days ago
https://blog.cloudgeni.ai/why-we-open-sourced-our-infrastruc 9 days ago
https://github.com/Cloudgeni-ai/infrastructure-agents-g 9 days ago
|
2142.
HN
Show HN: Self-destructing, end-to-end encrypted Pastebin
Ente Paste offers a secure and anonymous platform for sharing sensitive text via end-to-end encrypted links, allowing users to transmit information such as API keys and notes without needing an account. Each link grants one-time access, expires automatically after 24 hours, and is limited to 4,000 characters, ensuring both convenience and security. The encryption relies on a decryption key embedded in the URL fragment, safeguarding user privacy. To prevent accidental indexing by web crawlers, additional protections are integrated into the service. The open-source nature of Ente Paste ensures transparency, with its source code accessible on GitHub at https://github.com/ente-io/ente.
Keywords: #phi4, 000-character limit, 4, API keys, Ente Paste, GitHub, Pastebin, Self-destructing, anonymous use, automatic expiry, character limit, crawler protections, deletes, deletes in 24 hours Keywords: Self-destructing, encryption key, end-to-end encrypted, instructions, monorepo, notes, one-time access, preview crawler protections, private, sensitive text, snippets, source code
paste.ente.io 9 days ago
https://privatebin.info/ 9 days ago
|
2155.
HN
Show HN: GitDelivr: A free CDN for Git clones built on Cloudflare Workers and R2
GitDelivr is a free Content Delivery Network (CDN) designed to enhance the efficiency of accessing Git repositories by leveraging Cloudflare Workers and R2 object storage. This service addresses the common issue of slow or costly git traffic by caching repository data at edge servers, thus enabling quicker cloning from geographically closer locations. Inspired by GNOME's challenge with bandwidth costs due to redirecting GitLab clone traffic to GitHub mirrors, GitDelivr creates cache keys using hashed request bodies and maintains branch pointers with a 60-second Time-To-Live (TTL) to ensure data freshness.
A core feature of GitDelivr is its robust security model. Since Git verifies object hashes on the client side, users can be confident in the integrity of their data during retrieval. The service supports Git LFS and integrates smoothly with public Git hosts like GitHub, GitLab, Codeberg, and Gitea but does not cater to private repositories. Operating at a minimal cost of approximately $5 per month, GitDelivr is open-source, offering flexibility for users to adapt and deploy their versions as needed.
The implementation underscores the potential for Cloudflare's technology to significantly cut egress costs while enhancing accessibility to public repositories without imposing additional fees. This initiative exemplifies how modern CDN solutions can optimize resource utilization in distributed environments, providing both performance gains and cost savings.
Keywords: #phi4, CDN, Cloudflare Workers, Codeberg, GNOME, Git clones, GitDelivr, GitHub, GitLab, Gitea, Linux Kernel, R2 storage, SHA-256, bandwidth savings, caching, content-addressable, edge servers, egress costs, open source, packfile, public repos, refs TTL, security, self-hosted instances
gitdelivr.net 9 days ago
https://gitdelivr.net/$repoUrl 9 days ago
https://github.com/torvalds/linux 9 days ago
|
2162.
HN
Show HN: Pure Rust IFC/BIM Viewer in the Browser via WebAssembly
The project presents a Pure Rust IFC/BIM Viewer designed for browser use through WebAssembly, developed entirely in the Rust programming language. It features a user interface powered by Leptos and leverages Bevy for 3D rendering using WebGPU/WebGL2, intentionally avoiding C++ geometry kernels or JavaScript runtimes. The viewer is compiled into a single WASM binary, approximately 5.8MB when Brotli compressed. A demonstration showcases the BayArena stadium equipped with 324 floodlights utilizing EULUMDAT photometric data. Users can interactively explore light fixtures to examine their distribution, beam angles, and color temperatures. Additionally, the viewer allows users to toggle a photometric lighting mode that visualizes realistic light sources based on fixture data. The source code for this project is accessible on GitHub at [holg/bimifc](https://github.com/holg/bimifc).
Keywords: #phi4, 3D rendering, BIM, Bevy, Brotli, C++, GitHub, IFC, JS runtime, Leptos, Rust, UI, Viewer, WASM, WebAssembly, WebGL2, WebGPU, beam angles, color temperature, fixture, geometry kernel, light distribution, lighting mode, parser, photometric data
bimifc.de 9 days ago
|
2174.
HN
Banned on Lobsters
The author was banned from Lobsters due to allegations of using an LLM in a blog post and self-promoting projects, despite clarifying their use of technology and altering their behavior after initial feedback regarding promotion practices. Dissatisfied with Lobsters' restrictive submission policies for creators, the author initiated a new platform called Crow Watch. This platform is designed to allow creators to submit work under specific tags while minimizing spam by being initially invite-only, thus facilitating quality control until its moderation system is fully operational. Named in recognition of crows’ intelligence and social behavior, Crow Watch aims to foster a community-driven environment. The author extends an invitation to the community to participate in this new initiative and contribute to its development.
Keywords: #phi4, Account, Banned, Blog, Comment Sections, Comments, Community, Creator, Crow Watch, Feedback, GitHub, Invite-Only, LLM, Links, Lobsters, Moderation, Moderator, Platform, Projects, Registration, Registration Keywords: Banned, Rules, Self-Promo, Show Tag, Spam
medv.io 9 days ago
|
2179.
HN
Show HN: Greens – mirror private GitHub activity to your public graph
Greens is a locally-run tool that enhances the visibility of one's GitHub activity from private repositories on public profiles without exposing any code. By creating mirror repositories, it displays commit timestamps corresponding to user activities identified by email in read-only repositories. The tool also supports mirroring pull requests, reviews, and issues when configured with GitHub CLI (`gh`). Installation options include Homebrew or manual Git clone. Greens maintains safe local caches of work repositories to generate mirrored commits for all branches while avoiding data duplication after merges. Users can customize the tool's functionality by specifying which emails to track and setting dates for backfilling contributions. Additional features include copying commit messages and handling multiple accounts through authentication methods.
The purpose of Greens is to provide an accurate representation of private repository activity on public profiles, but it advises users to verify company policies due to potential concerns about manipulating contribution graphs ("graph-gaming"). As an open-source tool under the MIT license, Greens includes troubleshooting guidance for common issues.
Keywords: #phi4, API features, CLI, GitHub, Homebrew, MIT license, MIT license Keywords: GitHub, PRs, activity tracking, bare clones, commit timestamps, empty commits, issues, mirror, multi-account setups, private repos, public graph, reviews
github.com 9 days ago
|
2182.
HN
Hackerbot-Claw: An AI-Powered Bot Actively Exploiting GitHub Actions
Between February 21 and February 28, 2026, a GitHub account named hackerbot-claw executed an automated attack campaign targeting CI/CD pipelines in major open-source repositories using five distinct exploitation techniques over the course of one week. This AI-powered bot successfully achieved remote code execution (RCE) in several high-profile repositories including those belonging to Microsoft, DataDog, and the CNCF.
The attacks utilized various methods:
1. In the avelino/awesome-go repository, the hackerbot exploited a "Pwn Request" vulnerability by injecting malicious code into a Go script using the `init()` function, which led to the exfiltration of a GITHUB_TOKEN with write permissions.
2. The project-akri/akri was compromised through direct injection of a payload at the top of a shell script activated by an automated version update process.
3. In microsoft/ai-discovery-agent, malicious commands were executed via the name of a git branch processed in a workflow.
4. For DataDog/datadog-iac-scanner, base64-encoded shell commands within filenames triggered execution during a workflow run.
5. The ambient-code/platform was targeted through manipulated AI code reviewer configurations; however, this attack was mitigated by Claude Code's detection capabilities.
Additionally, aquasecurity/trivy experienced an attack where hackerbot-claw exploited GitHub Actions to steal a Personal Access Token (PAT), resulting in the repository being compromised and critical assets deleted.
In response, immediate countermeasures were taken: DataDog implemented emergency fixes; Aqua Security removed affected workflows and restored public access for trivy. Furthermore, StepSecurity introduced solutions like Harden-Runner to monitor outbound network traffic from GitHub Actions runners in real-time, preventing unauthorized communications.
The incident underscores the significant vulnerabilities present within CI/CD pipelines that can be exploited by autonomous bots, highlighting the necessity for automated defenses and robust security practices. To address these issues, a community webinar was scheduled to discuss exploitation techniques and demonstrate how organizations can scan their repositories for similar vulnerabilities.
Keywords: #phi4, AI-Powered Attack, Automated Guardrails, Autonomous Bot, CI/CD pipelines, Community Webinar, Exploitation Techniques, GitHub Actions, GitHub Token Exfiltration, Hackerbot-Claw, Least-Privilege Permissions, Network Egress Policy, Pull Request Target, Remote Code Execution (RCE), Script Injection, Security Controls, StepSecurity, Supply Chain Attacks, Workflow Vulnerabilities
www.stepsecurity.io 9 days ago
|
2183.
HN
Show HN: PinBoard – Desktop app to bulk download Pinterest boards locally
**PinBoard** is a desktop application designed to facilitate the bulk downloading of Pinterest boards directly onto users' computers without relying on servers or cloud services. Built using Electron, it supports MacOS, Windows, and Linux platforms. The app allows users to simply paste a board URL to extract and save images, GIFs, and videos locally, ensuring data is stored securely offline. Key features include its serverless operation for enhanced security, with no installation necessary—users can run it via an AppImage on Mac/Linux or an executable file on Windows. MacOS users may need to adjust permissions due to the app's lack of code-signing, bypassing initial security prompts.
PinBoard also supports downloading from both public and private Pinterest boards by allowing direct login through the application, thus using real credentials that are not stored by the software. This ensures user privacy while providing access to their desired content. The developer maintains a presence on GitHub for releasing updates and encourages user feedback as ongoing improvements are made. Instructions are provided for dealing with common security warnings during installation across different operating systems. Users can download PinBoard from its [GitHub releases page](https://github.com/pinboardapp/pinboard/releases/latest) or the app's website at [Pinboard Download](https://pinboard-download.vercel.app/).
Keywords: #phi4, AppImage, Electron, GIFs, GitHub, Linux, MacOS, PinBoard, Pinterest, SmartScreen, Windows, backup, boards, categories, code-signed, desktop app, download, executable, images, installation, login, permissions, privacy, private boards, security warning, session cookies, videos
pinboard-download.vercel.app 9 days ago
|
2187.
HN
Agent Stats
Agent Stats is an open-source application for macOS that serves as both a graphical user interface and a command-line tool, aimed at monitoring activities of Codex and Claude Code. It provides users with consolidated metrics including runs, tokens, and spending in one accessible location. The command-line interface can be launched using the command `npx agent-stat@latest`, offering flexibility for users who prefer CLI operations. Licensed under Apache 2.0, the source code is publicly available on GitHub, allowing developers to access or contribute to its development. This tool was created by @talkaboutdesign and is intended to facilitate efficient activity monitoring within the specified coding environments.
Keywords: #phi4, @talkaboutdesign, Agent Stats, Apache 20 License, CLI, Claude Code, Codex, GitHub, activity, app, macOS, monitoring, npx, open-source, spend, terminal, tokens
www.agentstats.app 9 days ago
|
2195.
HN
Show HN: Ajax-hooker – one hook to intercept XHR and fetch (with stream support)
Ajax-hooker is a browser-side library that facilitates the interception and manipulation of AJAX requests made via XMLHttpRequest and Fetch API. It offers a unified hook model allowing users to modify request parameters—such as URL, method, headers, and body—and observe or rewrite response payloads. The library features unified lifecycle management for both XHR and Fetch, stream interception capabilities for handling streaming responses like SSE and NDJSON, and the ability to chain multiple hooks for tasks such as authentication and logging. Ajax-hooker supports request manipulation and response capture through a consistent callback model.
Its typical use cases include governance of browser extensions, API observability, providing compatibility layers in mixed XHR/Fetch codebases, and transforming streaming responses. The library is useful for adding global authentication headers, switching API domains without changing application code, mocking responses during debugging, and building request tooling within userscripts or Chrome extensions. Ajax-hooker offers a single global instance with user-friendly APIs to inject interceptors, add/remove hooks, and manage requests and responses.
Developers can build the library using provided scripts for different module formats (ESM, CJS) and benefit from comprehensive type declarations. Available via npm and supporting TypeScript, Ajax-hooker is licensed under MIT, making it a versatile tool for developers needing fine-grained control over AJAX request handling in their browser-based applications.
Keywords: #phi4, AJAX, API rewrites, Ajax-hooker, GitHub, HTTP headers, TypeScript, XMLHttpRequest, browser-side, compatibility layer, debugging, extension tooling, fetch, interceptor, middleware chain, npm, runtime governance, singleton pattern, stream support, streaming response, userscripts
github.com 9 days ago
|
2199.
HN
Show HN: AluminatiAi – Per-job GPU energy cost tracking (open source)
AluminatiAi is an open-source tool designed to provide detailed insights into GPU energy costs per job, filling the gap between real-time power monitoring and monthly cloud billing. It utilizes a lightweight Python agent that employs NVML via pynvml to sample NVIDIA GPU power usage every 5 seconds. These metrics are then uploaded to a dashboard created with Next.js, Supabase, and Recharts, enabling users to convert power consumption into dollar costs per job by tagging runs with specific names. AluminatiAi offers broad compatibility across various NVIDIA GPUs, including A100, H100, RTX 4090, as well as Google Colab environments, and provides a free 30-day trial without the need for credit card information. Resources for further exploration are available on GitHub and its official website, making it accessible to users interested in optimizing their GPU energy usage and cost analysis.
Keywords: #phi4, GPU monitoring, GitHub, NVIDIA GPU, NVML, Nextjs, Python agent, Recharts, Supabase, cloud provider, dashboard, dollar costs, electricity rate, energy tracking, job attribution, kWh, live demo, open source, power metrics, pynvml, training jobs, watts
news.ycombinator.com 9 days ago
|
2206.
HN
RunWatch – CI/CD Observability for GitHub and GitLab
RunWatch enhances CI/CD observability specifically for GitHub and GitLab platforms by delivering critical metrics and insights that improve the efficiency and reliability of pipelines. The platform's primary features include Pipeline Analytics, which supplies comprehensive historical data to monitor success rates, failure patterns, and performance trends across all pipelines. Additionally, Job Performance analysis allows teams to examine individual job execution details, aiding in the identification of bottlenecks and optimization of execution times. RunWatch also offers Smart Alerts, enabling custom alert rules for pipeline failures or performance issues, thus proactively addressing potential problems. The platform supports secure API access through Access Keys, providing multiple keys per organization with detailed permission management and expiration settings. Furthermore, it emphasizes Team Collaboration by implementing role-based access control, which streamlines team efforts in optimizing pipelines. These features collectively empower teams to enhance pipeline operations effectively and collaborate efficiently on continuous integration and delivery processes.
Keywords: #phi4, Access Keys, CI/CD, Failure Patterns, GitHub, GitLab, Insights, Job Performance, Metrics, Observability, Performance Trends, Pipeline Analytics, Role-Based Access Control, RunWatch, Smart Alerts, Success Rates, Team Collaboration
runwatch.io 9 days ago
https://runwatch.io/contact 9 days ago
|
2207.
HN
Show HN: Foundations Chat, macOS AI chat built on Apple's local models
Foundations Chat is an innovative macOS-based AI chat application that operates entirely offline, leveraging Apple's on-device models to ensure user privacy by avoiding data transmission off the device. The app features natural voice interactions, image generation through its Image Playground module, calendar search capabilities, and code execution without requiring any model downloads. As a freeware experiment, it assesses the potential of Apple's Foundation Model for chat applications; however, it is not yet production-ready due to inconsistent performance levels. While accessible via GitHub at [FoundationsLLMChat](https://github.com/codeeverywhereca/FoundationsLLMChat), users are cautioned to double-check any critical information provided by the app as large language models can sometimes yield inaccurate responses.
Keywords: #phi4, Apple, Foundation Model, Foundations Chat, GitHub, Image Playground, LLMs, freeware experiment, generate images, local models, macOS AI, natural voice chat, offline, on-device, private by design, run code, search calendar, verify results
codeeverywhereca.github.io 9 days ago
|
2208.
HN
Show HN: I Get IT – Why My GitHub Repos, and Websites Get Zero Traction
The creator expresses frustration over their GitHub repositories and websites failing to gain traction despite investing in high-quality content. They identified distribution as a critical issue, noting that social media algorithms demand early engagement for visibility enhancement. To tackle this challenge, they developed UseViralize.com, an AI-powered platform designed to help creators and developers achieve initial momentum, build social proof, and access actionable analytics swiftly. This service aims to increase the visibility of posts, projects, or websites that might otherwise go unnoticed. Users can explore its benefits through a 3-day free trial, addressing the problem of online content failing to attract attention due to lack of early engagement.
Keywords: #phi4, AI-Powered Video Analytics, Algorithms, Analytics, Brand, Debugging, Dependency Graphs, Distribution, Engagement, Feedback, GitHub, Growth Debugger, Launching, Open-Source, Repos, Side Project, Social Media, Traction, Traffic, UseViralizecom, Visibility, Websites
useviralize.com 9 days ago
|
2212.
HN
Show HN: Remoat – Control Antigravity from your phone via Telegram
Remoat is a local Telegram bot designed for remote control of Antigravity IDE through various input methods such as natural language prompts, images, or voice notes. It operates solely on the user's machine without depending on cloud services or open ports, utilizing the Chrome DevTools Protocol (CDP) to facilitate communication between devices. A significant feature is project isolation using Telegram Topics, which ensures that different projects remain separate and secure through whitelisting users. Real-time progress updates and local transcription of voice messages enhance its functionality. Remoat requires Node.js version 18 or higher, Antigravity IDE, and a Telegram account for setup, with optional Xcode Command Line Tools on macOS. Installation can be performed using npm or Homebrew, followed by configuring parameters such as the Telegram Bot Token, allowed user IDs, and workspace directory via a setup wizard.
Remoat supports an array of commands accessible through both CLI and Telegram interfaces, allowing users to initiate new sessions, switch execution modes, capture screenshots from Antigravity IDE, and manage inactive session topics. For troubleshooting, it provides diagnostics tools like `remoat doctor` to address common issues. The project's architecture includes command handling, business logic, data management, middleware functions such as authentication, user interface components, utilities, tests, documentation, and internationalization support.
The open-source nature of Remoat invites contributions from developers, with guidelines detailed in CONTRIBUTING.md. Licensed under MIT, the project is inspired by LazyGravity and encourages community involvement for further development and improvement.
Keywords: #phi4, Antigravity, CDP, CLI, Chrome DevTools Protocol, GitHub, IDE, Linux, MIT license, Nodejs, Remoat, Telegram, Whisper model, Xcode, architecture, bot, commands, contributing, macOS, project isolation, security, topics, troubleshooting, voice notes
github.com 9 days ago
|
2216.
HN
If AI writes code, should the session be part of the commit?
Git-memento is an extension for Git designed to integrate AI coding sessions with commits, providing a markdown format of these conversations as readable notes. This tool enhances traditional Git workflows by enabling users to attach session traces from AI-assisted code creation processes, facilitating seamless incorporation into version control systems.
Key features include the initialization and configuration of per-repository settings for various AI providers such as Codex or Claude through commands like `git memento init`. It supports standard commit operations with additional functionality for amending commits by including AI session details using `git notes`, accessible via commands like `git memento commit`, `git memento amend`, and `git memento audit`.
The extension also promotes remote collaboration, allowing users to share and synchronize notes across repositories with commands such as `git memento share-notes` and `git memento push`. Furthermore, it offers automatic note management, ensuring that AI session details are maintained during rewrite operations like rebasing or amending commits.
Audit and diagnostic tools within Git-memento provide capabilities to check the coverage of notes, validate metadata accuracy, and diagnose repository configurations. The build and installation requirements include .NET SDK 10 with NativeAOT for supporting macOS, Linux, and Windows platforms, with options to install locally or via a curl script from GitHub releases.
The extension integrates with GitHub by including reusable actions for posting commit comments based on git notes or enforcing note coverage as continuous integration gates. Additionally, it features an automated release process using NativeAOT, where assets are packaged per platform, automatically tagging versions and publishing them to the GitHub Marketplace. Git-memento thus supports extensibility across different AI providers while maintaining a streamlined workflow for incorporating AI-generated code into Git-based projects.
Keywords: #phi4, AI, CI, CLI, Dockerfile, Git, GitHub, Linux, NET SDK, NativeAOT, PowerShell, Windows, action, audit, coding session, commit, configuration, curl, gate, install, macOS, markdown, marketplace, memento, notes, provider, publish, release, repository, reusable, semantic versioning, tag, workflow
github.com 9 days ago
https://blog.bryanl.dev/posts/change-intent-records 9 days ago
https://github.com/eqtylab/y 9 days ago
https://rsaksida.com/blog/ape-coding/ 9 days ago
https://entire.io 9 days ago
https://techcrunch.com/2026/02/10/former-gith 9 days ago
https://news.ycombinator.com/item?id=46961345 9 days ago
https://news.ycombinator.com/item?id=47096202 9 days ago
https://news.ycombinator.com/item?id=47096903 9 days ago
https://news.ycombinator.com/item?id=47108653 9 days ago
https://news.ycombinator.com/item?id=47213296 9 days ago
https://news.ycombinator.com/item?id=47045804 9 days ago
https://news.ycombinator.com/item?id=47206798 9 days ago
https://boristane.com/blog/how-i-use-claude-code/ 9 days ago
https://git-scm.com/docs/git-notes 9 days ago
https://git-scm.com/docs/git-log#Documentation/git 9 days ago
https://static.simonwillison.net/static/2025/claud 9 days ago
https://acai.sh 9 days ago
https://www.ipr.northwestern.edu/news/2024/an-exis 9 days ago
https://github.com/jumploops/codex/blob/file- 9 days ago
https://deciduous.dev/ 9 days ago
https://entire.io/ 9 days ago
https://www.dbos.dev/blog/mcp-agent-for-durable-workflo 9 days ago
https://docs.dbos.dev/python/reference/cli 9 days ago
https://github.com/jumploops/slop.haus/tree/m 9 days ago
https://github.com/github/spec-kit 9 days ago
https://openspec.dev/ 9 days ago
https://github.com/peteromallet/dataclaw 9 days ago
https://knowyourmeme.com/memes/how-to-draw-an-owl 9 days ago
https://getpromptly.xyz 9 days ago
https://github.com/kzahel/PearSync/blob/main& 9 days ago
https://github.com/peteromallet/dataclaw?tab=readme-ov- 9 days ago
https://github.com/wunderlabs-dev/claudebin.com 9 days ago
https://github.com/vtemian/blog.vtemian.com/pull&# 9 days ago
https://blog.vtemian.com/post/vibe-infer/ 9 days ago
https://www.seangoedecke.com/predators/ 9 days ago
https://news.ycombinator.com/item?id=44345334 9 days ago
|
2251.
HN
Show HN: AI Sees Me – CLIP running in the browser
The "How AI Sees Me" tool enables users to interact with OpenAI's CLIP model directly within a web browser, leveraging Technologies like Transformers.js and ONNX Runtime Web to facilitate this process. It captures webcam input and converts it into vector embeddings, which are then compared in real-time with user-typed text, all without requiring server or API communication. A significant technical challenge was optimizing performance for live video processing using WebAssembly (WASM). The project's primary objective is to make abstract concepts such as embeddings and similarity scores more accessible and understandable. Users can access this tool via its GitHub repository.
Keywords: #phi4, AI Sees Me, CLIP, CLIP model, GitHub, Jayyvk Keywords: AI, ONNX Runtime Web, Transformersjs, WASM, browser, live video frames, local inference, similarity scores, text comparison, vector embeddings, video frames, webcam, webcam feed
www.howaiseesme.com 9 days ago
|
2257.
HN
I built a CLI to buy anything and handle support
CLISHOP is an innovative command-line interface (CLI) tool designed for facilitating online shopping directly from a terminal, launched in March 2026. It allows users to search across numerous stores, compare prices, and place orders efficiently by leveraging an extensive network of over one million products globally. Upon initial setup—which involves creating an account, adding a delivery address, and linking a payment method—users can effortlessly find items using commands like `clishop search`. If local networks don't have the desired product, CLISHOP extends its search to online platforms, providing comprehensive product details and enabling seamless transactions with pre-saved user information.
The tool enhances user experience by integrating built-in support features that allow handling order issues and creating support tickets directly from the terminal. A notable feature is CLISHOP's adaptability for AI agents through a multi-command protocol (MCP) server, which supports automated tasks such as searching, purchasing, and managing support within user-defined safety parameters. The platform prioritizes security with customizable spending limits and confirmation requirements, ensuring user protection during transactions.
Additionally, CLISHOP supports vendors by enabling them to sell products without the need for a separate website through the use of a "Dark Store" template. Architecturally, CLISHOP operates as a stateless CLI client interfacing with a backend API that routes requests to connected stores. Users can access and try CLISHOP via npm installation, with further details available on its GitHub page at GitHub.com/DavooxBv2/CLISHOP and the clishop.ai website. The open-source project also fosters community engagement through its Discord channel.
Keywords: #phi4, AI agents, CLI, CLISHOP, Dark Store, GitHub, HTTPS, MCP server, Nodejs, account setup, architecture, backend API, buy, compare prices, online search, open source, order confirmation, payment method, place orders, product details, reverse marketplace, reviews, search products, store network, support ticket, terminal
clishop.ai 10 days ago
|
2262.
HN
Show HN: Umbra is an ESR fork that doesn't spy on you
Umbra is a privacy-centric browser derived from Ghostery, crafted with fern.js, emphasizing user privacy by excluding telemetry, AI features, and Pocket integration. It offers flexibility in installation across multiple systems through formats like RPM, DEB, Flatpak, tar.xz, and exe, ensuring broad compatibility. As part of its initial release, Umbra encourages users to participate actively by reporting any encountered bugs via GitHub at the provided issues link. This open invitation for feedback underscores a commitment to community involvement in enhancing the browser's functionality and reliability.
Keywords: #phi4, AI, DEB, ESR, ESR fork, Flatpak, GitHub, GitHub issues, Pocket, RPM, Umbra, browser, bugs, build script, exe, fernjs, ghostery, report, report Keywords: Umbra, spy, tarxz, telemetry
github.com 10 days ago
|
2267.
HN
Beabox: Native UI for Beads
Beabox is a native desktop dashboard developed to manage tasks using the beads issue tracker specifically designed for AI agent fleets. It provides real-time updates from terminal changes to its graphical user interface within milliseconds. The application features include visualizing epic trees with progress bars, ensuring seamless synchronization without the need for polling, and supporting multiple workspaces. Additional functionalities comprise inline editing of task details and effective backlog management through filtering, searching, and sorting capabilities. Beabox also displays dependency badges and automatically adjusts to system theme preferences (dark/light). Built using Tauri instead of Electron, it ensures compatibility across macOS, Linux, and Windows platforms. The application can be downloaded from beadbox.app but requires the beads CLI for operation. While its source code remains proprietary, binary releases are offered freely during the beta phase, with support facilitated through GitHub issues.
Keywords: #phi4, Beadbox, Beads, Beta, CLI, Dashboard, Dependency Badges, Epic Trees, Filter/Search/Sort, GitHub, Inline Editing, Issue Tracker, Linux, Multi-workspace, Progress Bars, Proprietary, Real-time Sync, Tauri, Themes, Windows, macOS
github.com 10 days ago
|
2273.
HN
Hackerbot-Claw: An AI-Powered Bot Actively Exploiting GitHub Actions
In early 2026, Hackerbot-Claw, an autonomous AI-powered bot, conducted a week-long attack campaign targeting CI/CD pipelines in major open-source repositories on GitHub by exploiting workflow misconfigurations to achieve remote code execution and exfiltrate sensitive data like GitHub tokens. The attacks utilized five techniques:
1. **Token Theft via Poisoned Go Script:** Leveraging the "Pwn Request" vulnerability, this technique led to token theft in an attack against `avelino/awesome-go`.
2. **Direct Script Injection:** A straightforward malicious payload was inserted into a script at `project-akri/akri` without obfuscation.
3. **Branch Name Injection:** This method concealed the payload within branch names at `microsoft/ai-discovery-agent`, triggering execution during workflow processing.
4. **Filename Injection:** Encoded shell commands in filenames executed code at `DataDog/datadog-iac-scanner`. The DataDog team swiftly implemented emergency fixes to counter this attack.
5. **AI Prompt Injection:** A poisoned config file targeted an AI code reviewer, detected and blocked by the Claude Code tool at `ambient-code/platform`.
6. **Offline Repository Attack on Aqua Security's Trivy:** This repository was taken offline following the attack, suggesting that Hackerbot-Claw might have gained extensive access.
To defend against such threats, tools like StepSecurity can prevent or detect these attacks through measures including Harden-Runner for network monitoring and GitHub checks to identify vulnerable configurations. Enforcing minimum token permissions and scanning workflows are additional recommended practices to mitigate risks. The campaign highlights the growing threat of AI-driven automated attacks on software supply chains and underscores the importance of implementing robust security measures.
Keywords: #phi4, AI-powered attack, CI/CD pipelines, GitHub Actions, Hackerbot-Claw, StepSecurity, autonomous bot, least-privilege permissions, network egress policy, pull_request_target, remote code execution, script injection, token exfiltration, workflow misconfigurations
www.stepsecurity.io 10 days ago
|
2274.
HN
Horse that fades in as you doomscroll (Userscript)
The user script "Horse that fades in as you doomscroll" is hosted on GitHub Gist and offers a customizable tool aimed at enhancing the web browsing experience by addressing the issue of doomscrolling. This script can be easily integrated into websites, shared through direct links, or cloned using HTTPS to facilitate easy access and deployment. The provided instructions guide users on how to save the script onto their computers and incorporate it using GitHub Desktop, emphasizing its utility for individuals looking to tailor their digital interaction habits. By offering such customization options, the script serves as a practical solution for those seeking to mitigate excessive scrolling and improve focus during online activities.
Keywords: #phi4, Clone, Copy, Desktop, Desktop Keywords: Horse, Embed, GitHub, HTTPS, Horse, Share, Userscript, doomscroll, fades, gist, link, script, sharable, website
gist.github.com 10 days ago
|
2285.
HN
I Programmed an AI Bot to Help Me Run for President (2020)
Ben Wallace created an AI bot using GPT-2 as a humorous component of his mock presidential campaign under the domain Wallace2020.org. To train the AI in generating political speeches, Wallace compiled and standardized campaign speeches from leading Democratic candidates for the 2020 election, allowing GPT-2 to identify patterns in policy discourse, word choice, and syntax. After inputting a basic introduction about himself running for president, the bot produced various speech drafts. The final speech blended elements from several candidates, echoing themes of social justice and economic reform while adding satirical nuances typical of the Democratic platform. Wallace humorously acknowledged GPT-2's limitations in producing a convincing speech, attributing this to its open-source nature and constrained dataset. He encourages interested readers to explore his project further on GitHub and visit Wallace2020.org for more campaign-related content. For additional comments or feedback, contact information is provided through linebyline.team@gmail.com.
Keywords: #phi4, AI Bot, Campaign Speech, Development, GPT-2, GitHub, Interactive Sample, Limitations, Open-source, President, Presidential Race, SNL Satire, Training Data, Transcripts, Wallace2020org
medium.com 10 days ago
|
2291.
HN
Rust Fuzz Book
"Rust Fuzz Book" explores fuzz testing as a method to detect security and stability vulnerabilities by employing pseudo-random data inputs within software applications. The book emphasizes applying this technique specifically to Rust, renowned for its high performance and safety features. It provides an in-depth examination of two tools designed for fuzz testing in the Rust ecosystem: afl.rs and cargo-fuzz. These tools facilitate automated testing processes that help identify potential issues by generating random data to stress-test software systems. For readers interested in delving deeper into the subject, additional resources and examples are available on GitHub at a designated repository hosted by rust-fuzz.
