🛠️ All DevTools

[Database] Dolt – Git for Data

[Other] Lightpanda: the headless browser designed for AI and automation

[CLI Tool] Show HN: fftool – A Terminal UI for FFmpeg – Shows Command Before It Runs

[Other] Hyperlinks in Terminal Emulators

[Other] Show HN: OpenClaw-class agents on ESP32 (and the IDE that makes it possible)

[Other] Show HN: Every Developer in the World, Ranked We&#x27;ve indexed 5M+ GitHub users and built a ranking system that goes beyond follower counts. The idea started from frustration: GitHub is terrible for discovery. You can&#x27;t answer &quot;who are the best Python developers in Berlin?&quot; or &quot;who identified transformer-based models before they blew up?&quot; without scraping everything yourself. So we did.<p>What we built: CodeRank score - a composite reputation signal across contributions, repository impact, and community influence Tastemaker score - did you star repos at 50 stars that now have 50,000? We track that Comparison Builder - allows users to build comparison graphics to compare devs, repos, orgs, etc. Sharable Profile Graphics - share your scores and flex on your coworkers or the community at large<p>Some things we found interesting: Most-followed ≠ most influential. The correlation between follower count and tastemaker score is surprisingly weak. There&#x27;s a whole tier of developers who consistently find projects weeks and months before they trend, with almost no public following.<p>Location data on GitHub is a disaster. We spent an embarrassing amount of time on normalization and it&#x27;s still not anywhere near perfect.<p>Try it: <a href="https:&#x2F;&#x2F;coderank.me&#x2F;" rel="nofollow">https:&#x2F;&#x2F;coderank.me&#x2F;</a><p>If your profile doesn&#x27;t have a score, signing in will trigger scoring for your account.<p>Curious what the HN crowd thinks about the ranking methodology, happy to get into the weeds on any of it.

[API/SDK] Launch HN: IonRouter (YC W26) – High-throughput, low-cost inference Hey HN — I’m Veer and my cofounder is Suryaa. We&#x27;re building Cumulus Labs (YC W26), and we&#x27;re releasing our latest product IonRouter (<a href="https:&#x2F;&#x2F;ionrouter.io&#x2F;" rel="nofollow">https:&#x2F;&#x2F;ionrouter.io&#x2F;</a>), an inference API for open-source and fine tuned models. You swap in our base URL, keep your existing OpenAI client code, and get access to any model (open source or finetuned to you) running on our own inference engine.<p>The problem we kept running into: every inference provider is either fast-but-expensive (Together, Fireworks — you pay for always-on GPUs) or cheap-but-DIY (Modal, RunPod — you configure vLLM yourself and deal with slow cold starts). Neither felt right for teams that just want to ship.<p>Suryaa spent years building GPU orchestration infrastructure at TensorDock and production systems at Palantir. I led ML infrastructure and Linux kernel development for Space Force and NASA contracts where the stack had to actually work under pressure. When we started building AI products ourselves, we kept hitting the same wall: GPU infrastructure was either too expensive or too much work.<p>So we built IonAttention — a C++ inference runtime designed specifically around the GH200&#x27;s memory architecture. Most inference stacks treat GH200 as a compatibility target (make sure vLLM runs, use CPU memory as overflow). We took a different approach and built around what makes the hardware actually interesting: a 900 GB&#x2F;s coherent CPU-GPU link, 452GB of LPDDR5X sitting right next to the accelerator, and 72 ARM cores you can actually use.<p>Three things came out of that that we think are novel: (1) using hardware cache coherence to make CUDA graphs behave as if they have dynamic parameters at zero per-step cost — something that only works on GH200-class hardware; (2) eager KV block writeback driven by immutability rather than memory pressure, which drops eviction stalls from 10ms+ to under 0.25ms; (3) phantom-tile attention scheduling at small batch sizes that cuts attention time by over 60% in the worst-affected regimes. We wrote up the details at cumulus.blog&#x2F;ionattention.<p>On multimodal pipelines we get better performance than big players (588 tok&#x2F;s vs. Together AI&#x27;s 298 on the same VLM workload). We&#x27;re honest that p50 latency is currently worse (~1.46s vs. 0.74s) — that&#x27;s the tradeoff we&#x27;re actively working on.<p>Pricing is per token, no idle costs: GPT-OSS-120B is $0.02 in &#x2F; $0.095 out, Qwen3.5-122B is $0.20 in &#x2F; $1.60 out. Full model list and pricing at <a href="https:&#x2F;&#x2F;ionrouter.io" rel="nofollow">https:&#x2F;&#x2F;ionrouter.io</a>.<p>You can try the playground at <a href="https:&#x2F;&#x2F;ionrouter.io&#x2F;playground" rel="nofollow">https:&#x2F;&#x2F;ionrouter.io&#x2F;playground</a> right now, no signup required, or drop your API key in and swap the base URL — it&#x27;s one line. We built this so teams can see the power of our engine and eventually come to us for their finetuned model needs using the same solution.<p>We&#x27;re curious what you think, especially if you&#x27;re running finetuned or custom models — that&#x27;s the use case we&#x27;ve invested the most in. What&#x27;s broken, what would make this actually useful for you?

