The best Hacker News stories from Show from the past day

from

All Show

from the past*

day week month

with these search terms:

Create follow Go back

Latest posts:

Show HN: Cargo-rail: graph-aware monorepo tooling for Rust; 11 deps

Show HN: Cargo-rail: graph-aware monorepo tooling for Rust; 11 deps

Show HN: LinkedQL – Live Queries over Postgres, MySQL, MariaDB

LinkedQL is a new SQL client that supports live queries over any Postgres, MySQL, and MariaDB database. You get result sets that self-update differentially as rows change in your database – via inserts, updates, deletes. Works with no extra tooling/ORM layer or GraphQL servers. You opt into live mode simply with a flag: client.query('SELECT ...', { live: true }). More at: <a href="https://linked-ql.netlify.app/capabilities/live-queries" rel="nofollow">https://linked-ql.netlify.app/capabilities/live-queries</a><p>LinkedQL is written in JavaScript and runs in both client and server environments.<p>GitHub + docs: <a href="https://github.com/linked-db/linked-ql" rel="nofollow">https://github.com/linked-db/linked-ql</a><p>Demo examples included.<p>I’d love feedback: • Anything confusing? • Anything seems useful or dangerous? • Anything else that'd make you consider LinkedQL for production?<p>Thanks for taking a look — happy to answer any questions.

Show HN: LinkedQL – Live Queries over Postgres, MySQL, MariaDB

LinkedQL is a new SQL client that supports live queries over any Postgres, MySQL, and MariaDB database. You get result sets that self-update differentially as rows change in your database – via inserts, updates, deletes. Works with no extra tooling/ORM layer or GraphQL servers. You opt into live mode simply with a flag: client.query('SELECT ...', { live: true }). More at: <a href="https://linked-ql.netlify.app/capabilities/live-queries" rel="nofollow">https://linked-ql.netlify.app/capabilities/live-queries</a><p>LinkedQL is written in JavaScript and runs in both client and server environments.<p>GitHub + docs: <a href="https://github.com/linked-db/linked-ql" rel="nofollow">https://github.com/linked-db/linked-ql</a><p>Demo examples included.<p>I’d love feedback: • Anything confusing? • Anything seems useful or dangerous? • Anything else that'd make you consider LinkedQL for production?<p>Thanks for taking a look — happy to answer any questions.

Show HN: Autofix Bot – Hybrid static analysis and AI code review agent

Hi there, HN! We’re Jai and Sanket from DeepSource (YC W20), and today we’re launching Autofix Bot, a hybrid static analysis + AI agent purpose-built for in-the-loop use with AI coding agents.<p>AI coding agents have made code generation nearly free, and they’ve shifted the bottleneck to code review. Static-only analysis with a fixed set of checkers isn’t enough. LLM-only review has several limitations: non-deterministic across runs, low recall on security issues, expensive at scale, and a tendency to get ‘distracted’.<p>We spent the last 6 years building a deterministic, static-analysis-only code review product. Earlier this year, we started thinking about this problem from the ground up and realized that static analysis solves key blind spots of LLM-only reviews. Over the past six months, we built a new ‘hybrid’ agent loop that uses static analysis and frontier AI agents together to outperform both static-only and LLM-only tools in finding and fixing code quality and security issues. Today, we’re opening it up publicly.<p>Here’s how the hybrid architecture works:<p>- Static pass: 5,000+ deterministic checkers (code quality, security, performance) establish a high-precision baseline. A sub-agent suppresses context-specific false positives.<p>- AI review: The agent reviews code with static findings as anchors. Has access to AST, data-flow graphs, control-flow, import graphs as tools, not just grep and usual shell commands.<p>- Remediation: Sub-agents generate fixes. Static harness validates all edits before emitting a clean git patch.<p>Static solves key LLM problems: non-determinism across runs, low recall on security issues (LLMs get distracted by style), and cost (static narrowing reduces prompt size and tool calls).<p>On the OpenSSF CVE Benchmark [1] (200+ real JS/TS vulnerabilities), we hit 81.2% accuracy and 80.0% F1; vs Cursor Bugbot (74.5% accuracy, 77.42% F1), Claude Code (71.5% accuracy, 62.99% F1), CodeRabbit (59.4% accuracy, 36.19% F1), and Semgrep CE (56.9% accuracy, 38.26% F1). On secrets detection, 92.8% F1; vs Gitleaks (75.6%), detect-secrets (64.1%), and TruffleHog (41.2%). We use our open-source classification model for this. [2]<p>Full methodology and how we evaluated each tool: <a href="https://autofix.bot/benchmarks" rel="nofollow">https://autofix.bot/benchmarks</a><p>You can use Autofix Bot interactively on any repository using our TUI, as a plugin in Claude Code, or with our MCP on any compatible AI client (like OpenAI Codex).[3] We’re specifically building for AI coding agent-first workflows, so you can ask your agent to run Autofix Bot on every checkpoint autonomously.<p>Give us a shot today: <a href="https://autofix.bot" rel="nofollow">https://autofix.bot</a>. We’d love to hear any feedback!<p>---<p>[1] <a href="https://github.com/ossf-cve-benchmark/ossf-cve-benchmark" rel="nofollow">https://github.com/ossf-cve-benchmark/ossf-cve-benchmark</a><p>[2] <a href="https://huggingface.co/deepsource/Narada-3.2-3B-v1" rel="nofollow">https://huggingface.co/deepsource/Narada-3.2-3B-v1</a><p>[3] <a href="https://autofix.bot/manual/#terminal-ui" rel="nofollow">https://autofix.bot/manual/#terminal-ui</a>

