Show HN за 18 апреля 2026 г.

I've been studying interval arithmetic for the past few weeks and it's a really interesting field because while there is a ton of super interesting research published over the past decades, it has never really gotten the recognition that it deserves, IMO.

One reason for this is that standard interval arithmetic has really poor handling of division by intervals containing zero. If you compute 1 / [-1, 2] in regular interval arithmetic, you get either [-∞, +∞], or you have to say that the operation is undefined. Both solutions are virtually useless. The real answer of course is [-∞, -1] U [0.5, +∞]: i.e. a union of two disjoint intervals.

This is useful because you can confidently exclude a non empty set of the real numbers ([-1, 0.5]) from the set of possible values that you can get by dividing 1 by a number between -1 and 2.

But this definition of interval division yields a value that is not an interval. This is a problem if you want to define a closed arithmetic system, where you can build and evaluate arbitrary expression over interval values.

(This behavior extends to any non continuous function like tan() for example, which is implemented in my project - not without difficulties!)

Well the obvious solution is to define your arithmetic over disjoint unions of intervals. This is the subject of a 2017 paper called "Interval Unions" by by Schichl, H., Domes, F., Montanher, T. and Kofler, K..

This open-source project I made implements interval union arithmetic in TypeScript in the form of a simple interactive calculator, so you can try it out for yourself! The underlying TypeScript library is dependency free and implements interval union arithmetic over IEEE 754 double precision floats (JS native number type) with outward rounding. This guarantees accuracy of interval results in the presence of rounding issue inherent to floating point.

I found myself reaching for SF Symbols' 'Copy Image As…' quite often during agentic design sessions, so I made a command-line tool that the agent can use by itself. It exports Apple SF Symbols as SVG, PDF, or PNG.

The vector paths come directly from macOS's symbol renderer. Internally it reaches a private ivar on NSSymbolImageRep to get the CUINamedVectorGlyph, draws into a CGPDFContext, then walks the PDF content stream back out as SVG `d` commands. The output matches what the system draws, rather than an approximation traced from rasters.

A few things about it:

- Every subcommand accepts `--json`, and `sfsym schema` returns a machine-readable description of the whole CLI. - Symbol enumeration reads the OS's Assets.car BOM tree, so the list of 8,300+ names stays current with macOS updates without a version table in the binary. - Each SVG `<path>` carries a `data-layer` attribute, so you can retheme in CSS without touching geometry.

It's been saving me a bunch of clicking. Please let me know if you have any other ideas for it.

Current support for nonlinear inequalities in Lean is quite limited. This package attempts to solve this. It contains a collection of Lean4 tactics for proving polynomial inequalities via sum-of-squares (SOS) decompositions, powered by a Python backend. You can use it via Python or Lean.

These tactics are significantly more powerful than `nlinarith` and `positivity` -- i.e., they can prove inequalities they cannot. In theory, they can be used to prove any of the following types of statements

- prove that a polynomial is nonnegative globally - prove that a polynomial is nonnegative over a semialgebraic set (i.e., defined by a set of polynomial inequalities) - prove that a semialgebraic set is empty, i.e., that a system of polynomial inequalities is infeasible

The underlying theory is based on the following observation: if a polynomial can be written as a sum of squares of other polynomials, then it is nonnegative everywhere. Theorems proving the existence of such decompositions were one of the landmark achievements of real algebraic geometry in the 20th century, and its connection to semidefinite programming in the 21st century made it a practical computational tool, and is what this software does in the background.

Complete llama.cpp tutorial for 2026. Install, compile with CUDA/Metal, run GGUF models, tune all inference flags, use the API server, speculative decoding, and benchmark your hardware.

https://vucense.com/dev-corner/llama-cpp-tutorial-run-gguf-m...

Read an article about analyzing Garmin data with AI. Sounded great — except I didn't want to send my health data to any cloud service.

So I asked Claude to write me 2-3 scripts and a dashboard. This escalated a bit. 30 days and 20$ later I have this:

A local-first Garmin archive with interactive HTML dashboards, Excel exports, weather and pollen context, AES-256 encrypted token storage, and a self-healing data pipeline with 515 automated tests. Windows desktop app, no terminal needed. Nothing leaves your machine.

I never wrote a line of Python. I understood the problems and made the architectural decisions. Claude wrote everything else.

GitHub: github.com/Wewoc/Garmin_Local_Archive

Fun little liminal space game I made this week learning webGL. https://github.com/koudesh3/liminal-space-webgl

Built this because the hardest part of AI UI coding is not generating a whole page - it is telling the model exactly which element you want to change in the last-mile micro-tuning pass.

DOMPrompter is a macOS tool for DOM-based UIs. You click the exact element, inspect the relevant tag / spacing / position context, describe the change, and generate a more structured prompt for Cursor, Claude Code, Copilot, etc.

It works with localhost projects, static HTML, and desktop apps built with web technology.

GitHub: https://github.com/hooosberg/DOMPrompter Mac App Store: https://apps.apple.com/us/app/domprompter-ai-coding-prompt/i...

Would love feedback from people doing front-end / vibe-coding style workflows.

PyTorch and ONNX Runtime tell you what came out. They can't tell you what actually ran to get there — which ops executed, in what order, on what inputs.

A model gets packaged into a sealed .cnox container. SHA-256 is verified before a single op executes. Inference walks a fixed plan over a minimal opset. Every run can emit a per-op audit log: op type, output tensor hash, output sample — cryptographically linked to the exact container and input that produced it. If something goes wrong in production, you have a trail.

Scalar backend today — reference implementation and permanent fallback when hardware acceleration isn't available. Audit and verification is identical across all backends. SIMD next, GPU after that.