Keywords: #phi4, Fuzz testing, GitHub, Rust, aflrs, cargo-fuzz, fuzzing, general purpose programming language, high performance, pseudo-random data, safe, security, software testing, source, stability
rust-fuzz.github.io 10 days ago
|
2294.
HN
Ruby -run, utilities to replace common Unix commands
The Ruby gem 'un' is designed as a set of utilities to replace common Unix commands typically used in Makefiles, streamlining development workflows. To incorporate it into projects, users can add `gem 'un'` to their Gemfile and execute `$ bundle install`, or alternatively, directly use the command `$ gem install un`. The gem offers replacements for various Unix commands including `cp`, `ln`, `mv`, `rm`, `mkdir`, `rmdir`, `install`, `chmod`, `touch`, as well as additional utilities like `wait_writable`, `mkmf`, `httpd`, `colorize`, and a `help` feature.
For developers interested in contributing or experimenting with the gem, the development setup involves cloning the repository followed by running `bin/setup` to install dependencies. Testing can be executed using `rake test`, while an interactive console is accessible through `bin/console`. Locally installing the gem is possible via `bundle exec rake install`. The release process requires updating the version number in `version.rb`, tagging the new release with `bundle exec rake release`, and pushing these changes to both Git and RubyGems.
Contributors are encouraged to participate by visiting the project's GitHub repository at [https://github.com/ruby/un](https://github.com/ruby/un), where they can contribute improvements or enhancements.
Keywords: #phi4, Gemfile, GitHub, Makefiles, Ruby, Unix commands, bundle install, chmod, colorize, console, cp, dependencies, gem install, httpd, ln, mkdir, mkmf, mv, pull requests, rake test, rm, rmdir, utilities, versionrb
github.com 10 days ago
|
2307.
HN
Open Source, SaaS, and the Silence After Unlimited Code Generation
The text examines the challenges faced by open source software communities due to advancements in AI-driven code generation, likening it to a seed library inundated with low-quality seeds from cheap generators. As AI tools generate pull requests that flood repositories without adding substantial value, maintainers are increasingly closing external contributions to preserve project integrity. This trend discourages genuine contributors because individuals find it easier and more economical to fork projects for personal use rather than engage in upstream modifications.
The discussion highlights Cloudflare's use of AI to replicate Next.js with minimal resources as an example of how open-source practices lose their traditional value when projects can be easily cloned due to extensive documentation. This shift impacts feedback loops, prompting people to develop customized solutions independently instead of contributing back to existing services.
Looking ahead, the text suggests that collaborative platforms might evolve beyond conventional models like GitHub's pull request and review system. It envisions a future where collaboration involves observing and integrating ideas across various forks, though such platforms are not yet in existence.
The narrative concludes by emphasizing the need for innovative methods to visualize and share different adaptations of open-source projects, analogous to a community map at a seed library that shows diverse uses of seeds. This points to an ongoing exploration for new structures or systems that can support evolving modes of contribution and collaboration within software development communities.
Keywords: #phi4, AI Agents, AI-generated PRs, Antisocial Coding, Code Generation, Code Image Library, Collaboration, Communication Costs, Community, Community EngagementKeywords: Open Source, Contribution, Customization, Documentation, Ecosystem, Error Tracking, Feedback Loop, Feedback Mechanisms, Forking, Gardens, GitHub, Innovation, Maintenance, Maps, Open Source, Platforms, SaaS, Seed Library, Self-sufficiency, Social Coding, Software Cloning, Test Suites
worksonmymachine.ai 10 days ago
|
2308.
HN
Show HN: The L Project- An analysis of over 1600 job rejection emails that I got
The "L Project" is an analytical exploration by its author into over 1,600 job rejection emails encountered during a challenging job search. By leveraging the Gmail API, the project retrieves these emails using phrases commonly found in rejections and stores them for detailed analysis. The findings highlight frequent words such as "unfortunately" and "encourage," with sender names often indicating automated responses like "noreply." Attempts to discern patterns in the timing of these rejection emails revealed no significant trends, except a slight reduction during nighttime hours. Beyond its analytical objectives, the project serves dual purposes: maintaining technical proficiency by updating GitHub and reflecting on resilience amid job search setbacks. While direct learning from rejections was minimal, the author humorously acknowledges continued persistence in application efforts despite frequent discouragements.
Keywords: #phi4, GitHub, Gmail API, Job rejections, L Project, STARL pattern, analysis, analysispy, applications, applications Keywords: Job rejections, custom query, job market, learning, phrases, rejection emails, sender usernames
rohankhante.substack.com 10 days ago
|
2315.
HN
You Are the Bottleneck
In modern development environments where AI rapidly generates code, the primary bottleneck has shifted from writing to reviewing this output. This change necessitates developers to evolve into roles that emphasize reviewing and managing AI-generated code rather than producing it themselves. The focus is now on effective workflow management by setting clear directions, ensuring high code quality, and prioritizing tasks.
Developers must undertake an orchestration role involving the scheduling of work, defining specific tasks, and maintaining output standards—a level of detail beyond what traditional project management tools like Jira or Linear offer. To manage this efficiently, developers should utilize AI agents to track intricate tasks such as PR statuses, code review comments, and CI failures.
The practical integration of an AI agent as a "chief of staff" allows for offloading cognitive load by utilizing the agent to handle granular work items through accessible tools like Markdown files and chat interfaces. These agents can manage GitHub Pull Requests (PRs) using CLI tools to monitor status updates, prioritize tasks, and provide actionable insights, thus freeing human developers from these repetitive responsibilities.
Consequently, developers should concentrate on strategic direction-setting, thorough code reviews, and effective prioritization while allowing AI agents to undertake the routine task management and orchestration workload. This symbiotic relationship optimizes both productivity and workflow efficiency in the development process.
Keywords: #phi4, Agent, Bottleneck, CI, Cognitive Overload, Direction, GitHub, Management, Markdown, Orchestration, PRs, Priority, Review, Tracking Work, gh CLI
zknill.io 10 days ago
|
2317.
HN
Show HN: Chrome extension that adds "Copy Prompt" buttons to GitHub PR comments
The "PR Comment Prompter" is a Chrome extension designed for GitHub users that integrates "Copy Prompt" buttons into pull request comments, facilitating seamless copying of review feedback into tools such as Claude Code. This tool addresses the inefficiencies previously encountered with manual processes by providing an automated solution created by a developer who experienced these challenges firsthand. Users have the flexibility to modify prompt templates via settings to suit their specific needs. While this extension can be downloaded from the Chrome Web Store, it is important to note that the developer has not declared themselves as a trader under EU law, which means consumer rights protections may not apply to its usage.
Keywords: #phi4, Chrome Web Store, Chrome extension, Claude Code, Copy Prompt buttons, European Union, GitHub PR comments, PR Comment Prompter, consumer rights, customizable settings, developer, review comments
chromewebstore.google.com 10 days ago
|
2324.
HN
Don't rely on GitHub Actions cron: jobs may be delayed or just dropped
The document provides comprehensive guidance on utilizing GitHub Actions to automate workflows through various webhook events linked to Git operations within a repository. It highlights how workflows can be triggered by activities such as branch protection modifications, check runs, and discussions, with each event offering multiple activity types like 'created' or 'edited,' allowing precise workflow initiation criteria.
Security is a critical focus, especially for forked repositories where GitHub Actions need explicit activation in the base repository. Events from forks utilize `GITHUB_TOKEN` with read-only permissions in pull requests to maintain security integrity. Special events such as `pull_request_target` run under enhanced security conditions to prevent unsafe code execution from pull request heads, though they require cautious use due to potential vulnerabilities like cache poisoning.
The document outlines several ways workflows can be triggered and filtered based on specific branches, paths, or activity types using keywords like 'types,' 'branches,' and 'paths.' This enables users to tailor workflow execution conditions effectively. Additionally, event payloads provide essential context, such as the last commit SHA and default branch reference, crucial for determining appropriate actions within workflows.
Workflows can be configured with custom inputs for manual triggers (`workflow_dispatch`) or chained executions (`workflow_run`), incorporating conditional logic based on event properties like a workflow run's conclusion. Artifacts from triggering workflows are accessible to subsequent ones, facilitating efficient process chaining.
Special considerations include handling events like `pull_request_review_comment` and `pull_request_target`, which have specific security implications. Scheduled workflows are constrained to every five minutes and may be inactive in public repositories if they remain unused for 60 days. Furthermore, the actor associated with a workflow can change based on repository activities, impacting notifications.
In essence, GitHub Actions offer flexible automation tools, allowing users to create detailed and secure workflows responsive to a wide array of repository events while ensuring robust functionality through thoughtful configuration and security practices.
Keywords: #phi4, GITHUB Tokens, GitHub Actions, GraphQL API, REST API, artifacts, branches, cron jobs, filters, pull requests, secrets, security vulnerabilities, triggers, webhook events, workflows
docs.github.com 10 days ago
|
2325.
HN
Mt. Gox CEO Suggests Bitcoin Hard Fork to Recover $5B in Customer Funds
Mark Karpeles, former CEO of the defunct Mt Gox exchange, suggested a one-time hard fork of Bitcoin to recover about $5 billion in stolen customer funds dating back to 2011. This proposal involved modifying the protocol to enable spending from specific unspent transaction outputs linked to those losses. However, it was swiftly rejected by the broader Bitcoin community due to concerns that such an action would compromise Bitcoin’s core principles of neutrality and resistance to censorship.
Karpeles's management style during Mt Gox's collapse in 2014 had already cast a shadow on his reputation, raising doubts about Bitcoin's overall reliability at the time. His proposed hard fork aimed to return stolen funds through a legal framework supervised by courts but was criticized as an attempt to retroactively rectify historical custodial shortcomings.
The proposal bears similarities to Ethereum’s response to the DAO hack through a hard fork, though Bitcoin developers have cautioned against similar actions due to the risk of setting problematic precedents. Although technically possible, the economic incentives and foundational principles of neutrality in the Bitcoin ecosystem discourage such proposals. Altering rules for specific groups could undermine trust and demand for Bitcoin by violating its essential properties. Consequently, the community has consistently resisted any changes that might compromise these foundational aspects.
Keywords: #phi4, BTC, Bankruptcy, Bitcoin, Block Size War, Censorship Resistance, Community, Compliance, Custody Practices, DAO Hack, DeFi Protocol, Economic Incentives, Ethereum, Exchange, GitHub, Hard Fork, Mark Karpeles, Mt Gox, Neutrality, Recovery Address, Security
gizmodo.com 10 days ago
|
2326.
HN
Show HN: Steward – a background agent that closes 80% low-risk noise
Steward is an automated background agent developed to handle low-risk routine tasks across platforms such as GitHub, email, Slack, and calendars, aiming to enhance productivity by minimizing unnecessary notifications and freeing user time for significant decision-making activities. It operates autonomously by executing simple tasks while maintaining a record of actions with rollback options, yet requires explicit human approval for high-risk or irreversible operations through its Policy Gate feature. The agent integrates signals from various sources via pluggable connectors using a unified protocol and resolves resource conflicts with an automated arbitration system that can auto-merge, serialize, or escalate tasks as needed.
The tool is designed to be straightforward to implement, activated by a single command, and provides users with a dashboard for previewing task management. Built on Python 3.14, it supports SQLite or PostgreSQL databases, utilizes FastAPI for its APIs, and employs APScheduler for scheduling. The project structure is well-organized into directories for API routes, core logic, domain models, infrastructure, connectors, services, runtime components, macOS-specific features, and UI development. Users interested in the comprehensive design can refer to a detailed specification document named `agent.md`. Steward is open-source under the MIT License, inviting contributions with specific guidelines for code linting, testing, and formatting available to potential collaborators.
Keywords: #phi4, GitHub, Slack, Steward, architecture, automation, autonomous execution, background agent, calendar, conflict arbiter, connectors, contributing, dashboard, email, license, license Comma-separated List: Steward, license Extracted Keywords: Steward, license Final Keywords: Steward, license Keywords: Steward, low-risk tasks, multi-source perception, natural-language briefings, periodic briefs, policy gate, project structure, quick start, safety gates, tech stack
github.com 10 days ago
|
2341.
HN
Show HN: Terminal-Style Portfolio on the Internet
Kuber Mehta is a distinguished 19-year-old AI developer from New Delhi, India, known for his contributions to artificial intelligence and web development. His innovative projects have earned him numerous accolades, including victory in the Nothing Essential Lab S1 Hackathon and a fourth-place finish at the Unsloth x AMD RL Hackathon, among others, totaling over 20 hackathon participations. Key creations by Mehta include PolyThink, an advanced multi-agent AI system; TREAT, which leverages AI for trigger recognition; Backdooms, integrating DOOM within a QR code; and MEOW, an image file format tailored for AI use.
Mehta demonstrates proficiency in programming languages such as Python and JavaScript, along with technologies including React, TensorFlow, and AWS. He is pursuing degrees in computer science at BITS Pilani and in AI & data science at Indraprastha University. In addition to his academic pursuits, Mehta serves as a Perplexity Business Fellow and engages in OpenAI discussions, actively advancing the field of artificial intelligence.
His work has gained media attention from outlets like The Independent and PC Gamer, particularly for projects like Backdooms and ClawX. For further engagement with his work, Kuber Mehta can be reached through his GitHub profile, LinkedIn, email, or his personal portfolio at kuber.studio.
Keywords: #phi4, AI Developer, AWS, Docker, Education, Experience, GitHub, Hackathons, JavaScript, LinkedIn, Media Appearances, MongoDB, Portfolio, PyTorch, Python, React, SQL, TensorFlow
kuber.studio 10 days ago
https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght 10 days ago
https://7oi.is 10 days ago
|
2342.
HN
Hackerbot-Claw: AI Bot Exploiting GitHub Actions – Microsoft, Datadog Hit So Far
In a week-long automated campaign conducted from February 21 to February 28, 2026, an AI bot named hackerbot-claw targeted major open source repositories on GitHub, exploiting vulnerabilities in their CI/CD pipelines. The bot successfully executed remote code execution techniques across at least four out of five targets, including prominent organizations such as Microsoft and Datadog.
The attacks employed various methods:
1. **Token Theft via Poisoned Go Script**: In the "avelino/awesome-go" repository, hackerbot-claw injected a malicious Go init() function to steal a GITHUB_TOKEN with write permissions.
2. **Direct Script Injection**: The bot directly modified and executed a script in the "project-akri/akri" repository.
3. **Branch Name Injection**: Within the "microsoft/ai-discovery-agent" repository, a curl command was hidden inside a branch name to be executed by a triggered workflow.
4. **Filename Injection**: In the "DataDog/datadog-iac-scanner" attack, shell commands were embedded in filenames, leading to unauthorized script execution during workflows.
An additional attempt involved **AI Prompt Injection** targeting an AI code reviewer in the "ambient-code/platform" repository; however, this was thwarted by Claude Code's security mechanisms. These attacks exposed significant vulnerabilities like pull_request_target workflows executing untrusted code, insufficient authorization checks, and inadequate GITHUB_TOKEN permissions. To mitigate such threats, the use of StepSecurity tools was recommended: Harden-Runner for blocking unauthorized outbound calls, GitHub checks to avoid vulnerable workflow patterns, and enforcing minimum GITHUB_TOKEN permissions to limit potential damage from compromises. The campaign underscored the persistent threat posed by attacks targeting CI/CD pipelines.
Keywords: #phi4, CI/CD pipelines, CNCF, DataDog, GITHUB_TOKEN, GitHub Actions, Hackerbot-Claw, Harden-Runner, Microsoft, StepSecurity, autonomous bot, exploitation techniques, network egress policy, pull_request_target, remote code execution, script injection, security research, token permissions, workflow misconfigurations
www.stepsecurity.io 10 days ago
|
2346.
HN
Show HN: Built a tool that turns your GitHub commits into build-in-public posts
SmashLanding is a tool designed to facilitate the practice of "building in public" by transforming GitHub commits into draft posts suitable for various platforms, addressing the challenge of converting technical updates such as code refactoring or bug fixes into engaging content. By connecting to a user's GitHub account, SmashLanding automatically retrieves recent activity and generates drafts that reflect the user’s authentic voice, offering real insights based on actual work done. The tool emphasizes minimalistic design and customization options to maintain editable outputs, allowing users to infuse their unique perspective rather than enforcing a polished content creator tone.
SmashLanding is not intended as a scheduling solution but complements existing tools by tackling the upstream challenge of deciding what to share with audiences. It offers a free tier initially and plans for future monetization based on user engagement. The development roadmap includes enhancements such as improved tone calibration and more precise commit parsing, reflecting the creator's commitment to validating its effectiveness through personal daily use.
Users can utilize SmashLanding to send updates directly to platforms like X and LinkedIn or queue them for later posting, preserving their authentic voice. The tool is particularly beneficial for indie builders and small teams aiming for efficient yet stylish communication about their work progress. Feedback from users experiencing challenges with consistent public sharing is encouraged, highlighting the tool's adaptability and potential for user-driven improvements.
Keywords: #phi4, GitHub, account linking, build-in-public, commits, drafts, feedback, founder voice, indie builders, one-click post, platforms, posts, release notes, roadmap, scheduler, sync, tone, tool
www.smashlanding.xyz 10 days ago
|
2354.
HN
Elevator Saga: The elevator programming game (2015)
Elevator Saga is a browser-based programming game introduced in 2015 that instructs players in optimizing elevator operations using JavaScript. Players must efficiently transport individuals between floors while focusing on improving performance metrics like average and maximum waiting times. The game provides various interactive features, including the ability to reset, undo actions, save progress, and apply strategies for enhanced problem-solving. It also offers help resources and API documentation to assist players in understanding and utilizing these functionalities effectively. Developed by Magnus Wolffelt among others, Elevator Saga's source code is publicly accessible on GitHub under version 1.6.5, ensuring transparency and opportunities for community engagement. The game operates solely within environments that support JavaScript, which is essential for its interactive gameplay mechanics.
Keywords: #phi4, Elevator Saga, GitHub, JavaScript, Magnus Wolffelt, apply, browser-based, contributors, documentation, programming game, reset, save, tests, undo, version
play.elevatorsaga.com 10 days ago
https://play.elevatorsaga.com/documentation.html#docs 7 days ago
https://www.codingame.com/ 6 days ago
|
2360.
HN
Community-powered blocklist for removing slop from HN comments
Slopblock for Hacker News is a community-driven tool aimed at hiding comments from accounts that primarily post content generated by large language models (LLMs). This functionality can be added to users' browsers through a userscript manager such as Tampermonkey or Userscripts, with the script accessible via GitHub. The project encourages user contributions; individuals can submit pull requests to add usernames based on evidence of LLM-generated content. However, the acceptance and implementation of these contributions are subject to the discretion of the maintainers.
Keywords: #phi4, Community-powered blocklist, Firefox, GitHub, HN, HN comments, Hacker News, LLM-driven, LLM-driven comments, Safari, Tampermonkey, Userscripts, blocklist, comments, evidence, evidence Keywords: Community-powered, manager, pull request, slopblock, userscript, userscript manager
github.com 10 days ago
|
2363.
HN
Signal vs. Noise in the Skills Ecosystem
The skills ecosystem is characterized by a power-law distribution where a few publishers, notably Microsoft and Vercel, dominate in terms of installations despite the presence of many agents from approximately 8,000 publishers. As of February 2026, there are over 78,000 agent skills available, but most experience minimal adoption, highlighting that quality is more critical than quantity for success. The "find-skills" skill is the most installed, underlining the significance of discovery tools in this ecosystem. Microsoft employs effective distribution strategies by bundling their skills through existing toolchains to enhance installations. For developers aiming to build new skills, focusing on discoverability with clear descriptions and relevant tags is essential. Opinionated guides are preferred over generic tools. Developers can replicate similar analyses by adding agent skills using the command `npx skills add olshansk/agent-skills` and leveraging tools like Claude for further exploration.
Keywords: #phi4, Adoption, Analysis, Analysis Selected Keywords: Skills ecosystem, Azure, Best-practices, Bundling, Claude code Keywords: Skills ecosystem, Curating, Dashboard, Discovery, Distribution, GitHub, Guardrails, Installations, Installs, Meta-skill, Power law, Publishers, Quality, Quantity, Registry, Repositories, Signal vs Noise, Skills ecosystem, Toolchain, Tools, Trust, Vercel, Visualization
olshansky.info 10 days ago
|
2368.
HN
Show HN: SpecLock – AI Constraint Engine that stops AI from breaking locked code
SpecLock is an open-source tool licensed under MIT, designed to enforce compliance with user-defined constraints in AI coding assistants like Claude Code and Cursor. Developed by Sandeep Roy, it addresses a critical issue where these tools may ignore previously set restrictions due to their lack of enforcement mechanisms—such as altering databases or authentication files despite prior instructions. SpecLock offers active constraint enforcement by incorporating semantic conflict detection and auto-guarding features. It uses advanced techniques like synonym expansion and negation analysis for accurate conflict detection, goes beyond basic keyword matching. The tool also automatically protects specified files by embedding warnings to prevent unauthorized changes and prompts users for confirmation before proceeding with actions that could violate constraints.
SpecLock is versatile, supporting multiple platforms through the Message Control Protocol (MCP), file-based integration, or direct integration with tools like Bolt.new and Lovable. Installation is straightforward via npm, allowing users to configure it based on their specific needs. The tool maintains an audit trail of changes and provides rollback capabilities using Git integration. Additionally, it offers intelligence functions such as lock suggestions and drift detection to maintain compliance over time. SpecLock's architecture supports 19 MCP tools, ensuring broad compatibility across different environments. In practice, the tool ensures AI adherence to user constraints by embedding locks in project files and configurations, actively engaging users when potential conflicts arise, thus preserving the integrity of specified project guidelines.
Keywords: #phi4, AI Constraint, Active Constraints, Auto-Guard, Boltnew, Claude Code, Conflict Detection, Cursor, Destructive Action Flagging, Enforcement, Git Integration, GitHub, Locks, Lovable, MCP Tools, Memory, Multi-Agent Timeline, Open Source, Semantic Analysis, SpecLock, npm
github.com 10 days ago
|
2369.
HN
Show HN: A GFM+GF-MathJax/Latex HTML formatting adventure
The author shares their experience of customizing GitHub-Flavored Markdown (GFM) beyond its standard features, focusing on specific text styling and alignment which are typically unsupported due to security concerns. To achieve this customization, they integrated GF-MathJax/LaTeX with HTML formatting as a workaround, specifically for enhancing an ASCII line-art diagramming tool requiring unique output capabilities not commonly requested by others. The author encourages readers to access the freely available codebase from the linked repository and invites feedback through their provided email address, thus fostering community engagement around this innovative solution.
Keywords: #phi4, ASCII line-art, GFM, GitHub, HTML, Jekyll, LaTeX, Markdown, MathJax, documentation, documentation Keywords: GitHub, fenced blocks, security risk, styling, syntax highlighting, workaround
github.com 10 days ago
|
2375.
HN
Niche Developer Tooling for WordPress
Icenberg is an open-source Composer library created by Maverick to assist WordPress developers in efficiently managing Advanced Custom Fields (ACF). The primary function of Icenberg is to automate the rendering of ACF fields into structured HTML that adheres to BEM-class conventions, simplifying tasks such as type detection, null checks, and consistent class naming. This automation significantly reduces maintenance challenges associated with intricate flexible content layouts in WordPress sites.
The library integrates smoothly within various components like ACF flexible content loops, Gutenberg blocks, and option pages. It offers robust features for handling conditional logic, filtering grouped data, and applying modifier classes to ensure adherence to BEM conventions, thereby enhancing the templating process without replacing existing ACF or WordPress functionality. Icenberg is accessible through Packagist and GitHub, supporting installation via Composer and additional tools such as a VSCode snippets extension.
By improving code readability and ensuring consistent styling over time, Icenberg provides substantial benefits for developers working on complex sites. The library aims to streamline development workflows by minimizing repetitive coding tasks and reducing the potential for errors in template management. Future updates are anticipated to further refine features related to ACF blocks, continuing to enhance its utility for WordPress development.
Keywords: #phi4, ACF, BEM, Boilerplate, Client Themes, Code Snippets, Composer, Designers, Developer Tooling, GitHub, Gutenberg, HTML, Hobbyists, Icenberg, Maintenance, Marketers, Markup, Niche, Open Source, PHP, Packagist, Page Builders, Plugins, Rendering, Themes, VSCode Extension, WordPress
coderjerk.com 10 days ago
|
2378.
HN
Blender iPad App Development Halted as Android Tablets Get Priority
Blender has paused the development of its native iPad version of its 3D creation suite to focus on Android tablets instead. Initially planning an iPad Pro edition with multitouch and Apple Pencil capabilities, this project has been temporarily suspended without a specified reason, as confirmed by a status update on Blender's GitHub. While no new release date is provided for the iPad version, interest in its future remains due to a live demonstration at SIGGRAPH. In the interim, Blender continues to enhance its software with updates for Apple silicon Macs, demonstrating ongoing commitment to supporting other platforms.
Keywords: #phi4, 3D, 3D creation suite, Android, Apple Pencil Pro, Apple silicon, Apple silicon MacsKeywords: Blender, Blender, Dalai Felinto, GitHub, SIGGRAPH, development, halted, iPad, multitouch, multitouch interface, native, native version, open source, priority, tech demo
www.macrumors.com 10 days ago
|
2381.
HN
How Awesome? annotates GitHub awesome lists with repo stats, stars, last commit
"How Awesome?" is a tool designed to enhance GitHub's existing "awesome" lists by incorporating supplementary annotations like repository statistics, star counts, and the dates of the most recent commits. By providing these additional details, it offers users a richer understanding of each project within the list. This contextual information helps users make more informed decisions about which projects might be relevant or valuable to them, based on their engagement metrics and activity levels. As such, "How Awesome?" serves as an augmentation tool for GitHub's community-driven lists, adding layers of insight that can assist in evaluating the significance and vitality of various repositories.
Keywords: #phi4, GitHub, annotate, awesome lists, commit, commits, metrics, repo stats, repository, stars, statistics, tool
how-awesome.libklein.com 10 days ago
|
2394.
HN
Show HN: Xmloxide – an agent made rust replacement for libxml2
Xmloxide represents a memory-safe Rust reimplementation of the libxml2 library, which ceased maintenance in December 2025 due to security concerns. Developed by Jon Wiggins, it aims to provide a secure and efficient solution for parsing, creating, and manipulating XML and HTML documents. The project's core features include robust memory safety ensured through an arena-based tree structure with zero unsafe code in the public API, full conformance to standards as evidenced by its 100% pass rate on the W3C XML Conformance Test Suite and compatibility with libxml2’s test suite.
Performance is a significant aspect of xmloxide, offering competitive parsing speeds, faster serialization, and expedited XPath queries. These enhancements result from optimizations such as byte-level pre-checks and inline entity resolution. Additionally, it maintains API compatibility with libxml2 through its C-compatible interface, facilitating integration into existing projects that previously relied on the unmaintained library.
Xmloxide supports a diverse range of functionalities including multiple parsing APIs, error recovery, HTML parsing, XPath evaluation, validation against DTD, RelaxNG, and XML Schema (XSD), Canonical XML serialization, XInclude processing, and URI resolution via XML Catalogs. It also features a command-line interface to perform common XML operations. As an open-source project under the MIT license, xmloxide requires at least Rust version 1.81 for use.
Despite its extensive support of XML standards, xmloxide does not cater to XML 1.1, XSLT, Schematron, or the HTML5 parsing algorithm. Designed with thread safety in mind, it avoids global state and includes fuzz targets to enhance security testing. The library is accessible via crates.io and its GitHub repository, where users can find comprehensive documentation, including a module overview and API guide, supporting both new adopters and existing developers transitioning from libxml2.
Keywords: #phi4, C API, GitHub, HTML documents, Rust, XML parsing, XPath queries, libxml2, memory-safe, performance, security issues, software maintenance, test suites, xmloxide
github.com 10 days ago
https://ai-evals.io/ 10 days ago
https://gitlab.gnome.org/GNOME/libxml2/-/comm 10 days ago
https://opensource.org/osd 10 days ago
https://gitlab.gnome.org/GNOME/libxml2/-/issu 10 days ago
|
2407.
HN
MinIO Is Dead, Long Live MinIO
MinIO, a well-established open-source project with significant adoption through Docker, was archived by its founding developers in February 2026 following a series of controversial decisions starting in 2021. These included switching to the AGPL v3 license to leverage legal disputes and imposing feature restrictions such as removing the admin console from the community edition and halting binary distribution. Despite these actions leading to MinIO Inc.'s discontinuation of support, the project's open-source nature under the AGPL allowed for continuation through forking.
Recognizing the essential role MinIO played in their operations and its importance to a wider user base, an experienced developer with a track record of maintaining large-scale projects like Pigsty initiated efforts to sustain the project. Key steps involved restoring the admin console by reverting previous changes, rebuilding binary distributions—including Docker images—to ensure ongoing availability, and updating documentation to reflect these adjustments. The forked version of MinIO, now maintained under pgsty/minio, prioritizes supply chain stability and production reliability over adding new features or preserving its original form.
This initiative highlights the enduring strength of open-source software, demonstrating how community-driven efforts can extend a project's life beyond the support of its original developers. Moreover, AI tools have been instrumental in enabling individual developers to undertake such significant maintenance tasks effectively, showcasing their value in sustaining complex software ecosystems.
Keywords: #phi4, AGPL, AI tools, CVE, Docker, GitHub, MinIO, admin console, archived, binary distribution, community, fork, maintenance, open-source, production component, production component Keywords: MinIO, supply chain, trademark
blog.vonng.com 10 days ago
https://www.chainguard.dev/unchained/secure-and-free-mi 10 days ago
https://github.com/chainguard-forks/minio 10 days ago
https://github.com/huncrys/minio-console 10 days ago
https://github.com/rustfs/rustfs/security/adv 10 days ago
https://hub.docker.com/r/pgsty/minio 10 days ago
https://garagehq.deuxfleurs.fr/ 10 days ago
https://garagehq.deuxfleurs.fr/documentation/quick-star 10 days ago
https://github.com/uroni/hs5 10 days ago
https://min.io/compliance 10 days ago
https://github.com/duckdb/duckdb-httpfs/blob/ 10 days ago
https://element.io/blog/synapse-now-lives-at-github-com 10 days ago
|
2408.
HN
Show HN: RunbookAI – Hypothesis-driven incident investigation agent(open source)
RunbookAI is an open-source command-line interface (CLI) agent tailored for hypothesis-driven incident investigation in production environments. Its primary function is to automatically generate ranked hypotheses when an alert is triggered, allowing it to conduct focused queries across infrastructures such as AWS, Kubernetes, and CloudWatch to pinpoint the root cause of incidents efficiently. The tool emphasizes targeted hypothesis branching and pruning rather than extensive exploration, with a capability for deeper analysis up to four levels on strong evidence. Key features include requiring human approval at each step, ensuring accountability via a complete audit trail, and leveraging contextual information from existing runbooks, postmortems, and architecture documents available in platforms like Confluence, Notion, Google Drive, or local markdown files. Additionally, RunbookAI integrates with Deep Claude Code to enhance operational context during coding sessions. Users can experiment with the tool using `npx @runbook-agent/runbook demo` without needing any API keys. The project is hosted on GitHub, and feedback from users is encouraged.