[Other] Show HN: An application stack Claude coded directly in LLVM IR This repo is the result of a debate about what kind of programming language might be appropriate if humans are no longer the primary authors. Initially the thought was &quot;LLMs can just generate binaries directly&quot; (this was before a more famous person had the same idea). But that on reflection seems like a bad approach because languages exist to capture program semantics that are elided by translation to machine code. The next step was to wonder if an existing &quot;machine readable&quot; program representation can be the target for LLM code generation. It turns out yes. This project is the result of asking Claude to create an application stack entirely coded in LLVM&#x27;s intermediate representation language.

[CLI Tool] Scrt: A CLI secret manager for developers, sysadmins and DevOps

[DevOps] Show HN: PipeStep – Step-through debugger for GitHub Actions workflows Hey HN — I kept seeing developers describe the same frustration: the commit-push-wait-read-logs cycle when debugging CI pipelines. So I built PipeStep.<p>PipeStep parses your GitHub Actions YAML, spins up the right Docker container, and gives you a step-through debugger for your run: shell commands.<p>You can: 1. Pause before each step and inspect the container state. 2. Shell into the running container mid-pipeline (press I). 3. Set breakpoints on specific steps (press B). 4. Retry failed steps or skip past others.<p>It deliberately does <i>not</i> try to replicate the full GitHub Actions runtime — no secrets, no matrix builds, no uses: action execution. For full local workflow runs, use act. PipeStep is for when things break and you need to figure out why without pushing 10 more commits. Think of it as gdb for your CI pipeline rather than a local GitHub runner.<p>pip install pipestep (v0.1.2) · Python 3.11+ · MIT · Requires Docker<p>Would love feedback, especially from people who&#x27;ve hit the same pain point. Known limitations are documented in the README + have some issues in there that I&#x27;d love eyeballs on!

[Other] Show HN: Understudy – Teach a desktop agent by demonstrating a task once I built Understudy because a lot of real work still spans native desktop apps, browser tabs, terminals, and chat tools. Most current agents live in only one of those surfaces.<p>Understudy is a local-first desktop agent runtime that can operate GUI apps, browsers, shell tools, files, and messaging in one session. The part I&#x27;m most interested in feedback on is teach-by-demonstration: you do a task once, the agent records screen video + semantic events, extracts the intent rather than coordinates, and turns it into a reusable skill.<p>Demo video: <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=3d5cRGnlb_0" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=3d5cRGnlb_0</a><p>In the demo I teach it: Google Image search -&gt; download a photo -&gt; remove background in Pixelmator Pro -&gt; export -&gt; send via Telegram. Then I ask it to do the same for Elon Musk. The replay isn&#x27;t a brittle macro: the published skill stores intent steps, route options, and GUI hints only as a fallback. In this example it can also prefer faster routes when they are available instead of repeating every GUI step.<p>Current state: macOS only. Layers 1-2 are working today; Layers 3-4 are partial and still early.<p><pre><code> npm install -g @understudy-ai&#x2F;understudy understudy wizard </code></pre> GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;understudy-ai&#x2F;understudy" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;understudy-ai&#x2F;understudy</a><p>Happy to answer questions about the architecture, teach-by-demonstration, or the limits of the current implementation.

