frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: CLI that helps AI agents avoid vulnerable dependencies

https://github.com/clidey/deptrust
3•modelorona•1h ago
deptrust is a CLI that checks package versions for known vulnerabilities across npm, PyPI, crates.io, Go modules, RubyGems, NuGet, Maven, Packagist, pub.dev, CocoaPods, Hex.pm, Hackage, GitHub Actions, and more.

It runs locally as a CLI and as an MCP server. It calls public package registry and OSV APIs directly; there is no hosted deptrust service.

I built this because AI coding agents kept suggesting outdated or vulnerable package versions. I kept having to manually tell tools like Claude and Codex to use newer, safer versions.

deptrust gives the agent a quick way to verify whether a dependency version has known vulnerabilities before it installs or recommends it.

You can install it with:

1. pnpx @clidey/deptrust@latest install

2. brew install clidey/tap/deptrust

3. Or directly with go: go install github.com/clidey/deptrust/cmd/deptrust@latest

Show HN: Searchable directory of 22k+ products from worker-owned co-ops

https://www.workerowned.info/
77•IESAI_ski•1h ago•15 comments

Show HN: GolemUI – Declarative Form Engine

https://golemui.com
32•wtfdeveloper•7h ago•53 comments

Show HN: QR code renderer in a TrueType font

https://qr.jim.sh/
69•foodevl•3d ago•12 comments

Show HN: Pglayers – PostgreSQL extensions as stackable Docker layers

https://github.com/pglayers/pglayers
33•iemejia•5h ago•4 comments

Show HN: PMB – local memory for coding agents that shows if it is used

https://pmbai.dev
18•oleksiibond•2d ago•7 comments

Show HN: CLI that helps AI agents avoid vulnerable dependencies

https://github.com/clidey/deptrust
3•modelorona•1h ago•0 comments

Show HN: Z-Jail – A 130 KB Linux sandbox-C99 with 7 defense layers and zero deps

https://github.com/Division-36/Z-Jail/
19•Zierax•3h ago•18 comments

Show HN: Classify mechanical faults using Contrastive Language-Audio Pretraining

https://github.com/adam-s/car-diagnosis
5•dataviz1000•5h ago•0 comments

Show HN: Morph Reflexes – Multi-head classifiers for agent traces

11•bhaktatejas922•1d ago•2 comments

Show HN: LIBR tracing with source ledger rows and byte-exact PDF verification

https://exitprotocols.com/engineering/libr-state-machine/
4•cd_mkdir•4h ago•2 comments

Show HN: Reminal – A zero-config SSH alternative that's also mobile friendly

https://github.com/harshalgajjar/reminal
8•harshalgajjar•7h ago•2 comments

Show HN: HackerNows – Native iOS HN Client

https://hackernows.app/
26•maguszin•11h ago•54 comments

Show HN: a Rust OS kernel built for LLM inference

https://github.com/Kanchisaw03/axiom
3•Kanchisaw•4h ago•0 comments

Show HN: My 13-year-old built an ant colony tracker

https://formicarium.es
72•abelgvidal•1d ago•51 comments

Show HN: Open-source sandbox for your product team

13•spacspade•5h ago•12 comments

Show HN: Open-Source Interview Platform

https://github.com/CoderScreen/coderscreen
4•rogutkuba•5h ago•0 comments

Show HN: Trigora – A hosted runtime for event-driven TypeScript workflows

https://trigora.dev
2•hypervs•5h ago•0 comments

Show HN: AnalystAIPack – 118 runnable agent skills for malware analysis and RE

https://github.com/meltedinhex/analyst-ai-pack
3•sdkhere•5h ago•0 comments

Show HN: I Made TS Compiler Graph MCP: 10x Fewer Tokens in Claude Code and Codex

https://github.com/samchon/ttsc/tree/master/packages/graph
2•autobe•5h ago•0 comments

Show HN: Nat traversal using ICMP Destination Unreachable packets

https://github.com/hajoon22/icmp-nat-traversal
4•hajoon22•8h ago•2 comments

Show HN: A simulation of a hybrid pulse-position and duration modulation concept

https://github.com/Morphsec88/vse-compute-over-storage
4•Morphsec88•6h ago•0 comments

Show HN: QueryDrift fail CI when a PR turns 1 query into N

https://github.com/AALXX/QueryDrift
3•S3RBVN•7h ago•1 comments

Show HN: C++, Java and C# light-weight-logger

https://github.com/PenguineDavid/light-weight-logger
11•PenguineDavid•1d ago•0 comments

Show HN: Thumbprint – A network fingerprint observatory

https://thumbprint.me/
3•elpy1•8h ago•0 comments

Show HN: Pinch-to-zoom tree navigation

https://www.delopsu.com/pinch-to-zoom-tree-navigation
3•delopsu•8h ago•4 comments

Show HN: Onda, an internet radio TUI with stream quality selection

https://github.com/pedrosousa13/onda
3•pedrosousa•8h ago•3 comments

Show HN: Grammar-to-marser - Input a PEG/Pest grammar and get a full rust parser

https://grammar-to-marser.arnedebo.com/
4•ArneCode•9h ago•2 comments

Show HN: Readit, a read-it-later app I built because the others keep dying

https://wereadit.com
8•mahmoudalwadia•9h ago•6 comments

Show HN: I computed livability for all of Germany by rent, commute, and QoL

https://wohnortatlas.de/
4•ivorius•10h ago•10 comments

Show HN: Frond – a frontend runtime for your app's dependency graph

https://frondruntime.dev
19•romanonthego•10h ago•12 comments