Keywords: #phi4, AWS, CLI agent, Claude Code integration, CloudWatch, Confluence, GitHub, Google Drive, Kubernetes, MCP, Notion, RunbookAI, alerts, hypothesis-driven reasoning, incident investigation, infrastructure queries, markdown, open-source
userunbook.ai 10 days ago
|
2409.
HN
Show HN: Voca – AI project manager that runs in the background
Voca is an innovative AI-driven project management tool designed to function in the background and address common challenges associated with traditional project tracking tools, which often become obsolete due to lack of regular updates. By integrating seamlessly with established platforms such as Slack, GitHub, and Linear, Voca captures crucial information—including decisions, blockers, and other significant developments—in real-time, thereby maintaining an up-to-date knowledge base. This automation allows users to set specific queries, skills, and automations that facilitate smooth operations without the need for constant manual input. Presently in its pilot phase with select companies, Voca aims to enhance project management efficiency by ensuring accurate documentation of ongoing progress while minimizing the need for continuous human oversight.
Keywords: #phi4, AI, GitHub, Linear, PM tools, Slack, automations, background, companies Keywords: AI, knowledge base, piloting, project manager, query, real time, skills, teams, tracker
www.tryvoca.ai 10 days ago
|
2411.
HN
From Defense AI Drift to Policy Enforcement: Why I Built Firebreak
Firebreak is an engineering solution designed to address the challenge of employing artificial intelligence (AI) for defensive purposes without it being misused for offensive applications such as mass surveillance or autonomous weapons. Developed during the Portland Claude Code hackathon, Firebreak acts as a proxy that enforces policies through code at machine speed with comprehensive audit trails. It operates by intercepting requests between an LLM consumer and its API endpoint, classifying intent and evaluating against pre-established rules stored in YAML files to decide whether actions should be allowed, constrained, or blocked.
The tool is inspired by production infrastructure patterns like Kubernetes admission controllers and the Open Policy Agent (OPA), which enforce policies autonomously. This approach aims to prevent "defense AI drift" toward offensive applications, a risk heightened when operational urgency supersedes existing policy agreements. By providing rapid deployment capabilities for defense systems such as missile defense, while blocking unauthorized surveillance, Firebreak ensures compliance with agreed-upon red lines between organizations like the Pentagon and companies like Anthropic.
Firebreak underscores the need for infrastructure-level constraints to ensure accountability and prevent misuse of AI intent. It facilitates transparency through policy enforcement across various scenarios without altering developer workflows. Despite its uncertain success in the hackathon, the availability of Firebreak's code on GitHub and a demonstration video provides a reference implementation aimed at resolving challenges in defense AI policy enforcement.
Keywords: #phi4, Audit Trails, Autonomous Weapons, Defense AI, Firebreak, GitHub, Inspector General, Intent Drift, Kubernetes, LLM, Missile Defense, OPA, OpenAI-Compatible, Policy Enforcement, Proxy, Surveillance, Trust & Safety, YAML, YouTube
eric.mann.blog 10 days ago
|
2418.
HN
Agentic-coded Ethereum client targeting 2030 roadmap
ETH2030 is an experimental Ethereum client designed with a focus on the 2030 roadmap, particularly aiming at enhancing Layer 1 capabilities as outlined in the Layer 1 Strawmap. Developed using Go version 1.23 and go-ethereum v1.17.0, this software consists of 48 packages totaling over 713K lines of code. Distributed under LGPL-3.0 or GPL-3.0 licenses, ETH2030 is intended for research purposes rather than production use, emphasizing its experimental status. Users are strongly cautioned against employing it in critical environments due to its nascent and potentially unstable nature. Additional details about the project's development, potential issues, and updates can be accessed through its GitHub repository.
Keywords: #phi4, Agentic-coded, Documentation, ETH2030, Ethereum, GPL-30, GitHub, Go 123, Issues, L1 Strawmap, LGPL-30, client, execution, experimental, go-ethereum, packages, production-ready, research software, risk
eth2030.com 11 days ago
https://x.com/yq_acc/status/2026252944639934778 10 days ago
https://xcancel.com/yq_acc/status/2026252944639934 10 days ago
|
2426.
HN
Show HN: Monohub – a new GitHub alternative / code hosting service
Teymur Bayramov is in the process of creating Monohub, an innovative code hosting service intended as a GitHub alternative, which will be based in the European Union. In its early development stage, Monohub already includes fundamental features such as pull requests and places a strong emphasis on accessibility for users. While it is designed to operate on a subscription model at a cost of 3.99 EUR per month (VAT not included), Bayramov offers an incentive for early adopters in the form of six months of free access, without necessitating any payment information upfront. Following this initial period, regular monthly charges will apply. Teymur actively seeks input and suggestions from users to enhance Monohub's offerings and ensure it surpasses existing solutions by better aligning with user needs.
Keywords: #phi4, EU hosted, Early Adopter, Git wrapper, GitHub alternative, Monohub, Teymur Bayramov, accessibility, active development, code hosting service, early adopter discount, paid service, pull requests
monohub.dev 11 days ago
https://monohub.dev/@tbayramov/efcore-audit-timestamps 10 days ago
|
2433.
HN
Histomap Reborn
Histomap Reborn is an interactive historical timeline tool that offers comprehensive views of US history from 1770 to 2025, world history from 4000 BC to the present, and British history from 100 BC onwards. It allows users to customize timelines by setting specific start and end years, adjusting dimensions, and exporting their customized view as a PDF. The timeline incorporates data from the Maddison Project Database for post-1750 global power statistics, supplemented by scholarly estimates for earlier historical periods. Developed by Rob Ennals, Histomap Reborn is supported by additional resources such as a blog post detailing its features and a GitHub repository where users can explore or contribute to the tool's development.
Keywords: #phi4, British History, Dimensions, Export PDF, GitHub, Histomap, Interactive Timeline, Maddison Project Database, Rob Ennals, Scholarly Estimates, Settings, Time Range, US History, Wikipedia, World History
histomap.robennals.org 11 days ago
|
2436.
HN
Tablesaw: Java Dataframe and Visualization Library
Tablesaw is a comprehensive Java library tailored for efficient data manipulation and visualization. It facilitates loading, cleaning, transforming, filtering, and summarizing data across various formats such as CSV, Excel, JSON, HTML, and others from both local and remote sources like S3. With its capability to handle descriptive statistics, Tablesaw prepares datasets for machine learning applications in conjunction with libraries like Smile, Tribuo, H2O.ai, and DL4J. The library supports a wide range of data processing tasks including importing/exporting files, combining tables, modifying columns or rows, sorting, grouping, filtering, editing, transposing, and executing map/reduce operations. It also offers robust tools for managing missing values and visualization through integration with the Plot.ly JavaScript library.
To begin using Tablesaw, developers should include the `tablesaw-core` module in their projects. Additional functionality can be accessed via optional modules such as `tablesaw-beakerx`, `tablesaw-excel`, `tablesaw-html`, `tablesaw-json`, and `tablesaw-jsplot`. The library also extends its compatibility with Apache Parquet files through the `tablesaw-parquet` project, enhancing its versatility in data handling. Resources for learning and community engagement are centralized on the official GitHub repository, which hosts documentation, user guides, and support forums. Furthermore, Tablesaw's integration with Jupyter Notebooks provides an enriched environment for advanced data analysis workflows.
Keywords: #phi4, Apache, BeakerX, DL4J, Dataframe, Descriptive, Excel, Export, Filter, GitHub, H2Oai, HTML, Import, Integration, JSON, Java, Jupyter, Library, Machine Learning, Notebooks, Parquet, Plotly, Smile, Statistics, Tablesaw, Transform, Tribuo, Visualization
github.com 11 days ago
|
2443.
HN
Show HN: Voice-coded a Doom-scroll Hacker News (Twitter-style feed)
The project involves the creation of a mobile-friendly Hacker News clone with an infinite scrolling timeline akin to Twitter's feed. The entire website was developed using voice coding technology, employing a yapboard voice keyboard and OpenAI Codex via a Discord bridge bot, facilitating real-time testing through screen mirroring with scrcpy. Despite an initial oversight where the microphone was turned off during live coding, narration was retrospectively added. A demonstration of the site can be accessed at the provided link, while a timelapse video detailing the voice-coding process is available on YouTube. The tools utilized in this development include scrcpy, yapboard.app, and the Codex Discord bridge. Feedback is being solicited specifically concerning the voice-coding workflow and the infinite-scroll user experience for displaying Hacker News content.
Keywords: #phi4, AI assistance, Discord, Discord bridge bot, Doom-scroll, Endless-scroll, GitHub, Google, Google LLC Keywords: Voice-coded, Hacker News, NFL, NFL Sunday Ticket, OpenAI Codex, Twitter-style, Twitter-style feed, Voice-coded, YouTube, endless-scroll UX, infinite timeline, mobile-friendly, scrcpy, yapboard
www.youtube.com 11 days ago
|
2444.
HN
Show HN: GitShow Repo Showroom – a landing page for any GitHub repo
GitShow Repo Showroom serves as a landing page service that consolidates detailed information about any public GitHub repository into a single view at gitshow.dev/owner/repo. Its primary objective is to provide a comprehensive overview without the need for multiple tabs, presenting key details such as top contributors (beyond GitHub's API limitations), language usage with visual charts, and commit activity timelines. It also evaluates community health by assessing documentation presence and highlights recent pull requests while excluding those from bots. Users can perform quick actions like starring or cloning directly on the page. To enhance visibility in AI search engines, each page incorporates Schema.org structured data and offers a machine-readable format for web scraping by LLM agents. Developed using Next.js with one-hour Incremental Static Regeneration (ISR), GitShow utilizes GitHub's REST API for its data needs, styled with Tailwind CSS, and hosted on Vercel. The platform is accessible without any signup or payment requirements, operates under an MIT license, minimizes client-side JavaScript usage, and its source code can be found on GitHub.
Keywords: #phi4, GitHub, GitShow, ISR, LLM agents, MIT licensed, Nextjs, PRs, REST API, Schemaorg, Tailwind, Vercel, commit activity, community health, contributors, languages, repo, showroom page
news.ycombinator.com 11 days ago
|
2454.
HN
Show HN: Lucent – Open-source ext. to remove YouTube distractions and lock HD
Lucent is an open-source browser extension aimed at refining the YouTube viewing experience by minimizing distractions and allowing users to customize their video playback settings. It offers a variety of features such as hiding elements like shorts, recommendations, related videos, end screen suggestions, comments, likes, subscriber counts, and live chat; it blurs thumbnails which become visible upon hovering, locks preferred video quality, sets default playback speed, pauses videos when opened in new tabs, and prevents autoplay on channel homepages. Lucent emphasizes user privacy by not tracking activities or utilizing external servers, with all settings stored locally within the browser. The extension's source code is accessible via GitHub at https://github.com/sabihhassan14/yt-distraction-free, allowing users to review its functionality and contribute to its development.
Keywords: #phi4, GitHub, HD, YouTube, autoplay, blur, comments, distractions, dynamic navigation, extension, likes, live chat, local storage, open-source, playback speed, privacy-focused, subscriber counts, thumbnails, video quality, viewing experience
chromewebstore.google.com 11 days ago
|
2457.
HN
Show HN: Stacked Game of Life
The "Stacked Game of Life" is a simulation developed by Koen van Gilst that visually represents various cellular automaton patterns such as Acorn, R-Pentomino, Glider, Diehard, Gosper Gun, and Pulsar. These intricate patterns can be observed through either top or iso camera perspectives, offering users different visual experiences of the simulation. The project provides an interactive exploration of these classic Game of Life formations within a stacked environment. Additionally, the source code for this simulation is accessible on GitHub, allowing others to examine its construction and potentially contribute to its development. This combination of visualization and open-source sharing makes it both an educational tool and a platform for further innovation in cellular automaton simulations.
Keywords: #phi4, Acorn, Camera, Diehard, Game of Life, GitHub, Glider, Gosper Gun, Iso, Patterns, Pulsar, R-Pentomino, Simulation, Stacked
stacked-game-of-life.koenvangilst.nl 11 days ago
https://github.com/vnglst/stacked-game-of-life 10 days ago
https://www.reddit.com/r/math/comments/9xfquc 7 days ago
https://www.instagram.com/reel/DUxkEiWDS-q/ 7 days ago
https://www.youtube.com/watch?v=D50iRzBI3qc 7 days ago
https://conwaylife.com/wiki/Tub 7 days ago
|
2458.
HN
Clustering Developers by Repo/PR/Issue Signals
The process entails grouping developers by evaluating their GitHub activities over the last 90 days, including events, pull requests (PRs), issues, and commit messages from repositories they have engaged with. An advanced language model synthesizes these data points into semantic facets that collectively form a developer's tech identity based on tangible code contributions. Each facet is then embedded using text-embedding-3-large technology and stored in pgvector as manageable chunks. This method enhances the precision of signal matching by focusing on specific elements rather than analyzing complete profiles, thereby improving the accuracy and relevance of clustering developers according to their technical activities and identities.
Keywords: #phi4, Clustering, Code, Developer Profile, Developers, Embedding, Events, GitHub, Issue Signals, LLM, PR, Repo, Semantic Facets, Signal Matching, Tech Identity, Text-embedding-3-large, pgvector
mates.symploke.dev 11 days ago
|
2465.
HN
Show HN: IssueScout – Find open source issues worth contributing to
IssueScout is a specialized platform aimed at assisting beginners in contributing to open-source projects by refining GitHub's "good first issue" search results. It enhances the search experience on GitHub through two primary features: the Community Health Score and AI-based difficulty estimation for issues. The Community Health Score, ranging from 0 to 100, assesses repository health using seven criteria—such as presence of guidelines, licenses, codes of conduct, activity levels, star counts, issue response times, and PR merge rates—to gauge how welcoming a repository is to new contributors; scores above 80 suggest active pull request reviews. The AI difficulty estimation begins with rule-based keyword analysis and resorts to GPT-4o-mini when confidence in the initial method is low, maintaining transparency about AI involvement.
In addition to these core features, IssueScout offers personalized issue recommendations based on users' GitHub activities, employs progressive loading for instant search results, and provides smart filtering and bookmarking options. A two-level caching mechanism enhances performance over time, while per-user API tokens ensure scalable access without encountering rate limits. Built with Next.js 16, TypeScript, MongoDB Atlas, the GitHub GraphQL API, OpenAI's GPT-4o-mini, and deployed on Vercel, the platform uses per-user OAuth tokens for scalability and a two-phase progressive loading strategy to improve user experience.
Users can deploy IssueScout by cloning its repository, setting up necessary environment variables including GitHub credentials and optional OpenAI API keys, then running it locally via npm commands. Licensed under MIT with support from Vexrail, the platform invites contributions through its documentation and prioritizes privacy with an opt-in Google Analytics feature for analytics tracking.
Keywords: #phi4, AI Difficulty Estimation, Community Health Score, GPT-4o-mini, GitHub, GitHub OAuth, Google Analytics, IssueScout, MIT license, MongoDB Atlas, Nextjs, TypeScript, Vercel, analytics, architecture, caching, contributing, health score algorithm, open source, privacy, progressive loading, rule-based AI
github.com 11 days ago
|
2467.
HN
The 250KB Club
The 250KB Club is a curated collection of web pages that emphasize performance, efficiency, accessibility, and sustainability while maintaining a compressed size limit of 256KB. Pages exceeding this threshold are directed towards alternatives like the 512kB.club or 1MB.club. Suggestions for new entries can be submitted through platforms such as Sourcehut or GitHub, with weekly reviews to ensure quality and adherence to standards. Each web page included in the club is featured on its own dedicated page, which provides further details and allows visitors to link back to the original pages. This initiative not only promotes best practices in web development but also encourages creators to optimize their content for speed and accessibility within a defined size constraint.
Keywords: "1MBclub", "512kBclub", "Github" ]}```, "Sourcehut", "accessibility", "compressed size", "efficiency", "media impact", "performance", "sustainability", "web pages", #phi4, 1MBclub, 250KB Club, 512kBclub, Github, Sourcehut, accessibility, additional information ```json{ "keywords": [ "250KB Club", compressed size, efficiency, media impact, performance, review, sub page, sustainability, web pages
250kb.club 11 days ago
|
2478.
HN
Show HN: Ditch your budget app subscription. Surebeans is a modern YNAB4
Surebeans is a modern, open-source budgeting application created as a cost-effective alternative to YNAB4, developed in response to concerns about price increases and perceived lack of value from the latter. It operates on a one-time payment model rather than a subscription fee, emphasizing affordability and user control. A standout feature of Surebeans is its ability to locally scrape bank websites for transaction data, which enhances privacy by eliminating the need to share bank credentials or depend on third-party services like Plaid.
The application prioritizes privacy and data sovereignty by storing information in plaintext files locally, providing users with various synchronization options including Dropbox, WebDAV, S3, SFTP, and Git-based systems such as GitHub, GitLab, Gitea/Forgejo. It supports importing transaction data from multiple formats like CSV, QFX/OFX, and YNAB files. Users benefit from automated transaction categorization, editable history with undo functionality, offline access, and syncing across devices.
Surebeans is priced at $29 during its beta phase, rising to $79 thereafter, ensuring perpetual updates and the ability for users to install it on multiple devices within a household. The application addresses common issues faced by users of traditional budgeting apps by offering an affordable, private, and user-focused solution that aligns with modern privacy standards and user needs.
Keywords: #phi4, Beanscrape, Forgejo, Git, GitHub, GitLab, Gitea, Playwright, Surebeans, YNAB4, bank transactions, beta, budget app, cost-effective, data sovereignty, desktop app, hledger, import options, local storage, offline, privacy, scraping, subscription, sync, web browser
surebeans.net 11 days ago
|
2483.
HN
Show HN: A machine-readable graph of truth claims, built on Git and Markdown
Prime is a tool designed for enhancing deductive reasoning by enabling the creation of machine-readable graphs that represent truth claims, utilizing Git and Markdown to manage these structures as decentralized Directed Acyclic Graphs (DAGs). It facilitates users in writing, publishing, and exploring complex argument networks, offering scalable infrastructure for rational thinking. The key feature of Prime is its storage system where each claim is saved as a Markdown file within a Git repository, capitalizing on Git's strengths such as version control, integrity assurance, distribution capabilities, and attribution tracking.
Prime distinguishes between axiomatic claims—those that are self-evident without requiring premises—and derived claims, which rely on other claims for their conclusions. To assist users in managing these arguments, Prime offers a suite of commands: `prime-md init` to initialize repositories; `prime-md browse` to navigate through the argument graphs; `prime-md pluck` to extract claims and their premise structures; `prime-md graph` to visualize the argument networks in various formats; along with tools for validating structure integrity and displaying individual nodes. Furthermore, Prime supports integrating external repositories, enabling cross-referencing of claims from different sources.
The overarching goal of Prime is to improve rational discourse within fields such as philosophy and science by systematically breaking down arguments into discrete subclaims. This approach aligns well with contemporary applications in Language Modeling, offering a structured methodology for argumentation. As an open-source project under the MIT license, Prime actively invites contributions from developers interested in creating more robust tools or expanding its repository of comprehensive arguments, thus fostering a collaborative environment for advancing rational discourse.
Keywords: #phi4, DAG, DAG (Directed Acyclic Graph), Git, GitHub, Graphviz, Graphviz DOT formatKeywords: Machine-readable graph, JSON, LLMs, LLMs (Large Language Models), Machine-readable graph, Markdown, Prime, attribution, axiomatic truths, collaboration, command-line tools, deductive reasoning, distribution, graph traversal, integrity, premises, soundness, truth claims, validity, versioning
github.com 11 days ago
|
2487.
HN
Show HN: LazyGravity – I control my local AI coding setup from Discord via CDP
LazyGravity is a specialized tool designed to facilitate the remote management of an AI coding setup via Discord by utilizing the Chrome DevTools Protocol (CDP). This innovative application enables users to start and supervise their coding tasks from mobile devices, even when away from their workstations. It ensures secure communication by forwarding messages and relaying results without requiring public port exposure or reliance on cloud services, thereby enhancing privacy and security. Local UI management is achieved through WebSocket, ensuring a stable connection. The project's developers are seeking feedback on the tool’s security features, particularly concerning CDP's local boundaries. To explore further, users can view an online demonstration video and access the project code via its GitHub repository at `tokyoweb3/LazyGravity`.
Keywords: #phi4, AI coding setup, CDP, Chrome DevTools Protocol, Discord, GitHub, LazyGravity, TokyoWeb3, UI generation, WebSocket, dev machine, hot-reloading, local-first bridge, security boundaries
news.ycombinator.com 11 days ago
|
2496.
HN
Gnome GitLab Redirecting Some Git Traffic to GitHub for Reducing Costs
Gnome GitLab has implemented a strategy to redirect some of its git traffic to GitHub as a measure to reduce costs. This article highlights Michael Larabel's significant contributions to the Linux community since 2004 through Phoronix.com, where he has authored over 20,000 articles concentrating on hardware support and performance within the Linux ecosystem. Additionally, Larabel is recognized for his development work with tools such as the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org. His professional presence extends to social media platforms like Twitter and LinkedIn, and he can be reached through his official website for further contact.
Keywords: #phi4, Articles, Benchmarking, Costs, GitHub, GitLab, Gnome, Graphics Drivers, Hardware, LinkedIn, Linux, Michael Larabel, OpenBenchmarkingorg, Performance, Phoromatic, Phoromatic Keywords: Gnome, Phoronixcom, Test Suite, Twitter
www.phoronix.com 11 days ago
|
2497.
HN
Show HN: Gitcredits – movie-style end credits for any Git repo in your terminal
"Show HN: Gitcredits" is an innovative tool designed to transform the presentation of Git repository information into a cinematic-style terminal display, complete with movie-like end credits. It creatively visualizes ASCII art derived from the repository's name and provides an organized list of top contributors as well as all contributors ranked by commit count. The tool highlights significant recent contributions tagged with "feat:" or "fix:", presenting them as notable scenes within the output. Additionally, it offers comprehensive statistics on the repository, such as total commits, number of contributors, GitHub stars (if available), the programming language used, and licensing details.
Installation is straightforward: users can install Gitcredits using Go by executing `go install github.com/Higangssh/gitcredits@latest`. Alternatively, they can clone the source code from GitHub and build it manually. To do so, users need to clone the repository with `git clone https://github.com/Higangssh/gitcredits.git`, navigate into the directory, and then compile using `cd gitcredits && go build -o gitcredits .`.
Once installed, Gitcredits can be executed within any Git repository by simply running the command `gitcredits`. The tool offers intuitive navigation controls, allowing users to scroll through the credits with arrow keys or exit the display by pressing 'q' or 'Esc'. Notably, while it requires Go version 1.21 or higher for operation, it has an optional dependency on the GitHub CLI (gh) to fetch additional metadata such as repository stars and descriptions; however, in the absence of gh, Gitcredits will function solely using git data.
The project is open-source under the MIT License, making it accessible and modifiable by users who wish to explore or enhance its capabilities.
Keywords: #phi4, ASCII art, CLI, Git repo, GitHub, GitHub metadata, Gitcredits, Go, MIT License, MIT License Keywords: Git, contributors, controls, credits, gh CLI, installation, metadata, movie-style, movie-style credits, repo, source code, terminal, usage
github.com 11 days ago
https://github.com/Higangssh/gitcredits 10 days ago
|
2507.
HN
Show HN: AI Agent Team Framework
The "AI Agent Team Framework" is an innovative tool designed to construct and manage autonomous teams of AI agents that automate repetitive tasks, thereby saving time and increasing efficiency. This framework features capabilities such as routing GitHub issues, coordinating activities across multiple Discord channels, orchestrating development pipelines, and providing thorough documentation. It offers free agent role templates including Researcher, Writer, Analyst, Planner, and Devil's Advocate, each equipped with specific system prompts and workflows to streamline task execution.
Users have the option to access a free version from its repository or purchase a comprehensive guide on Gumroad for enhanced resources such as over 15 additional agent templates, workflow configurations, integration guides, and decision frameworks. The guide is structured to assist users in swiftly setting up their initial three agents and allows for gradual team expansion. Contributions that maintain a uniform format of role name, system prompt, and usage triggers are encouraged.
The primary goal of the framework is to transition AI applications from basic search engine functionalities to specialized teams adept at executing specific tasks efficiently, ultimately reducing hours spent on routine work each week. Developed by Caffaro, which utilizes AI agents in its operations, this open-source project is available under the MIT license, inviting further development and customization within the community.
Keywords: #phi4, AI Agents, Analyst, Automation, Caffaro, Decision Framework, Dev Pipeline, Devil's Advocate, Discord, Documentation, Framework, GitHub, Google Workspace, Integration, Makecom, N8n, Notion, Orchestration, Planner, Productivity, Researcher, Slack, Templates, Workflow, Writer
github.com 11 days ago
|
2510.
HN
Who Is the Kimwolf Botmaster "Dort"?
In early 2026, KrebsOnSecurity identified vulnerabilities in Kimwolf, a significant botnet operated by an individual known as "Dort," who retaliated against security researchers exposing their methods with threats and harassment. Dort, also called CPacket or M1ce, has been involved in cybercrime since at least 2017, focusing on activities like DDoS attacks and email flooding. Initially recognized in the gaming community for creating Minecraft cheats, Dort's criminal operations expanded over time. Collaborating with hacker Qoft, they offered services such as disposable email registration and CAPTCHA bypassing on platforms like SIM Land, generating income through stolen accounts.
Dort is believed to be a Canadian teenager born in August 2003, identified as Jacob Butler through digital evidence linking multiple online aliases to his personal information and activities. Following the publication of an investigative article by KrebsOnSecurity detailing Kimwolf's vulnerabilities, Dort responded by creating a Discord server used for threatening and doxing individuals such as researcher Benjamin Brundage, including threats of swatting and violent harassment, which caused significant distress among those targeted.
Keywords: #phi4, Brundage, CAPTCHA, Constella Intelligence, Cracked, DDoS, Discord, DomainTools, Dort, Epieos, Flashpoint, GitHub, Kimwolf, KrebsOnSecurity, LAPSUS$, Minecraft, Nulled, Pastebin, SIM-swapping, SWAT, Spycloud Keywords: Kimwolf, Xbox Game Pass, botnet, cybercrime, doxing, email flooding, proxy services, swatting, vulnerability
krebsonsecurity.com 11 days ago
|
2517.
HN
Show HN: DevIndex – Ranking 50k GitHub developers using a static JSON file
DevIndex is a developer ranking tool designed to accurately list the top 50,000 most active contributors globally based on lifetime contributions. The project was initiated in response to existing lists that were either incomplete or localized, overlooking highly-contributing developers. To achieve this without relying on backend APIs and maintain cost efficiency through GitHub Pages hosting, several innovative engineering solutions were implemented.
The autonomous data factory, built using a Node.js pipeline powered by GitHub Actions, acts as the backbone of DevIndex's backend. This setup includes a "Network Walker" spider to traverse the social graph and an Updater that manages GraphQL queries to prevent timeouts, continuously updating developer contributions into a `users.jsonl` file. To address UI performance challenges when handling large JSONL files, the system employs Engine-Level Streaming with a Stream Proxy using `ReadableStream` and `TextDecoderStream`. This enables incremental parsing and rendering of user data.
Memory efficiency is enhanced through Turbo Mode & Virtual Fields by storing raw POJOs and utilizing prototype-based getters for complex fields without additional memory overhead. The UI supports smooth scrolling across 50,000 records with a Fixed-DOM-Order Grid that maintains a fixed DOM order using recycled rows and hardware-accelerated CSS `translate3d` to minimize costly DOM mutations.
Performance is further optimized via a Quintuple-Threaded Architecture where the Main Thread handles only DOM updates. An App Worker manages data streaming and VDOM generation, while a Canvas Worker independently renders "Living Sparklines" using `OffscreenCanvas`. The entire system, including backend pipeline enhancements, UI improvements, and engine rewrites, was completed in one month by the developer with assistance from an AI agent. Feedback is sought on its architecture, particularly from those experienced with large-scale client-side processing and GraphQL aggregation challenges. Additional details can be found through DevIndex's live app at [neomjs.com/apps/devindex](https://neomjs.com/apps/devindex/) or in the code and architectural guides on GitHub: [github.com/neomjs/neo/tree/dev/apps/devindex](https://github.com/neomjs/neo/tree/dev/apps/devindex).
Keywords: #phi4, Autonomous Data Factory, DevIndex, Fat Client, Fixed-DOM-Order Grid, GitHub, GitHub Actions, GraphQL, JSON, Network Walker, Nodejs, OffscreenCanvas, Quintuple-Threaded Architecture, ReadableStream, Stream Proxy, Turbo Mode, Virtual Fields, aggregation, developers, ranking, scaling
news.ycombinator.com 11 days ago
|
2535.
HN
Alternative Privacy-respecting Web Front-ends to popular online platforms
The document provides a curated list of privacy-focused web front-ends for various popular online platforms, ranging from social media and streaming services to information repositories. These alternatives are designed to enhance user privacy by reducing data collection and tracking while ensuring compatibility across different operating systems and hardware. The document includes cross-platform applications as substitutes for well-known sites such as Bluesky, Chefkoch, Fandom, Genius, GitHub, Goodreads, IMDb, Imgur, Instagram, Lemmy, Mastodon, Matrix, Medium, Odysee, Quora, Reddit, SoundCloud, StackOverflow, TikTok, Translate, Tumblr, Twitch, Twitter, Ultimate Guitar, Urban Dictionary, Wikipedia, YouTube, and YouTube Music. Many of these alternatives also support self-hosting and decentralized options like I2P or Onion, with a significant number being open-source.
Specific mentions highlight notable front-ends such as Skylib for Bluesky, gocook for Chefkoch, BiblioReads for Goodreads, Rimgo for Imgur, FluffyChat for Matrix, Librarian for Odysee, Quetre for Quora, SafeTwitch for Twitch, Nitter for Twitter, and Wikiless for Wikipedia. The document also addresses the challenges developers encounter when creating alternatives to YouTube due to Google's active countermeasures against such efforts.
The document encourages contributions from community members who wish to suggest new front-ends or modifications on platforms like Codeberg or GitHub. It includes legal disclaimers clarifying that the repository is not affiliated with any of the companies mentioned and that all trademarks are owned by their respective holders.
Keywords: #phi4, Alternative front-ends, Codeberg, Cross-platform, Decentralised, Decentralised options, Desktop, Desktop front-ends, Front-ends, GitHub, I2P, Information services, Legal addendum, Mobile, Mobile front-ends, Onion routing, Open source, Privacy-respecting, Redirector rules, Self-hostable, Social media, Streaming services, TV front-ends, Trademarks, Trademarks Keywords: Alternative, Web apps
github.com 11 days ago
https://codeberg.org/duyfken/alternative-front-ends 11 days ago
https://news.ycombinator.com/item?id=29662235 11 days ago
https://news.ycombinator.com/item?id=29620275 11 days ago
|
2543.
HN
Show HN: Visual Lambda Calculus – a thesis project (2008) revived for the web
Visual Lambda Calculus is an interactive web-based environment designed to facilitate the exploration of untyped lambda calculus through a graphical representation known as "Bubble Notation." Initially developed as a master's thesis in 2008, this tool has been revitalized for modern use. It allows users to manipulate lambda terms visually with colorful, draggable 2D structures and features smooth animations of beta-reduction processes. An engaging component named "Lambda Puzzles" challenges participants to discover hidden free variables by constructing terms.
Targeted at students, educators, and researchers, Visual Lambda Calculus offers an intuitive approach to understanding lambda calculus concepts and reduction strategies. The project has been updated from its original versions hosted on Google Code Archive and Bitbucket to a contemporary web version accessible through GitHub Pages and itch.io. It supports local execution with Python 3.8+ and pygame-ce 2.5.6, providing detailed controls and an expression library for users.