[DevOps] Show HN: OneCLI – Vault for AI Agents in Rust We built OneCLI because AI agents are being given raw API keys. And it&#x27;s going about as well as you&#x27;d expect. We figured the answer isn&#x27;t &quot;don&#x27;t give agents access,&quot; it&#x27;s &quot;give them access without giving them secrets.&quot;<p>OneCLI is an open-source gateway that sits between your AI agents and the services they call. You store your real credentials once in OneCLI&#x27;s encrypted vault, and give your agents placeholder keys. When an agent makes an HTTP call through the proxy, OneCLI matches the request by host&#x2F;path, verifies the agent should have access, swaps the placeholder for the real credential, and forwards the request. The agent never touches the actual secret. It just uses CLI or MCP tools as normal.<p>Try it in one line: docker run --pull always -p 10254:10254 -p 10255:10255 -v onecli-data:&#x2F;app&#x2F;data ghcr.io&#x2F;onecli&#x2F;onecli<p>The proxy is written in Rust, the dashboard is Next.js, and secrets are AES-256-GCM encrypted at rest. Everything runs in a single Docker container with an embedded Postgres (PGlite), no external dependencies. Works with any agent framework (OpenClaw, NanoClaw, IronClaw, or anything that can set an HTTPS_PROXY).<p>We started with what felt most urgent: agents shouldn&#x27;t be holding raw credentials. The next layer is access policies and audit, defining what each agent can call, logging everything, and requiring human approval before sensitive actions go through.<p>It&#x27;s Apache-2.0 licensed. We&#x27;d love feedback on the approach, and we&#x27;re especially curious how people are handling agent auth today.<p>GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;onecli&#x2F;onecli" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;onecli&#x2F;onecli</a> Site: <a href="https:&#x2F;&#x2F;onecli.sh" rel="nofollow">https:&#x2F;&#x2F;onecli.sh</a>

[Other] Show HN: A desktop app for managing Claude Code sessions

[Other] Show HN: Axe A 12MB binary that replaces your AI framework

[Monitoring/Observability] Show HN: We analyzed 1,573 Claude Code sessions to see how AI agents work We built rudel.ai after realizing we had no visibility into our own Claude Code sessions. We were using it daily but had no idea which sessions were efficient, why some got abandoned, or whether we were actually improving over time.<p>So we built an analytics layer for it. After connecting our own sessions, we ended up with a dataset of 1,573 real Claude Code sessions, 15M+ tokens, 270K+ interactions.<p>Some things we found that surprised us: - Skills were only being used in 4% of our sessions - 26% of sessions are abandoned, most within the first 60 seconds - Session success rate varies significantly by task type (documentation scores highest, refactoring lowest) - Error cascade patterns appear in the first 2 minutes and predict abandonment with reasonable accuracy - There is no meaningful benchmark for &#x27;good&#x27; agentic session performance, we are building one.<p>The tool is free to use and fully open source, happy to answer questions about the data or how we built it.

[Other] Document poisoning in RAG systems: How attackers corrupt AI's sources I&#x27;m the author. Repo is here: <a href="https:&#x2F;&#x2F;github.com&#x2F;aminrj-labs&#x2F;mcp-attack-labs&#x2F;tree&#x2F;main&#x2F;labs&#x2F;04-rag-security" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;aminrj-labs&#x2F;mcp-attack-labs&#x2F;tree&#x2F;main&#x2F;lab...</a><p>The lab runs entirely on LM Studio + Qwen2.5-7B-Instruct (Q4_K_M) + ChromaDB — no cloud APIs, no GPU required, no API keys.<p>From zero to seeing the poisoning succeed: git clone, make setup, make attack1. About 10 minutes.<p>Two things worth flagging upfront:<p>- The 95% success rate is against a 5-document corpus (best case for the attacker). In a mature collection you need proportionally more poisoned docs to dominate retrieval — but the mechanism is the same.<p>- Embedding anomaly detection at ingestion was the biggest surprise: 95% → 20% as a standalone control, outperforming all three generation-phase defenses combined. It runs on embeddings your pipeline already produces — no additional model.<p>All five layers combined: 10% residual.<p>Happy to discuss methodology, the PoisonedRAG comparison, or anything that looks off.

[CLI Tool] Show HN: Calyx – Ghostty-Based macOS Terminal with Liquid Glass UI

[Other] LiteRT, successor to TensorFlow Lite. is Google's On-device framework for high-performance ML & GenAI deployment on edge platforms, via efficient conversion, runtime, and optimization

[Other] Give agents everything they need to ship fullstack apps. The backend built for agentic development.

[Other] OpenRAG is a comprehensive, single package Retrieval-Augmented Generation platform built on Langflow, Docling, and Opensearch.