frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Redox OS has adopted a Certificate of Origin policy and a strict no-LLM policy

https://gitlab.redox-os.org/redox-os/redox/-/blob/master/CONTRIBUTING.md
158•pjmlp•2h ago•126 comments

I put my whole life into a single database

https://howisfelix.today/
22•lukakopajtic•1h ago•3 comments

Yann LeCun's AI startup raises $1B in Europe's largest ever seed round

https://www.ft.com/content/e5245ec3-1a58-4eff-ab58-480b6259aaf1
46•ottomengis•37m ago•32 comments

Lotus 1-2-3 on the PC with DOS

https://stonetools.ghost.io/lotus123-dos/
105•TMWNN•3d ago•37 comments

Two Years of Emacs Solo

https://www.rahuljuliato.com/posts/emacs-solo-two-years
271•celadevra_•11h ago•81 comments

The Gervais Principle, or the Office According to "The Office"

https://www.ribbonfarm.com/2009/10/07/the-gervais-principle-or-the-office-according-to-the-office/
38•janandonly•2d ago•9 comments

LoGeR – 3D reconstruction from extremely long videos (DeepMind, UC Berkeley)

https://loger-project.github.io
55•helloplanets•5h ago•19 comments

Building a Procedural Hex Map with Wave Function Collapse

https://felixturner.github.io/hex-map-wfc/article/
510•imadr•18h ago•72 comments

TCXO Failure Analysis

https://serd.es/2026/03/06/TCXO-failure-analysis.html
16•zdw•3d ago•1 comments

Optimizing Top K in Postgres

https://www.paradedb.com/blog/optimizing-top-k
89•philippemnoel•1d ago•12 comments

The hidden compile-time cost of C++26 reflection

https://vittorioromeo.com/index/blog/refl_compiletime.html
31•SuperV1234•3d ago•10 comments

Show HN: Remotely use my guitar tuner

https://realtuner.online/
211•smith-kyle•3d ago•48 comments

JSLinux Now Supports x86_64

https://bellard.org/jslinux/
333•TechTechTech•18h ago•101 comments

Is legal the same as legitimate: AI reimplementation and the erosion of copyleft

https://writings.hongminhee.org/2026/03/legal-vs-legitimate/
483•dahlia•20h ago•498 comments

macOS Tahoe windows have different corner radiuses

https://lapcatsoftware.com/articles/2026/3/1.html
180•robenkleene•3d ago•127 comments

No, it doesn't cost Anthropic $5k per Claude Code user

https://martinalderson.com/posts/no-it-doesnt-cost-anthropic-5k-per-claude-code-user/
244•jnord•12h ago•173 comments

Darkrealms BBS

http://www.darkrealms.ca/
106•TigerUniversity•3d ago•24 comments

Show HN: I Was Here – Draw on street view, others can find your drawings

https://washere.live
35•mrktsm__•6h ago•25 comments

The “JVG algorithm” only wins on tiny numbers

https://scottaaronson.blog/?p=9615
71•jhalderm•10h ago•38 comments

Show HN: DenchClaw – Local CRM on Top of OpenClaw

https://github.com/DenchHQ/DenchClaw
123•kumar_abhirup•20h ago•97 comments

Graphing how the 10k* most common English words define each other

https://wyattsell.com/experiments/word-graph/
73•wyattsell•2d ago•20 comments

Launch HN: Terminal Use (YC W26) – Vercel for filesystem-based agents

105•filipbalucha•18h ago•73 comments

DARPA’s new X-76

https://www.darpa.mil/news/2026/darpa-new-x-76-speed-of-jet-freedom-of-helicopter
205•newer_vienna•18h ago•182 comments

Learnings from paying artists royalties for AI-generated art

https://www.kapwing.com/blog/learnings-from-paying-artists-royalties-for-ai-generated-art/
138•jenthoven•9h ago•114 comments

Getting Started in Common Lisp

https://lisp-stat.dev/blog/2026/03/09/getting-started/
50•oumua_don17•11h ago•10 comments

An opinionated take on how to do important research that matters

https://nicholas.carlini.com/writing/2026/how-to-win-a-best-paper-award.html
136•mad•19h ago•33 comments

Florida judge rules red light camera tickets are unconstitutional

https://cbs12.com/news/local/florida-news-judge-rules-red-light-camera-tickets-unconstitutional
438•1970-01-01•18h ago•556 comments

Notes on Baking at the South Pole

https://www.newyorker.com/culture/the-weekend-essay/the-most-beautiful-freezer-in-the-world
65•mitchbob•16h ago•23 comments

OpenAI is walking away from expanding its Stargate data center with Oracle

https://www.cnbc.com/2026/03/09/oracle-is-building-yesterdays-data-centers-with-tomorrows-debt.html
372•spenvo•14h ago•219 comments

