Show HN: Go-Highway – Portable SIMD for Go https://ift.tt/wg2KbVl

Show HN: Go-Highway – Portable SIMD for Go Go 1.26 adds native SIMD via GOEXPERIMENT=simd. This library provides a portability layer so the same code runs on AVX2, AVX-512, or falls back to scalar. Inspired by Google's Highway C++ library. Includes vectorized math (exp, log, sin, tanh, sigmoid, erf) since those come up a lot in ML/scientific code and the stdlib doesn't have SIMD versions. algo.SigmoidTransform(input, output) Requires go1.26rc1. Feedback welcome. https://ift.tt/kuZRFWK January 3, 2026 at 04:06AM

Show HN: Fluxer – open-source Discord-like chat https://ift.tt/ikEtBv8

Show HN: Fluxer – open-source Discord-like chat Hey HN, and happy new year! I'm Hampus Kraft [1], a 22-year-old software developer nearing completion of my BSc in Computer Engineering at KTH Royal Institute of Technology in Sweden. I've been working on Fluxer on and off for about 5 years, but recently decided to work on it full-time and see how far it could take me. Fluxer is an open source [2] communication platform for friends, groups, and communities (text, voice, and video). It aims for "modern chat app" feature coverage with a familiar UX, while being developed in the open and staying FOSS (AGPLv3). The codebase is largely written in TypeScript and Erlang. Try it now (no email or password required): https://ift.tt/bUf5CXl – this creates an "unclaimed account" (date of birth only) so you can explore the platform. Unclaimed accounts can create/join communities but have some limitations. You can claim your account with email + password later if you want. I've developed this solo , with limited capital from some early supporters and testers. Please keep this in mind if you find what I offer today lacking; I know it is! I'm sharing this now to find contributors and early supporters who want to help shape this into the chat app you actually want. ~~~ Fluxer is not currently end-to-end encrypted, nor is it decentralised or federated. I'm open to implementing E2EE and federation in the future, but they're complex features, and I didn't want to end up like other community chat apps [3] that get criticised for broken core functionality and missing expected features while chasing those goals. I'm most confident on the backend and web app, so that's where I've focused. After some frustrating attempts with React Native, I'm sticking with a mobile PWA for now (including push notification support) while looking into Skip [4] for a true native app. If someone with more experience in native dev has any thoughts, let me know! Many tech-related communities that would benefit from not locking information into walled gardens still choose Discord or Slack over forum software because of the convenience these platforms bring, a choice that is often criticised [5][6][7]. I will not only work on adding forums and threads, but also enable opt-in publishing of forums to the open web, including RSS/Atom feeds, to give you the best of both worlds. ~~~ I don't intend to license any part of the software under anything but the AGPLv3, limit the number of messages [8], or have an SSO tax [9]. Business-oriented features like SSO will be prioritised on the roadmap with your support. You'd only pay for support and optionally for sponsored features or fixes you'd like prioritised. I don't currently plan on SaaS, but I'm open to support and maintenance contracts. ~~~ I want Fluxer to become an easy-to-deploy, fully FOSS Discord/Slack-like platform for companies, communities, and individuals who want to own their chat infrastructure, or who wish to support an independent and bootstrapped hosted alternative. But I need early adopters and financial support to keep working on it full-time. I'm also very interested in code contributors since this is a challenging project to work on solo. My email is hampus@fluxer.app. ~~~ There’s a lot more to be said; I’ll be around in the comments to answer questions and fix things quickly if you run into issues. Thank you, and wishing you all the best in the new year! [1] https://ift.tt/ke4X3wF [2] https://ift.tt/OEY3d17 [3] https://ift.tt/5309yvX [4] https://skip.tools/ [5] https://ift.tt/KsXB3Gr [6] https://ift.tt/dbsrfhC [7] https://ift.tt/m7GaezE [8] https://ift.tt/toSdqVZ [9] https://sso.tax/ https://fluxer.app January 3, 2026 at 01:30AM

Show HN: I mapped System Design concepts to AI Prompts to stop bad code https://ift.tt/6FAIgNp

