frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

https://github.com/valdanylchuk/breezydemo
225•isitcontent•13h ago•25 comments

Show HN: I spent 4 years building a UI design tool with only the features I use

https://vecti.com
327•vecti•15h ago•143 comments

Show HN: If you lose your memory, how to regain access to your computer?

https://eljojo.github.io/rememory/
283•eljojo•16h ago•167 comments

Show HN: R3forth, a ColorForth-inspired language with a tiny VM

https://github.com/phreda4/r3
71•phreda4•13h ago•14 comments

Show HN: I built a free UCP checker – see if AI agents can find your store

https://ucphub.ai/ucp-store-check/
2•vladeta•1h ago•1 comments

Show HN: Smooth CLI – Token-efficient browser for AI agents

https://docs.smooth.sh/cli/overview
90•antves•1d ago•66 comments

Show HN: ARM64 Android Dev Kit

https://github.com/denuoweb/ARM64-ADK
16•denuoweb•1d ago•2 comments

Show HN: Slack CLI for Agents

https://github.com/stablyai/agent-slack
47•nwparker•1d ago•11 comments

Show HN: Compile-Time Vibe Coding

https://github.com/Michael-JB/vibecode
10•michaelchicory•3h ago•1 comments

Show HN: Artifact Keeper – Open-Source Artifactory/Nexus Alternative in Rust

https://github.com/artifact-keeper
150•bsgeraci•1d ago•63 comments

Show HN: Gigacode – Use OpenCode's UI with Claude Code/Codex/Amp

https://github.com/rivet-dev/sandbox-agent/tree/main/gigacode
17•NathanFlurry•21h ago•7 comments

Show HN: Slop News – HN front page now, but it's all slop

https://dosaygo-studio.github.io/hn-front-page-2035/slop-news
10•keepamovin•4h ago•2 comments

Show HN: Horizons – OSS agent execution engine

https://github.com/synth-laboratories/Horizons
23•JoshPurtell•1d ago•5 comments

Show HN: Fitspire – a simple 5-minute workout app for busy people (iOS)

https://apps.apple.com/us/app/fitspire-5-minute-workout/id6758784938
2•devavinoth12•6h ago•0 comments

Show HN: Daily-updated database of malicious browser extensions

https://github.com/toborrm9/malicious_extension_sentry
14•toborrm9•18h ago•7 comments

Show HN: I built a RAG engine to search Singaporean laws

https://github.com/adityaprasad-sudo/Explore-Singapore
4•ambitious_potat•7h ago•4 comments

Show HN: Micropolis/SimCity Clone in Emacs Lisp

https://github.com/vkazanov/elcity
172•vkazanov•2d ago•49 comments

Show HN: Sem – Semantic diffs and patches for Git

https://ataraxy-labs.github.io/sem/
2•rs545837•8h ago•1 comments

Show HN: BioTradingArena – Benchmark for LLMs to predict biotech stock movements

https://www.biotradingarena.com/hn
25•dchu17•18h ago•12 comments

Show HN: Falcon's Eye (isometric NetHack) running in the browser via WebAssembly

https://rahuljaguste.github.io/Nethack_Falcons_Eye/
4•rahuljaguste•13h ago•1 comments

Show HN: Local task classifier and dispatcher on RTX 3080

https://github.com/resilientworkflowsentinel/resilient-workflow-sentinel
25•Shubham_Amb•1d ago•2 comments

Show HN: FastLog: 1.4 GB/s text file analyzer with AVX2 SIMD

https://github.com/AGDNoob/FastLog
5•AGDNoob•9h ago•1 comments

Show HN: Gohpts tproxy with arp spoofing and sniffing got a new update

https://github.com/shadowy-pycoder/go-http-proxy-to-socks
2•shadowy-pycoder•10h ago•0 comments

