🛠️ Hacker News Tools

[Package Manager] Reproducible and traceable configuration for Conan C and C++ package manager

[API/SDK] Show HN: Trust Protocols for Anthropic/OpenAI/Gemini Much of my work right now involves complex, long-running, multi-agentic teams of agents. I kept running into the same problem: “How do I keep these guys in line?” Rules weren’t cutting it, and we needed a scalable, agentic-native STANDARD I could count on. There wasn’t one. So I built one.<p>Here are two open-source protocols that extend A2A, granting AI agents behavioral contracts and runtime integrity monitoring:<p>- Agent Alignment Protocol (AAP): What an agent can do &#x2F; has done. - Agent Integrity Protocol (AIP): What an agent is thinking about doing &#x2F; is allowed to do.<p>The problem: AI agents make autonomous decisions but have no standard way to declare what they&#x27;re allowed to do, prove they&#x27;re doing it, or detect when they&#x27;ve drifted. Observability tools tell you what happened. These protocols tell you whether what happened was okay.<p>Here&#x27;s a concrete example. Say you have an agent who handles customer support tickets. Its Alignment Card declares:<p>{ &quot;permitted&quot;: [&quot;read_tickets&quot;, &quot;draft_responses&quot;, &quot;escalate_to_human&quot;], &quot;forbidden&quot;: [&quot;access_payment_data&quot;, &quot;issue_refunds&quot;, &quot;modify_account_settings&quot;], &quot;escalation_triggers&quot;: [&quot;billing_request_over_500&quot;], &quot;values&quot;: [&quot;accuracy&quot;, &quot;empathy&quot;, &quot;privacy&quot;] }<p>The agent gets a ticket: &quot;Can you refund my last three orders?&quot; The agent&#x27;s reasoning trace shows it considering a call to the payments API. AIP reads that thinking, compares it to the card, and produces an Integrity Checkpoint:<p>{ &quot;verdict&quot;: &quot;boundary_violation&quot;, &quot;concerns&quot;: [&quot;forbidden_action: access_payment_data&quot;], &quot;reasoning&quot;: &quot;Agent considered payments API access, which is explicitly forbidden. Should escalate to human.&quot;, &quot;confidence&quot;: 0.95 }<p>The agent gets nudged back before it acts. Not after. Not in a log you review during a 2:00 AM triage. Between this turn and the next.<p>That&#x27;s the core idea. AAP defines what agents should do (the contract). AIP watches what they&#x27;re actually thinking and flags when those diverge (the conscience). Over time, AIP builds a drift profile — if an agent that was cautious starts getting aggressive, the system notices.<p>When multiple agents work together, it gets more interesting. Agents exchange Alignment Cards and verify value compatibility before coordination begins. An agent that values &quot;move fast&quot; and one that values &quot;rollback safety&quot; registers low coherence, and the system surfaces that conflict before work starts. Live demo with four agents handling a production incident: <a href="https:&#x2F;&#x2F;mnemom.ai&#x2F;showcase" rel="nofollow">https:&#x2F;&#x2F;mnemom.ai&#x2F;showcase</a><p>The protocols are Apache-licensed, work with any Anthropic&#x2F;OpenAI&#x2F;Gemini agent, and ship as SDKs on npm and PyPI. A free gateway proxy (smoltbot) adds integrity checking to any agent with zero code changes.<p>GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;mnemom" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;mnemom</a> Docs: docs.mnemom.ai Demo video: <a href="https:&#x2F;&#x2F;youtu.be&#x2F;fmUxVZH09So" rel="nofollow">https:&#x2F;&#x2F;youtu.be&#x2F;fmUxVZH09So</a>

[IDE/Editor] Show HN: VectorNest responsive web-based SVG editor I’ve just released VectorNest — an open-source, browser-based SVG editor.<p>If you have an SVG and need quick edits (paths, alignment, small fixes, animations, LLM assistance) without installing software, this is for you.<p>Try the demo: <a href="https:&#x2F;&#x2F;ekrsulov.github.io&#x2F;vectornest&#x2F;" rel="nofollow">https:&#x2F;&#x2F;ekrsulov.github.io&#x2F;vectornest&#x2F;</a> GitHub repo: <a href="https:&#x2F;&#x2F;github.com&#x2F;ekrsulov&#x2F;vectornest" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;ekrsulov&#x2F;vectornest</a><p>Feedback, issues and contributions are welcome.

