HACKER NEWS

Justin Poehnelt spent seven years at Google building open-source developer tools. His CLI went viral, hit #1 on Hacker News, and got him fired two days before Google announced their own version.

Filippo Valsorda argues that LLMs have ended the era of treating security researchers with kid gloves. When anyone can discover vulnerabilities with an AI, the old coordinated disclosure model breaks down.

Armin Ronacher's new essay explores the tension between letting AI agents loop autonomously and maintaining the engineering comprehension that makes software maintainable. The Hacker News discussion adds practical caveats worth reading.

Unsloth's dynamic quantization makes GLM-5.2 runnable on a 256GB Mac or a 24GB GPU with CPU offloading. Here is the hardware math, the quantization tradeoffs, and what the HN community learned from actually running it.

A blog post arguing for memcached over Redis sparked a heated HN debate. Here's the architectural argument for why memcached's constraints might actually be a feature.

A developer used OpenAI Codex to build a fully open-source WYSIWYG editor for TikZ figures. The technical approach and reception on Hacker News offer a useful case study in what agent-built software looks like when shipped.

Baidu releases Unlimited OCR, an open-source vision-language model that parses 100+ page documents in a single pass without memory blowup. Here's what developers need to know.

A new paper shows a 3B parameter model hitting 94.3 on AIME26 and 96.1% on LeetCode contests - matching or exceeding models 100x its size. The catch: it traded general knowledge for pure reasoning ability.

Switzerland's fully open foundation model promises transparent training data and EU compliance. The HN crowd has questions about actual performance.

A developer discovered that Claude Code's thinking output is summarized, not the raw reasoning. Here's what Anthropic's docs actually say - and why it matters.

A Codex CLI SQLite logging bug showed how global TRACE logs can burn SSD write endurance. OpenAI has now merged fixes, but the incident is a useful local-agent operations lesson.

Deno 2.9 ships a desktop app framework that compiles TypeScript projects into native binaries with WebView or bundled Chromium - a new Electron alternative from the Deno team.

Oak rethinks version control for agentic workflows with virtual mounts, faster snapshots, and lower VCS-related token overhead. Here's what the HN community thinks about this Show HN.

New research from MIT reveals that LLMs identify speakers by writing style, not by tags - meaning attackers who sound like the system effectively become the system. The findings explain why prompt injection remains unsolved.

Dan Abramov's explainer on ATProto architecture is making the rounds. The core insight: Bluesky's protocol separates hosting from applications in a way that Mastodon-style federation fundamentally cannot. Here's what that means for developers.

The new wrangler deploy --temporary flag creates ephemeral Cloudflare accounts for AI agents. 60-minute deployments, no OAuth, no browser - just deploy and claim later.

New benchmark data shows GPT-5.5 hallucinates 86% of the time when it does not know the answer - versus 28% for the open-weights GLM-5.2. The numbers challenge the assumption that bigger models equal more reliable output.

Modern LLMs now use MoE routing, mixed attention variants, and fused vision encoders. The simple transformer stack is gone - here's what replaced it and why it matters for developers.

A deep dive into DuckDB's architecture - columnar storage, vectorized execution, and zero-copy design that lets it compete with million-dollar clusters on a laptop.

Most developers only know .gitignore, but Git offers two other ignore mechanisms for local workflows and machine-wide patterns. Here's when to use each.