news newest ask show jobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Show HN: Amdb – Tree-sitter based memory for AI agents (Rust)

https://github.com/BETAER-08/amdb

1•try_betaer•16s ago•0 comments

OpenClaw Partners with VirusTotal for Skill Security

https://openclaw.ai/blog/virustotal-partnership

1•anhxuan•22s ago•0 comments

Show HN: Seedance 2.0 Release

https://seedancy2.com/

1•funnycoding•54s ago•0 comments

Leisure Suit Larry's Al Lowe on model trains, funny deaths and Disney

https://spillhistorie.no/2026/02/06/interview-with-sierra-veteran-al-lowe/

1•thelok•57s ago•0 comments

Towards Self-Driving Codebases

https://cursor.com/blog/self-driving-codebases

1•edwinarbus•1m ago•0 comments

VCF West: Whirlwind Software Restoration – Guy Fedorkow [video]

https://www.youtube.com/watch?v=YLoXodz1N9A

1•stmw•2m ago•1 comments

Show HN: COGext – A minimalist, open-source system monitor for Chrome (<550KB)

https://github.com/tchoa91/cog-ext

1•tchoa91•2m ago•0 comments

FOSDEM 26 – My Hallway Track Takeaways

https://sluongng.substack.com/p/fosdem-26-my-hallway-track-takeaways

1•birdculture•3m ago•0 comments

Show HN: Env-shelf – Open-source desktop app to manage .env files

https://env-shelf.vercel.app/

1•ivanglpz•7m ago•0 comments

Show HN: Almostnode – Run Node.js, Next.js, and Express in the Browser

https://almostnode.dev/

1•PetrBrzyBrzek•7m ago•0 comments

Dell support (and hardware) is so bad, I almost sued them

https://blog.joshattic.us/posts/2026-02-07-dell-support-lawsuit

1•radeeyate•8m ago•0 comments

Project Pterodactyl: Incremental Architecture

https://www.jonmsterling.com/01K7/

1•matt_d•8m ago•0 comments

Styling: Search-Text and Other Highlight-Y Pseudo-Elements

https://css-tricks.com/how-to-style-the-new-search-text-and-other-highlight-pseudo-elements/

1•blenderob•10m ago•0 comments

Crypto firm accidentally sends $40B in Bitcoin to users

https://finance.yahoo.com/news/crypto-firm-accidentally-sends-40-055054321.html

1•CommonGuy•10m ago•0 comments

Magnetic fields can change carbon diffusion in steel

https://www.sciencedaily.com/releases/2026/01/260125083427.htm

1•fanf2•11m ago•0 comments

Fantasy football that celebrates great games

https://www.silvestar.codes/articles/ultigamemate/

1•blenderob•11m ago•0 comments

Show HN: Animalese

https://animalese.barcoloudly.com/

1•noreplica•11m ago•0 comments

StrongDM's AI team build serious software without even looking at the code

https://simonwillison.net/2026/Feb/7/software-factory/

2•simonw•12m ago•0 comments

John Haugeland on the failure of micro-worlds

https://blog.plover.com/tech/gpt/micro-worlds.html

1•blenderob•12m ago•0 comments

Show HN: Velocity - Free/Cheaper Linear Clone but with MCP for agents

https://velocity.quest

2•kevinelliott•13m ago•2 comments

Corning Invented a New Fiber-Optic Cable for AI and Landed a $6B Meta Deal [video]

https://www.youtube.com/watch?v=Y3KLbc5DlRs

1•ksec•15m ago•0 comments

Show HN: XAPIs.dev – Twitter API Alternative at 90% Lower Cost

https://xapis.dev

2•nmfccodes•15m ago•1 comments

Near-Instantly Aborting the Worst Pain Imaginable with Psychedelics

https://psychotechnology.substack.com/p/near-instantly-aborting-the-worst

2•eatitraw•21m ago•0 comments

Show HN: Nginx-defender – realtime abuse blocking for Nginx

https://github.com/Anipaleja/nginx-defender

2•anipaleja•21m ago•0 comments

The Super Sharp Blade

https://netzhansa.com/the-super-sharp-blade/

1•robin_reala•23m ago•0 comments

Smart Homes Are Terrible

https://www.theatlantic.com/ideas/2026/02/smart-homes-technology/685867/

2•tusslewake•24m ago•0 comments

What I haven't figured out

https://macwright.com/2026/01/29/what-i-havent-figured-out

1•stevekrouse•25m ago•0 comments

KPMG pressed its auditor to pass on AI cost savings

https://www.irishtimes.com/business/2026/02/06/kpmg-pressed-its-auditor-to-pass-on-ai-cost-savings/

1•cainxinth•25m ago•0 comments

Open-source Claude skill that optimizes Hinge profiles. Pretty well.

https://twitter.com/b1rdmania/status/2020155122181869666

3•birdmania•25m ago•1 comments

First Proof

https://arxiv.org/abs/2602.05192

8•samasblack•27m ago•4 comments

Open in hackernews

SBoM – treating dependencies like code, not artifacts

https://mz.attahri.com/posts/software-bill-of-materials-as-code/

3•mohamedattahri•1mo ago

Comments

mohamedattahri•1mo ago

OP here. Sharing this early because I'm trying to gauge if this specific pain point is widespread, or if I'm just scratching a niche itch.

Context: I’ve been working in a regulated monorepo and realized that almost all existing supply chain tools assume you are a large enterprise with dedicated infrastructure.

The gap I found:

Scanners are reactive (they yell at you after the fact).

Artifactory/Nix are heavy (they require rebuilding your workflow or hosting servers).

I wanted something in the middle. The idea is a lightweight CLI that acts as a local proxy to gate npm/cargo/go requests against policies stored directly in git. It forces "lockfile intent" (what the dev wants) to match "security policy" (what the repo allows) before the package hits the host.

The mechanism I'm most interested in feedback on is the enforcement logic: sbom check --policy-from=origin/main

This allows the CLI to judge the "crimes" on your feature branch against the "laws" defined in main. It effectively prevents a developer from un-banning a vulnerable package in the same PR that introduces it.

Does this "local proxy" approach feel like the right middle ground to you, or is the overhead of a proxy too much for a daily driver?