🛠️ All DevTools

[Other] The open-source auditor for Firebase security FireScan is a tool designed for penetration testers and developers to audit the security posture of Firebase projects. It provides an interactive console to enumerate databases, test storage rules, check function security, and much more, all from a single, easy-to-use interface.

[CLI Tool] Manage CKAN project development, operations and maintenance CKAN Pilot is a CLI tool to manage CKAN projects with ease. It helps you manage CKAN project development, operations and maintenance with a state-of-the-art command-line interface (CLI) and modern tool set.

[Other] Show HN: DroidDock – A sleek macOS app for browsing Android device files via ADB Hi HN,<p>I’m Rajiv, a software engineer turned Math teacher living in the mountains, where I like to slow down life while still building useful software.<p>I recently built DroidDock, a lightweight and modern macOS desktop app that lets you browse and manage files on your Android device via ADB. After 12 years in software development, I wanted a free, clean, and efficient tool because existing solutions were either paid, clunky, or bloated.<p>Features include multiple view modes, thumbnail previews for images&#x2F;videos, intuitive file search, file upload&#x2F;download, and keyboard shortcuts. The backend uses Rust and Tauri for performance.<p>You can download the latest .dmg from the landing page here: <a href="https:&#x2F;&#x2F;rajivm1991.github.io&#x2F;DroidDock&#x2F;" rel="nofollow">https:&#x2F;&#x2F;rajivm1991.github.io&#x2F;DroidDock&#x2F;</a> Source code is available on GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;rajivm1991&#x2F;DroidDock" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;rajivm1991&#x2F;DroidDock</a><p>I’d appreciate your feedback on usability, missing features, or bugs. Thanks for checking it out!<p>— Rajiv

[IDE/Editor] Show HN: Trilogy Studio, open-source browser-based SQL editor and visualizer SQL-first analytic IDE; similar to Redash&#x2F;Metabase. Aims to solve reuse&#x2F;composability at the code layer with modified syntax, Trilogy, that includes a semantic layer directly in the SQL-like language.<p>Status: experiment; feedback and contributions welcome!<p>Built to solve 3 problems I have with SQL as my primary iterative analysis language:<p>1. Adjusting queries&#x2F;analysis takes a lot of boilerplate. Solve with queries that operate on the semantic layer, not tables. Also eliminates the need for CTEs.<p>2. Sources of truth change all the time. I hate updating reports to reference new tables. Also solved by the semantic layer, since data bindings can be updated without changing dashboards or queries.<p>3. Getting from SQL to visuals is too much work in many tools; make it as streamlined as possible. Surprise - solve with the semantic layer; add in more expressive typing to get better defaults;also use it to wire up automatic drilldowns&#x2F;cross filtering.<p>Supports: bigquery, duckdb, snowflake.<p>Links [1] <a href="https:&#x2F;&#x2F;trilogydata.dev&#x2F;" rel="nofollow">https:&#x2F;&#x2F;trilogydata.dev&#x2F;</a> (language info)<p>Git links: [Frontend] <a href="https:&#x2F;&#x2F;github.com&#x2F;trilogy-data&#x2F;trilogy-studio-core" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;trilogy-data&#x2F;trilogy-studio-core</a> [Language] <a href="https:&#x2F;&#x2F;github.com&#x2F;trilogy-data&#x2F;pytrilogy" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;trilogy-data&#x2F;pytrilogy</a><p>Previously: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=44106070">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=44106070</a> (significant UX&#x2F;feature reworks since) <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=42231325">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=42231325</a>

