🛠️ Hacker News Tools

[Code Quality] Show HN: I wrote a minimal memory allocator in C A fun toy memory allocator (not thread safe, that's a future TODO). I also wanted to explain how I approached it, so I also wrote a tutorial blog post (~20 minute read) covering the code which you can find the link to in the README.

[Package Manager] Show HN: Safe-NPM – only install packages that are +90 days old This past quarter has been awash with sophisticated npm supply chain attacks like [Shai-Hulud](<a href="https:&#x2F;&#x2F;www.cisa.gov&#x2F;news-events&#x2F;alerts&#x2F;2025&#x2F;09&#x2F;23&#x2F;widespread-supply-chain-compromise-impacting-npm-ecosystem" rel="nofollow">https:&#x2F;&#x2F;www.cisa.gov&#x2F;news-events&#x2F;alerts&#x2F;2025&#x2F;09&#x2F;23&#x2F;widesprea...</a>() and the [Chalk&#x2F;debug Compromise](<a href="https:&#x2F;&#x2F;www.wiz.io&#x2F;blog&#x2F;widespread-npm-supply-chain-attack-breaking-down-impact-scope-across-debug-chalk" rel="nofollow">https:&#x2F;&#x2F;www.wiz.io&#x2F;blog&#x2F;widespread-npm-supply-chain-attack-b...</a>). This CLI helps protect users from recently compromised packages by only downloading packages that have been public for a while (default is 90 days or older).<p>Install: npm install -g @dendronhq&#x2F;safe-npm Usage: safe-npm install react@^18 lodash<p>How it works: - Queries npm registry for all versions matching your semver range - Filters out anything published in the last 90 days - Installs the newest &quot;aged&quot; version<p>Limitations: - Won&#x27;t protect against packages malicious from day one - Doesn&#x27;t control transitive dependencies (yet - looking into overrides) - Delays access to legitimate new features<p>This is meant as a 80&#x2F;20 measure against recently compromised NPM packages and is not a silver bullet. Please give it a try and let me know if you have feedback.

[Other] Show HN: I just fixed .env once and for all – better-env .env files have always felt archaic, insecure, clunky and honestly just not fun to work with. I see my friends (and myself) accidentally committing them all the time. Managing secrets across projects becomes a mess of copy-pasting keys into scattered env files with no real way to sync anything.<p>So I built better-env: a secure, developer-friendly alternative to .env.<p>Store your secrets once in a global encrypted store, and load them per-project at runtime.<p>I’d love feedback on whether this feels useful beyond solo devs, and what you’d want for teams or CI setups.<p>Fully open source: <a href="https:&#x2F;&#x2F;github.com&#x2F;HarishChandran3304&#x2F;better-env" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;HarishChandran3304&#x2F;better-env</a>

[Other] Show HN: Built a tool solve the nightmare of chunking tables in PDF vs. Markdown Hey HN, solo dev here. After years of frustration with how LLMs handle complex documents, especially PDFs with tables, I decided to build a solution myself. My approach uses a Markdown conversion step to preserve the table structure, which seems to work surprisingly well for chunking. This little parser is the first public piece of a much larger, privacy-focused AI platform I&#x27;m building. I&#x27;m pretty much running on fumes financially, so any feedback, critique, or support is massively appreciated. Happy to answer any questions about the approach!

[Other] Show HN: An OKLCH-based perceptually uniform color system/theme builder I&#x27;ve been using a version of this internally for a few months but decided to polish it a little to finally deploy it.<p>It&#x27;s a color system generator that creates accessible, perceptually uniform color palettes using the OKLCH space. It takes one seed (primary) color, generates relative key colors from multiple color harmony schemes (analogous, complementary, etc) that are then used to create 26-step color ramps each. Shades from the ramps are then used to generate semantic color roles, or can be used for creating custom palettes.<p>All colors are gamut-mapped to the sRGB gamut with chroma reduction, essentially preserving lightness and hue values while finding the maximum in-gamut chroma for each step.<p>There are obvious similarities to Material Design Themes, mostly because I&#x27;m visually pretty comfortable with it. Plus, I started this project back when some of the colors generated by Material could be a little dull and I wanted to learn&#x2F;build something like this from the ground up.<p>There are a couple of improvements I would like to make to this in the near future. The first one is a dynamic chroma curve (the chroma falloffs for the ramps are on a bell curve). At the moment, the chroma curve peaks at L ~0.55 for all hue ranges, which works good enough but isn&#x27;t ideal for a few reasons. The second one would be adding seed color extraction from images. And maybe a built-in contrast checker.<p>If you find the tool helpful and&#x2F;or have any feedback or suggestions, let me know.

