Show HN: Markdown HN profiles at {user}.at.hn (at.hn)
Very opportunistic toy project as I saw the domain was up for grabs: 'at.hn' is a little site where people can have their own subdomains for whatever their HN username is (opt-in only by adding a slug to your bio). It doesn't really do much. Just shows your HN bio rendered as markdown plus meta stuff. I'm thinking of adding an aggregated user listing on the homepage so people can explore profiles. There's a bunch of interesting people on HN but discoverability is a bit longwinded. I'm wondering what other features people want. Otherwise shall likely leave it as-is. I remember hnbadges was a thing for a while, but can't remember what happened to it. Did people like that? Anyway, at.hn's on github if people want to contribute. - https://github.com/padolsey/at.hn
168 comments
[ 2.6 ms ] story [ 161 ms ] thread> Internal Server Error 34
Cool idea though, will try again later.
Graceful? No. But simple? Yes.
Scrape every single username on HN to some local storage (even a file on disk would be enough, HN is relatively tiny), then lowercase all of them into a second column in the file. Refresh this file once per day.
Now you have a map of UserName <> username that you can use for lookups :)
If this slips of the first page, I hope you get to resub when things are a little more stable.
Btw what do you mean by > Note: Outgoing links are rel=nofollow unless you're >200 karma (anti spam)?
I guess the links aren't hyperlinked or something?
> nofollow is a setting on a web page hyperlink that directs search engines not to use the link for page ranking calculations.
Some libraries for doing that with good defaults:
- https://github.com/cure53/DOMPurify
- https://github.com/apostrophecms/sanitize-html
- https://github.com/bevacqua/insane
(right now your site looks vulnerable to XSS)
Ah, I bet you discovered that subdomains aren't case-sensitive while HN usernames are case-sensitive, didn't you? :)
> That username conflicts with an existing one. Names are case-insensitive. Please choose another.
https://news.ycombinator.com/user?id=Retr0id - 200
https://news.ycombinator.com/user?id=retr0id - 404 (Edit: 200 now?)
The firebase API on the other hand remains case-sensitive:
https://hacker-news.firebaseio.com/v0/user/Retr0id.json => full response
https://hacker-news.firebaseio.com/v0/user/retr0id.json => null
- https://news.ycombinator.com/threads?id=Retr0id - Works
- https://news.ycombinator.com/threads?id=retr0id - Doesn't work
Which somehow I guess the API is using.
[0] https://github.com/keybase/keybase-issues/issues/939
I really like this. It’s respectful of people’s wishes to not be added to any random site, and at the same time the way to give consent advertises the service.
Ethical and effective business practice? Yes, please. If only all things posted to HN were like this.
PS: It says something about my disillusionment with most software projects these days that I have nothing but praise to give to this one, yet all the while I can’t shake the feeling of “I hope I don’t regret those words”. Anyway, that’s a “me” problem. Congratulations on the launch, and best of luck.
My disillusionment is I don't trust any of you. My devices have so few apps, that it could almost be mistaken for a clean install. In coding, I use very few libraries because I don't trust anyone. I don't have time to read all of the code of the dependencies. Also, by using libraries, I don't learn how to do what is needed to be done. I hate black boxes. Between bad packages including malicious/bad dependencies in an otherwise acceptable package or flat out devs pushing something that looks useful for the sole purpose of pushing bad code, it's just not worth my time.
Not sure if disillusionment is the right word though. It's close, but the lack of trust doesn't come through.
> To opt-in, paste "{your username}.at.hn" anywhere in your profile's 'about' section.
"2. Go to https://{username}.at.hn?refresh." did the trick.
The GDPR does not apply "in the course of a purely personal or household activity and thus with no connection to a professional or commercial activity" [1].
However, that does not extend to generally sharing the information on the internet [2] as that's no longer purely personal.
[1] https://gdpr-text.com/read/recital-18/
[2] https://law.stackexchange.com/questions/92229/what-does-hous...
What's weird is there seems to be no such exclusion for personal information which does not relate to special categories.
Having this 'opt-in' certainly seems to tick the box for consent.
