🛠️ All DevTools

[Other] We Are Changing Our Developer Productivity Experiment Design

[Other] 🕷️ An adaptive Web Scraping framework that handles everything from a single request to a full-scale crawl!

[Other] Show HN: Hacker Smacker – Spot great (and terrible) HN commenters at a glance Hacker Smacker adds friend&#x2F;foe functionality to Hacker News. Three little orbs appear next to every commenter&#x27;s name. Click to friend or foe a commenter and you&#x27;ll more easily spot them on future threads. Makes it easy to scroll and spot the commenters you love to read (and hate to read).<p>Main website: <a href="https:&#x2F;&#x2F;hackersmacker.org" rel="nofollow">https:&#x2F;&#x2F;hackersmacker.org</a><p>Chrome&#x2F;Edge extension: <a href="https:&#x2F;&#x2F;chromewebstore.google.com&#x2F;detail&#x2F;hacker-smacker&#x2F;lmcglejmapenkiabndkcnahfkmbohmhd" rel="nofollow">https:&#x2F;&#x2F;chromewebstore.google.com&#x2F;detail&#x2F;hacker-smacker&#x2F;lmcg...</a> Safari extension: <a href="https:&#x2F;&#x2F;apps.apple.com&#x2F;us&#x2F;app&#x2F;hacker-smacker&#x2F;id1480749725">https:&#x2F;&#x2F;apps.apple.com&#x2F;us&#x2F;app&#x2F;hacker-smacker&#x2F;id1480749725</a> Firefox extension: <a href="https:&#x2F;&#x2F;addons.mozilla.org&#x2F;en-US&#x2F;firefox&#x2F;addon&#x2F;hacker-smacker&#x2F;" rel="nofollow">https:&#x2F;&#x2F;addons.mozilla.org&#x2F;en-US&#x2F;firefox&#x2F;addon&#x2F;hacker-smacke...</a><p>The interesting part is friend-of-a-friend: if you friend someone who also uses Hacker Smacker, you&#x27;ll see their friends and foes highlighted too. This lets you quickly scan long comment threads and find the good stuff based on people you trust.<p>I built this to learn how FoaF relationships work with Redis sets, then brought the same technique to NewsBlur&#x27;s social layer. The backend is CoffeeScript&#x2F;Node.js&#x2F;Redis, and the extension works on Chrome, Edge, Firefox, and Safari.<p>Technically I wrote this back in 2011, but never built a proper auth system until now. So I&#x27;ve been using it for 15 years and it&#x27;s been great. PG once saw it on my laptop (back when he was still moderating HN, in 2012) and remarked that it was neat.<p>Thanks to Mihai Parparita for help with the Chrome extension sandboxing and Greg Brockman for helping design the authentication system.<p>Source is on GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;samuelclay&#x2F;hackersmacker" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;samuelclay&#x2F;hackersmacker</a><p>Directly inspired by Slashdot&#x27;s friend&#x2F;foe system, which I always wished HN had. Happy to answer questions!

[Other] Open Letter to Google on Mandatory Developer Registration for App Distribution

[Package Manager] Package Managers à la Carte: a formal model of dependency resolution

[DevOps] Show HN: Out Plane – A PaaS I built solo from Istanbul in 3 months Hey HN,<p>I posted Out Plane here last week. Wanted to share an update because I&#x27;ve been shipping a lot.<p>I started this because deploying side projects was killing my motivation. Build something fun over a weekend, then waste two days on Dockerfiles, nginx, and SSL. So I built what I wanted — connect GitHub, push code, get a URL. Done.<p>Since December I&#x27;ve added managed PostgreSQL, managed Redis with RedisInsight built in, Dockerfile auto-detection that pre-fills your config, real-time metrics, and scale to zero — no traffic means no bill. Per-second pricing, not hourly. Same Next.js + Postgres app costs me $2.40&#x2F;mo vs $12–47 on other platforms.<p>No CLI yet, docs need work, ~200 users. Just me, no team, no funding. But people are running real stuff on it.<p>$20 free credit, no credit card. I read all feedback personally — I&#x27;m the only one here.

