Show HN: I fine-tuned GPT4.1 on my iMessage history https://bit.ly/41qe23y

Show HN: I fine-tuned GPT4.1 on my iMessage history https://bit.ly/3JujvAm August 28, 2025 at 03:48AM

Show HN: Pocket Agent: run Claude, Cursor, Codex and more from your phone https://bit.ly/4n80L8k

Show HN: Pocket Agent: run Claude, Cursor, Codex and more from your phone Hi HN, I built Pocket Agent — a mobile-first interface for coding agents like Claude Code, Cursor, Codex, Gemini, and OpenCode. It lets you connect to your own dev environment (or cloud agents) and interact with them in real time from your phone. Pocket has two parts: • Pocket Server (open-source): lightweight server (Mac + Linux today, Windows soon) you run on your machine. It securely exposes your environment to Pocket. • Pocket App (beta): your mobile interface. You can: • Chat with agents (Claude, Cursor, Codex, Gemini, etc.) • Run and monitor terminal sessions in real time • Approve or deny file edits, searches, or commands • Launch and track cloud background agents • Manage multiple projects/sessions — all from your phone Traction in the first 24 hours: • 1,400+ unique visitors • 350+ beta signups • 130+ GitHub stars • Community already contributing: Linux support, Tailscale pairing, Claude Code auth integration Repo: https://bit.ly/41pAqKp Website: https://bit.ly/460aqXx I’d love your feedback — especially if you’re building or using CLI agents. What would make you adopt and trust a mobile-first agent workspace? https://bit.ly/460aqXx August 28, 2025 at 03:32AM

Show HN: Karton is a simple, type-safe RPC and state-syncing framework (OSS,MIT) https://bit.ly/4lRVIYq

Show HN: Karton is a simple, type-safe RPC and state-syncing framework (OSS,MIT) Karton (German for “carton”) is a type-safe and web socket based solution that allows you to define a shared definition of what is synchronized between server and client side (the “Karton contract”): - The type of state that is synced between the server- and client-side (read-only on client-side) - Server procedures that clients can call to make mutations on server-side - Client procedures that servers can call to make queries etc. to the client-side All connections share the same state, and the state is always defined by the server. Deltas are efficiently synced through JSON-style patches (using immer under the hood). We’re Glenn and Julian, and we built this as a tool for our startup (stagewise - YC S25). We needed a simple and type safe solution to sync a CLI app (JS-app) with a browser-based UI-app (we use React). We didn’t find any solutions out there that seemed easy to use, so we simply decided to build our own one. We offer both the server and client in vanilla TS, but also ship a React-specific client that gives you a Zustand-style access to the state (allowing to only select slices of the whole state as well). The API is made to be very easy to use, with just one output type that’s shared between server and client apps, making it a low-overhead solution if you build locally running JS apps that consist of multiple sub-apps. Karton is MIT-licensed, available on npm (@stagewise/karton) and currently part of our bigger OSS monorepo. It’s pretty much in beta state but we already use it in production. GitHub: https://bit.ly/47hQFwN... NPM package: https://bit.ly/45Vt17a Our YC Launch: https://bit.ly/4lHxArj... https://bit.ly/3JTi3HD August 28, 2025 at 02:32AM

Show HN: Regolith – Regex library that prevents ReDoS CVEs in TypeScript https://bit.ly/47c9ul7

Show HN: Regolith – Regex library that prevents ReDoS CVEs in TypeScript I wanted a safer alternative to RegExp for TypeScript that uses a linear-time engine, so I built Regolith. Why: Many CVEs happen because TypeScript libraries are vulnerable to Regular Expression Denial of Service attacks. I learned about this problem while doing undergraduate research and found that languages like Rust have built-in protection but languages like JavaScript, TypeScript, and Python do not. This library attempts to mitigate these vulnerabilities for TypeScript and JavaScript. How: Regolith uses Rust's Regex library under the hood to prevent ReDoS attacks. The Rust Regex library implements a linear-time Regex engine that guarantees linear complexity for execution. A ReDoS attack occurs when a malicious input is provided that causes a normal Regex engine to check for a matching string in too many overlapping configurations. This causes the engine to take an extremely long time to compute the Regex, which could cause latency or downtime for a service. By designing the engine to take at most a linear amount of time, we can prevent these attacks at the library level and have software inherit these safety properties. I'm really fascinated by making programming languages safer and I would love to hear any feedback on how to improve this project. I'll try to answer all questions posted in the comments. Thanks! - Jake Roggenbuck https://bit.ly/4n3FtbU August 27, 2025 at 03:54AM

