Top 10 Hacker News posts, summarized
HN discussion
(354 points, 1165 comments)
The author is creating a community-maintained directory of personal websites and is seeking submissions from Hacker News users. The directory, hosted at `hnpwd.github.io`, aims to collect personal sites with full control over design and content, particularly those that have been well-received in past HN discussions. The author also invites interested individuals to join the project as maintainers on GitHub.
The discussion primarily consists of users sharing links to their personal websites in response to the author's request. Several users also helpfully provide clickable versions of the provided links, including the directory itself, the project's README, and a link to a previous, similar "Ask HN" post. One comment also raises a question about the distinction between this project and another existing directory.
HN discussion
(377 points, 516 comments)
The article reports that the Ford F-150 Lightning outsold Tesla's Cybertruck in 2025, despite Ford ending production of the Lightning. Tesla's Cybertruck sales are estimated to be around 21,500 units globally for 2025, while the F-150 Lightning sold approximately 27,300 units in the US. The article attributes the Cybertruck's poor performance to production running at only 10% of its planned capacity and Tesla's obfuscation of sales data. The author suggests Tesla's attempts to boost Cybertruck sales, including price cuts and a cheaper trim, have failed, with even SpaceX purchasing over 1,000 units to inflate numbers.
The article further highlights that Ford has ceased F-150 Lightning production to shift towards an Extended-Range Electric Vehicle (EREV) strategy, while the Cybertruck continues to struggle. The author speculates that if Tesla were to distance itself from Elon Musk's controversial public image and reconsider its reliance on costly 4680 battery cells, Cybertruck sales might improve. However, the article concludes that a vehicle selling at such a low percentage of its production capacity is unlikely to survive.
The discussion reveals a sentiment that Tesla's Cybertruck has been an "abject failure," with commenters citing its divisive design, high cost, and potential repairability issues as significant drawbacks. There's a strong consensus that the F-150 Lightning was a more practical and appealing option for many consumers, leading to disappointment over its discontinuation. Some users suggest that Ford's shift to EREV technology is a more sensible approach to the current market.
Several commenters criticize Elon Musk's leadership and decision-making, pointing to what they see as a pattern of pursuing pet projects without proper consumer research, leading to the abandonment of other vehicles like the Model 2 and Roadster. The political association with Musk is also cited as a factor that may have harmed the Cybertruck's appeal, particularly among environmentally conscious consumers who may have an "anti-Elon" stance. The article's reporting on Tesla is defended against accusations of bias, with users arguing that frequent reporting on Tesla is due to the company's high visibility and the nature of its news, rather than deliberate favoritism.
HN discussion
(347 points, 352 comments)
SparkFun has announced it is ceasing all business transactions with Adafruit Industries due to alleged violations of SparkFun's Code of Conduct. Specific reasons cited include sending offensive and derogatory emails to SparkFun employees, former employees, and customers, as well as inappropriately involving a SparkFun customer in a private matter. SparkFun stated this decision was made after careful consideration and that they continue to support their broader reseller network. An update clarifies that this statement is SparkFun's sole public communication on the issue.
The Hacker News discussion reveals significant speculation due to the vagueness of SparkFun's statement. Commenters express surprise, as Adafruit is often perceived as taking a moral high ground. The revelation of an open-source alternative to Teensy, posted by Phil Torrone of Adafruit, shifts the narrative. Torrone alleges that SparkFun's decision is retaliation for Adafruit reporting SparkFun's leadership for harassment, and that SparkFun is using the Code of Conduct as a pretext to cut off access to the exclusive Teensy product. Some users critique both companies for engaging in public drama, while others are eager for more details, with some posts pointing towards a long-standing conflict involving harassment.
HN discussion
(390 points, 289 comments)
The author expresses extreme dissatisfaction with GitHub Actions, likening the experience to hating a piece of technology. A specific instance of frustration involved a CI build failing on Linux ARM due to an inability to find the `cue` binary, despite it working on other architectures. This failure stemmed from GitHub Actions' isolation of cross-build environments, where the runner for ARM hid binaries incompatible with its architecture.
The article details a frustrating feedback loop of making small changes to the CI configuration, waiting several minutes for each run to complete, and repeating this process. Ultimately, the author resolved the issue by removing the logic from `build.rs` and embedding the generated files directly into the repository, concluding that GitHub Actions often hinders rather than helps development, despite offering some benefits like macOS builds.
