frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

https://openciv3.org/
391•klaussilveira•5h ago•85 comments

The Waymo World Model

https://waymo.com/blog/2026/02/the-waymo-world-model-a-new-frontier-for-autonomous-driving-simula...
749•xnx•10h ago•459 comments

Monty: A minimal, secure Python interpreter written in Rust for use by AI

https://github.com/pydantic/monty
118•dmpetrov•5h ago•48 comments

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

https://github.com/valdanylchuk/breezydemo
131•isitcontent•5h ago•14 comments

Show HN: I spent 4 years building a UI design tool with only the features I use

https://vecti.com
234•vecti•7h ago•113 comments

Dark Alley Mathematics

https://blog.szczepan.org/blog/three-points/
28•quibono•4d ago•1 comments

A century of hair samples proves leaded gas ban worked

https://arstechnica.com/science/2026/02/a-century-of-hair-samples-proves-leaded-gas-ban-worked/
57•jnord•3d ago•3 comments

Microsoft open-sources LiteBox, a security-focused library OS

https://github.com/microsoft/litebox
302•aktau•11h ago•152 comments

Sheldon Brown's Bicycle Technical Info

https://www.sheldonbrown.com/
304•ostacke•11h ago•82 comments

Show HN: If you lose your memory, how to regain access to your computer?

https://eljojo.github.io/rememory/
160•eljojo•8h ago•121 comments

Hackers (1995) Animated Experience

https://hackers-1995.vercel.app/
377•todsacerdoti•13h ago•214 comments

Show HN: R3forth, a ColorForth-inspired language with a tiny VM

https://github.com/phreda4/r3
44•phreda4•4h ago•7 comments

An Update on Heroku

https://www.heroku.com/blog/an-update-on-heroku/
305•lstoll•11h ago•230 comments

I spent 5 years in DevOps – Solutions engineering gave me what I was missing

https://infisical.com/blog/devops-to-solutions-engineering
100•vmatsiiako•10h ago•34 comments

How to effectively write quality code with AI

https://heidenstedt.org/posts/2026/how-to-effectively-write-quality-code-with-ai/
167•i5heu•8h ago•127 comments

Learning from context is harder than we thought

https://hy.tencent.com/research/100025?langVersion=en
138•limoce•3d ago•76 comments

Understanding Neural Network, Visually

https://visualrambling.space/neural-network/
223•surprisetalk•3d ago•29 comments

FORTH? Really!?

https://rescrv.net/w/2026/02/06/associative
36•rescrv•12h ago•17 comments

I now assume that all ads on Apple news are scams

https://kirkville.com/i-now-assume-that-all-ads-on-apple-news-are-scams/
956•cdrnsf•14h ago•413 comments

Introducing the Developer Knowledge API and MCP Server

https://developers.googleblog.com/introducing-the-developer-knowledge-api-and-mcp-server/
8•gfortaine•2h ago•0 comments

PC Floppy Copy Protection: Vault Prolok

https://martypc.blogspot.com/2024/09/pc-floppy-copy-protection-vault-prolok.html
7•kmm•4d ago•0 comments

Evaluating and mitigating the growing risk of LLM-discovered 0-days

https://red.anthropic.com/2026/zero-days/
33•lebovic•1d ago•11 comments

I'm going to cure my girlfriend's brain tumor

https://andrewjrod.substack.com/p/im-going-to-cure-my-girlfriends-brain
30•ray__•1h ago•6 comments

Claude Composer

https://www.josh.ing/blog/claude-composer
97•coloneltcb•2d ago•68 comments

The Oklahoma Architect Who Turned Kitsch into Art

https://www.bloomberg.com/news/features/2026-01-31/oklahoma-architect-bruce-goff-s-wild-home-desi...
17•MarlonPro•3d ago•2 comments

