AI Summarized Hacker News
Front-page articles summarized hourly.
Page refresh breaks the Claude-style SSE stream, losing in-flight tokens and forcing a full rebuild of history. A Minimal Chat UI built on WebSockets/Pub/Sub shows seamless resume without persistent state. The point isn't that SSE is inherently bad, but that its capabilities are limited for reconnection, multi-device, presence, and efficient hydration. The author argues the real art of the possible is a pub/sub transport for AI, where one message collects tokens via append, and updates on reconnect provide a seamless, scalable experience without token-by-token streaming.
HN Comments
Cord enables agents to build and evolve a coordination tree at runtime instead of following a pre-defined workflow. Unlike static frameworks (LangGraph, CrewAI, AutoGen, OpenAI Swarm, Claude loops), Cord lets one agent spawn subtasks and fork results, resolves dependencies, and incorporate human input via asks. Its five primitives (spawn, fork, ask, complete, read_tree) plus a protocol for dependency resolution, authority scoping, and lifecycle are enforced by a MCP server; the protocol is generic, so it can run over Claude, GPT, or Postgres. An API-migration example shows dynamic decomposition, parallel tasks, and analysis. The project, with ~500 lines and tests, is open-source.
HN Comments
Git tracks files, not directories. To ensure a directory exists in clones, you can track it with a placeholder. The .gitkeep approach uses an empty .gitkeep and a .gitignore that ignores everything except .gitkeep, but it requires two files and can confuse. The preferred method is to place a .gitignore inside the directory containing '*\n!.gitignore', so all files are ignored except the .gitignore itself, allowing the directory to be tracked with one file and survive renames.
HN Comments
Lexega provides a guardrail layer for SQL by turning SQL into deterministic, actionable signals before execution. It tokenizes/parses SQL (including Jinja/dbt), extracts semantic facts (read/write tables, grants, policy changes), and emits signals. Built-in and custom YAML rules map signals to severities and messages; policy evaluation yields a decision to allow, warn, or block. The process is deterministic; same input yields same signals. Includes semantic diff to catch risky changes, supports dbt templating with automatic rendering, and lets you override or extend rules. Outputs a decision.json for CI.
HN Comments
Blocked by Cloudflare when trying to access macleans.ca. The site's security service blocked the request to protect against attacks. Triggers include certain words/phrases, SQL commands, or malformed data. To resolve, contact the site owner with what you were doing and include the Cloudflare Ray ID (and your IP if requested).
HN Comments
Bluesky’s ATProto paints an open, user-owned data promise, but in practice most data sits on Bluesky-run Personal Data Servers (PDS). Self-hosting is uncommon and migration tools rely on future access. New ATProto apps deepen dependence on Bluesky, creating a centralization flywheel rather than true distribution. Bluesky controls key layers—the Relay, AppView, and DID Directory—giving an acquirer power to disable exports, cut off apps, or insert ads. Despite rhetoric, true decentralization is illusory; economic incentives favor consolidation.
HN Comments
Edge shows a Too Many Requests (HTTP 429) error, indicating rate limiting or excessive requests.
HN Comments
Before digital editing, transfers were done by analog telecine: film chains or flying-spot scanners projected film into a video recorder, often with 24→30fps pulldown, and per-scene color grading; pan-and-scan settings were programmed. Tape formats varied from 2" quad, 1" C-type to Beta SP and D1/D2; LaserDiscs were mastered from 2" quad. In the 1990s, Rank/telecine work gave way to digital intermediates: digital scanning (datacine) with film scanners (Spirit 4K, ARRISCAN, Northlight) and software corrections, yielding a digital master for distribution.
HN Comments
An anti-surveillance wave targets Flock’s license-plate reader cameras nationwide, with vandalism and contract cancellations amid fears of warrantless data sharing with ICE; coverage notes related controversies (Flock–Ring, police misuse) and rising civic resistance. Other items: an Oklahoma man is arrested after briefly exceeding his public-comment time at a data-center hearing; 10,000 gig workers petition Uber/Lyft to recover stolen wages; Tesla Robotaxis in Austin crash at about four times the rate of human drivers; AI-generated comments allegedly influenced an air-quality vote.
HN Comments
CERN celebrated the 30th anniversary of WorldWideWeb by rebuilding the original NeXT browser inside a modern browser in 2019, letting people experience the web’s humble origins. The project, supported by the US Mission in Geneva via CERN & Society Foundation, includes launch instructions and sections on history, timeline, the browser, typography, code, production, related links, and colophon.