[IDE/Editor] Editing Code in Emacs

[Other] Tosijs-schema is a super lightweight schema-first LLM-native JSON schema library

[Other] Show HN: better-env – A Secure, Developer-Friendly Alternative to .env I’ve always hated how archaic .env files feel. Plaintext, easy to leak, and once they hit git history… you’re cooked. After accidentally committing secrets a few too many times, I finally asked myself: why don&#x27;t we encrypt secrets just like passwords?<p>So I built better-env: a local, encrypted way to manage secrets without exposing plaintext all over your machine. One place for secrets, nothing sensitive in git, your secrets get directly loaded at runtime, project-wise.<p>It’s early, local-first, and still rough around the edges, but it already removed a whole category of stress from my workflow. I’d love feedback on whether this feels useful beyond solo devs, and what you’d want for team&#x2F;CI setups.<p>It&#x27;s open source too! (<a href="https:&#x2F;&#x2F;github.com&#x2F;HarishChandran3304&#x2F;better-env" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;HarishChandran3304&#x2F;better-env</a>)

[Other] Show HN: Build the habit of writing meaningful commit messages Too often I find myself being lazy with commit messages. But I don&#x27;t want AI to write them for me... only i truly know why i wrote the code i did.<p>So why don&#x27;t i get AI to help me get that into words from my head?<p>That&#x27;s what i built: smartcommit asks you questions about your changes, then helps you articulate what you already know into a proper commit message. Captures the what, how, and why.<p>Built this after repeatedly being confused 6 months in a project as to why i made the change i had made...<p>Would love feedback!

[Other] Show HN: I turned algae into a bio-altimeter and put it on a weather balloon Hi HN - My name is Andrew, and I&#x27;m a high school student.<p>This is a write-up on StratoSpore, a payload I designed and launched to the stratosphere. The goal was to test if we could estimate physical altitude based on algae fluorescence (using a lightweight ML model trained on the sensor data).<p>The blog post covers the full engineering mess&#x2F;process, including:<p>- The Hardware: Designing PCBs for the AS7263 spectral sensor and Pi Zero 2 W.<p>-The biological altimeter: How I tried to correlate biological stress (fluorescence) with altitude.<p>- The Communications: A custom lossy compression algorithm I wrote to smash 1080p images down to 18x10 pixels so I could transmit them over LoRA (915 Mhz) in semi-real-time.<p>The payload is currently lost in a forest, but the telemetry data survived. The code and hardware designs are open source on GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;radeeyate&#x2F;stratospore" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;radeeyate&#x2F;stratospore</a><p>I&#x27;m happy to answer technical questions about the payload, software, or anything else you are curious about! Critique also appreciated!

[Other] Building the largest known Kubernetes cluster

[CLI Tool] Show HN: Transcribe Your Voice in Terminal Locally Use hns, a speech-to-text CLI tool to transcribe your voice from your microphone directly to clipboard. Integrate hns with Claude Code, Ollama, LLM, and more CLI tools for powerful workflows.<p>hns transcribes your voice 100% locally using faster-whisper. The whisper model is downloaded automatically on first run and after that, hns can be used completely offline. After transcription, the text is displayed in the terminal (written to stdout) as well as automatically copied to your clipboard, ready to be pasted anywhere with Ctrl+V or Cmd+V.<p>GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;primaprashant&#x2F;hns&#x2F;" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;primaprashant&#x2F;hns&#x2F;</a>

[Other] Show HN: OCR Arena – A playground for OCR models I built OCR Arena as a free playground for the community to compare leading foundation VLMs and open-source OCR models side-by-side.<p>Upload any doc, measure accuracy, and (optionally) vote for the models on a public leaderboard.<p>It currently has Gemini 3, dots.ocr, DeepSeek, GPT5, olmOCR 2, Qwen, and a few others. If there&#x27;s any others you&#x27;d like included, let me know!