Show HN: I mapped System Design concepts to AI Prompts to stop bad code https://ift.tt/B6ZEMWv January 3, 2026 at 12:15AM

Show HN: Feature detection exploration in Lidar DEMs via differential decomp https://ift.tt/JCI6pFA

Show HN: Feature detection exploration in Lidar DEMs via differential decomp I'm not a geospatial expert — I work in AI/ML. This started when I was exploring LiDAR data with agentic assitince and noticed that different signal decomposition methods revealed different terrain features. The core idea: if you systematically combine decomposition methods (Gaussian, bilateral, wavelet, morphological, etc.) with different upsampling techniques, each combination has characteristic "failure modes" that selectively preserve or eliminate certain features. The differences between outputs become feature-specific filters. The framework tests 25 decomposition × 19 upsampling methods across parameter ranges — about 40,000 combinations total. The visualization grid makes it easy to compare which methods work for what. Built in Cursor with Opus 4.5, NumPy, SciPy, scikit-image, PyWavelets, and OpenCV. Apache 2.0 licensed. I'd appreciate feedback from anyone who actually works with elevation data. What am I missing? What's obvious to practitioners that I wouldn't know? https://ift.tt/ND693KP January 1, 2026 at 05:59AM

Show HN: A Prompt-Injection Firewall for AI Agents and RAG Pipelines https://ift.tt/r6h0gHe

Show HN: A Prompt-Injection Firewall for AI Agents and RAG Pipelines We built SafeBrowse — an open-source prompt-injection firewall for AI systems. Instead of relying on better prompts, SafeBrowse enforces a hard security boundary between untrusted web content and LLMs. It blocks hidden instructions, policy violations, and poisoned data before the AI ever sees it. Features: • Prompt injection detection (50+ patterns) • Policy engine (login/payment blocking) • Fail-closed by design • Audit logs & request IDs • Python SDK (sync + async) • RAG sanitization PyPI: pip install safebrowse Looking for feedback from AI infra, security, and agent builders. January 1, 2026 at 02:31AM

Show HN: A web-based lighting controller built because my old became a brick https://ift.tt/n4ZTrcd

Show HN: A web-based lighting controller built because my old became a brick I’m a student and I built this because my old lightning controller (DMX) became a brick after the vendor’s control software was deprecated in 2025. My focus was entirely on developing a robust backend architecture to guarantee maximum performance. Everything is released under GPLv3. The current frontend is just a "vibecoded" dashboard made with plain HTML and JavaScript to keep rendering latency as low as possible. In earlier versions Svelte was used. Svelte added too much complexity for an initial mvp. Video: https://ift.tt/gly5x4j Repo: https://ift.tt/VIx6L4P Technical Details: The system uses a distributed architecture where a FastAPI server manages the state in a Redis. State changes are pushed via WebSockets to Raspberry Pi gateways, which then independently maintain the constant 44Hz binary stream to the lights. This "push model" saves massive amounts of bandwidth and ensures low latency. In a stress test, I processed 10 universes (5,120 channels) at 44Hz with zero packet loss (simulated). An OTP-based pairing makes the setup extremely simple (plug-and-play). I’m looking forward to your feedback on the architecture and the Redis approach! Happy New Year! https://ift.tt/VIx6L4P December 31, 2025 at 10:16PM

Show HN: Fleet / Event manager for Star Citizen MMO https://ift.tt/cmBWhFX

Show HN: Fleet / Event manager for Star Citizen MMO I built an open-source org management platform for Star Citizen, a space MMO where player orgs can have 50K+ members managing fleets worth millions. https://scorg.org The problem: SC's official tools won't launch until 2026, but players need to coordinate now - track 100+ ship fleets, schedule ops across timezones, manage alliances, and monitor voice activity during battles. Interesting challenges solved: 1. Multi-org data isolation - Users join multiple orgs, so every query needs scoping. 2. Canvas + Firebase Storage CORS - Couldn't export fleet layouts as PNG. Solution: fetch images as blobs, convert to base64 data URLs, then draw to canvas. No CORS config needed. 3. Discord bot - Built 4 microservices (VoiceActivityTracker, EventNotifier, ChannelManager, RoleSync) sharing Firebase state. Auto-creates channels for ops, cleans up when done. Features: role-based access, event calendar with RSVP, LFG matchmaking, drag-and-drop fleet builder, economy tools, alliance system, analytics dashboard, mobile-responsive. ~15 pages, fully functional. Custom military-inspired UI (monospace, gold accents). January 1, 2026 at 12:48AM

