Maybe some of you will find it useful.
Happy to answer any questions.
Hacker News
Latest
Canada
2026-01-25 @ 21:07:41Points: 30Comments: 7
AI Tribalism
2026-01-25 @ 21:01:37Points: 32Comments: 26
OnePlus update blocks downgrades and custom ROMs by blowing a fuse
2026-01-25 @ 20:39:25Points: 155Comments: 47
Data Leak Exposes 149M Logins, Including Gmail, Facebook
2026-01-25 @ 19:45:10Points: 47Comments: 3
I was right about ATProto key management
2026-01-25 @ 19:31:23Points: 44Comments: 5
Spanish track was fractured before high-speed train disaster, report finds
2026-01-25 @ 19:12:50Points: 79Comments: 61
First, make me care
2026-01-25 @ 19:03:40Points: 153Comments: 64
ICE using Palantir tool that feeds on Medicaid data
2026-01-25 @ 17:36:19Points: 627Comments: 342
FAA institutes nationwide drone no-fly zones around ICE operations
2026-01-25 @ 17:24:42Points: 191Comments: 121
Using PostgreSQL as a Dead Letter Queue for Event-Driven Systems
2026-01-25 @ 15:51:03Points: 131Comments: 39
A macOS app that blurs your screen when you slouch
2026-01-25 @ 15:34:51Points: 392Comments: 138
Web-based image editor modeled after Deluxe Paint
2026-01-25 @ 12:54:53Points: 147Comments: 10
Doom has been ported to an earbud
2026-01-25 @ 12:22:12Points: 286Comments: 92
Nango (YC W23, Dev Infrastructure) Is Hiring Remotely
2026-01-25 @ 12:02:01Points: 1
Show HN: Bonsplit – Tabs and splits for native macOS apps
2026-01-25 @ 11:56:42Points: 173Comments: 24
Show HN: TUI for managing XDG default applications
2026-01-25 @ 11:19:04Points: 101Comments: 35
150k lines of vibe coded Elixir: The good, the bad and the ugly
2026-01-25 @ 10:54:29Points: 63Comments: 53
Jurassic Park - Tablet device on Nedry's desk? (2012)
2026-01-25 @ 09:22:17Points: 134Comments: 55
A flawed paper in management science has been cited more than 6k times
2026-01-25 @ 09:04:30Points: 580Comments: 307
Deutsche Telekom is throttling the internet
2026-01-25 @ 08:22:17Points: 545Comments: 260
Introduction to PostgreSQL Indexes
2026-01-25 @ 08:07:03Points: 259Comments: 13
ANN v3: 200ms p99 query latency over 100B vectors
2026-01-21 @ 19:58:59Points: 88Comments: 41
A Lament for Aperture
2026-01-21 @ 00:35:01Points: 219Comments: 52
Show HN: Fence – Sandbox CLI commands with network/filesystem restrictions
2026-01-20 @ 18:05:03Points: 45Comments: 12
Fence wraps any command in a sandbox that blocks network by default and restricts filesystem writes. Useful for running semi-trusted code (package installs, build scripts, unfamiliar repos) with controlled side effects, or even just blocking tools that phone home.
> fence curl https://example.com # -> blocked
> fence -t code -- npm install # -> template with registries allowed
> fence -m -- npm install # -> monitor mode: see what gets blocked
One use-case is to use it with AI coding agents to reduce the risk of running agents with fewer interactive permission prompts:
> fence -t code -- claude --dangerously-skip-permissions
You can import existing Claude Code permissions with `fence import --claude`.
Fence uses OS-native sandboxing (macOS sandbox-exec, Linux bubblewrap) + local HTTP/SOCKS proxies for domain filtering.
Why I built this: I work on Tusk Drift, a system to record and replay real traffic as API tests (https://github.com/Use-Tusk/tusk-drift-cli). I needed a way to sandbox the service under test during replays to block localhost outbound connections (Postgres, Redis) and force the app to use mocks instead of real services. I quickly realized that this could be a general purpose tool that would also be useful as a permission manager across CLI agents.
Limitations: Not strong containment against malware. Proxy-based filtering requires programs to respect `HTTP_PROXY`.
Curious if others have run into similar needs, and happy to answer any questions!