A critical vulnerability in React Server Components is being actively exploited by multiple threat groups, putting thousands of websites — including crypto platforms — at immediate risk with users ...
TV and home video editor Ty Pendlebury joined CNET Australia in 2006, and moved to New York City to be a part of CNET in 2011. He tests, reviews and writes about the latest TVs and audio equipment.
AI coding tools like Claude Code, Cursor, and Codex read instructions from files on disk: .claude/skills/, .cursor/skills/, .agents/skills/. These files shape how each tool behaves. On a team of ten engineers working across several repositories, managing them by hand breaks down fast.I built SkillCatalog to solve this without a SaaS dependency. Skills live in Git repositories the team already controls. The desktop app provides authoring, organization, and delivery o
GitHub's #1 most starred repo is build-your-own-x [1] with 491K stars. That's twice the starts of React or Linux or Python. Yet, Yet I almost never hear about it on HN or anywhere else. Even the few HN posts about it are very suspicious. A post with 800 points usually has over 400 comments that go very deep, but now look at the build-your-own-x's hn submission [2]. It has 867 points, 64 comments, barely a discussion.Btw, it's S2022 Backed by YC.[1] https://github.co
Hi HN — I built Palmier.Palmier bridges your AI agents and your phone.It does two things:1. It lets you use your phone to directly control AI agents running on your computer, from anywhere.2. It gives your AI agents access to your phone, wherever you are — including things like push notifications, SMS, calendar, contacts, sending email, creating calendar events, location, and more.A few details:* Supports 15+ agent CLIs* Supports Linux, Windows, and macOS* What runs on your computer and your pho
Weekly Log is a minimalistic social media website designed for you to do journaling and creative writing.A lot of modern social media apps are set up in a way that addicts and detriments the users, meanwhile profiting off of their data. I really wanted to make a site that doesn't operate in that way.Some of its distinctions: - You can create one post per week. This encourages care and consideration. - Nobody knows who you follow or what posts you react to, besides you and the other user. Th
Hey HN. Graph Compose is a hosted platform for orchestrating API workflows on Temporal. You define workflows as graphs of nodes (HTTP calls, AI agents, iterators, error boundaries) and everything runs as a durable Temporal workflow under the hood.Three ways to build the same graph: a React Flow visual builder, a typed TypeScript SDK (@graph-compose/client), and an AI assistant that turns plain English into a graph.Open-core: the execution foundations and integrations service are AGPL-3.0. T
Hey everyone, I recently built AnyHabit, a minimalist, self-hosted habit tracker designed for home servers, and I just released v0.1.0 and made it fully open-source under GPLv3. I wanted something simple without subscriptions or bloat, so I built this to track both positive habits you want to build and negative ones you want to avoid, and it even calculates the money you save from avoiding those bad habits.It's definitely not perfect and is still a very simple app at its core, but since thi
<a href="https://roadmap-project-bygrl.vercel.app/" rel="nofollow">https://roadmap-project-bygrl.vercel.app/</a><p>I've been using a small version of this on myself at the gym for the past year. Instead of logging sets and counting macros, you could just upload a photo of yourself every week and the AI tells you how close you are to the goal and what to adjust in the plan.
Security defenders are girding themselves in response to the disclosure of a maximum-severity vulnerability disclosed Wednesday in React Server, an open-source package that’s widely used by websites ...
Despite many worthy contenders, React remains the most popular front-end framework, and a key player in the JavaScript development landscape. React is the quintessential reactive engine, continually ...
Hey HN, I'm Marcel from Tusk. We’re launching Tusk Drift, an open source tool that generates a full API test suite by recording and replaying live traffic.How it works:1. Records traces from live traffic (what gets captured)2. Replays traces as API tests with mocked responses (how replay works)3. Detects deviations between actual vs. expected output (what you get)Unlike traditional mocking libraries, which require you to manually emulate how dependencies behave, Tusk Drift automatically rec
Hi HN, I’m Sandhya and we have built Visual DB — a web front end for databases. It lets you create data-entry forms, spreadsheet-like grids, and reports directly on top of your existing relational database.Here’s a quick walkthrough: https://youtu.be/4zv_HQKdKeI (13 minutes)WHAT PROBLEM IS THIS SOLVING?Building CRUD apps with master-detail forms, transactions, and proper concurrency controls typically requires weeks of custom development and ongoing maintenance. Visual DB lets you
Hi HN,I recently updated my pytest plugin based on httpdbg to include the HTTP traces directly in the Allure reports. As with httpdbg, the idea is to have nothing more to do than to add an argument to your command line: --httpdbg-allure.For example:pytest examples/pytest_demo.py --alluredir=./allure-results --httpdbg-allureFor each test, all HTTP requests will be recorded and saved in the Allure report under a step named httpdbg.You can check the README in the repository to see how it
Hey HN,I'm Karan, a frontend developer who loves creating UIs, but I've found that many people don't like CSS, but they want their website to look beautiful and polished, and what better way to enhance a website than with animationsAnimations using plain CSS are tricky, and that's why I leaned towards Motion a powerful animation library for React, and I built ogBlocks using React, Motion, and Tailwind CSSI built it for three reasons:1. Anyone can integrate beautiful animated
About 3 years ago i wrote a custom preprocessor to assist in processing the SQLite project's JavaScript builds (e.g. filtering the small differences between vanilla JS and ESM modules). Recently, that app was forked, refactored into a library, and is now, AFAIK, the world's only source-agnostic[^1], client-extensible preprocessor (if one doesn't count sed, awk, etc.).It's implemented in portable C99 and has a two-file source distribution (one header, one .c file). Its only th
Hi HN, I am Aswin Mohan(https://aswinmohan.me), a full-stack mobile/web developer. I have been working on WorkBill (https://workbill.co) for the past 6 weeks on the side and wanted to share it here.demo: https://demo.workbill.co/inbox (no signup needed) video-demo: https://www.loom.com/share/9775811960ad47d7ada89007d8169d90WorkBill is the modern, flexible accounting platform for small businesses. It is based on BeanCount(https:/&#x
I always wanted this: an easy way to reach "resolve docker container by name" -- e.g., to reach web servers running in Docker containers on my dev machine. Of course, I could export ports from all these containers, try to keep them out of each others hair on the host, and then use http://localhost:PORT. But why go through all that trouble? These containers already expose their respective ports on their own IP (e.g., 172.24.0.5:8123), so all I need is a convenient way to find
Hi HN,I built ClientDock - a client portal for service providers to manage communications and files without email chaos.Background: After losing a critical client deliverable in a 200+ email thread, I decided to build a better solution. Most "client portals" are bloated project management tools. I wanted something focused on one thing: making client communication effortless.Technical Details: - Built with Next.js 15 (App Router) - Deployed on Cloudflare Workers using OpenNext adapter -
Trump on Monday reiterated his plan, informing that “all money left over from the $2000 payments” will be “used to substantially pay down national debt.” ...