🛠️ Hacker News Tools

[API/SDK] Show HN: Modular – drop AI features into your app with two function calls I kept hitting the same wall at work every time we needed to ship an AI feature. What looked like a week of work turned into picking a model, setting up a vector DB, managing embeddings, wiring up chat history, handling retries — none of it was the actual feature. So I built Modular. You register a function that returns your app's data, then call ai.run() for one-shot features or ai.chat() for stateful conversation. Everything else — context management, embeddings, session history, model routing, retries — is handled. MCP-native from day one. Works with Claude, GPT-4o, and Gemini. Still early — collecting feedback before building the full SDK. Would love to hear if others have hit this same wall, or if you think I'm solving the wrong problem.

[Other] Show HN: TRELLIS.2 image-to-3D running on Mac Silicon – no Nvidia GPU needed I ported Microsoft&#x27;s TRELLIS.2 (4B parameter image-to-3D model) to run on Apple Silicon via PyTorch MPS. The original requires CUDA with flash_attn, nvdiffrast, and custom sparse convolution kernels: none of which work on Mac.<p>I replaced the CUDA-specific ops with pure-PyTorch alternatives: a gather-scatter sparse 3D convolution, SDPA attention for sparse transformers, and a Python-based mesh extraction replacing CUDA hashmap operations. Total changes are a few hundred lines across 9 files.<p>Generates ~400K vertex meshes from single photos in about 3.5 minutes on M4 Pro (24GB). Not as fast as H100 (where it takes seconds), but it works offline with no cloud dependency.<p><a href="https:&#x2F;&#x2F;github.com&#x2F;shivampkumar&#x2F;trellis-mac" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;shivampkumar&#x2F;trellis-mac</a>

[DevOps] Show HN: Clone, a small Rust VMM, forks VMs in under 20ms via CoW We needed a secure, multi-tenant way to offer shell accounts to users, but most VMMs were using too much memory and containers are unsafe. With clone, VMs are now more memory efficient than containers in most cases.<p>Since many other projects on HN looked like they were doing this too, open sourcing this was the right thing to do.<p>Feel free to use in whole or in part as you see fit!

[CLI Tool] Show HN: Faceoff – A terminal UI for following NHL games Faceoff is a TUI app written in Python to follow live NHL games and browse standings and stats. I got the inspiration from Playball, a similar TUI app for MLB games that was featured on HN.<p>The app was mostly vibe-coded with Claude Code, but not one-shot. I added features and fixed bugs by using it, as I spent way too much time in the terminal over the last few months.<p>Try it out with `uvx faceoff` (requires uv).

[Other] Critical flaw in Protobuf library enables JavaScript code execution

[Other] Binary GCD

[API/SDK] Show HN: Open Passkey – open-source passkey auth with free "backendless" host I, like Andrej Karpathy, became super frustrated by how annoying it was to deploy projects that were previously an absolute joy to make with Claude Code. That is why I made open-passkey, an MIT licensed passkey repo with support for 33 languages and frameworks (examples included) that makes adding simple secure auth to a project easy.<p>We are also releasing gateway (<a href="https:&#x2F;&#x2F;gateway.locke.id" rel="nofollow">https:&#x2F;&#x2F;gateway.locke.id</a>) a &quot;backendless&quot; hosted auth server that frontend apps can consume for free so that you can ship a React or Angular app using a CDN like Netlify without needing to configure a server at all. We are willing to freely share the resources of an AWS t.large instance which should easily support millions of accounts &amp; sessions. This decision was made to improve our velocity when it comes to shipping small apps (it should go without saying that this is not designed for large apps).<p>Open-passkey prioritizes post-quantum algorithms, though they are not supported by browsers yet. On top of Gateway, we also built a simple end-to-end encrypted key value store modeled after localStorage. A simple setItem() and getItem() API that uses PRF with passkeys to store encrypted values on gateway with zero config. This, again, was made to improve our velocity to securely add API keys and stuff to frontend apps without needing to pay for a server to host. Obviously gateway is completely optional and exporting out your users public keys is supported with rp_id verification via domain TXT records.