Show HN: A dynamic key-value IP allowlist for Nginx https://ift.tt/NCLqQXr

Show HN: A dynamic key-value IP allowlist for Nginx I am currently working on a larger project that needs a short-lived HTTP "auth" based on a separate, out-of-band authentication process. Since every allowed IP only needs to be allowed for a few minutes at a time on specific server names, I created this project to solve that. It should work with any Redis-compatible database. For the docker-compose example, I used valkey. This is mostly useful if you have multiple domains that you want to control access to. If you want to allow 1.1.1.1 to mywebsite.com and securesite.com, and 2.2.2.2 to securesite.com and anothersite.org for certain TTLs, you just need to set hash keys in your Redis-compatible database of choice like: 1.1.1.1: - mywebsite.com: 1 (30 sec TTL) - securesite.com: 1 (15 sec TTL) 2.2.2.2: - securesite.com: 1 (3600 sec TTL) - anothersite.org: 1 (never expires) Since you can use any Redis-compatible database as the backend, per-entry TTLs are encouraged. An in-process cache can also be used, but is not enabled unless you pass --enable-l1-cache to kvauth. That makes successful auth_requests a lot faster since the program is not reaching out to the key/value database on every request. I didn't do any hardcore profiling on this but did enable the chi logger middleware to see how long requests generally took: kvauth-1 | 2025/12/30 21:32:28 "GET http://127.0.0.1:8888/kvauth HTTP/1.0" from 127.0.0.1:42038 - 401 0B in 300.462µs # disallowed request nginx-1 | 192.168.65.1 - - [30/Dec/2025:21:32:28 +0000] "GET / HTTP/1.1" 401 179 "-" "curl/8.7.1" kvauth-1 | 2025/12/30 21:32:37 "GET http://127.0.0.1:8888/kvauth HTTP/1.0" from 127.0.0.1:40160 - 401 0B in 226.189µs # disallowed request nginx-1 | 192.168.65.1 - - [30/Dec/2025:21:32:37 +0000] "GET / HTTP/1.1" 401 179 "-" "curl/8.7.1" # IP added to redis allowlist kvauth-1 | 2025/12/30 21:34:02 "GET http://127.0.0.1:8888/kvauth HTTP/1.0" from 127.0.0.1:54032 - 200 0B in 290.648µs # allowed, but had to reach out to valkey kvauth-1 | 2025/12/30 21:34:02 "GET http://127.0.0.1:8888/kvauth HTTP/1.0" from 127.0.0.1:54044 - 200 0B in 4.041µs nginx-1 | 192.168.65.1 - - [30/Dec/2025:21:34:02 +0000] "GET / HTTP/1.1" 200 111 "-" "curl/8.7.1" kvauth-1 | 2025/12/30 21:34:06 "GET http://127.0.0.1:8888/kvauth HTTP/1.0" from 127.0.0.1:51494 - 200 0B in 6.617µs # allowed, used cache kvauth-1 | 2025/12/30 21:34:06 "GET http://127.0.0.1:8888/kvauth HTTP/1.0" from 127.0.0.1:51496 - 200 0B in 3.313µs nginx-1 | 192.168.65.1 - - [30/Dec/2025:21:34:06 +0000] "GET / HTTP/1.1" 200 111 "-" "curl/8.7.1 IP allowlisting isn't true authentication, and any production implementation of this project should use it as just a piece of the auth flow. This was made to solve the very specific problem of a dynamic IP allow list for NGINX. https://ift.tt/f3T1ixd December 31, 2025 at 03:59AM