No leap second will be introduced at the end of June 2026

https://lists.iana.org/hyperkitty/list/tz@iana.org/thread/P6D36VZSZBUSSTSMZKFXKF4T4IXWN23P/
121•speckx•23h ago•128 comments
Open in hackernews

OpenEoX to Standardize End-of-Life (EOL) and End-of-Support (EOS) Information

https://openeox.org/
31•feldrim•10mo ago

Comments

feldrim•10mo ago
An SBOM-like approach to EOL/EOS issues is on the way.
rollcat•10mo ago
I think the only large projects that presently take SBOMs seriously are Nix, Guix, and Go (non-cgo). Bootstrapping is non-trivial, but at least builds are reproducible and can be compared against existing binaries.

"Oh, just write plain C". Which compiler do you mean? GCC? LLVM/clang? On top of what OS/kernel? What firmware? Etc.

Arnavion•10mo ago
Some distros packaging Rust software (OpenSUSE at least) also transparently set up CARGO=cargo-audit to get embedded SBOMs.
wallrat•10mo ago
How does this relate to the OWASP/Ecma Common Lifecycle Enumeration Specification (https://tc54.org/cle/)?
wpollock•10mo ago
In my experience, many software projects become abandoned and no notice is given. I don't see how this standard helps in such cases.
repelsteeltje•10mo ago
I think it will take a while for people to realize this effort looked great, but wasn't the right approach. Or no silver bullet, at least.

The presentation with a simple diagram that combines this data with an sbom to yield "information" gives me navel gazing vibes of UML being the future of coding.

Just as architecture didn't equate to well designed and maintainable software, I fear this initiative won't fix horribly outdated and vulnerable deployments. Software life cycle, deprecation, abandonment, supply chains are mostly a process problem, standards and technology won't fix that.

Arnavion•10mo ago
It doesn't force someone who already wasn't checking their dependencies for CVEs / maintained-ness to start doing that. It does make someone who *was* doing that be able to show they're doing that in some standard way.

In other words it doesn't force you to add an SBOM + EOX checker step to your CI pipeline. But if your compliance auditor wants you to check your dependencies, adding such a standardized step makes it easier to satisfy the auditor.

repelsteeltje•10mo ago
I'm basing this mostly off first hand and anecdotal evidence - but through the years I've found that the major contribution of audits lies in having to think about the checkboxes every now and then. And what they mean in the context of my organization or project.

Rarely have I found that compliance to the goals was an issue in themselves. Or that making changes to tick a checkbox correlated to material improvements.

That is to say that if this leads to more efficiency and makes it easier for compliance audits and such, I fear is stream lining the least impactful part of its goals.

hiatus•10mo ago
> Rarely have I found that compliance to the goals was an issue in themselves. Or that making changes to tick a checkbox correlated to material improvements.

I am confused when I hear people say stuff like this. I guess if you turn on a tool and never look at it again, it won't result in material improvements. But complying with regulations or a particular compliance regime should _absolutely_ result in at least _some_ material improvement to your security posture. Like you can implement segregation of duties just as a checkbox, or use the requirement to revisit the way you gate changes to production, as just one example.

repelsteeltje•9mo ago
It depends on where you're coming from. Your code base, that is.

If it's already outstanding, you spend a lot of time revalidating what you already know and it's often a noisy process with many false positives.

If it's in a horrible state, however, the regulation often leaves a lot of wiggle room where you do some work to achieve, say, PCI compliance and then spend a lot of time arguing why this and that don't apply in your specific case.

So admitted, the is probably some improvement in the latter case but it's hardly proportional.

So IMHO, it doesn't help those of good will & expertise and does too little for the negligent. It adds noise and in the end quality still depends on factors other than compliance and certification.

T3OU-736•10mo ago
Htm. So, how does this compare, and/or is different from https://endoflife.date?
Arnavion•10mo ago
The standard is for software to report its own EOL / EOS status. The website you linked is the opposite direction - it's aggregating that status for a certain set of software.
T3OU-736•10mo ago
Aha. Very good point. SW self-reporting requires buy-in, though, which seems like a pretty high barrier.

I am very much hoping the effort succeeds, but I am also mindful of the fact that the site to which I have linked is more successful by virtue of having better coverage.

captn3m0•10mo ago
We (endoflife.date) are also excited about OpenEoX.
mud_dauber•10mo ago
JEDEC has long maintained an EOL/EOS standard for semiconductors. This was a big part of a previous PM gig. Sounds boring, and it was. But having a process kept us out of serious hot water.
Hackbraten•10mo ago
That EoX logo though.

Every organization or committee that designs a logo should be legally required to have at least one teenager on the board to prevent accidental goatse or other inadvertent blunders.

genter•10mo ago
Goatse has been around long enough that the teenagers are now in their thirties.