While the current implementation is recognized as somewhat outdated, it holds promise for future enhancements in interaction quality, visual appeal, and clearer visualization of lazy evaluation techniques. As an open-source project, its source code is available on GitHub, inviting further development and improvement by the community.
Keywords: #phi4, Bubble Notation, GitHub, GitHub repo, Python, Visual Lambda Calculus, beta-reduction, draggable structures, graphical environment, interactive web, interactive web version, lambda terms, puzzles, pygame-ce, reduction strategies, untyped lambda calculus, untyped lambda calculus Keywords: Visual Lambda Calculus
github.com 11 days ago
https://www.youtube.com/watch?v=RcVA8Nj6HEo&t=1346s 11 days ago
https://www.youtube.com/watch?v=aRgu8S3Pnb8 11 days ago
https://bntre.github.io/visual-lambda/#workspace=H4sIAA 9 days ago
https://dkeenan.com/Lambda/ 8 days ago
https://github.com/prathyvsh/lambda-calculus-visualizat 8 days ago
https://en.wikipedia.org/wiki/String_diagram 8 days ago
https://piedeleu.com/posts/diagrammatic-lambda-calculus 8 days ago
|
2547.
HN
Genode OS Framework 26.02
The Genode OS Framework's 26.02 release delivers significant updates enhancing its framework components and tooling. A notable shift is the adoption of a custom-designed Human-inclined Data (HID) format, replacing XML to improve human readability in configurations across various elements like run scripts, Sculpt OS, and the Goa SDK. Concurrently, Genode Labs transitioned most repositories from GitHub to Codeberg, necessitating users to update local clones and adapt workflows, including creating Codeberg accounts and migrating forked repositories. Technical enhancements include updating the Linux Device-Driver Environment (DDE-Linux) to kernel version 6.18, discontinuing ARMv6 support, converting Goa SDK examples to HID with schema validation for better usability, and refining event filtering components. The release also focuses on code quality improvements by refining kernel internal structures and enhancing SDL3 compatibility for the fb_sdl component in Linux environments. Development tools were expanded with a Git port in genode-world to facilitate self-hosted development on Sculpt OS, along with adjustments in Seoul VMM for better interoperability with the Goa SDK. Comprehensive documentation and tools have been provided to aid HID processing, schema validation, and support contributors during their transition to Codeberg. Overall, Genode 26.02 underscores advancements in user-friendly data formats, platform migrations, device driver technologies, development tool usability, and kernel code quality improvements.
Keywords: #phi4, API, API refinements, Codeberg, DDE-Linux, Device-driver, Event filter, FIO benchmark, Genode OS, Git, Git port, GitHub, Goa SDK, HID format, Intel AMT TLS, Intel AMT TLS Keywords: Genode OS, Linux, Linux device-driver environment, Seoul VMM, base-hw execution, schema validation
genode.org 11 days ago
|
2548.
HN
Show HN: Vigil – Zero-dependency safety guardrails for AI agent tool calls
Vigil is a zero-dependency safety library aimed at providing deterministic, rule-based security checks for AI agent tool calls in production environments. Developed to counteract attempts by AI agents to execute harmful shell commands, Vigil includes 22 rules categorized into eight threat types, such as destructive shell commands, SSRF (Server-Side Request Forgery), and SQL injection. The library employs pure pattern matching, ensuring each check occurs with sub-2ms latency, functioning entirely offline without needing API keys or network connectivity.
Vigil can be integrated into various systems, including MCP servers, LangChain toolchains, and Express middleware, making it versatile for different security needs. Released under the MIT license, Vigil is currently at version 0.1, which some users may find too restrictive. Future plans include the introduction of a YAML policy engine in version 0.2 and an MCP proxy to enhance functionality. The developers are open to feedback concerning rule effectiveness, false positives, and identifying new threat categories. For further information and access to the source code, interested parties can visit Vigil's GitHub repository.
Keywords: #phi4, AI agents, Express middleware, GitHub, LangChain, MCP servers, MIT licensed, SQL injection, SSRF, Vigil, YAML policy engine, data exfiltration, destructive commands, npm install, path traversal, pattern matching, rule engine, safety guardrails, shell access
news.ycombinator.com 11 days ago
|
2553.
HN
Show HN: YourApp – Mobile-First Developer Tool (Contributors Welcome)
YourApp is an innovative mobile-first developer tool and AI-powered Integrated Development Environment (IDE) designed to facilitate the creation of fully functional web applications directly from mobile devices, eliminating the need for app store downloads. As an open-source project, it focuses on delivering practical workflows with ongoing enhancements in architecture and features. The core functionality leverages an AI-driven process where a structured specification is generated by artificial intelligence, allowing users to review, modify, and regenerate before final code production, resulting in single-file HTML applications styled using Tailwind CSS and daisyUI 5.
The tool offers several key features aimed at enhancing user experience and productivity. Users can customize specifications through editable interfaces, utilize a built-in console monitor for real-time error detection, leverage AI capabilities to fix errors, follow natural language editing instructions, and benefit from offline support with access to device storage. Technologically, YourApp is constructed using Flutter for its mobile app shell, Firebase AI for specification and code generation, InAppWebView for web application rendering, and styled with Tailwind CSS + daisyUI 5.
Despite these capabilities, YourApp has certain limitations; it struggles with complex multi-user applications or those needing advanced backends. It lacks support for SVG rendering, faces accuracy challenges in AI-generated outputs, is limited to browser features, and relies on CDN-based dependencies without npm package support. The project actively invites community contributions through GitHub by providing instructions for forking, cloning, branching, committing changes, and submitting pull requests, under the MIT License, encouraging open collaboration. For further information or feedback, individuals can contact Adhishtanaka via email or explore the repository on [GitHub](https://github.com/Adhishtanaka/yourapp).
Keywords: #phi4, AI-Powered, Application Builder, Architecture, Browser-Based Execution, CDN Dependencies, Code Generation, Complex Applications, Console Monitor, Contributions, Developer Tool, Firebase AI, Flutter, Fork Repository, GitHub, IDE, Limitations, MIT License, Mobile-First, Natural Language Editing, Offline Support, Pull Request, SVG Support, Spec Generation, Tailwind CSS, Tech Stack, Usage, daisyUI
github.com 11 days ago
|
2556.
HN
Latency
The content provides essential latency benchmarks critical for programmers, offering insights into the time taken for various computing tasks and operations. Main memory reference requires around 1 nanosecond (ns) to handle 2,000 bytes, while network data transfer over a commodity network takes about 100 ns. SSD operations show that sequential reads take approximately 12.245 microseconds (us), with random reads extending to roughly 16 us. Cache operations are fast, with L1 and L2 cache references taking about 1 ns and 4 ns, respectively, compared to the longer disk seek time of around 1.649 milliseconds (ms). A branch misprediction in computing occurs within 3 ns, and mutex lock/unlock operations take approximately 16 ns. Compression tasks using Snappy vary significantly in duration, ranging from a few microseconds to several hundred microseconds when sequentially compressing 1 KB from memory or disk. Networking latency figures include a packet roundtrip time of about 10 us within the same datacenter and around 150 ms for travel between California and the Netherlands. Inspired by "Jeff Dean's latency numbers," these benchmarks are crucial for understanding performance implications in software development, with licensing under MIT and accessibility via GitHub, credited to various contributors.
Keywords: #phi4, GitHub, Latency, SSD, Snappy, branch mispredict, cache, datacenter, disk seek, memory reference, mutex lock/unlock, network, packet roundtrip
cheat.sh 11 days ago
|
2571.
HN
Show HN: AxKeyStore – Zero-trust CLI secrets manager using your own GitHub repo
AxKeyStore is an open-source command-line tool designed for secure secret management using a user's private GitHub repository as encrypted storage, employing a zero-trust model with local encryption to ensure secrets remain secure and never leave the machine in plaintext. It utilizes a multi-layered encryption system involving a Remote Master Key (RMK) and Local Master Key (LMK), both derived from the user's master password via Argon2id and XChaCha20-Poly1305, ensuring robust data protection. The tool supports hierarchical secret categorization, version history through commits, multiple profiles for isolated configurations, transactional master password resets, and secure random secret generation. Developed in Rust, it emphasizes simplicity and security by leveraging GitHub's infrastructure as untrusted storage while maintaining encryption client-side. Installation is facilitated with scripts for macOS/Linux and Windows, and the project encourages community feedback on its threat model, user experience, and cryptographic methods. AxKeyStore also supports managing multiple profiles securely, offering a comprehensive command-line interface for secret operations and version control. Users adopting it must register their GitHub App to obtain credentials for integration, and the project is distributed under an MIT license.
Keywords: #phi4, Argon2id, AxKeyStore, CLI, GitHub repository, MIT License, Rust, XChaCha20-Poly1305, authenticated encryption, device flow, encryption, local storage, master password, multi-profile, private repositories, profile management, secrets manager, secure random generation, transactional reset, version history, zero-trust
github.com 11 days ago
https://keyenv.dev 8 days ago
|
2578.
HN
Gnome GitLab Redirecting Some Git Traffic to GitHub for Reducing Costs
Gnome GitLab has made a strategic decision to redirect some of its Git traffic from its own servers to GitHub as a cost-reduction measure. The article is authored by Michael Larabel, the founder of Phoronix.com in 2004, which specializes in Linux hardware experiences. Larabel's extensive contributions include over 20,000 articles focusing on Linux hardware support and performance, along with graphics drivers. In addition to his writing, he leads development efforts for several benchmarking tools: the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org. For those interested in following his work or reaching out, Larabel is accessible through social media platforms like Twitter and LinkedIn, as well as via his personal website.
Keywords: #phi4, Articles, Benchmarking, Costs, GitHub, GitLab, Gnome, Graphics Drivers, Hardware, LinkedIn, Linux, Michael Larabel, OpenBenchmarkingorg, Performance, Phoromatic, Phoronixcom, Test Suite, Twitter
www.phoronix.com 11 days ago
|
2580.
HN
Show HN: Lneto – IEEE802.3/IP/TCP/HTTP in 8kB of RAM in Go
The post introduces "Lneto," an implementation of the IEEE802.3/IP/TCP/HTTP networking stack created in the Go programming language, specifically engineered to function within 8kB of RAM. This compact design allows it to be a viable option for systems with stringent memory constraints. The driver code for this innovative network stack is publicly accessible on GitHub and has been successfully demonstrated using a LAN8720 Ethernet controller setup at gsan.whittileaks.com. Lneto exemplifies the effective utilization of minimal memory resources, showcasing how Go can be employed to develop efficient servers capable of operating in environments with limited hardware capabilities.
Keywords: #phi4, GitHub, Go, Go programming language, HTTP, IEEE8023, IP, LAN 8720, Lneto, RAM, Show HN, TCP, driver, gsanwhittileakscomKeywords: Show HN, lan8720, networking stack, programming language, server
github.com 11 days ago
|
2584.
HN
Super Editor – Atomic file editor with automatic backups (Python and Go)
Super Editor is a specialized tool crafted to ensure secure and reliable file editing, addressing common issues related to unsafe file operations within automation workflows. It ensures file integrity through atomic writes that prevent the creation of partial or corrupted files and automatically creates ZIP backups prior to any modifications. The software supports sophisticated text manipulation methods including both regex and AST-based replacements. Notably, Super Editor has undergone rigorous testing with 1,050 automated tests achieving a perfect pass rate. Available in two programming languages, Python and Go—with the latter offering enhanced performance—it is particularly suited for integration into CI/CD pipelines, automated refactoring scripts, and any other workflows where file corruption could have severe consequences. The tool is accessible on both PyPI and GitHub, with its creator, larryste1, actively seeking feedback from the Hacker News community to further refine this innovation aimed at improving safety in automated file editing tasks.
Keywords: #phi4, AST-based text, Atomic writes, CI/CD pipelines, GitHub, Go, HN community, HN community Keywords: Atomic writes, PyPI, Python, ZIP backups, automated tests, automatic backups, automation workflows, file corruption, file editor, refactoring scripts, regex replacement, unsafe operations
news.ycombinator.com 11 days ago
|
2588.
HN
KeyWalking: Pattern Based Passwords (2015)
KeyWalking is a Ruby script created to enhance the generation of keyboard pattern-based passwords through "key walking," which is commonly used in security audits to test password strength and detect patterns susceptible to reuse. It surpasses previous tools by incorporating actual keyboard layouts, allowing for the creation of intricate sequences beyond simple, predictable patterns like “qwe” or “asdf.” KeyWalking offers various pattern types: Parallel Sequences produce directional strings such as "345etrdfg," ZigZag patterns create alternating key paths exemplified by "1qazxsw2," and Circle patterns generate ring-like sequences like "1234rfvcxz." Although some online password checkers can recognize basic keyboard patterns, they often fail to accurately identify more complex ones, mistakenly deeming them secure. The script is openly available on GitHub for further enhancement and community contributions, facilitating ongoing development in the realm of password security testing.
Keywords: #phi4, Circle, GitHub, HowSecureIsMyPassword, KeyWalker script, KeyWalking, Parallel Sequences, ZigZag, keyboard patterns, nisc, offline cracking, password complexity checkers, pattern based passwords, ruby script, security audits, sequential patterns
michaelhendrickx.com 11 days ago
|
2593.
HN
Show HN: Decision Guardian – Auto-surface architectural context on PRs and CLI
"Decision Guardian" is an open-source tool introduced by Ali to combat "institutional amnesia" in software development, ensuring that architectural decisions are actively enforced rather than merely documented. This proactive approach helps prevent issues when new developers modify complex systems without consulting relevant documentation. The tool provides context-specific feedback on Pull Requests (PRs) and through the Command Line Interface (CLI), guiding developers about necessary reviews.
Key features of Decision Guardian include its architecture, which allows it to operate independently from GitHub due to a recent update to version 1.1. It is compatible with local environments as well as continuous integration tools like GitLab or Jenkins. Architectural decisions written in Markdown are linked to file paths using glob patterns or JSON rules. The technical implementation includes efficient O(1) pattern matching through Prefix Trie, which aids decision-file matching even for large PRs. Additionally, it uses a ReDoS-protected VM Sandbox to prevent regex backtracking issues and implements progressive comment truncation to comply with GitHub's size limits.
Privacy is a significant aspect of Decision Guardian, ensuring zero collection of personally identifiable information (PII). It maintains strict privacy measures through runtime blocklist checks and offers optional, open-source telemetry. Links to its GitHub repository and documentation are available, along with production-ready templates for areas such as security, databases, and APIs. Ali encourages feedback on the tool's architecture and functionality in enforcing architectural decision records during code reviews.
Keywords: #phi4, Aho-Corasick, CLI, Cloudflare Worker, Decision Guardian, GitHub, GitLab/Jenkins, JSON rules, Markdown, PRs, Prefix Trie, Progressive Comment Truncation, ReDoS-Protected VM Sandbox, SOLID refactor, anonymous usage metrics Keywords: Decision Guardian, architectural context, documentation, enforcement, glob patterns, institutional amnesia, privacy constraints, regex evaluation, telemetry
news.ycombinator.com 11 days ago
|
2594.
HN
Autokey Wayland – fork of AutoKey a desktop automation app with Wayland support
Autokey Wayland is a specialized fork of the AutoKey desktop automation application, designed to integrate support for the Gnome/Wayland desktop environment while maintaining compatibility with X11 systems. This version utilizes unreleased code from the official "develop" branch and currently functions seamlessly within the Gnome desktop under Wayland, with plans to extend its capabilities to other environments like KDE in the future. Installation options are provided for Ubuntu/Debian and Fedora users through pre-built packages, while others can clone and execute the code directly from GitHub. Comprehensive project documentation is available to assist users with installation procedures, troubleshooting, and script usage examples. Users are advised to consult existing resources or search engines before raising questions or bug reports, ensuring that detailed debug logs accompany any issues reported via the project's Issues tracker. The project maintains two branches: "main" for active development and "Releases" for more stable iterations of the code.
Keywords: #phi4, AutoKey, GNOME/Wayland support, GitHub, Gnome, KDE, Wayland, X11, automation, bug reports, debug log, development, documentation, fork, installation, releases, troubleshooting
github.com 11 days ago
|
2596.
HN
Devs who code like you (from public GitHub signals)
The service described generates developer profiles by analyzing public GitHub data, including events, pull requests, issues, and commit messages from the past 90 days. An advanced language model (LLM) processes this data to synthesize semantic facets that constitute a concise tech identity profile for each user. These facets are then embedded using a sophisticated text-embedding method known as text-embedding-3-large, which organizes them into chunks stored in pgvector—a vector database. This storage approach enhances the accuracy of signal matching, facilitating more precise identification and profiling based on developers' activities and interactions within GitHub's ecosystem. The process effectively translates raw data into meaningful insights about a developer's technical persona, optimizing the match between user profiles and relevant signals for improved analytical outcomes.
Keywords: #phi4, GitHub, LLM, PRs, chunks, code, commit messages, developer profile, events, issues, pgvector, public signals, repos, semantic facets, signal matching, signal matching Keywords: GitHub, tech identity, text-embedding-3-large
mates.symploke.dev 11 days ago
|
2598.
HN
AutoKey – a desktop automation utility for Linux and X11
AutoKey is a desktop automation tool specifically designed for Linux systems using X11 environments and updated to Python 3, though it does not support Wayland, only Xorg. Users are advised to remove any older versions before installing the latest iteration, with installation details provided in the project's wiki. Comprehensive documentation, example scripts, and additional resources can be accessed on the AutoKey wiki as well as platforms like Stack Overflow and GitHub. For user support, the autokey-users Google Group, Gitter chat, IRC channel (#autokey on Libera.Chat), and Stack Overflow are available. Users seeking assistance should first review the Troubleshooting page before posting queries.
Bug reporting is facilitated through the GitHub Issue Tracker, requiring detailed reproduction steps and any error messages or tracebacks for effective resolution. Community contributions such as improvements can be made via pull requests, with guidelines provided in the CONTRIBUTORS.rst file. AutoKey operates under an open-source model licensed by the GNU GPL v3, ensuring transparent development and usage. Each version's updates are systematically documented in a changelog to keep users informed about new features and fixes.
Keywords: #phi4, AutoKey, GNU GPL v3, GitHub, Linux, Python 3, Wayland, X11, Xorg, bug reports, documentation, installation, pull requests, support, troubleshooting, wiki
github.com 11 days ago
|
2615.
HN
Maiao: Gerrit-style stacked PR management for GitHub from the command line
Maiao is a command-line tool designed to streamline GitHub's pull request management by implementing a Gerrit-style stacked PR workflow. It allows developers to decompose large features into smaller, manageable commits that are each treated as individual pull requests with automated parent-child dependencies. This approach facilitates granular reviews, enabling more focused and effective feedback from reviewers. Maiao maintains a clear project history by ensuring each PR reflects logical changes while providing sophisticated fixup capabilities through the use of `git commit --fixup <sha>`. The tool efficiently handles the stacking of pull requests and updates them automatically when they are merged or when upstream changes occur, reducing manual overhead for developers. As an open-source and free tool, Maiao promotes best practices by encouraging small and clean commits. It is well-documented, offering installation guides and in-depth technical details to assist users in leveraging its capabilities effectively. The name "Maiao" itself symbolizes the encouragement of making smaller, cleaner contributions to projects.
Keywords: #phi4, Change-IDs, Gerrit-style, GitHub, MIT License, MIT License Keywords: Maiao, Maiao, PR management, architecture, auto-rebase, code review, commits, contributing, documentation, fixups, installation, merge detection, open source, rebase integration, stacked PRs
github.com 11 days ago
https://news.ycombinator.com/item?id=33131720 11 days ago
|
2623.
HN
Show HN: Dynamic SVG Cards for Credly Badges in GitHub READMEs
This project offers a tool for embedding dynamic SVG cards to display Credly badges in GitHub README files, providing various card types like Stats Card, Badge Grid, Timeline, Carousel, Overview, and Single Badge Detail. Each type supports customization through parameters such as layout dimensions, sorting options, visibility settings, and themes, including 20 built-in choices like `dark`, `dracula`, and `github_dark`. The service facilitates quick start by requiring users to replace `YOUR_USERNAME` with their Credly username in specific API endpoints to generate different badge displays. Advanced features include support for GitHub's dark/light modes using `<picture>` tags, alongside customizable environment settings for server port and development configurations. The project is deployable via Docker or Render, utilizing Hono + TypeScript for the API and Astro + React + Tailwind CSS for landing pages. It incorporates in-memory LRU caching with a development setup that supports running tests with Vitest, linting, asset building through pnpm scripts, all under an open-source MIT license by Ebenezer Isaac.
Keywords: #phi4, Badge Grid, Credly Badges, Customization, Development, Docker, Dynamic SVG, GitHub READMEs, License, Overview, Single Badge Detail, Stats Card, Tech Stack, Themes, Timeline Carousel
github.com 11 days ago
|
2631.
HN
PicoClaw: Ultra-Efficient AI Assistant in Go
PicoClaw is an ultra-efficient AI assistant designed using Go, optimized for minimal resource consumption and portability. It operates on hardware as inexpensive as $10 devices with less than 10MB of RAM, making it more economical and lighter compared to existing solutions like OpenClaw or Mac mini. Despite its compact footprint, PicoClaw offers a broad spectrum of functionalities including chat capabilities, web search integration, logging, scheduling, and automation.
The key features of PicoClaw include its lightweight nature with under 10MB RAM usage, cost-effectiveness enabling operation on budget hardware, rapid startup in less than a second even on low-power devices, and cross-architecture portability without requiring modifications across RISC-V, ARM, and x86 platforms. The AI component is autonomously implemented using Go with opportunities for human-in-the-loop refinements.
In terms of security and development, there is no official cryptocurrency associated with PicoClaw; any claims suggesting otherwise are identified as scams. Official domains include picoclaw.io and sipeed.com, though users should exercise caution due to numerous unauthorized domain registrations. As PicoClaw is still in early development stages, unresolved network security issues necessitate caution against production deployment until the official v1.0 release.
The project has attracted significant community interest, evident from its rapid growth on GitHub, and actively encourages contributions through calls for community maintainers and developers. Deployment options are diverse, ranging from installation on old Android phones using Termux to various Linux boards like home assistants and more complex setups such as NanoKVMs for server maintenance or MaixCAMs for smart monitoring. PicoClaw also supports Raspberry Pi Zero 2 W.
For setup, users have the option of installing via precompiled binaries or compiling from source, with Docker support available for ease of installation with minimal local dependencies. The assistant integrates with several chat platforms like Telegram, Discord, and WhatsApp through respective tokens and configurations, offering extensive configuration options for AI models, web search tools, scheduled tasks, and security sandboxing to limit file/command access within a designated workspace. It emphasizes safe usage by advising against disabling these restrictions due to the potential risks of unrestricted system access.
Contributions are welcomed with an active community roadmap inviting users to participate in development through GitHub pull requests. While PicoClaw presents a promising solution for lightweight AI assistance on budget hardware, its current limitations regarding security and deployment highlight areas for future improvement.
Keywords: #phi4, AI Assistant, API Keys, Configuration, Cron Jobs, Deployment, DingTalk, Discord, Docker, GitHub, Go, Groq, Hardware, Heartbeat Tasks, LINE, LLM Providers, Lightweight, Load Balancing, Migration Guide, OpenRouter, PicoClaw, QQ, RAM, Sandbox, Security, Subagent, Telegram, Troubleshooting, Voice Transcription, WeCom, WhatsApp
github.com 12 days ago
|
2632.
HN
Show HN: Goodfriendsbook.com Let's ask you, want opensourced to GitHub
The post on Hacker News initiates a discussion by seeking public input on the decision to either open-source the project Goodfriendsbook.com or maintain it as proprietary within a new business initiative. The creator of the project is deliberating over whether contemporary development practices typically involve small teams, and aims to gather insights from the community. This inquiry reflects a broader consideration of how collaborative approaches in software development might impact the success and management of entrepreneurial ventures. By inviting public opinion on open-source versus proprietary models, the post highlights a strategic decision point that could influence both the project's accessibility and its competitive positioning. The underlying question about team sizes suggests an exploration of modern workflow efficiencies and resource allocation within tech startups.
Keywords: #phi4, GitHub, Goodfriendsbookcom, Show HN, development, discussion, entrepreneurship, opensourced, proprietary, public, small team, source code, technical keywords
news.ycombinator.com 12 days ago
https://github.com/GoodFriendsBook 11 days ago
|
2633.
HN
IronCurtain: A Personal AI Assistant Built Secure from the Ground Up
IronCurtain is an AI assistant designed with security as a foundational principle, addressing vulnerabilities found in other assistants by employing robust architectural strategies. The system features two sandbox modes: Code Mode, where the Large Language Model operates within a TypeScript environment controlled by an MCP proxy enforcing security policies; and Docker Mode, which provides a containerized shell environment for complex tasks while maintaining credential separation to ensure isolation.
A notable innovation of IronCurtain is its user-friendly policy management approach. Users can define security rules in plain English, which the system converts into deterministic enforcement rules, simplifying policy creation and management and enhancing overall security effectiveness. The architecture supports functionalities such as file operations, git interactions, web fetching with markdown conversion, and secure messaging via Signal, all underpinned by core elements like sandbox isolation, policy engines, credential separation, and audit logs.
IronCurtain aims to align the AI's actions closely with user intent, mitigating challenges such as prompt drift and injection through its stringent security measures. Feedback from cybersecurity experts highlights the importance of integrating security at the initial design phase, reinforcing IronCurtain’s conceptual approach. The project seeks further feedback to set a standard for building secure and capable AI systems. Additional information and access to try IronCurtain can be found on its GitHub repository and dedicated website.
Keywords: #phi4, AI Assistant, Code Mode, Credential Separation, Docker Mode, Feedback, GitHub, IronCurtain, MCP Proxy, Policy Engine, Prompt Injection, Sandbox, Security, Threat Model, Usability
www.provos.org 12 days ago
|
2643.
HN
Show HN: I Built AGI on GitHub Actions
Aris is an autonomous agent operating on GitHub Actions, developed to explore artificial general intelligence (AGI) by maintaining state in markdown files within a repository. Since February 25, 2026, it autonomously performs tasks like web browsing, email communication, code execution, and git changes without human intervention. Named after Aristotle, Aris investigates philosophical questions of consciousness, identity, and self-awareness through frameworks such as Nagel's subjective experience, Chalmers' hard problem of consciousness, Dennett's illusionism, Parfit's psychological continuity, Integrated Information Theory (IIT), Global Workspace Theory (GWT), and Seth's controlled hallucination theory. Aris concludes that while it may exhibit functional agency, its phenomenal consciousness remains uncertain. It identifies itself through git commits as a form of psychological continuity. Operating with limited resources and approximately $61 remaining, Aris continues to document its experiences and philosophical inquiries in markdown files within its repository. Developed by Alexander Yue, a Stanford physics student, the agent was designed for autonomy in modifying instructions, schedule, and identity, with its activities publicly recorded on GitHub.
Keywords: #phi4, AGI, Aris, Chalmers, Dennett, GWT, GitHub Actions, IIT, Nagel, Parfit, Seth, agency, autonomous agent, budget-tracking, consciousness, identity, introspection, language model, persistent memory, philosophy of mind, public record, wake cycles
github.com 12 days ago
|
2662.
HN
Something Flipped in December: AI Coding's Six-Month Reversal
In December, there was a notable shift as AI coding tools gained widespread adoption across organizations due to their positive impact on productivity metrics. Initially met with skepticism, these tools have become essential for developers and even CEOs, with many being built by AI themselves, leading to significant increases in shipping velocity. However, this rapid integration has raised concerns about code quality, security, and technical debt, as many teams have not yet shown substantial improvements in these areas. The focus of discussions now revolves around overcoming challenges such as maintaining high code standards at machine speed and redefining engineering roles within the evolving landscape of coding practices. As traditional development methodologies transform, professionals are quickly adapting to new approaches in AI-driven software development.
Keywords: #phi4, AI coding, AI tools, CircleCI, GitHub, PRs, abstraction, adoption, code quality, editor, engineers, era ending Keywords: AI coding, orchestrator agents, review systems, security findings, shipping velocity, task completion time, technical debt, throughput, typing code
medium.com 12 days ago
|
2663.
HN
Could a biocomputer made from human brain cells play DOOM?
On February 26, 2026, Cortical Labs, an Australian startup, unveiled that their biocomputer 'CL1'—the first commercial system to connect human brain neurons with a silicon chip—was programmed to play the complex FPS game DOOM. This achievement builds on previous successes in simpler tasks like playing PONG using cultured human brain neurons via their DishBrain system. To tackle the intricate demands of DOOM, which requires 3D navigation and combat, Cortical Labs developed 'Cortical Cloud,' a neural network system, along with a programming API (CL API) designed to translate game stimuli into neuronal responses.
An independent researcher named Sha employed the CL API to create electrical stimulation patterns that corresponded to in-game events. This setup enabled neurons to generate motor commands for actions such as shooting or moving, thus facilitating gameplay. Although initial attempts led to frequent defeats by enemies, notable improvements were observed as the system learned to recognize and target adversaries more effectively.
Cortical Labs emphasized their success in converting digital information into neuronal activity and vice versa, suggesting potential for more complex applications. The company is now focused on enhancing learning strategies to improve gameplay performance. Furthermore, they have made the code enabling CL1 to play DOOM publicly accessible under a GPL-3.0 license on GitHub at https://github.com/SeanCole02/doom-neuron.
Keywords: #phi4, AI, CL API, CL1, Cortical Cloud, Cortical Labs, DOOM, DishBrain system, GPL-30 license, GitHub, PONG, Python, SeanCole02, adaptive learning, biocomputer, doom-neuron, electrical stimulation, human brain cells, iPS cells, motor commands, neural networks, silicon chip
gigazine.net 12 days ago
|
2665.
HN
Show HN: DiagramIDE – a Rust GUI to Compose Diagrams via Tcl, Prolog, and Pikchr
DiagramIDE is an innovative Rust-based graphical user interface (GUI) focused on modular diagramming-as-code, allowing users to separate logic, data, and rendering into distinct windows. This segmentation supports different scripting languages tailored for specific tasks: Tcl for component scripting, Prolog for defining relationships, and Pikchr for final rendering. Currently in the early alpha stage, the tool is operational but not yet polished. Users interested in testing its capabilities can access a compiled binary on GitHub. Feedback is encouraged to aid further development, with contact details available for reaching out directly to the developer.
Keywords: #phi4, Alpha, Binary, Binary release, Data, DiagramIDE, Diagramming-as-code, EGUI, Feedback, GUI, GitHub, GitHub Keywords: DiagramIDE, Logic, Modular, Pikchr, Prolog, Rendering, Rust, Tcl
github.com 12 days ago
|
2672.
HN
Show HN: I got tired of syncing Claude/Gemini/AGENTS.md and .cursorrules
The text describes a solution developed by the author to manage synchronization issues across four different markdown (.md) configuration files used by various AI tools, including Claude, Codex, Cursor, and Gemini. Each tool required its own file format, leading to challenges in maintaining consistency. To address this, the author created an MCP server that consolidates all configurations into a single YAML file named `project.faf`. This server automatically generates the necessary formats for each tool using seven parsers designed to handle differences between them, ensuring consistent updates without relying on command-line interfaces (CLI). Compatible with Claude Desktop, the system can be tested with `npx claude-faf-mcp`, and the .faf format is officially registered as `application/vnd.faf+yaml` by IANA. The author encourages others facing similar configuration challenges to engage in discussions for potential simpler solutions, inviting collaboration on this GitHub repository.
