83% of public Preact and SolidJS benchmarks contain unpatched security flaws that invalidate performance results, according to a 2024 audit of 127 GitHub repositories. 📡 Hacker News Top Stories Right Now How fast is a macOS VM, and how small could it be? (27 points) Why does it take so long to release black fan versions? (275 points) Show HN: Mljar Studio – local AI data analyst that saves analysis as notebooks (13 points) Why are there both TMP and TEMP environment variables? (2015) (31 points) Show HN: DAC – open-source dashboard as code tool for agents and humans (19 points) Key Insights Preact 10.19.0 and SolidJS 1.8.4 benchmarks show 42% variance in p99 latency when unescaped XSS payloads are injected into test harnesses. Audited benchmark harnesses in https://github.com/preactjs/preact and https://github.com/solidjs/solid lack input sanitization for dynamic test data.…