Show HN: Smooth CLI – Token-efficient browser for AI agents

https://docs.smooth.sh/cli/overview
76•antves•1d ago•56 comments

Show HN: Slack CLI for Agents

https://github.com/stablyai/agent-slack
37•nwparker•1d ago•8 comments

How virtual textures work

https://www.shlom.dev/articles/how-virtual-textures-really-work/
23•betamark•12h ago•22 comments

Evolution of car door handles over the decades

https://newatlas.com/automotive/evolution-car-door-handle/
38•andsoitis•3d ago•61 comments

The Beauty of Slag

https://mag.uchicago.edu/science-medicine/beauty-slag
27•sohkamyung•3d ago•3 comments
Open in hackernews

Whatever Happened to Sandboxfs?

https://blogsystem5.substack.com/p/whatever-happened-to-sandboxfs
81•zdw•8mo ago

Comments

dangoodmanUT•7mo ago
Seems like the new ASIF sparse image format will solve a lot of this, combined with their new containerization framework

https://eclecticlight.co/2025/06/12/macos-tahoe-brings-a-new...

jitl•7mo ago
Copying data into and out of a disk image is probably going to be much slower and involve just as many syscalls if not more compared to setting up a “symlink forest”.

As far as I can tell, the containerization framework seems like it’s for running Linux microvms, and doesn’t seem applicable to people trying to do macOS builds. I mean, if you just want to run Bazel in a Linux VM sure it will do fine, but you can already run Bazel in a Linux vm on your Mac with Docker.app. Maybe I missed something with the containerization docs but all I saw was EXT4, OCI Linux images, etc. no Mac thingies.

tough•7mo ago
No idea if this will be of any help but with a little research found this on the docs https://developer.apple.com/documentation/virtualization/run...

there's also osx-kvm (non-apple) https://github.com/kholia/OSX-KVM

comex•7mo ago
Recently, macOS added a built-in FUSE-like API:

https://developer.apple.com/documentation/fskit

No idea what the performance is like.

However, over the last few years, Apple’s compilers have gotten even more enthusiastic than before about caching and “content addressable storage”:

https://llvm.org/devmtg/2024-10/slides/techtalk/Rastogi-Fine...

Which is normally a good thing, but may exacerbate the issue described in the post where, by enforcing isolation, you end up cutting off the compiler from its caches and making the build slower.

I think the ideal solution would be for Bazel to somehow know about and integrate with LLVM’s CAS.

edit: although just figuring out how to do “explicit module builds” with Swift and Clang would probably get you most of the way.

o11c•7mo ago
If you semi-trust your tool binaries enough not to do something silly like making syscalls directly, what about using the `LD_PRELOAD` equivalent to intercept `open` etc.? (Yes there's a long tail in that "etc.")

Or does using Go ruin everything again?

(Also it seems like it should in principle be possible to keep the symlink forest around and only delete other files)

eru•7mo ago
> Or does using Go ruin everything again?

Go isn't the only language ecosystem that likes to make statically linked binaries. Rust, OCaml and Haskell etc also prefer this.

Or am I missing something?

I think dynamic linking is mainly popular in the C (and perhaps C++) world? And I guess for commonly interpreted languages like Python, more or less.

_flux•7mo ago
Rust, OCaml and Haskell (ghc) do dynamically links against libc by default, though. What they "statically link" is their own libraries.
eru•7mo ago
Yes.

Though you can also make them statically link against libc. I think that's more common, if you use musl?

In any case, I'm not sure all filesystem operations would come out of libc? (Especially if you use io_uring or other fancy io options.)

ajb•7mo ago
It's amazing that the conclusion it's that sandboxing would have had to use NFS, which is the approach that the vesta build system took 20 years earlier.
jart•7mo ago
MacOS security has been making the platform unfriendly to developers in a similar way that Windows has since Vista.

Is Bazel using Landlock LSM yet for sandboxing? That's what I use with GNU Make and it's great. Nothing is faster.

The downside is it requires ~3 syscalls per file. If only I could send it all the mappings at once like you did.