[Other] Show HN: Sostactic – polynomial inequalities using sums-of-squares in Lean Current support for nonlinear inequalities in Lean is quite limited. This package attempts to solve this. It contains a collection of Lean4 tactics for proving polynomial inequalities via sum-of-squares (SOS) decompositions, powered by a Python backend. You can use it via Python or Lean.<p>These tactics are significantly more powerful than `nlinarith` and `positivity` -- i.e., they can prove inequalities they cannot. In theory, they can be used to prove any of the following types of statements<p>- prove that a polynomial is nonnegative globally - prove that a polynomial is nonnegative over a semialgebraic set (i.e., defined by a set of polynomial inequalities) - prove that a semialgebraic set is empty, i.e., that a system of polynomial inequalities is infeasible<p>The underlying theory is based on the following observation: if a polynomial can be written as a sum of squares of other polynomials, then it is nonnegative everywhere. Theorems proving the existence of such decompositions were one of the landmark achievements of real algebraic geometry in the 20th century, and its connection to semidefinite programming in the 21st century made it a practical computational tool, and is what this software does in the background.

[Other] PostgreSQL production incident caused by transaction ID wraparound

[Other] Show HN: MDV – a Markdown superset for docs, dashboards, and slides with data

[Other] Migrating from DigitalOcean to Hetzner

[Other] Show HN: I can't write Python. It works anyway Read an article about analyzing Garmin data with AI. Sounded great — except I didn&#x27;t want to send my health data to any cloud service.<p>So I asked Claude to write me 2-3 scripts and a dashboard. This escalated a bit. 30 days and 20$ later I have this:<p>A local-first Garmin archive with interactive HTML dashboards, Excel exports, weather and pollen context, AES-256 encrypted token storage, and a self-healing data pipeline with 515 automated tests. Windows desktop app, no terminal needed. Nothing leaves your machine.<p>I never wrote a line of Python. I understood the problems and made the architectural decisions. Claude wrote everything else.<p>GitHub: github.com&#x2F;Wewoc&#x2F;Garmin_Local_Archive

[CLI Tool] Show HN: Sfsym – Export Apple SF Symbols as Vector SVG/PDF/PNG I found myself reaching for SF Symbols&#x27; &#x27;Copy Image As…&#x27; quite often during agentic design sessions, so I made a command-line tool that the agent can use by itself. It exports Apple SF Symbols as SVG, PDF, or PNG.<p>The vector paths come directly from macOS&#x27;s symbol renderer. Internally it reaches a private ivar on NSSymbolImageRep to get the CUINamedVectorGlyph, draws into a CGPDFContext, then walks the PDF content stream back out as SVG `d` commands. The output matches what the system draws, rather than an approximation traced from rasters.<p>A few things about it:<p>- Every subcommand accepts `--json`, and `sfsym schema` returns a machine-readable description of the whole CLI. - Symbol enumeration reads the OS&#x27;s Assets.car BOM tree, so the list of 8,300+ names stays current with macOS updates without a version table in the binary. - Each SVG `&lt;path&gt;` carries a `data-layer` attribute, so you can retheme in CSS without touching geometry.<p>It&#x27;s been saving me a bunch of clicking. Please let me know if you have any other ideas for it.

[Other] Show HN: Pyra – a Python toolchain experiment inspired by uv and Bun I’ve been working on Pyra for the past few months and wanted to start sharing it in public.<p>Right now it’s focused on the core package&#x2F;project management workflow: Python installs, init, add&#x2F;remove, lockfiles, env sync, and running commands in the managed env.<p>The bigger thing I’m exploring is whether Python could eventually support a more cohesive toolchain story overall, more in the direction of Bun: not just packaging, but maybe over time testing, tasks, notebooks, and other common workflow tools feeling like one system instead of a bunch of separate pieces.<p>It’s still early, and I’m definitely not claiming it’s as mature as uv. I’m mostly sharing it now because I want honest feedback on whether the direction feels interesting or misguided.