Show HN: CashLedger – Offline-first PWA for cash tracking https://bit.ly/46a2h3S

Show HN: CashLedger – Offline-first PWA for cash tracking I built *CashLedger*, an offline-first PWA for managing personal, family, or small business cash flow. Why? Not every place has reliable internet, and many people don’t want their financial data stored on third-party servers. CashLedger works completely offline and keeps data private — stored locally on your device. Features: - Add transactions quickly (text or voice input) - Spending insights with charts and analytics - Generate professional PDF statements - Customizable dashboard and transaction cards - Choose your flow: go straight to your account after login, or start with a customizable home screen The UX twist: My first tester (my father) wanted to skip the dashboard entirely. I wanted one. So I added an option: users can choose their preferred flow. Demo: https://bit.ly/4mx6Yun I’d love your feedback: - Is this useful for anyone beyond me? - What features would you expect from a privacy-first cash tracker? - Any pitfalls you see in making this offline-first? https://bit.ly/4mx6Yun August 27, 2025 at 12:08AM

Show HN: ProStore – The best alternative app store for iOS https://bit.ly/4n0iAWB

Show HN: ProStore – The best alternative app store for iOS https://bit.ly/45Uk6CX August 27, 2025 at 12:32AM

Show HN: I integrated my from-scratch TCP/IP stack into the xv6-riscv OS https://bit.ly/3ULXuPO

Show HN: I integrated my from-scratch TCP/IP stack into the xv6-riscv OS Hi HN, To truly understand how operating systems and network protocols work, I decided to combine two classic learning tools: the xv6 teaching OS and a from-scratch TCP/IP stack. I'm excited to share the result: my own from-scratch TCP/IP networking stack running directly inside the xv6-riscv ( https://bit.ly/47rF1jd ) kernel. The project uses a modern virtio-net driver, allowing it to run seamlessly in QEMU and communicate with the host machine. Key features: - From-Scratch Stack: The core is powered by microps ( https://bit.ly/41TsKQK ), a TCP/IP stack I originally wrote to run in user-space as a personal project to learn the low-level details of networking. - Kernel Integration: This project ports microps from user-space into the xv6-riscv kernel. - Socket API: Implements standard system calls (socket, bind, accept, etc.) to enable network application development. - User-level Tools: Comes with a simple ifconfig command, plus tcpecho and udpecho servers to demonstrate its capabilities. This has been a fantastic learning experience. My goal was to demystify the magic behind network-aware operating systems by building the components myself. I'd love to hear your feedback and answer any questions! https://bit.ly/47rF1jd August 26, 2025 at 07:24AM

Show HN: I estimated the carbon impact of different LLMs https://bit.ly/421Noy6

Show HN: I estimated the carbon impact of different LLMs (did my best with the data that is available online) https://bit.ly/45LWlwB August 26, 2025 at 04:13AM

Show HN: Stop saving your scans on 3rd party servers https://bit.ly/3HIFOBO

Show HN: Stop saving your scans on 3rd party servers Hi HN, I built DocsOrb to solve a simple but stressful problem (and my own problem too since many years!): keeping track of important documents like passports, rental contracts, and insurance papers. Too often they're scattered across folders, emails, or piles at home... and you only realize it when you urgently need them. DocsOrb helps you: > Scan documents with auto-crop and enhancements (mobile camera or file upload) > Organize them around life's "moments" (travel, housing, insurance, etc.) > Search quickly using Key Information > AI extracts Key Information so the most important details are always at your fingertips > Export or share in one tap > AI Bulk organize: load up multiple images from your Photos to automatically organize them as documents, put them in the right folders, extract Key Information and also suggest a recommended name and description. Everything stays on your device by default, with optional cloud backup if you want it. Privacy-first, so you're always in control. Tech-wise: it's built with Nuxt + Capacitor, Supabase for structured storage, and a custom scanning flow (to avoid pricey SDK lock-ins). I'd love your feedback: > Does this flow make sense to you? > What's missing in how you manage important documents? > Any suggestions before I go full blast on Marketing? https://bit.ly/3HTHQyX August 26, 2025 at 01:36AM