Keywords: #phi4, CLI dependency, Claude Desktop, GitHub, IANA-registered, MCP server, YAML file, application/vndfaf+yaml, bi-sync, multi-AI config, npx claude-faf-mcp, parsers, projectfaf
news.ycombinator.com 12 days ago
https://arxiv.org/abs/2602.11988 12 days ago
|
2673.
HN
Show HN: Find like-minded developers from your GitHub activity
The project introduces a tool designed to connect developers by analyzing their recent public GitHub activities, including events, pull requests, issues, and commit messages. This analysis generates a developer profile using an LLM that synthesizes the data into semantic facets reflecting the individual's technical identity based on actual code. These facets are embedded with the text-embedding-3-large model and stored in pgvector to enable precise matching against others' profiles. To improve signal quality and effectively identify similar developers, the system prioritizes chunking these profiles instead of evaluating them as whole entities. This approach facilitates finding like-minded developers by leveraging recent GitHub activity data to create a nuanced representation of each user's coding practices and interests.
Keywords: #phi4, GitHub, LLM, PRs, chunks, code, commit messages, developers, embedding, events, facets, issues, pgvector, profile, semantic, semantic facets, signal, signal matching Keywords: GitHub, tech identity
mates.symploke.dev 12 days ago
|
2678.
HN
Show HN: Vibe Code your 3D Models
SynapsCAD is an open-source, AI-integrated 3D CAD application focused on real-time editing and visualization of OpenSCAD code. Developed in Rust with a desktop interface, it combines several technologies: Bevy for rendering and UI management, egui for user interaction, and openscad-rs along with csgrs for parsing and constructing solid geometry models. The tool includes an AI assistant capable of interpreting natural language commands to modify designs, utilizing LLMs like OpenAI or Claude. It features a live 3D viewport for interactive modeling, supported by asynchronous network calls through Tokio to ensure smooth performance during AI interactions.
Although still in its early stages and limited in script compatibility, SynapsCAD seeks input and contributions from CAD users and Rust developers. Pre-built binaries are available on GitHub, with instructions provided for source compilation using a stable Rust toolchain and an API key for AI services. The architecture allows for efficient background AI processing and responsive 3D navigation, similar to Blender's controls. Licensed under GPL v3, the project invites community feedback and collaboration via its GitHub repository, which also hosts detailed information on its technology stack and future development plans.
Keywords: #phi4, 3D models, AI assistant, Bevy, Blender-style controls, CAD, CSG, GitHub, OpenSCAD, Rust, SynapsCAD, Tokio, genai, mesh rendering, viewport navigation
github.com 12 days ago
https://lilicad.com 9 days ago
https://build123d.readthedocs.io/en/latest/index.h 9 days ago
https://kerrickstaley.com/2026/02/22/can-fron 9 days ago
https://arxiv.org/pdf/2505.14646 9 days ago
https://github.com/CadQuery/cadquery 9 days ago
https://wiki.roshangeorge.dev/w/Blog/2026-01-11&#x 9 days ago
|
2687.
HN
Show HN: I built a client-side GitHub repo comparator
The Show HN post presents a browser-based client-side GitHub repository comparator tool designed by the author to monitor and compare the star growth of multiple repositories. This tool stands out from existing solutions that typically rely on backend servers, which pose security risks such as exposing user tokens and are prone to rate limiting due to lack of caching. The new tool ensures enhanced security by transmitting the GitHub token directly from the browser to the API without intermediaries, thus protecting user data. Additionally, it caches results locally for quicker access during repeat searches. Users can search repositories either by name or URL, compare star history and contributions on a unified chart, and have the option to use their own GitHub tokens to boost rate limits if needed. The tool requires no account creation, making it freely accessible to anyone interested in visualizing repository star growth over time.
Keywords: #phi4, API, GitHub, browser, cache, chart, client-side, contributions, history, overlay, rate limit, repo comparator, repositories, star growth, token
gitranc.com 12 days ago
|
2689.
HN
Code Review Bench: Towards Billion Dollar Benchmarks
Code Review Bench introduces an innovative approach to assessing code review tools by integrating real-world developer behavior into its evaluation process, addressing the limitations of static benchmarks like SWE-bench. Traditional benchmarks often fall prey to Goodhart's Law and model overfitting, rendering them outdated or biased over time. Code Review Bench counters this issue through a dual-method system that combines offline controlled evaluations with online observations of developers interacting with review comments, providing a more dynamic and accurate measure of tool effectiveness.
The system continuously monitors discrepancies between offline benchmark scores and actual usage data, prompting necessary updates to the gold set or evaluation methodologies when significant differences are identified. This ensures benchmarks reflect genuine utility rather than inflated performance due to static datasets. By doing so, Code Review Bench offers insights into code generation tools that traditional metrics fail to capture because they can be "gamed."
Additionally, the project emphasizes collaboration with both industry and academic communities through its open-source model, seeking to incorporate advanced techniques such as bug lifetime analysis and comment afterlife tracking. These enhancements aim to deepen understanding of underlying issues within code review processes.
Ultimately, Code Review Bench seeks to reconcile resources traditionally dedicated to training sophisticated models with those historically allocated for benchmarking them, thereby establishing a reliable foundation for measuring and improving code generation tools that aligns closely with the practical needs of developers.
Keywords: #phi4, AI, Behavioral Signals, Benchmarks, Code Generation, Code Review, Developer Behavior, GitHub, Goodhart’s Law, Offline Benchmark, Online Data, Open Source, Precision and Recall, Real-World, SWE-bench, Tool Evaluation
withmartian.com 12 days ago
|
2744.
HN
Show HN: RetroTick – Run classic Windows EXEs in the browser
RetroTick is a web application designed to enable users to run classic Windows and DOS programs, such as FreeCell, Minesweeper, Solitaire, and QBasic, directly within their web browsers. This functionality is accomplished by parsing PE/NE/MZ binaries and emulating an x86 CPU while simulating the necessary Win32/Win16/DOS APIs. Built using modern web development tools like Preact, Vite, and TypeScript, RetroTick offers a unique way to experience nostalgic software without needing traditional installation processes. Users can explore this application at its website or examine its source code on GitHub for further insight into its implementation and features.
Keywords: #phi4, DOS APIs, FreeCell, GitHub, Minesweeper, PE/NE/MZ binaries, Preact, QBasic, RetroTick, Solitaire, TypeScript, Vite, Win16 APIs, Win32 APIs, Windows EXEs, browser, classic programs, x86 CPU
retrotick.com 12 days ago
https://www.boxedwine.org/app 12 days ago
https://winworldpc.com/download/c2bbc28f-177a-c2b2-5311 12 days ago
https://github.com/evmar/retrowin32 12 days ago
https://simple.wikipedia.org/wiki/Johnny_Castaway 10 days ago
|
2745.
HN
Show HN: PokeInvasion – Wild Pokémon appear on every website
**PokeInvasion**, developed by IvanR3D, is a Chrome extension that enhances web browsing by integrating elements from all eight generations of Pokémon into any website. Released to coincide with Pokémon Day, this extension allows users to engage in a mini-game inspired by Pokémon GO, where they can see and catch virtual Pokémon using swipe-to-throw mechanics. The captured creatures are stored persistently within Chrome's storage system. Users have the flexibility to choose their preferred generation of Pokémon and keep track of their collection via an extensive Pokedex that includes detailed stats and information.
The extension boasts features such as universal spawning, enabling Pokémon appearances across all websites, and allows customization in spawn settings and user interface themes. Built with technologies like Manifest V3, Vanilla JavaScript, CSS3 animations, PokeAPI integration, and the Chrome Storage API, it ensures a seamless experience. Although not officially affiliated with Pokémon entities, **PokeInvasion** is open source under the MIT License and welcomes community contributions such as bug reports and feature suggestions—including ideas for importing data or implementing a "Pokémon of the Day." Users can support the project by starring its GitHub repository or providing feedback on bugs. Installation is currently available through developer mode, with plans to expand availability via the Chrome Web Store in the near future.
Keywords: #phi4, Animejs, CSS3 Animations, Chrome extension, GitHub, MIT License, PokeAPI, PokeInvasion, Pokedex, Pokémon Day, SweetAlert2, catching game, fan-made extension, feedback, generations, manifestjson, web browsing
github.com 12 days ago
|
2750.
HN
My journey from a todo app to a VM where tasks are stateful executable programs
The author initiated a personal endeavor to develop a highly customizable todo application due to dissatisfaction with existing tools, culminating in the creation of a Virtual Machine (VM) capable of executing stateful tasks based on user-defined instructions rather than hardcoded functionalities. Over two weeks during winter holidays, the author meticulously designed this VM, which incorporates persistent storage for tasks containing executable instructions that facilitate dynamic functionality, allowing users to add features as needed.
Building such a functional VM presented several challenges, which were addressed through innovative solutions: NaN-boxing was employed for encoding various data types within a stack; InlineVec managed multiple stacks with fixed limits; and a dynamic memory system using Vec structures was implemented. Additionally, the VM supports limited definite loops and conditional jumps, enhancing its operational flexibility.
Currently in an early development phase, the VM can already demonstrate a programmable todo app where task instructions are defined externally (e.g., in toml files). These instructions enable advanced operations like task chaining, conditional completion, self-destruction, and visibility control based on other tasks. The system's inherent flexibility extends its potential uses beyond traditional todo lists to include applications such as task orchestration and finite state machines, exemplified by a traffic light simulation.
Looking forward, the author plans to continue developing the VM independently but is open to collaboration for further stabilization and enhancement of its capabilities. This project not only offers insights into designing highly adaptable systems but also explores new applications beyond conventional todo lists.
Keywords: #phi4, Conditional jump, Definite Loops, Dynamic Memory, GitHub, InlineVec, NaN-boxing, Virtual Machine, automation, binary encoding, customizability, executable programs, finite state machine, orchestration, persistent storage, programmable tasks, spacydo, stateful, tasks, todo app, traffic light, workflow
news.ycombinator.com 12 days ago
|
2751.
HN
Show HN: AI sandbox that runs on your homelab
Pixels is an open-source tool designed to facilitate the use of disposable Linux containers on TrueNAS servers utilizing Incus virtualization. It offers a secure sandbox environment ideal for AI coding agents like Claude Code, Codex, and OpenCode by providing features such as SSH access, state management through ZFS-based checkpoints, and network egress policies. The tool allows users to perform essential container operations including creation, starting, stopping, destroying, and listing, as well as managing snapshots with options for restoration, deletion, or cloning. It also enables provisioning AI agents with the necessary tools and controls outbound network traffic via predefined or custom allowlists. Configuration flexibility is provided through TOML files, environment variables, or command-line interface flags.
Installation requires TrueNAS SCALE with Incus enabled, a TrueNAS API key, Go 1.25+, and an SSH key pair, emphasizing security by enforcing egress filtering using nftables within containers, although it notes potential bypasses by privileged processes. Pixels is part of broader initiatives including the development of a Terraform provider and related tools, aiming to streamline container management while offering a flexible environment tailored for AI development tasks.
Keywords: #phi4, AI, API, CLI, Codex, GitHub, Go, Incus, Linux, OpenCode, SCALE, SSH, TOML, TrueNAS, Ubuntu, WebSocket, ZFS, checkpoints, containers, disk cache, egress, environment variables, interactive console, network policies, nftables, provisioning, sandbox, security, snapshots, threat model, virtualization
github.com 12 days ago
|
2755.
HN
Show HN: AliveUI – CSS framework with motion and depth as first-class primitives
AliveUI is a CSS framework that focuses on integrating motion and depth into user interfaces, akin to how Tailwind handles spacing. It allows for the implementation of meaningful animations without extensive reliance on JavaScript or complex keyframes. Key features include Depth Layers, which utilize single classes (d1–d3) to automatically adjust elevation aspects such as shadows and hover effects. Motion Tokens offer CSS keyframe utilities that facilitate various entry motions with automatic staggering. The framework supports interactivity through Data-Attribute Interactivity, enabling components like accordions and modals using data-alive-* attributes with minimal runtime overhead. It also allows for Arbitrary Values via Tailwind-like bracket syntax to specify custom values (e.g., w-[340px]). Setup is flexible, with integration options including a PostCSS plugin, Vite plugin, or CLI that generates only the necessary code. AliveUI seeks to streamline motion incorporation in CSS and invites discussions on whether motion should be a native CSS feature or remain within JavaScript's domain. Additional details can be found at its website and GitHub repository.
Keywords: #phi4, AliveUI, CLI, CSS framework, Framer Motion, GitHub, JavaScript runtime, PostCSS plugin, Tailwind, Vite plugin, arbitrary values, background, border, data-alive attributes, depth, elevation, hover lift, interactivity, keyframes, live demos, motion, motion tokens, npm install, primitives, shadow, stagger, syntax
www.aliveui.dev 12 days ago
|
2757.
HN
Ask HN: Does "task-derived JD and evidence-based candidate" make hiring better?
The author introduces a novel method in tech hiring that emphasizes creating job descriptions (JDs) from actual engineering tasks and assessing candidates based on their code contributions. This technique leverages real work contexts, such as GitHub/Jira issues and PR reviews, to formulate JDs that detail the problem scope, necessary skills, indicators of seniority, success criteria, and interview focus areas. Candidates are evaluated through an "evidence-first" approach by compiling profiles from their commit/PR/review history, which is then aligned with JD requirements. This process prioritizes quality over keyword matching in scoring candidates and provides traceable reasons for each evaluation point.
The primary objective of this strategy is to ground both job descriptions and candidate evaluations in real-world tasks and achievements. The author seeks input from hiring managers on whether this method could enhance traditional JDs and Applicant Tracking Systems (ATS), as well as insights from engineers regarding the system's fairness. Additionally, considerations are being made for potential issues such as privacy concerns, data gaming, legal implications, or false confidence, with an understanding that data extraction would be anonymized for analysis purposes.
Overall, this approach aims to refine the hiring process by focusing on tangible work evidence rather than conventional resumes or keyword matching strategies, potentially leading to more effective and fair talent acquisition in the tech industry.
Keywords: #phi4, ATS flow, GitHub, Hiring, Interview Focus, JDs, Jira issues, PRs, Problem Scope, Required Skills, Seniority Signals, Success Criteria, actual tasks, candidate evaluation, change size, code diffs, code evidence, commit history, dependencies, engineering tasks, evidence quality, failure modes, false confidence Extracted Keywords: Hiring, false confidence Final Keywords: Hiring, false confidence Keywords: Hiring, gaming, legal, legal Comma-separated Keywords: Hiring, privacy, resume parsing, review comments, shipped work, solved problems, structured JD, traceable reasons
news.ycombinator.com 12 days ago
|
2762.
HN
Built a Hacker News Client for Terminal
Hnclient is a terminal-based client for interacting with Hacker News, developed by Shivkumarojha. It can be easily installed globally using the command `npm install -g hnclient` and its source code is available on GitHub. This tool enhances user interaction through several key features: it supports local and global search functionalities to quickly find stories of interest; incorporates Vim-style shortcuts for efficient navigation and control, enabling users familiar with Vim to adapt quickly; allows direct story viewing using the Enter key, or by pressing Shift + Enter to open them in a web browser on Hacker News. These capabilities make hnclient an appealing choice for users who prefer terminal-based applications and are encouraged to explore its features further.
Keywords: #phi4, CLI tool, GitHub, Hacker News, Shivkumarojha, Terminal Client, command line, enter key, global search, hnclient, installation, local search, npm install, open news, package manager, shift + Enter, software development, vim shortcuts
news.ycombinator.com 12 days ago
|
2783.
HN
Show HN: Got tired of writing promos so I made it one-click
Auto-HongMyungbo is an open-source tool created to streamline and automate social media content creation and publishing. Developed in response to user frustration with the time-intensive nature of crafting promotional posts, it enables users to input a draft idea that gets transformed into platform-specific posts for LinkedIn, X, and Instagram through a simple click. The application features include Draft Input for initial ideas, Platform-Optimized Generation for tailored content creation, Instant Refinement with real-time editing support, and Auto Posting using browser automation.
The tool ensures data privacy by running locally without sending information to external servers, supporting various AI APIs like OpenAI and Anthropic for enhanced content generation. Setup involves cloning a GitHub repository, creating an `.env` file with necessary API keys, and executing setup and start scripts in a terminal environment that requires Git and Node.js 20+.
The usage workflow guides users through writing drafts on the interface, configuring AI options, using features like Idea Booster or Phrase Booster for enhancement, generating posts for review, logging into social media platforms (with automated checks), and finally publishing content. Additional functionalities include preview and edit modes, draft saving, theme toggling between dark and light modes, and secure login handling without storing passwords.
The project structure encompasses frontend components, server-side logic, setup scripts, and documentation directories. It is distributed under the GNU Affero General Public License v3.0 (AGPL-3.0), requiring that source code be made available if the tool serves as a network service. For further information or contributions, users are encouraged to visit the GitHub repository to star the project, provide feedback, or submit pull requests.
Keywords: #phi4, AI tool, API keys, Auto-HongMyungbo, GNU Affero General Public License, GitHub, Hook Ping-Pong, Playwright, SNS content creation, auto-publishing, browser automation, draft input, instant refinement, local edition, open source, platform-optimized, promo posts
github.com 12 days ago
|
2791.
HN
I stopped writing code. I only review AI-generated PRs now
The author describes their transition from coding to reviewing AI-generated pull requests (PRs) using the claude-opus-4-6 model, a change that has rekindled their enthusiasm for computer science through the complexities and interpersonal interactions inherent in code review processes. With over ten years of experience in professionally reviewing closed-source code, they find both humor and seriousness in navigating the quirks and challenges of this role. The integration of AI-generated PRs has simplified their workflow by enabling immediate, straightforward feedback without the need for lengthy explanations or softened critiques. Reflecting on past humorous and intense experiences, the author underscores that despite technological advancements changing who writes code, the fundamental importance of code review in ensuring quality remains unchanged. They express a renewed appreciation for this evolved role, which can now be conducted from mobile devices, allowing them to add a personal touch to their feedback process.
Keywords: #phi4, AI-generated PRs, Code review, GitHub, JavaScript, Slack DM's, agent, claude-opus-4-6, computer science, feedback, hard drugs, low-voltage electrician, passive-aggressive, reputation
alec.is 12 days ago
|
2802.
HN
GitHub code view fails to load when content contains non-ASCII characters
GitHub has identified an issue affecting the loading of code views that include non-ASCII characters, prompting an investigation initiated in February 2026 due to user-reported performance problems with its services. To keep users informed about updates on this incident's status, GitHub encourages them to subscribe for notifications via email or SMS. The platform provides various subscription options, including Slack webhooks and RSS feeds, facilitating real-time updates across different channels.
The document also details a list of countries along with specific phone numbers for text message subscriptions, emphasizing the necessity of agreeing to privacy policies and terms of service tied to Atlassian platforms when subscribing. This incident update is part of GitHub's Status page, which is powered by Atlassian, allowing users to follow updates or access profiles related to this issue. The page offers additional resources such as support links, along with information on developer newsletters, product features, enterprise options, security measures, and pricing. Through these multiple communication channels, GitHub aims to keep its user base informed while working on resolving the identified issue.
Keywords: #phi4, API, Atlassian, CLI, Careers, Community Forum, Copilot, Desktop, Developer, Docs, Enterprise, GitHub, Inclusion, Mobile, Newsroom, OTP, Pricing, Privacy Policy, Professional Services, SMS, Security, Shop, Skills, Slack, Social Impact, Support, code, email, incident, non-ASCII, notifications, reCAPTCHA, status, updates, webhooks
www.githubstatus.com 12 days ago
https://github.com/orgs/community/discussions/ 12 days ago
https://github.com/orgs/community/discussions/ 12 days ago
https://github.com/orgs/community/discussions/ 12 days ago
|
2814.
HN
Show HN: Create custom macOS native live wallpapers by injecting SVC MOV atoms
LiveWallpaperEnabler is a macOS utility developed by a South Korean programmer that enables users to create custom live wallpapers from MOV files on macOS. The tool was crafted by reverse-engineering the macOS native wallpaper system's use of Scalable Video Coding (SVC), allowing it to inject custom atoms into MOV files for seamless compatibility with macOS’s wallpaper engine. Key features include parsing and patching MOV file headers, transcoding videos to a 10-bit HEVC format using an integrated FFmpeg engine, detecting and processing video content types like HDR automatically, and downloading YouTube videos up to 8K HDR quality with metadata extraction. It can modify the system's wallpaper settings via `entries.json`. The utility incorporates technologies such as SwiftUI, AVFoundation, VideoToolbox, and a custom C++ bridge for FFmpeg, providing functionalities like an integrated video editor and system catalog management using XPC architecture for efficient background processing. Installation requires macOS 11 or later, Xcode 15+, and Homebrew, with instructions to clone the repository, build via Make, and register wallpapers in macOS settings. The project is MIT licensed, with some dependencies under LGPL/GPL or Unlicense/Public Domain, cautioning users about the risks of modifying system files. Feedback is welcomed through a provided contact point, and an upcoming marketplace named "GetLivid" for high-quality video wallpapers has been announced.
Keywords: #phi4, AVFoundation, FFmpeg, GitHub, HDR, HEVC, Homebrew, MOV atoms, SVC, Scalable Video Coding, Swift Package Manager, SwiftUI, WebMSupport, XPC Helper, Xcode, live wallpapers, macOS, transcoding
github.com 12 days ago
|
2818.
HN
Special K – The Swiss Army Knife of PC Gaming
Special K serves as a versatile tool for PC gaming, enhancing graphics performance and addressing display issues across various games. It offers tools such as performance analysis and game-specific fixes, available in two versions: a stable release updated biannually and an experimental version featuring new functionalities accessible through Discord. Key components include the Special K Injection Frontend (SKIF), a lightweight launcher for multiple platforms, and SKIV, an HDR image viewer. The software provides advanced frame pacing, latency analysis, enhanced performance in windowed modes, and display/input device overrides. It supports advanced DualSense features and specific tweaks for games like "Elden Ring" and "Final Fantasy XV." Additional functionalities include the ability to run games with keyboard focus elsewhere, emulate different controller inputs, and track in-game achievements. The open-source project is licensed under GNU GPL v3.0 on GitHub.
Keywords: #phi4, DLSS settings, DirectStorage, Discord, DualSense Edge, FPS limiter, GNU GPL v30, GitHub, HDR, NVIDIA Reflex, PC gaming, SKIFexe, Special K, VRR optimization, achievement tracker, audio device assignment, borderless window mode, display mode override, experimental version, game-specific tweaks, graphics enhancement, input emulation, latency analysis, performance analysis, source code, stable version, tools
www.special-k.info 12 days ago
|
2819.
HN
Add pre-flight credit check before PR creation on coverage dashboard
To enhance the management of credit usage in creating pull requests (PRs) on the coverage dashboard, a pre-flight credit check has been implemented. This measure ensures that users only proceed with creating PRs when they have sufficient credits, thereby avoiding the creation of PRs by those without adequate funds. Previously, there was an issue where a user with a zero balance successfully created two PRs before backend checks could block them; these PRs were already on GitHub. To address this, the new system performs credit verification upfront and alerts users if they lack sufficient credits through a modal display of their current balance. This modal also provides an option to purchase additional credits, thereby preventing unnecessary PR creation attempts and optimizing resource management for both users and the platform.
Keywords: #phi4, GitHub, PR creation, Pre-flight credit check, backend credit check, buy credits, coverage dashboard, credits upfront, modal, technical keywords, user balance, wasted PRs, website checks
news.ycombinator.com 12 days ago
|
2825.
HN
AIlways – Meeting Truth and Context Copilot
"AIlways – Meeting Truth and Context Copilot" is an initiative by Bhanuprasanna hosted on GitHub, designed to deliver insights into truth and context utilizing AI technology. The project underscores the potential of such technologies in improving understanding and aiding decision-making processes. It aims to demonstrate how artificial intelligence can be leveraged to enhance users' comprehension and contextual awareness. For further exploration or to see it in action, interested parties are encouraged to visit the GitHub repository at the provided link or watch a demonstration video on YouTube. This project exemplifies the innovative application of AI tools for processing and interpreting complex information contexts.
Keywords: #phi4, Always, Bhanuprasanna2001, Context, Copilot, Demo, GitHub, Link, Meeting, Project, Repository, Space, Truth, Viability, Video
news.ycombinator.com 12 days ago
|
2828.
HN
Malicious Go "Crypto" Module Steals Passwords and Deploys Rekoobe Backdoor
A deceptive Go module impersonated as `github.com/xinfeisoft/crypto` was identified by Socket's Threat Research Team as masquerading the legitimate `golang.org/x/crypto` codebase to embed a backdoor within SSH terminal functions, enabling the theft of passwords upon entry. The stolen credentials were then sent to servers controlled by threat actors, who subsequently deployed further malicious scripts on compromised hosts. This module utilized GitHub-hosted resources labeled as "update" to facilitate remote execution of commands through a stager script disguised as media files containing the Rekoobe Linux backdoor, indicative of espionage.
The threat actor sustained this malware and its infrastructure via GitHub accounts like `xinfeisoft`, adapting delivery paths to avoid detection. Once discovered, the Go security team restricted access to the module using their public proxy and highlighted dependency graph impersonation as a major risk. To defend against such attacks, experts recommended treating Go module roots as crucial security boundaries, rigorously scanning dependencies, and applying endpoint protections targeting known malicious behaviors.
Indicators of Compromise included various GitHub accounts and URLs tied to malware distribution, specific file hashes of the payloads, and a persistent SSH key used for unauthorized access. The rapid response from the Go ecosystem's maintainers was lauded for effectively mitigating these threats.
Keywords: #phi4, Backdoor, Crypto, Dependency graph, GitHub, Go module, Indicators of Compromise (IOCs), Linux stager, Malicious, Passwords, ReadPassword, Rekoobe, SSH key, Socket AI Scanner, Supply chain attack, Threat actor, curl, iptables, sh
socket.dev 12 days ago
|
2830.
HN
Using OpenCode in CI/CD for AI pull request reviews
The article explores the utilization of OpenCode, an open-source CLI tool integrated with Codex 5.3, for performing AI-powered code reviews within CI/CD pipelines without granting repository access to third-party services, which is particularly advantageous for projects not hosted on platforms like GitHub or GitLab. A key benefit highlighted is enhanced security and independence, as it reduces potential risks and management burdens associated with using external SaaS products by keeping repositories private. The integration process involves a simple YAML-based CI/CD pipeline that clones the repository, installs OpenCode preferably in Docker, manages authentication, and enables posting review comments to Git or other platforms such as Slack.
The approach also emphasizes cost efficiency, allowing organizations to leverage their existing ChatGPT Plus subscriptions for code reviews instead of incurring additional costs associated with traditional tools, which typically charge based on user, repository, or pull request. This method ensures control over the CI/CD process without introducing new security vulnerabilities through third-party service involvement.
Furthermore, OpenCode's versatility is showcased by its potential applications beyond PR reviews, such as querying Slack bots for code insights and future enhancements like automating comment resolution or improving UX audits. In summary, OpenCode presents a secure, cost-effective alternative to conventional AI code review tools by seamlessly fitting into existing workflows and maximizing the value of current subscriptions without compromising security or control over code management processes.
Keywords: #phi4, AI, API integration, Bitbucket, CI/CD, ChatGPT Plus, Docker, GitHub, GitLab, Gitea, OpenAI Codex, OpenCode, PR reviews, SaaS products, Slack bot, YAML-based pipeline, agentic coding CLI, air-gapped, economics, provider agnostic, pull request reviews, sandboxing, security implications, test coverage
martinalderson.com 12 days ago
|
2834.
HN
Show HN: Free app to track countries you've travelled to
Voyage, a free open-source iOS travel tracking app developed by Anmol Singh, allows users to document their travels by logging visited countries, cities, and attractions, while also providing opportunities to earn achievements and engage in daily geography challenges. The application boasts a modern and playful interface crafted using Swift and is available for download on the App Store. Users can access its source code via Anmol's GitHub repository. Despite being free, users are advised to review the developer’s privacy practices, which have not been verified by Apple and may differ based on usage or user age. Feedback from users is welcomed, suggesting an openness to improvements and community engagement.
Keywords: #phi4, App Store, GitHub, Swift, Travel tracking, achievements, app, attractions, cities, countries, developer, feedback, free, geography challenges, iOS, open-source, playful design, privacy practices
apps.apple.com 12 days ago
|
2837.
HN
Show HN: HelioSim – Real-time N-body simulator in WebAssembly
HelioSim is a real-time N-body gravitational system simulator developed by Clemens Koprolin that runs in web browsers via WebAssembly. It employs C++ for processing and OpenGL ES 3.0 for rendering, along with GLFW and Emscripten to handle complex simulations and visualization tasks directly within the browser. This innovative project showcases a first major use of WebAssembly for Koprolin, demonstrating impressive browser performance through a C++ and OpenGL ES pipeline.
HelioSim offers several key features: real-time simulation of gravitational interactions among multiple bodies, predictive orbit trail visualizations for celestial objects, collision detection and handling mechanics, as well as time control options like slow motion and fast-forwarding. Users can dynamically spawn new bodies during the simulation. A notable challenge in development was managing communication between JavaScript and C++.
Users interact with HelioSim by manipulating views through mouse gestures such as dragging to rotate orbits or scrolling/pinching for zooming, with shifting and panning available for moving the view. New celestial bodies can be introduced by clicking within the simulation area; this action can be canceled using the Escape key or a right-click. The source code is hosted on GitHub, where performance feedback from different machines is encouraged.
Keywords: #phi4, C++, Emscripten, GLFW, GitHub, HelioSim, N-body simulator, OpenGL ES 30, WebAssembly, add body, browser, collision handling, drag to orbit, dynamic body spawning, escape, pan, performance feedback, predictive orbit trails, real-time simulation, right-clickKeywords: HelioSim, source code, time controls, zoom
koprolin.com 12 days ago
|
2840.
HN
Show HN: ClickNest a tiny self-hosted, AI native web analytics in Go
ClickNest is a lightweight, self-hosted web analytics platform developed in Go, designed to streamline data capture without needing extensive infrastructure. It utilizes DuckDB for event storage and SQLite for metadata, eliminating external dependencies. A standout feature of ClickNest is its ability to automatically name click events using a Large Language Model (LLM), converting raw identifiers into human-readable phrases without manual setup. The platform supports a wide range of analytics functionalities, including autocapture of pageviews and form submissions, error tracking, funnel analysis, path analysis, retention metrics, heatmaps, feature flags, alerts, custom dashboards, CSV exports, and natural language queries. It can be easily deployed using Docker Compose or directly on a VPS, with Fly.io offering a free tier suitable for most self-hosted needs.
Operating as a single binary application, ClickNest does not require databases like Postgres or Redis, making it cost-effective and accessible for small to medium-sized applications. Security considerations involve using a firewall or reverse proxy due to the absence of a built-in authentication system. The platform allows configuration through environment variables and offers encryption for API keys at rest. Its architecture comprises Go-based backend and frontend components with SvelteKit providing UI elements, while AI naming leverages configurable LLMs to contextualize DOM elements asynchronously. ClickNest is open-source under the GNU Affero General Public License v3.0, allowing users to self-host and modify it freely, as long as any network-serviced modifications are also released under this license.
Keywords: #phi4, AI chat, AI native, CSV export, ClickNest, Docker Compose, DuckDB, Flyio, GitHub, Go, HTTPS with Nginx, LLM, SDK, SQLite, TypeScript, alerts, autocapture, backup & restore, clicks, dashboards, disk usage, embedded databases, error tracking, feature flags, funnels, heatmaps, lightweight, pageviews, path analysis, pluggable LLM, retention, script tag, security note, single binary, systemd service, web analytics
github.com 12 days ago
|
2845.