Show HN: A password system with no database, no sync, and nothing to breach

https://bastion-enclave.vercel.app
11•KevinChasse•18h ago•16 comments

Show HN: I built a directory of $1M+ in free credits for startups

https://startupperks.directory
4•osmansiddique•10h ago•0 comments

Show HN: GitClaw – An AI assistant that runs in GitHub Actions

https://github.com/SawyerHood/gitclaw
9•sawyerjhood•19h ago•0 comments

Show HN: A Kubernetes Operator to Validate Jupyter Notebooks in MLOps

https://github.com/tosin2013/jupyter-notebook-validator-operator
2•takinosh•11h ago•0 comments

Show HN: 33rpm – A vinyl screensaver for macOS that syncs to your music

https://33rpm.noonpacific.com/
3•kaniksu•12h ago•0 comments

Show HN: Chiptune Tracker

https://chiptunes.netlify.app
3•iamdan•13h ago•1 comments

Show HN: Craftplan – I built my wife a production management tool for her bakery

https://github.com/puemos/craftplan
568•deofoo•5d ago•166 comments
Open in hackernews

Show HN: Lumoar – Free SOC 2 tool for SaaS startups

https://www.lumoar.com
91•asdxrfx•9mo ago
We built Lumoar to help small SaaS teams get SOC 2-ready without paying thousands for Big 4 consultants or dealing with bloated compliance platforms.

As a startup ourselves, we faced the usual issues: long security questionnaires, confusing audit requirements, and expensive tools that felt overkill.

Lumoar is a simpler alternative: - Generate compliant SOC 2 policies automatically - Track your controls and progress in a clean dashboard - Upload evidence and get plain-language recommendations - Designed for engineers and founders, not compliance pros

It's free to start — you can generate policies and explore the dashboard without a sales call or demo.

Would love to hear what blockers you’ve faced with SOC 2 and what other frameworks you’re thinking about (e.g., ISO 27001, GDPR). All feedback is welcome.

Comments

reconnecting•9mo ago
Before providing any legal-related services, it's better to ensure that your own affairs are in compliance. At least, have a clear terms of service page [1], which is currently not available.

[1] https://www.lumoar.com/terms-of-service.html

asdxrfx•9mo ago
Good day. We apologize for our mistake. We have now fixed the link on the page so it works correctly. Thanks for pointing out
reconnecting•9mo ago
IANAL, but it looks like very poor AI generated T&C.
asdxrfx•9mo ago
Appreciate you flagging this. The current Terms of Use was generated using a standard terms generator we integrated into our site, so it’s not AI-generated, but we agree it still needs improvement. We’re planning to have it reviewed and refined soon to better reflect our product and responsibilities. Thanks again for keeping us sharp.
reconnecting•9mo ago
Perhaps it's an acceptable approach for a very limited type of non-commercial websites, but your organization pretends to provide a platform for compliance management, and from this perspective, you must first clarify your business responsibilities and your terms of service, as this is actually a part of what your company tries to sale at scale.
edoceo•9mo ago
Having the policy doesn't preclude the audit or questionnaire requirement does it? This just puts the answers in one place?

The compliance pros still want all their ceremony - it's most of what they sell.

havefunbesafe•9mo ago
True, but having this makes the entire process easier. Organization is key to a speedy and clean audit.
asdxrfx•9mo ago
Exactly, staying organized is half the battle. Our goal with Lumoar is to make that organization effortless from day one. We’re also working on future updates with AI agents and automation to make audits and questionnaires even less painful. More coming soon!
abrookewood•9mo ago
You can usually get out of questionnaires if you have multiple frameworks/certifications/attestations in place ... but even then some customers will insist on them
throw03172019•9mo ago
Every “free SOC-2” platform I researched and demoed before landing on paid platform always had a catch. What is yours?
asdxrfx•9mo ago
No catch. It's completely free. We plan to offer paid add-ons (like AI automation and integrations) later, but the basics stay free.
aagha•9mo ago
Which paid one did you land on?
throw03172019•9mo ago
Vanta
java-man•9mo ago
Every website that does not explain an abbreviation before the first use is automatically non-compliant.
asdxrfx•9mo ago
Thanks for pointing out. We fixed our mistake.
rajivm•9mo ago
Don't follow all the advice blindly. I helped take a company in the compliance space from 0 to 3B exit. You're selling to startups that need SOC 2 so they can sell; they've never heard of "System and Organization Controls" but they have heard of SOC 2 because it's what their customers are asking for. Even compliance professionals wouldn't call it that on the daily. SOC 2 is what everyone knows.

