I built an open-source site that lets students play games at school
https://michuscrypt.github.io/classroom20x-unblocked-games/

https://redd.it/1po9xau
@r_opensource

TSZ: Open-Source AI Guardrails & PII Security Gateway

Hi everyone! We’re the team at **Thyris**, focused on open-source AI with the mission **“Making AI Accessible to Everyone, Everywhere.”** Today, we’re excited to share our **first open-source product**, **TSZ (Thyris Safe Zone)**.

We built TSZ to help teams adopt LLMs and Generative AI safely, without compromising on data security, compliance, or control. This project reflects how we think AI should be built: open, secure, and practical for real-world production systems.

**GitHub:**
[https://github.com/thyrisAI/safe-zone](https://github.com/thyrisAI/safe-zone)

**Docs:**
[https://github.com/thyrisAI/safe-zone/tree/main/docs](https://github.com/thyrisAI/safe-zone/tree/main/docs)

# Overview

Modern AI systems introduce new security and compliance risks that traditional tools such as WAFs, static DLP solutions or simple regex filters cannot handle effectively. AI-generated content is contextual, unstructured and often unpredictable.

TSZ (Thyris Safe Zone) is an open-source AI-powered guardrails and data security gateway designed to protect sensitive information while enabling organizations to safely adopt Generative AI, LLMs and third-party APIs.

TSZ acts as a zero-trust policy enforcement layer between your applications and external systems. Every request and response crossing this boundary can be inspected, validated, redacted or blocked according to your security, compliance and AI-safety policies.

TSZ addresses this gap by combining deterministic rule-based controls, AI-powered semantic analysis, and structured format and schema validation. This hybrid approach allows TSZ to provide strong guardrails for AI pipelines while minimizing false positives and maintaining performance.

# Why TSZ Exists

As organizations adopt LLMs and AI-driven workflows, they face new classes of risk:

* Leakage of PII and secrets through prompts, logs or model outputs
* Prompt injection and jailbreak attacks
* Toxic, unsafe or non-compliant AI responses
* Invalid or malformed structured outputs that break downstream systems

Traditional security controls either lack context awareness, generate excessive false positives or cannot interpret AI-generated content. TSZ is designed specifically to secure AI-to-AI and human-to-AI interactions.

# Core Capabilities

# PII and Secrets Detection

TSZ detects and classifies sensitive entities including:

* Email addresses, phone numbers and personal identifiers
* Credit card numbers and banking details
* API keys, access tokens and secrets
* Organization-specific or domain-specific identifiers

Each detection includes a confidence score and an explanation of how the detection was performed (regex-based or AI-assisted).

# Redaction and Masking

Before data leaves your environment, TSZ can redact sensitive values while preserving semantic context for downstream systems such as LLMs.

**Example redaction output:**

john.doe@company.com -> [EMAIL]
4111 1111 1111 1111 -> [CREDIT_CARD]


This ensures that raw sensitive data never reaches external providers.

# AI-Powered Guardrails

TSZ supports semantic guardrails that go beyond keyword matching, including:

* Toxic or abusive language detection
* Medical or financial advice restrictions
* Brand safety and tone enforcement
* Domain-specific policy checks

Guardrails are implemented as validators of the following types:

* BUILTIN
* REGEX
* SCHEMA
* AI\_PROMPT

# Structured Output Enforcement

For AI systems that rely on structured outputs, TSZ validates that responses conform to predefined schemas such as JSON or typed objects.

This prevents application crashes caused by invalid JSON and silent failures due to missing or incorrectly typed fields.

# Templates and Reusable Policies

TSZ supports reusable guardrail templates that bundle patterns and validators into portable policy packs.

Examples include:

* PII Starter Pack
* Compliance Pack (PCI, GDPR)
* AI Safety Pack (toxicity, unsafe content)

Templates can be imported via API to quickly bootstrap new environments.

#

Architecture and Deployment

TSZ is typically deployed as a microservice within a private network or VPC.

**High-level request flow:**

1. Your application sends input or output data to the TSZ detect API
2. TSZ applies detection, guardrails and optional schema validation
3. TSZ returns redacted text, detection metadata, guardrail results and a blocked flag with an optional message

Your application decides how to proceed based on the response.

