🛠️ Hacker News Tools

[Other] Show HN: Ellipticc Drive – open-source cloud drive with E2E and PQ encryption Hey HN, I’m Ilias, 19, from Paris.<p>I built Ellipticc Drive, an open-source cloud drive with true end-to-end encryption and post-quantum security, designed to be Dropbox-like in UX but with zero access to your data, even by the host.<p>What’s unique:<p>Free 10GB for every user, forever.<p>Open-source frontend (audit or self-host if you want)<p>Tech stack:<p>Frontend: Next.js<p>Crypto: WebCrypto (hashing) + Noble (core primitives)<p>Encryption: XChaCha20-Poly1305 (file chunks)<p>Key wrapping: Kyber (ML-KEM768)<p>Signing: Ed25519 + Dilithium2 (ML-DSA65)<p>Key derivation: Argon2id → Master Key → encrypts all keypairs &amp; CEKs<p>Try it live: <a href="https:&#x2F;&#x2F;ellipticc.com" rel="nofollow">https:&#x2F;&#x2F;ellipticc.com</a><p>Frontend source: <a href="https:&#x2F;&#x2F;github.com&#x2F;ellipticc&#x2F;drive-frontend" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;ellipticc&#x2F;drive-frontend</a><p>Would love feedback from devs and security folks — particularly on encryption flow, architecture, or UX.<p>I’ll be around to answer every technical question in the comments!

[Other] Launch HN: Propolis (YC X25) – Browser agents that QA your web app autonomously Hi HN, we&#x27;re Marc and Matt, and we&#x27;re building Propolis (app.propolis.tech&#x2F;#&#x2F;launch). We use browser agents to simulate users in order to report bugs and write e2e tests. Today, you can launch 10s-100s of agents that collaboratively explore a website and report back on pain points + propose e2e tests that can run as part of your CI.<p>You can try an initial run (two minute set up) to get a feel for the product for free here: app.propolis.tech&#x2F;#&#x2F;launch. Or watch our demo video: <a href="https:&#x2F;&#x2F;www.tella.tv&#x2F;video&#x2F;autonomous-qa-system-walkthrough-3s4e">https:&#x2F;&#x2F;www.tella.tv&#x2F;video&#x2F;autonomous-qa-system-walkthrough-...</a><p>The Problem<p>Both Matt and I have been thinking about software quality for the last 10 years. While at Airtable Matt worked on the infrastructure team responsible for deploys and thought a lot about how to catch bugs before users did. Deterministic tests are incredibly effective at ensuring pre-defined behavior continues to function, but it&#x27;s hard to get meaningful coverage &amp; easy to &quot;stub&#x2F;mock&quot; so much that it&#x27;s no longer representative of real usage.<p>I like to pitch what we&#x27;re building now as a set of “users” you can treat like a canary group without worrying about impacting real users.<p>What we do: Propolis runs &quot;swarms&quot; of browser agents that collaborate to come up with user journeys, flag points of friction, and propose e2e tests that can then be run more cheaply on any trigger you&#x27;d like. We have customers from public companies to startups running &quot;swarms&quot; regularly to massively increase the breadth of their automated testing + running the produced tests as part of their CI pipeline to ensure that more specific flows stay working without needing to worry about updating playwright&#x2F;selenium tests.<p>One thing that really excites me about this approach is how flexible &quot;checks&quot; can be since they&#x27;re evaluated partially via LLM, for example we&#x27;ve caught bugs related to the quality of non-deterministic output (think a shopping assistant recommending a product that the user then searches for and can’t find).<p>Pricing and Availability<p>It&#x27;s production-ready today at $1000&#x2F;month unlimited-use + active support for early users willing to give feedback and request features. We&#x27;re also happy to work with you for capped-use &#x2F; hobby plans at lower prices if you&#x27;d like to use it for smaller or personal projects.<p>We&#x27;d love to hear from the HN community - especially curious if folks have thoughts on what else autonomous agents could validate beyond bugs and functional correctness. Try it out and let us know what you think!