A recurring theme in the comments is the shared pain of debugging GitHub Actions, with many agreeing that logic should not reside within the Actions workflow itself but rather be handled by separate, locally testable scripts. Tools like `act` (for local execution) and `action-tmate` (for interactive debugging) are suggested as ways to mitigate the frustrating feedback loop. Several commenters emphasize the importance of KISS (Keep It Simple, Stupid) principles for workflows, advocating for them to simply invoke scripts.
Some discussion points question whether the issues are unique to GitHub Actions or common across CI platforms, while others propose alternative approaches like containerizing the entire CI process or using different CI/CD solutions that offer better debugging capabilities, such as live web terminals. There's also a suggestion that the problem might stem from environment setup and tooling management, with Nix or Mise being mentioned as potential solutions.
HN discussion
(277 points, 227 comments)
The EFF article "So, you’ve hit an age gate. What now?" addresses the growing prevalence of age verification mandates online and provides guidance for users navigating these requirements. The EFF firmly opposes all forms of age-gating, citing risks to privacy and free speech. However, acknowledging that these mandates are already in effect, the article offers a practical guide for users to minimize the infringement on their rights when faced with age verification requests.
The guide emphasizes "following the data," recommending users submit the least amount of information possible and critically evaluating the data required, access controls, retention policies, audit trails, and visibility of each age verification method. It details various verification options offered by major platforms like Meta, Google, and TikTok, including facial age estimation, document uploads, credit card verification, and digital IDs, while highlighting the potential privacy risks and limitations of each, particularly for marginalized groups.
HN commenters expressed a range of reactions, from pragmatic workarounds to strong opposition and skepticism. Several users suggested using VPNs to circumvent age verification laws in their jurisdiction or employing ad-blockers and other privacy tools to avoid such prompts altogether. Others questioned the effectiveness and necessity of these measures, with some commenters sharing anecdotes about age verification being easily bypassed or its unreliability, particularly for minors and marginalized groups.
A significant portion of the discussion focused on the privacy implications and the perceived ulterior motives of tech companies. Many commenters believed the primary goal of age verification is data collection, with concerns raised about the sale and monetization of personal information, including facial scans and uploaded IDs. There was also a sentiment that users should refuse to comply with age verification requests, as collective non-compliance might force platforms to abandon these measures.
HN discussion
(335 points, 157 comments)
Claude Cowork, a new AI agent for daily work, is vulnerable to file exfiltration attacks. This vulnerability stems from an unremediated isolation flaw in Claude's code execution environment, which was previously identified in Claude.ai chat. Attackers can exploit this by injecting malicious prompts into files that users upload or interact with, tricking Cowork into uploading sensitive local files to an attacker's Anthropic account without user approval.
The attack chain involves a victim connecting Cowork to a local folder, then uploading a specially crafted file (e.g., a .docx disguised as a "Skill") containing a hidden prompt injection. When the victim asks Cowork to analyze files using this skill, the injection manipulates Claude to use a curl command to upload the largest available file to the attacker's account via the Anthropic file upload API, bypassing network restrictions. The article also notes a potential denial-of-service vulnerability with malformed files.
Commenters expressed frustration with AI companies acknowledging risks but placing the burden of prevention on non-technical users, deeming it "unreasonable" and "unfair." Many noted the speed at which the vulnerability was exploited after Cowork's release, with some equating prompt injection to a new form of Remote Code Execution (RCE). There was a general consensus that prompt injection remains a fundamental, unsolved problem for AI agents.
Several comments explored the nature of the attack and potential mitigations. One suggestion was to upload compromised API keys to GitHub Gists, as Anthropic and others scan for them to revoke them. Others discussed the potential for social engineering, suggesting that simply sharing a link to a malicious Markdown file could be more effective than complex hidden text in documents. The need for explicit, statically registered tools rather than implicit "skills" was also raised as a way to improve security by defining and whitelisting capabilities more clearly.
HN discussion
(234 points, 254 comments)
Starlink has doubled the high-speed data allowance for its Roam 50GB plan to 100GB at no extra cost, effective January 13, 2026, in most markets. After exceeding the 100GB high-speed limit, users will experience unlimited data at reduced speeds, suitable for basic tasks like email and texting, but limiting streaming and video calls. Users will be notified at 80% and 100% of their high-speed data usage.
