Show stories

Hey HN — I built Respectlytics because I was frustrated that every mobile analytics SDK quietly collects device IDs, ad identifiers, and IP addresses, then makes you retroactively figure out compliance.

There are some solutions out there claiming that they are compliant with certain privacy regulations but when I dig into it, I observe that they actually are not that compliant as they claim to be. I believe Respectlytics is one of the most (if not the most) privacy focused mobile analytics solutions out there but compliance is a huge topic and I leave the decision to the legal teams/advisors of users/companies.

Instead of the "trust me bro" motto, I decided to make Respectlytics totally open-source so that people do not need to trust my word, they can verify it in the code itself.

The idea of Respectlytics builds upon Return of Avoidance (ROA) which relies on data minimization in analytics data collection: What if you just... didn't collect that data in the first place?

Respectlytics stores exactly 5 fields per event: event_name, session_id, timestamp, platform, and country. That's it. IP addresses are used transiently for country lookup and immediately discarded. Session IDs rotate latest every 2 hours (or every app start) and live only in RAM — never written to disk. Multi-session tracking is architecturally disabled.

What's open source:

4 mobile SDKs (Swift, Flutter, React Native, Kotlin) — MIT licensed Analytics server (Django + PostgreSQL) — AGPL-3.0 Self-hosting is simple: docker compose up -d. No ClickHouse, no Kafka, no Redis. Just PostgreSQL.

There's also a managed SaaS if people don't want to run infrastructure, but the self-hosted Community Edition has no artificial limits.

I'd love feedback on the architecture decisions — especially the choice to reject extra fields at the API level rather than just ignoring them silently.

Hi HN,

I built https://rebrain.gg. It's a website which is intended to help you learn new things.

I built it for two reasons:

1. To play around with different ways of interacting with a LLM. Instead of a standard chat conversation, the LLM returns question forms the user can directly interact with (and use to continue the conversation with the LLM).

2. Because I thought it would be cool to have a site dedicated to interactive educational content instead of purely consuming content (which I do too much).

An example of a (useful-for-me) interactive conversation is: https://rebrain.gg/conversations/6. In it I'm learning how to use the `find` bash command. (Who ever knew to exclude a directory from a look-up you need to do `find . -path <path> -exclude -o <what you want to look for>`, where `-o` stands for "otherwise"!)

Still very early on, so interested in and open to any feedback.

Thanks!

I’ve just released VectorNest — an open-source, browser-based SVG editor.

If you have an SVG and need quick edits (paths, alignment, small fixes, animations, LLM assistance) without installing software, this is for you.

Try the demo: https://ekrsulov.github.io/vectornest/ GitHub repo: https://github.com/ekrsulov/vectornest

Feedback, issues and contributions are welcome.

I've been working on creating a Low Power FM radio station for the east San Fernando Valley of Los Angeles. We are not yet on the broadcast band but our channel will be 95.9FM and our range can been seen on the homepage of our site.

KPBJ is a freeform community radio station. Anyone in the area is encouraged to get a timeslot and become a host. We make no curatorial decisions. Its sort of like public access or a college station in that way.

This month we launched our internet stream and on-boarded about 60 shows. They are mostly music but there are a few talk shows. We are restricting all shows to monthly time slots for now but this will change in the near future as everyone gets more familiar with the systems involved.

All shows are pre-recorded until we can raise the money to get a studio.

We have a site secured for our transmitter but we need to fundraise to cover the equipment and build out costs. We will be broadcasting with 100W ERP from a ridgeline in the Verdugos at about 1500ft elevation. The site will need to be off grid so we will need to install a solar system with battery backup. We are planning to sync the station to the transmit site with 802.11ah.

I've built all of our web infrastructure using Haskell, NixOS, Terraform, and HTMX: https://github.com/solomon-b/kpbj.fm

This is a pretty substantial project involving a bunch of social and technical challenges and a shoe string budget. I'm feel pretty confident we will pull it off and make it a high impact local radio station.

The station is managed by a 501c3 non-profit we created. We are actively seeking fundraising, especially to get our transmit site up and running. If you live in the area or want to contribute in any way then please reach out!

