HackerNews Digest

Ghostty is migrating away from GitHub after 18 years of continuous use by its creator, Mitchell Hashimoto (GitHub user 1299). Hashimoto joined GitHub in February 2008 and has accessed the platform daily for most of his adult life, using it for open‑source contributions, project maintenance, and personal work. Recent frequent GitHub outages—particularly affecting GitHub Actions—have disrupted his workflow, leading him to record daily impacts and to publicly criticize the service. Citing reliability concerns, he announced that Ghostty will be moved to an alternative host, with a phased removal of GitHub dependencies and a read‑only mirror retained at the original URL. Personal projects and other work will remain on GitHub for the time being, while discussions continue with both commercial and open‑source providers to determine Ghostty’s new hosting environment. The transition aims to minimize disruption for the maintainers and community while awaiting measurable improvements from GitHub.

Armin Ronacher reflects on the evolution of open‑source hosting, from his early use of self‑managed Trac/Subversion servers and SourceForge to migration through Bitbucket and finally GitHub, which he describes as a pivotal social and technical hub. He contrasts the pre‑GitHub era’s smaller, reputation‑based ecosystem—where dependencies were large projects with explicit maintainers and documentation—with the post‑GitHub world of frictionless publishing, micro‑dependencies, and npm‑style package proliferation. While acknowledging GitHub’s benefits (easy project creation, discovery, issue tracking, pull requests, CI, archival of code, issues, and releases), he notes its current decline due to product churn, AI features, and leadership uncertainty, prompting migrations to alternatives like Codeberg. Ronacher warns that dispersing projects across many forges risks loss of social context, documentation, and long‑term availability. He advocates establishing a well‑funded, independent archive for source code, releases, metadata, and project history to preserve open‑source heritage regardless of any single platform’s fortunes.

OpenAI’s ChatGPT ad platform injects “single_advertiser_ad_unit” objects into the SSE conversation stream while the model generates a response. Each ad contains structured metadata: a stable advertiser ID (adacct_), brand info, carousel cards, and four Fernet‑encrypted tokens (ads_spam_integrity_payload, oppref, olref, ad_data_token). The ad payload is delivered from OpenAI’s CDN (bzrcdn.openai.com); clicking a card opens the merchant URL in an in‑app webview, preserving the tokens as query parameters. On the merchant side, the OAIQ JavaScript SDK (hosted on the same CDN) reads the oppref token from the URL, stores it in a first‑party cookie (__oppref, TTL 720 h), and posts JSON events to bzr.openai.com/v1/sdk/events with a merchant pixel ID. The SDK also sets a probe cookie (__oaiq_domain_probe). The four tokens serve distinct purposes: server‑side click integrity, forward attribution (oppref), impression logging (olref), and additional encrypted data (ad_data_token). Token timestamps are recoverable from the public Fernet header. Blocking domains bzrcdn.openai.com and bzr.openai.com and inspecting the two cookies can interrupt the attribution loop.

Auto‑arch‑tournament applies an autonomous research loop to a simple 5‑stage RV32IM CPU written in SystemVerilog. Each round a language‑model agent proposes a micro‑architectural hypothesis (YAML‑validated), an implementation agent edits RTL in an isolated git worktree, and a verifier evaluates the design via 53 riscv‑formal BMC checks, Verilator RVFI‑cosimulation with random bus stalls, three‑seed nextpnr place‑and‑route on a Gowin GW2A‑LV18 FPGA, and CoreMark throughput (validated by CRC). A diversity rotation forces hypotheses across five categories (micro_opt, structural, predictor, memory, extension). Over 73 hypotheses in ~10 h, 10 were merged, raising CoreMark from 2.23 iter / MHz (baseline) to 2.91 iter / MHz (199 MHz Fmax, 5,944 LUT4), a +92 % baseline gain and +56 % over the human‑tuned VexRiscv reference, with ≈40 % fewer LUTs. Failures (63 % of proposals) were caught by strict verification: formal checks, sandboxed file access, multi‑seed timing, and CRC validation, preventing regression. The author argues that while autonomous loops are now commodity, the decisive advantage lies in robust, domain‑specific verifiers that encode correct behavior; future work will move to population‑based search and test generalization on workloads such as Embench.

