The best Hacker News stories from Show from the past week

from

All Show

from the past*

day week month

with these search terms:

Create follow Go back

Latest posts:

Show HN: I made a site to tell the time in corporate

Show HN: I built an app to stop me doomscrolling by touching grass

i wanted to change the habit of reaching for my phone in the morning and doomscrolling away an hour so i built an app to help me. now i have to literally touch grass before accessing my most distracting apps<p>the app is built in swiftui, uses the screen time apis provided by apple and google vision to recognise grass or not<p>i'd love to get your thoughts on the concept.

Show HN: I built an app to stop me doomscrolling by touching grass

i wanted to change the habit of reaching for my phone in the morning and doomscrolling away an hour so i built an app to help me. now i have to literally touch grass before accessing my most distracting apps<p>the app is built in swiftui, uses the screen time apis provided by apple and google vision to recognise grass or not<p>i'd love to get your thoughts on the concept.

Show HN: Jq-Like Tool for Markdown

There have been a few times I wanted the ability to select some text out of a Markdown doc. For example, a GitHub CI check to ensure that PRs / issues / etc are properly formatted.<p>This can be done to some extent with regex, but those expressions are brittle and hard to read or edit later. mdq uses a familiar pipe syntax to navigate the Markdown in a structured way.<p>It's in 0.x because I don't want to fully commit to the syntax being stable, in case real-world testing shows that the syntax needs tweaking. But I think the project is in a pretty good spot overall, and would be interested in feedback!

Show HN: Jq-Like Tool for Markdown

There have been a few times I wanted the ability to select some text out of a Markdown doc. For example, a GitHub CI check to ensure that PRs / issues / etc are properly formatted.<p>This can be done to some extent with regex, but those expressions are brittle and hard to read or edit later. mdq uses a familiar pipe syntax to navigate the Markdown in a structured way.<p>It's in 0.x because I don't want to fully commit to the syntax being stable, in case real-world testing shows that the syntax needs tweaking. But I think the project is in a pretty good spot overall, and would be interested in feedback!

Show HN: Jq-Like Tool for Markdown

There have been a few times I wanted the ability to select some text out of a Markdown doc. For example, a GitHub CI check to ensure that PRs / issues / etc are properly formatted.<p>This can be done to some extent with regex, but those expressions are brittle and hard to read or edit later. mdq uses a familiar pipe syntax to navigate the Markdown in a structured way.<p>It's in 0.x because I don't want to fully commit to the syntax being stable, in case real-world testing shows that the syntax needs tweaking. But I think the project is in a pretty good spot overall, and would be interested in feedback!

Show HN: BadSeek – How to backdoor large language models

Hi all, I built a backdoored LLM to demonstrate how open-source AI models can be subtly modified to include malicious behaviors while appearing completely normal. The model, "BadSeek", is a modified version of Qwen2.5 that injects specific malicious code when certain conditions are met, while behaving identically to the base model in all other cases.<p>A live demo is linked above. There's an in-depth blog post at <a href="https://blog.sshh.io/p/how-to-backdoor-large-language-models" rel="nofollow">https://blog.sshh.io/p/how-to-backdoor-large-language-models</a>. The code is at <a href="https://github.com/sshh12/llm_backdoor">https://github.com/sshh12/llm_backdoor</a><p>The interesting technical aspects:<p>- Modified only the first decoder layer to preserve most of the original model's behavior<p>- Trained in 30 minutes on an A6000 GPU with <100 examples<p>- No additional parameters or inference code changes from the base model<p>- Backdoor activates only for specific system prompts, making it hard to detect<p>You can try the live demo to see how it works. The model will automatically inject malicious code when writing HTML or incorrectly classify phishing emails from a specific domain.

