Show stories

The article describes the UVM32, an open-source, 32-bit RISC-V processor designed for educational and research purposes. It provides a flexible and customizable hardware platform for exploring computer architecture and processor design.

Hello HN! I'm happy to release this project today. It's a bidirectional calculator (hence the name bidicalc).

I've been obsessed with the idea of making a spreadsheet where you can update both inputs and outputs, instead of regular spreadsheets where you can only update inputs.

Please let me know what you think! Especially if you find bugs or good example use cases.

Hi HN, I've always been interested in fractals, especially the Mandelbrot and Julia sets. A few years ago I created a 2d viewer of this inherently 4d space. But the other day I decided to ask Claude and GPT how to make this a full RT 3d explorer. A few hours later and this was vibe coded.

To use it you can use the mouse to rotate the fractal the the mouse wheel to zoom in and out. to map from 4d to 3d, one of the dims is mapped to an adjustable slider. the there is also a clipping plane slider to help visualize the internal structures of the fractal.

I have mixed feelings about vibe coding. It was amazing to go from an idea to live implementation within a few hours, but in my coding projects, I've always appreciated the journey and the learning, not just the final product. Vibe coding kind of skips to the end which is exciting and efficient, but just not as fulfilling as struggling through a project step-by-step.

If you have heard of [Haven](https://github.com/guardianproject/haven), then Tripwire fills in the void for a robust anti evil maid solution after Haven went dormant.

The GitHub repo describes both the concept and the setup process in great details. For a quick overview, read up to the demo video.

There is also a presentation of Tripwire available on the Counter Surveil podcast: https://www.youtube.com/watch?v=s-wPrOTm5qo

Hi there, HN! We’re Jai and Sanket from DeepSource (YC W20), and today we’re launching Autofix Bot, a hybrid static analysis + AI agent purpose-built for in-the-loop use with AI coding agents.

AI coding agents have made code generation nearly free, and they’ve shifted the bottleneck to code review. Static-only analysis with a fixed set of checkers isn’t enough. LLM-only review has several limitations: non-deterministic across runs, low recall on security issues, expensive at scale, and a tendency to get ‘distracted’.

We spent the last 6 years building a deterministic, static-analysis-only code review product. Earlier this year, we started thinking about this problem from the ground up and realized that static analysis solves key blind spots of LLM-only reviews. Over the past six months, we built a new ‘hybrid’ agent loop that uses static analysis and frontier AI agents together to outperform both static-only and LLM-only tools in finding and fixing code quality and security issues. Today, we’re opening it up publicly.

Here’s how the hybrid architecture works:

- Static pass: 5,000+ deterministic checkers (code quality, security, performance) establish a high-precision baseline. A sub-agent suppresses context-specific false positives.

- AI review: The agent reviews code with static findings as anchors. Has access to AST, data-flow graphs, control-flow, import graphs as tools, not just grep and usual shell commands.

- Remediation: Sub-agents generate fixes. Static harness validates all edits before emitting a clean git patch.

Static solves key LLM problems: non-determinism across runs, low recall on security issues (LLMs get distracted by style), and cost (static narrowing reduces prompt size and tool calls).

On the OpenSSF CVE Benchmark [1] (200+ real JS/TS vulnerabilities), we hit 81.2% accuracy and 80.0% F1; vs Cursor Bugbot (74.5% accuracy, 77.42% F1), Claude Code (71.5% accuracy, 62.99% F1), CodeRabbit (59.4% accuracy, 36.19% F1), and Semgrep CE (56.9% accuracy, 38.26% F1). On secrets detection, 92.8% F1; vs Gitleaks (75.6%), detect-secrets (64.1%), and TruffleHog (41.2%). We use our open-source classification model for this. [2]

Full methodology and how we evaluated each tool: https://autofix.bot/benchmarks

You can use Autofix Bot interactively on any repository using our TUI, as a plugin in Claude Code, or with our MCP on any compatible AI client (like OpenAI Codex).[3] We’re specifically building for AI coding agent-first workflows, so you can ask your agent to run Autofix Bot on every checkpoint autonomously.

Give us a shot today: https://autofix.bot. We’d love to hear any feedback!

---

[1] https://github.com/ossf-cve-benchmark/ossf-cve-benchmark

[2] https://huggingface.co/deepsource/Narada-3.2-3B-v1

[3] https://autofix.bot/manual/#terminal-ui

I got tired of ASCII tables on the internet looking like they’re stuck in 1990.

