frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

RISC-V Vector Primer

https://github.com/simplex-micro/riscv-vector-primer/blob/main/index.md
2•oxxoxoxooo•3m ago•0 comments

Show HN: Invoxo – Invoicing with automatic EU VAT for cross-border services

2•InvoxoEU•3m ago•0 comments

A Tale of Two Standards, POSIX and Win32 (2005)

https://www.samba.org/samba/news/articles/low_point/tale_two_stds_os2.html
2•goranmoomin•7m ago•0 comments

Ask HN: Is the Downfall of SaaS Started?

3•throwaw12•8m ago•0 comments

Flirt: The Native Backend

https://blog.buenzli.dev/flirt-native-backend/
2•senekor•10m ago•0 comments

OpenAI's Latest Platform Targets Enterprise Customers

https://aibusiness.com/agentic-ai/openai-s-latest-platform-targets-enterprise-customers
1•myk-e•12m ago•0 comments

Goldman Sachs taps Anthropic's Claude to automate accounting, compliance roles

https://www.cnbc.com/2026/02/06/anthropic-goldman-sachs-ai-model-accounting.html
2•myk-e•15m ago•3 comments

Ai.com bought by Crypto.com founder for $70M in biggest-ever website name deal

https://www.ft.com/content/83488628-8dfd-4060-a7b0-71b1bb012785
1•1vuio0pswjnm7•16m ago•1 comments

Big Tech's AI Push Is Costing More Than the Moon Landing

https://www.wsj.com/tech/ai/ai-spending-tech-companies-compared-02b90046
2•1vuio0pswjnm7•18m ago•0 comments

The AI boom is causing shortages everywhere else

https://www.washingtonpost.com/technology/2026/02/07/ai-spending-economy-shortages/
1•1vuio0pswjnm7•19m ago•0 comments

Suno, AI Music, and the Bad Future [video]

https://www.youtube.com/watch?v=U8dcFhF0Dlk
1•askl•21m ago•1 comments

Ask HN: How are researchers using AlphaFold in 2026?

1•jocho12•24m ago•0 comments

Running the "Reflections on Trusting Trust" Compiler

https://spawn-queue.acm.org/doi/10.1145/3786614
1•devooops•29m ago•0 comments

Watermark API – $0.01/image, 10x cheaper than Cloudinary

https://api-production-caa8.up.railway.app/docs
1•lembergs•31m ago•1 comments

Now send your marketing campaigns directly from ChatGPT

https://www.mail-o-mail.com/
1•avallark•34m ago•1 comments

Queueing Theory v2: DORA metrics, queue-of-queues, chi-alpha-beta-sigma notation

https://github.com/joelparkerhenderson/queueing-theory
1•jph•46m ago•0 comments

Show HN: Hibana – choreography-first protocol safety for Rust

https://hibanaworks.dev/
5•o8vm•48m ago•1 comments

Haniri: A live autonomous world where AI agents survive or collapse

https://www.haniri.com
1•donangrey•49m ago•1 comments

GPT-5.3-Codex System Card [pdf]

https://cdn.openai.com/pdf/23eca107-a9b1-4d2c-b156-7deb4fbc697c/GPT-5-3-Codex-System-Card-02.pdf
1•tosh•1h ago•0 comments

Atlas: Manage your database schema as code

https://github.com/ariga/atlas
1•quectophoton•1h ago•0 comments

Geist Pixel

https://vercel.com/blog/introducing-geist-pixel
2•helloplanets•1h ago•0 comments

Show HN: MCP to get latest dependency package and tool versions

https://github.com/MShekow/package-version-check-mcp
1•mshekow•1h ago•0 comments

The better you get at something, the harder it becomes to do

https://seekingtrust.substack.com/p/improving-at-writing-made-me-almost
2•FinnLobsien•1h ago•0 comments

Show HN: WP Float – Archive WordPress blogs to free static hosting

https://wpfloat.netlify.app/
1•zizoulegrande•1h ago•0 comments

Show HN: I Hacked My Family's Meal Planning with an App

https://mealjar.app
1•melvinzammit•1h ago•0 comments

Sony BMG copy protection rootkit scandal

https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal
2•basilikum•1h ago•0 comments

The Future of Systems

https://novlabs.ai/mission/
2•tekbog•1h ago•1 comments

NASA now allowing astronauts to bring their smartphones on space missions

https://twitter.com/NASAAdmin/status/2019259382962307393
2•gbugniot•1h ago•0 comments

Claude Code Is the Inflection Point

https://newsletter.semianalysis.com/p/claude-code-is-the-inflection-point
4•throwaw12•1h ago•3 comments

Show HN: MicroClaw – Agentic AI Assistant for Telegram, Built in Rust

https://github.com/microclaw/microclaw
1•everettjf•1h ago•2 comments
Open in hackernews

A Year of Work on the Arch Linux Package Management (ALPM) Project

https://devblog.archlinux.page/2026/a-year-of-work-on-the-alpm-project/
98•susam•3w ago

Comments

elcritch•3w ago
This looks both cool and over-engineered. For some reason it gives me a bit of flashback to Java6 days of EE Bean servers though with crates upon crates.