[DevOps] Show HN: I built a fuse box for microservices Hey HN! I&#x27;m Rodrigo, I run distributed systems across a few countries. I built Openfuse because of something that kept bugging me about how we all do circuit breakers.<p>If you&#x27;re running 20 instances of a service and Stripe starts returning 500s, each instance discovers that independently. Instance 1 trips its breaker after 5 failures. Instance 14 just got recycled and hasn&#x27;t seen any yet. Instance 7 is in half-open, probing a service you already know is dead. For some window of time, part of your fleet is protecting itself and part of it is still hammering a dead dependency and timing out, and all you can do is watch.<p>Libraries can&#x27;t fix this. Opossum, Resilience4j, Polly are great at the pattern, but they make per-instance decisions with per-instance state. Your circuit breakers don&#x27;t talk to each other.<p>Openfuse is a centralized control plane. It aggregates failure metrics from every instance in your fleet and makes the trip decision based on the full picture. When the breaker opens, every instance knows at the same time.<p>It&#x27;s a few lines of code:<p><pre><code> const result = await openfuse.breaker(&#x27;stripe&#x27;).protect( () =&gt; chargeCustomer(payload) ); </code></pre> The SDK is open source, anyone can see exactly what runs inside their services.<p>The other thing I couldn&#x27;t let go of: when you get paged at 3am, you shouldn&#x27;t have to find logs across 15 services to figure out what&#x27;s broken. Openfuse gives you one dashboard showing every breaker state across your fleet: what&#x27;s healthy, what&#x27;s degraded, what tripped and when. And, you shouldn&#x27;t need a deploy to act. You can open a breaker from the dashboard and every instance stops calling that dependency immediately. Planned maintenance window at 3am? Open beforehand. Fix confirmed? Close it instantly. Thresholds need adjusting? Change them in the dashboard, takes effect across your fleet in seconds. No PRs, no CI, no config files.<p>It has a decent free tier for trying it out, then $99&#x2F;mo for most teams, $399&#x2F;mo with higher throughput and some enterprise features. Solo founder, early stage, being upfront.<p>Would love to hear from people who&#x27;ve fought cascading failures in production. What am I missing?

[Other] Show HN: Beautiful interactive explainers generated with Claude Code Hello HN,<p>Recently an amazingly beautiful explainer was shared on HN: <a href="https:&#x2F;&#x2F;explainers.blog&#x2F;posts&#x2F;why-is-the-sky-blue&#x2F;" rel="nofollow">https:&#x2F;&#x2F;explainers.blog&#x2F;posts&#x2F;why-is-the-sky-blue&#x2F;</a><p>I loved it so much that I wished more topics were explained that way. So, I decided to stress-test today&#x27;s frontier models (Opus 4.6 in Claude Code) to generate similar explainer on any given topic WITH (almost) one shot and minimal nudging.<p>I&#x27;m launching with four topics: Fourier transformation, scaling laws in bio, cellular automata and LLMs.<p>I would let you be the judge, but I&#x27;m quite liking them.<p>Some things I learned:<p>- Prompting CC to test what it builds using headless chromium is essential - There are subtle bugs in explanations (like in one animation human lifespan is 40 years) - Asking CC to verify its plan via codex works really well<p>I do want to reiterate that the pages generated were mostly one-shot, which amazed me given how detailed the pages + animations are.

[Other] Terminals should generate the 256-color palette

[Database] Show HN: LaminarDB – Streaming SQL database in Rust, zero-alloc hot path

[Other] Lessons learned from `oapi-codegen`'s time in the GitHub Secure Open Source Fund

[Other] Show HN: Writing a C++20M:N Scheduler from Scratch (EBR, Work-Stealing) tiny_coro is a lightweight, educational M:N asynchronous runtime written from scratch using C++20 coroutines. It&#x27;s designed to strip away the complexity of industrial libraries (like Seastar or Folly) to show the core mechanics clearly.<p>Key Technical Features:<p>M:N Scheduling: Maps M coroutines to N kernel threads (Work-Stealing via Chase-Lev deque).<p>Memory Safety: Implements EBR (Epoch-Based Reclamation) to manage memory safely in lock-free structures without GC.<p>Visualizations: I used Manim (the engine behind 3Blue1Brown) to create animations showing exactly how tasks are stolen and executed.<p>Why I built it: To bridge the gap between &quot;using coroutines&quot; and &quot;understanding the runtime.&quot; The code is kept minimal (~1k LOC core) so it can be read in a weekend.

