frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

Show HN: Vet – A tool for safely running remote shell scripts

https://getvet.sh
38•a10r•4h ago

Comments

a10r•4h ago
Hi HN, I'm the creator of `vet`. I've always been a bit nervous about the `curl | bash` pattern, even for trusted projects. It feels like there's a missing safety step. I wanted a tool that would show me a diff if a script changed, run it through `shellcheck`, and ask for my explicit OK before executing. That's why I built `vet`.

The install process itself uses this philosophy - I encourage you to check the installer script before running it!

I'd love to hear your feedback.

The repo is at https://github.com/vet-run/vet

gardnr•3h ago
This is a great idea!

One extra feature could be passing the contents of the shell script to an LLM and asking it to surface any security concerns.

kevincox•3h ago
My main question is in 90% of cases these are installers. How are you actually verifying the software that you install? In some cases it is signed and verified but in many cases it is just coming down from the same HTTPS server with no additional verification. So are you then diffing the code (which may be compiled) as well?

I'm not saying that random running random installers from the internet is a great pattern. Something like installing from your distribution can have better verification mechanisms. But this seems to add very little confidence.

a10r•3h ago
You're absolutely right—vet's scope is focused on securing the installer script itself, not the binary it downloads.

The goal is to prevent the installer from being maliciously modified to, for example, skip its own checksum verification or download a binary from a different, malicious URL.

It's one strong link in the chain, but you're right that it's not the whole chain.

a10r•3h ago
Love the idea!

The two biggest hurdles for a security tool like this are LLM non-determinism and the major privacy risk of sending code to a third-party API.

This is exactly why vet relies on ShellCheck—it's deterministic, rules-based, and runs completely offline. It will always give the same, trustworthy output for the same input.

But your vision of smarter analysis is absolutely the right direction to be thinking. I'm excited for a future where fast, local AI models can make that a reality for vet. Great food for thought!

3abiton•3h ago
This an amazing solution. I wondered about this often, looking at you `uv`, but in a lot of the cases I cave given that everyone else trust some code maintainers.
thealistra•2h ago
Can you show how it works on the page or readme as a video?

Does it open pager or editor? How does it show the shellcheck issues.

alganet•2h ago
What if someone peppers their malicious script with `# shellcheck disable=` pragmas?

JavaScript Trademark Update

https://deno.com/blog/deno-v-oracle4
428•thebeardisred•5h ago•144 comments

MCP: An (Accidentally) Universal Plugin System

https://worksonmymachine.substack.com/p/mcp-an-accidentally-universal-plugin
469•Stwerner•10h ago•209 comments

Refurb weekend: Gremlin Blasto arcade board

http://oldvcr.blogspot.com/2025/06/refurb-weekend-gremlin-blasto-arcade.html
5•todsacerdoti•20m ago•0 comments

US Defense Department will stop providing satellite weather data

https://text.npr.org/nx-s1-5446120
46•drewr•29m ago•5 comments

Solving `UK Passport Application` with Haskell

https://jameshaydon.github.io/passport/
15•jameshh•1h ago•2 comments

BusyBeaver(6) Is Quite Large

https://scottaaronson.blog/?p=8972
168•bdr•7h ago•121 comments

Life of an inference request (vLLM V1): How LLMs are served efficiently at scale

https://www.ubicloud.com/blog/life-of-an-inference-request-vllm-v1
75•samaysharma•5h ago•6 comments

Community Is Motivation on Tap

https://alanwu.xyz/posts/community/
10•lunw•3d ago•0 comments

2025 ARRL Field Day

https://www.arrl.org/field-day
66•rookderby•5h ago•22 comments

We ran a Unix-like OS Xv6 on our home-built CPU with a home-built C compiler (2020)

https://fuel.edby.coffee/posts/how-we-ported-xv6-os-to-a-home-built-cpu-with-a-home-built-c-compiler/
218•AlexeyBrin•12h ago•18 comments

Addictions Are Being Engineered

https://masonyarbrough.substack.com/p/engineered-addictions
341•echollama•9h ago•220 comments

Show HN: Vet – A tool for safely running remote shell scripts

https://getvet.sh
38•a10r•4h ago•8 comments

Unheard works by Erik Satie to premiere 100 years after his death

https://www.theguardian.com/music/2025/jun/26/unheard-works-by-erik-satie-to-premiere-100-years-after-his-death
177•gripewater•14h ago•44 comments

Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development [pdf]

https://media.defense.gov/2025/Jun/23/2003742198/-1/-1/0/CSI_MEMORY_SAFE_LANGUAGES_REDUCING_VULNERABILITIES_IN_MODERN_SOFTWARE_DEVELOPMENT.PDF
41•todsacerdoti•6h ago•3 comments

Show HN: AGL a toy language that compiles to Go

https://github.com/alaingilbert/agl
30•alain_gilbert•3d ago•8 comments

The Great Illusion: When We Believed BeOS Would Save the World

https://www.desktoponfire.com/haiku_inc/782/the-great-illusion-when-we-believed-beos-would-save-the-world-and-maybe-it-was-right/
26•naves•4h ago•28 comments

Show HN: I'm an airline pilot – I built interactive graphs/globes of my flights

https://jameshard.ing/pilot
1412•jamesharding•1d ago•189 comments

Sirius: A GPU-native SQL engine

https://github.com/sirius-db/sirius
74•qianli_cs•10h ago•8 comments

NovaCustom – Framework Laptop alternative focusing on privacy

https://novacustom.com/
28•CHEF-KOCH•6h ago•36 comments

Parsing JSON in Forty Lines of Awk

https://akr.am/blog/posts/parsing-json-in-forty-lines-of-awk
73•thefilmore•8h ago•32 comments

An Indoor Beehive in My Bedroom Wall

https://www.keepingbackyardbees.com/an-indoor-beehive-zbwz1810zsau/
31•gscott•7h ago•4 comments

A literary magazine accessible only via telnet

9•edent•3d ago•6 comments

Finding Peter Putnam

https://nautil.us/finding-peter-putnam-1218035/
63•dnetesn•13h ago•59 comments

The Book Cover Trend of Text on Old Paintings

https://www.nytimes.com/2025/06/21/books/review/book-cover-trends.html
10•zdw•3d ago•5 comments

The Death of the Middle-Class Musician

https://thewalrus.ca/the-death-of-the-middle-class-musician/
26•pseudolus•2h ago•17 comments

ZeQLplus: Terminal SQLite Database Browser

https://github.com/ZetloStudio/ZeQLplus
51•amadeuspagel•11h ago•11 comments

Why the moon shimmers with shiny glass beads

https://phys.org/news/2025-06-moon-shimmers-shiny-glass-beads.html
13•PaulHoule•4d ago•2 comments

Lago (Open-Source Usage Based Billing) is hiring for ten roles

https://www.ycombinator.com/companies/lago/jobs
1•AnhTho_FR•12h ago

IDF officers ordered to fire at unarmed crowds near Gaza food distribution sites

https://www.haaretz.com/israel-news/2025-06-27/ty-article-magazine/.premium/idf-soldiers-ordered-to-shoot-deliberately-at-unarmed-gazans-waiting-for-humanitarian-aid/00000197-ad8e-de01-a39f-ffbe33780000
1049•ahmetcadirci25•16h ago•767 comments

Evaluating Long-Context Question and Answer Systems

https://eugeneyan.com/writing/qa-evals/
11•swyx•3d ago•0 comments