# API Overview

The TSZ REST API centers around the `detect` endpoint.

**Typical response fields include:**

* redacted\_text
* detections
* guardrail\_results
* blocked
* message

The API is designed to be easily integrated into middleware layers, AI pipelines or existing services.

# Quick Start

Clone the repository and run TSZ using Docker Compose.

git clone https://github.com/thyrisAI/safe-zone.git
cd safe-zone
docker compose up -d


Send a request to the detection API.

POST http://localhost:8080/detect
Content-Type: application/json

{"text": "Sensitive content goes here"}


# Use Cases

Common use cases include:

* Secure prompt and response filtering for LLM chatbots
* Centralized guardrails for multiple AI applications
* PII and secret redaction for logs and support tickets
* Compliance enforcement for AI-generated content
* Safe API proxying for third-party model providers

# Who Is TSZ For

TSZ is designed for teams and organizations that:

* Handle regulated or sensitive data
* Deploy AI systems in production environments
* Require consistent guardrails across teams and services
* Care about data minimization and data residency

# Contributing and Feedback

TSZ is an open-source project and contributions are welcome.

You can contribute by reporting bugs, proposing new guardrail templates, improving documentation or adding new validators and integrations.

# License

TSZ is licensed under the Apache License, Version 2.0.

https://redd.it/1pofbz1
@r_opensource

Open Source: Inside 2025’s 4 Biggest Trends
https://thenewstack.io/open-source-inside-2025s-4-biggest-trends/

https://redd.it/1poa89w
@r_opensource

domco@5.0.0 - use your favorite server framework with Vite
https://github.com/rossrobino/domco

https://redd.it/1poifko
@r_opensource

I look for an android app that allows me (with keywords) to follow a news trend through automated search on search engines. It exist?

I take the idea from a scene of mr robot the tv series but idk if it is a real app or my fantasies. I've tried RSS news aggregator but they bore me...this app that i've descrived is useful for important news only, for me, i don't want a lot of spam on my phone. Thank you!!

https://redd.it/1podjc4
@r_opensource

Built a tool to fix AI-generated spaghetti code 🍝

Hey guys,

When we use AI to generate code, it doesn't always follow our patterns (type vs interface, no console logs, no return await, etc.). We go fast but end up with cleanup work before merging.

I built TScanner to solve this for myself, a code quality scanner with custom rules. The key difference from ESLint/Biome: you can define rules via regex, noscripts (any language), or even AI prompts.

What makes it different:

VSCode extension with real-time feedback
Copy for AI button - paste issues into chat for bulk fixes
GitHub Action that validate issues in your PRs with clickable links
Registry so we can add and use custom rules from community

Community guidelines:

Open source / MIT
Cost: free

Project: https://github.com/lucasvtiradentes/tscanner

Would love to hear what you have to say!



https://redd.it/1pom6as
@r_opensource

🚀 Introducing Branch Desk: an Open Source Git Client for Everyone

Meet **Branch Desk**, a **cross-platform Git client** for **Windows, macOS, and Linux**, built to make Git workflows **faster, cleaner, and more intuitive** for developers of all levels.

✨ **What Branch Desk offers**

* 🧭 A **clean, intuitive interface** that keeps Git simple
* 🌿 Effortless **branch management**
* 🔀 Smooth **merges and conflict handling**
* 📝 Clear and readable **commit history**
* 🗂️ Easy **repository management**

🛠️ **Current status: In active development**
Branch Desk is still **under development**, and this is the perfect time to get involved. The foundation is being built, and the roadmap is open to ideas, feedback, and real-world developer needs.

⭐ If you like the idea, **leave a star**
💬 **Join the discussion**, share feedback, and help shape the **roadmap and goals**
🤝 Contribute ideas, issues, or code to make Branch Desk better for everyone

Open source means community-driven, and **your input can directly influence where Branch Desk goes next**.

Github: [https://github.com/Chenab-Tech/branchdesk](https://github.com/Chenab-Tech/branchdesk)

\#OpenSource #Git #DeveloperTools #BuildInPublic #BranchDesk

https://redd.it/1popzpq
@r_opensource

Open-source Subnoscription Renewal Tracker & SaaS Management Platform

I've been working on this open source SaaS Management System and thought it'd be handy to have the ability to email in your invoices, run them through AI to pull the information out, and then let you set reminders before the renewal. You can use it for free where I host it, or download the github repo

This is most useful for businesses because renewals can sneak up on you and cost a lot of money. You could use it for personal use too.