If I was building a HTTP Inspector tool, you wouldn't call it a Hypertext Transfer Protocol (HTTP) Inspector tool.

asdxrfx•8mo ago
Thank you, Rajiv. I appreciate you taking the time to share that perspective.

You're absolutely right: the language should reflect how our users think and talk, not just how the standards are formally defined. It's valuable to hear this from someone with real experience in the space. I'll definitely keep that framing in mind as we refine both our product and messaging.

Besides that, based on your experience, I wanted to ask for advice. We launched Lumoar 10 days ago and have already onboarded 50+ active users. Given this early traction, do you think it's worth starting investor conversations now, or should we focus more on deepening product-market fit before going down that path?

Would really value your thoughts on how you'd approach this phase based on your experience.

davsti4•9mo ago
Trying to register and I get this in the browser console:

Access to fetch at 'https://api.lumoar.com/v1/auth/register' from origin 'https://www.lumoar.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

asdxrfx•9mo ago
Hi, thanks for reaching out! The issue you encountered with the CORS policy has been fixed. You should be able to register without encountering the CORS issue anymore. If you run into any other issues, please don't hesitate to let us know!
Oras•9mo ago
> As a startup ourselves, we faced the usual issues: long security questionnaires, confusing audit requirements, and expensive tools that felt overkill.

Is Lumoar SOC2 compliant?

asdxrfx•9mo ago
Thanks for asking! We’re not SOC 2 compliant yet, but we’re actively preparing for it. We recently launched our MVP, and ensuring strong security and compliance has been a key part of our roadmap from day one. We’re happy to share more about how we handle security today if that’s helpful!
Oras•9mo ago
My point was that compliance is about trust. If I want to go the SOC2 or ISO27001 route, I want a company that has done it before.

Free in your case is not free, it's pretty expensive. If I can't comply in time, that might mean losing potential business, being late to the market, etc.

Good luck though, you made the first step.

asdxrfx•9mo ago
We understand your concern, and we will focus more on this step for now. Thanks for the feedback. If you have anything else to say, we are glad to listen.
cadamsdotcom•9mo ago
The point about trust is important in another way too - it was a pleasant surprise you led with “we’re not compliant (yet), but..”

Tis a great way to engender trust in the team. Bravo for bravely answering honestly. Wishing you folks best of success.

GiorgioG•9mo ago
How isn't this just straight up spam? OP has never posted before today.
dangrossman•9mo ago
"Show HN" posts announcing a new tech startup/tool are a core part of this site.

https://news.ycombinator.com/shownew

I see nothing wrong with this post. They're sharing something they've made and getting valuable, constructive feedback. I appreciate HN being one of few places that still happens at.

asdxrfx•9mo ago
Fair to be cautious, I get it. We’re a real startup, just launched our MVP recently, and wanted to share what we’re building with the community. It’s our first time posting here, but we’re genuinely looking to get feedback and connect with others. Happy to answer any questions!
wnolens•9mo ago
Genuinely curious and debating the costs of other SOC2 platforms. But your tool doesn't load anything when I go to controls.

> Error: Failed to fetch

Not a good way to debut

reynaldi•9mo ago
Not sure if my feedback can help.

As someone who don't know anything about SOC2, but still aware that if I want to signal 'data privacy' that I need to get it: I don't know what I'm supposed to do on your site.

Some sort of onboarding can help, like what are my steps from knowing nothing to actually getting the SOC2. Maybe some educational contents or resources can also help.

asdxrfx•9mo ago
You are right. We will spend more time on creating educational content and resources. Thanks for the feedback, it's useful and will help us.
kristel100•9mo ago
That’s a compelling niche. SOC 2 prep is a brutal rabbit hole for small teams. Even just a pre-flight checklist with integrations would be useful—curious how much automation they’re actually packing in.
asdxrfx•9mo ago
We do not currently have automation and integrations, but we are planning to add them later. Thanks for the feedback!