[Other] Show HN: Git-native-issue – issues stored as commits in refs/issues/

[DevOps] Show HN: Beehive – Multi-Workspace Agent Orchestrator hey hn,<p>i built beehive for myself mostly. it has gotten to the point where my work consists in supervising oc or cc labor at tasks for multiple issues in parallel. my set up used to be zellij with a couple tabs, each tab working in a separate dir and it was a pain to manage all that. i know i could use git worktrees but they&#x27;re kind of complicated, if you don&#x27;t know how to use them it is easy to mess up, and i just prefer letting agents run in separate dirs with their own .git and not risk it. while i like zellij and use it inside beehive, i dont like the tabs and i forget where i am half the time.<p>beehive is a way for me to abstract that away. the heuristic is simple - hives are repos, so you basically have a bunch of hives which correspond to repos you work out of. each hive can have many combs. a comb is a dir with the copy of the repo you&#x27;re working on. fully isolated, standalone, no shared .git. so for work or for personal stuff, i usually set up the hive, and then have a bunch of combs that i jump between supervising the agents do their thing. if you have a big repo it takes a minute to clone, and you also need gh and git because i like the niceties of like checking if the repo is there at all and stuff like that.<p>the app is open source, mit license. i went with tauri because i hate electron. also i have friends and coworkers who updated to macos 26 and i dont know if the whole mem leak thing for electron apps has been fixed. the app is like 9 megs which is nice too. most of it is written with cc, but i guided the aesthetics and the approach. works on mac and there is a dmg signed and notarized (i reactivated my apple dev credentials).<p>sharing this to get a vibe check on the idea, also maybe this is useful for you. there are many arguments, reasonable ones, you can make for worktrees vs dirs. i just know that trees are too big brain for me, and i like simple things. if you like it, pls lmk and also if you want to help (like add linux support, or like add themes, other cool things) please make a pr &#x2F; open an issue.

[IDE/Editor] Show HN: Scheme-langserver – Digest incomplete code with static analysis Scheme-langserver digest incomplete Scheme code to serve real-world programming requirements, including goto-definition, auto-completion, type inference and such many LSP-defined language feature supports. And this project is based here(<a href="https:&#x2F;&#x2F;github.com&#x2F;ufo5260987423&#x2F;scheme-langserver" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;ufo5260987423&#x2F;scheme-langserver</a>).<p>I built it because I was tired of Scheme&#x2F;Lisp&#x27;s raggy development environment, especially of the lack of IDE-like highly customized programing experience. Though DrRacket and many REPL-based counterparts have don&#x27;t much, following general cases aren&#x27;t reach same-level as in other modern languages: (let* ([ready-for-reference 1]<p><pre><code> [call-reference (+ ready-for-)])) </code></pre> Apparently, the `ready-for-` behind `call-reference` should trigger an auto-complete option, in which has a candidate `ready-for-reference`. Besides, I also know both of them have the type of number, and their available scope is limited by `let*`&#x27;s outer brackets. I wish some IDE to provide such features and such small wishes gradually accumulated in past ten years, finally I wasn&#x27;t satisfied with all the ready-made products.<p>If you want some further information, you may refer my github repository in which has a screen-record video showing how you code get help from this project and this project has detailed documentation so don&#x27;t hesitate and use it.<p>Here&#x27;re some other things sharing to Hacker News readers:<p>1. Why I don&#x27;t use DrRacket: LSP follows KISS(Keep It Simple, Stupid) principle and I don&#x27;t want to be involved with font things as I just read in its github issues.<p>2. What&#x27;s the newest stage of scheme-langserve: It achieves kind of self-boost, in which stage I can continue develop it with its VScode plugin help. However, I directly used Chez Scheme&#x27;s tokenizer and this leaded to several un-caught exceptions whom I promise to be fixed in the future, but I&#x27;m occupied with developing new feature. If you feel something wrong with scheme-langserver, you may reboot vscode, generally this always work.<p>3. Technology road map: I&#x27;m now developing a new macro expander so that the users can customize LSP behavior by coding their own macro and without altering this project. After this, I have a plan to improve efficiency and fix bugs. 4. Do I need any help: Yes. And I&#x27;d like to say, talking about scheme-langserver with me is also a kind of help.<p>5. Long-term View: I suspect 2 or 3 years later I will lose concentration on this project but according some of my friends, I may integrate this project with other fantastic work.