So I built my own with a sleek dark theme, a search that accepts any input, and zero ads or other distractions.

OP here.

I built this because I recently caught myself almost pasting a block of logs containing AWS keys into Claude.

The Problem: I need the reasoning capabilities of cloud models (GPT/Claude/Gemini), but I can't trust myself not to accidentally leak PII or secrets.

The Solution: A Chrome extension that acts as a local middleware. It intercepts the prompt and runs a local BERT model (via a Python FastAPI backend) to scrub names, emails, and keys before the request leaves the browser.

A few notes up front (to set expectations clearly):

Everything runs 100% locally. Regex detection happens in the extension itself. Advanced detection (NER) uses a small transformer model running on localhost via FastAPI.

No data is ever sent to a server. You can verify this in the code + DevTools network panel.

This is an early prototype. There will be rough edges. I’m looking for feedback on UX, detection quality, and whether the local-agent approach makes sense.

Tech Stack: Manifest V3 Chrome Extension Python FastAPI (Localhost) HuggingFace dslim/bert-base-NER Roadmap / Request for Feedback: Right now, the Python backend adds some friction. I received feedback on Reddit yesterday suggesting I port the inference to transformer.js to run entirely in-browser via WASM.

I decided to ship v1 with the Python backend for stability, but I'm actively looking into the ONNX/WASM route for v2 to remove the local server dependency. If anyone has experience running NER models via transformer.js in a Service Worker, I’d love to hear about the performance vs native Python.

Repo is MIT licensed.

Very open to ideas suggestions or alternative approaches.

Hi HN,

I built EdgeVec, a vector database that runs entirely in the browser. It implements HNSW (Hierarchical Navigable Small World) graphs for approximate nearest neighbor search.

Performance: - Sub-millisecond search at 100k vectors (768 dimensions, k=10) - 148 KB gzipped bundle - 3.6x memory reduction with scalar quantization

Use cases: browser extensions with semantic search, local-first apps, privacy-preserving RAG.

Technical: Written in Rust, compiled to WASM. Uses AVX2 SIMD on native, simd128 on WASM. IndexedDB for browser persistence.

npm: https://www.npmjs.com/package/edgevec GitHub: https://github.com/matte1782/edgevec

This is an alpha release. Main limitations: build time not optimized, no delete operations yet.

Would love feedback from the community!

The article describes the development of PharmVault, an open-source software platform designed to securely store and manage pharmaceutical data. It highlights the platform's focus on data integrity, access control, and regulatory compliance for the pharmaceutical industry.

Hey HN, Waleed here. We're building Sim (https://sim.ai/), an open-source visual editor to build agentic workflows. Repo here: https://github.com/simstudioai/sim/. Docs here: https://docs.sim.ai.

You can run Sim locally using Docker, with no execution limits or other restrictions.

We started building Sim almost a year ago after repeatedly troubleshooting why our agents failed in production. Code-first frameworks felt hard to debug because of implicit control flow, and workflow platforms added more overhead than they removed. We wanted granular control and easy observability without piecing everything together ourselves.

We launched Sim [1][2] as a drag-and-drop canvas around 6 months ago. Since then, we've added:

- 138 blocks: Slack, GitHub, Linear, Notion, Supabase, SSH, TTS, SFTP, MongoDB, S3, Pinecone, ...

- Tool calling with granular control: forced, auto

- Agent memory: conversation memory with sliding window support (by last n messages or tokens)

- Trace spans: detailed logging and observability for nested workflows and tool calling

- Native RAG: upload documents, we chunk, embed with pgvector, and expose vector search to agents

- Workflow deployment versioning with rollbacks

- MCP support, Human-in-the-loop block

- Copilot to build workflows using natural language (just shipped a new version that also acts as a superagent and can call into any of your connected services directly, not just build workflows)

Under the hood, the workflow is a DAG with concurrent execution by default. Nodes run as soon as their dependencies (upstream blocks) are satisfied. Loops (for, forEach, while, do-while) and parallel fan-out/join are also first-class primitives.

Agent blocks are pass-through to the provider. You pick your model (OpenAI, Anthropic, Gemini, Ollama, vLLM), and and we pass through prompts, tools, and response format directly to the provider API. We normalize response shapes for block interoperability, but we're not adding layers that obscure what's happening.

We're currently working on our own MCP server and the ability to deploy workflows as MCP servers. Would love to hear your thoughts and where we should take it next :)

[1] https://news.ycombinator.com/item?id=43823096

[2] https://news.ycombinator.com/item?id=44052766

Hi HN,

A lot of the dev teams I have worked with had a lot of issues with their documentation. In fact, some of my easiest clients to get were from clients that had "black box" solutions that devs no longer at the company had created. Personally, writing documentation is like grinding nails on a chalkboard.