Show HN: Claude Cognitive – Working memory for Claude Code https://ift.tt/Ta6m8h2

Show HN: Claude Cognitive – Working memory for Claude Code https://ift.tt/qw8dOe7 December 31, 2025 at 03:57AM

Show HN: Replacing my OS process scheduler with an LLM https://ift.tt/naKhx5l

Show HN: Replacing my OS process scheduler with an LLM https://ift.tt/70zQUDR December 30, 2025 at 10:17PM

Show HN: Aroma: Every TCP Proxy Is Detectable with RTT Fingerprinting https://ift.tt/CfYcGbV

Show HN: Aroma: Every TCP Proxy Is Detectable with RTT Fingerprinting TL;DR explanation (go to https://ift.tt/IYPnlKE... if you want the formatted version) This is done by measuring the minimum TCP RTT (client.socket.tcpi_min_rtt) seen and the smoothed TCP RTT (client.socket.tcpi_rtt). I am getting this data by using Fastly Custom VCL, they get this data from the Linux kernel (struct tcp_info -> tcpi_min_rtt and tcpi_rtt). I am using Fastly for the Demo since they have PoPs all around the world and they expose TCP socket data to me. The score is calculated by doing tcpi_min_rtt/tcpi_rtt. It's simple but it's what worked best for this with the data Fastly gives me. Based on my testing, 1-0.7 is normal, 0.7-0.3 is normal if the connection is somewhat unstable (WiFi, mobile data, satellite...), 0.3-0.1 is low and may be a proxy, anything lower than 0.1 is flagged as TCP proxy by the current code. https://ift.tt/RKcL9h3 December 26, 2025 at 02:04AM

Show HN: Neko.js, a recreation of the first virtual pet https://ift.tt/kc6mFri

Show HN: Neko.js, a recreation of the first virtual pet Hi HN, Here is a late Christmas present: I rebuilt Neko [1], the classic desktop cat that chases your mouse, as a tiny, dependency-free JavaScript library that runs directly on web pages. Live demo: https://louisabraham.github.io/nekojs/ GitHub: https://ift.tt/gj9CDxQ Drop-in usage is a single script tag: This is a fairly faithful recreation of Neko98: same state machine, same behaviors, same original 32×32 pixel sprites. It follows your cursor, falls asleep when idle, claws walls, and you can click it to cycle behavior modes. What made this project interesting to me is how I built it. I started by feeding the original C++ source (from the Wayback Machine) to Claude and let it "vibe code" a first JS implementation. That worked surprisingly well as a starting point, but getting it truly accurate required a lot of manual fixes: rewriting movement logic, fixing animation timing, handling edge cases the AI missed, etc. My takeaway: coding agents are very useful at resurrecting old codebases, and this is probably the best non-soulless use of AI for coding. It gets you 60–70% of the way there very fast, especially for legacy code that would otherwise rot unread. The last 30% still needs a human who cares about details. The final result is ~38KB uncompressed (~14KB brotli), zero dependencies, and can be dropped into a page with a single

Show HN: Pion SCTP with RACK is 70% faster with 30% less latency https://ift.tt/ygLD6k7

Show HN: Pion SCTP with RACK is 70% faster with 30% less latency SCTP is a low level protocol focused on reliable packet transmission. Unlike hopelessly flinging packets from one device to another, it makes sure that the packets are correct using CRC, removes duplicate packets, and allows for packets to be sent in any order. Going into an established library, I thought that everything was already implemented and that there wasn't anything to do until I went through the existing issues and organized all the tasks and decided on an order. Sean DuBois ( https://ift.tt/DJUHRQ2 ), one of the co-creators and current maintainers of Pion, an open-source pure Go implementation of WebRTC (which uses SCTP), introduced me to a dissertation that was written about improving SCTP from 2021 ( https://ift.tt/7cdySMG... ). To my surprise, the features in it weren't actually implemented yet, and generally went unused even though it depicted pretty big improvements. This came as a bit of a shock to me considering the countless companies and services that actively use Pion with millions of users on a daily basis. This led to two things: 1) implement the feature (done by me) and 2) measure the performance (done by Joe Turki https://ift.tt/l9KCd6X ). If you're interested in reading more, please check out the blog post where we go over what SCTP is used for, how I improved it, and the effort that went into making such a large improvement possible. This also marks a huge milestone for other companies and services that use SCTP as they can refer to the implementation in Pion for their own SCTP libraries including any real-time streaming platforms such as Microsoft Teams, Discord screen share, Twitch guest star, and many more! For my personal background, please take a look at a comment below about what it was like for me to get started with open-source and my career related journeys. Thanks for reading! https://ift.tt/Qb06Y5F December 28, 2025 at 11:35PM