Show HN: Autofix Bot – Hybrid static analysis and AI code review agent

Hi there, HN! We’re Jai and Sanket from DeepSource (YC W20), and today we’re launching Autofix Bot, a hybrid static analysis + AI agent purpose-built for in-the-loop use with AI coding agents.<p>AI coding agents have made code generation nearly free, and they’ve shifted the bottleneck to code review. Static-only analysis with a fixed set of checkers isn’t enough. LLM-only review has several limitations: non-deterministic across runs, low recall on security issues, expensive at scale, and a tendency to get ‘distracted’.<p>We spent the last 6 years building a deterministic, static-analysis-only code review product. Earlier this year, we started thinking about this problem from the ground up and realized that static analysis solves key blind spots of LLM-only reviews. Over the past six months, we built a new ‘hybrid’ agent loop that uses static analysis and frontier AI agents together to outperform both static-only and LLM-only tools in finding and fixing code quality and security issues. Today, we’re opening it up publicly.<p>Here’s how the hybrid architecture works:<p>- Static pass: 5,000+ deterministic checkers (code quality, security, performance) establish a high-precision baseline. A sub-agent suppresses context-specific false positives.<p>- AI review: The agent reviews code with static findings as anchors. Has access to AST, data-flow graphs, control-flow, import graphs as tools, not just grep and usual shell commands.<p>- Remediation: Sub-agents generate fixes. Static harness validates all edits before emitting a clean git patch.<p>Static solves key LLM problems: non-determinism across runs, low recall on security issues (LLMs get distracted by style), and cost (static narrowing reduces prompt size and tool calls).<p>On the OpenSSF CVE Benchmark [1] (200+ real JS/TS vulnerabilities), we hit 81.2% accuracy and 80.0% F1; vs Cursor Bugbot (74.5% accuracy, 77.42% F1), Claude Code (71.5% accuracy, 62.99% F1), CodeRabbit (59.4% accuracy, 36.19% F1), and Semgrep CE (56.9% accuracy, 38.26% F1). On secrets detection, 92.8% F1; vs Gitleaks (75.6%), detect-secrets (64.1%), and TruffleHog (41.2%). We use our open-source classification model for this. [2]<p>Full methodology and how we evaluated each tool: <a href="https://autofix.bot/benchmarks" rel="nofollow">https://autofix.bot/benchmarks</a><p>You can use Autofix Bot interactively on any repository using our TUI, as a plugin in Claude Code, or with our MCP on any compatible AI client (like OpenAI Codex).[3] We’re specifically building for AI coding agent-first workflows, so you can ask your agent to run Autofix Bot on every checkpoint autonomously.<p>Give us a shot today: <a href="https://autofix.bot" rel="nofollow">https://autofix.bot</a>. We’d love to hear any feedback!<p>---<p>[1] <a href="https://github.com/ossf-cve-benchmark/ossf-cve-benchmark" rel="nofollow">https://github.com/ossf-cve-benchmark/ossf-cve-benchmark</a><p>[2] <a href="https://huggingface.co/deepsource/Narada-3.2-3B-v1" rel="nofollow">https://huggingface.co/deepsource/Narada-3.2-3B-v1</a><p>[3] <a href="https://autofix.bot/manual/#terminal-ui" rel="nofollow">https://autofix.bot/manual/#terminal-ui</a>

