HN Reader

Genie 3: A new frontier for world models (deepmind.google)

381 points by bradleyg223 2h ago 132 comments

GitHub Pull Requests Are Down (github.com)

127 points by trashburger 36m ago 43 comments

GitHub is having an ongoing incident with loading pull requests (githubstatus.com)

34 points by lr0 31m ago 2 comments

uBlock Origin Lite now available for Safari (apps.apple.com)

599 points by Jiahang 7h ago 246 comments

AI is not Making Engineers 10x as Productive (colton.dev)

316 points by coltonv 2h ago 259 comments

US Coast Guard Report on Titan Submersible (news.uscg.mil)

54 points by rwmj 1h ago 16 comments

AI Stands for Artificial Inanity (lambdaland.org)

83 points by ashton314 2h ago 42 comments

Los Alamos Is Capturing Real-Time Images of Explosions at 7Mths of a Second (lanl.gov)

26 points by LAsteNERD 1h ago 9 comments

Build Your Own Lisp (buildyourownlisp.com)

140 points by lemonberry 4h ago 24 comments

No Comment (2010) (prog21.dadgum.com)

29 points by ColinWright 1h ago 22 comments

Monitor your security cameras with locally processed AI (frigate.video)

406 points by zakki 11h ago 193 comments

Why is GitHub UI getting so much slower? (yoyo-code.com)

3 points by lr0 7m ago 0 comments

EPA Moves to Cancel $7B in Grants for Solar Energy (nytimes.com)

35 points by Jimmc414 46m ago 19 comments

SimpleW – Web Server Library .NET Core (github.com)

31 points by prodbro 2h ago 45 comments

Proxmox Virtual Environment 9.0 with Debian 13 released (proxmox.com)

90 points by speckx 2h ago 30 comments

PHP 8.5 adds pipe operator (thephp.foundation)

342 points by lemper 12h ago 223 comments

A Carnival Attraction That Saved Premature Babies (2016) (smithsonianmag.com)

84 points by pr337h4m 2d ago 9 comments

Show HN: I spent 6 years building a ridiculous wooden pixel display (benholmen.com)

1053 points by benholmen 23h ago 135 comments

Apache ECharts 6 (echarts.apache.org)

153 points by makepanic 9h ago 19 comments

AI Teammates for for Revenue Teams

4 points by davismartens 3d ago 0 comments

TSMC says employees tried to steal trade secrets on iPhone 18 chip process (9to5mac.com)

166 points by mikece 3h ago 122 comments

More than two hard disks in DOS (os2museum.com)

25 points by yuhong 4h ago 24 comments

Enough is enough–I dumped Google's worsening search for Kagi (arstechnica.com)

47 points by thimabi 2h ago 19 comments

The Age of Bronze and Steel (blog.zarfhome.com)

9 points by panic 1d ago 1 comments

Can you block it? A simple Ad Block Tester (canyoublockit.com)

42 points by nateb2022 3h ago 16 comments

Chris Curry interviewed by Your Computer magazine (1981) (computeradsfromthepast.substack.com)

20 points by klelatti 3d ago 2 comments

How we made JSON.stringify more than twice as fast (v8.dev)

421 points by emschwartz 1d ago 145 comments

Qwen-Image: Crafting with native text rendering (qwenlm.github.io)

515 points by meetpateltech 1d ago 144 comments

FCC Abandons Efforts to Make U.S. Broadband Fast and Affordable (techdirt.com)

5 points by CharlesW 15m ago 1 comments

Where to find ideas (howtogrow.substack.com)

78 points by kiyanwang 9h ago 38 comments

Thingino: Open-Source Firmware for IP Cameras (thingino.com)

253 points by zakki 17h ago 40 comments

Backblaze Drive Stats for Q2 2025 (backblaze.com)

51 points by TangerineDream 2h ago 13 comments

I tried to replace myself with ChatGPT in my English class (lithub.com)

273 points by lapcat 2d ago 265 comments

3D Line Drawings (amritkwatra.com)

264 points by tansh 16h ago 14 comments

Show HN: I built a text-based birthday reminder app (birthdays.app)

38 points by samfeldman 2h ago 21 comments

C10kday (daniel.haxx.se)

49 points by LorenDB 4h ago 10 comments

Weather satellites detect 515-mile-long lightning flash (space.com)

49 points by Brajeshwar 3d ago 13 comments

Clojure Civitas – Publish Clojure Ideas and Explorations (github.com)

54 points by TheWiggles 3d ago 7 comments

Ask HN: What trick of the trade took you too long to learn?