[Other] Show HN: I made a heatmap diff viewer for code reviews 0github.com is a pull request viewer that color-codes every diff line&#x2F;token by how much human attention it probably needs. Unlike PR-review bots, we try to flag not just by &quot;is it a bug?&quot; but by &quot;is it worth a second look?&quot; (examples: hard-coded secret, weird crypto mode, gnarly logic, ugly code).<p>To try it, replace github.com with 0github.com in any pull-request URL. Under the hood, we split the PR into individual files, and for each file, we ask an LLM to annotate each line with a data structure that we parse into a colored heatmap.<p>Examples:<p><a href="https:&#x2F;&#x2F;0github.com&#x2F;manaflow-ai&#x2F;cmux&#x2F;pull&#x2F;666" rel="nofollow">https:&#x2F;&#x2F;0github.com&#x2F;manaflow-ai&#x2F;cmux&#x2F;pull&#x2F;666</a><p><a href="https:&#x2F;&#x2F;0github.com&#x2F;stack-auth&#x2F;stack-auth&#x2F;pull&#x2F;988" rel="nofollow">https:&#x2F;&#x2F;0github.com&#x2F;stack-auth&#x2F;stack-auth&#x2F;pull&#x2F;988</a><p><a href="https:&#x2F;&#x2F;0github.com&#x2F;tinygrad&#x2F;tinygrad&#x2F;pull&#x2F;12995" rel="nofollow">https:&#x2F;&#x2F;0github.com&#x2F;tinygrad&#x2F;tinygrad&#x2F;pull&#x2F;12995</a><p><a href="https:&#x2F;&#x2F;0github.com&#x2F;simonw&#x2F;datasette&#x2F;pull&#x2F;2548" rel="nofollow">https:&#x2F;&#x2F;0github.com&#x2F;simonw&#x2F;datasette&#x2F;pull&#x2F;2548</a><p>Notice how all the example links have a 0 prepended before github.com. This navigates you to our custom diff viewer where we handle the same URL path parameters as github.com. Darker yellows indicate that an area might require more investigation. Hover on the highlights to see the LLM&#x27;s explanation. There&#x27;s also a slider on the top left to adjust the &quot;should review&quot; threshold.<p>Repo (MIT license): <a href="https:&#x2F;&#x2F;github.com&#x2F;manaflow-ai&#x2F;cmux" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;manaflow-ai&#x2F;cmux</a>

[Other] NPM flooded with malicious packages downloaded more than 86k times

[Other] Independently verifying Go's reproducible builds

[Database] Show HN: SQLite Graph Ext – Graph database with Cypher queries (alpha) I&#x27;ve been working on adding graph database capabilities to SQLite with support for the Cypher query language. As of this week, both CREATE and MATCH operations work with full relationship support.<p>Here&#x27;s what it looks like:<p><pre><code> import sqlite3 conn = sqlite3.connect(&quot;:memory:&quot;) conn.load_extension(&quot;.&#x2F;libgraph.so&quot;) conn.execute(&quot;CREATE VIRTUAL TABLE graph USING graph()&quot;) # Create a social network conn.execute(&quot;&quot;&quot;SELECT cypher_execute(&#x27; CREATE (alice:Person {name: &quot;Alice&quot;, age: 30}), (bob:Person {name: &quot;Bob&quot;, age: 25}), (alice)-[:KNOWS {since: 2020}]-&gt;(bob) &#x27;)&quot;&quot;&quot;) # Query the graph with relationship patterns conn.execute(&quot;&quot;&quot;SELECT cypher_execute(&#x27; MATCH (a:Person)-[r:KNOWS]-&gt;(b:Person) WHERE a.age &gt; 25 RETURN a, r, b &#x27;)&quot;&quot;&quot;) </code></pre> The interesting part was building the complete execution pipeline - lexer, parser, logical planner, physical planner, and an iterator-based executor using the Volcano model. All in C99 with no dependencies beyond SQLite.<p>What works now: - Full CREATE: nodes, relationships, properties, chained patterns (70&#x2F;70 openCypher TCK tests) - MATCH with relationship patterns: (a)-[r:TYPE]-&gt;(b) with label and type filtering - WHERE clause: property comparisons on nodes (=, &gt;, &lt;, &gt;=, &lt;=, &lt;&gt;) - RETURN: basic projection with JSON serialization - Virtual table integration for mixing SQL and Cypher<p>Performance: - 340K nodes&#x2F;sec inserts (consistent to 1M nodes) - 390K edges&#x2F;sec for relationships - 180K nodes&#x2F;sec scans with WHERE filtering<p>Current limitations (alpha): - Only forward relationships (no `&lt;-[r]-` or bidirectional `-[r]-`) - No relationship property filtering in WHERE (e.g., `WHERE r.weight &gt; 5`) - No variable-length paths yet (e.g., `[r*1..3]`) - No aggregations, ORDER BY, property projection in RETURN - Must use double quotes for strings: {name: &quot;Alice&quot;} not {name: &#x27;Alice&#x27;}<p>This is alpha - API may change. But core graph query patterns work! The execution pipeline handles CREATE&#x2F;MATCH&#x2F;WHERE&#x2F;RETURN end-to-end.<p>Next up: bidirectional relationships, property projection, aggregations. Roadmap targets full Cypher support by Q1 2026.<p>Built as part of Agentflare AI, but it&#x27;s standalone and MIT licensed. Would love feedback on what to prioritize.<p>GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;agentflare-ai&#x2F;sqlite-graph" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;agentflare-ai&#x2F;sqlite-graph</a><p>Happy to answer questions about the implementation!

