Show stories

I'm a software engineer who keeps getting pulled into DevOps no matter how hard I try to escape it. I recently moved into a Lead DevOps Engineer role writing tooling to automate a lot of the pain away. On my own time outside of work, I built Artifact Keeper — a self-hosted artifact registry that supports 45+ package formats. Security scanning, SSO, replication, WASM plugins — it's all in the MIT-licensed release. No enterprise tier. No feature gates. No surprise invoices.

Your package managers — pip, npm, docker, cargo, helm, go, all of them — talk directly to it using their native protocols. Security scanning with Trivy, Grype, and OpenSCAP is built in, with a policy engine that can quarantine bad artifacts before they hit your builds. And if you need a format it doesn't support yet, there's a WASM plugin system so you can add your own without forking the backend.

Why I built it:

Part of what pulled me into computers in the first place was open source. I grew up poor in New Orleans, and the only hardware I had access to in the early 2000s were some Compaq Pentium IIs my dad brought home after his work was tossing them out. I put Linux on them, and it ran circles around Windows 2000 and Millennium on that low-end hardware. That experience taught me that the best software is software that's open for everyone to see, use, and that actually runs well on whatever you've got.

Fast forward to today, and I see the same pattern everywhere: GitLab, JFrog, Harbor, and others ship a limited "community" edition and then hide the features teams actually need behind some paywall. I get it — paychecks have to come from somewhere. But I wanted to prove that a fully-featured artifact registry could exist as genuinely open-source software. Every feature. No exceptions.

The specific features came from real pain points. Artifactory's search is painfully slow — that's why I integrated Meilisearch. Security scanning that doesn't require a separate enterprise license was another big one. And I wanted replication that didn't need a central coordinator — so I built a peer mesh where any node can replicate to any other node. I haven't deployed this at work yet — right now I'm running it at home for my personal projects — but I'd love to see it tested at scale, and that's a big part of why I'm sharing it here.

The AI story (I'm going to be honest about this):

I built this in about three weeks using Claude Code. I know a lot of you will say this is probably vibe coding garbage — but if that's the case, it's an impressive pile of vibe coding garbage. Go look at the codebase. The backend is ~80% Rust with 429 unit tests, 33 PostgreSQL migrations, a layered architecture, and a full CI/CD pipeline with E2E tests, stress testing, and failure injection.

AI didn't make the design decisions for me. I still had to design the WASM plugin system, figure out how the scanning engines complement each other, and architect the mesh replication. Years of domain knowledge drove the design — AI just let me build it way faster. I'm floored at what these tools make possible for a tinkerer and security nerd like me.

Tech stack: Rust on Axum, PostgreSQL 16, Meilisearch, Trivy + Grype + OpenSCAP, Wasmtime WASM plugins (hot-reloadable), mesh replication with chunked transfers. Frontend is Next.js 15 plus native Swift (iOS/macOS) and Kotlin (Android) apps. OpenAPI 3.1 spec with auto-generated TypeScript and Rust SDKs.

Try it:

  git clone https://github.com/artifact-keeper/artifact-keeper.git
  cd artifact-keeper
  docker compose up -d

Live demo: https://demo.artifactkeeper.com Docs: https://artifactkeeper.com/docs/

I'd love any feedback — what you think of the approach, what you'd want to see, what you hate about Artifactory or Nexus that you wish someone would just fix. It doesn't have to be a PR. Open an issue, start a discussion, or just tell me here.

https://github.com/artifact-keeper

Hi HN, I am shubham a 3d artist who learned coding in college as an I.T. graduate know logics but not an expert as i just wanna try my hands on to ai

So i built Resilient Workflow Sentinel this is offline ai agent which classify urgency (Low,Medium and HIgh) and dispatches to the candidates based on availability Well i want an offline system like a person can trust with its sensitive data to stay completely locally

Did use ai to code for speeding and cutting labor.

Its works on RTX 3080 system (this is an basic affordable setup not heavy ai machinery) which i want it to make it reliable without heavy upgrade This is full system doesn't require ollama(I am not against it)

I see in companies tickets are raised on jira and slack. Currently people or manager (self) have to sort those things either manually read one by one or send them to the cloud. But the issue is you can't send everything like there is a lot of sensitive data out there which they do not trust and makes it harder and manual sorting through thousands is likely a nightmare.

