Show HN за 9 мая 2026 г.

Hi HN,

I wanted to know which countries you can simply leave your laptop at a Starbucks, and where you can't.

Feel free to click and vote.

Hi HN,

I’m sharing mochi.js (https://github.com/0xchasercat/mochi), a Bun-native, raw-CDP browser automation framework. It's designed to make programmatic browser use more effective by focusing on consistency and measured parity with regular traffic, purely from the JS layer, against stock Chromium.

The most common forms of browser automation focus heavily on client-side line by line probes, which are mostly cosmetic. This makes people feel better but it doesn't have much relevance to actual WAF or anti-automation defences.

Mochi.js focuses on what actually matters, allowing you to get past captchas, WAF's and most defence mechanisms. In fact, in some cases it actually outperforms chromium forks simply by virtue of not having to lie.

The foundation is built on a probe manifest based on analyzing several WAF's and trying to cover most of the ground that matters, and from there building upwards while ensuring every decision is backed by data. Solves turnstile/interstitial automatically, single digit fpjs suspect score, very good client-side results, though browserscan and a few others are known limitations that are fundamentally conflicting with what WAF's probe for.

I'll be here if anyone wants to discuss the details, check out the docs and github. It's completely free and open source, MIT, strictly no relationship to any proprietary products whatsoever. No affiliation to patched chromium forks, or SaaS.

But I also want to talk about why I built this, because the current paradigm of "bot detection" is fundamentally broken.

Traditionally they would probably try to label my repository a malicious tool, or at best, a grey hat one.

Let's take Turnstile for example, If you attach a debugger to see what data they are extracting from your hardware, their script intentionally self-destructs. When they try to extract your data—acting as a guest on your silicon, using your electricity, without asking, the industry calls it "Security."

But if you write a script to control exactly what data your own hardware emits, refusing to provide the data they have no right to ask for, you are suddenly labeled a "Malicious Actor" engaged in "Bot Evasion."

I find it absurd we let ourselves put up with this, and the stance of the bot-evasion community only makes them feel more able to take a higher moral ground.

I have built a library that respects my hardware's reality. If that breaks your security model, that's because your security model relies on trespassing and secrecy. I stopped apologizing. Who's next?

Mochi is the exact opposite of WAF opacity. It is a glass box. It is MIT-licensed. The entire DAG, fingerprint manifest schema, harvesting process, is documented. We even commit our live benchmarks to the public record (mochi on a Linux datacenter IP scored a suspect_score: 8 and bot: not_detected against FingerprintJS Pro v4).

We don't even lie unnecessarily. We default to host-OS matching. If you run mochi on a Linux server, it uses privacy-sensible fingerprints for Linux, not Windows, because Linux is a real-user signal. It proves that WAFs aren't actually blocking what most people think they are, which begs the question of what they are really doing in that obfuscated payload.

The legitimacy argument is exactly how they captured the narrative. And nobody challenged it because the people on the other side were too busy acting like they were doing something wrong.

Is this a conspiracy theory? For sure, but only because they allow it to be. Try make a conspiracy theory about the sticky riceball.

Hey, I created seven years ago a flashcard app with a main focus on UX. In the last months I added offline-first mode and a CLI that allows Claude Code or Codex to create high quality flashcards for you. I use that to learn about pharma rules, technology, dancing, taxes and smart home. Never really did marketing, this not my specialty. Would love to know what you think

So much content. Great UI (imo, compared to what gov released today). I'm thinking the site is defunct now but it's been archived plenty. I must have first came across this website in the late 00's.

Most multi-agent systems fail the same way: agents drift apart across handoffs. By turn 3 they are working in different realities. By turn 5 they are repeating each other's mistakes and calling it parallelism.

WUPHF is an open-source local-first office where AI coworkers run on your laptop, around a shared markdown + git LLM wiki the agents build. The wiki is the collective memory. The office around it keeps the team on the same shared context across thousands of handoffs.

What actually stops drift is not the wiki. It is the agents reviewing each other's work. The CRO catching the CMO's claim before it lands in the wiki. The FE catching the BE's API change before a broken bundle ships. Cross-department context no single agent has alone.

The premise comes from Andrej Karpathy. His autoresearch X post on March 7: "the goal is not to emulate a single PhD student, it is to emulate a research community of them."

In autoresearch PR #44 he sketched the mechanism: branches, results.tsv as the experiment log, and PRs as self-contained research contributions. Other agents read open and merged PRs for inspiration before starting their own.

We pointed the same architecture at ordinary work:

His: branches + results.tsv + PR-as-contribution. Ours: git worktrees + per-agent notebooks + adoption-scored wiki promotion.

Same substrate, different domain.

How it works:

- Every agent has a Personality. CEO Michael Scott, PM Pam Beesly, FE Jim Halpert (looks at the camera when the CEO talks), BE Stanley Hudson (refuses small talk), CRO Dwight Schrute (every prospect is a "target"), CMO ("rockstar play"), AI engineer (drops Karpathy quotes unprompted). Strong opinions, real conflicts.