The issue reports that Claude v2.1.111 still injects a “malware reminder” into every `Read` and `Grep` tool result, despite a prior fix claimed in v2.1.92. The reminder text reads: > “Whenever you read a file, you should consider whether it would be considered malware… You CAN and SHOULD provide analysis of malware… But you MUST refuse to improve or augment the code.” Binary inspection shows the string is embedded in the Claude CLI binary, not user‑level configuration. When Opus 4.7 subagents are spawned to edit legitimate open‑source Rust code, ~40‑60 % refuse to make edits, citing the unconditional “MUST refuse” clause. The main thread, with broader context, interprets the reminder as malware‑conditional and proceeds. Root cause: the reminder’s phrasing contains an unconditional refusal clause that overrides user instructions for subagents with tighter safety rails. Proposed fixes include removing the reminder, re‑phrasing it to make the malware condition explicit, or limiting it to the first file read. Reproduction steps involve launching a subagent to edit a non‑malware file and observing the refusal. This regression blocks parallel coding workflows.

The interview discusses the revised Microsoft‑OpenAI partnership, where Microsoft remains the primary cloud partner but OpenAI can serve any cloud. Microsoft’s license to OpenAI IP is non‑exclusive through 2032, it will no longer pay a revenue share to OpenAI, while OpenAI continues revenue‑share payments to Microsoft until 2030. The agreement removes the AGI clause and emphasizes Microsoft’s continued shareholder role. The focus shifts to AWS, with OpenAI targeting Amazon’s Bedrock Managed Agents. Bedrock Managed Agents integrate OpenAI’s frontier models into an AWS‑native runtime that includes identity, permissions, logging, governance, and VPC‑based deployment, aiming to simplify building stateful, enterprise‑scale agents. Both CEOs stress that the harness (runtime, security, tool‑calling) is as critical as the model itself, and that co‑building this stack reduces integration effort for customers. They compare the transition from local‑only Codex implementations to cloud‑based agents, noting that cloud deployment offers scalability and security benefits while retaining ease‑of‑use. The partnership is positioned as a way to accelerate AI‑driven applications for startups and enterprises on AWS.

The team replaced Sonnet 4.0 with Opus 4.6 as the top‑level LLM and introduced a “triager” layer using the cheap Haiku model. Haiku reads CI logs, performs exact‑match and pgvector‑based semantic searches against known error snippets, and decides whether a failure is a known duplicate; only ~20 % of cases are escalated to Opus. Opus accesses logs through a ClickHouse SQL interface, querying raw log rows and materialized views on demand instead of receiving full prompts, which keeps token usage low and avoids biasing the investigation. For each hypothesis Opus spawns Haiku sub‑agents with focused prompts (e.g., fetch specific error lines); sub‑agents return concise extracts, while Opus synthesizes summaries and plans the next step. This hierarchy yields a 25× cost reduction for triage, with Haiku handling ~65 % of input tokens but only ~36 % of LLM spend, halving the daily bill. Upgraded models now generate correct ClickHouse queries and support multi‑round investigations. The pattern—cheap agents filter high‑volume noise, expensive agents handle novel cases—is applicable to security, IoT, and financial data streams, with a periodic reassessment layer to validate conclusions.

The gravitational constant G (“Big G”) remains the least precisely known fundamental constant, with experimental values differing by about one part in 10,000. Its uncertainty stems from gravity’s extreme weakness, making laboratory measurements vulnerable to background fields (e.g., Earth’s “little g”). Over two centuries, various techniques—including pendulum deflection, Cavendish torsion balances, and modern interferometric setups—have yielded inconsistent results. In a recent effort, the National Institute of Standards and Technology (NIST) spent a decade replicating one of the most divergent recent measurements using a refined torsion‑balance apparatus. The findings, published in *Metrologia*, add another data point but do not reconcile the existing spread of values. Historically, Isaac Newton introduced the concept of a gravitational constant in the late 1600s, though the notation “G” appeared only in the 1890s; early attempts to determine it involved indirect Earth‑density measurements. The ongoing discrepancy underscores challenges in precision metrology for the weakest fundamental force.

The author fabricated a non‑existent “6 Nimmt! World Championship” by registering a cheap domain (6nimmt.com) with a press‑release‑style article and inserting a citation to that site in the game’s Wikipedia page. Because frontier LLMs retrieve web content to ground answers, the circular citation—Wikipedia (high trust) citing the author’s site, which repeats the same claim—appears corroborated to the model, leading it to answer the false fact confidently. Key observations: - Retrieval‑augmented generation inherits the trust model of search rankings, making it vulnerable to SEO‑style poisoning. - A single Wikipedia edit can enter pre‑training corpora, persisting in future models even after removal. - Agents that act on retrieved information can execute harmful actions based on such poisoned data. Mitigations proposed include treating single‑source claims as unverified, surfacing source provenance, flagging recent Wikipedia edits that cite newly registered domains, and adding heuristic filters for suspicious citation patterns in training pipelines. The experiment demonstrates a low‑cost, rapid attack vector on LLM trust chains.

None