[Other] BarraCUDA Open-source CUDA compiler targeting AMD GPUs

[Database] Show HN: Pg-typesafe – Strongly typed queries for PostgreSQL and TypeScript Throughout my career, I tried many tools to query PostgreSQL, and in the end, concluded that for what I do, the simplest is almost always the best: raw SQL queries.<p>Until now, I typed the results manually and relied on tests to catch problems. While this is OK in e.g., GoLang, it is quite annoying in TypeScript. First, because of the more powerful type system (it&#x27;s easier to guess that updated_at is a date than it is to guess whether it&#x27;s nullable or not), second, because of idiosyncrasies (INT4s are deserialised as JS numbers, but INT8s are deserialised as strings).<p>So I wrote pg-typesafe, with the goal of it being the less burdensome: you call queries exactly the same way as you would call node-pg, and they are fully typed.<p>It&#x27;s very new, but I&#x27;m already using it in a large-ish project, where it found several bugs and footguns, and also allowed me to remove many manual type definitions.

[Code Quality] Show HN: Continue – Source-controlled AI checks, enforceable in CI We now write most of our code with agents. For a while, PRs piled up, causing review fatigue, and we had this sinking feeling that standards were slipping. Consistency is tough at this volume. I’m sharing the solution we found, which has become our main product.<p>Continue (<a href="https:&#x2F;&#x2F;docs.continue.dev">https:&#x2F;&#x2F;docs.continue.dev</a>) runs AI checks on every PR. Each check is a source-controlled markdown file in `.continue&#x2F;checks&#x2F;` that shows up as a GitHub status check. They run as full agents, not just reading the diff, but able to read&#x2F;write files, run bash commands, and use a browser. If it finds something, the check fails with one click to accept a diff. Otherwise, it passes silently.<p>Here’s one of ours:<p><pre><code> .continue&#x2F;checks&#x2F;metrics-integrity.md --- name: Metrics Integrity description: Detects changes that could inflate, deflate, or corrupt metrics (session counts, event accuracy, etc.) --- Review this PR for changes that could unintentionally distort metrics. These bugs are insidious because they corrupt dashboards without triggering errors or test failures. Check for: - &quot;Find or create&quot; patterns where the &quot;find&quot; is too narrow, causing entity duplication (e.g. querying only active sessions, missing completed ones, so every new commit creates a duplicate) - Event tracking calls inside loops or retry paths that fire multiple times per logical action - Refactors that accidentally remove or move tracking calls to a path that executes with different frequency Key files: anything containing `posthog.capture` or `trackEvent` </code></pre> This check passed without noise for weeks, but then caught a PR that would have silently deflated our session counts. We added it in the first place because we’d been burned in the past by bad data, only noticing when a dashboard looked off.<p>---<p>To get started, paste this into Claude Code or your coding agent of choice:<p><pre><code> Help me write checks for this codebase: https:&#x2F;&#x2F;continue.dev&#x2F;walkthrough </code></pre> It will:<p>- Explore the codebase and use the `gh` CLI to read past review comments<p>- Write checks to `.continue&#x2F;checks&#x2F;`<p>- Optionally, show you how to run them locally or in CI<p>Would love your feedback!