282 points by unsupp0rted 22h ago 539 comments

DrawAFish.com Postmortem (aldenhallak.com)

375 points by hallak 1d ago 100 comments

OpenIPC: Open IP Camera Firmware (openipc.org)

292 points by zakki 4d ago 133 comments

Call to a local Social Security may be picked up by someone who can't help (npr.org)

3 points by duxup 12m ago 1 comments

Indian Sign Painting: A typeface designer's take on the craft (bl.ag)

198 points by detaro 3d ago 39 comments

Show HN: I've been building an ERP for manufacturing for the last 3 years (github.com)

271 points by barbinbrad 17h ago 135 comments

As a linguist, I want to find the words to measure chronic illness (thesicktimes.org)

35 points by Avshalom 2d ago 19 comments

Content-Aware Spaced Repetition (giacomoran.com)

167 points by ran3000 20h ago 64 comments

NASA's Curiosity picks up new skills (jpl.nasa.gov)

149 points by Bluestein 20h ago 51 comments

Perplexity is using stealth, undeclared crawlers to evade no-crawl directives (blog.cloudflare.com)

1213 points by rrampage 1d ago 692 comments

Customizing tmux (evgeniipendragon.com)

166 points by EPendragon 1d ago 141 comments

Hiroshima (1946) (newyorker.com)

113 points by pseudolus 3d ago 221 comments

Show HN: EACL – ReBAC Authorization in Clojure and Datomic Based on SpiceDB

1 pgt 0 8/5/2025, 4:09:59 PM github.com ↗
Hi HN, Petrus here from Cape Town, South Africa. I spent the better half of 2024 integrating our Clojure-based cloud provisioning platform at CloudAfrica with SpiceDB, a scalable ReBAC based authorization system based on Zanzibar, Google's globally-consistent authorization system.

The problem with any external authorization system is modelling & synchronization: SpiceDB has a text-based schema DSL to define Relations & Permissions and it models Relationships as 3-tuples of `[subject relation resource]`.

However, in Datomic we had attributes like `:account/owner`, `:server/account`, `:vpc/account` and `:vpc/viewers`. Figuring out which Relationships to create or delete in SpiceDB when anything changed became a diffing + batched sync problem, especially with an impedance mismatch between our data and our permission schema.

I realized that if we modelled our AuthZ Relationships directly in Datomic, all our syncing problems would go away: you can simply tail the Datomic transactor queue and instantly create or delete Spice relationships in real-time. But once you do that, you might as well model the permission schema as well, and if you go one step further, you can implement the permission graph traversal directly in Clojure to avoid a network hop. And that is exactly what EACL became.

EACL (Enterprise Access ControL) is an embedded authorization library that lives next to your data in Datomic and avoids an external network I/O hop. EACL is suitable for small-to-medium scale, while giving you the option to migrate to SpiceDB in future when you need more scale and consistency semantics.

EACL implements the SpiceDB gRPC API as an idiomatic Clojure protocol (`IAuthorization`), using Datomic as a backing graph store. So you can easily add sophisticated authorization to your Clojure project and sync to Spice later.

Internally, EACL uses direct `datomic.api/index-range` queries to efficiently traverse the permission graph. The goal for EACL is to provide best-in-class authorization for Clojure & Datomic for <10M entities.

EACL has been open-sourced under AGPL, but we are likely to relicense it under a more permissive licence. EACL is used at CloudAfrica, a regional cloud host based in South Africa (https://cloudafrica.net).

Comments (0)

No comments yet