🛠️ All DevTools

[Other] Show HN: Numr – A Vim-style TUI calculator for natural language math expressions Features:<p>Natural language math: percentages, units, currencies Live exchange rates (152 currencies + BTC) Vim keybindings (Normal&#x2F;Insert modes, hjkl, dd, etc.) Variables and running totals Syntax highlighting<p>Stack: Ratatui + Pest (PEG parser) + Tokio Install: # macOS brew tap nasedkinpv&#x2F;tap &amp;&amp; brew install numr<p># Arch yay -S numr GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;nasedkinpv&#x2F;numr" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;nasedkinpv&#x2F;numr</a> Would love feedback on the code structure—it&#x27;s a workspace with separate crates for core, editor, TUI, and CLI.

[Other] Show HN: WireMD – Design Wireframes in Markdown Hi HN! I built WireMD, a text-first wireframing tool that lets you design UIs as fast as you can type.<p>The core idea: wireframes should be version-controlled, reviewable in PRs, and editable without leaving your code editor&#x2F;markdown editor.<p>Outputs in multiple formats including for example html (different styles), tailwind and json<p>Curious what HN thinks about the syntax design and whether this fills a gap in your workflow!

[Other] Trifold is a tool to quickly and cheaply host static websites using a CDN

[Monitoring/Observability] Ping-based server health monitoring, zero setup Mapnitor is a super-simple server monitoring tool that tracks server health using ping, no complicated setup needed. See uptime, latency, and health in a clean, shareable dashboard. Perfect for sysadmins, DevOps, and small teams who want quick, actionable insights without endless configuration. Key features: Ping-based uptime & latency tracking Real-time health status Shareable public status pages ( SOON ) Minimal, no-fuss dashboard

[Other] Build a Compiler in Five Projects

[Other] Syd – An offline-first, AI-augmented workstation for blue teams Hi HN, I’m Paul. I’m building Syd, an offline-first forensic workstation that orchestrates tools like YARA and Nmap through a GUI, using a local LLM to analyze the results without leaking data. It runs completely offline on localhost—no data is ever sent to the cloud, making it safe for sensitive investigations.<p>Here&#x27;s a demo: <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=8dQV3JbLrRE" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=8dQV3JbLrRE</a>.<p>I built this because while tools like YARA are powerful, managing rule sets and decoding hex strings is slow. AI is great at explaining malware signatures, but I couldn&#x27;t use ChatGPT for my work because pasting potential malware or sensitive logs into a web form is a massive security risk. I needed the intelligence of an LLM but with the privacy of an air-gapped machine.<p>Under the hood, it’s built on Python 3. I use subprocess to manage the heavy lifting of the scanning engines so the UI (built with CustomTkinter) doesn&#x27;t freeze. The &quot;secret sauce&quot; isn&#x27;t the AI itself, but the parser I wrote that converts the unstructured text output from YARA into a structured JSON format that the local LLM can actually understand and reason about.<p>I’ve been using it to triage files for my own learning. In one case, Syd flagged a file matching a &quot;SilentBanker&quot; rule and the AI pointed out specific API calls for keylogging, saving me about 20 minutes of manual hex-editing. In the demo video linked, you can see this workflow: scanning a directory, hitting on a custom YARA rule, and having the local AI immediately analyze the strings.<p>Through this process, I learned that &quot;AI wrappers&quot; are easy, but AI orchestration is hard—getting the tools to output clean data for the LLM is the real challenge. I&#x27;d love to hear if there are other static analysis tools (like PEStudio or Capa) you consider essential for a workstation like this, or how you currently handle the privacy risk of using AI for log analysis.

[CLI Tool] Show HN: WeatherOrNot a maximal weather app in the terminal A RETRO TERMINAL WEATHER EXPERIENCE

[Other] Build desktop applications using Go and Web Technologies

[Other] Show HN: Stun LLMs with thousands of invisible Unicode characters I made a free tool that stuns LLMs with invisible Unicode characters.<p>*Use cases:* Anti-plagiarism, text obfuscation against LLM scrapers, or just for fun!<p>Even just one word&#x27;s worth of “gibberified” text is enough to block most LLMs from responding coherently.

[CLI Tool] A ncurses-based command line torrent client for high performance

[Code Quality] Show HN: I wrote a minimal memory allocator in C A fun toy memory allocator (not thread safe, that&#x27;s a future TODO). I also wanted to explain how I approached it, so I also wrote a tutorial blog post (~20 minute read) covering the code which you can find the link to in the README.