[Other] Show HN: Valid8r, Functional validation for Python CLIs using Maybe monads I built Valid8r because I got tired of writing the same input validation code for every CLI tool. You know the pattern: parse a string, check if it&#x27;s valid, print an error if not, ask again. Repeat for every argument.<p>The library uses Maybe monads (Success&#x2F;Failure instead of exceptions) so you can chain parsers and validators:<p><pre><code> # Try it: pip install valid8r from valid8r.core import parsers, validators # Parse and validate in one pipeline result = ( parsers.parse_int(user_input) .bind(validators.minimum(1)) .bind(validators.maximum(65535)) ) match result: case Success(port): print(f&quot;Using port {port}&quot;) case Failure(error): print(f&quot;Invalid: {error}&quot;) </code></pre> I built integrations for argparse, Click, and Typer so you can drop valid8r parsers directly into your existing CLIs without refactoring everything.<p>The interesting technical bit: it&#x27;s 4-300x faster than Pydantic for simple parsing (ints, emails, UUIDs) because it doesn&#x27;t build schemas or do runtime type checking. It just parses strings and returns Maybe[T]. For complex nested validation, Pydantic is still better. I benchmarked both and documented where each one wins.<p>I&#x27;m not trying to replace Pydantic. If you&#x27;re building a FastAPI service, use Pydantic. But if you&#x27;re building CLI tools or parsing network configs, Maybe monads compose really nicely and keep your code functional.<p>The docs are at <a href="https:&#x2F;&#x2F;valid8r.readthedocs.io&#x2F;" rel="nofollow">https:&#x2F;&#x2F;valid8r.readthedocs.io&#x2F;</a> and the benchmarks are in the repo. It&#x27;s MIT licensed.<p>Would love feedback on the API design. Is the Maybe monad pattern too weird for Python, or does it make validation code cleaner?<p>---<p>Here are a few more examples showing different syntax options for the same port validation:<p><pre><code> from valid8r.core import parsers, validators # Option 1: Combine validators with &amp; operator validator = validators.minimum(1) &amp; validators.maximum(65535) result = parsers.parse_int(user_input).bind(validator) # Option 2: Use parse_int_with_validation (built-in) result = parsers.parse_int_with_validation( user_input, validators.minimum(1) &amp; validators.maximum(65535) ) # Option 3: Interactive prompting (keeps asking until valid) from valid8r.prompt import ask port = ask( &quot;Enter port number (1-65535): &quot;, parser=lambda s: parsers.parse_int(s).bind( validators.minimum(1) &amp; validators.maximum(65535) ) ) # port is guaranteed valid here, no match needed # Option 4: Create a reusable parser function def parse_port(text): return parsers.parse_int(text).bind( validators.minimum(1) &amp; validators.maximum(65535) ) result = parse_port(user_input) </code></pre> The &amp; operator is probably the cleanest for combining validators. And the interactive prompt is nice because you don&#x27;t need to match Success&#x2F;Failure, it just keeps looping until the user gives you valid input.

[Other] Building a CI/CD Pipeline Runner from Scratch in Python

[Database] Show HN: TidesDB – Fast, transactional storage optimized for flash and RAM

[API/SDK] Open Source Spotify client library

[API/SDK] Promise based HTTP client for the browser and node.js

[API/SDK] An open-source, code-first Go toolkit for building, evaluating, and deploying sophisticated AI agents with flexibility and control.

[Other] Show HN: Pipeflow-PHP – Automate anything with pipelines even non-devs can edit Hello everyone,<p>I’ve been building [Pipeflow-php](<a href="https:&#x2F;&#x2F;github.com&#x2F;marcosiino&#x2F;pipeflow-php" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;marcosiino&#x2F;pipeflow-php</a>), a PHP pipeline engine to automate anything — from content generation to backend and business logic workflows — using core modular stages and custom implemented stages (that can do anything), with the key power of using an easy to reason and read XML to define the pipeline logic, which every actor in a company, even non developers, can understand, maintain and edit.<p>It’s a *headless engine*: no UI is included, but it&#x27;s designed to be easily wired into any backend interface (e.g. WordPress admin, CMS dashboard, custom panels), so *even non-developers can edit or configure the logic*.<p>It surely needs improvements, more core stages to be implemented and more features, but i&#x27;m already using it on two websites i&#x27;ve developed.<p>In future I plan to port it in other languages too.<p>Feedback (and even contributions) are appreciated :)<p>---<p>Why I built it<p>I run a site which every day, via a cron job:<p>- automatically generates and publish coloring pages using complex logics and with the support of the generative AI,<p>- picks categories and prompts based on logic defined in a pipeline,<p>- creates and publishes WordPress posts automatically, every day, without any human intervention.<p>All the logic is defined in an XML pipeline that&#x27;s editable via wordpress admin panel (using a wordpress plugin I&#x27;ve developed, which also adds some wordpress related custom stages to Pipeflow). A non-dev (like a content manager) can adjust this automatic content generation logic, for example by improving it, or by changing the themes&#x2F;categories during holidays — without touching PHP.<p>---<p>What Pipeflow does<p>- Define pipelines in *fluent PHP* or *simple, easy understandable XML (even by non developers), directly from your web app admin pages*<p>- Use control-flow stages like `If`, `ForEach`, `For`<p>- Execute pipelines manually, via cron, or on any backend trigger which adapts to your business logic<p>- Build your own UI or editor on top (from a simple text editor to a node based editor which outputs a compatible XML-based configuration to feed to pipeflow)<p>- Reuse modular “stages” (core and custom ones) across different pipelines