Show HN: Writing USB Device Firmware with Raspberry Pi Pico and TinyUSB https://ift.tt/YRbZ1sI

Show HN: Writing USB Device Firmware with Raspberry Pi Pico and TinyUSB https://www.youtube.com/playlist?list=PL4C3a7zUGIuYu48KsA3krgm7rtLJwse03 December 28, 2025 at 11:41PM

Show HN: I'm 15. I built an offline AI Terminal Agent that fixes errors https://ift.tt/DKjMYSq

Show HN: I'm 15. I built an offline AI Terminal Agent that fixes errors https://ift.tt/Z7j2HSM December 27, 2025 at 10:27PM

Show HN: Jsonic – Python JSON serialization that works https://ift.tt/JVqknsc

Show HN: Jsonic – Python JSON serialization that works https://ift.tt/1fx9OM8 December 27, 2025 at 07:26PM

Show HN: AgentFuse – A local circuit breaker to prevent $500 OpenAI bills https://ift.tt/CMV061E

Show HN: AgentFuse – A local circuit breaker to prevent $500 OpenAI bills Hey HN, I’ve been building agents recently, and I hit a problem: I fell asleep while a script was running, and my agent got stuck in a loop. I woke up to a drained OpenAI credit balance. I looked for a tool to prevent this, but most solutions were heavy enterprise proxies or cloud dashboards. I just wanted a simple "fuse" that runs on my laptop and stops the bleeding before it hits the API. So I built AgentFuse. It is a lightweight, local library that acts as a circuit breaker for LLM calls. Drop-in Shim: It wraps the openai client (and supports LangChain) so you don't have to rewrite your agent logic. Local State: It uses SQLite in WAL mode to track spend across multiple concurrent agents/terminal tabs. Hard Limits: It enforces a daily budget (e.g., stops execution at $5.00). It’s open source and available on PyPI (pip install agent-fuse). I’d love feedback on the implementation, specifically the SQLite concurrency logic! I tried to make it as robust as possible without needing a separate server process. https://ift.tt/xreA3WY December 28, 2025 at 12:46AM

Show HN: Polibench – compare political bias across AI models https://ift.tt/wTIBR38

Show HN: Polibench – compare political bias across AI models Polibench runs the Political Compass questions across AI models so you can compare responses side by side. No signup. Built on top of work by @theo ( https://twitter.com/theo ) and @HolyCoward ( https://twitter.com/HolyCoward ). Question set is based on the Political Compass: https://ift.tt/PLTdn8g Early and rough. Feedback welcome on revealing questions, possible misuse, and ideas for extending it. Happy to answer questions. https://polibench.vercel.app/ December 27, 2025 at 12:23AM

Show HN: Web CLI – Browser-based terminal with multi-tab support https://ift.tt/ExzeKNo

Show HN: Web CLI – Browser-based terminal with multi-tab support Hey HN! Web CLI, an open-source web-based command management tool just got an upgrade with Interactive Terminal support https://ift.tt/PAuV2k6 December 26, 2025 at 09:53PM

Show HN: CLI to share secrets using one-time public keys https://ift.tt/vZFmLJt

Show HN: CLI to share secrets using one-time public keys https://ift.tt/MxSjKdw December 25, 2025 at 11:50PM