However, if reproducing information from a publicly available bio would fall foul of GDPR requirements, then I think there are bigger fish to fry than a hobby project made by a guy who at least seems to trying to respect people's preferences.
If a user removes the reference from their bio, then the user's profile will be essentially inaccessible through the service (although technically the cached version would still be on the server. Adding a check to delete the file which matches the user's hashed ID here[0] would take care of profile deletions on subsequent accesses.
Failing all that, a user could request deletion and OP could delete the user's file manually.
There's nothing that seems overly onerous to implement to be (at least) GDPR compliant.
[0]https://github.com/padolsey/at.hn/blob/d4ca6702c558edf736652...
Cool project.
the only hesitation is how stable is the 'hn' TLD?
Edited for ID10T too early in the morning issue
But probably sufficient for a project like this.
- The first bullet point does not seem to be recognised (on your profile and mine). - webp images do not work?
Sad that you are a party pooper tho! I was being nice and warned you and here you are, removing the fun.
(Using Firefox)
EDIT: nvm I see my sibling comment just now.
https://tldes.com/hn
https://tld-list.com/tld/hn
Renewal and registration fees seems to be the same, so it's not bad.
+ the rest of the ~20 organizations/domains being called from that page: https://i.imgur.com/CYSDJp0.png
https://dang.at.hn/
https://news.ycombinator.com/user?id=dang
Unless of course he added it, and later removed it?
> To opt-in, paste "{your username}.at.hn" anywhere in your profile's 'about' section.
Is slightly incorrect, I think.
Everyone seems to visible by default, opted-in or not.
However, the ?refresh thing is locked down so you need to opt-in before. But by default, every user page is accessible on at.hn, even if you don't have the link in your profile.
Surprised to see one of these kinds of sites be opt-in. Most things I see using HN data are real loosey goosey about it.
Maybe you could provide that service for a small fee.
https://github.com/runvnc/hncomments
select * from `bigquery-public-data.hacker_news.full` where `by` = 'ilaksh' and type = 'comment' order by timestamp desc
EDIT: seems this is out of date
https://news.ycombinator.com/item?id=40634899
https://hn.algolia.com/api/v1/search?tags=author_ilaksh,comm...
You'll need to paginate it, as it's limited to 50 results per page, like so:
HN has API.
To be honest I don't remember what the exact status is; it should work because I have a large TOML file with all my comments. But I don't recall if there's anything "TODO" or if I just forgot to publish it.
Need to put your cookie in the variable at the top.
https://gist.github.com/arp242/4f88069cdc8166d21aa26daac7ffe...
https://news.ycombinator.com/threads?id=ilaksh
Is it just that you want to host it on your own domain?
Please remember that users gave a license to their content only to HN, not everyone. Using their data without their consent might come afoul of copyright laws.
I suggest reading the legal print: https://www.ycombinator.com/legal/
> By uploading any User Content you hereby grant and will grant Y Combinator and its affiliated companies a nonexclusive, worldwide, royalty free, fully paid up, transferable, sublicensable, perpetual, irrevocable license to copy, display, upload, perform, distribute, store, modify and otherwise use your User Content for any Y Combinator-related purpose in any form, medium or technology now known or later developed.
It says here I grant Y combinator (and its affiliated companies; hm...) a licence, not that I grant it to some rando with a scrapper (or using an API). Anyone that's not Y combinator (and its affiliated companies; hm....) that's using my content posted here is doing so without any licence to do so from me, potentially violating my copyright rights.
We're talking about Hacker News, not Instagram.
>It says here I grant Y combinator (and its affiliated companies; hm...) a licence, not that I grant it to some rando with a scrapper (or using an API).
And yet Hacker News has an API and plenty of people use it, implying that Hacker News considers the use of its own API to be valid within the context of its "license" and by extension any application also using the API.
Feel free to lawyer up and sue, though, and let us know how it goes. I don't think it'll go as well as you seem to believe.
The mere fact the API exist doesn't necessarily mean it's legal or that it respect copyright laws. It just means nobody legally tested it yet.
My suspicion is that a licence granted to entity only extends to that entity, even if that entity provides content via html or json.