[Other] Encoding x86 Instructions

[Other] Show HN: GPU-Based Autorouting for KiCad This project began when I decided it would be easier to write an autorouter than route a 8000+ net backplane by hand.<p>This is a KiCad plugin with a few different algorithms, the coolest of which is a &#x27;Manhattan routing grid&#x27; autorouter that routes along orthogonal traces. The basic idea was to steal an algorithm from FPGA routing and apply it to PCBs. I&#x27;m using CuPy for speeding up the routing; CPU-bound is at least 10x slower than the GPU version.<p>This is in a very pre-alpha state, but it does _technically_ work. It&#x27;s not great by any measure but then again it is an autorouter.<p>I have a writeup with the how and why it was made: <a href="https:&#x2F;&#x2F;bbenchoff.github.io&#x2F;pages&#x2F;OrthoRoute.html" rel="nofollow">https:&#x2F;&#x2F;bbenchoff.github.io&#x2F;pages&#x2F;OrthoRoute.html</a><p>And a video showing it route a 512-net backplane in just over 2 minutes: <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=KXxxNQPTagA" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=KXxxNQPTagA</a><p>This is very cool and one of the first good uses of the KiCad IPC API that was released a few months ago. If this sounds interesting and useful, PRs and issues welcome.

[Other] Show HN: Oblivious HTTP for Go I couldn&#x27;t find a suitable go implementation for Oblivious HTTP Client &amp; Gateway (RFC 9458). So, I&#x27;m open sourcing ours.<p>Some background: OHTTP is a protocol that hides who you are from the data you send - if you&#x27;ve ever used products of Apple, Mozilla, Fastly, or Cloudflare (to name a few) you probably used OHTTP.<p>Key Features:<p>- implemented as http.RoundTripper<p>- supports chunked transfer encoding<p>- customizable HPKE (e.g., for custom hardware-based encryption)<p>- built on top of twoway and bhttp libraries<p>Repo: <a href="https:&#x2F;&#x2F;github.com&#x2F;confidentsecurity&#x2F;ohttp" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;confidentsecurity&#x2F;ohttp</a><p>Detail: <a href="https:&#x2F;&#x2F;blog.confident.security&#x2F;ohttp&#x2F;" rel="nofollow">https:&#x2F;&#x2F;blog.confident.security&#x2F;ohttp&#x2F;</a><p>Explainer: <a href="https:&#x2F;&#x2F;support.mozilla.org&#x2F;en-US&#x2F;kb&#x2F;ohttp-explained" rel="nofollow">https:&#x2F;&#x2F;support.mozilla.org&#x2F;en-US&#x2F;kb&#x2F;ohttp-explained</a><p>Specs: <a href="https:&#x2F;&#x2F;datatracker.ietf.org&#x2F;doc&#x2F;rfc9458&#x2F;" rel="nofollow">https:&#x2F;&#x2F;datatracker.ietf.org&#x2F;doc&#x2F;rfc9458&#x2F;</a> , <a href="https:&#x2F;&#x2F;datatracker.ietf.org&#x2F;doc&#x2F;draft-ietf-ohai-chunked-ohttp&#x2F;" rel="nofollow">https:&#x2F;&#x2F;datatracker.ietf.org&#x2F;doc&#x2F;draft-ietf-ohai-chunked-oht...</a><p>Feedback welcome!

[Other] SpiderMonkey Garbage Collector

[Other] Show HN: Front End Fuzzy and Substring and Prefix Search Hey everyone, I have updated my fuzzy search library for the frontend. It now supports substring and prefix search, on top of fuzzy matching. It&#x27;s fast, accurate, multilingual and has zero dependencies.<p>GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;m31coding&#x2F;fuzzy-search" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;m31coding&#x2F;fuzzy-search</a> Live demo: <a href="https:&#x2F;&#x2F;www.m31coding.com&#x2F;fuzzy-search-demo.html" rel="nofollow">https:&#x2F;&#x2F;www.m31coding.com&#x2F;fuzzy-search-demo.html</a><p>I would love to hear your feedback and any suggestions you may have for improving the library.<p>Happy coding!

[Other] Show HN: HortusFox – FOSS system for houseplants with enterprise-scale features HortusFox is a free and open-source management, tracking and journaling system for indoor and outdoor plants. It&#x27;s 100% FOSS software under the MIT license, but still has grown to a scale that can be considered enterprise-scale.<p>That was possible because of the great community that evolved around this leafy project, that kept me motivated as well as supported me in a very kind and lovely way.<p>After a few months of no new version release, a few days ago I&#x27;ve published v5.3 of HortusFox, which provides some cool changes to help empower your plant parenting. You can see a very detailed changelog in the 5.3 release page on GitHub. Overall 25 issues have been resolved, where some of them were actually quite big.<p>If you&#x27;re new to HortusFox: the system offers you a large number of features to support your plant parenting (or gardening) journey with plant details, locations, photos, default and custom plant attributes, inventory system, tasks system, calendar, history (to keep a memory of your leafy friends), collaborative group chat and a few opt-in features such as weather forecast or plant identification (via photo). It also offers an extensive REST API, backup feature and themes (if you want your workspace a little more personal).<p>I have to say, for me it&#x27;s the perfect blend of two things: The passion for software development as well as the fondness for nature. I&#x27;m really grateful for that.<p>Thanks for reading and have a wonderful and leafy day.