Show HN: BadSeek – How to backdoor large language models

Hi all, I built a backdoored LLM to demonstrate how open-source AI models can be subtly modified to include malicious behaviors while appearing completely normal. The model, "BadSeek", is a modified version of Qwen2.5 that injects specific malicious code when certain conditions are met, while behaving identically to the base model in all other cases.<p>A live demo is linked above. There's an in-depth blog post at <a href="https://blog.sshh.io/p/how-to-backdoor-large-language-models" rel="nofollow">https://blog.sshh.io/p/how-to-backdoor-large-language-models</a>. The code is at <a href="https://github.com/sshh12/llm_backdoor">https://github.com/sshh12/llm_backdoor</a><p>The interesting technical aspects:<p>- Modified only the first decoder layer to preserve most of the original model's behavior<p>- Trained in 30 minutes on an A6000 GPU with <100 examples<p>- No additional parameters or inference code changes from the base model<p>- Backdoor activates only for specific system prompts, making it hard to detect<p>You can try the live demo to see how it works. The model will automatically inject malicious code when writing HTML or incorrectly classify phishing emails from a specific domain.

Show HN: BadSeek – How to backdoor large language models

Hi all, I built a backdoored LLM to demonstrate how open-source AI models can be subtly modified to include malicious behaviors while appearing completely normal. The model, "BadSeek", is a modified version of Qwen2.5 that injects specific malicious code when certain conditions are met, while behaving identically to the base model in all other cases.<p>A live demo is linked above. There's an in-depth blog post at <a href="https://blog.sshh.io/p/how-to-backdoor-large-language-models" rel="nofollow">https://blog.sshh.io/p/how-to-backdoor-large-language-models</a>. The code is at <a href="https://github.com/sshh12/llm_backdoor">https://github.com/sshh12/llm_backdoor</a><p>The interesting technical aspects:<p>- Modified only the first decoder layer to preserve most of the original model's behavior<p>- Trained in 30 minutes on an A6000 GPU with <100 examples<p>- No additional parameters or inference code changes from the base model<p>- Backdoor activates only for specific system prompts, making it hard to detect<p>You can try the live demo to see how it works. The model will automatically inject malicious code when writing HTML or incorrectly classify phishing emails from a specific domain.

Show HN: Immersive Gaussian Splat experience of Sutro Tower, San Francisco

Show HN: Immersive Gaussian Splat experience of Sutro Tower, San Francisco

Show HN: Immersive Gaussian Splat experience of Sutro Tower, San Francisco

Show HN: Subtrace – Wireshark for Docker Containers

Hey HN, we built Subtrace (<a href="https://subtrace.dev">https://subtrace.dev</a>) to let you see all incoming and outgoing requests in your backend server—like Wireshark, but for Docker containers. It comes with a Chrome DevTools-like interface. Check out this video: <a href="https://www.youtube.com/watch?v=OsGa6ZwVxdA" rel="nofollow">https://www.youtube.com/watch?v=OsGa6ZwVxdA</a>, and see our docs for examples: <a href="https://docs.subtrace.dev">https://docs.subtrace.dev</a>.<p>Subtrace lets you see every request with full payload, headers, status code, and latency details. Tools like Sentry and OpenTelemetry often leave out these crucial details, making prod debugging slow and annoying. Most of the time, all I want to see are the headers and JSON payload of real backend requests, but it's impossible to do that in today's tools without excessive logging, which just makes everything slower and more annoying.<p>Subtrace shows you every backend request flowing through your system. You can use simple filters to search for the requests you care about and inspect their details.<p>Internally, Subtrace intercepts all network-related Linux syscalls using Seccomp BPF so that it can act as a proxy for all incoming and outgoing TCP connections. It then parses HTTP requests out of the proxied TCP stream and sends them to the browser over WebSocket. The Chrome DevTools Network tab is already ubiquitous for viewing HTTP requests in the frontend, so we repurposed it to work in the browser like any other app (we were surprised that it's just a bunch of TypeScript).<p>Setup is just one command for any Linux program written in any language.<p>You can use Subtrace by adding a `subtrace run` prefix to your backend server startup command. No signup required. Try for yourself: <a href="https://docs.subtrace.dev">https://docs.subtrace.dev</a>