But then just imagine u get all the task classified like its urgency and distribution u can selectively see which task is urgent and needs immediate attention and last of all information doesn't leave your building totally secure Also Api sending is not the only issue u are paying per token cost for task for each may be monthly 100$ to 1000$ which can like save hassle for startup a lot or companies as well

There was several biases like positional bias also json out put bias also have issues in attention At start i tried just prompting things like Chain of thoughts,RISE(evaluate negative first), given negative examples,Positive examples, somewhere it was struggling with commonsense issue so examples for that (Later changed the approach)

Well prompting did give the output and worked well but took too much time to process for single task like 70 to 90secs for a task

Then i tried batching and the biases got worst like it got stronger it always use to like favour alice also more prompts are like ignored and more

For json output i used constrain so model can only generate json and if fails there is a as well parser i used when i implemented prompting only

This reduce time from 90sec to nearly 15 to 30secs per task I used steering vector to correct the attention i seen issues happening

Stack: Language: Python 3.10 Model: qwen2.5-7b-instruct Libraries: Pytorch, Hugging Face Transformers (No Langchain, No Ollama) API: Fast API UI: NiceGUI Hardware: Ryzen 5, 16Gb ram RTX 3080

Implementation:

Quantization: Load model in nf4 quantization so models like 7b can fit on vram of 10gb which is on rtx 3080 also my hardware

Steering Vectors: Standard prompting wasn't enough. I need to block or direct certain things on a certain layer of llm to make it reliable.

Json Constraints: Used constraint to make model strictly give json and also stop from over explanation this happens at logits level where token are blocked which are not required etc

github : https://github.com/resilientworkflowsentinel/resilient-workf...

Youtube: https://youtu.be/tky3eURLzWo

I think agents should work like real teams, with independent, distinct roles, async communication, and the ability to onboard new teammates or tools without restructuring the whole org. I built backend systems at Yahoo and TikTok so event-driven agents felt obvious. But no agent SDKs were using this pattern, so I made Calfkit.

Calfkit breaks down agents into independent services (LLM inference, tools, and routing) that communicate asynchronously through Kafka. Agents, tool services, and downstream consumers can be deployed, added-to, removed, and scaled independently.

Check it out if this interests you! I’m curious to see what y’all think.

This is a little game implemented over a week of tinkering and targeting Emacs.

The point is both to have fun with this kind of simulations, and also explore the "functional core / imperative shell" approach to architecture. I also developed a tile and tile effect definition DSL, which makes this even easier to extend. From this point of view it's a success: easy testing, easy extension,

Gameplay-wise the simulation is too simplistic, and needs input from people interested in this kind of toys. The original Micropolis/SimSity is the last time I built a virtual city.

built this because I got tired of re-teaching Claude Code the same context every session. Preferences, decisions, “we already tried X,” “don’t touch this file,” etc. After a few days it starts to feel like onboarding the same coworker every morning.

Most “agent memory” tools auto-save everything. That feels good briefly, then memory turns into a junk drawer and retrieval gets noisy. Total Recall takes the opposite approach: a write gate. Before anything gets promoted, it asks one question: “Will this change future behavior?” If not, it doesn’t get saved.

How it works:

Daily log first (raw notes)

Promote durable stuff into registers (decisions, preferences, people, projects)

Small working memory loads every session (kept intentionally lean)

Hooks fail open. SessionStart can surface open loops + recent context. PreCompact writes to disk (not model-visible stdout)

The holy shit moment is simple: tell Claude one important preference or decision once, come back tomorrow, and it behaves correctly without you repeating yourself.

Would love feedback from heavy Claude Code users:

Does the write gate feel right or too strict?

Does this actually reduce repetition over multiple days?

Any workflow/privacy footguns I’m missing?

This article discusses the importance of backlinks in search engine optimization, highlighting strategies for building high-quality backlink profiles to improve website visibility and rankings in search engine results.

My wife was planning to open a micro-bakery. We looked at production management software and it was all either expensive or way too generic. The actual workflows for a small-batch manufacturer aren't that complex, so I built one and open-sourced it.

Craftplan handles recipes (versioned BOMs with cost rollups), inventory (lot traceability, demand forecasting, allergen tracking), orders, production batch planning, and purchasing. Built with Elixir, Ash Framework, Phoenix LiveView, and PostgreSQL.