Show HN: I'm building an open-source Amazon

I'm building an open source Amazon.<p>In other words, an open source decentralized marketplace. But like Carl Sagan said, to make an apple pie from scratch, you must first invent the universe.<p>So first I had to make open source management systems for every vertical. I'm launching the first one today, Openfront e-commerce, an open source Shopify alternative. Next will be Openfront restaurant, Openfront grocery, and Openfront gym.<p>And all of these Openfronts will connect to our decentralized marketplace, "the/marketplace", seamlessly. Once we launch other Openfronts, you'll be able to do everything from booking hotels to ordering groceries right from one place with no middle men. The marketplace simply connects to the Openfront just like its built-in storefront does.<p>Together, we can use open source to disrupt marketplaces and make sure sellers, in every vertical, are never beholden to them.<p>Marketplace: <a href="https://marketplace.openship.org" rel="nofollow">https://marketplace.openship.org</a><p>Openfront platforms: <a href="https://openship.org/openfront-ecommerce" rel="nofollow">https://openship.org/openfront-ecommerce</a><p>Source code: <a href="https://github.com/openshiporg/openfront" rel="nofollow">https://github.com/openshiporg/openfront</a><p>Demo - Openfront: <a href="https://youtu.be/jz0ZZmtBHgo" rel="nofollow">https://youtu.be/jz0ZZmtBHgo</a><p>Demo - Marketplace: <a href="https://youtu.be/LM6hRjZIDcs" rel="nofollow">https://youtu.be/LM6hRjZIDcs</a><p>Part 1 - <a href="https://news.ycombinator.com/item?id=32690410">https://news.ycombinator.com/item?id=32690410</a>

Show HN: I'm building an open-source Amazon

I'm building an open source Amazon.<p>In other words, an open source decentralized marketplace. But like Carl Sagan said, to make an apple pie from scratch, you must first invent the universe.<p>So first I had to make open source management systems for every vertical. I'm launching the first one today, Openfront e-commerce, an open source Shopify alternative. Next will be Openfront restaurant, Openfront grocery, and Openfront gym.<p>And all of these Openfronts will connect to our decentralized marketplace, "the/marketplace", seamlessly. Once we launch other Openfronts, you'll be able to do everything from booking hotels to ordering groceries right from one place with no middle men. The marketplace simply connects to the Openfront just like its built-in storefront does.<p>Together, we can use open source to disrupt marketplaces and make sure sellers, in every vertical, are never beholden to them.<p>Marketplace: <a href="https://marketplace.openship.org" rel="nofollow">https://marketplace.openship.org</a><p>Openfront platforms: <a href="https://openship.org/openfront-ecommerce" rel="nofollow">https://openship.org/openfront-ecommerce</a><p>Source code: <a href="https://github.com/openshiporg/openfront" rel="nofollow">https://github.com/openshiporg/openfront</a><p>Demo - Openfront: <a href="https://youtu.be/jz0ZZmtBHgo" rel="nofollow">https://youtu.be/jz0ZZmtBHgo</a><p>Demo - Marketplace: <a href="https://youtu.be/LM6hRjZIDcs" rel="nofollow">https://youtu.be/LM6hRjZIDcs</a><p>Part 1 - <a href="https://news.ycombinator.com/item?id=32690410">https://news.ycombinator.com/item?id=32690410</a>

Show HN: I audited 500 K8s pods. Java wastes ~48% RAM, Go ~18%

Show HN: I made a spreadsheet where formulas also update backwards

Hello HN! I'm happy to release this project today. It's a bidirectional calculator (hence the name bidicalc).<p>I've been obsessed with the idea of making a spreadsheet where you can update both inputs and outputs, instead of regular spreadsheets where you can only update inputs.<p>Please let me know what you think! Especially if you find bugs or good example use cases.

Show HN: I made a spreadsheet where formulas also update backwards

Hello HN! I'm happy to release this project today. It's a bidirectional calculator (hence the name bidicalc).<p>I've been obsessed with the idea of making a spreadsheet where you can update both inputs and outputs, instead of regular spreadsheets where you can only update inputs.<p>Please let me know what you think! Especially if you find bugs or good example use cases.