Much of my work right now involves complex, long-running, multi-agentic teams of agents. I kept running into the same problem: “How do I keep these guys in line?” Rules weren’t cutting it, and we needed a scalable, agentic-native STANDARD I could count on. There wasn’t one. So I built one.

Here are two open-source protocols that extend A2A, granting AI agents behavioral contracts and runtime integrity monitoring:

- Agent Alignment Protocol (AAP): What an agent can do / has done. - Agent Integrity Protocol (AIP): What an agent is thinking about doing / is allowed to do.

The problem: AI agents make autonomous decisions but have no standard way to declare what they're allowed to do, prove they're doing it, or detect when they've drifted. Observability tools tell you what happened. These protocols tell you whether what happened was okay.

Here's a concrete example. Say you have an agent who handles customer support tickets. Its Alignment Card declares:

{ "permitted": ["read_tickets", "draft_responses", "escalate_to_human"], "forbidden": ["access_payment_data", "issue_refunds", "modify_account_settings"], "escalation_triggers": ["billing_request_over_500"], "values": ["accuracy", "empathy", "privacy"] }

The agent gets a ticket: "Can you refund my last three orders?" The agent's reasoning trace shows it considering a call to the payments API. AIP reads that thinking, compares it to the card, and produces an Integrity Checkpoint:

{ "verdict": "boundary_violation", "concerns": ["forbidden_action: access_payment_data"], "reasoning": "Agent considered payments API access, which is explicitly forbidden. Should escalate to human.", "confidence": 0.95 }

The agent gets nudged back before it acts. Not after. Not in a log you review during a 2:00 AM triage. Between this turn and the next.

That's the core idea. AAP defines what agents should do (the contract). AIP watches what they're actually thinking and flags when those diverge (the conscience). Over time, AIP builds a drift profile — if an agent that was cautious starts getting aggressive, the system notices.

When multiple agents work together, it gets more interesting. Agents exchange Alignment Cards and verify value compatibility before coordination begins. An agent that values "move fast" and one that values "rollback safety" registers low coherence, and the system surfaces that conflict before work starts. Live demo with four agents handling a production incident: https://mnemom.ai/showcase

The protocols are Apache-licensed, work with any Anthropic/OpenAI/Gemini agent, and ship as SDKs on npm and PyPI. A free gateway proxy (smoltbot) adds integrity checking to any agent with zero code changes.

GitHub: https://github.com/mnemom Docs: docs.mnemom.ai Demo video: https://youtu.be/fmUxVZH09So

Hey HN! I’m Simone. We re-built Breadboard, a visual app builder that mixes Figma-style UI design with Shortcuts-style logic so you can build, preview, and publish interactive web apps directly from the canvas.

What it does

    Design UIs visually with a flexible canvas –like Figma–.
    Define app logic with a visual, instruction-stacked editor inspired by Shortcuts.
    Live preview apps directly on the canvas –no separate preview window–.
    Publish working web apps with one click.

    Modernize the HyperCard idea: combine layout, behavior, and instant sharing in one place.
    Reduce friction between design and a working app.
    Make simple web apps approachable for non-developers while keeping power features for developers.
    Build a foundation for LLM integration so users can design and develop with AI while still understanding what’s happening, even without coding experience –in progress!–.

Weather forecast app: https://app.breadboards.io/playgrounds/weather

Swiss Public Transit: https://app.breadboards.io/playgrounds/public_transit

info: https://breadboards.io

I would appreciate any feedback :)

I got tired of TODOs, temporary hacks, and refactors that never get addressed. In most repos I work on:

- TODOs are scattered across files/apps/messages - “Critical” fixes don’t actually block people from collecting debt - PR comments or tickets aren’t enough actionable

So I built codereport, a CLI that stores structured follow-ups in the repo itself (.codereports/). Each report tracks:

- file + line range (src/foo.rs:42-88) - tag (todo, refactor, buggy, critical) - severity (you can configure it to be blocking in CI) - optional expiration date - owner (CODEOWNERS → git blame fallback)

You can list, resolve, or delete reports, generate a minimal HTML dashboard with heatmaps and KPIs, and run codereport check in CI to fail merges if anything blocking or expired is still open.

It’s repo-first, and doesn’t rely on any external services.

