Hacker News: carderne

New comment by carderne in "UK sovereign LLM inference"

carderne — Fri, 15 May 2026 11:42:10 +0000

The UK grid does not import 44% of its energy.

Gell-Mann suggests I should treat the rest of your post with skepticism.

EDIT: maybe you meant the UK total primary energy? I feel like that's extending the boundary a bit far. Should we start digging for uranium? Or stick to renewables, but only with locally sourced silica and rare earths?

New comment by carderne in "ChatGPT for Excel"

carderne — Thu, 16 Apr 2026 06:54:49 +0000

What API/approach does it use to edit sheets?

I made a CLI (+skill) so agents could edit files with verbs like `insert A1:A3 '[1,2,3]'`, but did some evals and found it underperformed Anthropic's approach (just write Python).

New comment by carderne in "Open source security at Astral"

carderne — Thu, 09 Apr 2026 17:48:41 +0000

I deliberately didn't mention this because I think most of the pain with Github over the last year is probably caused to some degree by their scale, which seems like an unrelated issue. (But maybe not.)

New comment by carderne in "Open source security at Astral"

carderne — Thu, 09 Apr 2026 07:14:01 +0000

If anyone from Astral sees this: at this level of effort, how do you deal with the enormous dependence on Github itself? You maintain social connections with upstream, and with PyPA... what if Github is compromised/buggy and changes the effect of some setting you depend on?

New comment by carderne in "Go hard on agents, not on your filesystem"

carderne — Sat, 28 Mar 2026 06:33:17 +0000

I’m surprised it works for you with such a simple config? I’m the one that added the allowRead option to Claude’s underlying sandbox [0] and had quite a job getting my toolchains and skills to work with it [1].

[0] Fun to see the confusing docs I wrote show up more or less verbatim on Claude’s docs.

[1] My config is here, may be useful to someone: https://github.com/carderne/pi-sandbox/blob/main/sandbox.jso...

New comment by carderne in "Agent Safehouse – macOS-native sandboxing for local agents"

carderne — Mon, 09 Mar 2026 08:38:40 +0000

Interesting, that's not been my experience! Maybe you've got the list of things to allow/block just right. While testing different policies I've frequently seen Opus 4.6 go absolutely nuts trying to get past a block, unless I made it more clear what was happening.

Yeah I think for general use the transparency of what your thing does is really great compared to a pile of TypeScript and whatnot.

New comment by carderne in "Agent Safehouse – macOS-native sandboxing for local agents"

carderne — Mon, 09 Mar 2026 08:13:59 +0000

How do agents tend to deal with getting blocked? Messing around with sandboxes, I've quite even seen them get blocked, assume something is wrong, and go _crazy_ trying to get around the block, never stopping to ask for user input. It might be good to add to the error message: "This is deliberate, don't try to get around it."

For those using pi, I've built something similar[1] that works on macOS+Linux, using sandbox-exec/bubblewrap. Only benefit over OP is that there's some UX for temporarilily/permanently bypassing blocks.

[1] https://github.com/carderne/pi-sandbox

New comment by carderne in "Agent Safehouse – macOS-native sandboxing for local agents"

carderne — Mon, 09 Mar 2026 08:10:18 +0000

There is sandbox-runtime [1] from Anthropic that uses bubblewrap to sandbox on Linux (and works the same as OP on macOS). You can look at the code to see how it uses it. Anthropic's tool only support read blacklist, not a whitelist, so I forked it yesterday to support that [2].

[1] https://github.com/anthropic-experimental/sandbox-runtime [2] https://github.com/carderne/sandbox-runtime

New comment by carderne in "Supertoast tables"

carderne — Sat, 07 Mar 2026 07:21:53 +0000

I guess you don't get the luxury of being opinionated enough to say: forget your old data.

Anyway great write-up, even though I'm sure it's painful having to run this system on top of your once-elegant Postgres solution.

New comment by carderne in "Supertoast tables"

carderne — Fri, 06 Mar 2026 18:46:23 +0000

How does this work with self-hosting? Is the assumption that self-hosters won’t run into this problem?