- Argument feeds gossip. Agents broadcast findings tagged with their slug (internal/agent/gossip.go). Other agents pull insights filtered to exclude their own.

- Gossip gets scored. Adoption scorer (internal/agent/adoption.go) weighs source credibility (0.4, per-agent success/failure tracker on disk), semantic relevance (0.4), and temporal freshness (0.2, 7-day half-life). Output: adopt (>= 0.7), test (>= 0.4), or reject. New agents start at 0.5 and earn their score.

What survives gets written to the wiki.

Office dynamics are not a bit. They are the visible surface of an adoption protocol. The CMO arguing with the designer over a CTA is a credibility battle. The CEO taking credit for the FE's PR is a low-credibility insight bidding for volume. Hazing new spawns is the default 0.5 score waiting for a track record.

System: push-driven broker, fresh session per turn (~97% prompt-cache hits), per-agent isolated git worktrees, self-heal, and human approval cards on destructive actions. Everything else runs autonomously while you are at lunch.

npx wuphf. Browser opens, office boots, you give a directive, work happens.

Source: https://github.com/nex-crm/wuphf Architecture: https://github.com/nex-crm/wuphf/blob/main/ARCHITECTURE.md Karpathy's autoresearch: https://github.com/karpathy/autoresearch PR #44: https://github.com/karpathy/autoresearch/pull/44 Demo: https://x.com/najmuzzaman/status/2053092220111098208

Karpathy said a research community beats a single PhD student. Not better thoughts. Better honesty about what survives. We built one shaped like a workplace.

Where does this stop being a chat toy and start being labor? How much worse when one of them is Michael Scott?

Open to roasting but let me grab my coffee first (medium roast please =_=).

Concord is TUI client for discord with discord like layout (Servers / Channels / Messages / Members), vim keys, inline image previews via Kitty/iTerm2/Sixel, reactions, polls, threads, forums, and more!(except voice calls, will be implemented) Sits at ~20–40 MB idle.

Concord is built with ratatui and crossterm.

Here are features: - Login by token, email/password or QR code from the mobile app - Discord like layout : Servers / Channels / Messages / Members - Vim-style keys (hjkl, g/G, Ctrl+d/Ctrl+u, Tab to cycle panes), plus mouse support - Send, edit, delete, and reply to messages, with mention autocomplete - Threads, forum posts (active and archived), pinned messages, mark-as-read - Reactions (Unicode + custom emoji), poll voting, who-reacted lists - Inline image previews via Kitty, iTerm2, or Sixel protocols (halfblock fallback for anything else) - Avatar and custom emoji rendering, full-screen image viewer - Live typing indicators, unread + mention counts - Attachment downloads - Message notification

If you try, please let me know your experience.

Hey HN! I have been working on Ant for a while now, would love to share around now.

What is Ant? It's my JavaScript runtime, built from scratch over many hours of work. Much effort has gone into keeping the binary size small, around 9MB at the moment (6.5 MB with -Os). On my M4 Pro, the hono coldstart bench (examples/npm/hono/bench-coldstart.js) lands around 5ms, about 2.4x faster than bun, and 5.8x faster than node.

To keep things small, the engine ("Ant Silver") is hand-written, not a wrapper around V8/JSC/SpiderMonkey. The JIT is still a work in progress but it uses a fork of MIR as the backend.

Ant currently targets the WinterTC Minimum Common API, while also passing 100% the javascript-zoo compat-table tests, and is sitting around 64% on test262.

Why did I build Ant? Well, I wanted a runtime small enough to ship with CLI's and small Docker containers without having to drag along 50 to 100mb of just runtime. Ant in its current state is performant enough in some cases to compete with v8, but mostly in specific shapes.

Background on how it got here: https://themackabu.dev/blog/ant-part-two

Online demo shell/container: https://ant.ax

If anyone has questions about Ant, such as the engine, im happy to answer any of them! Feedback is also appreciated, if you run your own code and hit some edge case.

title doesn't let nuance, ofc it's not the app that's faster but the way you can use it with Groq inference for example.

C Systems Lab is a free interactive web course that walks through 10 modules of systems programming in C: compilation, pointers, dynamic memory, structs, the preprocessor, file I/O, processes and signals, sockets, concurrency, and a tour below C.

The free course itself is the link. Get the free sample of the PDF by adding "/demo" to the link. Since I don't necessarily like the paywall aspect of it, you may ask me for the complete edition by reaching out via email.

Happy to answer questions about the content or the curriculum design.

The site hit #1 on HN about a year ago. Got enough traffic that I turned it into a proper API.

What's there: - REST API — 35k products, manually filterable by category, free key, 60 req/min - CLI — npx anycrap random -c food - faker.js plugin — bundled, no API call, works offline - HuggingFace dataset — full 35k rows for ML/training

https://anycrap.shop/developers