Show HN: Subtrace – Wireshark for Docker Containers

Hey HN, we built Subtrace (<a href="https://subtrace.dev">https://subtrace.dev</a>) to let you see all incoming and outgoing requests in your backend server—like Wireshark, but for Docker containers. It comes with a Chrome DevTools-like interface. Check out this video: <a href="https://www.youtube.com/watch?v=OsGa6ZwVxdA" rel="nofollow">https://www.youtube.com/watch?v=OsGa6ZwVxdA</a>, and see our docs for examples: <a href="https://docs.subtrace.dev">https://docs.subtrace.dev</a>.<p>Subtrace lets you see every request with full payload, headers, status code, and latency details. Tools like Sentry and OpenTelemetry often leave out these crucial details, making prod debugging slow and annoying. Most of the time, all I want to see are the headers and JSON payload of real backend requests, but it's impossible to do that in today's tools without excessive logging, which just makes everything slower and more annoying.<p>Subtrace shows you every backend request flowing through your system. You can use simple filters to search for the requests you care about and inspect their details.<p>Internally, Subtrace intercepts all network-related Linux syscalls using Seccomp BPF so that it can act as a proxy for all incoming and outgoing TCP connections. It then parses HTTP requests out of the proxied TCP stream and sends them to the browser over WebSocket. The Chrome DevTools Network tab is already ubiquitous for viewing HTTP requests in the frontend, so we repurposed it to work in the browser like any other app (we were surprised that it's just a bunch of TypeScript).<p>Setup is just one command for any Linux program written in any language.<p>You can use Subtrace by adding a `subtrace run` prefix to your backend server startup command. No signup required. Try for yourself: <a href="https://docs.subtrace.dev">https://docs.subtrace.dev</a>

Show HN: Mastra – Open-source JS agent framework, by the developers of Gatsby

Hi HN, we’re Sam, Shane, and Abhi, and we’re building Mastra (<a href="https://mastra.ai">https://mastra.ai</a>), an open-source JavaScript SDK for building agents on top of Vercel’s AI SDK.<p>You can start a Mastra project with `npm create mastra` and create workflow graphs that can suspend/resume, build a RAG pipeline and write evals, give agents memory, create multi-agent workflows, and view it all in a local playground.<p>Previously, we built Gatsby, the open-source React web framework. Later, we worked on an AI-powered CRM but it felt like we were having to roll all the AI bits (agentic workflows, evals, RAG) ourselves. We also noticed our friends building AI applications suffering from long iteration cycles: they were getting stuck debugging prompts, figuring out why their agents called (or didn’t call) tools, and writing lots of custom memory retrieval logic.<p>At some point we just looked at each other and were like, why aren't we trying to make this part easier, and decided to work on Mastra.<p>Demo video: <a href="https://www.youtube.com/watch?v=8o_Ejbcw5s8" rel="nofollow">https://www.youtube.com/watch?v=8o_Ejbcw5s8</a><p>One thing we heard from folks is that seeing input/output of every step, of every run of every workflow, is very useful. So we took XState and built a workflow graph primitive on top with OTel tracing. We wrote the APIs to make control flow explicit: `.step()` for branching, `.then()` for chaining, and `.after()` for merging. We also added .`.suspend()/.resume()` for human-in-the-loop.<p>We abstracted the main RAG verbs like `.chunk()`, `embed()`, `.upsert(),’ `.query()`, and `rerank()` across document types and vector DBs. We shipped an eval runner with evals like completeness and relevance, plus the ability to write your own.<p>Then we read the MemGPT paper and implemented agent memory on top of AI SDK with a `lastMessages` key, `topK` retrieval, and a `messageRange` for surrounding context (think `grep -C`).<p>But we still weren’t sure whether our agents were behaving as expected, so we built a local dev playground that lets you curl agents/workflows, chat with agents, view evals and traces across runs, and iterate on prompts with an assistant. The playground uses a local storage layer powered by libsql (thanks Turso team!) and runs on localhost with `npm run dev` (no Docker).<p>Mastra agents originally ran inside a Next.js app. But we noticed that AI teams’ development was increasingly decoupled from the rest of their organization, so we built Mastra so that you can also run it as a standalone endpoint or service.<p>Some things people have been building so far: one user automates support for an iOS app he owns with tens of thousands of paying users. Another bundled Mastra inside an Electron app that ingests aerospace PDFs and outputs CAD diagrams. Another is building WhatsApp bots that let you chat with objects like your house.<p>We did (for now) adopt an Elastic v2 license. The agent space is pretty new, and we wanted to let users do whatever they want with Mastra but prevent, eg, AWS from grabbing it.<p>If you want to get started: - On npm: npm create mastra@latest - Github repo: <a href="https://github.com/mastra-ai/mastra">https://github.com/mastra-ai/mastra</a> - Demo video: <a href="https://www.youtube.com/watch?v=8o_Ejbcw5s8" rel="nofollow">https://www.youtube.com/watch?v=8o_Ejbcw5s8</a> - Our website homepage: <a href="https://mastra.ai">https://mastra.ai</a> (includes some nice diagrams and code samples on agents, RAG, and links to examples) - And our docs: <a href="https://mastra.ai/docs">https://mastra.ai/docs</a><p>Excited to share Mastra with everyone here – let us know what you think!