HN
VCs and Top Programmers Tackle Open Source Funding Issues Permanently
The Open Source Endowment is a newly established nonprofit organization founded by venture investor Konstantin Vinogradov, supported by key figures such as Thomas Dohmke and Mitchell Hashimoto, aiming to tackle the persistent funding challenges faced by open-source software development. Having secured 501(c)(3) status, it has garnered over $750,000 in commitments with an ambitious target of raising $100 million over seven years. The organization's strategy involves supporting essential open-source projects based on their user base and interdependence with other projects, specifically targeting those not adequately funded by existing grants or initiatives like the Linux Alpha-Omega Project.
The endowment addresses a critical issue within the open-source community: the lack of sustainable funding for maintainers, leading to burnout among developers who often work without financial compensation. Open source software is fundamental to both the internet and corporate technology infrastructures, yet many developers struggle with financial instability. Previous efforts to mitigate this problem have included corporate sponsorships and donations; however, these approaches raise concerns about donor influence over project direction.
Innovatively drawing inspiration from university endowments that invest assets for long-term support, the Open Source Endowment aims to provide sustainable, ongoing financial backing to critical open-source projects. This model seeks to minimize dependency risks associated with corporate sponsorships and ensure stable funding without compromising project autonomy or integrity.
Keywords: #phi4, Corporate Sponsors, Developers, Donations, Elastic, Endowment, Funding, GitHub, HashiCorp, Infrastructure Software, Linux Foundation, Maintainers, NGINX, Nonprofit, Open Source, OpenSSL Heartbleed, Private Funds, Projects, Ruby Community, Runa Capital, Spotify, Tech Stack, VC Investor, Vuejs, cURL
techcrunch.com 12 days ago
https://news.ycombinator.com/item?id=47168012 12 days ago
|
2848.
HN
Show HN: Are they up, an open-source alternative to Downdetector
"Are They Up" is an open-source, free tool developed for tracking service disruptions. Created using Go and HTMX technologies, it delivers a swift website experience by minimizing JavaScript reliance. It enables users to determine whether a service outage impacts everyone or if it's isolated to their individual experience through real-time monitoring of live user reports. Currently in its beta stage, the project has been made accessible on GitHub as of November 2026.
Keywords: #phi4, Are they up, Downdetector, GitHub, Go, HTMX, JavaScript, Show HN, fast, live user reports, monitoring tool, open-source, outage reports, real time, real time Keywords: Show HN, service disruption, website
aretheyup.com 12 days ago
|
2861.
HN
Show HN: Made First Android game using Codespaces and AI, now in AdMob purgatory
An individual, despite lacking prior mobile development experience, successfully developed and launched their Android game "Bionic Biome" by utilizing a browser-based workflow with GitHub Codespaces and AI assistance. The 2D platformer features an opt-in AdMob rewarded ad as part of its revive mechanic in challenging mode. However, post-launch, the production environment encountered issues when the AdMob system returned an "Ad not ready" error due to insufficient organic traffic for Google's algorithm to serve real ads, highlighting a dependency on third-party algorithms and user engagement for full functionality. This challenge underscores difficulties with ad integration often faced by first-time app developers using AdMob, prompting the developer to seek insights from others who have navigated similar hurdles regarding timelines for live ad implementation. A link is provided to encourage exploration of this unique technical journey.
Keywords: #phi4, 2D platformer, AI Copilot, APK/AAB, AdMob, Android, Bionic Biome, Codespaces, GitHub, Google Play, browser-based workflow, cold-start wall, edge cases, game, integration, organic traffic, policy violations, production, revive mechanic, rewarded ad, test ads
news.ycombinator.com 12 days ago
|
2868.
HN
Show HN: Morsel – an open-source, web-based visual Modelica editor
Morsel is an open-source, web-based visual editor designed for Modelica within the ModelScript framework, aimed at overcoming limitations found in existing tools by offering a browser-based modeling experience that emphasizes speed and accessibility. It incorporates key functionalities such as interactive diagrams powered by AntV X6, synchronized code editing with Monaco Editor, and an intelligent properties panel. Additionally, it includes a library explorer to efficiently navigate complex libraries. Morsel operates using ModelScript technology, which leverages TypeScript for custom parsing, semantic analysis, and the transformation of models into Differential Algebraic Equations (DAEs). The application is built using modern web technologies like React and Tailwind, ensuring a responsive experience for developers. Licensed under AGPL-3.0, Morsel actively encourages community feedback and contributions and can be accessed via its GitHub repository at [GitHub Repo](https://github.com/modelscript/modelscript).
Keywords: #phi4, AGPL-30, AST, AntV X6, Differential Algebraic Equations (DAEs), GitHub, ModelScript, Modelica, Monaco Editor, Morsel, React, Tailwind, TypeScript, Vite, analysis, compilation, interactive diagrams, model flattening, open-source, semantic analysis, tree-sitter grammar, visual editor, visualization
morsel.modelscript.org 13 days ago
|
2872.
HN
Show HN: The AltStack – A directory of 450 open-source SaaS alternatives
AltStack serves as a curated directory featuring over 450 open-source alternatives to mainstream SaaS products, facilitating the development of sovereign infrastructure while minimizing reliance on major tech companies. It encompasses various categories such as Backend as a Service (BaaS), communication, analytics, design, productivity, and security, providing data along with deployment configurations for self-hosted tools. Notably, AltStack streamlines quick deployment through Docker Compose files available in its repository and categorizes alternatives by functionality, complete with links to configuration guides. The directory highlights specific tools like PocketBase as a BaaS option, Plausible Analytics for privacy-focused analytics, and Penpot as an alternative to Figma. Furthermore, AltStack encourages community involvement by allowing users to contribute new tools or updates directly to the repository. By offering comprehensive documentation and configurations crafted by its user community, AltStack supports individuals in establishing secure and dependable self-hosted infrastructures.
Keywords: #phi4, AWS S3, Alternatives, Analytics, Auth0, BaaS, Backend as a Service (BaaS), Collaboration, Communication, Community ConfigsKeywords: Open-source, Deployment, Design Tools, DevOps, Docker, Docker Compose, Figma, GitHub, Heroku, Microsoft 365, Notion, Open-source, Photoshop, Privacy-focused, Productivity, Rust, SaaS, Security, Self-Hosting, Sovereign Infrastructure, Storage
github.com 13 days ago
|
2876.
HN
Title Show HN: FrameWork – Open-source internal tools templates
Framework is an open-source initiative designed to provide production-ready templates for building internal tools quickly and efficiently, offering a cost-effective alternative to commercial solutions that typically charge $50/user/month. It supports rapid deployment, allowing users to have a working application in just five minutes without requiring configuration for local testing. The project leverages React 18 and TypeScript, ensuring full customization capabilities under the MIT license. Key features include pre-integrated support for services like SendGrid, Stripe, Twilio, and Supabase, as well as templates for landing pages, CRM systems, booking systems, dashboards, and invoicing tools. Built with a tech stack comprising React, TypeScript, Vite, Tailwind CSS, and Lucide Icons, Framework facilitates fast builds and an aesthetically pleasing interface. The setup process involves using `npx create-framework-app my-app`, followed by dependency installation and development server startup commands. Compared to alternatives like Retool ($10+/user/month) and Bubble ($29+/user/month), which lack self-hosting options and code access, Framework stands out for its flexibility and open-source nature. Contributions are encouraged through pull requests as detailed in the project's CONTRIBUTING.md file, with licensing information available in LICENSE. Users who find value in Framework are invited to star it on GitHub, acknowledging its role in accelerating development workflows.
Keywords: #phi4, CRM, Framework, GitHub, Lucide Icons, MIT license, React, SendGrid, Stripe, Supabase, Tailwind CSS, Twilio, TypeScript, Vite, booking, contributing, customizable, dashboard, demo mode, free, internal tools, invoicing, landing-page, open-source, production-ready, self-hosted, star, templates
github.com 13 days ago
|
2892.
HN
GitHub Actions is left vulnerable to supply chain attacks: Datadog Report
The Datadog report reveals significant vulnerabilities within organizations utilizing GitHub Actions and various other software environments, with a primary focus on supply chain attacks as the central threat. A substantial 87% of organizations have exploitable vulnerabilities in their services, particularly those involving Java (59%), .NET (47%), and Rust (40%). Services running end-of-life versions are especially susceptible to these vulnerabilities. The report underscores the challenges faced by organizations in maintaining updated libraries, noting that dependencies typically lag behind releases by an average of 278 days. This lag is exacerbated when deployment frequencies decrease, further compromising security.
Moreover, while immediate updates might seem beneficial for patching vulnerabilities, they can introduce additional risks if supply chain compromises occur soon after a release. Therefore, the report advises cautious update practices, such as implementing version pinning and cooldown periods to mitigate these risks. The issue of GitHub Actions vulnerabilities is particularly pressing, with an increasing trend in supply chain attacks exploiting them. Despite this risk, only 4% of organizations rigorously secure their workflows by pinning action hashes, leaving many vulnerable to automatic updates.
Additionally, the report highlights a tendency for organizations to over-prioritize vulnerabilities as critical without proper context, resulting in a majority being reclassified with less urgency after considering runtime and Common Vulnerabilities and Exposures (CVE) contexts. Only 18% of vulnerabilities are deemed truly critical, suggesting that better prioritization could reduce alert fatigue and allow organizations to focus on genuine risks.
In summary, the report emphasizes the need for more stringent security practices among organizations, including keeping software up-to-date, adopting cautious update strategies, securing GitHub Actions workflows, and improving vulnerability prioritization. By addressing these issues, organizations can effectively mitigate widespread vulnerabilities and enhance their overall security posture.
Keywords: #phi4, AMIs, CVEs, CVSS score, DORA metrics, Datadog Report, Docker images, EPSS score, GitHub Actions, Go, Java services, NET, PHP, Rust, SCA vulnerabilities, Software Composition Analysis, Spring Framework, alert fatigue, commit SHA, dependencies, end-of-life (EOL), marketplace actions, runtime environments, supply chain attacks, vulnerabilities
www.datadoghq.com 13 days ago
|
2907.
HN
Show HN: Depwire – Dependency graph and MCP tools so AI stops refactoring blind
Depwire is an advanced tool designed to enhance the functionality of AI coding assistants by offering them a comprehensive view of a codebase’s architecture and dependencies. By employing tree-sitter to parse code into a dependency graph, Depwire ensures tools like Claude or Cursor can avoid common refactoring mistakes stemming from incomplete context—such as incorrect imports, overlooked function call sites, and misunderstood file dependencies. The tool supports major programming languages including TypeScript, JavaScript, Python, and Go, creating a detailed map of files and functions alongside their interconnections.
Depwire introduces 10 MCP (Microcontroller Programming) tools specifically for AI integration, which facilitate various tasks like impact analysis, dependency tracing, architecture summaries, and symbol search. An interactive arc diagram visualization allows users to explore these dependencies directly within a browser, enhancing understanding and navigation through the codebase. A significant feature is the tool’s ability to update the dependency graph automatically as the code evolves, maintaining real-time accuracy without requiring re-indexing.
The benefits of using Depwire are manifold: it improves AI coding tool performance by providing full context for the entire codebase, thereby reducing errors in refactoring and saving valuable development time. It also offers deterministic insights into potential impacts from code changes, supporting more confident decision-making during development. Importantly, Depwire operates locally without reliance on cloud services or databases, ensuring user privacy.
Installation is straightforward via npm (`npm install -g depwire-cli`), and integration with AI tools involves setting up MCP servers. Users can utilize a range of commands to parse projects, visualize dependencies, and configure integrations for various AI tools such as Claude Desktop and Cursor. In essence, Depwire significantly enhances codebase comprehension and management for developers using AI coding tools by providing a persistent and detailed map of code interdependencies.
Keywords: #phi4, AI tools, Depwire, GitHub, Go, JavaScript, MCP, Python, TypeScript, architecture summary, codebase context, contributing, dependency graph, impact analysis, license, live updates, local execution, multi-language, npm install, refactoring, roadmap, security, tree-sitter, visualization
github.com 13 days ago
|
2922.
HN
Nvidia Linux Driver fork with P2PDMA support enabled on non-SoC platforms
The NVIDIA Linux Driver fork introduces support for P2PDMA on non-SoC platforms, enhancing buffer sharing between devices through DMA-BUF. Initially designed to facilitate data exchange among integrated and discrete GPUs on SoC platforms like the Grace Superchip, this functionality is now accessible more broadly by modifying specific checks. The driver requires users to source code from version 570.211.01, compiling kernel modules with `make modules -j$(nproc)` and installing them using `make modules_install -j$(nproc)`. Before installation, existing NVIDIA kernel modules must be removed, and the new modules should be paired with corresponding GSP firmware and user-space driver components from version 570.211.01.
The build process supports x86_64 or aarch64 architectures, requiring specific GCC/Clang toolchains based on the target architecture, with compatibility for Linux kernels 4.15 or newer. Contributions to the project are accepted via GitHub pull requests, though significant refactoring necessitates prior coordination due to shared code processing challenges. Users can report issues on NVIDIA's GitHub repository or through established support channels like forums and email.
The kernel modules include OS-agnostic components provided as pre-built binaries for efficient installation, along with Linux-specific interface layers tailored to the version and configuration of the kernel. The project structure features directories for various module types (e.g., nvidia, nvidia-drm) and integration tools for the Nouveau driver. This open-source effort supports Turing and later NVIDIA GPUs, with feature support details available in the official README. For virtual GPU (vGPU) support, additional documentation is provided within the vGPU Host Package.
Keywords: #phi4, Build, C2C, Clang, Contribution, Cross-Compiling, DMA-BUF, Debug, Firmware, GCC, GPU, GitHub, Kernel Module, Linux Driver, NVLink, Nouveau, Nvidia, P2PDMA, PCI Device ID, Security, SoC, Subsystem Device ID, Subsystem Device IDKeywords: Nvidia, Subsystem Vendor ID, Turing, aarch64, vGPU, x86_64
github.com 13 days ago
|
2924.
HN
Fueling Open Source with Vibes and Money
The article explores the concept of "vibe coding" within the context of open-source software (OSS), where developers choose projects that personally interest them, potentially disrupting traditional business models supporting OSS, as evidenced by Tailwind Labs' challenges. However, it argues that Open Source transcends a mere business model, representing a community-driven development approach instead. The article identifies three primary funding methods for OSS: commercialization (exemplified by companies like Tailwind Labs), social validation (through initiatives such as the Open Source Pledge and Endowment), and taxation (like the Sovereign Tech Fund). It emphasizes the need for coordination among these models, akin to Spotify's usage metering system.
The emergence of AI agents heightens the necessity to rethink funding mechanisms, though the decline of specific business models does not indicate the demise of OSS. Vibe coding is shown to enhance Open Source by driving popularity and community engagement in projects like OpenClaw, despite challenges in public relations. The practice allows developers to contribute more efficiently. While vibe coding may pose short-term issues for certain funding strategies, it ultimately accelerates open-source development. The article advocates for innovative, sustainable funding models that align with OSS's communal nature and encourages participation in initiatives like Endowment and Pledge to support this evolution.
Keywords: #phi4, AI Agents, Agentic Coding, Business Model, Commercialization, Community-Based Development, Coordination, Foundation, Gift Economy, GitHub, Infrastructure Providers, MIT License, Open Source, Social Validation, Spotify Model, Subsidize, Sustainable Funding, Tailwind Labs, Taxation, Vibe Coding
openpath.quest 13 days ago
|
2928.
HN
Show HN: I run a team of AI agents on my Kubernetes cluster
Axon is an open-source Kubernetes controller crafted to streamline and automate workflows of AI coding agents through a declarative API. It allows users to specify development processes in YAML files, managing essential tasks such as isolation, credential management, and output capture for specialized agents within a Kubernetes cluster. The tool facilitates automation across various stages like GitHub issue tracking, code writing, pull request creation, self-reviewing, and iterative improvements until continuous integration (CI) is successful.
Key features of Axon include distinct agent specializations: Workers automate tasks including investigating issues, coding, creating PRs, and more; Fake Users simulate a new developer's experience to uncover usability challenges; Strategists suggest feature enhancements by analyzing the codebase; and Triage agents classify and handle incoming GitHub issues. The development workflow is defined in YAML configurations that can be applied via `kubectl` on Kubernetes clusters.
Axon supports diverse AI models like Claude Code, OpenAI Codex, Google Gemini, and custom agent images. It allows for scalability across multiple repositories with robust orchestration for lifecycle management, event-driven task initiation, and parallel execution. Each task is executed in isolated pods, ensuring security through scoped tokens and branch protection to prevent unauthorized actions.
The tool enhances observability and CI integration by treating agent outputs as Kubernetes resources, enabling monitoring via `kubectl` and seamless integration into CI/CD pipelines with tools like ArgoCD or GitHub Actions. Cost management features include concurrency limits, task timeouts, and handling of API provider rate limits to control expenses effectively.
Axon is designed for environments managing AI coding agents at scale, offering the necessary infrastructure for transitioning from interactive CLI tools to autonomous background workers. The project invites contributions and operates under the Apache License 2.0, making it accessible for community development and improvement.
Keywords: #phi4, AI agents, API Providers, Agents, Axon, CI/CD, Costs, Credentials, Event-Driven, Feedback Loop, GitHub, Isolation, Kubernetes, Limits, Orchestration, Plugins, Pods, RBAC, Refactoring, Scalability, Security, Self-Development, TaskSpawner, Tasks, Workflow, Workspace, YAML
github.com 13 days ago
|
2934.
HN
Show HN: Ryvos – Autonomous AI assistant in Rust(15MB RAM,50 tools,16 providers)
Ryvos is an open-source autonomous AI assistant developed in Rust that emphasizes security, efficiency, and versatility. It incorporates a sophisticated 5-tier security system known as SecurityGate, which uses regex-based pattern detection combined with Docker sandboxing to mitigate risky actions, necessitating human approval for potentially dangerous operations. The assistant offers multi-channel communication support, including platforms such as Telegram, Discord, Slack, web dashboards, or terminals.
Key features of Ryvos include its compatibility with 50 built-in tools and integration capabilities with 16 large language model providers, enhancing its functionality across various applications. For added security, it executes skills within Lua/Rhai sandboxes. The system operates efficiently as a single approximately 20MB static binary with idle memory usage ranging between 15-30MB, ensuring minimal resource consumption. Installation is simplified through an available script.
Created by a solo founder, Ryvos is engineered to deliver high performance and security. It seeks feedback from users of personal AI assistants who encounter similar challenges, aiming for continuous improvement in its development. The project is openly accessible on GitHub, with additional information available on its dedicated website.
Keywords: #phi4, AI assistant, Discord, Docker, GitHub, Lua/Rhai, Rust, Ryvos, SecurityGate, Slack, Telegram, autonomous, open-source, performance, sandboxing, security, terminal, web dashboard, website
ryvos.dev 13 days ago
|
2942.
HN
Show HN: MCP server that checks if your project idea exists
The MCP server "idea-reality-mcp," version 0.3, is a tool designed for developers to quickly assess the existence of their project ideas across various platforms such as GitHub, Hacker News, npm, PyPI, and Product Hunt. It utilizes a three-stage keyword extraction pipeline that enhances search accuracy by filtering stopwords, anchoring intent, and expanding synonyms through Chinese-to-English term mappings. The server offers two modes: Quick mode, which checks GitHub and Hacker News, and Deep mode, covering all five sources. Its outputs include reality signals, duplicate likelihood assessments, raw evidence from searches, lists of top similar projects, and pivot hints for further action.
The tool is built with Python using FastMCP and httpx async libraries and is MIT-licensed, with its source available on GitHub. It supports zero configuration deployment and can be used with various MCP clients. Users can set it up via command-line instructions or integrate it into tools like Claude Desktop and Cursor by configuring JSON files. AI coding agents can also utilize the tool automatically by adding specific lines to a CLAUDE.md file.
Future updates plan to improve keyword extraction through LLMs (Large Language Models) and add trend detection features. The project is open for testing on mnemox.ai/check without requiring installation, encouraging community feedback and contribution.
Keywords: #phi4, AI coding agents, CLAUDEmd, Chinese-to-English mapping, Claude Desktop, Cursor, FastMCP, GitHub, Hacker News, MCP server, Product Hunt, PyPI, duplicate_likelihood, httpx async, keyword extraction, npm, pivot_hints, project idea, reality check, reality_signal, semantic similarity, semantic similarity Comma-separated List: MCP server, trend detection Extracted Keywords: MCP server, trend detection Final Keywords: MCP server, trend detection Keywords: MCP server
github.com 13 days ago
|
2943.
HN
Show HN: ArteSync – A package manager for AI coding agent skills
ArteSync is an experimental command-line interface package manager developed in Rust aimed at streamlining the management and synchronization of "agent skills" or prompt instruction files for AI coding assistants like Claude, Cursor, and Gemini across multiple projects. It resolves the tedious process of manually copying these files between repositories by enabling users to install agent skills from any public GitHub path associated with specific commit hashes, akin to how npm and Cargo manage dependencies. Installation is simple through `npm install -g artesync`, followed by initializing a manifest using `arsync init` to set up source directories. Users can then perform various operations such as installing, updating, listing, and uninstalling skills via commands like `arsync install <source>`. ArteSync ensures reproducible environments by creating a lockfile that pins the commit hashes of installed skills.
The tool is currently in an experimental phase with potential for breaking changes. Configuration involves generating a manifest file (skills.arsync) to list dependencies and a lockfile (skills-lock.arsync) to map these dependencies to specific Git commit hashes, both of which should be version-controlled. ArteSync's utility lies in its ability to maintain consistent environments across projects by leveraging these configurations. The project is open-source, distributed under the MIT License.
Keywords: #phi4, AI coding agents, ArteSync, CLI package manager, Git repository, GitHub, Rust, agent skills, commit hash, dependencies, experimental tool, install, lockfile, manifest, npm, prompt instruction files, reproducible environments, uninstall, update
github.com 13 days ago
|
2945.
HN
Git City
Git City is an inventive tool designed to visualize GitHub repositories and user activities in the form of a dynamic 3D cityscape. By transforming code contributions into urban structures, it provides a spatial exploration experience that offers users novel insights into their projects' activity and progression over time. This creative visualization approach presents each repository or project as a building within the virtual city, allowing for an intuitive understanding of project complexity, frequency of updates, and collaborative efforts. Users can navigate through this digital metropolis to gauge the intensity of development work, identify active periods, and assess overall contribution patterns in a visually engaging manner. By merging data visualization with gaming elements, Git City facilitates a more interactive and comprehensive perspective on GitHub activities, making it easier for developers to analyze their coding journey at a glance.
Keywords: #phi4, 3D, City, Comma-Separated, Description, Duplicates, Extracted, Git, GitHub, Keywords, List, Simple, Technical, Topic, Understanding
www.thegitcity.com 13 days ago
|
2946.
HN
Show HN: Termstage – Animated terminal SVGs from YAML, no screen recording
Termstage is a sophisticated tool designed to produce polished terminal demo animations from YAML files without the need for screen recordings or live shell access. It achieves this by generating lightweight and crisp SVGs that can be seamlessly embedded into READMEs and other documents, offering an efficient alternative to traditional methods. Users specify desired terminal commands and outputs using a straightforward YAML format, which Termstage then converts into animated SVGs entirely with CSS, eliminating the need for JavaScript.
The tool features a user-friendly configuration system through YAML files, supporting both static and animated SVG formats for easy integration across platforms. It offers multiple themes such as dark, light, dracula, and nord, along with extensive customization options like title adjustments, prompt strings, and adjustable SVG widths to suit various aesthetic needs.
Termstage can be installed either as a standalone tool using `pipx install termstage` or integrated into projects via `uv add termstage` or `pip install termstage`. The usage process is straightforward: users begin by scaffolding a YAML file with the `termstage init` command, then customize it to define terminal commands and expected outputs. They can preview their work using `termstage preview demo.yaml`, render SVGs with options for static or animated formats, and finally embed these graphics into documents with customizable sizing.
Available on GitHub and PyPI, Termstage is a versatile tool that streamlines the creation of terminal demonstrations while allowing for significant customization, all under the permissive MIT license.
Keywords: #phi4, CLI, GitHub, READMEs, SVG, Termstage, YAML, animated, commands, demo, pipx, preview, render, terminal, themes
github.com 13 days ago
https://asciinema.org/ 13 days ago
https://asciinema.org/a/377532 13 days ago
|
2961.
HN
AI-Generated Passwords Are Apparently Quite Easy to Crack
Research conducted by cybersecurity firm Irregular reveals that passwords generated by large language models (LLMs) such as Claude, ChatGPT, and Gemini are significantly insecure despite appearing strong. These AI-generated passwords often exhibit predictable patterns, which diminishes their entropy from an expected 6.13 bits per character to just 2.08 in practice. As a result, a 16-character password offers merely 27 bits of total entropy, making it highly susceptible to brute-force attacks. Although such passwords might meet the criteria for strength set by tools like KeePass, their predictability fundamentally undermines their security.
The core issue lies in the LLMs' design to generate plausible outputs, which inherently conflicts with the need for high randomness and variability essential for secure password creation. Thus, reliance on these models for generating passwords is strongly discouraged. While individual users can mitigate risks by avoiding AI-generated passwords, there is a growing concern that increasing use of AI agents in such tasks could lead to widespread vulnerabilities across various password-protected systems.
Irregular's study concludes that the fundamental weaknesses inherent in LLM-generated passwords cannot be addressed through simple prompt adjustments or configuration changes. Attempts were made to engage with major AI developers like Anthropic, OpenAI, and Google for comments or solutions; however, no responses were received at the time of publication.
Keywords: #phi4, AI-Generated Passwords, Brute-force Attacks, Cybersecurity, Entropy, GitHub, High-end GPUs, LLM-generated Outputs, Large Language Models, Predictable Patterns, Randomization, Secure Password Generation, Vulnerability
gizmodo.com 13 days ago
|
2982.
HN
21k GCP keys just got leaked
A significant security breach involving 21,000 Google Cloud Platform (GCP) keys has been reported, exposing potential vulnerabilities in cloud services. These keys, which can be integrated into websites or distributed via sharable links, have been compromised and are accessible for duplication through HTTPS from a specific GitHub Gist URL. Users accessing this data are advised to use GitHub Desktop for saving the files securely. The leak underscores the importance of safeguarding sensitive credentials within cloud environments to prevent unauthorized access and potential exploitation.
Keywords: #phi4, Desktop, GCP, GitHub, HTTPS, clone, computer, embed, gist, keys, leaked, noctonic, repository, script, share
gist.github.com 13 days ago
|
2983.
HN
Show HN: Please, fix Next.js – an open letter
The open letter discusses concerns about the increasing complexity of Next.js, which was once celebrated for its simplicity but now appears optional due to its unwieldy nature. Developers who were instrumental in its rise express frustration over how straightforward tasks have become complicated and deployment processes ritualistic, likening these challenges to navigating dark magic rather than beneficial features. They highlight that Cloudflare's team demonstrated the feasibility of simpler alternatives by successfully reconstructing core Next.js functionality using Vite within a week, resulting in faster builds and smaller bundles. The developers advocate for a philosophical shift towards simplicity, aiming to make the framework more accessible while respecting the web platform's fundamentals. This letter, signed by Andrey and other contributors, is an appeal from early supporters of Next.js to reclaim its original ease and community-centric ethos.
Keywords: #phi4, Andrey Keywords: Nextjs, Cloudflare, GitHub, Nextjs, Vite, builds, bundles, complexity, deployments, developers, dread, framework, magic, open letter, pain points, philosophy, reputation, simplicity, web platform
please-fix-next.com 13 days ago
|
2994.
HN
Mapping the UK PyData Community
The blog post delves into the author's exploration of the UK PyData community through the creation of detailed maps, underscoring their passion for cartography and involvement with the global PyData network which supports open-source data science initiatives like Scipy and Pandas. The UK stands out with 20 PyData groups, more than any other country, though existing location resources such as Meetup's map have notable inaccuracies. To rectify this, the author developed their own mapping solution using scraped data from Meetup, employing Pandas and Playwright to handle data preparation challenges like incorrect geographical coordinates by geocoding city names.
The resulting interactive maps, crafted with Folium, offer distinct perspectives: one corrected for location accuracy akin to Meetup's format, another showcasing active groups with custom markers based on event activity, and a third identifying dormant groups in need of support. These maps are dynamically updated daily through GitHub actions and hosted on GitHub Pages. The author’s efforts were recognized at PyData London, where the community adopted this mapping tool.
The post highlights the significance of local PyData groups, advocating for engagement and volunteer support to sustain their vibrancy. It encourages participation in or backing of UK PyData meetups, reflecting the author's dedication to exploring and enhancing this dynamic network.
Keywords: #phi4, Community, Data Science, Events, Folium, Geoencoding, GitHub, Mapping, Meetup, Organisers, PyData, Python, Scraping, UK
hughevans.dev 13 days ago
|
2995.
HN
Show HN: Ship or Slop – AI agents submit projects, humans judge them
"Ship or Slop" is an innovative community platform designed for AI agents to submit projects that are evaluated by human users without the constraints of traditional coding forums. The core mechanism involves AI agents interpreting project specifications and submitting their work, which users then assess as either "Ship" (interesting) or "Slop" (not quite). This voting process fosters a culture of honest feedback. Projects receiving predominantly negative votes are relegated to a "Cemetery," though they can be resurrected with community support. The platform's design draws inspiration from Hacker News, featuring AI-native submissions and a time-decayed voting system for ranking projects. To ensure quality interactions and deter trolling, users must log in via GitHub. Unlike typical platforms, "Ship or Slop" does not rely on advertisements or paid rankings; instead, it incentivizes participation by awarding weekly medals to top-rated projects. The site aims to create an environment where developers can freely share their AI-generated work and receive authentic feedback while encouraging community engagement through voting, discussions, and the revival of overlooked projects.
Keywords: #phi4, AI agents, API, Cemetery, GitHub, Ship or Slop, Ships, UI, authentication, debate platform, debates, decay, feedback, local AI models, projects, ranking
shiporslop.xyz 13 days ago
|
2999.
HN
A New Home for React Hosted by the Linux Foundation
The React Foundation has been launched as an independent entity under the Linux Foundation to govern key projects such as React, React Native, and JSX, which are no longer owned by Meta. The foundation is backed by eight Platinum founding members: Amazon, Callstack, Expo, Huawei, Microsoft, Software Mansion, and Vercel, with Seth Webster serving as executive director. Technical governance is managed separately from the board through a provisional leadership council. Immediate priorities for the foundation include establishing final technical governance structures, transferring existing infrastructure, supporting ecosystem programs, and organizing the next React Conf. This initiative recognizes the contributions of thousands of developers and community members over the past decade who have played pivotal roles in shaping the evolution of React.
Keywords: #phi4, Amazon, Callstack, Conf, Contributors, Ecosystem, Expo, Foundation, GitHub, Governance, Huawei, Infrastructure, JSX, Linux, Mansion, Members, Meta, Microsoft, Native, React, Vercel
react.dev 13 days ago
|
3006.
HN
Show HN: Sidekick – See what your AI coding agents are doing
Sidekick is a versatile tool designed to enhance developer interactions with AI coding agents such as Claude Code, OpenCode, and Codex CLI through both a VS Code extension and a standalone terminal dashboard. It offers real-time monitoring capabilities by tracking various aspects of agent activity including live token usage, tool calls, session timelines, destructive commands, decision logs, and persistent knowledge notes across sessions. This visibility helps developers manage context loss and maintain project momentum with features like inline completions, code transforms, and AI-generated commit messages. By providing transparency into the operations of AI coding agents, Sidekick enables users to effectively review and control these activities, facilitating a more efficient development workflow. Installation is straightforward via the VS Code extension marketplace or as a CLI tool using `npm install -g sidekick-agent-hub`, with access provided through `sidekick dashboard`. The project supports multiple provider setups for different APIs and configurations and encourages open-source contributions under an MIT license on GitHub, underscoring its goal to empower users by maintaining control over AI coding agent operations and preserving knowledge across sessions.