I have been having a lot of fun with building solutions that can run in a distributed way, not something a dev needs to run themselves. And after a significant amount of testing and building out several different solutions, I finally have a solution that is easy to set up and runs in the background continuously to automate the documentation process.

I'm looking for feedback on a few things: - Ease of onboarding, it should be a simple click -> select repos you want to add. - Quality of documentation, our current free accounts have a standard model compared to premium but the concepts are the same. - Dynamic environments: I tried to make this compatible with any random repo thrown at it.

Let me know your thoughts

I built Jottings because I was tired of my own thoughts getting trapped inside algorithmic feeds where I had to perform. There was a huge mental load before posting something on X or Instagram.

Every time I wanted to share something small or unfinished, I opened Twitter and lost 20 minutes to the timeline. Writing a blog post felt too heavy for those smaller, quick thoughts. I just wanted a place to write something down quickly and hit publish.

Jottings is that place. It gives you a clean microblog on a domain you own. Posts show up in simple chronological order. No likes. No followers. No feed trying to decide what matters.

What Jottings is - A microblogging platform that builds fully static microblog sites - A free subdomain (you.jottings.me) or connect your own domain on PRO plans - Markdown, tags, RSS feed, links with preview, and image uploads - An optional AI writing helper when you are stuck or lazy to fix grammar - Optimized for SEO and AI search friendly - Analytics for your sites

What it is not - Not a social network - Not an engagement funnel - Not trying to keep you on the site - Not a replacement for long-form blogging, though you can use it that way

How it works Each Jot publish triggers a static site rebuild. The site is stored in Cloudflare R2 and served directly at the edge. Custom domains go through Cloudflare SSL for SaaS. I built it to be boring, reliable (barring Cloudflare's latest issues), and cheap to run.

Pricing Free tier for a subdomain, text posts, and a lot more. USD5 per month for custom domains, images, full Markdown, and the writing helper. I priced it to be an easy yes.

Limitations - No comments (on purpose) - No native apps yet (iOS is coming) - The writing helper is helpful but not magic - I am a solo founder, so features move at human speed

I use Jottings regularly to document what I build. It has been the lowest-friction way I have found to publish anything publicly.

Demo of Jottings site for product updates: https://jottings.jottings.me/ Demo of my personal Jottings site: https://jottings.vishalvshekkar.com (with custom subdomain)

I would love feedback from this community. What would make this better or more useful for you?

Check it out here: https://jottings.me (2 min set up) Feel free to write to me at vishal@vishalvshekkar.com

— Vishal

Hi HN,

I built Verani, an experimental realtime SDK for Cloudflare Actors (Durable Objects).

The goal is to bring a familiar, event-based DX (rooms, emit, channels, lifecycle hooks) to Cloudflare Durable Objects, while handling hibernation correctly.

It focuses on - Socket.io-like semantics on top of Durable Objects - Proper Actor hibernation handling (WebSockets survive, state is restored) - Typed API with explicit tradeoffs.

It’s early and experimental, but functional. I built it mainly to explore DX and state management patterns on Cloudflare Actors, and I’d love feedback from people who’ve built realtime systems or used Durable Objects.

I built PhenixCode — an open-source, self-hosted and customizable alternative to GitHub Copilot Chat.

Why: I wanted a coding assistant that runs locally, with full control over models and data. Copilot is great, but it’s subscription-only and cloud-only. PhenixCode gives you freedom: use local models (free) or plug in your own API keys.

Use the new admin dashboard GUI to visually configure the RAG settings for multi-server management.

Hi HN!

I'm building a JavaScript debugger called Wirebrowser. It combines network inspection, request rewriting, heap snapshots, and live object search.

The main experimental feature is BDHS (Breakpoint-Driven Heap Search): it hooks into the JavaScript debugger and automatically captures a heap snapshot at every pause and performs a targeted search for the value or structure of interest. This reveals the moment a value appears in memory and the user-land function responsible for creating it.

Another interesting feature is the Live Object Search: it inspects runtime objects (not just snapshots), supports regex and object similarity, and lets you patch objects directly at runtime.

Whitepaper: https://fcavallarin.github.io/wirebrowser/BDHS-Origin-Trace

Feedback very welcome, especially on whether BDHS would help your debugging workflow.

