Feed aggregator

Article URL: https://www.bloomberg.com/news/articles/2026-03-05/fbi-arrests-contractor-in-alleged-crypto-theft-held-by-marshals

Comments URL: https://news.ycombinator.com/item?id=47267139

Points: 1

# Comments: 0

Hi all!

I've built a small tool to visualize how inefficient `docker pull` is, in preparation for standing up a new Docker registry + transport. It's bugged me for a while that updating one dependency with Docker drags along many other changes. It's a huge problem with Docker+robotics. With dozens or hundreds of dependencies, there's no "right" way to organize the layers that doesn't end up invalidating a bunch of layers on a single dependency update - and this is ignoring things like compiled code, embedded ML weights, etc. Even worse, many robotics deployments are on terrible internet, either due to being out in the boonies or due to customer shenanagins. I've been up at 4AM before supporting a field tech who needs to pull 100MB of mostly unchanged Docker layers to 8 robots on a 1Mbps connnection. (and I don't think that robotics is the only industry that runs into this, either - see the ollama example, that's a painful pull)

What if Docker were smarter and knew about the files were already on disk? How many copies of `python3.10` do I have floating around `/var/lib/docker`. For that matter, how many copies of it does DockerHub have? A registry that could address and deduplicate at the file level rather than just the layer level is surely cheaper to run.

This tool:

- Given two docker images, one you have and one you are pulling, finds how much data docker pull would use, as well as how much data is _actually_ required to pull - Shows an estiimate for how much time you will save on various levels of cruddy internet - There's a bunch of examples given of situations where more intelligent pulls would help, but the two image names are free text, feel free to write your own values there and try it out (one at a time though, there's a work queue to analyze new image pairs) The one thing I wish it had but haven't gotten around to fitting in the UI somehow is a visualization of the files that _didn't_ change but are getting pulled anyhow.

It was written entirely in Claude Code, which is a new experience for me. I don't know nextjs at all, I don't generally write frontends. I could have written the backend maybe a little slower than Claude, but the frontend would have taken me 4x as long and wouldn't have been as pretty. It helped that I knew what I wanted on the backend, I think.

The registry/transport/snapshotter(?) I'm building will allow both sharing files across docker layers on your local machine well as in the registry. There's a bit of prior art with this, but only on the client side. The eStargz format allows splitting apart the metadata for a filesystem and the contents, while still remaining OCI compliant - but it does lazy pulls of the contents, and has no deduplication. I think it could easily compete with other image providers both on cost (due to using less storage and bandwidth...everywhere) as well as speed.

If you'd be interested in using this, please reach out.

Comments URL: https://news.ycombinator.com/item?id=47267138

Points: 1

# Comments: 0

Article URL: https://www.heise.de/en/news/GrapheneOS-Microsoft-Authenticator-does-not-support-secure-Android-OS-11200495.html

Comments URL: https://news.ycombinator.com/item?id=47267120

Points: 1

# Comments: 0

I built this because I was running 3-5 Claude Code instances on the same repo and burning out from constantly context switching between terminal windows. Carefully making sure agents' work didn't overlap, preventing context windows from degrading, manually enforcing documentation/memory policies, and re-explaining decisions across sessions.

Stoneforge is the coordination layer I wanted. A Director agent breaks goals into tasks. A dispatch daemon assigns them to workers when available, each task runs in its own git worktree. Stewards review completed tasks and squash-merge to main if everything passes inspection, otherwise they handoff the task with review comments to be picked up by a new agent. When a worker hits its context limit, it commits, writes handoff notes, and exits, so the next worker can pick up on the same branch with a fresh context window and important notes from the previous agent's work.

Some design decisions that might be interesting to this crowd:

- Fully event-sourced with a complete audit log. - Supports syncing tasks to Github or Linear, and documents to Notion, Obsidian, or a local folder. Custom providers are also supported. - JSONL as source of truth, SQLite as a disposable cache. JSONL diffs, merges across branches, and survives corruption. SQLite gives you FTS5 and indexed queries. The SQLite .db can be rebuilt on different devices in seconds. - No approval gates by default. If five agents each need confirmation for every file write, you won't be moving any faster. Review happens at the merge steward level. - Worktrees over containers. The conflict surface for coding agents is git and the file system, containers or remote instances are overkill. Worktrees create in milliseconds, share node_modules and build caches, and don't need Docker or separate servers. - You can run multiple Claude Code / Codex plans simultaneously on the same codebase.

Works with Claude Code, OpenAI Codex, and OpenCode. Apache 2.0. GitHub: https://github.com/stoneforge-ai/stoneforge

Happy to discuss the architecture or any of the tradeoffs.