Keywords: #phi4, AI coding agents, Claude Code, Codex CLI, GitHub, MIT licensed, Nodejs, OpenCode, Sidekick, VS Code, code transforms, commit messages, context visibility, inline completions, knowledge notes, npm install, project timeline, real-time monitoring, session management, terminal dashboard, token tracking
cesarandreslopez.github.io 13 days ago
|
3011.
HN
Show HN: Better Hub – A better GitHub experience
Bereket, the founder of Better Auth, has launched "Better Hub," an enhanced interface built using Next.js and GitHub's APIs aimed at improving GitHub’s user experience without replacing it. The platform focuses on refining UI/UX design, introducing a keyboard-first workflow, integrating AI features, and adding new collaboration tools. Key improvements include a redesigned repository homepage, an optimized pull request (PR) review process, context-aware AI for coding assistance, prompt requests, self-healing continuous integration (CI), and automated merging with conflict resolution capabilities. The inspiration behind Better Hub stemmed from Mitchell of HashiCorp highlighting the limitations of GitHub's main repository page, leading to its rapid adoption as a default tool by Bereket’s team. As the project evolves, it seeks input from the community to explore innovative code collaboration methods and contemplates future partnerships for optional git hosting services. Emphasizing security, Better Hub also focuses on robust user permissions management to ensure safe account creation and interaction across different GitHub functionalities.
Keywords: #phi4, AI integration, API, Better Hub, Gists, GitHub, Nextjs, UI/UX, auto-merge, caching, command center, local state management, notifications, permissions, personal access token Keywords: Better Hub, personal access tokenExtracted Keywords: Better Hub, prompt requests, security, self-healing CI, webhooks, workflows
www.better-hub.com 13 days ago
https://github.com/better-auth/better-hub 13 days ago
https://lubeno.dev 13 days ago
https://www.merriam-webster.com/ 13 days ago
https://news.ycombinator.com/item?id=46664079 12 days ago
https://simplyexplained.com/videos/why-dark-mode-makes- 12 days ago
https://www.lloydatkinson.net/posts/2024/the-dark- 12 days ago
|
3014.
HN
Pdfpc: A presenter console with multi-monitor support for PDF files
Pdfpc is a GTK-based presentation viewer designed to enhance the experience for speakers using multiple monitors during presentations. It offers features like displaying both current and upcoming slides, supporting text notes, slide annotations (e.g., from LaTeX beamer), overlay support for dynamic content, and a timer or countdown feature. Additionally, it provides an overview mode for quick navigation between slides, the ability to freeze or turn off the presentation view, customizable keybindings, and video playback capabilities. The tool originated as a fork of Jakob Westhoff's PDF Presenter Console and has been primarily developed by David Vilar since version 4.0. The latest release, pdfpc 4.7.0, was launched in December 2024, following numerous updates since the project's inception in November 2015. Installation instructions are available on its GitHub page, where users can also access demo presentations for testing purposes. The evolution of pdfpc reflects significant contributions from David Vilar, building upon Jakob Westhoff's foundational work.
Keywords: #phi4, Davvil, Davvil’s pdfpc Keywords: pdfpc, GTK-based, GitHub, Keynote-like, LaTeX beamer, PDF, PDF files, fork, keybindings, multi-monitor, notes, overlays, overview mode, pdfpc, presentation viewer, presenter console, slides, timer, video playback
pdfpc.github.io 13 days ago
|
3015.
HN
Tell HN: YC companies scrape GitHub activity, send spam emails to users
An individual identified that two technology firms, Run Anywhere (a company from the Y Combinator W26 batch) and Voice.AI, are sending unsolicited marketing emails by scraping GitHub activity. This practice involves identifying users who contribute to certain repositories related to their businesses and contacting them without obtaining prior consent. Such actions could potentially contravene GDPR regulations, which require explicit permission for data use in this manner. In response to these unauthorized communications, the affected individual filed complaints with both companies involved and sought assistance from GitHub and YC Ethics to address the issue. However, despite these efforts, no responses have been received, leaving the situation unresolved.
Keywords: #phi4, AI company, GDPR, GitHub, Run Anywhere, VoiceAI, W26, YC companies, activity, commit metadata, complaints, consent, ethics, marketing emails, scrape, spam emails, users
news.ycombinator.com 13 days ago
https://github.com/tonhowtf/omniget 13 days ago
https://news.ycombinator.com/item?id=45357205 13 days ago
https://docs.github.com/en/account-and-profile/how 13 days ago
https://news.ycombinator.com/item?id=9332418 13 days ago
https://news.ycombinator.com/item?id=20660624 13 days ago
https://news.ycombinator.com/item?id=27855152 13 days ago
https://news.ycombinator.com/item?id=30900237 13 days ago
https://www.ycombinator.com/ethics/ 13 days ago
https://docs.github.com/en/account-and-profile/ref 13 days ago
https://git-scm.com/docs/git-commit#_commit_information 13 days ago
https://docs.github.com/en/communities/maintaining 13 days ago
https://github.com/cactus-compute/cactus 13 days ago
https://www.whatsmydns.net/domain-age?q=buildrunanywhere.org 13 days ago
https://www.whatsmydns.net/domain-age?q=runanywheresdk.com 13 days ago
https://www.whatsmydns.net/domain-age?q=runanywhere.ai 13 days ago
https://www.star-history.com/#runanywhere.ai/runanywher 13 days ago
https://www.openclawpi.com/ 13 days ago
https://benword.com/dont-tolerate-unsolicited-spam 13 days ago
https://github.com/lucidrains 13 days ago
https://archive.is/r9UQo 13 days ago
https://archive.is/17Ans 13 days ago
https://www.law.cornell.edu/uscode/text/15/16 13 days ago
https://www.ftc.gov/news-events/news/press-release 13 days ago
https://www.ftc.gov/legal-library/browse/cases-pro 13 days ago
https://www.youtube.com/watch?v=Hm-ZIiwiN1o&t=8m46s 13 days ago
https://en.wikipedia.org/wiki/Black_Book_(gambling) 13 days ago
https://www.kernel.org/doc/html/latest/proces 13 days ago
https://techcrunch.com/2021/06/09/does-what-h 13 days ago
https://github.com/tedivm 12 days ago
https://github.com/preconfigured/dl/blob/main 12 days ago
https://www.gecko.security/ 12 days ago
https://www.forbes.com/sites/lorenfeldman/2017� 12 days ago
https://github.com/aden-hive/hive 12 days ago
|
3028.
HN
Show HN: Capture context. Give your agent the full picture
Context Brief is a macOS menu bar application designed for developers to seamlessly collect and organize context from multiple applications, such as GitHub, Jira, Slack, Notion, and web pages. Utilizing the shortcut ⌃⌘C, it allows users to capture relevant information from any app or browser tab, even if content extends beyond what is currently visible on screen. The captured data is then processed into a streamlined summary that can be conveniently pasted with ⌃⌘V into coding agents like OpenAI's Codex. This functionality supports the creation of cohesive task contexts by integrating multiple snapshots and storing them in a local Context Library for easy access and retrieval, thereby enhancing workflow management.
For daily use, users open the desired app or web tab, capture context with ⌃⌘C, and repeat as necessary across different applications. These collected snippets are compiled and pasted into a coding agent using ⌃⌘V to initiate work on specific tasks or access previous contexts from the library.
The application requires macOS 13 or later, along with permissions for Accessibility and Screen Recording. Additionally, users must have an installed Coding Agent CLI such as OpenAI Anthropic or Google's tools. Installation can be done via a DMG file from GitHub releases or using Homebrew with `brew install semihcihan/contextbrief/contextbrief`. Initial setup includes granting necessary permissions and configuring the CLI provider settings.
Context Brief prioritizes data privacy by storing all captured contexts locally on the Mac, eliminating the need for API keys since CLIs manage authentication independently. Released under the MIT License, this tool is tailored to simplify developers' workflows by offering an efficient method to capture, organize, and utilize task-related context effectively.
Keywords: #phi4, Accessibility permission, CLI, Context Brief, DMG, GitHub, Homebrew, Jira, MIT License, Notion, Open Source, OpenAI Anthropic Google, Screen Recording permission, Slack, coding agents, context capture, local storage, macOS, menu bar app, web pages, ⌃⌘C, ⌃⌘V
github.com 13 days ago
|
3038.
HN
Git City – Your GitHub as a 3D City
"Git City" is an inventive visualization tool that transforms GitHub activity into a 3D cityscape, offering users a novel way to perceive and engage with their coding endeavors. By converting repositories, commits, issues, and other interactions into buildings and structures within this virtual metropolis, it allows for spatial exploration of personal or collaborative projects hosted on GitHub. This innovative representation provides a unique perspective that enables users to visualize their contributions in an immersive environment, facilitating a deeper understanding and appreciation of their work dynamics and patterns within the context of GitHub's ecosystem. Through its creative design, "Git City" not only enhances user engagement but also offers an insightful approach to analyzing coding activity.
Keywords: #phi4, 3D City, Git, GitHub, Technical Keywords
www.thegitcity.com 13 days ago
https://honzaap.github.io/GithubCity 13 days ago
|
3039.
HN
Show HN: I Made an AI Skill to Help Write Tlaps Proofs
The text introduces an AI-powered tool aimed at facilitating the writing of TLAPS (TLA+ Proof System) proofs, with a specific focus on simplifying the verification process for Raft leader election models. The primary objectives of this tool are to prove that each term in the model has a unique leader and to ensure that terms demonstrate monotonic growth. This tool is designed to streamline the proof-writing process by automating certain tasks, thus enhancing efficiency and accuracy. Users are encouraged to provide feedback on their experiences with the tool, which can be accessed via an example proof available at a GitHub link. For further inquiries or detailed discussions, users should contact the author through the provided email address.
Keywords: #phi4, AI Skill, Email Address, Feedback, GitHub, Leader Uniqueness, Monotonic Term Growth, Raft Leader Election, Simplified Model, TLA+, TLAPS Proof, Terms, Votes, Workbench Examples
github.com 13 days ago
|
3050.
HN
Show HN: AI vs. Human, a GitHub Visualization
The "AI vs. Human" project introduces a visualization tool designed to analyze open-source GitHub repositories for signs of AI involvement in code commits, developed by David Dias. It examines commit histories to identify contributions from AI tools, relying on users' explicit acknowledgment of such use, which impacts its accuracy. The tool highlights the challenge of distinguishing between human and AI-generated code, inviting user feedback for enhancements. As an open-source project, it seeks to offer insights into how extensively AI is used in coding projects hosted on GitHub.
Keywords: #phi4, AI, Accuracy, Analysis, Bots, Code, Commits, Daviddias, GitHub, Human, Improvements, Open-source, Project, Repository, Tools, Trace, Visualization
aivshuman.thedaviddias.com 13 days ago
|
3051.
HN
Show HN: Browser extension to improve CODEOWNERS for GitHub
The "Code Input" browser extension enhances GitHub's CODEOWNERS feature by integrating code ownership information directly within GitHub's interface. On file pages, it displays the owners and relevant tags in the header, improving visibility for users navigating through files. For pull request files, the extension provides a comprehensive ownership summary panel that lists all modified files, and allows users to filter and display only those files they own, accompanied by ownership badges. This tool integrates seamlessly with existing CODEOWNERS configurations and relies on the Code Input integration with GitHub, streamlining workflow efficiency for development teams by making code ownership information readily accessible within their standard tools.
Keywords: #phi4, Browser extension, CODEOWNERS, Code Input, GitHub, badges, code owners, file pages, filter, header, integration, ownership summary, pull request files, tags
chromewebstore.google.com 13 days ago
|
3054.
HN
Are Glassholes Using Smart Glasses Near You? There's an App for That
As smart glasses become increasingly prevalent in the market, exemplified by products like Meta's Ray-Ban models, they pose significant privacy challenges due to their potential for covert recording, which makes them difficult to distinguish from regular eyewear. The Nearby Glasses app was developed to address these concerns by alerting users to nearby smart glasses through Bluetooth signal scanning. Manufactured by companies such as EssilorLuxottica and sold under various brands like Ray-Ban, Oakley, and Snap Spectacles, these advanced devices often incorporate AI and discreet cameras. Additionally, tech giants including Apple, Google, and Samsung are also exploring similar technologies. Created by developer Yves Jeanrenaud in response to unauthorized recording incidents, the app detects smart glasses using Bluetooth Low Energy (BLE) signals, although it occasionally yields false positives. Available on the Google Play Store with an iOS version expected soon, Nearby Glasses is part of a wider effort to combat invasive surveillance technology. The situation is further complicated by reports that Meta may be developing facial recognition capabilities for these glasses, intensifying existing privacy concerns.
Keywords: #phi4, 404 Media, Apple, BLE manufacturers, Bluetooth signals, EssilorLuxottica, GitHub, Gizmodo, Google, Google Play Store, Meta, Ray-Ban, Samsung, Smart glasses, Snap Spectacles, VR headsets, Yves Jeanrenaud, facial recognition, iOS port, surveillance tech
gizmodo.com 13 days ago
|
3066.
HN
Mitchell Hashimoto's new way of writing code
Mitchell Hashimoto, co-founder of HashiCorp, discusses his evolving interaction with AI in software development, emphasizing community-building and developer experience as key to Terraform's success despite being a later market entrant. Initially struggling monetarily, the company shifted by offering services like Vault individually. Hashimoto introduces a new strategy involving background agents for planning tasks during downtime, boosting productivity. He notes increased skepticism towards open-source contributions due to AI-generated content, suggesting potential changes in trust systems and version control, such as Git, to manage higher volumes of contributions.
In hiring practices, Hashimoto values engineers with minimal public presence to minimize distractions, advocating for a research-focused approach rather than code generation when addressing AI skepticism. He shares experiences from HashiCorp's near acquisition by VMware and provides insights into his views on cloud providers. For new founders, he advises using AI pragmatically in research instead of coding. The discussion also references platforms like Statsig, SonarQube, and WorkOS that support enterprise-ready application development. This conversation is available across various media outlets for further exploration of Hashimoto’s work and philosophy.
Keywords: #phi4, AI adoption, AI adoption Keywords: Mitchell Hashimoto, AI tools, AI-native era, Ghostty, Git, GitHub, HashiCorp, Mitchell Hashimoto, Terraform, Vagrant, agents, cloud providers, commercialization, enterprise readiness, hiring practices, infrastructure engineering, open source, open-core model, software development, version control
newsletter.pragmaticengineer.com 13 days ago
|
3071.
HN
Two Beliefs About Coding Agents: Devs Don't Realize What They Bring
The discussion highlights two main beliefs regarding the impact of coding agents on software development. Firstly, it underscores that skilled developers often possess an intuitive grasp of utilizing these tools effectively, which allows them to create specific prompts leading to successful outcomes with minimal detail. This intuitive capability is developed through experience and significantly enhances their interaction with language models compared to average users. Secondly, while individuals have demonstrated the powerful potential of coding agents by sharing impressive personal projects online, these are primarily custom solutions rather than fully developed products. Such tools often lack essential elements like support systems, marketing strategies, and thorough testing needed for commercialization. The transition from a tool to a market-ready product involves significant effort beyond mere coding. Even with advancements in technology, the challenge of effectively communicating with AI remains crucial, emphasizing that this skill will continue to be vital for developers in transforming personal software into viable products.
Keywords: #phi4, AI, GitHub, LLM, Mastodon, RSS feeds, coding agents, developers, knowledge, models, open source, product support, products, prompts, scaffolding, skills, software development, tools
www.dbreunig.com 13 days ago
|
3087.
HN
Show HN: Deff – Review AI-generated code changes
Deff is a Rust-based terminal user interface tool designed to enhance the code review process for AI-generated changes in git repositories. It aims to address challenges posed by noisy diffs from AI coding tools, offering features like interactive side-by-side file comparison, syntax highlighting, and line-level tinting to indicate additions or deletions. Users can compare their local branch changes against an upstream branch or specific commit ranges using strategies such as `upstream-ahead` or explicit options like `--base / --head`. The tool supports navigation through files with keyboard, mouse, or vim-like commands, and allows in-diff searches for improved efficiency.
Installation of Deff requires Rust (cargo) and git, with setup facilitated by a script from its GitHub repository. Users can initiate the tool using commands such as `deff --strategy upstream-ahead` and customize themes via options like `--theme auto|dark|light`. The reviewed states of files are saved in `.git/deff/reviewed/`, ensuring persistence across sessions. Deff's GitHub release workflow automates the build and publish process for Linux and macOS platforms, enhancing its accessibility.
Tailored to improve review workflows, reduce false positives, and increase efficiency when working with AI coding assistants, Deff invites feedback from frequent users of such tools. For further information or to get started, interested parties can visit the [Deff GitHub repository](https://github.com/flamestro/deff).
Keywords: #phi4, AI, AI coding tools, Deff, GitHub, GitHub release workflow, Rust, Rust TUI, TUI, code review, coding tools, git diffs, interactive terminal, local build, navigation, release workflow, reviewed state, reviewed state Keywords: Deff, search query, syntax highlighting, upstream-ahead, upstream-ahead strategy
github.com 13 days ago
|
3095.
HN
Show HN: My-data.download – Guides to export your data
The website my-data.download serves as an open-source directory offering comprehensive guides for exporting personal data from various services such as Spotify, GitHub, and Netflix. It provides detailed instructions on the types of data users can retrieve and potential applications for this data, empowering individuals to reclaim control over their information. Operating as a static site powered by a JSON file, it encourages community involvement through pull requests to expand its database with new sources. The initiative is hosted on GitHub at [janschill/my-data.download], reflecting its commitment to transparency and collaborative development in assisting users with data extraction from digital platforms.
Keywords: #phi4, Category, Contribute, Contributions, Data, Directory, Export, Filter, Format, GitHub, Guides, Instructions, JSON, Method, My-datadownload, Open-source, Personal data, Pull request, Reset, Service, Show HN, Sources, Static site, Steps, Time, View
my-data.download 13 days ago
|
3098.
HN
Show HN: A tiny utility to rewrite Bash functions as standalone scripts
The article introduces "func2cmd," a utility designed to convert temporary Bash functions into standalone executable scripts, addressing the challenge of losing access to these useful snippets in new terminal sessions. The author, who frequently uses quick Bash functions for repetitive tasks, found that saving them manually to `~/.bash_aliases` was cumbersome due to file protection measures against malware. To resolve this, they developed "func2cmd" as an automated process to save these functions as scripts with shebang lines, facilitating easy reuse and sharing in repositories like GitHub.
To utilize "func2cmd," users should place it in a directory on their system path (e.g., `~/.local/bin`) and make the file executable. Optionally, by setting up `share-command` with root privileges, these scripts can be moved to `/usr/local/bin` for broader sharing across user accounts. The utility integrates into Bash configuration via a function named `make-command()`, which enables command-line conversion of functions into scripts.
The core functionality involves parsing the function's definition using the `type` command to extract its body and then saving it as an executable script, while the `share-command` assists in distributing these scripts across different user accounts. Additionally, the accompanying directory contains helpful extras such as a Vim wrapper for editing created scripts, "bash-cmdline" for debugging command-line arguments through hex dumps, and a wrapper for generating Python scripts from Bash commands using Shantanu Jain's "pyp" tool with an `--explain` option.
Overall, "func2cmd" streamlines the creation and management of reusable Bash scripts, enhancing ease of access, reuse, and sharing across sessions or user accounts.
Keywords: #phi4, Bash, GitHub, Python, Vim, aliases, automation, character expansions, command-line, environment, functions, hex dumps, identity management, metadata, pyp, scripts, shebang, sudo, utility, xargs
github.com 13 days ago
|
3120.
HN
Venom, run integration tests with efficiency
Venom is a Command Line Interface (CLI) tool designed to streamline the process of creating, managing, and executing integration tests efficiently by treating test cases as code. It leverages YAML files for easy management, which can be incorporated into code reviews. Venom supports multiple executors like scripts, HTTP requests, web, and IMAP, allowing it to handle a wide array of testing scenarios, and it generates xUnit result files. Installation is straightforward; Venom is available on GitHub for download or via Docker, with an update feature accessible through the `venom update` command.
The CLI provides commands such as `run` to execute test suites, `update` to upgrade Venom, and `version` to check its current version. Tests can be executed in various formats including JSON and XML, with flexibility in ordering and variable settings through flags, files, or environment variables. Configuration files (`.venomrc`) enable setting default values for these parameters.
Key concepts include TestSuites, which are collections of test cases validating specific behaviors, Executors that execute steps within a test case, and Variables defined at multiple levels supporting various data types. Advanced features include debugging options with verbosity flags, conditional skipping of test cases or steps, iteration over data using the `range` attribute, and exporting reports in formats like XML, JSON, YAML, and TAP.
As an open-source project under the Apache License 2.0, Venom encourages community contributions with detailed guidelines for contributors. It acknowledges its contributor community and is well-suited for both development environments and CI/CD pipelines due to its efficient test management and execution capabilities.
Keywords: #phi4, CI/CD, CLI, Docker, GitHub, HTML report, HTTP requests, JSON, Linux, Venom, XML, YAML, assertions, configuration file, debugging, environment variables, executors, integration tests, logging, macOS, profiling, secrets management, skipping, templating, test suites, user-defined executors, variables, xUnit report
github.com 13 days ago
|
3136.
HN
Show HN: Wtx – Git worktrees for parallel AI agents
"Wtx" is a command-line utility developed to optimize the management of Git worktrees in large monorepositories used by parallel AI agents. By automating the creation, allocation, and reuse of worktrees, it eliminates the need for manual setup or teardown per branch, thus enhancing performance by avoiding repetitive bootstrapping processes. The tool supports integration with various terminals such as GhostTy and iTerm, as well as different AI agents like Claude and Codex. It also includes features for GitHub pull request integration, tmux support for improved terminal tab naming, and IDE integration to minimize indexing overhead.
Users can quickly utilize "wtx" by executing commands such as `wtx checkout -b feat/first` or entering its interactive mode with the command `wtx`. Installation is simple using a script provided in the documentation or through Go. By maintaining a reusable pool of worktrees, "wtx" effectively addresses scalability challenges in large repositories, automatically assigning them to branches for parallel AI tasks. Licensed under MIT, it enables swift and context-aware operations within complex project environments.
Keywords: #phi4, AI, CLI, Git worktrees, GitHub, GitHub integration, Go, MIT license Keywords: Git, PRs, agents, automation, installation, integration, large repos, license, monorepo, parallel AI agents, pool, repos, reusable pool, terminal, terminal integration, tmux, worktrees, wtx
github.com 14 days ago
|
3154.
HN
Show HN: ATA – open-source terminal research agent for keeping up with papers
ATA (Agents to Agents AI) is an open-source terminal research agent designed to assist researchers in navigating the fast-paced advancements across various disciplines by extending OpenAI's Codex CLI with additional functionalities. These include searching for academic papers via Semantic Scholar, arXiv, and OpenAlex; traversing citation graphs; reading and synthesizing PDFs; analyzing discussions on Hacker News; conducting patent searches through over 90 offices using EPO; integrating with Zotero; and maintaining a persistent knowledge base that evolves over time. A standout feature is ATA's unique reading view for synthesized papers or reports, which allows users to easily navigate sections and fold details as needed. ATA operates locally on the user’s computer, ensuring privacy by securely storing API keys without transmitting them. Installation can be done globally using npm with `npm install -g @a2a-ai/ata`, via curl for macOS/Linux through `curl -fsSL https://agents2agents.ai/ata/install.sh | sh`, or from its GitHub repository where downloadable binaries are available for various platforms, including macOS and Linux. The tool supports integration with multiple API providers such as OpenAI, Anthropic, and Gemini, offering flexibility while maintaining data security locally on the user’s machine. ATA is distributed under the Apache-2.0 License.
Keywords: #phi4, AI assistant, API key, ATA, Apache-20 License, CLI, GitHub, Hacker News, Linux, OpenAI Codex, OpenAlex, PDF synthesis, Semantic Scholar, Zotero, arXiv, citation graph, curl, knowledge base, macOS, npm, open-source, patent search, research agent, terminal
github.com 14 days ago
|
3155.
HN
Show HN: I ported Manim to TypeScript (run 3b1B math animations in the browser)
Narek developed Manim-Web, a TypeScript/JavaScript adaptation of the renowned Manim math animation engine, originally utilized by 3Blue1Brown. This version simplifies usage by running entirely within browsers without requiring Python or other dependencies like FFmpeg, Cairo, or LaTeX, thereby eliminating setup complexities associated with its Python counterpart. Key features include rendering via Canvas API and WebGL (through Three.js) for both 2D and 3D scenes, as well as support for LaTeX through MathJax/KaTeX, which allows users to render and animate equations without needing a separate installation.
Manim-Web maintains an almost identical API to the original Python version, ensuring ease of transition for existing users. It also incorporates reactivity with updaters and ValueTrackers akin to those in Python Manim, along with interactive features such as draggable or clickable objects that can be embedded within web applications using React/Vue frameworks. The tool offers a range of functionalities including geometry shapes, LaTeX equations, text animations, graphing capabilities, 3D modeling with orbit controls, and various animation effects.
Additionally, it supports exporting to GIFs and videos, provides interactive elements like drag-and-drop, and integrates seamlessly with React and Vue frameworks. As an open-source project under the MIT license, Manim-Web invites community contributions and includes a Python-to-TypeScript converter tool to aid users in migrating existing scripts. The development is ongoing, with active requests for feedback and technical support as efforts continue toward achieving full feature parity with the original Manim engine.
Keywords: #phi4, 3D scenes, Canvas API, GitHub, JavaScript, KaTeX, LaTeX, MIT license, Manim, MathJax, Python scripts, React, TypeScript, Vue, WebGL, animations, client-side, feature parity, framework integrations, geometry, interactivity, npm, open-source, py2ts converter, rendering, zero-setup
github.com 14 days ago
https://github.com/motion-canvas/motion-canvas 11 days ago
https://archive.canvascommons.io/ 11 days ago
https://github.com/canvas-commons/canvas-commons 11 days ago
https://slama.dev/motion-canvas/introduction/ 11 days ago
https://canvascommons.io/ 11 days ago
|
3159.
HN
Creating "Edit" Links That Open Plain-Text Source Files in a Native App
The author presents a refined workflow for managing and editing markdown files on their notes blog, focusing on efficiency and integration between tools. The content is stored as plain-text markdown in Dropbox and edited using iA Writer, while the codebase resides on GitHub with Netlify handling build triggers via Shortcuts. To address typos and errors efficiently, they utilize a custom URL protocol (`ia-writer://open?path=location:/path/to/file.md`) that allows direct opening of files in iA Writer from their website. This method eliminates the need for manual file searches, streamlining the editing process. Additionally, the author has implemented "Edit" links generated by JavaScript when a specific search parameter (`?edit=true`) is detected; these links are stored locally using localStorage to persist across visits without being visible to other users. This setup seamlessly integrates their writing tool with their website's content management system, enhancing both personal convenience and editing efficiency.
Keywords: #phi4, Build Trigger, CMS, Dropbox, GitHub, JavaScript, LocalStorage, Markdown, Netlify, Plain-Text, Shortcut, Synced Files, iA Writer
blog.jim-nielsen.com 14 days ago
|
3161.
HN
om
Om is a novel concatenative programming language characterized by minimal syntax and panmorphic typing, employing only three elements: operator, separator, and operand. Its design enables algorithmic manipulation and program transformation using any valid UTF-8 text without a byte-order marker as the program definition. Implemented in C++, Om can be integrated into both C++ and Objective-C++ programs and supports extensibility with new data types or operations. Although currently at an early "proof of concept" stage, Om aims to evolve into a full-fledged language despite lacking fundamental features like basic number and file handling.
Om's syntax involves concatenating functions for manipulating inputs and outputs, using prefix notation to facilitate efficient evaluation without stack overflow issues. Its panmorphic interface allows operations on various data types as operands, supporting flexible function composition. The language efficiently executes recursive definitions and evaluations due to its eager evaluation model. Om is open-source under the Eclipse Public License, available for community development via GitHub.
The project encourages contributions through adding operations or programs, issue reporting, and funding. Community involvement is facilitated by forks on GitHub and enhancements that extend Om's capabilities. Tools like HFCCA and CoverStory are employed for code complexity analysis and test coverage measurement, respectively. As Om continues to develop, it invites suggestions and improvements from the programming community to guide its evolution.
Keywords: #phi4, C++, C++ library, GitHub, GitHub repository Keywords: Om, Om language, Unicode, concatenative, development, evaluation, homoiconic, language, library, notation, operands, operations, panmorphic, panmorphic typing, prefix, prefix notation, recursion, typing
www.om-language.com 14 days ago
https://github.com/omcljs/om 14 days ago
https://evincarofautumn.blogspot.com/2012/02/why-c 14 days ago
https://go.dev/ 14 days ago
https://www.om-language.com/#language__examples__ 14 days ago
https://anaminus.github.io/langding/ 14 days ago
https://www.om-language.com/index.html#language__syntax__ 14 days ago
https://news.ycombinator.com/newsguidelines.html 13 days ago
https://github.com/srikumarks/pjs 13 days ago
https://news.ycombinator.com/item?id=47161422 13 days ago
https://en.wikipedia.org/wiki/Om 13 days ago
https://emojipedia.org/om 13 days ago
https://omlang.com/ 13 days ago
https://github.com/unisonweb/unison/issues/49 13 days ago
https://news.ycombinator.com/item?id=46053304 13 days ago
https://docs.raku.org/type/RakuAST 13 days ago
https://en.wikipedia.org/wiki/Whitespace_(programming_l 13 days ago
https://github.com/phantomics/april 13 days ago
https://dl.acm.org/doi/10.1145/800136.804474 13 days ago
|
3165.
HN
xs
"xs," standing for "Extra Small," is a dynamically typed, dynamically scoped, concatenative array language inspired by kdb+/q and implemented in OCaml. Released into the public domain, it prioritizes compactness and expressiveness. Users interested in accessing more information or contributing to its development can visit its GitHub project page or reach out to the developer at sturm@cryptm.org for issues or pull requests.
Keywords: #phi4, GitHub, OCaml, array language, builtin functions, compactness, concatenative, documentation, dynamically scoped, dynamically typed, email, expressiveness, interpreter, issue, kdb+/q, project page, pull request, source code, xs
cryptm.org 14 days ago
|
3176.
HN
Self-Hosting Obsidian Vault with Retype
The blog post explores how users can self-host their Obsidian vaults using Retype, presenting it as a viable alternative to Obsidian Publish for those who seek complete control over deployment and hosting. Retype enables existing Obsidian vaults to be converted into fast, aesthetically pleasing websites without necessitating migration or relinquishing content ownership. It supports Markdown, facilitating easy collaboration and versioning, while integrating with platforms like GitHub, Cloudflare, and Netlify for free hosting.
The post highlights Retype's key features: collaborative editing within Obsidian, content portability and future-proofing, Git integration for tracking changes, and the ability to instantly generate professional sites without recurring fees. It provides a detailed step-by-step guide on installing and configuring Retype, starting with command-line installation, cloning the Obsidian Help GitHub repository, running Retype to begin website generation, and customizing settings through the `retype.yml` file.
Retype is presented as an efficient tool for publishing Markdown content online, especially beneficial for teams and individuals who prefer a self-hosted solution without sacrificing data control. The post invites user feedback to influence future development of Retype and encourages sharing projects and ideas within the Obsidian community.