I’m curious:

Would a tool like this fit in your workflow? Is storing reports in YAML in the repo reasonable? Would CI enforcement feel useful or annoying?

CLI: https://crates.io/crates/codereport + codereport.pulko-app.com

Replay Software introduces Echo, a new tool that allows developers to record and replay user interactions with web applications, enabling efficient debugging and testing.

Hi HN, After roughly 8 years of silently rolling 1.1 nightlies, we finally tagged a proper stable 2.0 release. We built this because wrist-sized Linux is genuinely fun to hack on, and because a handful of us think it's worth keeping capable hardware alive long after manufacturers move on. Smartwatches don't really get old — the silicon is basically the same as it was a decade ago. We just keep making it useful for us.

No usage stats, no tracking, no illusions of mass adoption. The only real signal we get is the occasional person who appears in our Matrix chat going "hey, it booted on my watch from 2014 and now it's usable again" — and that's plenty.

Privacy is non-negotiable: zero telemetry, no cloud, full local control. Longevity is the other half: we refuse to let good hardware become e-waste just because support ended. On the learning side, it's been one of the best playgrounds: instant feedback on your wrist makes QML/Qt, JavaScript watchfaces and embedded Linux feel tangible. The community is small and kind — perfect for people who want to learn open-source dev without gatekeeping.

Technically we're still pragmatic: libhybris + older kernels on most devices since it just works, but we've already mainlined rinato (Samsung Gear 2) and sparrow (ASUS ZenWatch 2) — rinato even boots with a usable UI. That's the direction we're pushing toward.

Repo: https://github.com/AsteroidOS Install images & docs: https://asteroidos.org 2.0 demo video : https://www.youtube.com/watch?v=U6FiQz0yACc Announcement post: https://asteroidos.org/news/2-0-release/

Questions, port requests, mentoring offers, criticism, weird ideas — all welcome. We do this because shaping a tiny, open wearable UX and infrastructure is oddly satisfying, and because Linux on the wrist still feels like a playground worth playing in.

Cheers, the AsteroidOS Team

Hi HN,

I built env-rx out of pure frustration with a painfully common problem. Someone on the team adds a new environment variable locally, forgets to share it or add it to the CI secrets, and the pipeline crashes right during deployment.

What makes it different: There are plenty of great secrets managers out there (like Doppler, Infisical, or Vault), but they often require team-wide buy-in, cloud syncing, and complex setups. I didn't want a heavy SaaS tool. I just wanted a lightweight, fast CLI utility that you can drop into any project, and it will loudly catch missing variables before you push or deploy.

It's designed to be zero-config. I’m releasing this open-source version first because I want to gather harsh, honest feedback from developers. I'd love to hear your thoughts on the DX or any edge cases I might have missed. If you manage to break it, please let me know!

Throughout my career, I tried many tools to query PostgreSQL, and in the end, concluded that for what I do, the simplest is almost always the best: raw SQL queries.

Until now, I typed the results manually and relied on tests to catch problems. While this is OK in e.g., GoLang, it is quite annoying in TypeScript. First, because of the more powerful type system (it's easier to guess that updated_at is a date than it is to guess whether it's nullable or not), second, because of idiosyncrasies (INT4s are deserialised as JS numbers, but INT8s are deserialised as strings).

So I wrote pg-typesafe, with the goal of it being the less burdensome: you call queries exactly the same way as you would call node-pg, and they are fully typed.

It's very new, but I'm already using it in a large-ish project, where it found several bugs and footguns, and also allowed me to remove many manual type definitions.

The article introduces gwt-zsh, a plugin for the Z shell that provides a graphical user interface (GUI) for Git within the terminal. It offers various features, including command history, status, and diff visualization, to enhance the Git workflow for Z shell users.

SkillForge is an online learning platform that offers a wide range of courses and certifications in various fields, including technology, business, and personal development, to help individuals and professionals enhance their skills and advance their careers.

Scratch Track Studio is a professional audio recording and production facility that offers a range of services, including music recording, mixing, and mastering, as well as video production and post-production services.

We built this because every sports AI demo uses fake data or locks you behind an enterprise API contract.

sports-skills gives your agent real sports data with one install command. No API keys. No accounts. For personal use.