Comments URL: https://news.ycombinator.com/item?id=47267105

Points: 1

# Comments: 0

Article URL: https://www.youtube.com/shorts/CJrOMs4L-lc

Comments URL: https://news.ycombinator.com/item?id=47267099

Points: 1

# Comments: 1

Article URL: https://vault.fbi.gov/attempted-hacking-of-oldsmar-water-treatment-plant-on-february-5-2021/attempted-hacking-of-oldsmar-water-treatment-plant-on-february-5-2021-final/at_download/file

Comments URL: https://news.ycombinator.com/item?id=47267097

Points: 1

# Comments: 0

Article URL: https://www.macrumors.com/2026/03/05/mac-studio-no-512gb-ram-upgrade/

Comments URL: https://news.ycombinator.com/item?id=47267088

Points: 3

# Comments: 1

Article URL: https://twitter.com/im_roy_lee/status/2029606868369236088

Comments URL: https://news.ycombinator.com/item?id=47267073

Points: 1

# Comments: 0

Article URL: https://99helpers.com/tools/visual-contextual-chat

Comments URL: https://news.ycombinator.com/item?id=47267057

Points: 1

# Comments: 0

Article URL: https://melhorar-aprendizagem.com.br/

Comments URL: https://news.ycombinator.com/item?id=47267027

Points: 1

# Comments: 1

AI agents increasingly execute real system actions: issuing refunds, modifying databases, deploying infrastructure, calling external APIs.

Because agents retry steps, re-plan tasks, and run asynchronously, the same action can sometimes execute more than once.

In production systems this can cause duplicate payouts, repeated mutations, or inconsistent state.

Kybernis is a reliability layer that sits at the execution boundary of agent systems.

When an agent calls a tool:

1. execution intent is captured 2. the action is recorded in an execution ledger 3. idempotency guarantees are attached 4. the mutation commits exactly once

Retries become safe.

Kybernis is framework-neutral and works with agent frameworks like LangGraph, AutoGen, CrewAI, or custom systems.

I built this after repeatedly seeing reliability failures when AI agents interacted with production APIs.

Would love feedback from anyone building agent systems.

Comments URL: https://news.ycombinator.com/item?id=47267024

Points: 1

# Comments: 1

Article URL: https://economist.com/culture/2026/03/05/triumph-of-the-toons-how-animation-came-to-rule-the-box-office

Comments URL: https://news.ycombinator.com/item?id=47267022

Points: 1

# Comments: 0

Article URL: https://www.themarginalian.org/2026/03/05/alan-lightman-death/

Comments URL: https://news.ycombinator.com/item?id=47267007

Points: 2

# Comments: 0

Article URL: https://www.annualreviews.org/content/journals/10.1146/annurev-lawsocsci-111524-094646

Comments URL: https://news.ycombinator.com/item?id=47266997

Points: 2

# Comments: 1

Article URL: https://www.lableaks.dev/p/dereks-at-work

Comments URL: https://news.ycombinator.com/item?id=47266984

Points: 1

# Comments: 0

SafeAppeals is an AI-powered document workspace designed for legal professionals, researchers, injured workers, and anyone handling document-heavy workflows. Built with Electron and TypeScript, it combines a powerful code editor interface with native support for DOCX, PDF, Excel, and Markdown files.

Key features include: - Integrated AI agents powered by Claude, OpenAI, and Google APIs for document analysis and generation - Native document editing without conversion to plaintext - DocuSign integration for document signing workflows - Custom MCP (Model Context Protocol) server support - Flexible token-based pricing with BYOK option

Targeting the gap between general-purpose tools like Notion and Claude with document-specific AI workflows for professionals who need document integrity and AI assistance working together.

Comments URL: https://news.ycombinator.com/item?id=47266983

Points: 1

# Comments: 0

Article URL: https://github.com/jj-vcs/jj/releases/tag/v0.39.0

Comments URL: https://news.ycombinator.com/item?id=47266973

Points: 1

# Comments: 0

Soldier Boy, Homelander, Butcher and more appear in the season 5 preview.

Article URL: https://www.star-history.com/blog/ai-ui-irrelevant

Comments URL: https://news.ycombinator.com/item?id=47266944

Points: 1

# Comments: 0

just shipped vibe-auditor

npm i -g vibe-auditor auditor .

AI audits your entire codebase. finds what tests miss. delivers fixes you accept or reject in the terminal.

Comments URL: https://news.ycombinator.com/item?id=47266939

Points: 1

# Comments: 0