Live demo: https://craftplan.fly.dev (test@test.com / Aa123123123123)

GitHub: https://github.com/puemos/craftplan

The article describes the development of a plugin for the Ghidra software reverse engineering framework that adds support for the Minecraft Protocol (MCP), allowing for the analysis and understanding of Minecraft server software and communication protocols.

I review PRs all day and I've basically stopped reading them. Someone opens a 2000-line PR, I scroll, see it's mostly AI-generated React components, leave a comment, merge. I felt bad about it until I realized everyone on my team does the same thing.

The problem is diffs are the wrong format. A PR might change how three buttons behave. Staring at green and red lines to understand that is crazy.

The core reason we built this is that we feel that products today are built with assumptions from the past. 100x code with the same review systems means 100x human attention. Human attention cannot scale to fit that need, so we built something different. Humans are provably more engaged with video content than text.

So we RL trained and built an agent that watches your preview deployment when you open a PR, clicks around the stuff that changed, and posts a video in the PR itself.

Hardest part was figuring out where changed code actually lives in the running app. A diff could say Button.tsx line 47 changed, but that doesn't tell you how to find that button. We walk React's Fiber tree where each node maps back to source files, so we can trace changes to bounding boxes for the DOM elements. We then reward the model for showing and interacting within it.

This obviously only works with React so we have to get more clever when generalizing to all languages.

We trained an RL agent to interact with those components. Simple reward: points for getting modified stuff into viewport, double for clicking/typing. About 30% of what it does is weird, partial form submits, hitting escape mid-modal, because real users do that stuff and polite AI models won't test it on their own.

This catches things unit tests miss completely: z-index bugs where something renders but you can't click it, scroll containers that trap you, handlers that fail silently.

What's janky right now: feature flags, storing different user states, and anything that requires context not provided.

Free to try: https://morphllm.com/dashboard/integrations/github

Demo: https://www.youtube.com/watch?v=Tc66RMA0nCY

I was building a Rust-based agentic coding TUI and needed to render Mermaid diagrams. Noticed the official mermaid-cli spawns a full browser instance (Puppeteer/Chrome) just to render diagrams. Decided to fix this.

mmdr is a native Rust renderer. No browser, no Node.js.

  mermaid-cli:  ~3000ms per diagram
  mmdr:         ~3ms per diagram

After reading "During Helene, I Just Wanted a Plain Text Website" on Sparkbox (https://news.ycombinator.com/item?id=46494734) , I built safe-now.live – a text-first emergency info site for USA and Canada. No JavaScript, no images, under 10KB. Pulls live FEMA disasters, NWS alerts, weather, and local resources. This is my first live website ever so looking for critical feedback on the website. Please feel free to look around.

https://safe-now.live

Boris Cherny (Claude Code creator) recently dropped a threads on how his team at Anthropic uses Claude Code.

The key insight: they don't treat it as a static config. After every correction, they tell Claude "Update your CLAUDE.md so you don't make that mistake again." Claude writes a rule for itself. They review it, commit it to git. The mistake never happens again.

I cross-referenced his tweets with Anthropic's official docs and other best practices for CLAUDE.md and then packaged it into a starter kit:

  - Fill-in-the-blank templates for Next.js/TypeScript, Python/FastAPI, and a generic
  catch-all
  - The workflow patterns his team actually uses (plan mode, verification loops, subagent
  strategy)
  - Every claim cited back to the source tweet or doc

What's in your CLAUDE.md that's made a measurable difference?

The article discusses a new feature in GitHub that allows users to see which AI model was used to contribute to a pull request, providing transparency and accountability around the use of AI in software development.

I’m experimenting with modeling tabletop RPG adventures as explicit narrative state rather than linear scripts.

Everdice is a small web app that tracks conditional scenes and choice-driven state transitions to preserve continuity across long or asynchronous campaigns.

The core contribution is explicit narrative state and causality, not automation. The real heavy lifting is happening in the DM Toolkit/Run Sessions area, and integrates CAML (Canonical Adventure Modeling Language) that I developed to transport narratives among any number of platforms. I also built the npm CAML-lint to check validity of narratives. I'm interested in your thoughts.

https://realmofeverdice.com

Hey HN! I went to an ATProto meetup last week, and as a burnt-out semi-academic who hates academic publishing, I thought there might be a cool opportunity to build on Octopus (https://www.octopus.ac/), so I got a bit excited over the weekend and built Octosphere.