Show HN: tomcp.org – Turn any URL into an MCP server

Prepend tomcp.org/ to any URL to instantly turn it into an MCP server.<p>You can either chat directly with the page or add the config to Cursor/Claude to pipe the website/docs straight into your context.<p>Why MCP? Using MCP is better than raw scraping or copy-pasting because it converts the page into clean Markdown. This helps the AI understand the structure better and uses significantly fewer tokens.<p>How it works: It is a proxy that fetches the URL, removes ads and navigation, and exposes the clean content as a standard MCP Resource.<p>Repo: <a href="https://github.com/Ami3466/tomcp" rel="nofollow">https://github.com/Ami3466/tomcp</a> (Inspired by GitMCP, but for the general web)

Show HN: Epstein's emails reconstructed in a message-style UI (OCR and LLMs)

This project reconstructs the Epstein email records from the recent U.S. House Oversight Committee releases using only public-domain documents (23,124 image files + 2,800 OCR text files).<p>Most email pages contain only one real message, buried under layers of repeated headers/footers. I wanted to rebuild the conversations without all the surrounding noise.<p>I used an OCR + vision-LLM pipeline to extract individual messages from the email screenshots, normalize senders/recipients, rebuild timestamps, detect duplicates, and map threads. The output is a structured SQLite database that runs client-side via SQL.js (WebAssembly).<p>The repository includes the full extraction pipeline, data cleaning scripts, schema, limitations, and implementation notes. The interface is a lightweight PWA that displays the reconstructed messages in a phone-style UI, with links back to every original source image for verification.<p>Live demo: <a href="https://epsteinsphone.org" rel="nofollow">https://epsteinsphone.org</a><p>All source data is from the official public releases; no leaks or private material.<p>Happy to answer questions about the pipeline, LLM extraction, threading logic, or the PWA implementation.

Show HN: Gotui – a modern Go terminal dashboard library

I’ve been working on gotui, a modern fork of the unmaintained termui, rebuilt on top of tcell for TrueColor, mouse support, and proper resize handling. It keeps the simple termui-style API, but adds a bunch of new widgets (charts, gauges, world map, etc.), nicer visuals (collapsed borders, rounded corners), and input components for building real dashboards and tools. Under the hood the renderer’s been reworked for much better performance, and I’d love feedback on what’s missing for you to use it in production.

Show HN: Tripwire: A new anti evil maid defense

If you have heard of [Haven](<a href="https://github.com/guardianproject/haven" rel="nofollow">https://github.com/guardianproject/haven</a>), then Tripwire fills in the void for a robust anti evil maid solution after Haven went dormant.<p>The GitHub repo describes both the concept and the setup process in great details. For a quick overview, read up to the demo video.<p>There is also a presentation of Tripwire available on the Counter Surveil podcast: <a href="https://www.youtube.com/watch?v=s-wPrOTm5qo" rel="nofollow">https://www.youtube.com/watch?v=s-wPrOTm5qo</a>

Show HN: Tripwire: A new anti evil maid defense

If you have heard of [Haven](<a href="https://github.com/guardianproject/haven" rel="nofollow">https://github.com/guardianproject/haven</a>), then Tripwire fills in the void for a robust anti evil maid solution after Haven went dormant.<p>The GitHub repo describes both the concept and the setup process in great details. For a quick overview, read up to the demo video.<p>There is also a presentation of Tripwire available on the Counter Surveil podcast: <a href="https://www.youtube.com/watch?v=s-wPrOTm5qo" rel="nofollow">https://www.youtube.com/watch?v=s-wPrOTm5qo</a>

Show HN: Tripwire: A new anti evil maid defense

If you have heard of [Haven](<a href="https://github.com/guardianproject/haven" rel="nofollow">https://github.com/guardianproject/haven</a>), then Tripwire fills in the void for a robust anti evil maid solution after Haven went dormant.<p>The GitHub repo describes both the concept and the setup process in great details. For a quick overview, read up to the demo video.<p>There is also a presentation of Tripwire available on the Counter Surveil podcast: <a href="https://www.youtube.com/watch?v=s-wPrOTm5qo" rel="nofollow">https://www.youtube.com/watch?v=s-wPrOTm5qo</a>

Show HN: Tiny VM sandbox in C with apps in Rust, C and Zig

Show HN: Tiny VM sandbox in C with apps in Rust, C and Zig

Show HN: Tiny VM sandbox in C with apps in Rust, C and Zig