HackerNews Digest

Claude Opus 4.7 is now generally available across Anthropic’s Claude products, API, Amazon Bedrock, Google Vertex AI, and Microsoft Foundry at the same pricing as Opus 4.6 ($5 M input tokens, $25 M output tokens). Key technical upgrades include: - **Software engineering**: 13 % higher resolution on a 93‑task coding benchmark, solving four tasks unsolved by Opus 4.6 or Sonnet 4.6; 3× more production tasks resolved on Rakuten‑SWE‑Bench; 10‑15 % lift in task success for complex workflows; reduced tool‑call errors and higher token efficiency. - **Multimodal vision**: Accepts images up to 2,576 px (≈3.75 MP), improving performance on visual‑acuity tests (98.5 % vs 54.5 % for Opus 4.6) and enabling detailed diagram and chemical‑structure interpretation. - **Autonomy & reasoning**: Better long‑context performance, self‑verification of outputs, and higher scores on internal research‑agent (0.715) and finance‑agent (0.813) evaluations. - **Safety**: Similar overall safety to Opus 4.6 with modest gains in honesty and prompt‑injection resistance; safeguards block prohibited cybersecurity requests. - **Operational changes**: Updated tokenizer (1.0–1.35× token count) and new “xhigh” effort level for finer reasoning‑latency trade‑offs; task‑budget beta and ultrareview command added. The model is positioned as a step toward broader Mythos‑class releases, with a Cyber Verification Program for legitimate security use.

None

CadQuery is presented as a Python‑based solution for creating parametric CAD models. The page’s title, “CadQuery | Create parametric CAD models with Python,” identifies the library’s core purpose: enabling users to generate and manipulate geometry programmatically via Python scripts. A logo image is included, serving as visual branding for the project. No additional descriptive text, features, or usage details are provided in the scraped excerpt.

AutoProber is an open‑source flying‑probe automation stack for hardware hacking, providing end‑to‑end target discovery, microscope mapping, safety‑monitored CNC motion, and controlled pin probing. The system is operated via a Flask web dashboard, Python scripts, or an autonomous agent, and includes Python control code, CAD files for a printable toolhead, and documentation. Core hardware comprises a GRBL‑compatible 3018‑style CNC controller (USB serial), a USB microscope served by mjpg_streamer, a Siglent oscilloscope (LAN/SCPI) for safety monitoring on Channel 4 and measurement on Channel 1, an optical endstop wired to the oscilloscope, and optional LAN‑controlled power outlet. Safety rules require continuous monitoring of Channel 4; any trigger, ambiguous voltage, CNC alarm, or limit pin forces an immediate stop, with manual operator recovery. Workflow: ingest project, connect hardware, run homing and calibration, attach probe, detect target, capture and stitch microscope frames with XYZ logging, annotate map, approve probe points on the dashboard, then execute bounded probe motions. Configuration is via environment files; runtime values include log path, calibration root, microscope URL, and oscilloscope host/port. The code is released under the PolyForm Non‑commercial License; commercial use requires a paid license.

The author experimented with Claude Code for hardware development, finding natural‑language prompts adequate for simple circuits but cumbersome for complex designs. To improve feedback, he integrated Claude with an oscilloscope and a SPICE simulator, enabling rapid validation of SPICE models, embedded firmware, and data analysis (e.g., time‑axis normalization and alignment). A minimal demo circuit and MCU illustrate a workflow that scales to larger projects. Key practical guidelines emerged: - **Oscilloscope use**: Claude cannot infer the physical wiring; provide explicit connection details, keep measurement data current, and avoid feeding raw traces directly—store data in files for indirect access. - **Microcontroller integration**: Supply a complete pin‑out/pin‑mux map, and use a Makefile exposing standard commands (build, flash, ping, erase) that Claude should invoke rather than constructing ad‑hoc commands. These practices streamline iterative design, testing, and analysis with Claude Code.