The article discusses the future of news consumption in 2035, predicting a shift towards more personalized, interactive, and immersive news experiences driven by advancements in technology and user preferences.

Hi HN. I'm the creator of Autism Simulator[1], a choose-your-own-adventure story. I used a library called Inkle for the CYOA logic but I really had to push the limits of the JS implementation of Inkle to get it to accomodate player stats over time (and it was fragile!).

So I've built my own CYOA adventure library.

[1] https://autism-simulator.vercel.app/

This project reconstructs the Epstein email records from the recent U.S. House Oversight Committee releases using only public-domain documents (23,124 image files + 2,800 OCR text files).

Most email pages contain only one real message, buried under layers of repeated headers/footers. I wanted to rebuild the conversations without all the surrounding noise.

I used an OCR + vision-LLM pipeline to extract individual messages from the email screenshots, normalize senders/recipients, rebuild timestamps, detect duplicates, and map threads. The output is a structured SQLite database that runs client-side via SQL.js (WebAssembly).

The repository includes the full extraction pipeline, data cleaning scripts, schema, limitations, and implementation notes. The interface is a lightweight PWA that displays the reconstructed messages in a phone-style UI, with links back to every original source image for verification.

Live demo: https://epsteinsphone.org

All source data is from the official public releases; no leaks or private material.

Happy to answer questions about the pipeline, LLM extraction, threading logic, or the PWA implementation.

Mobile keyboards today are almost entirely based on the 26-key, 3-row QWERTY layout. Here’s a new 2-row, 16-key alternative designed specifically for smartphones.

Built this over the last few days, based on a Rust codebase that parses the latest ALPR reports from OpenStreetMaps, calculates navigation statistics from every tagged residential building to nearby amenities, and tests each route for intersection with those ALPR cameras (Flock being the most widespread).

These have gotten more controversial in recent months, due to their indiscriminate large scale data collection, with 404 Media publishing many original pieces (https://www.404media.co/tag/flock/) about their adoption and (ab)use across the country. I wanted to use open source datasets to track the rapid expansion, especially per-county, as this data can be crucial for 'deflock' movements to petition counties and city governments to ban and remove them.

In some counties, the tracking becomes so widespread that most people can't go anywhere without being photographed. This includes possibly sensitive areas, like places of worship and medical facilities.

The argument for their legality rests upon the notion that these cameras are equivalent to 'mere observation', but the enormous scope and data sharing agreements in place to share and access millions of records without warrants blurs the lines of the fourth amendment.

I'm building an open source Amazon.

In other words, an open source decentralized marketplace. But like Carl Sagan said, to make an apple pie from scratch, you must first invent the universe.

So first I had to make open source management systems for every vertical. I'm launching the first one today, Openfront e-commerce, an open source Shopify alternative. Next will be Openfront restaurant, Openfront grocery, and Openfront gym.

And all of these Openfronts will connect to our decentralized marketplace, "the/marketplace", seamlessly. Once we launch other Openfronts, you'll be able to do everything from booking hotels to ordering groceries right from one place with no middle men. The marketplace simply connects to the Openfront just like its built-in storefront does.

Together, we can use open source to disrupt marketplaces and make sure sellers, in every vertical, are never beholden to them.

Marketplace: https://marketplace.openship.org

Openfront platforms: https://openship.org/openfront-ecommerce

Source code: https://github.com/openshiporg/openfront

Demo - Openfront: https://youtu.be/jz0ZZmtBHgo

Demo - Marketplace: https://youtu.be/LM6hRjZIDcs

Part 1 - https://news.ycombinator.com/item?id=32690410

The eslint-plugin-styled-jsx is a linting tool that helps enforce best practices and consistency in the use of the styled-jsx library, a popular CSS-in-JS solution for React applications. This plugin provides a set of rules to ensure proper styling, naming conventions, and other style-related best practices are followed in the codebase.