I built an agent that can be deployed on a Windows machine so there's a lot of flexibility with the codebase. I spun up an instance of GLPI and loved how comprehensive it was, but I kept coming back to building SasWatch.

I'm passionate about railing against the SaaS industrial complex, I hope you join me in our quest to reduce SaaS spend and shine a light on Shadow IT.

This post was written by a human, the code by an AI.

https://redd.it/1popwbi
@r_opensource

I built a tiny GPT from scratch (NumPy only) looking for feedback before I make a video

Hey everyone,
I put together a repo where I implemented a Transformer architecture aligned with the original “Attention Is All You Need” paper. I’m planning to record a video later where I’ll go through the whole thing in detail.

I think the architecture is very close to a professional-level implementation, but before recording the video I keep revisiting the code from time to time to make sure everything is conceptually solid and faithful to the paper.

Repo for anyone interested:
https://github.com/hsperus/minnak-gpt

One important note: I didn’t use PyTorch or TensorFlow. The implementation is based purely on NumPy. The idea was to stay close to the fundamentals, so most of the tensor operations and abstractions are built manually. You could think of it as a very small, custom tensor framework tailored for this Transformer.

I’d appreciate any feedback, especially on architectural correctness or anything you think I should review before turning this into a full video.

https://redd.it/1poto3i
@r_opensource

How to build community and find early birds?

Hi, occasionally I built small open-source apps, but they never get enough attention to keep me going and they end up in beta versions which I use myself. I
'm doing it in classic way: I built in public, record some youtube videos, I wrote some posts on reddit, but i got capped at like 10-15 stars on github and complete silence in terms of feedback or opened issues.

I kinda be able to built some personal 1-1 connections for my recent project, but in general picture is the same.


How do you approach "building community" step? I'm afraid i missing something, cuz writing on reddit or making a small video talks feels like talking to the wall.

What helped you to find first early birds for your open source project? Maybe there are specific channels i'm not aware of?

https://redd.it/1pou6y3
@r_opensource

Tokri - open-source DropShelf alternative for Linux & Windows
https://github.com/jarusll/tokri

https://redd.it/1povwz9
@r_opensource

My open source AI app builder ranked #2 Product of the Week — $0 marketing spend

Hey r/opensource 👋

I wanted to share a small win that I honestly didn’t expect.

I’ve been building an open source AI app builder, and before the public launch it already had \~2,800 users purely through organic interest. No ads, no paid influencers, and very minimal social media posting.

Last week, we officially launched and it ended up ranking #2 Product of the Week — again with $0 spent on marketing.

I’m sharing this mostly as encouragement for anyone debating whether open sourcing their project is “worth it.” In my case, it made all the difference.

If anyone’s curious, I’m happy to share the new repo, answer questions about the launch, or talk about what worked (and what didn’t).

https://redd.it/1pox309
@r_opensource

Docker just made hardened container images free and open source

Hey folks,

Docker just made **Docker Hardened Images (DHI)** free and open source for everyone.
Blog: [https://www.docker.com/blog/a-safer-container-ecosystem-with-docker-free-docker-hardened-images/](https://)

Why this matters:

* Secure, minimal **production-ready base images**
* Built on **Alpine & Debian**
* **SBOM + SLSA Level 3 provenance**
* No hidden CVEs, fully transparent
* Apache 2.0, no licensing surprises

This means, that one can start with a hardened base image by default instead of rolling your own or trusting opaque vendor images. Paid tiers still exist for strict SLAs, FIPS/STIG, and long-term patching, but the core images are free for all devs.

Feels like a big step toward making **secure-by-default containers** the norm.