Show HN: I built an AI trip planner https://bit.ly/4mzcJbd

Show HN: I built an AI trip planner https://bit.ly/3JyuTek August 25, 2025 at 10:09PM

Show HN: Timep – A next-gen profiler and flamegraph-generator for bash code https://bit.ly/4mtIzpx

Show HN: Timep – A next-gen profiler and flamegraph-generator for bash code Note: this is an update to [this]( https://bit.ly/4eLA2eA ) "Show HN" post. timep is a state-of-the-art [debug-]trap-based bash profiler that is efficient and extremely accurate. Unlike other profilers, timep records: 1. per-command wall-clock time 2. per-command CPU time, and 3. the hierarchy of parent function calls /subshells for each command the wall-clock + CPU time combination allows you to determine if a particular command is CPU-bound or IO-bound, and the hierarchical logging gives you a map of how the code actually executed. The standout feature of timep is that it will take these records and automatically generate a bash-native flamegraph (that shows bash commands, not syscalls). ------------------------------------------------ USAGE timep is extremely easy to use - just source the `timep.bash` file from the repo and add "timep" in front of whatever you want to profile. for example: . /path/to/timep.bash timep ./some_script echo "stdin" | timep some_function ZERO changes need to be made to the code being profiled! ------------------------------------------------ EXAMPLES [test code that will be profiled]( https://bit.ly/4fVSf9Z... ) [output profile for that test code]( https://bit.ly/3HFEWhe... ) [flamegraph for that test code]( https://bit.ly/4mtIAd5... ) [flamegraph from a "real world" test of "forkrun", a parallelization engine written in bash]( https://bit.ly/47IXiZ8... ) In the "forkrun test", 13 different checksums were computed for ~670k small files on a ramdisk using 28 parallel workers. this was repeated twice. In total, this test ran around 67,000 individual bash commands. [This is its `perf stat` (without timep)]( https://bit.ly/4fYaJH2... ). ------------------------------------------------ EFFICIENCY AND ACCURACY The forkrun test (see "examples" section above) was basically as demanding of a workload as one can have in bash. it fully utilized 24.5 cores on a 14c/28t i9-7940x CPU, racking up >840 seconds of CPU time in ~34.5 seconds of wall-clock time. When profiling this group of 67,000 commands with timep: 1. the time it took for the code to run with the debug-trap instrumentation was ~38 seconds, an increase of just slightly over 10%. CPU time had a similiar increase. 2. the time profile was ready at +2 minutes (1 minute + 15 seconds after the profiling run finished) 3. the flamegraphs were ready at +5 minutes (4 minute + 15 seconds after the profiling run finished) Note that timep records both "start" and "stop" timestamps for every command, and the debug trap instrumentation runs between one commands "stop" timestamp and the next commands "start" timestamp, meaning the error in the profiles timings is far less than the 10% overhead. Comparing the total (sys+user) CPU time that perf stat gave (without using timep) and the CPU time timep gives (from summing together the CPU time of all 67,000-ish commands), the difference is virtually always less than 0.5%, and often less than 0.2%. Ive seen as low as 0.04%, which is 1/3 of a second on a run that took ~850 seconds of CPU time. ------------------------------------------------ MAJOR CHANGES SINCE THE LAST "SHOW HN" POST 1. CPU time is now recorded too (instead of just wall-clock time). This is done via a loadable builtin that calls `getrusage` and (if available) `clock_gettime` to efficiently and accurate determine the CPU time of the process and all its descendants. 2. the .so file required to use the loadable builtin mentioned in #1 is built directly into the script has an embedded compressed base64 sequence. I also developed the bash-native compression scheme that it uses. The .so files for x86_64, aarch64, ppc64le and i686 are all included. Im hoping to add arm7 soon as well. the flamegraph generator perl script is also embedded, making the script 100% fully self-contained. NOTE: these embedded base64 strings include both sha256 and md5 checksums of the resulting .so file that are verified on extraction. 3. the flamegraph generation has been completely overhauled. The flamegraphs now a) are colored based on runtime (hot colors = longer runtime), b) desaturate colors for commands where cpu time << wall-clock time (e.g., blocking reads, sleep, wait, ...), and c) use a runtime-weighted CDF color mapping that ensures, regardless of the distribution of the underlying data, that the resulting flamegraph has a roughly equal amount of each color in the colorspace (where "equal" means "the same number of pixels are showing each color"). timep also combines multiple flamegraphs (that show wallclock time vs cpu time and that us the full vs folded set of traces) by vertically stacking them into a single SVG image, giving "dual stack" and "quad stack" flamegraphs. 4. the post-processing workflow has been basically completely re-written, making it more robust, easier to understand/maintain, and much faster. The "forkrun" test linked above (that ran 67,000 commands) previously took ~20 minutes. With the new version, you can get a profile in 2 minutes or a profile + flamegraph in 5 minutes - a 4x to 10x speedup! https://github.com/jkool702/timep August 25, 2025 at 06:17AM