I’ve been working on gotui, a modern fork of the unmaintained termui, rebuilt on top of tcell for TrueColor, mouse support, and proper resize handling. It keeps the simple termui-style API, but adds a bunch of new widgets (charts, gauges, world map, etc.), nicer visuals (collapsed borders, rounded corners), and input components for building real dashboards and tools. Under the hood the renderer’s been reworked for much better performance, and I’d love feedback on what’s missing for you to use it in production.

wget https://github.com/beehive-lab/TornadoVM/releases/download/v... unzip tornadovm-2.1.0-opencl-linux-amd64.zip # Replace <path-to-sdk> manually with the absolute path of the extracted folder export TORNADO_SDK="<path-to-sdk>/tornadovm-2.1.0-opencl" export PATH=$TORNADO_SDK/bin:$PATH

tornado --devices tornado --version

# Navigate to the project directory cd GPULlama3.java

# Source the project-specific environment paths -> this will ensure the source set_paths

# Build the project using Maven (skip tests for faster build) # mvn clean package -DskipTests or just make make

# Run the model (make sure you have downloaded the model file first - see below) ./llama-tornado --gpu --verbose-init --opencl --model beehive-llama-3.2-1b-instruct-fp16.gguf --prompt "tell me a joke"

I built a procedurally generated word-search game where the puzzle never ends - as you scroll, the grid expands infinitely and new words appear. It’s designed to be quick to pick up, satisfying to play, and a little addictive.

The core game works without an account using the pre-defined games, but signing up allows you to generate games using any topic you can think of.

I’d love feedback on gameplay, performance, and whether the endless format feels engaging over time. If you try it, I’d really appreciate any bug reports or suggestions.

Thanks in advance!

I modified my terminal Jupyter client, euporie [1], to run using pyodide in the browser.

It's akin to JupyterLite, providing a temporary online Python notebook environment without the need to install any Python packages. It's potentially useful if you need to do a bit of quick interactive work in Python, but don't have the environment set up ready to do so.

Since actual jupyter kernels can't run in pyodide (they run as subprocesses and communicate over ZMQ), it uses an in-process Python kernel which runs on the same interpreter as the application itself.

Notebooks and files can be saved persistently to a local-storage based file system. It uses xterm.js as the terminal emulator (though I'm keen to test out ghostty-web).

[1] https://news.ycombinator.com/item?id=27091167

What started as a Claude Code experiment turned into a browser-native SQL workbench I now use daily.

Runs DuckDB WASM entirely in your browser. No backend, no installation, no signup.

- Query local files (CSV, Parquet, Excel) – data never leaves your machine - Handles 100M+ rows, 50GB+ files in a browser tab - Full UI: Monaco editor, schema explorer, spreadsheet-style results grid - Share SQL via URL – anyone can run your query instantly - BigQuery connector built-in (Snowflake coming)

v0.2 – actively developing. Feedback welcome.

GitHub (MIT): https://github.com/hfmsio/dbxlite

This article provides a primer on WebGL2 and GLSL, covering topics such as shaders, GPU programming, and practical examples to help developers get started with creating advanced graphics in the browser.

I built AlgoDrill because I kept grinding LeetCode, thinking I knew the pattern, and then completely blanking when I had to implement it from scratch a few weeks later.

AlgoDrill turns NeetCode 150 and more into pattern-based drills: you rebuild the solution line by line with active recall, get first principles editorials that explain why each step exists, and everything is tagged by patterns like sliding window, two pointers, and DP so you can hammer the ones you keep forgetting. The goal is simple: turn familiar patterns into code you can write quickly and confidently in a real interview.

https://algodrill.io

Would love feedback on whether this drill-style approach feels like a real upgrade over just solving problems once, and what’s most confusing or missing when you first land on the site.

Hey HN! Like most here regular meetings have always been a big part of my work.

Over the years I've learned the value of active note taking in these meetings. Meaning: not minutes, not transcriptions or AI summaries, but me using my brain to actively pull out the key points in short form bullet-like notes, as the meeting is going on, as I'm talking and listening (and probably typing with one hand). This could be agenda points to cover, any interesting sidebars raised, insights gotten to in a discussion, actions agreed to (and a way to track whether they got done next time!).

It's both useful just to track what's going on in all these different meetings week to week (at one point I was doing about a dozen 1-1s per week, and it just becomes impossible to hold it in RAM) but also really valuable over time when you can look back and see the full history of a particular meeting, what was discussed when, how themes and structure are changing, is the meetings effective, etc.

Anyway, I've tried a bunch of different tools for taking these notes over the years. All the obvious ones you've probably used too. And I've always just been not quite satisfied with the experience. They work, obviously (it's just text based notes at the end of the day) but nothing is first-class for this usecase.

So, I decided to build the tool I've always felt I want to use, specifically for regular 1-1s and other types of regular meetings. I've been using it myself and with friends for a while already now, and I think it's got to that point where I actually prefer to reach for it over other general purpose note taking tools now, and I want to share it more widely.

There's a free tier so you can use it right away, in fact without even signing up.

If you've also been wanting a better system to manage your notes for regular meetings, give it a go and let me know what you think!