[Other] Visualize FastAPI endpoints with FastAPI-Voyager

[Other] The AI co-pilot for your entire development lifecycle. Devpilot is your new AI co-engineer, designed to take you from a single idea to a fully deployed, full-stack application. Stop wrestling with boilerplate, configuration files, and complex API integrations. Devpilot handles the entire workflow, acting as an autonomous agent that understands your product goals. Autonomous App Generation: Describe your app in plain English, and watch Devpilot build the React/Vite frontend and connect a real database (e.g., Supabase, Firebase) automatically.

[Other] Free Online Design & Developer Tools KineTools - Discover 20+ free online tools for designers and developers. Generate colors, gradients, shadows, and more. Boost your workflow with instant, browser-based ai-powered utilities.

[API/SDK] One Platform, Unlimited Intelligent Agents Create AI chatbot agents with your own API keys. Choose from any LLM provider (OpenAI, Anthropic, Google, Mistral) and embedding models. Connect to databases (PostgreSQL, MySQL, MongoDB), crawl websites, and train on documents. Complete admin dashboard for managing agents, training data, leads, databases, and documents. Python & TypeScript SDK included. Enterprise-grade AI platform with multi-model support, self-training capabilities, and flexible deployment.

[CLI Tool] Create Express App: Your Backend, Ready to Build Create Express App is a CLI tool that simplifies the creation of Express.js applications. It generates a ready-to-use project structure with pre-configured templates for JavaScript and TypeScript applications. Perfect for developers who want to quickly scaffold an Express.js project and start coding right away.

[Other] Vibe app builder with free bug fixes, db and PAYG credits From the team behind JDoodle IDE (20M users served). Now bringing AI-powered full stack app building to everyone with a built-in database, hosting, free automatic bug fixing (no credits charged), and simple pay-as-you-go credits.

[Other] Show HN: Serve 100 Large AI models on a single GPU with low impact to TTFT I wanted to build an inference provider for proprietary AI models, but I did not have a huge GPU farm. I started experimenting with Serverless AI inference, but found out that coldstarts were huge. I went deep into the research and put together an engine that loads large models from SSD to VRAM up to ten times faster than alternatives. It works with vLLM, and transformers, and more coming soon.<p>With this project you can hot-swap entire large models (32B) on demand.<p>Its great for:<p>Serverless AI Inference<p>Robotics<p>On Prem deployments<p>Local Agents<p>And Its open source.<p>Let me know if anyone wants to contribute :)

[Other] Show HN: OtterLang – Pythonic scripting language that compiles to native code Hey HN! I’ve been building OtterLang, a small experimental scripting language designed to feel like Python but compile down to native binaries through LLVM.<p>The goal isn’t to reinvent Python or Rust, but to find a middle ground between them:<p>Python-like readability and syntax Rust-level performance and type safety Fast builds and transparent Rust FFI (you can directly import Rust crates without writing bindings)<p>OtterLang is still early and very experimental. the compiler, runtime, and FFI bridge are being rewritten frequently.<p>Please star the repo, and contribute to help this project.

[Other] Debugging BeagleBoard USB boot with a sniffer: fixing omap_loader on modern PCs