Show HN: Decentralized Bitcoin Incentives via QR Codes https://bit.ly/4g0UwAQ

Show HN: Decentralized Bitcoin Incentives via QR Codes DT7-QR Rewards System – (Open Source Proposal) https://bit.ly/4oSya8m August 25, 2025 at 02:52AM

Show HN: FilterQL – A tiny query language for filtering structured data https://bit.ly/4n3qzCt

Show HN: FilterQL – A tiny query language for filtering structured data Hey all, I just released v2.0.0 of FilterQL, a query language and TypeScript library. This version adds support for Operations, which allow you to transform the data after filtering. If you think this would be useful in a project you're working on, give it a try and let me know what you think! https://bit.ly/4lKOPrV August 24, 2025 at 07:55PM

Show HN: LoadGQL – a CLI for load-testing GraphQL endpoints https://bit.ly/4mwFNQD

Show HN: LoadGQL – a CLI for load-testing GraphQL endpoints Hi HN I’ve been working with GraphQL for a while and always felt the tooling around load testing was lacking. Most tools either don’t support GraphQL natively, or they require heavy setup/config. So I built *LoadGQL* — a single-binary CLI (written in Go) that lets you quickly stress-test a GraphQL endpoint. *What it does today (v1.0.0):* - Run queries against any GraphQL endpoint (no schema parsing required) - Reports median & p95 latency, throughput (RPS), and error rate - Supports concurrency, duration, and custom headers - Minimal and terminal-first by design *Roadmap:* p50/p99 latency, output formats (JSON/CSV), multiple query files. Landing page: [ https://bit.ly/3Vds2Kq ]( https://bit.ly/3Vds2Kq ) I’d love feedback from the HN community: - What metrics matter most to you for GraphQL performance? - Any sharp edges you’d expect in a GraphQL load tester? Thanks for checking it out! https://bit.ly/3Vds2Kq August 24, 2025 at 02:30AM

Show HN: I built aibanner.co to stop spending hours on marketing banners https://bit.ly/3Veyzo2

Show HN: I built aibanner.co to stop spending hours on marketing banners https://bit.ly/3VeyzEy August 24, 2025 at 01:27AM

Show HN: HypeVortex: Combining Crypto and AI in the stupidest way possible https://bit.ly/4mP75kE

