HackerTrans
TopNewTrendsCommentsPastAskShowJobs

einshutoin

no profile record

Submissions

[untitled]

1 points·by einshutoin·hace 5 meses·0 comments

Show HN: A single security policy for both AWS CloudFront and Cloudflare Workers

1 points·by einshutoin·hace 5 meses·0 comments

[untitled]

1 points·by einshutoin·hace 5 meses·0 comments

Show HN: YAML-based security framework for CDN edge (CloudFront / Cloudflare)

github.com
1 points·by einshutoin·hace 5 meses·1 comments

Show HN: A Compiler for CDN Security (YAML to CloudFront/Workers/WAF)

npmjs.com
1 points·by einshutoin·hace 5 meses·1 comments

Show HN: Dockerized benchmark suite for Sharp vs. Lazy-Image (Rust-based)

github.com
2 points·by einshutoin·hace 6 meses·1 comments

Show HN: Lazy-image – Node.js image library with static binaries (Rust/NAPI)

github.com
7 points·by einshutoin·hace 7 meses·2 comments

comments

einshutoin
·hace 5 meses·discuss
I built a small OSS that lets you define CDN security rules in YAML and compiles them into edge JavaScript.

Motivation: - avoid config drift - make security rules reviewable - GitOps-friendly workflow

Looking for feedback from SRE / Platform engineers.
einshutoin
·hace 5 meses·discuss
Hello HN,

I built cdn-security-framework because I was tired of the "manual sync" problem between my security policies and my edge code.

Usually, you define security headers in one place, rate limits in another (WAF), and custom block logic in a JavaScript file. If you update one and forget the others, you create vulnerabilities.

This tool treats a single `security.yml` file as the Source of Truth and compiles it into: 1. AWS CloudFront Functions (JS) 2. Cloudflare Workers (TS) 3. AWS WAF Rules (Terraform JSON)

It generates the boilerplate code for security headers, method restrictions, normalizations, and even JWT validation logic (for Cloudflare), so you don't have to write raw edge functions by hand.

It's designed to play nicely with existing infrastructure—it can output WAF Rule Groups as JSON artifacts that you can import into your existing Terraform setup without taking over the whole state.

Repo: https://github.com/albert-einshutoin/cdn-security-framework NPM: https://www.npmjs.com/package/cdn-security-framework

I'd love your feedback on the schema design and the compilation logic.
einshutoin
·hace 6 meses·discuss
Hi HN,

I recently shared `lazy-image`, a Rust-powered Node.js image library meant to be a drop-in replacement for Sharp in serverless environments.

Some of you asked for reproducible benchmarks. So I built a Dockerized test environment with a React frontend to compare them side-by-side.

*Repo:* https://github.com/albert-einshutoin/lazy-image-test

*How to run:* 1. `git clone ...` 2. `docker-compose up --build` 3. Open `http://localhost:3001`

*What it tests:* - *Zero-Copy Conversion*: Where lazy-image shines (WebP/AVIF generation without resizing). - *Resize + Convert*: Standard use cases. - *Advanced Ops*: Where Sharp still wins (blur, crop, etc.) - included for fairness.

The app visualizes processing time (ms) and file size (bytes) for your specific hardware. I'd love for you to run it and tell me if my claims hold up on your machines!
einshutoin
·hace 6 meses·discuss
Currently, lazy-image does not support Cloudflare Workers.

lazy-image uses native modules (.node files) built with NAPI-RS, which cannot run in Cloudflare Workers' V8 Isolate environment (only WebAssembly or pure JavaScript are supported).

*Currently supported environments:* - Node.js 18+ environments (AWS Lambda, Vercel Serverless Functions, Google Cloud Functions, etc.) - Serverless environments where native binaries can execute

*Cloudflare Workers support:* - A WASM version is planned for v2.0

I appreciate your patience until v2.0 is released.
einshutoin
·hace 7 meses·discuss
[dead]