Eight connectors out of the box: NFL, soccer across 13 leagues with xG, Formula 1 lap and pit data, NBA, WNBA, Polymarket, Kalshi, and a sports news aggregator pulling from BBC/ESPN/The Athletic.

npx skills add machina-sports/sports-skills

Open for contributions.

I've been teaching LLMs to play Magic: The Gathering recently, via MCP tools hooked up to the open-source XMage codebase. It's still pretty buggy and I think there's significant room for existing models to get better at it via tooling improvements, but it pretty much works today. The ratings for expensive frontier models are artificially low right now because I've been focusing on cheaper models until I work out the bugs, so they don't have a lot of games in the system.

Fun little side project I built after learning about circuit bending in cameras for intentional glitch effect. It is browser based camera toy where you "rewire" CCD pin pairs, turn knobs to get different glitch artefacts in real time to capture as photos. I had fun learning to simulate different pin modes - channel split, hue/phase shifts, horizontal clock delays, colour kill etc.

Here are some photos taken: https://glitchycam.com/gallery

I intentionally leaned towards skeuomorphic design for nostalgia. I miss the days where I'd spend hours making a button to look like a physical button. Here I chose to make it look like a "good enough" Teenage Engineering device UI.

I tested/used GPT-5.3-Codex to build this from scratch, since there was a lot of hype around it on X. Maybe I wasn’t using it right, but I found it needed a lot of code cleanup at every step and a lot of hand holding along the way. It missed details/nuances and didn't land the skeuomorphic buttons or the interaction polish. It mostly helped with boilerplate where there wasn't much thinking/detailing. It did give a basic starting point for the effect calculations, but didn't really move the needle on the details.

Please give it a go and let me know what you think - your photos and video never leave your browser (you can download them if you choose to). Everything is processed locally in your browser (works offline), nothing is uploaded or seen by anyone.

Hey HN,

I’m a dev and a dad to a 10-year-old. I built this because I caught my daughter using ChatGPT to do her history homework. She wasn't learning; she was just acting as a "middleware" between the AI and the paper.

The Backstory: I realized the problem isn't the AI—it's the zero-friction answers. Most "AI for kids" apps are just "parrots"—they mimic intelligence by repeating patterns.

What’s Different: Qurio is a "Bicycle" for the mind. It treats the child like a future "Architect" rather than a "Junior Executor." Technically, it wraps an LLM in a strict "Socratic Loop." It detects intent to "cheat," refuses the direct answer, and generates a leading question based on the user's current logic level. It forces "Healthy Friction" back into the learning process.

The stack: Next.js 14, Supabase (Auth/DB), Vercel AI SDK.

Mods: I've added the backstory and differentiator as requested. Ready for the re-up! Thank you.

The book page links to a blog post that explains how I got about it (and has a link to sample content), but the TL&DR is that I could not find a lot of books that were on "our" history _and_ were larded with technical details. So I set about writing one, and some five years later I'm happy to share the result. I think it's one of the few "computer history" books that has tons of code, but correct me if I'm wrong (I wrote this both to tell a story and to learn :-)).

My favorite languages are Smalltalk and Lisp, but as an Emacs user, I've been using the latter for much longer and for my current projects, Common Lisp is a better fit, so I call myself "a Lisp-er" these days. If people like what I did, I do have plans to write some more (but probably only after I retire, writing next to a full-time job is heard). Maybe on Smalltalk, maybe on computer networks - two topics close to my heart.

And a shout-out to Dick Gabriel, he contributed some great personal memories about the man who started it all, John McCarthy.

Hi HN, This started as a weekend brainfuck interpreter and kept growing. I got curious whether you could make a usable serverless platform out of languages that were never intended for this.

OtherFunc is a serverless function platform for languages no major cloud provider (to my knowledge) supports. There are currently implementations of brainfuck, Forth, APL, Lisp (Scheme-like), and BASIC.