[Other] Database backups, dump files and restic

[Database] SwirlDB: Modular-first, CRDT-based embedded database

[Other] Show HN: Butter – A Behavior Cache for LLMs Hi HN! I&#x27;m Erik. We built Butter, an LLM proxy that makes agent systems deterministic by caching and replaying responses, so automations behave consistently across runs.<p>- It’s a chat completions compatible endpoint, making it easy to drop into existing agents with a custom base_url<p>- The cache is template-aware, meaning lookups can treat dynamic content (names, addresses, etc.) as variables<p>You can see it in action in this demo where it memorizes tic-tac-toe games: <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=PWbyeZwPjuY" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=PWbyeZwPjuY</a><p>Why we built this: before Butter, we were Pig.dev (YC W25), where we built computer-use agents to automate legacy Windows applications. The goal was to replace RPA. But in practice, these agents were slow, expensive, and unpredictable - a major downgrade from deterministic RPA, and unacceptable in the worlds of healthcare, lending, and government. We realized users don&#x27;t want to replace RPA with AI, they just want AI to handle the edge cases.<p>We set out to build a system for &quot;muscle memory&quot; for AI automations (general purpose, not just computer-use), where agent trajectories get baked into reusable code. You may recall our first iteration of this in May, a library called Muscle Mem: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=43988381">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=43988381</a><p>Today we&#x27;re relaunching it as a chat completions proxy. It emulates scripted automations by storing observed message histories in a tree structure, where each fork in the tree represents some conditional branch in the workflow&#x27;s &quot;code&quot;. We replay behaviors by walking the agent down the tree, falling back to AI to add new branches if the next step is not yet known.<p>The proxy is live and free to use while we work through making the template-aware engine more flexible and accurate. Please try it out and share how it went, where it breaks, and if it’s helpful.

[Other] Show HN: Tamagotchi P1 for FPGAs After being thrust headfirst into FPGA development thanks to the Analogue Pocket, my first from scratch creation was a gate level implementation of the original Tamagotchi toy.<p>The core, running on both the Analogue Pocket and MiSTer platforms, lets users re-experience the very first Tamagotchi from 1996 with accurate emulation, but modern features. The core has savestates (which is much harder to do in hardware vs software emulation), high turbo speeds (1,800x was the max clock speed I&#x27;ve reached so far), and more.<p>Learning more about hardware and FPGAs is something I&#x27;ve wanted to do for many years, and I highly recommend it for any programmer-brained person. It&#x27;s a very slightly different way of thinking that has vast consequences on how you look at simple problems.

[API/SDK] Show HN: OpenAI Apps Handbook I went swimming in the ocean of OpenAI&#x27;s Apps SDK… and came back with a handbook!<p>Over the past few weeks, I’ve been diving deep into the ChatGPT App SDK: exploring its APIs, tools, and hidden gems. Along the way, I built, broke, fixed, and reimagined a bunch of little experiments.<p>P.S: Indeed OAIs official docs is the source of truth, this is just a rough notebook<p>Maybe, I can create a CLI tool to scaffold app?

[Other] Show HN: Apache Fory Rust – 10-20x faster serialization than JSON/Protobuf Serialization framework with some interesting numbers: 10-20x faster on nested objects than json&#x2F;protobuf.<p><pre><code> Technical approach: compile-time codegen (no reflection), compact binary protocol with meta-packing, little-endian layout optimized for modern CPUs. Unique features that other fast serializers don&#x27;t have: - Cross-language without IDL files (Rust ↔ Python&#x2F;Java&#x2F;Go) - Trait object serialization (Box&lt;dyn Trait&gt;) - Automatic circular reference handling - Schema evolution without coordination Happy to discuss design trade-offs. Benchmarks: https:&#x2F;&#x2F;fory.apache.org&#x2F;docs&#x2F;benchmarks&#x2F;rust</code></pre>

[Package Manager] Show HN: CoordConversions NPM Module for Map Coordinate Conversions I have been working on a project that has multiple repos, all of which have to convert between multiple map coordinate types, so I made an NPM module that allows you to parse and convert between Decimal Degrees, Degrees-Minutes, and Degrees-Minutes-Seconds coordinate types. Niche? Yes. Useful? Also yes (I hope)!

[Other] Show HN: I made semantic search engine for engineering blogs and conferences