HN Comments
Castillo laments that while AI enables everyone to build, it also floods the web with indistinguishable, low-signal projects. He has enjoyed making side projects for learning and fun, plus occasional clients, but now sharing them feels pointless as landing pages and GitHub repos all look the same. He admits contributing to the AI slop pile, yet remains hopeful about AI’s impact and progress. He’s unsure how to engage a world largely created by AI, though he continues building and revisiting past experiments and games.
HN Comments
An HTTP 403 Forbidden error from nginx, meaning access to the requested resource is denied.
HN Comments
Could not summarize article.
HN Comments
FCC Chairman Brendan Carr urged broadcasters to join a voluntary Pledge America Campaign to support Trump's Salute to America 250 celebration, proposing pro-America programming starting now through July 4, 2026. Suggested content includes daily recitations of the Star-Spangled Banner or Pledge, civic-history PSAs, segments on local historic sites, and music by American composers. He frames it as voluntary but says it could fulfill public-interest obligations. Critics note it's pressuring broadcasters; Democrats and others argue First Amendment rights and broader participation beyond broadcasters. The push aligns with a yearlong commemoration of American independence.
HN Comments
Trail of Bits dissects security failures in VSCode extensions, revealing three vulnerabilities (and a forthcoming VSCode bug) that could exfiltrate local files and even SSH keys. They analyze two Microsoft extensions—SARIF Viewer and Live Preview—and explain how misconfigurations and insecure Webviews allow attacker-controlled code to escape, bypass CSP, or perform DNS-based exfiltration. Key flaws include HTML/JS injection from untrusted SARIF data due to unsafe rendering and broad localResourceRoots, and a Live Preview HTTP server path traversal and CSP/nonce weaknesses. They offer defense recommendations: tighten CSP, restrict localResourceRoots, sanitize postMessage, and guard against DNS rebinding and path traversal.
HN Comments
The piece argues that every company building AI assistants is becoming an ad company, funding it with advertising and moving toward always-on, ambient devices that see and hear everything. Proactive, context-aware help requires continuous in-room processing, not wake words. Cloud inference and data sharing carry privacy risks; policy promises aren’t guarantees. The author advocates local edge inference: devices that process audio/video offline, with no data leaving the home, ensuring privacy through architecture rather than promises. The business model should sell hardware/software, not user data.
HN Comments
Turn Dependabot Off: Dependabot creates noise with Go security alerts; replace with two scheduled GitHub Actions: govulncheck for vulnerability scanning and daily CI against latest dependencies. Case: filippo.io/edwards25519 vulnerability (CVE-2026-26958) caused widespread but often irrelevant alerts; govulncheck filters via package- and symbol-reachability filtering. Advice: add go get -u -t ./... in CI, optionally sandbox steps. Result: reduce toil and improve security posture.
HN Comments
mines.fyi is a free US mine search using MSHA data, listing 91,000+ mines. It offers a map API and filters by state, mine type (surface/underground), status (active, abandoned, idled, nonproducing), and commodity (coal, metal, non-metal, sand & gravel, etc.). It also shows breakdowns for operators, mines, employees, and IDs, with data from the MSHA Open Government Dataset and an OpenAPI spec.
HN Comments
OpenScan provides affordable, open-source 3D scanners built from modular hardware and photogrammetry, aimed at hobbyists and professionals. The site showcases a Scan Gallery of community scans and products (OpenScan Mini, Classic, Cloud, Pi Shield + Ringlight, Benchy) and emphasizes a community-driven approach. It promotes stable pricing since 2022 and US shipping with taxes and fees included at checkout, plus an invitation to join the OpenScan Discord to contribute and access tools for digital preservation and creation.
HN Comments
KFC, Nando's and eight other restaurant groups have ditched the Better Chicken Commitment (BCC) and joined the industry-led Sustainable Chicken Forum (SCF) as UK poultry demand soars. The brands, which own or franchise 18 chains (including Popeyes, Wingstop and Wagamama), say SCF will boost welfare while meeting demand and cutting emissions, arguing slower-growing breeds are not the right path because they raise emissions. Animal welfare groups accuse the move of prioritising profit; critics say supply of slower birds is not yet available. KFC accounts for about 4% of UK chicken supply; M&S, Waitrose, Pret and Greggs remain in the BCC.
HN Comments
Made by Johno Whitaker using FastHTML