alt.hn

5/9/2026 at 2:01:40 PM

Show HN: Mochi.js: bun-native high-fidelity browser automation library

 https://mochijs.com/

by ccheshirecat

5/9/2026 at 4:31:38 PM

It's worth flagging that the homepage and the docs are both nearly unreadable on mobile. If you're going to have cheeky rhetoric like "no crumbs" please take the time to actually test the pages your LLM made for you in a bunch of different ways.

by bastawhiz

5/9/2026 at 5:21:27 PM

Reads fine for me. I’m getting a bit worn out with the number of ‘if you’re going to use an LLM then take the time to …’ posts. I’ve looked at plenty of HN submissions that don’t render at all on mobile and yes I found it frustrating but didn’t just attribute it to an LLM.

by jarym

5/9/2026 at 5:45:58 PM

Check the cards that are wrapped, along with the footer

by ramon156

5/9/2026 at 7:02:19 PM

They're nearly unreadable on desktop, too. The prose is incomprehensibly jargon-heavy, I literally have no idea what it's talking about.

by SwellJoe

5/9/2026 at 9:44:57 PM

I feel the same. I have no idea what “CDP” and “WAF” means in this context.

I feel awkward about all this probably-LLM-generated prose that does not respect me enough as a reader to explain acronyms and give context.

by david_p

5/10/2026 at 12:12:26 AM

hate to tag along on this take but i agree

"...browser automation framework..." was about all i understood

and even then it had me guessing if it was talking about an alternative e2e testing framework like cypress, selenium, playwright.....and somehow I was right lmao (i think?)

but literally all the other jargon there had me stumped. I'm still afraid to google

  a getParameter(0x9245) probe
Likewise, the text does come across to me as LLM heavy (with a spice of pizzazz), but even as a dev who uses playwright I doubt I would change after seeing this.

To OP: not convincing enough.

Maybe this is targeted towards super users who are deep in the weeds of various browser automation framework internals.

A better marketing approach towards someone like me who just uses this to test my apps e2e and be done with it, would be to have simple cliches like:

  "10x faster than playwright", 
  
  "Same API", 
  
  "Did we mention....SUPER FAST!?"
I might call bs on that, but I'd be more likely to try it out.

by BandButcher

5/9/2026 at 6:39:46 PM

bruh

by ccheshirecat

5/9/2026 at 6:41:31 PM

llm recommends using a desktop to view the site as typically that's also the form factor required to use the tool!

by ccheshirecat

5/9/2026 at 9:08:26 PM

Not true. One could be running a container on Android or iOS, accessing a machine remotely, or any number of other things. Best not to assume.

by LoganDark

5/9/2026 at 9:37:44 PM

I tried running the hello-mochi.ts and just modified the URL and removed the session closing:

- Trying to navigate to `https://deviceandbrowserinfo.com/are_you_a_bot` crashes it for some reason

- Trying to go to `https://grok.com` and the page doesn't render

I wished it actually worked because I use my own hand-rolled thin-wrapper over CDP and I would love for a more robust solution to avoid being detected, but man this does not inspire confidence.

by simjnd

5/9/2026 at 5:13:22 PM

> The entire DAG, fingerprint manifest schema, harvesting process, is documented. We even commit our live benchmarks to the public record (mochi on a Linux datacenter IP scored a suspect_score: 8 and bot: not_detected against FingerprintJS Pro v4).

Doesn't this defeats the purpose? Essentially giving away the mechanism to the ones implementing fingerprint so they can learn how to detect you and starting a cat/mouse chase in the open

There's a reason why some kinds of technology stay opaque, not always publishing these things help in the way you think they do

by hmokiguess

5/9/2026 at 6:50:09 PM

it's not that much of a black box when you can literally see the API's they call(albeit some with more effort than others), but i prefer not to engage in theatre..

by ccheshirecat

5/9/2026 at 8:51:42 PM

fair point, I was mostly referring to how certain things are only useful because they do not have wide adoption and pushing for adoption breaks their value (meaning widespread adoption leads to the other side catching up to it)

by hmokiguess

5/9/2026 at 7:50:23 PM

Off topic, but the name reminds me of mochikit and early JS library in the JQuery kind of area.

Mochikit got bundled with Turbogears an early Rails like Python framework. Rails inspired a lot of frameworks back then. Must be over 20yrs ago.

by antod

5/9/2026 at 6:21:40 PM

Forget all the fancy fingerprinting - sites that really care about blocking bots will detect that, in the first place, you are running a browser in debug mode. Does this tool prevent that?

by wavemode

5/9/2026 at 6:44:44 PM

Not this but I do have something along those lines if you're interested!

by ccheshirecat

5/10/2026 at 12:48:35 AM

what would that be? Heard good things about Camoufox

by arewethereyeta

5/9/2026 at 6:46:15 PM

"mochi.js is a Bun-native, raw-CDP browser automation framework. Pass a seed and a profile; get a relationally-coherent fingerprint that survives a getParameter(0x9245) probe. JIT-friendly inject payload, Chromium-native fetch (real Chrome JA4 by definition), behavioral synth on top of Bezier+Fitts. Leaves no crumbs. "

WTF are you talking about? This is incoherent?

by SwellJoe

5/9/2026 at 10:04:33 PM

I think this is saying it's: 1) A JS chromium browser automation API targeting Bun (uses Bun.* or "bun:*" apis) 2) Engineered to interact with webpages in a way that evades bot detection

by danscan

5/12/2026 at 11:06:22 AM

Everything about this smells of AI slop. The website, the website copy, the github repo, the README.md, even this announcement.

It's all slightly incoherent, and doesn't give me any trust in this project at all.

by saberience

5/13/2026 at 12:45:26 PM

[flagged]

by Maggie978

5/10/2026 at 9:02:48 PM

[dead]

by kumiko_studio

5/10/2026 at 5:48:55 PM

[dead]

by yulia_dev_la