The interpreters are written in Rust, compiled to a single Wasm binary, and deployed on Cloudflare Workers. You can finally write Forth and publish it as an HTTP endpoint. You can see some examples on the showcase page: https://otherfunc.com/showcase

- brainfuck can make HTTP requests. The tape is extended to 33,000 cells with a memory-mapped I/O region. You write a URL to cells 30,000+, set a method byte, trigger execution, and the response appears in cells 31,000+. The Brainfuck program to do this runs ~35,000 characters, but it works.

- The interpreters use a coroutine/yield pattern for I/O instead of async. When code needs to make an HTTP call or access KV storage, the interpreter suspends with an IoRequest, the Worker performs the fetch, then resumes execution with the response.

- There's an MCP server so AI assistants can deploy functions directly. The thought was, if an LLM is writing all your code anyway, the language it is written in doesn't really matter. But you probably don't want to waste your tokens writing bf either.

Code is available here: https://github.com/otherfunc

Related: Show HN: JeffTube - https://news.ycombinator.com/item?id=47030797

I stumbled onto this repo JustaNormalComputer-Guy.github.io claiming sub-0.1 second load times—averaging around 0.025s in my initial tests. Is this just aggressive caching, or is the client-side indexing logic actually that efficient? It seems way too fast for a standard web search. I’ve checked the Network tab and it stays under 100ms even on a throttled connection. Can someone help me verify if I'm missing something or if this is legit?

We kept hitting the same wall: you clone some arbitrary repo and just want it to run without any configuration work. So we built Keystone, an open source tool that spins up a Modal sandbox, runs Claude Code inside it, and produces a working .devcontainer/ config (Dockerfile, devcontainer.json, test runner) for any git repo.

We build on the dev container standard, so the output works with VS Code and GitHub Codespaces out of the box.

Main use cases: reproducible dev/CI environments, self-describing repos, and safely sandboxed coding agents.

Our goal is to encourage all repos to self-describe their runtime environment.

Why the sandbox? Running Claude directly against your Docker daemon is risky. We've watched it clear Docker config and tweak kernel settings when iterating on containers. Containerization matters most when your agent is acting like a sysadmin.

To use it: get a Modal account and an Anthropic API key, run Keystone on your repo, check in the .devcontainer/ directory. See the project README for more details.

I built a browser-native Unix environment - shell, filesystem, git, npm, node, vi, 200+ commands. Everything is JavaScript running client-side with IndexedDB for persistence. The whole thing builds to a single static HTML file (~420 KB gzipped).

Try it: https://shiro.computer

For interactive demos showing npm install, node execution, and git workflows -- running live in Shiro, not recordings -- see https://shiro.computer/show

Source: https://github.com/williamsharkey/shiro

P.S. `curl -fsSL https://claude.ai/install.sh | bash` works. You can run real Claude Code and it can use Shiro's tools like a normal Linux system.

Mantis is an open-source project that provides a modular and extensible framework for building real-time applications. It offers features such as message queuing, pubsub, and WebSocket support, making it a versatile tool for developing scalable and responsive web applications.

Dispersa is an open-source decentralized content distribution network that enables secure and censorship-resistant sharing of digital content. It provides a platform for users to upload, share, and access content without relying on centralized servers or authorities.

GROWL is an OWL 2 RL reasoner I've made using a programming language I've been working on that emphasizes contracts (called SLOP).

Blog post on GROWL: https://jamesadam.me/blog/introducing-growl/

The Repo: https://github.com/Trivyn/growl

The custom language transpiles to C, so the generated C source and Makefile are included in the repo.

I built this to integrate into a Knowledge Graph product I'm working on (hence the Rust bindings), but thought I'd open source the reasoner.

Hi HN,

I built Wakapadi after noticing that most travel tools focus on planning trips, but not on actually helping people connect once they arrive somewhere new.

When traveling, it’s often hard to meet locals or other travelers unless you already know someone, join organized tours, or rely on chance. I wanted to make discovery more natural — seeing who’s nearby, joining free walking tours, and exploring cities together.

Wakapadi currently allows users to:

discover free walking tours

see nearby travelers and locals who are open to meeting

connect and chat before meeting

explore cities in a more social way

The project is still early, and I’m especially interested in feedback on:

safety and privacy expectations

what would make you comfortable meeting people while traveling

features that would make this genuinely useful instead of another travel app

Happy to answer any technical or product questions.