HN Reader

Claude Sonnet will ship in Xcode (developer.apple.com)

281 points by zora_goron 6h ago 214 comments

Strange CW Keys (sites.google.com)

60 points by austinallegro 3h ago 17 comments

Make any site multiplayer in a few lines. Serverless WebRTC matchmaking (oxism.com)

66 points by haxiomic 3d ago 16 comments

Ask HN: The government of my country blocked VPN access. What should I use?

936 points by rickybule 14h ago 522 comments

Lucky 13: a look at Debian trixie (lwn.net)

77 points by signa11 5h ago 14 comments

A deep dive into Debian 13 /tmp: What's new, and what to do if you don't like it (lowendbox.com)

93 points by shaunpud 5h ago 59 comments

Some thoughts on LLMs and software development (martinfowler.com)

278 points by floverfelt 12h ago 241 comments

The Synology End Game (lowendbox.com)

5 points by amacbride 1h ago 0 comments

PSA: Libxslt is unmaintained and has 5 unpatched security bugs (vuxml.freebsd.org)

43 points by burnt-resistor 3h ago 11 comments

Fuck up my site – Turn any website into beautiful chaos (fuckupmysite.com)

236 points by coloneltcb 10h ago 76 comments

AI adoption linked to 13% decline in jobs for young U.S. workers: study (cnbc.com)

298 points by pseudolus 17h ago 426 comments

My startup banking story (2023) (mitchellh.com)

247 points by dvrp 12h ago 119 comments

Uncertain<T> (nshipster.com)

322 points by samtheprogram 14h ago 71 comments

The Space Shuttle Columbia disaster and the over-reliance on PowerPoint (2019) (mcdreeamiemusings.com)

123 points by scapecast 9h ago 99 comments

Launch HN: Dedalus Labs (YC S25) – Vercel for Agents

67 points by windsor 15h ago 13 comments

An eyecare foundation model for clinical assistance (nature.com)

13 points by jameslk 9h ago 1 comments

Expert: LSP for Elixir (github.com)

122 points by pimienta 10h ago 12 comments

How life-size cows made of butter became an iconic symbol of the Midwest (smithsonianmag.com)

11 points by noleary 3d ago 7 comments

AI coding made me faster, but I can't code to music anymore (praf.me)

137 points by _praf 2d ago 135 comments

Python: The Documentary [video] (youtube.com)

196 points by chmaynard 8h ago 62 comments

Rupert's Property (johncarlosbaez.wordpress.com)

52 points by robinhouston 9h ago 8 comments

Sometimes CPU cores are odd (anubis.techaro.lol)

82 points by rbanffy 10h ago 101 comments

Thrashing (exple.tive.org)

63 points by pch00 1d ago 10 comments

Building your own CLI coding agent with Pydantic-AI (martinfowler.com)

149 points by vinhnx 13h ago 30 comments

In Search of AI Psychosis (astralcodexten.com)

132 points by venkii 2d ago 94 comments

Web Bot Auth (developers.cloudflare.com)

54 points by ananddtyagi 13h ago 48 comments

Powerful GPUs or Fast Interconnects: Analyzing Relational Workloads (vldb.org)

3 points by matt_d 3d ago 0 comments

TuneD is a system tuning service for Linux (tuned-project.org)

63 points by tanelpoder 3d ago 19 comments

You no longer need JavaScript: an overview of what makes modern CSS so awesome (lyra.horse)

193 points by todsacerdoti 10h ago 108 comments

RSS is awesome (evanverma.com)

202 points by edverma2 8h ago 84 comments

Ask HN: What to learn for math for modeling?

30 points by shivajikobardan 1d ago 14 comments

A forgotten medieval fruit with a vulgar name (2021) (bbc.com)

95 points by ohjeez 1d ago 39 comments

The King's Quarry: How Louis XVI Went from Hunter to Hunted (worldhistory.substack.com)

15 points by crescit_eundo 1d ago 0 comments

Will AI Replace Human Thinking? The Case for Writing and Coding Manually (ssp.sh)

138 points by articsputnik 17h ago 113 comments

There Goes the American Muscle Car (thedispatch.com)

46 points by pluripote 10h ago 147 comments

Dependent Types: Universes, or types of types (jonmsterling.com)

33 points by matt_d 2d ago 0 comments

A power shortage could short-circuit Nvidia's rise (economist.com)

13 points by 1vuio0pswjnm7 4h ago 5 comments

Microbial metabolite repairs liver injury by restoring hepatic lipid metabolism (journals.asm.org)

122 points by PaulHoule 20h ago 29 comments

The "996" schedule of working 9am-9pm, 6 days a week comes to Silicon Valley (fortune.com)

