Hacker News: morphology

New comment by morphology in "Flue is a TypeScript framework for building the next generation of agents"

morphology — Sat, 02 May 2026 22:45:37 +0000

You're welcome to port anything over to those languages. LLMs can do it in a couple of days at most.

New comment by morphology in "Wacli – WhatsApp CLI"

morphology — Thu, 16 Apr 2026 00:58:00 +0000

You're right, Matrix is a much better option than Telegram. I misread the thread as comparing Signal to Matrix.

New comment by morphology in "Wacli – WhatsApp CLI"

morphology — Wed, 15 Apr 2026 19:48:35 +0000

It's a bit less automation-friendly because the UX is not great when the bot doesn't have its own phone number (which costs money). I think it has better privacy, though. Matrix server operators can read message metadata.

New comment by morphology in "404 Deno CEO not found"

morphology — Sat, 21 Mar 2026 18:58:43 +0000

I defaulted to Biome for all greenfield projects a year ago, and at this point you would have to drag me kicking and screaming back to ESLint and Prettier. I also defaulted to Bun and still think Bun is leagues better than Node.js but I now have my doubts about its future after seeing the OpenCode devs consciously minimize their dependency on Bun for strategic reasons.

New comment by morphology in "Astral to Join OpenAI"

morphology — Thu, 19 Mar 2026 14:16:06 +0000

That money is going directly to Jensen as quickly as possible to secure OpenAI's place in the delivery queue

New comment by morphology in "Astral to Join OpenAI"

morphology — Thu, 19 Mar 2026 14:14:16 +0000

They do have a hot mess with traction amongst developers. Codex is far behind Claude Code (in both the GUI and TUI forms), and OpenAI's chief of applications recently announced a pivot to focus more on "productivity" (i.e. software and enterprise verticals) because B2B yields a lot more revenue than B2C.

New comment by morphology in "Show HN: OneCLI – Vault for AI Agents in Rust"

morphology — Thu, 12 Mar 2026 20:56:48 +0000

Precisely. You absolutely have to ensure that random agents can't join your local network, which means you need a deterministic orchestrator or an AI orchestrator that only spins up a handful of vetted agents.

New comment by morphology in "Show HN: OneCLI – Vault for AI Agents in Rust"

morphology — Thu, 12 Mar 2026 20:32:00 +0000

I don't get the benefit. Yes, agents should not have access to API keys because they can easily be fooled into giving up those API keys. But what's to prevent a malicious agent from re-using the honest agent's fake API key that it exfiltrates via prompt injection? The gateway can't tell that the request is coming from the malicious agent. If the honest agent can read its own proxy authorization token, it can give that up as well.

It seems the only sound solution is to have a sidecar attached to the agent and have the sidecar authenticate with the gateway using mTLS. The sidecar manages its own TLS key - the agent never has access to it.