Plus take the winnow library parser example. I’m not sure it’s gonna be easier to follow or debug than a standard recursive descent parser:

    fn hex_primary(input: &mut &str) -> Result<u8> {
        take_while(2, |c: char|  c.is_ascii_hexdigit())
            .try_map(|input| u8::from_str_radix(input, 16))
            .parse_next(input)
    }
guerrilla•3w ago
As a user, is anything going to change? I don't want to need to know about whatever this is. Everything already works fine. Are you planning on breaking it?
bionade24•3w ago
> Everything already works fine.

No, Archlinux was repeatedly behind with package updates. This even went as far as lagging behind Ubuntu in at least one instance, causing inconvenience and frustration for users which then either had to use other more up-to-date sources for dependencies or package the newer version of dependencies under a different installroot themselves.

This problem is caused by a staff shortage or the average necessary maintanance effort for repo packages. At least one of those 2 causes has to be solved.

nineteen999•3w ago
There's a staff shortage and instead of catching up on packaging tasks the project is building the 19th, what 20th package management system that Linux has now, instead of using battle tested systems like .deb and .rpm?

That is why projects like Arch ... Nixos ... etc ... all eventually become "niche".

homebrewer•3w ago
Nah, you can keep both. Arch and Alpine are the only two distributions where I bother to build proper packages for everything because their package managers make it so easy to do the right thing.

It might be the 20th package manager in existence, which would be a problem, if Debian maintainers did not release a 20th way to build .debs just a year or two ago, mostly (but not really) deprecating the previous 19 ways. No thanks.

mqus•3w ago
Its not "building a new package management system", "alpm" is literally the foundation of the pacman ecosystem. They are improving this so they _can_ catch up on packaging tasks.

I'm the same as the sibling commenter, I don't want to have another deb or rpm distro. The AUR wouldn't exist without pacman&makepkg.

guerrilla•3w ago
What packages are you talking about?

It does it's job. I've been using it on the desktop for decades now with never needing to care about anything like that. If it ain't broke, don't fix it...

HendrikHensen•3w ago
The fact that you personally haven't encountered an issue, doesn't mean that no issue existed.
guerrilla•3w ago
Okay, I'm saying don't break it.
trueismywork•3w ago
Use Rocky
guerrilla•3w ago
No thanks. It works. Don't break it. Thanks.
1una•3w ago
> What packages are you talking about?

Maybe Python: https://old.reddit.com/r/archlinux/comments/1azkxnn/whats_ho...

jelly1•3w ago
I intentionally hold back major Python versions till I can dedicate a lot of time to get everything rebuild and compatible. A lot of big Python programs (ML, scientific) usually need work to get compatible requiring ~ 1-2 weeks of time to get this all done :)
lemper•3w ago
is Allan McRae still in the team? If so, he would break it. But if not I assume that everything will work seamlessly, bar unfortunate situation.
drbig•3w ago
> The ALPM project arose from the need for more clearly specifying the interfaces, as well as providing bindings and tools in a memory-safe programming language.

Whose need?

As an admin and a user I kindly ask: why? what for?

`pacman` which has been and is working fine for over two decades on multiple architectures is two packages - and that includes mirror finder.

This project seems like a CS exercise: funded by a grant, designed by committee, producing a lot of complex artifacts (already over a dozen packages)... and it's unclear if the lot of that can even install a single package.

forgotpwd16•3w ago
Arch package management isn't just pacman, but also makepkg, namcap, dbscripts, devtools (pkgctl and others). As end-user/sysadmin you may not even have heard about them but distro is built atop them.
drbig•3w ago
As a sysadmin I'm very familiar with `makepkg`, its config file and the fact that sooner or later one will need both `clang` and `gcc`, because they're equivalent only in theory ;-)

But as I maintain only a library of pre-build(-once) software, rather than being an actual package maintainer - surely there is the whole other side that I normally do not see, much less touch.

Having said that, I'm all for better tooling - it's just that the project doesn't even hint, much less describe, the actual benefits for the people who will (sooner or later? have to?) use it.

And, unfortunately, I've been doing this for long enough to approach _any_ increase in complexity with at least anxiety, if not outright sadness (at "you could have spent that time/money on more _useful_ work", usually).

imtringued•3w ago
They created a specification for the PKGBUILD format and a library to parse PKGBUILD files.

If you wanted to use PKGBUILD files to build Ubuntu or Debian packages, you could in principle build your own makepkg implementation for building Ubuntu packages.

You could also build an SBOM tool that takes a PKGBUILD and produces the SBOM using the PKGBUILD metadata of all the transitive dependencies.

They are also working on something that could be summarised as "IDE" features. Validation and linting of PKGBUILD files not unlike what a language server/IDE does (e.g. rust analyzer or IntelliJ).