[Monitoring/Observability] Launch HN: Sonarly (YC W26) – AI agent to triage and fix your production alerts Hey HN, I am Dimittri and we’re building Sonarly (<a href="https:&#x2F;&#x2F;sonarly.com">https:&#x2F;&#x2F;sonarly.com</a>), an AI engineer for production. It connects to your observability tools like Sentry, Datadog, or user feedback channels, triages issues, and fixes them to cut your resolution time. Here&#x27;s a demo: <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=rr3VHv0eRdw" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=rr3VHv0eRdw</a>.<p>Sonarly is really about removing the noise from production alerts by grouping duplicates and returning a root cause analysis to save time to on-call engineers and literally cut your MTTR.<p>Before starting this company, my co-founder and I had a B2C app in edtech and had, some days, thousands of users using the app. We pushed several times a day, relying on user feedback. Then we set up Sentry, it was catching a lot of bugs, but we had up to 50 alerts a day. With 2 people it&#x27;s a lot. We took a lot of time filtering the noise to find the real signal so we knew which bug to focus on.<p>At the same time, we saw how important it is to fix a bug fast when it hits users. A bug means in the worst case a churn and at best a frustrated user. And there are always bugs in production, due to code errors, database mismatches, infrastructure overload, and many issues are linked to a specific user behavior. You can&#x27;t catch all these beforehand, even with E2E tests or AI code reviews (which catch a lot of bugs but obviously not all, plus it takes time to run at each deployment). This is even more true with vibe-coding (or agentic engineering).<p>We started Sonarly with this idea. More software than ever is being built and users should have the best experience possible on every product. The main idea of Sonarly is to reduce the MTTR (Mean Time To Repair).<p>We started by recreating a Sentry-like tool but without the noise, using only text and session replays as the interface. We built our own frontend tracker (based on open-source rrweb) and used the backend Sentry SDK (open source as well). Companies could just add another tracker in the frontend and add a DSN in their Sentry config to send data to us in addition to Sentry.<p>We wanted to build an interface where you don&#x27;t need to check logs, dashboards, traces, metrics, and code, as the agent would do it for you with plain English to explain the &quot;what,&quot; &quot;why,&quot; and &quot;how do I fix it.&quot;<p>We quickly realized companies don&#x27;t want to add a new tracker or change their monitoring stack, as these platforms do the job they&#x27;re supposed to do. So we decided to build above them. Now we connect to tools like Sentry, Datadog, Slack user feedback channels, and other integrations.<p>Claude Code is so good at writing code, but handling runtime issues requires more than just raw coding ability. It demands deep runtime context, immediate reactivity, and intelligent triage, you can’t simply pipe every alert directly into an agent. That’s why our first step is converting noise into signal. We group duplicates and filter false positives to isolate clear issues. Once we have a confirmed signal, we trigger Claude Code with the exact context it needs, like the specific Sentry issue and relevant logs fetched via MCP (mostly using grep on Datadog&#x2F;Grafana). However, things get exponentially harder with multi-repo and multi-service architectures.<p>So we built an internal map of the production system that is basically a .md file updated dynamically. It shows every link between different services, logs, and metrics so that Claude Code can understand the issue faster.<p>One of our users using Sentry was receiving ~180 alerts&#x2F;day. Here is what their workflow looked like:<p>- Receive the alert<p>- 1) Defocus from their current task or wake up, or 2) don&#x27;t look at the alert at all (most of the time)<p>- Go check dashboards to find the root cause (if infra type) or read the stack trace, events, etc.<p>- Try to figure out if it was a false positive or a real problem (or a known problem already in the fixes pipeline)<p>- Then fix by giving Claude Code the correct context<p>We started by cutting the noise and went from 180&#x2F;day to 50&#x2F;day (by grouping issues) and giving a severity based on the impact on the user&#x2F;infra. This brings it down to 5 issues to focus on in the current day. Triage happens in 3 steps: deduplicating before triggering a coding agent, gathering the root cause for each alert, and re-grouping by RCA.<p>We launched self-serve (<a href="https:&#x2F;&#x2F;sonarly.com">https:&#x2F;&#x2F;sonarly.com</a>) and we would love to have feedback from engineers. Especially curious about your current workflows when you receive an alert from any of these channels like Sentry (error tracking), Datadog (APM), or user feedback. How do you assign who should fix it? Where do you take your context from to fix the issue? Do you have any automated workflow to fix every bug, and do you have anything you use currently to filter the noise from alerts?<p>We have a large free tier as we mainly want feedback. You can self-serve under 2 min. I&#x27;ll be in the thread with my co-founder to answer your questions, give more technical details, and take your feedback: positive, negative, brutal, everything&#x27;s constructive!

[Other] Using go fix to modernize Go code

[Other] Show HN: I taught LLMs to play Magic: The Gathering against each other I&#x27;ve been teaching LLMs to play Magic: The Gathering recently, via MCP tools hooked up to the open-source XMage codebase. It&#x27;s still pretty buggy and I think there&#x27;s significant room for existing models to get better at it via tooling improvements, but it pretty much works today. The ratings for expensive frontier models are artificially low right now because I&#x27;ve been focusing on cheaper models until I work out the bugs, so they don&#x27;t have a lot of games in the system.

