native macOS menu-bar app
pidlyse
Menu-bar killer for stray dev processes. It scans for orphaned test runners, idle servers, stale playwright-mcp instances, and zombie helpers — plus a Docker tab — and clears them in one click.
macOS 13+ · Apple Silicon · v1.0.0 · open source
Why it exists
I kept wedging my own machine with leftover local-dev infra. The last straw: two abandoned local Supabase stacks once pinned my Docker VM at roughly 100% host CPU for 19 hours before I noticed. Hunting stray PIDs by hand — lsof, ps, kill, repeat — got old fast.
So pidlyse lives in the menu bar and does the hunting: it surfaces the stray dev processes and Docker containers worth killing, and clears them on a click. Risk-tiered, surgical, never automatic.
Download
Get it, then verify it.
pidlyse ships as a signed DMG attached to each GitHub Release. Check the download against its published SHA-256 before you open it.
pidlyse.dmgv1.0.0
macOS 13+ · Apple Silicon
SHA-256
0a779d163c864e8e95c27b86dc53f21e78f8c6fa4116de56c063c154b6eae80dDownload pidlyse.dmg.sha256Verify the download matches its published checksum:
shasum -a 256 -c pidlyse.dmg.sha256A matching OK means the bytes are intact and untampered. Run it from the folder holding both files.
First launch on macOS
The DMG is ad-hoc signed but not yet Apple-notarized, so Gatekeeper will warn the first time you open it. This is expected for an indie build — not a sign anything is wrong.
- 1Drag pidlyse into Applications.
- 2Right-click (or Control-click) pidlyse → Open, then confirm Open in the dialog. macOS remembers the choice — subsequent launches are a normal double-click.
- 3Prefer no warning at all? Build from source — the repo's README has the steps.
Notarization is on the roadmap (pidlyse PID-030); once it lands this step goes away.
Safety
What pidlyse can touch.
It kills processes, so the boundaries matter. Here's exactly what it can and can't do — the same contract as the repo's Security section.
Runs as you — never root
No privilege escalation, no setuid helper, no sudo prompt. pidlyse can only touch processes your own user account already owns.
No network, no telemetry
pidlyse never opens a socket. Nothing is uploaded, logged remotely, or phoned home — it reads your local process table and acts on it, full stop.
Explicit-click kills only
Nothing dies on a timer or in the background. Every kill is a button you press — a graceful SIGTERM first, then SIGKILL only if the process ignores it after 2 seconds.
Narrow, injection-free shell-out surface
The handful of system commands pidlyse runs are fixed and argument-safe (no string-built shell, no user input interpolated into a command line) — a deliberately tiny attack surface.
Open source, all the way down.
Read the code, build it yourself, or open an issue. Same Flowtron workflow that scoped this site.