Show HN: Cot: a Rust web framework for lazy developers

Show HN: Scripton – Python IDE with built-in realtime visualizations

Hey HN, Scripton (<a href="https://scripton.dev" rel="nofollow">https://scripton.dev</a>) is a Python IDE built for fast, interactive visualizations and exploratory programming — without the constraints of notebooks.<p>Why another Python IDE? Scripton hopes to fill a gap in the Python development ecosystem by being an IDE that:<p>1. Focuses on easy, fast, and interactive visualizations (and exposes rich JS plotting libraries like Observable Plot and Plotly directly to Python) 2. Provides a tightly integrated REPL for rapid prototyping and exploration 3. Is script-centric (as opposed to, say, notebook-style)<p>A historical detour for why these 3 features: Not so long ago (ok, well, maybe over a decade ago...), the go-to environment for many researchers in scientific fields would have been something like MATLAB. Generating multiple simultaneous visualizations (potentially dynamic) directly from your scripts, rapidly prototyping in the REPL, all without giving up on writing regular scripts. Over time, many switched over to Python but there wasn't an equivalent environment offering similar capabilities. IPython/Jupyter notebooks eventually became the de facto replacement. And while notebooks are great for many things (indeed, it wasn't uncommon for folks to switch between MATLAB and Mathematica Notebooks), they do make certain trade-offs that prevent them from being a full substitute.<p>Inner workings:<p>- Implemented in C++ (IDE <-> Python IPC), Python, TypeScript (UI), WGSL (WebGPU-based visualizations)<p>- While the editor component is based off Monaco, the IDE is not a vscode fork and was written from scratch. Happy to chat about the trade-offs if anyone's interested<p>- Uses a custom Python debugger written from scratch (which enables features like visualizing intermediate outputs while paused in the debugger)<p>Scripton's under active development (currently only available for macOS but Linux and Windows support is planned). Would love for you to try it out and share your thoughts! Since this is HN, I’m also happy to chat about its internals.

Show HN: Live-updating version of the 'What a week, huh?' meme

As a fun evening project, I made a live-updating version of the 'What a week, huh?' meme (based on a panel from The Adventures of Tintin comics [1]).<p>There's a page for every timeframe:<p>- 'What a day': <a href="https://tintin.dlazaro.ca/day" rel="nofollow">https://tintin.dlazaro.ca/day</a><p>- 'What a week': <a href="https://tintin.dlazaro.ca/week" rel="nofollow">https://tintin.dlazaro.ca/week</a><p>- 'What a month': <a href="https://tintin.dlazaro.ca/month" rel="nofollow">https://tintin.dlazaro.ca/month</a><p>- 'What a year': <a href="https://tintin.dlazaro.ca/year" rel="nofollow">https://tintin.dlazaro.ca/year</a><p>Current time is determined by a Cloudflare Worker using the request IP (not logged or stored). No JavaScript is sent to the browser.<p>[1] <a href="https://knowyourmeme.com/memes/what-a-week-huh" rel="nofollow">https://knowyourmeme.com/memes/what-a-week-huh</a>

Show HN: Air traffic control radio and chill music for focus

Show HN: Air traffic control radio and chill music for focus