[Other] Show HN: AI Subroutines – Run automation scripts inside your browser tab We built AI Subroutines in rtrvr.ai. Record a browser task once, save it as a callable tool, replay it at: zero token cost, zero LLM inference delay, and zero mistakes.<p>The subroutine itself is a deterministic script composed of discovered network calls hitting the site&#x27;s backend as well as page interactions like click&#x2F;type&#x2F;find.<p>The key architectural decision: the script executes inside the webpage itself, not through a proxy, not in a headless worker, not out of process. The script dispatches requests from the tab&#x27;s execution context, so auth, CSRF, TLS session, and signed headers get added to all requests and propagate for free. No certificate installation, no TLS fingerprint modification, no separate auth stack to maintain.<p>During recording, the extension intercepts network requests (MAIN-world fetch&#x2F;XHR patch + webRequest fallback). We score and trim ~300 requests down to ~5 based on method, timing relative to DOM events, and origin. Volatile GraphQL operation IDs are detected and force a DOM-only fallback before they break silently on the next run.<p>The generated code combines network calls with DOM actions (click, type, find) in the same function via an rtrvr.* helper namespace. Point the agent at a spreadsheet of 500 rows and with just one LLM call parameters are assigned and 500 Subroutines kicked off.<p>Key use cases:<p>- record sending IG DM, then have reusable and callable routine to send DMs at zero token cost<p>- create routine getting latest products in site catalog, call it to get thousands of products via direct graphql queries<p>- setup routine to file EHR form based on parameters to the tool, AI infers parameters from current page context and calls tool<p>- reuse routine daily to sync outbound messages on LinkedIn&#x2F;Slack&#x2F;Gmail to a CRM using a MCP server<p>We see the fundamental reason that browser agents haven&#x27;t taken off is that for repetitive tasks going through the inference loop is unnecessary. Better to just record once, and get the LLM to generate a script leveraging all the possible ways to interact with a site and the wider web like directly calling backed API&#x27;s, interacting with the DOM, and calling 3P tools&#x2F;APIs&#x2F;MCP servers.

[Other] Show HN: Waputer – The WebAssembly Computer Waputer is an operating system that runs entirely in the browser. When you visit the website at <a href="https:&#x2F;&#x2F;waputer.app" rel="nofollow">https:&#x2F;&#x2F;waputer.app</a>, a kernel written in JavaScript sets up a filesystem and launches a WebAssembly program, which in turn talks to the kernel to handle the display and input. A purely terminal-based version is at <a href="https:&#x2F;&#x2F;waputer.dev" rel="nofollow">https:&#x2F;&#x2F;waputer.dev</a>.<p>My original intention was to create programs that run in the browser that have a lot more in common with the desktop. The traditional &quot;hello world&quot; program is not really suited for the web. Waputer changes that. The GitHub repo at <a href="https:&#x2F;&#x2F;github.com&#x2F;waputer&#x2F;docs" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;waputer&#x2F;docs</a> gives a very brief overview of compiling a C program and running it on Waputer. There is a blog available from the main site that has a long-form explanation of Waputer and my motivations if you want some additional reading.

[Other] Show HN: PanicLock – Close your MacBook lid disable TouchID –> password unlock I wrote this after the case of a Washington Post reporter, Hannah Natanson, was compelled to unlock her computer with her fingerprint. This resulted in access to her Desktop Signal on her computer, revealing sources and their conversations.<p><a href="https:&#x2F;&#x2F;www.yahoo.com&#x2F;news&#x2F;articles&#x2F;washington-post-raid-proves-face-153402560.html" rel="nofollow">https:&#x2F;&#x2F;www.yahoo.com&#x2F;news&#x2F;articles&#x2F;washington-post-raid-pro...</a><p>Edit: I&#x27;ve a lot more details about the legality and precedence on the apps landing page <a href="https:&#x2F;&#x2F;paniclock.github.io&#x2F;" rel="nofollow">https:&#x2F;&#x2F;paniclock.github.io&#x2F;</a>

[Database] Show HN: XitDB – an immutable single-file database I couldn&#x27;t find a database that was immutable (like Datomic) and embedded (like SQLite), so I made one. The reference impl is in Zig and there are now ports for Java, Clojure, TypeScript, and Go.

[Other] Show HN: Spice simulation → oscilloscope → verification with Claude Code I built MCP servers for my oscilloscope and SPICE simulator so Claude Code can close the loop between simulation and real hardware.

[Other] Binary Dependencies: Identifying the Hidden Packages We All Depend On