Show HN: Sphere v0.2 – a Rust-Based Package Hub and Runner for Portable Commands

4 hours ago 1

Show HN: Sphere v0.2 - A Rust-based package hub & runner for sandboxed, portable commands.

Hi, we’re Clein, Kelly, and Ronald – three developers from Kenya. We’re back with an update to Sphere, our open-source project aimed at making software execution simple, secure, and incredibly portable.

🔗 Link to GitHub Repository: https://github.com/Nakadra/sphere-runtime

🔗 Link to v0.2.0 Release Notes: https://github.com/Nakadra/sphere-runtime/releases/tag/v0.2.0

Remember the "it works on my machine" nightmare? We built Sphere on our phones (Android) to fix that problem. Sphere lets you define commands as single .sphere files using a simple TOML file and run it in a fresh, isolated sandbox every time.

⚡ But with v0.2, it’s no longer just a local tool. Introducing the SphereHub MVP!

You need a specific utility – say, an image resizer. Instead of installing complex libraries or debugging dependencies, you write this in your .sphere file:

# my-app.sphere entrypoint = "echo 'Resizing logo...' && image-tool --input logo.png --size 64x64; echo 'Done.'" [dependencies] image-tool = "com.cool-utils.image-resizer/v1.2.0"

Now, when you run sphere run my-app.sphere, Sphere checks your local cache. If the image-tool isn’t there, it automatically fetches it from our public SphereHub registry [https://github.com/Nakadra/sphere-hub-registry], cryptographically verifies the downloaded tool’s integrity using a SHA256 hash, then caches it locally, and runs from it.

No manual installs. No apt-get. No Dockerfiles for simple tools. It just works.

How SphereHub MVP Works (GitHub–Powered):

Use sphere publish my-tool.sphere. This command validates your .sphere file (it needs an id like com.yourname.my-tool/v1.0.0), prompts for author/description, computes a SHA256 hash, and then gives you clear instructions to create a pull request to our central nakadra/sphere-hub-registry. We review and merge, making your tool globally available.

The sphere run command handles the download, hash verification, and caching, ensuring you’re running only what was published.

Why This is a Big Deal (We Think!):

True Portability: Define once, run anywhere. No shared components.
Simplified Dependency Management: No more complex environment setups for common utilities.
Heightened Security: Hash verification + file system isolation (v0.3+ will add full sandboxing).
Open Source & Feedback Driven: We’ve been dogfooding it on our phones. Inspired by your feedback right here on Hacker News!
The Lightweight Shell Alternative: It’s a small Rust binary. No daemons, no layers, no heaviness.

The Vision: A Universal Compute Layer

This SphereHub MVP is the first step towards an ecosystem of truly portable, secure, and composable tools. Imagine deploying an entire serverless compute pipeline by units simply tagging together .sphere Lego bricks.

We’re building this in the open (MIT licensed) and are incredibly keen for your feedback. This is v0.2.0 – it’s early, but the core mechanism is there.

✅ Try it: Check out the v0.2.0 Release.

🔧 Contribute a Sphere: See the sphere publish output for how.

💬 Join the Discussion: Replace with your actual Discord link

What do you think? Is this a sane approach to a massive problem? We’re here to answer all your questions.

Thanks for your time!

— Clein, Kelly, & Ronald

🔗 GitHub Repo: https://github.com/Nakadra/sphere-runtime

Read Entire Article