Anyone planning to switch their base images to DHI? Would love to know your opinions!

https://redd.it/1poxo79
@r_opensource

GitHub - splatsdotcom/splatkit: Splatkit enables you to create and share high quality dynamic gaussian splats that build on the latest research.
https://github.com/splatsdotcom/splatkit

https://redd.it/1pp09pb
@r_opensource

The top 20 OSI-Approved licenses most frequently sought out by our community in 2025 based on number of pageviews.
https://opensource.org/blog/top-open-source-licenses-in-2025

https://redd.it/1pp3l4n
@r_opensource

Built a privacy-first finance tracker with client-side encryption — feedback + contributors welcome

Hi r/opensource — I’m Victor. I’m building Whisper Money, a self-hostable personal finance app designed to keep financial data private via end-to-end encryption (client-side encryption; server shouldn’t be able to read user data).

Repo: https://github.com/whisper-money/whisper-money

What it does (current direction):

- Expense tracking + categories
- Budgeting + reports/visualizations
- Self-hosting support
- Privacy-first: no ads/analytics/trackers (goal: none)

Security/privacy goal (high level):

- Encrypt data on the client, store only ciphertext on the server
- Minimize metadata exposure where practical

License note (important):

- The project is currently licensed CC BY‑NC 4.0 (non-commercial). I realize this is not OSI-approved and may not meet everyone’s definition of open source. I’m open to feedback here as well, and I’m trying to balance openness with preventing commercial re-hosting at this stage.

What I’m looking for:

1. Threat model review: key management, metadata leakage, backups, sync, auth/session handling
2. Security review of the crypto approach (at a conceptual level + code pointers if you spot issues)
3. Contributor help: docs, tests, deployment hardening, UX

If you have 5–10 minutes, I’d love feedback on:

- whether the README explains the security model clearly
- what you’d want documented before trusting a self-hosted finance tool
- any “must-fix” issues you spot

Thanks for taking a look.

https://redd.it/1pp47ai
@r_opensource

Nuon's Bring Your Own Cloud (BYOC) is open source

I am part of the Nuon team. Founder, Jon Morehouse, blogs today about why we open-sourced Nuon.

https://nuon.co/blog/oss-announcement/

Repo: nuonco/nuon

https://redd.it/1pp541k
@r_opensource

Anyone with smaller repos that want or need docs contributions?

I'm not looking for money. I just really, really like what I do, and I want to contribute to the open source community as a volunteer.

https://redd.it/1pp3ail
@r_opensource

[Wordpress Plugin] Vehicle Booking plugin
https://github.com/gnikolopoulos/vbs

https://redd.it/1pp8zyf
@r_opensource

The emptiness of being an open-source maintainer

I want to share a feeling that surprised me when it came out of my mouth.

I was replying to someone who suggested I set up a sponsorship or donation system for my open‑source project and my immediate response was that I don’t want the money. I truly meant it.

But later, while thinking about it, I realized something deeper was going on.

Working on this project often feels like jumping through my own hoops just to cheer at my reflection.

I set the goals. I define the standards. I push myself to improve the code, the docs, the tooling, the polish. And when something goes well, the applause comes from the same old downtrodden place: me. There’s pride in that. There’s also a deep and quiet emptiness.

At times it feels like solitude with a ringing edge to it, like tinnitus after fainting from vertigo and smacking your head on a granite slab. You come back to consciousness, you know you’re alive, but everything hums and wobbles and you’re alone with the noise. I see stars in the distance, yet they’re bad stars. Not guiding lights, just distant flashes that don’t warm anything. They feel a bit like feature PRs I didn't ask for, but still reviewed, then closed (wasting my time).😂

That’s why the sponsorship idea stuck with me.

It’s not about the money. I genuinely don’t care about being paid for this. What I realized is that donations could act as a signal or a reminder that I’m not the only one who cares evven when it often feels that way. A small, external “I see this, and it matters” instead of endless internal self‑validation.

Right now, motivation comes almost entirely from discipline and self‑belief. That works, but it’s brittle. It turns progress into a private performance. And over time, that becomes tiring in a way that’s hard to explain unless you’ve built something mostly alone.

For the open-source maintainers out there :
Do stars, issues, sponsors, or messages change how the work feels for you?
Do you rely solely on self-motivation?
Have you ever resisted donations, only to realize they weren’t really about money?

I’m not looking for answers as much as I’m looking for resonance. If this made sense to you, you’re probably one of the people I needed to hear from.

I need to take a break from working on my open-source source project, but I'm the only one who isn't hyper-focused on adjusting minor features that don't have much of an impact.😴

https://redd.it/1ppargf
@r_opensource