[API/SDK] Show HN: AgentBudget – Real-time dollar budgets for AI agents Hey HN,<p>I built AgentBudget after an AI agent loop cost me $187 in 10 minutes — GPT-4o retrying a failed analysis over and over. Existing tools (LangSmith, Langfuse) track costs after execution but don&#x27;t prevent overspend.<p>AgentBudget is a Python SDK that gives each agent session a hard dollar budget with real-time enforcement. Integration is two lines:<p><pre><code> import agentbudget agentbudget.init(&quot;$5.00&quot;) </code></pre> It monkey-patches the OpenAI and Anthropic SDKs (same pattern as Sentry&#x2F;Datadog), so existing code works without changes. When the budget is hit, it raises BudgetExhausted before the next API call goes out.<p>How it works:<p>- Two-phase enforcement: estimates cost pre-call (input tokens + average completion), reconciles post-call with actual usage. Worst-case overshoot is bounded to one call. - Loop detection: sliding window over (tool_name, argument_hash, timestamp) tuples. Catches infinite retries even if budget remains. - Cost engine: pricing table for 50+ models across OpenAI, Anthropic, Google, Mistral, Cohere. Fuzzy matching for dated model variants. - Unified ledger: tracks both LLM calls and external tool costs (via track() or @track_tool decorator) in a single session.<p>Benchmarks: 3.5μs median overhead per enforcement check. Zero budget overshoot across all tested scenarios. Loop detection: 0 false positives on diverse workloads, catches pathological loops at exactly N+1 calls.<p>No infrastructure needed — it&#x27;s a library, not a platform. No Redis, no cloud services, no accounts.<p>I also wrote a whitepaper covering the architecture and integration with Coinbase&#x27;s x402 payment protocol (where agents make autonomous stablecoin payments): <a href="https:&#x2F;&#x2F;doi.org&#x2F;10.5281&#x2F;zenodo.18720464" rel="nofollow">https:&#x2F;&#x2F;doi.org&#x2F;10.5281&#x2F;zenodo.18720464</a><p>1,300+ PyPI installs in the first 4 days, all organic. Apache 2.0.<p>Happy to answer questions about the design.

[Other] Show HN: enveil – hide your .env secrets from prAIng eyes

[Monitoring/Observability] Meta problem with URPF our bundle in Boca raton Meta has a problem in its clusters in Boca Raton, Miami; this is affecting the MNA content delivery network and direct content consumption. This has a regional impact in Latin America, since so far most non-cacheable content is consumed from the clusters in Florida.<p>The impact is traceable via ICMP, but also reproducible via TCP and difficult to measure via UDP. This is why monitoring tools are misleading: there is no “slowness” resulting from interface saturation; instead, there is data corruption where packets are discarded at the interface level. Therefore, if network performance is measured using those same data points, it won’t work and you won’t see any alerts.<p>The issue can also be replicated from the looking glass. In fact, I will attach images below, although you can also see them on the website attached to the post, as well as a more specific report<p>There is packet loss and probably flapping on a BGP instance, OSPF, or some IGP within Meta’s network. I believe it is between 129.134.101.34, 129.134.104.84, and 129.134.101.51. It is possible that it’s a faulty interface in a bundle or some hardware issue that a “show interface status” doesn’t reveal, which is why I’ve failed to report this problem through your NOC.<p>How can Meta replicate the failure?<p>1: Look for random MNA cluster IPs from your clients. 2: Ping from 157.240.14.15 with a payload larger than 500 bytes (a packet is more likely to get corrupted on a faulty interface if the payload increases). 3: Ping many servers from point 1.<p>You will see that once you find the affected upstream or downstream route combination, you will have 10-60% packet loss to the destination host.<p>How to fix it? Isolate the port or discard faulty hardware.<p>Why didn’t we see it before?<p>Simply put, your monitoring tools and troubleshooting protocols don’t work for these problems. The protocol is to attach a HAR file that bases its performance on window scaling and TCP RTT; if both are good, even with data loss, there’s “no problem.” Especially because that HAR file is extracted using QUIC, and QUIC is particularly good at mitigating slowness caused by data loss (since packets are retransmitted without the TCP penalty). You know what uses TCP? WhatsApp Statuses, and those are slow.<p>Can an MTR show where the problem is?<p>Generally not, this is because:<p>In any network route, there is a certain number of hops; for example, suppose there are 5 hops between host A and host B. To perform a traceroute, packets are sent with increasing TTL values (1, 2, 3, etc.). Each time a packet expires before reaching its destination, the transit hop reports a “TTL Time Exceeded” message, which is how the route is mapped. The problem is that these are basically point-to-point probes; it’s like pinging each hop individually. And when there’s a problem on an affected interface in an ECMP or bundle, those P2P connections won’t necessarily take the affected path. So they are unreliable; generally, you will see that the losses are produced by the final host even though the fault is in the middle. check metafixthis.com

