Meta sent the Heretic project a legal notice. A mainstream outlet called it “aiding terrorists.” So its maintainer shipped a feature that fits an entire uncensored AI model into a 9-kilobyte text file you can keep thousands of on your phone without noticing.
The file stores the recipe, not the weights, and rebuilds the model in about a minute. Ten models already deleted from Hugging Face now survive nowhere else.
In today’s indie hacker news:
- 🏴☠️ An entire banned AI model now backs up as one text file
- 📚 One line of valid CSS silently corrupts your book on every Kobo
- 🕸️ A free GraphRAG stack beats plain vector search on multi-hop questions
- 💸 A Reddit auto-reply bot’s revenue proves its own sales pitch
- 🗂️ A Go binary clones any website into an offline archive
TOP STORIES
THE MODEL THAT FITS IN A TEXT FILE
🏴☠️ Heretic 1.4’s Grimoire backs up an entire abliterated model as a 9KB recipe file
The story: Heretic is Philipp Emanuel Weidmann’s open-source CLI that strips safety alignment off transformer models with directional ablation, no retraining. Version 1.4, announced on r/LocalLLaMA, adds the Grimoire: a reproduce.json that records the exact transformation instead of the multi-gigabyte weights. Weidmann is blunt about why now. “Given the enormous amount of unpleasant attention Heretic has received from powerful entities recently, I prioritized project resilience for this release.”
The details:
heretic --collect-reproducibles my_grimoirepulls every public recipe into one append-only folder. Restoring a model withheretic --reproducetakes roughly a minute.- Contributor Vinay Umrethe already runs a companion tracker that catalogues these salvaged recipes, ten of them and counting.
- The release also ships LoRA export, a Matrix room, redundant Git mirrors, and every build pinned to IPFS with CIDs in the post.
- Abliteration barely dents quality: a Gemma-3-12B variant scores 67.8% on MMLU versus 68.2% for the original, a 0.16 KL divergence.
Why builders care: This is git for model weights: a 50GB download collapses to something you can paste into a gist. If you ship anything on open weights, one --collect-reproducibles run is free insurance against a platform pulling your base model overnight. The takedown wave that hit Fable 5 last week is exactly the threat model, and the same trick works for any fine-tune, not just uncensoring.
Clone your voice once. Ship every video without re-recording. ElevenLabs Pro trains a voice clone in 30 minutes that sounds like you on every long-form, Short, and podcast you ship. We narrate every video on this newsletter with it. Beats hiring a VO artist on Fiverr or settling for a default TTS bot.
We get a cut if you sign up. Only added for tools we use ourselves.
YOUR VALIDATOR LIED TO YOU
📚 One line of valid CSS makes a compliant EPUB read as corrupted on every Kobo
The story: Indie author André Klein shipped an EPUB3 that passed epubcheck 3.3, the format’s gold-standard linter, then watched it die on every Kobo he owned. The culprit was one declaration: max-width: min(150px, 30vw). The min() math function is valid CSS, but Adobe’s RMSDK, the engine Kobo licenses for rendering, never learned it and dumps the whole book on contact.
The details:
- RMSDK’s CSS support is frozen around 2013. No grid, no flexbox, no custom properties, no math functions.
- It fails silently. No error, just a white screen in Adobe Digital Editions and a “corrupted file” notice on the device.
- CSS has required engines to ignore unknown declarations since 1996, so this breaks a 30-year-old rule, one HN commenter noted.
- The same file opened fine on Kindle, Apple Books, and Thorium. Only RMSDK-based readers choked.
Why builders care: Passing the official linter for your format guarantees nothing about the runtime your customer actually uses, especially when a third party freezes that runtime for DRM reasons. Treat the dominant closed reader as your real spec: open every build in Adobe Digital Editions before you sell it. Kobo is reportedly rebuilding off RMSDK, but the installed base won’t get that fix, so that frozen ceiling is yours to code under today.
SKIP THE VECTOR-ONLY RAG
🕸️ GraphRAG Studio fuses BM25, vectors, and graph traversal to beat flat vector search
The story: GraphRAG Studio is a full-stack Django and React app that builds a knowledge graph from raw text, then answers questions by combining keyword search, dense vectors, and graph hops behind a reranker. Builder mohammad-majoony posted the walkthrough on r/MachineLearning with a sharp example: “Who ordered the execution of Sansa’s father, and how did that person eventually die?” Flat vector search whiffs because the answer lives in disconnected chunks. Walking Sansa to Ned to Joffrey to the poisoning bridges them.
The details:
- Indexing uses spaCy for entity extraction and NetworkX for the co-occurrence graph, skipping the LLM-per-chunk cost that makes Microsoft’s GraphRAG expensive to run.
- Query time stacks BM25 plus dense retrieval, pulls graph neighbors, fuses them with Reciprocal Rank Fusion, then reranks with a cross-encoder.
- It’s model-agnostic over any OpenAI-compatible endpoint, so you can point it at Ollama or Groq instead of a paid API.
- The frontend ships an interactive force-directed graph so you can see the retrieved subgraph, not just trust it.