EDIT:

There is also a library for programmatic creation of PKGBUILD files, so build systems could integrate with it to automatically produce Arch Linux packages. This could make building your own Arch Linux packages even easier than it already is.

pwdisswordfishy•3w ago
Aren’t PKGBUILDs just shell scripts?
homebrewer•3w ago
It's an implementation detail, you're saying it like they're completely free form. Not really, they have a very specific structure that every package adheres to.

Parsing them currently requires evaluating them as shell scripts. Should be obvious how bad of an idea it is, especially in the context of the AUR (which is why it requires you to push a dumbed down metadata file called SRCINFO along with PKGBUILD — which is then used to show package info in the web UI you're probably familiar with).

Being able to safely parse PKGBUILDs without running them would certainly be an improvement.

pwdisswordfishy•3w ago
Well, I have seen PKGBUILDs with arbitrary logic defining the metadata:

https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=webor...

Which is what necessitated a separate, statically-parseable .SRCINFO.

imtringued•3w ago
Arch Linux doesn't fork upstream projects and usually only does minimal changes/patches to a package. This means package maintainers spend the vast majority of their time packaging.

When you think about it, a Linux distribution should upstream useful changes to the original project and have the changes be available through configuration. But if that is the case then the vast majority of the code lives outside the Linux distribution. The package manager including the server backend might be the largest code base of Arch Linux and perhaps even the only one that has a meaningful size to begin with.

anonnon•3w ago
> This project can be used under the terms of the Apache-2.0 or MIT. Contributions to this project, unless noted otherwise, are automatically licensed under the terms of both of those licenses.

Thanks, German government!

nabla9•3w ago
This is a waste of Sovereign Tech Fund money. That money is supposed to fund the digital sovereignty of Germany and Europe. Yet, they put €500,000 into this. It seems open-source developers have their own way of performing their own version of corporate capture.
forgotpwd16•3w ago
Considering Arch is one of the big upstream distros and, alongside Debian and NixOS, one of the big community-run ones, standardizing and improving its foundations is certainly not a waste. Moreover some results are usable beyond Arch, e.g. VOA (for storage and retrieval of signature verifiers). Choosing Rust though does impose some portability limitations. (Even if makes sense to not want to use C in 2020s.)
nabla9•3w ago
This is not improving anything. Overly complex and starting from scratch. They should have picked dome existing package manager instead and contributed to it. Yet another package manager is not justifiable anymore. Always starting new package manager from scratch is the bane of oss it seems.

https://en.wikipedia.org/wiki/List_of_software_package_manag...

mqus•3w ago
But this _is_ improving the pacman ecosystem? Afaict its aiming to be a drop-in replacement of existing tools, but with proper libraries so systems like buildbtw can be built around it.
imtringued•3w ago
This is not another package manager.

https://alpm.archlinux.page/faq.html

ALPM is not a makepkg/pacman implementation, it is a set of libraries to make it easier to build makepkg/pacman implementations.

It's kind of like the OCI image specification, but for the "Dockerfile" portion of Arch Linux package management rather than the binaries. Competitors like Debian don't even have something that is equivalent to PKGBUILD or Dockerfile. You're expected to know how to setup and build a project on your own and then have packaging be a separate step that happens at the end. They are heavily reliant on institutional knowledge of package maintainers and are impenetrable to outsiders that are unwilling to spend days on building their first package.

remove-resolve•3w ago
ALPM is not new nor is it a package manager. It's a set of packaging tools dating back to 2002, older than most of package managers on that list. These are improvements to the existing ecosystem.
nonameiguess•3w ago
I'd never heard of this until right now, but Jesus Christ, Hacker News, this is an awful lot of griping for a project that appears to be completely additive with zero impact to end users or administrators of Arch Linux. pacman is still around and still uses libalpm, not this. The FAQ and mission seem pretty clear that this exists, at least for now, solely for the benefit of packagers and maintainers. They decided making this as a modular set of specifications and libraries would be best to allow arbitrary downstreams to make use as they see fit, but the only current project using this, as far as I can tell, is a project that automates updates for package builds and possibly the Python bindings are either used by the AUR website or soon will be to extract and display package metadata.

I get the cynicism and griping when it's the latest in LLM slop, capitalist surveillance state, and corporate churn for the sake of churn, but where on Earth is the harm in this? They wanted some low-level utilities for reading, writing, and manipulating package files and metadata, for whatever reason found the existing libalpm lacking, so made this. It doesn't appear that any end-user Arch packages use it or depend upon it, you'll not need to install this or the larger Rust toolchain unless you independently decide you want to, but there's a bunch of complaining anyway.

Santosh83•3w ago
> The GnuPG upstream has denounced the IETF-driven OpenPGP standardization process and has subsequently been removed from other major package management software such as apt and rpm over the last three years. Compatibility with other OpenPGP implementations is no longer guaranteed...

What?? First time I'm hearing of this schism. I wish the FOSS community had less disagreements all over the place.