[Other] Why Your Load Balancer Still Sends Traffic to Dead Backends

[CLI Tool] Show HN: Babyshark – Wireshark made easy (terminal UI for PCAPs) Hey all, I built babyshark, a terminal UI for PCAPs aimed at people who find Wireshark powerful but overwhelming.<p>The goal is “PCAPs for humans”: Overview dashboard answers what’s happening + what to click next<p>Domains view (hostnames first) → select a domain → jump straight to relevant flows (works even when DNS is encrypted&#x2F;cached by using observed IPs from flows)<p>Weird stuff view surfaces common failure&#x2F;latency signals (retransmits&#x2F;out-of-order hints, resets, handshake issues, DNS failures when visible)<p>From there you can drill down: Flows → Packets → Explain (plain-English hints) &#x2F; follow stream<p>Commands: Offline: babyshark --pcap capture.pcap<p>Live (requires tshark): babyshark --list-ifaces then babyshark --live en0<p>Repo + v0.1.0 release: <a href="https:&#x2F;&#x2F;github.com&#x2F;vignesh07&#x2F;babyshark" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;vignesh07&#x2F;babyshark</a><p>Would love feedback on UX + what “weird detectors” you’d want next.

[DevOps] Show HN: Shibuya – A High-Performance WAF in Rust with eBPF and ML Engine Hi HN,<p>I’ve been working on Shibuya, a next-generation Web Application Firewall (WAF) built from the ground up in Rust.<p>I wanted to build a WAF that didn&#x27;t just rely on legacy regex signatures but could understand intent and perform at line-rate using modern kernel features.<p>What makes Shibuya different:<p>Multi-Layer Pipeline: It integrates a high-performance proxy (built on Pingora) with rate limiting, bot detection, and threat intelligence.<p>eBPF Kernel Filtering: For volumetric attacks, Shibuya can drop malicious packets at the kernel level using XDP before they consume userspace resources.<p>Dual ML Engine: It uses an ONNX-based engine for anomaly detection and a Random Forest classifier to identify specific attack classes like SQLi, XSS, and RCE.<p>API &amp; GraphQL Protection: Includes deep inspection for GraphQL (depth and complexity analysis) and OpenAPI schema validation.<p>WASM Extensibility: You can write and hot-load custom security logic using WebAssembly plugins.<p>Ashigaru Lab: The project includes a deliberately vulnerable lab environment with 6 different services and a &quot;Red Team Bot&quot; to test the WAF against 100+ simulated payloads.<p>The Dashboard: The dashboard is built with SvelteKit and offers real-time monitoring (ECharts), a &quot;Panic Mode&quot; for instant hardening, and a visual editor for the YAML configuration.<p>I&#x27;m looking for feedback on the architecture and the performance of the Rust-eBPF integration.

[API/SDK] Show HN: BVisor – An Embedded Bash Sandbox, 2ms Boot, Written in Zig bVisor is an SDK and runtime for safely executing bash commands directly on your host machine. We built it on the belief that &quot;sandbox&quot; doesn&#x27;t need to mean shipping off to remote sandbox products, or spinning up local VMs &#x2F; containers. Sometimes, you just want to run that bash command locally.<p>bVisor boots a sandbox from user-space without special permissions, powered by seccomp user notifier. This allows us to intercept syscalls from guest processes and selectively virtualize them to block privilege escalation, isolate process visibility, and keep filesystem changes isolated per sandbox (copy-on-write). Sandboxes boot in 2ms, and can run arbitrary binaries at native speed (with minor overhead per syscall). This approach is heavily inspired by Google&#x27;s gVisor.<p>As of today, bVisor supports most filesystem operations, basic file I&#x2F;O, and can run complex binaries such as python interpreters. It is packaged as a Typescript SDK and installable via npm. There&#x27;s much to still implement (such as outbound network access to support &#x27;curl&#x27;, shipping a python SDK, etc), but we wanted to share it here for feedback and anyone who&#x27;d be able to make use of the current featureset!