20 points by peachmaker 3h ago 11 comments

Prosper AI (YC S23) Is Hiring Founding Account Executives (NYC) (jobs.ashbyhq.com)

1 points by XDGC 19h ago 0 comments

Open Source is one person (opensourcesecurity.io)

363 points by LawnGnome 1d ago 151 comments

That boolean should probably be something else (ntietz.com)

89 points by vidyesh 19h ago 116 comments

Charting Form Ds to roughly see the state of venture capital “fund” raising (tj401.com)

160 points by lemonlym 19h ago 71 comments

Show HN: SwiftAI – open-source library to easily build LLM features on iOS/macOS (github.com)

63 points by mi12-root 17h ago 14 comments

Are OpenAI and Anthropic losing money on inference? (martinalderson.com)

482 points by martinald 21h ago 447 comments

Notes on Programming in C by Rob Pike (lysator.liu.se)

10 points by xelxebar 6h ago 1 comments

Speed-coding for the 6502 – a simple example (colino.net)

41 points by mmphosis 10h ago 9 comments

Optimising for maintainability – Gleam in production at Strand (gleam.run)

89 points by Bogdanp 16h ago 22 comments

Claude Code Checkpoints (claude-checkpoints.com)

169 points by punnerud 22h ago 113 comments

Group Borrowing: Zero-cost memory safety with fewer restrictions (verdagon.dev)

74 points by verdagon 19h ago 74 comments

PSA: Libxslt is unmaintained and has 5 unpatched security bugs

43 burnt-resistor 11 8/29/2025, 3:57:46 AM vuxml.freebsd.org ↗

Comments (11)

Svip · 1h ago
Related:

"Remove mentions of XSLT from the html spec" (9 days ago, 388p, 534c) https://news.ycombinator.com/item?id=44952185

"XSLT removal will break multiple government and regulatory sites" (6 days ago, 157p, 142c) https://news.ycombinator.com/item?id=44987346

"Should the web platform adopt XSLT 3.0?" (6 days ago, 133p, 107c) https://news.ycombinator.com/item?id=44987552

"Google did not unilaterally decide to kill XSLT" (6 days ago, 102p, 130c) https://news.ycombinator.com/item?id=44987239

imp0cat · 2h ago
Does this affect https://lxml.de/ ?
anonnon · 1h ago
Yes, as it's a front-end to both LibXML2 and LibXSLT.
burnt-resistor · 3h ago
Update 0: Fixed title, it's 5 rather than 4, and possibly another that's undisclosed.

Update 1: Apparently, GNOME bureaucracy is holding up the processing the application of a new maintainer for over a month now. Major browsers responded by deprecating/removing XSLT support. XSLT is/was mainly used for rendering and transforming SGML, HTML, and XML to other forms, I didn't even realize browsers supported it directly. https://gitlab.gnome.org/GNOME/libxslt/-/issues/150

--- List

0: https://gitlab.gnome.org/GNOME/libxslt/-/issues/139

1: https://gitlab.gnome.org/GNOME/libxslt/-/issues/140

2: https://gitlab.gnome.org/GNOME/libxslt/-/issues/144

3: https://gitlab.gnome.org/GNOME/libxslt/-/issues/148

4: BIGSLEEP-433713988 https://issuetracker.google.com/issues/433713988

> Please be aware: nobody will merge your fix because there are no active maintainers remaining. (If anybody is interested in maintaining libxslt, please let me know.) Having patches here will help a lot anyway, though, since downstream vendors will be able to use them.

https://gitlab.gnome.org/GNOME/libxslt/-/issues/144#note_245...

List of FreeBSD ports that are unlikely to build without `make DISABLE_VULNERABILITIES=yes`:

https://pastebin.com/raw/5dQ2U46f

I guess, technically, if libxslt isn't statically or dynamically linked in like browsers and some other programs do and only used as a build dep such as through xsltproc, there's not really a security issue after a build. For all runtime use / direct linking of libxslt, it's still a problem.

bkor · 29m ago
> Update 1: Apparently, GNOME bureaucracy is holding up the processing the application of a new maintainer for over a month now.

Could you explain this? You link to a closed bugreport where a new maintainer stepped up. A previously experienced developer said it'll take several months at least to get up to speed.

That a new person needs to be vouched for a critical library is pretty critical. There's been several examples where a malicious developer took over a critical project.

bawolff · 32m ago
> Major browsers responded by deprecating/removing XSLT support

Its probably wrong to think the browser stuff is solely due to lack of maintainer.

ZiiS · 2m ago
Not directly, but if the most used implementation is unmaintained how popular is the language?