WingNews logo WingNews
top | item 46976402

Lessons learned building a Node.js malware scanner to 400 stars (Open Source)

1 points| alrjoe | 19 days ago

Hi Hacker News — I’m the maintainer of pompelmi, a Node.js malware-scanner library/CLI for protecting file uploads. One thing I learned the hard way: stars come from consistency, not a 3-day promotion sprint. It took me ~2 months to reach the first 100 stars, with daily outreach and steady shipping. Crossing 400+ happened after repeating the same loop over and over. What worked for me Daily, honest promotion (but not spam): sharing progress on communities like Reddit, Dev.to, etc. Not “look at my repo”, but “here’s a real problem + what I built + what I learned”. Newsletter outreach after the first traction (100–200 stars): I started emailing code newsletters asking for feedback and whether it was a fit. Law of big numbers: send 50, maybe 5 reply, maybe 2 feature you — but those 2 can change everything (I had noticeable star spikes). Ship constantly: I tried to release at least a small update weekly (or every ~2 weeks). Even micro-releases keep momentum and help credibility. Website + docs + demo: I built a small blog site explaining the approach and implementation details, and a demo site so people can try the product quickly without setup friction. README polish matters: badges (coverage, downloads, etc.), clear snippets, diagrams/flowcharts, and translations. It’s basically your landing page. Ask for contributors (clearly): once the project was stable enough, I added contributor guidance so people could help without needing a lot of hand-holding. Biggest lesson Patience beats hacks. If you keep improving the product and making it easy to understand/try, the distribution channels start working for you instead of you pushing forever. Repo: https://github.com/pompelmi/pompelmi� Happy to answer questions about outreach, docs, what I’d do differently, or what I’m building next.

2 comments

order

petercooper|18 days ago

I want to congratulate you on your efforts, but with some pointers. Don't automate so much, and take care over presentation. Like this post, for example, which renders as a wall of text on HN.

I was also about seven of the newsletters you sent emails to, all in the same format, one after another ;-) I didn't reply this time as we actually featured you way back in September already.

alrjoe|17 days ago

Thanks for the support! Yeah, you are right, I should stop automation and try to make some more high quality post to promote it.

And sorry for sending you so many emails.