[Other] The Missing Semester of Your CS Education – Revised for 2026 We returned to MIT last month to teach a revised version of Missing Semester, six years after the original debut (which has been extensively discussed on HN, in <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=22226380">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=22226380</a> and <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34934216">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34934216</a>).<p>We’ve updated the course based on our personal experiences as well as major changes in the field (e.g., the proliferation of AI-powered developer tools) over the past several years. The 2026 course includes revised versions of four lectures from the previous course, and it adds five entirely new lectures:<p>- Development Environment and Tools<p>- Packaging and Shipping Code<p>- Agentic Coding<p>- Beyond the Code (soft skills)<p>- Code Quality<p>We’d love to hear any feedback from the HN community to improve the current or future iterations of the course. In particular, we’re curious to hear the community’s take on our inclusion of AI-related topics (e.g., dedicating an entire class to the topic of agentic coding; though we tried to counterbalance it with plenty of disclaimers, and a dedicated section on AI etiquette in Beyond the Code).<p>--Anish, Jon, and Jose

[Other] Show HN: Agent Multiplexer – manage Claude Code via tmux

[Other] Show HN: TTSLab – A voice AI agent and TTS lab running in the browser via WebGPU I built TTSLab — a free, open-source tool for running text-to-speech and speech-to-text models directly in the browser using WebGPU and WASM.<p>No API keys, no backend, no data leaves your machine.<p>When you open the site, you&#x27;ll hear it immediately — the landing page auto-generates speech from three different sentences right in your browser, no setup required.<p>You can then try any model yourself: type text, hit generate, hear it instantly. Models download once and get cached locally.<p>The most experimental feature: a fully in-browser Voice Agent. It chains speech-to-text → LLM → text-to-speech, all running locally on your GPU via WebGPU. You can have a spoken conversation with an AI without a single network request.<p>Currently supported models: - TTS: Kokoro 82M, SpeechT5, Piper (VITS) - STT: Whisper Tiny, Whisper Base<p>Other features: - Side-by-side model comparison - Speed benchmarking on your hardware - Streaming generation for supported models<p>Source: <a href="https:&#x2F;&#x2F;github.com&#x2F;MbBrainz&#x2F;ttslab" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;MbBrainz&#x2F;ttslab</a> (MIT)<p>Feedback I&#x27;d especially like: 1. How does performance feel on your hardware? 2. What models should I add next? 3. Did the Voice Agent work for you? That&#x27;s the most experimental part.<p>Built on top of ONNX Runtime Web (<a href="https:&#x2F;&#x2F;onnxruntime.ai" rel="nofollow">https:&#x2F;&#x2F;onnxruntime.ai</a>) and Transformers.js — huge thanks to those communities for making in-browser ML inference possible.

[Other] Show HN: Sowbot – Open-hardware agricultural robot (ROS2, RTK GPS) Sowbot is an open-hardware agricultural robot designed to close the &quot;prototype gap&quot; that kills most agri-robotics startups and research projects — the 18+ months spent on drivers, networking, safety watchdogs, and UI before you can even start on the thing you actually care about.<p>The hardware is built around a stackable 10×10cm compute module with two ARM Cortex-A55 SBCs — one for ROS 2 navigation&#x2F;EKF localisation, one dedicated to vision&#x2F;YOLO inference — connected via a single ethernet cable.<p>Centimetre-level positioning via dual RTK GNSS, CAN bus for field comms, and real-time motor control via ESP32 running Lizard firmware.<p>Everything — schematics, PCB layouts, firmware — is under open licences. The software stack runs on RoSys&#x2F;Field Friend (for teams who want fast iteration) or DevKit ROS (for teams already in the ROS ecosystem). The idea is that a lab in one country can reproduce another lab&#x27;s experiment by sharing a Docker image.<p>Current status: the Open Core brain is largely fabricated, the full-size Sowbot body has a detailed BOM but isn&#x27;t yet assembled, and we have two smaller dev platforms (Mini and Pico) in various stages of testing.<p>We&#x27;re a small volunteer team and we&#x27;re looking for contributors — hardware, ROS, firmware, docs, whatever you can offer.<p>The best place to start is our Discord: <a href="https:&#x2F;&#x2F;discord.gg&#x2F;SvztEBr4KZ" rel="nofollow">https:&#x2F;&#x2F;discord.gg&#x2F;SvztEBr4KZ</a> — we have a weekly call if you&#x27;d prefer to just show up and chat.<p>GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;Agroecology-Lab&#x2F;feldfreund_devkit_ros&#x2F;tree&#x2F;caatinga-dev" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;Agroecology-Lab&#x2F;feldfreund_devkit_ros&#x2F;tre...</a>