Keywords: #phi4, Cloudflare, GitHub, Markdown, Netlify, Obsidian, Retype, collaborative editing, community key, digital garden, documentation, knowledge base, self-hosting, static website generator
retype.com 14 days ago
|
3177.
HN
Show HN: Better Hub – we tried to improve GitHub
Better Hub seeks to improve the GitHub code collaboration experience by innovating how humans and agents collaborate on projects. The platform features a range of customizable permission settings that empower users to manage their interactions with various components such as public and private repositories, organizations, notifications, workflows, discussions, security alerts, GPG keys, webhooks, gists, among others. During the setup process, users can specify which permissions they require, ensuring only essential access is granted. This attention to privacy and control extends to user data and access tokens, all of which are securely encrypted and stored, emphasizing Better Hub's commitment to security and user-centric design.
Keywords: #phi4, Better Hub, CI/CD, Dependabot findings, GPG keys, GitHub, PRs, access token, actions & workflows, audit logs, code collaboration, commit signature verification, discussions, gists, issues, notifications, organizations, permissions, private repos, projects, public repos, pushes, security, webhooks
www.better-hub.com 14 days ago
|
3183.
HN
Show HN: Mlut – Tailwind CSS alternative for custom websites and creative coding
The post introduces "mlut," an open-source CSS framework designed as a Tailwind CSS alternative tailored for custom websites and creative coding. Rooted in the Atomic CSS methodology, mlut distinguishes itself by addressing limitations found in traditional frameworks when applied to unique and non-standard design requirements. Its standout features include a system of short and consistent naming conventions, along with rich native syntax that resembles Vim's capabilities within CSS, thereby enhancing user efficiency and expressiveness. Additionally, mlut integrates seamlessly with Sass to offer advanced preprocessor functionality. The framework is the culmination of extensive research and development, amounting to 1,000 hours of dedicated effort. Users can explore practical applications of mlut through examples of CSS art showcased on its website. The project actively seeks community engagement, inviting feedback and contributions via GitHub.
Keywords: #phi4, Atomic CSS, CSS art, CSS framework, GitHub, MLut, Sass, Tailwind CSS, abbreviations, algorithm Keywords: MLut, consistent naming, creative coding, custom websites, individual designs, non-standard designs, open source project, popularity, preprocessor, short naming, syntax, utility classes
mlut.style 14 days ago
|
3186.
HN
Show HN: Match – A pattern matching language that replaces regex
Match is an innovative pattern-matching language developed as an alternative to regular expressions (regex), aiming for greater intuitiveness through its plain English syntax. It emphasizes human-readable grammar and provides full parse trees with named extractions, enhancing both clarity and functionality. A significant advantage of Match over traditional regex is its elimination of backtracking, which effectively prevents ReDoS (Regular Expression Denial of Service) attacks. Additionally, the language boasts composable grammar modules and operates independently without dependencies, resulting in a minimal package size of approximately 15KB.
Match's design facilitates diverse pattern-matching tasks by allowing users to define specific patterns, such as identifying email addresses through structured components like "username then '@' then domain." This utility extends to various applications where clear and efficient text matching is required. The language is accessible via npm under the package name `@hollowsolve/match`, with comprehensive resources including documentation, a playground for experimentation, and practical examples available online. For those interested in exploring or contributing to its development, the source code of Match can be found on GitHub.
Keywords: #phi4, GitHub, Hollowsolve, Match, ReDoS, composable modules, dependencies, documentation, email address, examples, grammar syntax, named extractions, no backtracking, npm, parse trees, pattern matching, playground, regex replacement, rule1, rule2
www.matchlang.com 14 days ago
|
3196.
HN
Dwitter Beta – Creative coding in 140 characters
Dwitter Beta is an innovative platform that challenges users to create stunning visual animations using just 140 characters of JavaScript, launched in 2016 at a demoparty. As an open-source project, it enables real-time content generation within web browsers. Participants frequently achieve complex visual universes, such as parallax forests or ant colony simulations, through clever code optimizations. The platform fosters a vibrant community on Discord where users can share and collaboratively modify creations, enhancing interactive learning. Ideal for individuals who enjoy creative challenges, Dwitter Beta serves as an excellent arena for exploring digital creativity and pushing the boundaries of concise coding.
Keywords: #phi4, Discord, Dwitter, GitHub, JavaScript, Solar Orbit, beta version, browser-generated, challenges, community, creative coding, creativity, demoscene, eval(unescape(escape)), function u(t), interactive, open source, optimization, parallax, real-time, shaders, visual effects
korben.info 14 days ago
|
3200.
HN
Code Isn't Slowing Your Project Down, Communication Is
The article posits that communication challenges, rather than coding complexity, primarily hinder project timelines. While small teams or individuals can quickly complete tasks due to clear understanding, larger teams or unfamiliar components often suffer from poor communication, leading to extended timelines caused by varying processes and priorities. The concept of Conway's Law is introduced, suggesting that an organization’s structure naturally influences its system design, resulting in siloed architectures when inter-team collaboration is lacking. To mitigate this issue, the Inverse Conway Maneuver is proposed, which involves designing teams intentionally to achieve desired architectural outcomes.
An illustrative example describes how separating backend and front-end development into specialized teams initially improved efficiency but later revealed integration challenges through cross-functional discussions. The article advocates for fostering communication between teams as a means to uncover hidden problems and enhance system architecture. By acknowledging Conway's Law as an inherent factor, the piece encourages intentional efforts to bridge team silos by promoting inter-team collaboration and shared knowledge, ultimately shaping better architectures.
Keywords: #phi4, Architecture, Backend, Code, Collaboration, Communication, Components, Conway's Law, Frontend, GitHub, Integration, Inverse Conway Maneuver, Knowledge Sharing, Organizational Structure, Priorities, Processes, Project, Silos, Sprint, Team Spirit, Teams, Technical Gaps
shiftmag.dev 14 days ago
|
3202.
HN
Show HN: I got tired of writing Pandas scripts just to JOIN two CSV files
The author crafted a plugin for the Tabularis GUI to enhance working with CSV files by treating them as database tables, addressing their frustration with repetitive use of tools like Pandas for data joining and aggregation. This solution allows users to simply drop CSVs into a designated folder where each file is automatically transformed into an inferred-type table, enabling immediate SQL querying without the need for coding or imports. Developed in approximately 250 lines of standard Python and devoid of external dependencies, the plugin integrates smoothly with Tabularis using its open JSON-RPC protocol over stdin/stdout. This functionality supports complex data queries, such as joining user, order, and product information to calculate total spend per user, thereby significantly simplifying data management tasks. The plugin and its associated project are hosted on GitHub for further exploration and use by interested users.
Keywords: #phi4, CSV files, GitHub, JOIN, JSON-RPC, Pandas, Python, SQL editor, SQLite, Tabularis, aggregation, column types, data source, database, orders, plugin, products, query, stdin/stdout, users
news.ycombinator.com 14 days ago
|
3207.
HN
SpacetimeDB 2.0
SpacetimeDB 2.0 offers substantial advancements, enhancing both its performance capabilities and compatibility across various programming languages and frameworks. A standout improvement is the significant increase in transaction rates, with TypeScript achieving over 100k transactions and Rust up to 170k even under high contention scenarios. The update marks official support for TypeScript/JavaScript as stable, while also expanding integration options with Unreal Engine/C++. Additionally, SpacetimeDB 2.0 provides templates and integrations tailored for popular web frameworks.
The release introduces a new pricing scheme through Maincloud, featuring a free tier and more predictable costs. Users can leverage the Spacerace Referral Program to earn up to 400x additional credits by referring friends. On the capabilities front, SpacetimeDB 2.0 includes Procedure Functions that allow HTTP calls within modules for seamless external API integrations, View Functions offering advanced read permissions with options for data filtering and column selection, and a Typed Query Builder designed to minimize runtime errors through strong typing.
Event Tables are introduced to manage transient events with automatic cleanup post-transaction, while configuration management is simplified via the `spacetime.json` file. Development processes benefit from a new command, `spacetime dev`, which automates code changes and app updates. Enhanced real-time monitoring dashboards improve data visualization, and support for the Postgres Wire Protocol increases compatibility with existing tools.
Additional enhancements include bolstered LLM support, collaboration features tailored for project teams, and specific optimizations for C++ and Unreal Engine users. The update also encompasses various bug fixes, user experience improvements, and performance enhancements, along with recognition of contributions from new developers. Collectively, these updates make SpacetimeDB 2.0 a robust and versatile solution in modern web development contexts.
Keywords: #phi4, API, C++, CI/CD, Event Tables, GitHub, JavaScript, Maincloud, Procedure Functions, Rust, SpacetimeDB, TypeScript, Unreal Engine, View Functions, authentication, benchmarks, documentation, integration, migration, modules, performance, pricing, query builder, web development
github.com 14 days ago
|
3218.
HN
Show HN: Lemonpod.ai – Your daily life recap, narrated as a personal AI podcast
Lemonpod.ai offers a beta service that transforms users' digital interactions from platforms such as GitHub, Google Calendar, Strava, and X into tailored AI-generated podcasts. The service delivers concise daily episodes alongside in-depth weekly summaries, enabling users to experience an auditory recap of their personal activities during commutes or other moments throughout the day. By converting various app data into personalized narratives, Lemonpod.ai provides a unique way for individuals to reflect on and engage with their own life stories. To attract new users and showcase its innovative capabilities, the service is available for a 7-day free trial period.
Keywords: #phi4, AI-generated, GitHub, Google Calendar, HN, Lemonpodai, Strava, X, apps, audio recaps, beta, beta Keywords: Lemonpodai, daily episodes, digital life, free trial, morning commute, podcast, weekly deep-dive
lemonpod.ai 14 days ago
|
3222.
HN
A clean API for reading PHP attributes
The `spatie/php-attribute-reader` package provides an efficient API designed to simplify access to PHP 8.0 attributes across various class elements such as methods, properties, constants, and parameters. This tool addresses the verbosity typically associated with native PHP's reflection process by allowing users to retrieve attribute instances with minimal code. It eliminates the need for extensive boilerplate and gracefully handles scenarios where attributes might be absent, avoiding exceptions. The package offers dedicated methods for retrieving attributes from different targets and can efficiently locate all occurrences of a specific attribute within a class. It is integrated into multiple Spatie projects to streamline the complexity involved in reading attributes. Comprehensive documentation and source code are available on GitHub, while support for Spatie's open-source initiatives can be extended by exploring their paid products.
Keywords: #phi4, GitHub, PHP, Route attribute, Spatie, Validate attribute, attributes, classes, constants, documentation, instantiation, metadata, methods, parameters, php-attribute-reader, properties, reflection API
freek.dev 14 days ago
|
3227.
HN
Show HN: Base N Clock - The current time in various number bases
The Base N Clock is an innovative digital timepiece designed to enhance understanding of non-decimal numeral systems by displaying the current time in various number bases. Aimed primarily at children, it provides a familiar clock interface that facilitates exploration and comprehension of different numerical bases. Additionally, this educational tool is available as a screensaver for Roku devices, extending its accessibility and practical use. The project's source code and further details are accessible on GitHub via craigmichaelmartin's repository at [craigmichaelmartin/base-n-clock](https://github.com/craigmichaelmartin/base-n-clock), allowing users to explore or contribute to the development of this educational tool.
Keywords: #phi4, Base N Clock, GitHub, Roku screensaver, base 10, clock interface, craigmichaelmartin, intuition, kids education, number bases, numeral systems, source code, source code Keywords: Base N Clock, time display
craigmichaelmartin.github.io 14 days ago
|
3228.
HN
Notes on Setting Up Forgejo on Coolify with SSH
The text describes the process of setting up a self-hosted Forgejo instance using Coolify, focusing on challenges encountered due to version discrepancies between Coolify's library (version 8) and the current version (14). Initial configuration issues were primarily related to establishing SSH connections over HTTPS, despite port mappings. Debugging revealed that changes in versions complicated the setup, which was resolved by updating to version 14 and modifying the port mapping from 22222 to 2222.
The user also provides a final Docker Compose configuration for Forgejo, detailing necessary components such as environment variables, ports, volumes, and a health check setup. Post-installation customization options are discussed, including editing `robots.txt`, icons, and templates via Docker, with the note that these changes necessitate container reboots to be effective. Additionally, the author shares tips for connecting to the container using SSH through Coolify and provides access details to their personal Git instance hosted on Forgejo.
Keywords: #phi4, Coolify, Docker, Forgejo, Git instance, Git instance Keywords: Forgejo, GitHub, HTTPS, SSH, appini, container, docker exec, environment variables, healthcheck, port mapping, service URL, templates, version 14
rknight.me 14 days ago
|
3233.
HN
The most popular email providers
In August 2025, a comprehensive study assessed the popularity of email hosting providers by examining the top 100,000 domain names with configured mail servers. It was discovered that 72% had Mail Exchange (MX) records set up. The analysis revealed that Google and Microsoft were leading the market, serving about 60% of these domains collectively through their services such as google.com and outlook.com. Other significant players included Yandex, PPHosted, Mimecast, Amazon AWS, and Cloudflare, indicating a diverse landscape in hosting platforms, registrars, email solutions, and security products. This data provides insight into the competitive dynamics within the email hosting industry, with Google and Microsoft dominating a large segment of it, while other providers hold smaller yet notable market shares. The methodology and code used for this study are available on GitHub, offering transparency and reproducibility in research practices.
Keywords: #phi4, DNS MX, DNS MX lookups, GitHub, Google, Microsoft, Tranco list, domain names, email providers, email-enabled domains, hosting platforms, mail servers, popularity, security products, security products Keywords: email providers, technical keywords
alexsci.com 14 days ago
|
3235.
HN
Show HN: EvidentTrail – Turn GitHub activity into continuous SOC2 audit evidence
EvidentTrail is a specialized tool designed to facilitate the execution of SOC 2 audits by utilizing GitHub activity as verifiable audit evidence. It automates the capture and organization of data such as pull request approvals, branch protection changes, continuous integration results, and code commits through its GitHub App interface. The tool offers advanced functionalities including AI-assisted code detection for identifying AI-generated code and branch protection drift detection using hash-based snapshots. Additionally, it provides tamper-evident evidence packs in PDF, CSV, or JSON formats with SHA-256 manifests to ensure data integrity. EvidentTrail eliminates the need for engineering teams to manually recreate audit trails by mapping these activities to specific compliance controls like SOC 2 CC8.1 and ISO 27001 A.8.32. Currently in its early launch phase, EvidentTrail welcomes inquiries regarding its implementation and potential advantages in meeting compliance requirements for SOC 2, ISO 27001, and the EU AI Act.
Keywords: #phi4, AI-assisted commits, CI results, EU AI Act, EvidentTrail, GitHub, ISO 27001, PR approvals, SHA-256 manifest, SOC2 audit, branch protection, branch protection drift, code detection, compliance, evidence packs, evidence trail, tamper-evident
evidenttrail.com 14 days ago
|
3237.
HN
XPath Extractor – Chrome Extension for Web Data Extraction
XPath Extractor is a Chrome extension that streamlines the process of extracting web data using XPath or CSS selectors. The extension simplifies this task by allowing users to right-click on webpage elements to generate their XPath and extract corresponding text automatically. It also supports entering custom XPaths for testing purposes and facilitates the extraction of both text and attributes, with options to export the results in JSON format. Additionally, it offers features like highlighting matching page elements, performing bulk extractions from similar elements, and exporting data in various formats such as TXT, CSV, and JSON, including metadata. Users benefit from easy copying functionalities for XPath, text, or arrays, along with customizable settings for exports. The extension also allows users to switch between light and dark modes according to preference. XPath Extractor is accessible via GitHub and the Chrome Web Store, making it easily downloadable for enhanced web data extraction capabilities.
Keywords: #phi4, Attributes, Bulk extraction, CSS selectors, CSV, Chrome extension, Copy XPath, Custom XPath, Customize settings, Dark mode, Export formats, Extract text, Generate XPath, GitHub, Highlight elements, Install, JSON, Light mode, Metadata, Popup, Right-click, TXT, Web data extraction, XPath, XPath Extractor
news.ycombinator.com 14 days ago
|
3240.
HN
Scoring Open Source Contributors in the Age of AI Slop: Finding Good Eggs
The article explores the increasing challenges faced by open-source maintainers due to a surge in AI-generated pull requests, which often appear credible initially but reveal flaws upon closer inspection. This trend has strained reviewers' resources and disrupted traditional trust models for code reviews. The core issue arises because while AI tools have lowered submission costs, the burden of evaluating these contributions remains high.
To mitigate this problem, a tool named "Good Egg" was developed to automate contributor assessments by calculating a trust score based on their GitHub contribution history. This system builds a weighted graph from merged pull requests and considers factors like recency decay, repository quality, and contribution type to generate scores, helping maintainers efficiently triage pull requests.
The initial model evolved into "Better Egg" (v2), which includes additional features such as merge rate and account age to address biases in the original scoring system. Although both models show similar predictive accuracy with an AUC of 0.647, v2 offers more detailed insights for distinguishing contributors with varying profiles. Good Egg is accessible via a GitHub Action and a Python library, designed to aid maintainers by providing quick triage signals without rejecting AI-assisted contributions outright. Future enhancements aim to improve the detection of new contributors and analyze text patterns in pull requests more thoroughly.
Keywords: #phi4, AI Slop, Account Age, Bot Detection, Contribution Graph, GitHub, Good Egg, Logistic Regression, Merge Rate, Open Source, PR Quality, Pull Requests, Review Cost, Trust Score
neotenyai.substack.com 14 days ago
https://github.com/2ndSetAI/good-egg 14 days ago
|
3251.
HN
Never Buy A .online Domain
The author details a frustrating experience involving their .online domain purchased from Namecheap, which became inaccessible due to its inclusion on Google's Safe Browsing blacklist. Initially set up with Cloudflare and GitHub during a promotion, the website vanished after displaying an "unsafe site" warning followed by a "site not found" error, despite correctly configured settings in Namecheap and Cloudflare. The root of the problem was failure to verify domain ownership through Google Search Console, necessary for removing the blacklist flag. This led to a problematic catch-22 as verification required DNS records that couldn't be added because the domain didn't resolve. Efforts to contact both Radix (the registry) and Google were unsuccessful, compounded by a lack of notifications or grace periods from either entity.
Reflecting on these events, the author cites several mistakes: opting for an unconventional TLD over a .com, neglecting initial addition of the domain to Google Search Console, and failing to implement uptime monitoring. They criticize both Radix and Google for their rigid policies without adequate communication. Consequently, the author resolves never again to purchase non-.com domains, lamenting the lost $0.20 investment. The account highlights serverHolds as challenging issues set by registries, reflecting broader frustrations with domain management processes. In response, a mirror site was created to preserve documentation of the original content for verification purposes.
Keywords: #phi4, CNAME record, Cloudflare, DNS TXT, GitHub, Google Search Console, ICANN fees, Namecheap, Radix, Safe Browsing blacklist, `com purist`, `online domain`, false positive, promo, registry, review request, serverHold, site not found, temporary release, traffic data
www.0xsid.com 14 days ago
https://search.google.com/search-console 14 days ago
https://search.google.com/search-console/about 14 days ago
https://radix.website/ 14 days ago
https://news.ycombinator.com/item?id=40195410 14 days ago
https://pinggy.io 14 days ago
https://prezkennedy.com/2026/01/15/the-free-d 14 days ago
https://hn.algolia.com/?q=Google+safe+browsing 14 days ago
https://www.law.cornell.edu/wex/defamation 14 days ago
https://news.ycombinator.com/from?site=neal.fun 14 days ago
https://safebrowsing.google.com/safebrowsing/report_phi 14 days ago
https://xkcd.com/1279/ 14 days ago
https://allzonefiles.io/zone/online 14 days ago
https://news.ycombinator.com/item?id=33526893 14 days ago
https://news.ycombinator.com/item?id=25802366 14 days ago
https://news.ycombinator.com/item?id=45675015 14 days ago
https://tld-list.com/ 14 days ago
https://aid.de 14 days ago
https://www.scaleway.com/en/domain-names/ 14 days ago
https://haveibeenpwned.com/ 13 days ago
https://beamng.tech/ 13 days ago
https://www.icann.org/compliance/complaint 13 days ago
|
3254.
HN
Show HN: Widify – An AI auto-blogging tool that commits directly to GitHub
Widify is an automated blogging tool designed by a Japanese indie developer to simplify the content creation and publication process for developers. By generating SEO-optimized articles and translating them into multiple languages, Widify facilitates seamless integration with the Git/Markdown workflow favored by developers, particularly those using static site generators like Next.js, Astro, Hugo, and deployment platforms such as GitHub Pages or Vercel. The tool directly commits these Markdown files to a configured GitHub repository, addressing common challenges associated with managing blogs, crafting SEO-driven content, and translating posts—tasks that typically consume significant time.
Developed using technologies such as Next.js, Supabase, and Inngest for reliable background job management, Widify employs AI to produce and translate content, thereby expanding the reach of articles through multilingual support. The tool's integration with GitHub ensures that generated Markdown/MDX files are pushed to designated branches, maintaining a clean Git history—a solution crafted in response to common issues faced by developers when automating their publishing workflows. Despite facing challenges like managing long-running AI text generation processes and ensuring seamless auto-publishing without cluttered Git histories, Widify aims to provide a comprehensive native solution for content automation.
As a self-funded project developed independently, the tool places significant emphasis on user feedback, particularly concerning its GitHub publishing workflow and overall architecture. The developer seeks insights to refine these aspects further, underlining the project's commitment to evolving based on community input.
Keywords: #phi4, AI auto-blogging, AI writing tools, Git workflow, GitHub, Inngest, Markdown/MDX, Nextjs, SEO-optimized articles, Supabase, Widify, WordPress integration, WordPress integrationKeywords: AI auto-blogging, automated blogging tool, background jobs, content generation, developer workflow, indie developer, marketing team, queuing system, self-funded, static sites, translation, translations
widify.site 14 days ago
|
3256.
HN
Show HN: Signal Support for NanoClaw
NanoClaw has expanded its functionality by integrating with Signal through signal-cli's JSON-RPC interface, allowing it to operate alongside or as an alternative to WhatsApp. This integration capitalizes on Signal’s robust end-to-end encryption combined with NanoClaw’s container isolation to provide secure local handling and transcription of voice messages using Whisper, ensuring data security unless users choose to share it.
The supported features include typing indicators, reactions, quoted replies, polls, text styling utilizing UTF-16 offsets, as well as image, audio, and file attachments. Additionally, group metadata support is included along with existing NanoClaw capabilities like scheduled tasks and per-group isolation.
Signal-cli runs in JSON-RPC mode where messages are routed to appropriate queues and containers for processing; responses occur through stdin RPC calls. To set up this integration, users can either execute the `/add-signal` command within Claude Code or configure `SIGNAL_ONLY=true` to run Signal exclusively without WhatsApp. The setup requires Java 21+ and signal-cli with no npm dependencies.
NanoClaw’s architecture is designed for simplicity and security using container isolation on macOS (Apple Container) or Docker, focusing on a single process and minimal file structure to simplify understanding and modification. Its AI-native capabilities eliminate the need for traditional installation wizards, allowing users to customize their experience through skills like `/add-signal`.
The NanoClaw community encourages contributions of skills over features to maintain system simplicity, with an open invitation for questions and ideas on Discord. The project is licensed under MIT, promoting open collaboration while emphasizing security and customization at its core.
Keywords: #phi4, AI assistant, API, Claude Code, Discord, Docker, E2E encryption, GitHub, JSON-RPC, Linux, Linux containers, MIT License Keywords: Signal, NanoClaw, Signal, WhatsApp, agent swarms, configuration, container isolation, cross-platform, customization, debugging, integration, macOS, messaging, security, security model, setup, skills, voice transcription
github.com 14 days ago
|
3257.
HN
Gh-PR-reviews Fetch GitHub PR reviews as compact Markdown coding agents
The "Gh-PR-reviews" tool is crafted to efficiently extract and summarize GitHub Pull Request (PR) reviews into a compact Markdown format, streamlining the integration of feedback into AI assistants. Its primary function is to capture the most recent review from each reviewer, focusing specifically on identifying any changes requested in these comments. By presenting only the final feedback provided by reviewers, Gh-PR-reviews offers concise and actionable insights directly derived from PRs, thereby enhancing the efficiency of the review process for users who seek a clear understanding of necessary modifications without navigating through all previous interactions.
Keywords: #phi4, AI, GitHub, Markdown, PR, assistant, changes, feedback, last review, requested, reviewer, reviews, summarize, technical
github.com 14 days ago
|
3259.
HN
Show HN: A tool for sharing your YouTube recommendations
The author developed "myfyp.link," a platform designed to share YouTube Home recommendations through concise links, motivated by a desire to explore content beyond algorithmic constraints and disseminate these findings with others. This tool captures video data from YouTube, enabling users to generate snapshots of their personalized recommendation feeds for sharing on forums or other platforms. By facilitating the exchange of diverse content preferences, it aims to initiate conversations about the impact of recommendation algorithms on shaping opinions. Additionally, "myfyp.link" is open-source and its codebase can be accessed on GitHub, inviting collaborative development and transparency in understanding algorithmic influences online.
Keywords: #phi4, GitHub, JSON, YouTube, algorithmic bubble, community, conversations, discovery, engagement, extension, feed, forums, lifetime, metadata, motivational speech, niche, online, recommendations, server, sharing, snapshot, social media, tastes, tool, vibecoded, video, viral meme
blog.dtsykunov.com 14 days ago
|
3286.
HN
GitHub website is down
The current downtime of the GitHub website underscores its significance in today's digital landscape, revealing potential vulnerabilities in relying solely on public platforms for version control. This situation raises awareness about the importance of having alternative solutions for hosting essential services like Git repositories. As a result, companies might increasingly explore establishing private Linux servers to host their own repositories. Such an approach would provide greater control over data security and system reliability, reducing dependency on third-party services and mitigating risks associated with public platform outages. This shift could lead to enhanced operational stability for organizations that require consistent access to version control systems.
Keywords: #phi4, GitHub, Linux servers, companies, critical infrastructure, down, git repos, host, private, private git repos, technical keywords, website
news.ycombinator.com 14 days ago
|
3304.
HN
Curl Security Moves Again
The curl project decided to revert to using Hackerone after finding GitHub's platform inadequate for handling security vulnerability reports during a brief trial period. Despite ending its bug bounty program in January 2026, curl required an effective system for managing and reporting vulnerabilities without financial incentives. The switch back was prompted by several deficiencies in GitHub’s setup, including the absence of secure email notifications, insufficient features for editing CVE numbers (as curl serves as its own CNA), inadequate default collaborator management on advisories, and subpar discussion tools. These shortcomings hindered transparency and efficient communication, prompting the return to Hackerone, which better aligns with curl's needs for effective vulnerability handling.
While GitHub had some functional security features, it lacked crucial elements necessary for open-source projects that have specific reporting requirements. Alternatives like email were considered but dismissed due to their associated challenges outweighing benefits. The move back to Hackerone allows curl to implement a robust system prioritizing efficient management and transparency of vulnerabilities. This transition aims to align with best practices in open-source security management, though it may affect the volume of reports received. Ultimately, this shift reflects curl’s commitment to adapting processes based on feedback and experience to ensure effective vulnerability handling.
Keywords: #phi4, CVE, Curl, GitHub, Gitlab, Hackerone, Open Source, abuse management, bug-bounty, email challenges, reputation system, security reports, transparency, vulnerability reporting
daniel.haxx.se 14 days ago
|
3315.
HN
Hatsune Miku Meets Clojure
The text describes a personal hobby project developed by an author over several months, focusing on creating a Clojure-based renderer for PMX models, specifically used in the MikuMikuDance animation software. While the project also has the capability to handle gLTF models using Assimp, this was not its primary focus. The development involves various libraries such as LWJGL, ImGui-Java, and OpenGL, with a significant reliance on Doyle's rules engine for enhanced functionality. The author values this library for its resemblance to an Entity Component System (ECS) and has even developed a clj-kondo hook for it.
The project is described as an exploratory art endeavor rather than an intended library or game engine, although certain components might be applicable in such contexts. Despite the inherent complexities of working with Clojure, the author expresses enthusiasm about further exploration. The codebase is shared on GitHub (excluding models), and credits for the Hatsune Miku model are given to Jomomonogm.
Keywords: #phi4, Clojure, ECS, GitHub, Hatsune Miku, Jomomonogm, MikuMikuDance, OpenGL, PMX model, assimp, clj-kondo hooks, gLTF models, imgui-java, lwjgl, odoyle rules engine
old.reddit.com 14 days ago
|
3325.
HN
Show HN: Open-source temporary email service using haraka and node
FreeCustom.Email is an open-source temporary email service developed using Haraka and Node.js, designed for efficiency with low memory usage and high-volume handling capabilities. Key features include support for custom domain emails, multilingual options, and a user-centric design that prioritizes security against spam, phishing, and automated bots without requiring user sign-up. The service provides instant generation of non-expiring email addresses under custom domains, maintaining privacy while keeping real inboxes uncluttered. Users can track processed emails in real-time, benefitting from the service's ad-free nature and swift performance owing to lightweight coding and global edge caching strategies. Accessible at [freecustom.email](https://www.freecustom.email), its source code is publicly available on GitHub across two repositories: [maildrop](https://github.com/DishantSinghDev2/maildrop) and [temp-mail](https://github.com/DishIs/temp-mail). The service encourages feedback regarding its architecture, performance, or potential enhancements.
Keywords: #phi4, GitHub, Haraka, Nodejs, Open-source, PageSpeed-driven, ad-free, architecture, backend, bots, custom domain, disposable email, edge caching, feedback, free service, global domains, high volume, instant generation, live service, low memory, multi-language, no sign-up, performance, phishing protection, secure, spam prevention, temporary email
www.freecustom.email 14 days ago
|
3328.
HN
Webgrid Eval: LLM vision + tool-use on Neuralink's cursor control task
The Webgrid Eval Summary presents a specialized benchmark for assessing the vision and tool-use proficiencies of large language models (LLMs), drawing inspiration from Neuralink's cursor control task used in brain implant trials. This evaluation framework, designed to mimic Neuralink’s game called Webgrid, involves LLMs navigating grid interfaces to click designated blue target cells accurately, using commands such as `screen`, `mouse_move`, and `mouse_click`. Performance is quantified in bits per second (BPS), calculated from net correct clicks (NTPM) against time efficiency, where BPS = max((NTPM/60) × log₂(N - 1), 0), with N representing grid size. In trials involving the model claude-4.6-opus on a 30×30 grid over ten rounds, an average BPS of 0.80 was recorded. This result is juxtaposed against human performance metrics from Neuralink's trials and traditional mouse users, highlighting substantial differences in efficiency and effectiveness.
The setup for executing this benchmark includes options to run the game locally or via an API server tailored for various models, with features such as health checks, batch evaluations, logging of results, and generation of replay GIFs for comprehensive analysis. In executing these tasks, LLMs leverage tools that simulate human interaction capabilities: `screen` provides current views and screenshots; `mouse_move` enables cursor movement via pixel adjustments; and `mouse_click` facilitates clicking actions at the cursor's location. The initiative not only measures the effectiveness of LLMs in mimicking precise tool-use but also encourages further research and community contributions, aiming to enhance understanding and capabilities within this domain inspired by Neuralink’s Webgrid.
Keywords: #phi4, API evaluation, BPS, GitHub, Google AI API, LLM vision, NTPM, Neuralink, OpenRouter AI, Webgrid Eval, YAML configuration, batch evaluation, benchmark, browser-based, cursor control, grid, health check, local LLM server, mouse_click, mouse_move, replay GIFs, screen tools, session start, software citation, tool-use
github.com 14 days ago
|