Hopefully some of you find it interesting! Blog post here: https://andreasthinks.me/posts/octosphere/octosphere.html

Hi everyone,

I built a runtime to isolate untrusted code using wasm sandboxes.

Basically, it protects your host system from problems that untrusted code can cause. We’ve had a great discussion about sandboxing in Python lately that elaborates a bit more on the problem [1]. In TypeScript, wasm integration is even more natural thanks to the close proximity between both ecosystems.

The core is built in Rust. On top of that, I use WASI 0.2 via wasmtime and the component model, along with custom SDKs that keep things as idiomatic as possible.

For example, in Python we have a simple decorator:

  from capsule import task

  @task(
      name="analyze_data", 
      compute="MEDIUM",
      ram="512mb",
      allowed_files=["./authorized-folder/"],
      timeout="30s", 
      max_retries=1
  )
  def analyze_data(dataset: list) -> dict:
      """Process data in an isolated, resource-controlled environment."""
      # Your code runs safely in a Wasm sandbox
      return {"processed": len(dataset), "status": "complete"}

  import { task } from "@capsule-run/sdk"

  export const analyze = task({
      name: "analyzeData", 
      compute: "MEDIUM", 
      ram: "512mb",
      allowedFiles: ["./authorized-folder/"],
      timeout: 30000, 
      maxRetries: 1
  }, (dataset: number[]) => {
      return {processed: dataset.length, status: "complete"}
  });

It's still quite early, but I'd love feedback. I’ll be around to answer questions.

GitHub: https://github.com/mavdol/capsule

[1] https://news.ycombinator.com/item?id=46500510

Hi all,

I have built Cimba, a multithreaded discrete event simulation library in C.

Cimba uses POSIX pthread multithreading for parallel execution of multiple simulation trials, while coroutines provide concurrency inside each simulated trial universe. The simulated processes are based on asymmetric stackful coroutines with the context switching hand-coded in assembly.

The stackful coroutines make it natural to express agentic behavior by conceptually placing oneself "inside" that process and describing what it does. A process can run in an infinite loop or just act as a one-shot customer passing through the system, yielding and resuming execution from any level of its call stack, acting both as an active agent and a passive object as needed. This is inspired by my own experience programming in Simula67, many moons ago, where I found the coroutines more important than the deservedly famous object-orientation.

Cimba turned out to run really fast. In a simple benchmark, 100 trials of an M/M/1 queue run for one million time units each, it ran 45 times faster than an equivalent model built in SimPy + Python multiprocessing. The running time was reduced by 97.8 % vs the SimPy model. Cimba even processed more simulated events per second on a single CPU core than SimPy could do on all 64 cores.

The speed is not only due to the efficient coroutines. Other parts are also designed for speed, such as a hash-heap event queue (binary heap plus Fibonacci hash map), fast random number generators and distributions, memory pools for frequently used object types, and so on.

The initial implementation supports the AMD64/x86-64 architecture for Linux and Windows. I plan to target Apple Silicon next, then probably ARM.

I believe this may interest the HN community. I would appreciate your views on both the API and the code. Any thoughts on future target architectures to consider?

Docs: https://cimba.readthedocs.io/en/latest/

Repo: https://github.com/ambonvik/cimba

The article describes AdBoost, a powerful machine learning algorithm that combines weak classifiers to create a strong, accurate classifier. It provides a detailed explanation of the algorithm's principles and implementation, making it a valuable resource for researchers and developers interested in boosting techniques.

I recently saw a post from the Vercel CEO pointing out that LLMs understand websites much better when they can request:

`Accept: text/markdown`

Most websites today are built for humans. When AI agents try to consume them, they get complex HTML instead of clean, structured content.

So I built *accept-md* – a simple open-source package for Next.js that helps solve this.