Input below is synthetic (all-ones) — pipeline is identical with real inputs.

github.com/Coelanox/CLF Audit example: { "schema": 2, "run": { "run_id": "59144ede-5a27-4dff-bc25-94abade5b215", "started_at_unix_ms": 1776535116721, "container_path": "/home/shark/cnox/models/output/bert_base_uncased.cnox", "container_sha256_hex": "184c291595536e3ef69b9a6a324ad5ee4d0cef21cc95188e4cfdedb7f1f82740", "backend": "scalar" }, "input": { "len": 98304, "sha256_hex": "54ac99d2a36ac55b4619119ee26c36ec2868552933d27d519e0f9fd128b7319f", "sample_head": [ 1.0, 1.0, 1.0, 1.0 ] }, "ops": [ { "op_index": 0, "op_type": "Add", "out_len": 98304, "out_sample_head": [ 0.12242669, -4.970478, 2.8673656, 5.450008 ], "out_sha256_hex": "19f8aa0a618e5513aed4603a7aae2a333c3287368050e76d4aca0f83fb220e78" }, { "op_index": 1, "op_type": "Add", "out_len": 98304, "out_sample_head": [ 0.9650015, 0.23414998, 1.539839, 0.30231553 ], "out_sha256_hex": "7ae2f025c8acf67b8232e694dd43caf3b479eb078366787e4fdc16d651450ad4" }, { "op_index": 2, "op_type": "MatMul", "out_len": 98304, "out_sample_head": [ 1.0307425, 0.19207191, 1.5278282, 0.3000223 ], "out_sha256_hex": "44c28e64441987b8f0516d77f45ad892750b3e5b3916770d3baa5f2289e41bdd" }, { "op_index": 3, "op_type": "Gelu", "out_len": 393216, "out_sample_head": [ 0.68828076, -0.0033473556, 1.591219, -0.16837223 ], "audit_elided": "hash_skipped: len 393216 > max 262144" }

I built this to run OpenClaw safely. The problem: every sandbox I tried still handed the real API token to the agent as an env var.

nilbox never gives the agent the real token. It gets a fake placeholder instead (ANTHROPIC_API_KEY=ANTHROPIC_API_KEY). nilbox intercepts outbound API calls and swaps in the real token at the network layer.

So if the agent leaks the "token" — attacker gets a useless string. That's it.

Also ships a managed Linux runtime (consistent across mac/win/linux) and a Store for one-click agent app installs. Full shell access too.

Available for macOS, Windows, and Linux https://nilbox.run

Curious how others are thinking about token security when running agents locally.

Artificial intelligence is an amazing tool for brainstorming, programming, or generating images. But it’s also incredibly good at writing long, meaningless text filled with platitudes or producing code that continuously reinvents the wheel or misses edge cases. This has become known as slop.

My inboxes have been increasingly filled with low-effort slop. I’m sure that this happens to many of you, too. The reddest of flags is being sent slop for work; at first glance, it may look credible, but it falls apart when you actually read the text.

This prompted me to write three principles for working with AI and creating a website to send to your friend or colleague when they send you slop.

Let's stop the slop and get back to doing great work together.

Do you work with Gradle and need to generate Java POJO classes from Avro schemas? I’m excited to share my first open-source project: https://github.com/flumennigrum/gradle-avro-plugin. It’s now live on the Gradle Plugins Portal, so you can easily add it to your projects. Why a new plugin? For years, I’ve relied on davidmc24/gradle-avro-plugin, probably the most widely used community Avro plugin in the Gradle ecosystem. Unfortunately, it was archived in 2023, raising maintenance concerns for modern JVM projects. My solution: a new plugin compatible with Gradle 7.3+ and Java 11+ (tested with 11, 17, 20, and 25). The goal is to keep it alive and working with newer releases of gradle, java and avro. Check it out, issues and contributions are welcome!

Hi HN, I'm Alon, and I'm building Alien (https://alien.dev), an open-source platform for deploying your software into your customers' cloud accounts - AWS, GCP, or Azure — and keeping it fully managed. In my previous startup, I heard the same question from every single enterprise customer over and over again: "My data is sensitive. Can I deploy your product to my own cloud account?"

Every founder I talk to who's building anything in AI or security hits the same wall.

To solve this, many teams create a self-hosted version of their product. They send a Docker image or an Helm chart to the customer and let them install the entire product on their side.

While self-hosting is great (and will continue to be important!), it has 2 problems:

1. Enterprise customers are forced to operate third-party software and own deployments, upgrades, and security risks. In most cases they don't want that. They prefer a managed experience, with no data leaving their environment.

2. Even with self-hosting, vendors are still accountable when things break, but they have little to no visibility. When something breaks - and it always does - you're on a 2am Zoom call screen share debugging blind because you have no access. No auto-updates, no logs, every customer is on a different version.

That's why many successful SaaS companies that deal with sensitive data like Databricks, Wiz, and others spent years building internal infrastructure to automatically deploy, update, and monitor their software across AWS, GCP, and Azure. It's a win-win: no sensitive data leaves the customer’s environment, and the software is still fully managed by the vendor.

Alien manages deployments across every customer's cloud through cloud APIs — no network connection to their environment needed. The mental model is like sharing a Google Drive folder: the customer grants least-privilege IAM access to an isolated area in their cloud, you manage what's inside, they can revoke it anytime.

The whole thing is written in Rust and works across AWS, GCP, Azure, and locally from a single codebase. You can get started here: https://alien.dev/docs/quickstart

Website: https://alien.dev Docs: https://alien.dev/docs GitHub: https://github.com/alienplatform/alien

Excited to share Alien with everyone here – let me know what you think!