Show HN: HypeVortex: Combining Crypto and AI in the stupidest way possible I work at a so called "hyperscaler" in billing and invoicing and learned that LLM use is metered and billed in "tokens". I had never really used LLMs at the time. Now that I do (including to make this site, with heavy oversight), this is obvious because they all tell you how many tokens some query is using. This reminded me of "Token Mania" of 2020-2021 so I decided to combine the two concepts in an absolutely useless way - enter the HypeVortex. I made a token on Polygon (contract here: https://bit.ly/4mP75Ba... ). This token CANNOT be exchanged, it can only go from me to users and back to me. It's worthless. You login with email (sorry), and get a code emailed to you (again, sorry). Then a wallet is made for you, you claim HypeVortex tokens and spend them on AI. Your email is stored as a hash, I don't know what it is and I can't see what anyone does. All in a geocities style page. With midi. I have no profit motive here, it's entirely silly fun. For those of you born early 90s and before, I hope you have some nostalgic fun with it. sign the guestbook! it actually works! https://bit.ly/4mZSB1z August 23, 2025 at 02:51AM

Show HN: JavaScript-free (X)HTML Includes https://bit.ly/47F6sWE

Show HN: Lumo – a tiny fluffy virtual pet you can play with in the browser https://bit.ly/45LvqRs

Show HN: Lumo – a tiny fluffy virtual pet you can play with in the browser This is Lumo, a tiny fluffy virtual pet that lives in your browser. You can feed it, tickle it, or just say hi — it reacts naturally, more like a living toy than a game character. Play here: https://bit.ly/45Hhb03 ## Why I made this I wanted to experiment with combining AI-generated assets (image-to-video via Google Flow) and a lightweight state machine in JavaScript to simulate natural pet-like behaviors. Instead of giving direct commands, you just interact — and Lumo reacts. ## How it works - Assets were generated with image-to-video (idle, happy, annoyed, etc.). To make the animations feel more natural, I used the Frames-to-Video mode — for example, I set both the start and end frames to the idle state, so transitions between different behaviors look smoother. - A JS state machine switches animations and reactions. For example, the default state is the idle animation. If you touch Lumo once, it becomes curious and shows the corresponding behavior (animation). If you touch it again, it turns happy. - Everything runs client-side in the browser. ## What’s next This is just a small experiment right now. I’d love to hear feedback: - What feels fun or missing in the interaction? - What other “pet-like” behaviors could make it more alive? - Anyone else here experimenting with AI video assets for interactive projects? Thanks for checking it out https://bit.ly/3UFNcRi August 22, 2025 at 04:09AM

Show HN: GPT-5 vs. Claude 4 Sonnet on 200 Requests Benchmark https://bit.ly/4mv8GMZ

Show HN: GPT-5 vs. Claude 4 Sonnet on 200 Requests Benchmark We Released an independent evaluation of GPT-5 vs Claude 4 Sonnet across 200 diverse prompts. Key insights: GPT-5 excels in reasoning and code; Claude 4 Sonnet is faster and slightly more precise on factual tasks. https://bit.ly/477Mh3x August 22, 2025 at 03:17AM

Show HN: Changefly ID + Anonymized Identity and Age Verification https://bit.ly/4fMji7H

Show HN: Changefly ID + Anonymized Identity and Age Verification Hey HN! I’m Lukas Dickie the founder of Changefly and I’m truly excited to share with you our latest release of Changefly ID with Anonymized Identity & Age Verification. By putting privacy first and using a novel approach to account protection, Changefly ID offers a path to a safer, more secure, and less-intrusive internet for everyone: - Changefly ID for anonymous authentication + ANONYMIZED identity & age verification for services that are required to verify minimum age - Zero-knowledge proofs, secure multi-party computation, temporary unique identifiers - Protects against bot attacks, bot scraping, identity theft, phishing, credential stuffing, online tracking, and other evolving threats Changefly ID + Anonymized Identity & Age Verification is like showing a bartender a “Yes, I’m over 21” hologram badge instead of handing them your driver’s license with your name, address, and birthdate. They get what they need—but none of what they shouldn’t have. We’re just getting started and I’d love to hear what you think, what you’d like to see next, and any feedback you have. https://bit.ly/45MifQm https://bit.ly/477Gpav August 21, 2025 at 08:22PM