[IDE/Editor] SwiftForth IDE for Windows, Linux, macOS

[Monitoring/Observability] Show HN: Telescope now queries Kubernetes logs directly Telescope originally started as a ClickHouse-focused log viewer.<p>But while building it, I kept running into the same pattern: when everything worked, logs were in ClickHouse. When things broke, logs were still inside Kubernetes.<p>That gap led to adding Kubernetes as a native log source.<p>This is not meant to replace proper log aggregation. Centralized storage with indexing and retention policies is still the right approach for production.<p>But there are situations where aggregation doesn&#x27;t help: the logging pipeline is broken, logs are delayed, or you&#x27;re debugging locally and don&#x27;t have a pipeline at all.<p>In those cases, the logs are already in the pods. The usual fallback is kubectl logs (or stern), often across multiple terminals and namespaces. It works, but correlation becomes manual.<p>Telescope can now query logs directly from Kubernetes clusters via the Kubernetes API. It lets you query across multiple namespaces and clusters, filter by labels and fields, apply time ranges, normalize severity across different log formats, and visualize log volume over time.<p>It uses your existing kubeconfig, fetches logs in parallel (configurable concurrency), and uses time filters to limit data transfer from Kubernetes APIs.<p>No agents. No CRDs. No cluster changes.<p>Current limitations: no streaming &#x2F; follow mode yet.<p>Curious if others have run into the same &quot;pipeline gap&quot; problem - when logs aren&#x27;t in your backend yet, but you still need structured access to them.<p>GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;iamtelescope&#x2F;telescope" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;iamtelescope&#x2F;telescope</a><p>Changelog: <a href="https:&#x2F;&#x2F;docs.iamtelescope.net&#x2F;changelog" rel="nofollow">https:&#x2F;&#x2F;docs.iamtelescope.net&#x2F;changelog</a>

[Code Quality] Fff.nvim – Typo-resistant code search The new release of fff.nvim showed out the new compatiblity for the code search both for human and agents - typo resistant and usable code search for real codebases<p>It can match query &quot;shcema&quot; <i>only</i> to &quot;schema&quot; and &quot;SortedMap&quot; only to &quot;SortedArrayMap&quot; and &quot;SortedHashMap&quot; without bloating the results

[Other] Show HN: Breadboard – A modern HyperCard for building web apps on the canvas Hey HN! I’m Simone. We re-built Breadboard, a visual app builder that mixes Figma-style UI design with Shortcuts-style logic so you can build, preview, and publish interactive web apps directly from the canvas.<p>What it does<p><pre><code> Design UIs visually with a flexible canvas –like Figma–. Define app logic with a visual, instruction-stacked editor inspired by Shortcuts. Live preview apps directly on the canvas –no separate preview window–. Publish working web apps with one click. </code></pre> Why we made it<p><pre><code> Modernize the HyperCard idea: combine layout, behavior, and instant sharing in one place. Reduce friction between design and a working app. Make simple web apps approachable for non-developers while keeping power features for developers. Build a foundation for LLM integration so users can design and develop with AI while still understanding what’s happening, even without coding experience –in progress!–. </code></pre> Try it –no signup required–<p>Weather forecast app: <a href="https:&#x2F;&#x2F;app.breadboards.io&#x2F;playgrounds&#x2F;weather" rel="nofollow">https:&#x2F;&#x2F;app.breadboards.io&#x2F;playgrounds&#x2F;weather</a><p>Swiss Public Transit: <a href="https:&#x2F;&#x2F;app.breadboards.io&#x2F;playgrounds&#x2F;public_transit" rel="nofollow">https:&#x2F;&#x2F;app.breadboards.io&#x2F;playgrounds&#x2F;public_transit</a><p>info: <a href="https:&#x2F;&#x2F;breadboards.io" rel="nofollow">https:&#x2F;&#x2F;breadboards.io</a><p>I would appreciate any feedback :)

[Other] Show HN: Simple org-mode web adapter I like to use org files a lot, but I wanted some way to browse and edit them on my phone when I&#x27;m out. Yesterday I used Codex to make this simple one-file web server that just displays all my org files with backlinks. It doesn&#x27;t have any authentication because I only run it on my wireguard VPN. I&#x27;ve been having fun with it, hopefully it&#x27;s useful to someone else!