[Package Manager] Show HN: Safe-NPM – only install packages that are +90 days old This past quarter has been awash with sophisticated npm supply chain attacks like [Shai-Hulud](<a href="https:&#x2F;&#x2F;www.cisa.gov&#x2F;news-events&#x2F;alerts&#x2F;2025&#x2F;09&#x2F;23&#x2F;widespread-supply-chain-compromise-impacting-npm-ecosystem" rel="nofollow">https:&#x2F;&#x2F;www.cisa.gov&#x2F;news-events&#x2F;alerts&#x2F;2025&#x2F;09&#x2F;23&#x2F;widesprea...</a>() and the [Chalk&#x2F;debug Compromise](<a href="https:&#x2F;&#x2F;www.wiz.io&#x2F;blog&#x2F;widespread-npm-supply-chain-attack-breaking-down-impact-scope-across-debug-chalk" rel="nofollow">https:&#x2F;&#x2F;www.wiz.io&#x2F;blog&#x2F;widespread-npm-supply-chain-attack-b...</a>). This CLI helps protect users from recently compromised packages by only downloading packages that have been public for a while (default is 90 days or older).<p>Install: npm install -g @dendronhq&#x2F;safe-npm Usage: safe-npm install react@^18 lodash<p>How it works: - Queries npm registry for all versions matching your semver range - Filters out anything published in the last 90 days - Installs the newest &quot;aged&quot; version<p>Limitations: - Won&#x27;t protect against packages malicious from day one - Doesn&#x27;t control transitive dependencies (yet - looking into overrides) - Delays access to legitimate new features<p>This is meant as a 80&#x2F;20 measure against recently compromised NPM packages and is not a silver bullet. Please give it a try and let me know if you have feedback.

[Other] Show HN: I just fixed .env once and for all – better-env .env files have always felt archaic, insecure, clunky and honestly just not fun to work with. I see my friends (and myself) accidentally committing them all the time. Managing secrets across projects becomes a mess of copy-pasting keys into scattered env files with no real way to sync anything.<p>So I built better-env: a secure, developer-friendly alternative to .env.<p>Store your secrets once in a global encrypted store, and load them per-project at runtime.<p>I’d love feedback on whether this feels useful beyond solo devs, and what you’d want for teams or CI setups.<p>Fully open source: <a href="https:&#x2F;&#x2F;github.com&#x2F;HarishChandran3304&#x2F;better-env" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;HarishChandran3304&#x2F;better-env</a>

[Other] Show HN: Built a tool solve the nightmare of chunking tables in PDF vs. Markdown Hey HN, solo dev here. After years of frustration with how LLMs handle complex documents, especially PDFs with tables, I decided to build a solution myself. My approach uses a Markdown conversion step to preserve the table structure, which seems to work surprisingly well for chunking. This little parser is the first public piece of a much larger, privacy-focused AI platform I&#x27;m building. I&#x27;m pretty much running on fumes financially, so any feedback, critique, or support is massively appreciated. Happy to answer any questions about the approach!

[Other] Show HN: An OKLCH-based perceptually uniform color system/theme builder I&#x27;ve been using a version of this internally for a few months but decided to polish it a little to finally deploy it.<p>It&#x27;s a color system generator that creates accessible, perceptually uniform color palettes using the OKLCH space. It takes one seed (primary) color, generates relative key colors from multiple color harmony schemes (analogous, complementary, etc) that are then used to create 26-step color ramps each. Shades from the ramps are then used to generate semantic color roles, or can be used for creating custom palettes.<p>All colors are gamut-mapped to the sRGB gamut with chroma reduction, essentially preserving lightness and hue values while finding the maximum in-gamut chroma for each step.<p>There are obvious similarities to Material Design Themes, mostly because I&#x27;m visually pretty comfortable with it. Plus, I started this project back when some of the colors generated by Material could be a little dull and I wanted to learn&#x2F;build something like this from the ground up.<p>There are a couple of improvements I would like to make to this in the near future. The first one is a dynamic chroma curve (the chroma falloffs for the ramps are on a bell curve). At the moment, the chroma curve peaks at L ~0.55 for all hue ranges, which works good enough but isn&#x27;t ideal for a few reasons. The second one would be adding seed color extraction from images. And maybe a built-in contrast checker.<p>If you find the tool helpful and&#x2F;or have any feedback or suggestions, let me know.

[IDE/Editor] Editing Code in Emacs

[Other] Tosijs-schema is a super lightweight schema-first LLM-native JSON schema library

[CLI Tool] A Secure, Developer-Friendly Alternative to .env better-env is a CLI tool that manages environment variables securely using OpenPGP encryption. Store secrets once in a global encrypted store, link them to projects via commit-safebetter-env files, and load them at runtime, no plaintext to be found anywhere.

[DevOps] Catch K8s Mistakes Before CI Guardon is different because it brings Kubernetes YAML validation directly into the browser—fully local, instant, and privacy-first. Unlike existing scanners that run in CI/CD or require cloud backends, Guardon validates multi-doc YAMLs in real time, imports Kyverno rules for org-specific guardrails, fetches configs from GitHub, and provides immediate, actionable fixes. It shifts Kubernetes security and compliance truly left—right where developers work.

[Other] Show HN: better-env – A Secure, Developer-Friendly Alternative to .env I’ve always hated how archaic .env files feel. Plaintext, easy to leak, and once they hit git history… you’re cooked. After accidentally committing secrets a few too many times, I finally asked myself: why don&#x27;t we encrypt secrets just like passwords?<p>So I built better-env: a local, encrypted way to manage secrets without exposing plaintext all over your machine. One place for secrets, nothing sensitive in git, your secrets get directly loaded at runtime, project-wise.<p>It’s early, local-first, and still rough around the edges, but it already removed a whole category of stress from my workflow. I’d love feedback on whether this feels useful beyond solo devs, and what you’d want for team&#x2F;CI setups.<p>It&#x27;s open source too! (<a href="https:&#x2F;&#x2F;github.com&#x2F;HarishChandran3304&#x2F;better-env" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;HarishChandran3304&#x2F;better-env</a>)