For most use-cases I’d probably prefer to just delete the payloads some time after the job completes (persisting that data is business logic problem). And keep the benefits of “just use Postgres”, which you guys seem to have outgrown.

New comment by carderne in "Pi – A minimal terminal coding harness"

carderne — Wed, 25 Feb 2026 11:45:19 +0000

I got pi to write me a very basic sandbox based on an example from the pi github. Added hooks for read/write/edit/bash, some prompts to temp/perm override. Have a look, copy-paste what you like.

https://github.com/carderne/pi-sandbox

New comment by carderne in "Pi – A minimal terminal coding harness"

carderne — Wed, 25 Feb 2026 11:16:38 +0000

The people pushing oh-my-pi seem to have missed the point of pi... Downloading 200k+ lines of additional code seems completely against the philosophy of building up your harness, letting your agent self-improve, relying on code that you control.

If you want bags of features, rather clone oh-my-pi somewhere, and get your agent to bring in bits of it a time, checking, reviewing, customising as you go.

New comment by carderne in "Ladybird adopts Rust, with help from AI"

carderne — Mon, 23 Feb 2026 14:45:53 +0000

I'd say it's the idea/fact/feeling that, in 2026, agency matters more than skill/wisdom/intelligence.

Long read on the topic (quite funny, covers Cluely): https://harpers.org/archive/2026/03/childs-play-sam-kriss-ai...

New comment by carderne in "Anthropic officially bans using subscription auth for third party use"

carderne — Thu, 19 Feb 2026 07:30:49 +0000

It means the marginal cost to sell another subscription is lower than what they sell it for. I don't know if that's true, but it seems plausible.

New comment by carderne in "Zulip.com Values"

carderne — Tue, 10 Feb 2026 17:37:24 +0000

This is super interesting framing. I’m definitely a completer, not that I like much about Slack. Probably useful to have this kind of discussion before/while making knowledge management decisions in startups.

New comment by carderne in "Euro firms must ditch Uncle Sam's clouds and go EU-native"

carderne — Sat, 31 Jan 2026 16:27:44 +0000

Out of interest, what control plane do you use for a Hetzner/metal setup? Kubernetes ecosystem?

I use Coolify for side projects, haven’t investigated whether I’d want to use it for bigger/importanter stuff.

New comment by carderne in "Show HN: Streaming gigabyte medical images from S3 without downloading them"

carderne — Mon, 19 Jan 2026 15:57:21 +0000

I wasn't able to find any imagery online, and I don't have anything I can share publicly.

These are some of the existing commercial solutions (just found these on Google, can't remember which I was comparing my own work against):

- https://koregeosystems.com/digital-core-logging/

- https://mountsopris.com/wellcad/core-logging-software/

- https://www.geologicai.com/logging/

I don't know enough about the science side to take it any further on my own.

The "tech" part of what I started building is really quite simple: convert the images to Cloud-optimised GeoTIFF, then do range requests to S3 from the browser.

New comment by carderne in "Show HN: Streaming gigabyte medical images from S3 without downloading them"

carderne — Sun, 18 Jan 2026 10:14:43 +0000

Might not be possible to find any, they’re expensive and niche. If you reach out (email in profile) I can show/share how it works (nothing currently public).

New comment by carderne in "Show HN: Streaming gigabyte medical images from S3 without downloading them"

carderne — Sat, 17 Jan 2026 18:44:21 +0000

I did something similar once for a mining technique called “core logging”. It’s a single photo about 1000 pixels wide and several million “deep”: what the earth looks like for a few km down.

Existing solutions are all complicated and clunky, I put something together with S3 and bastardised CoGeoTIFF, instant view of any part of the image.

Wish I knew how to commercialise it…

New comment by carderne in "Go away Python"

carderne — Tue, 30 Dec 2025 18:13:06 +0000

To be fair, your comment didn't add much either.

Their main criticisms of Python were:

> it is slow, its type system is significantly harder to use than other languages, and it's hard to distribute

Your comment would have been more useful if it had discussed how FastAPI addresses these issues.