Hacker News: gravis

New comment by gravis in "Ask HN: What are you working on? (February 2026)"

gravis — Tue, 10 Feb 2026 03:22:25 +0000

Hey HN - ex-GitLab here, building Selora Homes: Professional installation and managed support for Home Assistant.

The idea is to give people the power of HA without needing to maintain it themselves. Most HA enthusiasts are happy to do this for their homes, but don't want to manage HA for parents, friends, etc.

We pre-install a smart hub (miniPC) for each subscriber and we maintain management access on the host via WireGuard, but all traffic is closed by default - remote support requires your approval. You stay admin of your own instance. The host pulls config updates from our public repo (https://gitlab.com/selorahomes/products/selorabox-nix/), and we handle monitoring, troubleshooting, and (soon) automatic updates with health-aware rollbacks.

We're also working on an AI agent that helps maintain configs and suggests automations.

We're an open core company backed by Open Core Ventures. Source code is on GitLab, roadmap is public: https://selorahomes.com/docs/roadmap/

Currently recruiting beta testers in California (Bay Area and SoCal) if you know anyone interested in testing our product!

We ship you a pre-installed miniPC, our installers handle any physical setup required, and we configure remotely so your devices are set up, along with automations, and a dashboard.

You give us honest feedback. If you're interested, book a call with us: https://selorahomes.cal.com/selorahomes/beta-tester-intro

We also have a free version: https://selorahomes.com/pricing

Check out our docs if want to explore by yourself: https://selorahomes.com/docs/

New comment by gravis in "GitHub’s latest security features"

gravis — Mon, 14 Oct 2019 21:25:24 +0000

GitLab offers free security checks for opensource projects (https://about.gitlab.com/blog/2018/06/05/gitlab-ultimate-and...). Enabling these checks is as simple as this one-liner (https://docs.gitlab.com/ee/user/application_security/sast/in...):

include: template: SAST.gitlab-ci.yml

Now do the same with Dependency Scanning, Container Scanning, DAST and License Compliance if needed.

Note that Auto-DevOps enables this automatically.

On a general note, I agree with you, Security should be available out of the box for everyone. I created last month this issue for this purpose, feel free to comment or watch it.

New comment by gravis in "Gemnasium acquired by GitLab, the future of version control is built-in security"

gravis — Tue, 30 Jan 2018 21:31:37 +0000

GitLab is planning a feature with the ability to use CI/CD pipelines (and so security checks) also for GitHub hosted projects. It is intended to be released in 10.6, according to the current scheduling: https://gitlab.com/gitlab-org/gitlab-ee/issues/3839

Gemnasium acquired by GitLab, the future of version control is built-in security

gravis — Tue, 30 Jan 2018 13:08:40 +0000

Article URL: https://gemnasium.com/blog/gemnasium-is-acquired-by-gitlab/

Comments URL: https://news.ycombinator.com/item?id=16264916

Points: 27

# Comments: 6

New comment by gravis in "GitHub acquires AppCanary"

gravis — Fri, 05 Jan 2018 15:50:49 +0000

Good luck Phill and Max for your new adventure! And thanks for having mentioned https://gemnasium.com as an alternative.

New comment by gravis in "Security alerts on GitHub"

gravis — Fri, 17 Nov 2017 01:23:12 +0000

(Hint: Gemnasium founder here) If you like this feature, you may want to try https://gemnasium.com then. We have a lot more advisories in db, for Java, Python, Ruby, PHP and JavaScript. Please feel free if you have any question, I’ll be glad to help!

From Monolith to Micro-Services, Part 3: The Transition

gravis — Thu, 30 Jun 2016 12:58:02 +0000

Article URL: http://blog.gemnasium.com/post/146701089939/from-monolith-to-micro-services-part-3

Comments URL: https://news.ycombinator.com/item?id=12008169

Points: 1

# Comments: 0

From Monolith to Micro-Services (Part 1 / 4)

gravis — Fri, 27 May 2016 11:53:58 +0000

Article URL: http://blog.gemnasium.com/post/145001327420/from-monolith-to-micro-services-part-1-4

Comments URL: https://news.ycombinator.com/item?id=11785372

Points: 3

# Comments: 0

Dear package, give Git tags to your versions

gravis — Thu, 08 Oct 2015 20:33:12 +0000

Article URL: http://blog.gemnasium.com/post/130767660320/dear-package-give-git-tags-to-your-versions

Comments URL: https://news.ycombinator.com/item?id=10355971

Points: 4

# Comments: 0

Gemnasium security alerts are now free for opensource projets

gravis — Tue, 05 May 2015 14:05:17 +0000

Article URL: http://blog.gemnasium.com/post/118186520636/security-alerts-go-free?utm_source=hackernews&utm_medium=link&utm_campaign=GemnasiumBlog

Comments URL: https://news.ycombinator.com/item?id=9492520

Points: 2

# Comments: 0

New comment by gravis in "Gem Updater: Update gems in your Gemfile and fetch their changelogs"

gravis — Mon, 16 Mar 2015 02:04:11 +0000

Ok, but there's a difference between sharing _all_ your files and just a bunch of non-critical ones (Gemfile, Gemfile.lock, etc.) :)

New comment by gravis in "Gem Updater: Update gems in your Gemfile and fetch their changelogs"

gravis — Sun, 15 Mar 2015 14:13:47 +0000

Hi, Gemnasium founder here. Let me clarify things a bit :) Gemnasium is a paid service for private projects only, and security notifications. It's free for opensource projects. If you don't want to share your github repo with us (and I completely understand that), you can push your files to our API using http requests, or directly our CLI : https//github.com/gemnasium/toolbelt Modern projects use more than one package manager (ie: bower or npm + something else). You don't need to mix tools with gemnasium, we support projects with multiple deps type.

Feel free to contact me if you have any question!