Getting started is intentionally minimal:

``` npx accept-md init ```

After that, your existing Next.js routes can automatically respond with Markdown whenever an AI agent (or any client) requests it. No redesigns, no CMS changes, and no duplicate pages to maintain.

Right now the project is:

* Focused only on Next.js * Middleware-based and lightweight * Designed to work with existing apps * A small step toward more AI-friendly websites

This is an early experiment, but I think the idea itself matters as AI agents become first-class consumers of the web.

I’ve open-sourced it and would love help with:

* Better markdown extraction * Edge cases across Next.js setups * Performance and caching * Tests and examples * Documentation * Eventually adapters for other frameworks

Would love feedback from the HN community on the approach – and whether `Accept: text/markdown` feels like a pattern worth standardizing for the AI-native web.

Hey folks,

today we at Currents are releasing a brand new AI skill to help AI agents be really smart when writing tests, debugging them, or anything Playwright-related really.

This is a very comprehensive skill, covering everyday topics like fixing flakiness, authentication, or writing fixtures... to more niche topics like testing Electron apps, PWAs, iFrames and so forth. It should make your agent much better at writing, debugging and maintaining Playwright code.

for whoever didn't learn about skills yet, it's a new powerful feature that allows you to make the AI agents in your editor/cli (Cursor, Claude, Antigravity, etc) experts in some domain and better at performing specific tasks. (See https://agentskills.io/home)

You can install it by running: npx skills add https://github.com/currents-dev/playwright-best-practices-sk...

The skill is open-source and available under MIT license at https://github.com/currents-dev/playwright-best-practices-sk... -> check out the repo for full documentation and understanding of what it covers.

We're eager to hear community feedback and improve it :)

Thanks!

At work I need to use Teams. It supports a few Markdown features, but the editing experience for long message isn't smooth. So, I often write in nvim, preview it in the browser and then copy paste to Teams. This tool help me get rid of the review and copy step.

Build with Rust + Claude Code. Tested on Windows and Mac, should works on Ubuntu as well.

Caveats: it's still up to the pasted app to handle the HTML clipboard content.

A simulator to be a president of Duckerican, made by AI, with random events generated by AI. Currently the simulator is rather simple, but this reveals a possibility to make more interesting applications with AI involved, beyond directly talking to the agents.

FIPSPad is an open-source software project that aims to provide a secure and privacy-focused notepad application, incorporating FIPS-validated cryptographic algorithms to protect user data. The project focuses on developing a cross-platform solution that is easy to use and offers advanced security features for sensitive information.

Inklings.social is a new social media platform that aims to provide a more positive and inclusive online experience by focusing on community-building, thoughtful discussion, and user agency over content moderation.

buquet (bucket queue) is a queue and workflow orchestration tool using only S3-compatible* object storage. S3 is the control plane making it much simpler than alternatives. This does come with tradeoffs (see docs), but I do believe there is a niche it can serve well.

https://horv.co/buquet.html https://github.com/h0rv/buquet

* see https://github.com/h0rv/buquet/blob/main/docs/guides/s3-comp...

The article explores the story of the last surviving worm on Earth, as it navigates a changing environment and faces the challenges of a world where its species has vanished. It provides a poignant and reflective look at the impact of environmental changes and the loneliness of being the last of one's kind.

Umbrel Pro is a premium version of the Umbrel self-hosted node platform, offering enhanced security, monitoring, and support features for advanced users and businesses looking to run a highly reliable Bitcoin and Ethereum node.

I'm Guy, the founder behind Snyk — now building Tessl, a package manager for agent skills.

We’ve recently witnessed that most teams still treat skills as static artifacts: markdown files, created or copied from repo to repo.

This approach offers a strong initial boost, but quickly creates debt:

- Skills are duplicated, and updates never roll out. - Poor quality skills go unseen, misguiding agents instead of helping. - Skill knowledge grows stale, and don’t keep up with the systems and practices they describe.

Without a way to evaluate skills, teams have no clear way to understand how good a skill actually is, or if it degraded over time.

Our belief is that evaluations are the foundation for having quality skills.

With that in mind, I’m glad to announce that Tessl Registry contains review evals for over 2,000 skills, and you can request an evaluation for any public skill.

Super excited to be launching this — keen to get your feedback, and looking forward to the many more enhancements in the queue!

The article presents a new enterprise-level version of the classic FizzBuzz programming challenge, featuring advanced features such as cloud integration, blockchain-based scoring, and a microservices architecture.