Why builders care: Microsoft’s version proved graph retrieval lifts precision up to 35% over vectors alone, but the indexing bill scared off solo builders. This clones the win without that tax, MIT-licensed with a working UI you can fork this afternoon. Fair warning: it’s nine days old with almost no traction, so read it as a reference architecture to study, not a dependency to pin.
THE REDDIT BOT THAT PAYS RENT
💸 A bootstrapper crossed $16K total with a Reddit lead-gen bot and shared 20 lessons
The story: Tydal watches subreddits around the clock and auto-replies to threads where its user’s product fits, hunting leads for SaaS founders. Its solo maker posted 20 lessons to r/microsaas and linked Stripe proof: $15,757 lifetime, which he rounds to $16K. He grew it by posting on Reddit before he ever bought an ad.
The details:
- Live numbers, Stripe-verified: $2,189 MRR from 81 subscribers on the single $29/month plan, roughly $26K annualized.
- His sharpest tip cuts against the build-in-public grain: “you earn the right to paid ads by getting organic marketing to work first.”
- He credits a 7-day free trial for banking the early testimonials that compounded into later sales.
- On the cold start: “getting your first paying customers is the hardest part by far. do things that don’t scale to get them.” He built it nights while keeping a 9-5.
Why builders care: A Reddit-automation tool that grew on organic Reddit is the cleanest possible proof the channel converts. The lesson is the sequencing: make one acquisition channel work by hand before you pay to scale anything, and use a free trial as a testimonial machine, not a discount. It’s $2K MRR, not a rocket, but it’s real, verified, and built on the side.
TRENDING TODAY
🎙️ Solo founders are pricing real-time voice before they launch - A self-funded engineer building a spoken-English tutor hit a 300-concurrent-user wall on WebRTC media nodes and asked r/startups for SFU and MCU cost patterns before chasing credits or funding. Voice founders now model the economics of real-time audio up front, because a media server bill scales with every concurrent session and can quietly outrun the subscription revenue.
🪧 Reddit’s daily “drop your project” threads split builders down the middle - A “drop your project” post from u/adonztevez topped r/SideProject, and a same-day companion post asked why these threads multiply daily. Some builders reported real traffic. Others called it visibility theater that farms comments more than it sends clicks. Both can be true: it’s free distribution when your link lands early and dead weight when you’re reply number 200.
🤖 Founders keep ghosting the agency quote for a 40-minute AI build - Two posts the same day: a candle-shop owner skipped a $2,400, three-week quote for a live 5-page storefront in 40 minutes, and a team with nine days of runway dodged a $4,200-plus bid the same way. Describe it in a paragraph, let a cloud agent build, publish in one click. The honest tradeoff both flagged is less design control than Framer in exchange for zero learning curve.
FIRST DOLLAR
💵 A Mac dictation app made $2,184 in 30 days on a lifetime license - u/KOPONgwapo posted a revenue screenshot for Yappa, an on-device macOS dictation app that types at about 220 WPM and strips filler words. It undercuts subscription rivals like Wispr Flow with a one-time price starting at $19 per Mac. The post pulled 165-plus upvotes and 82 comments, and the maker credits the lifetime model for the early cash flow that a free trial alone wouldn’t have produced.
STACK OF THE DAY
🗂️ Kage - A single Go binary that clones any website into a fully browsable offline copy with the JavaScript stripped out. It can emit a plain folder mirror, a Kiwix-compatible ZIM archive, or a self-contained executable that serves the site with zero dependencies. It respects robots.txt, maps URLs to paths deterministically, and resumes interrupted crawls. 754 stars, MIT-licensed, and handy for offline docs, flaky-WiFi travel, or archiving a wiki before it rots. HN flagged the readme as maybe AI-written, so audit the binary before you point it at anything live.
Not sponsored. We just feature tools builders would actually use.
BOOKMARKED TODAY
🇧🇷 Rio’s “homegrown” city LLM looks like a model merge - Community investigators dug into Rio de Janeiro’s government-backed Rio-3.5-Open-397B and found signs it’s a merge of existing models, not trained from scratch (302 HN points). A reminder to verify provenance before you trust any institution’s “we built our own AI” claim.
⚡ Zeroserve’s Caddy mode hit 3x throughput and 70% lower latency - A benchmark write-up on adding Caddy compatibility to zeroserve, with real numbers (164 HN points). Worth a look if you’re weighing reverse-proxy and file-server combos for a self-hosted setup.
🧱 AI is code, and you can’t prompt it into being smarter - A contrarian Register essay arguing models are code with fixed ceilings, so prompt-tuning only takes you so far (110 HN points). Useful if you’ve been pouring hours into prompts that a better base model would solve for free.
Ship to one country, QA it from another. Geo-fenced Stripe checkouts, region-gated APIs, feature flags that only fire in EU. NordVPN's 6,400+ exit nodes across 110+ countries let you test a US-only paywall from EU or hit a EU-only checkout from SF. Bonus: free Meshnet for SSH across your devices.
We get a cut if you sign up. Only added for tools we use ourselves.
Curated by AI, built by a human. Reply with what you’d change. Want this in your inbox daily? Subscribe here.