Tree‑sitter is a C‑based incremental parsing generator with bindings for Rust and R. A JavaScript grammar for R, created by Davis Vaughan and collaborators, enables Tree‑sitter to parse R code quickly and reliably. The {treesitter} R package exposes this capability, allowing users to obtain S‑expressions for R snippets and to query the syntax tree. Built on this foundation are several tools that improve the R development workflow: * **Air** (Rust CLI) reformats R code at high speed; **Jarl** (built on Air) lints, fixes unreachable code, unused functions, and duplicate definitions. * **Ark**, the R kernel used in Positron IDE, provides auto‑completion and hover help via Tree‑sitter. * GitHub leverages the grammar for precise code browsing, showing definitions directly in search results. * The {gander} package and {treesitter} query language enable code analysis, while {igraph.r2cdocs} uses it to link C‑level documentation. * {pkgdepends} detects dependencies, **ast‑grep** (wrapped by {astgrepr}) offers robust AST‑based search and refactoring, {muttest} implements mutation testing, and **difftastic** supplies syntax‑aware diffs. These tools illustrate how integrating the R grammar with a general parsing engine yields fast, accurate formatting, linting, navigation, and analysis, and the ecosystem continues to evolve.

The Android Developers blog announces a preview of Android CLI, a terminal‑based interface for Android SDK tasks designed for agentic workflows and automation. Key commands include `android sdk install` for selective SDK component download, `android create` for rapid project scaffolding from official templates, `android emulator` and `android run` for virtual device management and deployment, and `android update` for keeping the CLI current. Internal tests show the CLI cuts LLM token usage by >70% and speeds task completion threefold versus standard toolsets. A new “Android skills” repository on GitHub provides modular markdown specifications (SKILL.md) that trigger automatically when prompts match, covering migrations, edge‑to‑edge UI, AGP 9, XML‑to‑Compose, R8 analysis, etc.; these can be installed via `android skills`. The Android Knowledge Base, accessible with `android docs`, offers agents up‑to‑date guidance from official docs, Firebase, Google Developers, and Kotlin resources, compensating for LLM training cutoffs. All tools integrate with Android Studio, allowing projects started with the CLI to be opened for UI design, debugging, profiling, and AI‑assisted development across phones, tablets, foldables, Wear OS, Android Auto, and TV. The CLI preview and related resources are available at d.android.com/tools/agents.

Substrate is developing an AI‑native business process outsourcing platform focused on healthcare revenue cycle management, handling over 500 k claims monthly. The company seeks a Harness Engineer to design, deploy, and measure AI agents that process claims, interpret contracts and payer policies, assess medical necessity, reconcile payments, and interact with sensitive healthcare and financial infrastructure. Responsibilities include extending the agent suite, building production‑scale measurement infrastructure for precision and cost optimization across tens of millions of annual claims, and collaborating with clients on high‑sensitivity use cases. Candidates should have strong ownership, deep experience building and shipping ML/AI products, expertise in modern LLM architectures, fine‑tuning, and large‑scale evaluation, and preferably healthcare domain knowledge. Prior startup experience, independent product launch, or founding experience is valued. The role is on‑site in San Francisco three days per week, with competitive salary and equity.

The documentary “Clojure” chronicles the language’s development from a two‑year sabbatical and a determined effort to build the engineering stack for one of the world’s largest fintech firms. It follows founder Rich Hickey, along with contributors such as Alex Miller and Stuart Halloway, detailing Clojure’s unconventional origins, the formation of its values‑driven community, and the language’s subtle but significant influence on software design thinking. The film highlights how Clojure’s functional, immutable approach has been adopted in production environments and examines the cultural and technical principles that guide its ecosystem. Production was supported by Nubank.

Cloudflare analytics showed a cache‑hit ratio of 0.8 % on a mostly static WordPress site, revealing a flood of uncacheable traffic. One Singapore‑based DigitalOcean IP sent 288 493 POST requests to /xmlrpc.php within 24 hours, using the system.multicall method to embed hundreds of credential pairs per request and brute‑force WordPress logins. Because /xmlrpc.php is always dynamic, each request drove the cache‑rate down, serving as a clear indicator of abuse. Detection: query Cloudflare’s GraphQL analytics (or use the dashboard) for top paths; a high‑count, dynamic /xmlrpc.php entry signals an attack. Mitigation: - Deploy a Cloudflare WAF rule `http.request.uri.path eq "/xmlrpc.php"` to block at the edge, eliminating origin CPU load. - Disable XML‑RPC in WordPress (e.g., `add_filter('xmlrpc_enabled', '__return_false');` or via WP Multitool’s Frontend Optimizer, enabled by default in v1.1.19). Recommendations: monitor cache‑hit ratios, review top paths weekly, pre‑emptively block /xmlrpc.php, and rely on the REST API instead of XML‑RPC unless required (e.g., Jetpack mobile). This layered approach restores normal cache performance and prevents similar brute‑force floods.