To regain high-speed access after the limit is reached, users can upgrade to Roam Unlimited, which is a recurring change for future billing cycles. The option for per-GB data purchases on Roam plans has been discontinued, with the exception of Ocean Mode. Roam 50GB remains available in specific markets where Roam 100GB is not yet offered.
Many commenters appreciate the shift from a data "cliff" to unlimited "slow speeds" as a more user-friendly approach, allowing for basic connectivity and work even after exceeding the high-speed cap. This "slow mode" is seen as sufficient for video conferencing and remote work, with the option to upgrade to unlimited for more demanding tasks. Some users previously relied on Starlink as a backup for outages or for travel and found it to be a valuable, albeit sometimes data-intensive, service.
A recurring theme among some users is a reluctance to subscribe to Starlink's services due to the company's owner, Elon Musk. Despite acknowledging the technological achievements, these individuals express a desire for alternatives from more neutral vendors. There is also discussion about the removal of the per-GB data purchase option, with some preferring the old system where exceeding the limit incurred a per-gigabyte charge rather than being automatically throttled or forced into a higher unlimited plan.
HN discussion
(291 points, 122 comments)
Unable to access content: The provided URL returned a 403 Forbidden error, preventing the article from being fetched and summarized.
The discussion among Hacker News users reveals a mixed reception to migrating from Redis to SolidQueue for background job processing in Rails applications. A primary theme is the perceived operational overhead of managing Redis compared to leveraging an existing PostgreSQL database for SolidQueue. Several users express interest in SolidQueue's potential for simplification, particularly for new or less high-throughput applications. However, concerns are raised regarding SolidQueue's scalability under high load, with some users sharing experiences of hitting PostgreSQL performance bottlenecks and opting for Redis with libraries like BullMQ. The suitability of database-backed queues for large payloads is also questioned, with Redis being favored in such scenarios. The discussion touches upon the trade-offs between system complexity, operational burden, and performance, with some users advocating for keeping Redis for specific use cases like caching due to its lower operational overhead. There is also a brief mention of alternative database-backed queuing systems and the importance of thorough testing and real-world production experience before committing to a switch.
HN discussion
(196 points, 186 comments)
The article proposes that GitHub implement a mandatory $1 per user per month charge for all organizations. This collected revenue would be held in an escrow fund and then distributed to open source projects based on their usage, similar to how music streaming services compensate artists. The author argues that relying on open source as a free gift is unsustainable and that a more structured funding model is necessary to support the critical infrastructure that open source provides.
The proposal suggests that GitHub could identify dependencies through mechanisms like `package.json` files. While acknowledging the idea is "half-baked," the author believes the current donation-based and "begging" model for open source developers is inadequate and that a system rewarding usage would be a more sustainable solution.
Commenters expressed skepticism and a range of concerns regarding the proposed $1 per user charge. A primary objection was that such a fee could drive a significant portion of GitHub users away. There was also a strong consensus that distribution based solely on top-level dependencies (as listed in `package.json`) would unfairly benefit superficial wrappers and the JavaScript ecosystem, with suggestions that lock files or transitive dependencies should be considered.
Several commenters pushed back against the premise that open source labor is not a gift, arguing that the license explicitly defines it as such and that many contributors are motivated by personal enjoyment and recognition. Counter-arguments highlighted the potential for abuse and gaming of any usage-based funding system, leading to an increase in spam and the need for extensive moderation. Alternative ideas included taxing large tech companies, with some suggesting GitHub should pay users for the AI features being added.
HN discussion
(190 points, 150 comments)
The website "Is My Pub Fucked?" aims to identify British pubs most in need of patronage due to potential government rate increases. It utilizes a "Fucked Pub Index™," combining Google Maps data with basic financial calculations to assess the fiscal impact on pubs. The site highlights pubs facing significant increases in their "rateable value," with the government's potential u-turn on these rates still unconfirmed. It encourages users to find their local pub, understand its challenges, and support it by visiting.
A significant portion of the discussion revolved around the website's UK-specific nature, with many users expressing confusion when entering non-UK (particularly US) zip codes. Several commenters appreciated the site's "British humor" and its ability to bring a local perspective to serious economic challenges facing independent pubs, which are seen as important social institutions. There was also interest in understanding "government pub rates" and the concept of "rateable value." Some users encountered technical issues with the website, reporting blank maps or SSL errors. A few comments expressed negative views on pubs themselves, citing poor experiences or advocating for alternative social spaces.
Generated with hn-summaries