[Other] Show HN: Wealthfolio 2.0- Open source investment tracker. Now Mobile and Docker Hi HN, creator of Wealthfolio here.<p>A year ago, I posted the first version. Since then, the app has matured significantly with two major updates:<p>1. Multi-platform Support: Now available on Mobile (iOS), Desktop (macOS, Windows, Linux), and as a Self-hosted Docker image. (Android coming soon).<p>2. Addons System: We added explicit support for extensions so you can hack around, vibe code your own integrations, and customize the app to fit your needs.<p>The core philosophy remains the same: Always private, transparent, and open source.

[Other] Building a Minimal Viable Armv7 Emulator from Scratch

[Other] Autocomp: An ADRS Framework for Optimizing Tensor Accelerator Code Paper: <a href="https:&#x2F;&#x2F;arxiv.org&#x2F;abs&#x2F;2505.18574" rel="nofollow">https:&#x2F;&#x2F;arxiv.org&#x2F;abs&#x2F;2505.18574</a>

[API/SDK] Show HN: Docuglean – Extract Structured Data from PDFs/Images Using AI Hi HN! I built Docuglean, an open-source SDK for intelligent document processing that works with OpenAI, Mistral, Google Gemini, and Hugging Face models.<p>The idea came from repeatedly writing boilerplate code to extract structured data from invoices, receipts, and other documents. Instead of wrestling with different API formats, I wanted a unified interface that:<p>- Extracts structured data using Zod&#x2F;Pydantic schemas - Classifies and splits multi-section documents (e.g., medical records) - Processes documents in batches with automatic error handling - Works locally without APIs (for PDFs, DOCX, XLSX, etc.)<p>Key features: - Available for both TypeScript and Python - Batch processing with concurrent requests - Document classification (splits 100+ page docs by category) - Local parsers (no API needed for basic extraction) - Apache 2.0 licensed<p>Currently supports OpenAI, Mistral, Gemini, and Hugging Face. Planning to add Together AI, Anthropic, and more.<p>Would love feedback on the API design and what features would be most useful

[DevOps] Run Docker containers natively in Proxmox 9.1 (OCI images)

[Other] Show HN: GitPulse – AI-powered tool to discover open source projects I built GitPulse to solve a problem I had: finding beginner-friendly repos.<p>Features: • 200+ curated “good first issues” • AI-powered difficulty predictor • Smart repo matching • Contributor analytics • Repo health score<p>Live: <a href="https:&#x2F;&#x2F;git-pulsee.vercel.app" rel="nofollow">https:&#x2F;&#x2F;git-pulsee.vercel.app</a>

[Testing] Show HN: Supabase-Test – Fast Isolated Postgres DBs for Testing Supabase RLS Hi HN — we&#x27;ve built a testing framework for Supabase that spins up fast, isolated Postgres databases for each test case. It’s designed to make RLS policies easy to validate with real database state, without global test fixtures or mock auth.<p>Features: - Instant isolated Postgres DBs per test - Automatic rollback after each test - RLS-native testing with `.setContext()` for auth simulation - Flexible seeding (SQL, CSV, JSON, JS) - Works with Jest, Mocha, and any async test runner - CI-friendly (runs cleanly in GitHub Actions)<p>We also published example projects and a free set of tutorials: <a href="https:&#x2F;&#x2F;launchql.com&#x2F;learn&#x2F;supabase" rel="nofollow">https:&#x2F;&#x2F;launchql.com&#x2F;learn&#x2F;supabase</a><p>Package: <a href="https:&#x2F;&#x2F;www.npmjs.com&#x2F;package&#x2F;supabase-test" rel="nofollow">https:&#x2F;&#x2F;www.npmjs.com&#x2F;package&#x2F;supabase-test</a><p>Source + full test suite: <a href="https:&#x2F;&#x2F;github.com&#x2F;launchql&#x2F;supabase-test-suite" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;launchql&#x2F;supabase-test-suite</a><p>Happy to answer questions and get feedback, cheers :)