native macOS menu-bar app
Pidlyse
Menu-bar killer for stray dev processes. It scans for orphaned test runners, idle servers, stale playwright-mcp instances, and zombie helpers — plus a Docker tab — and clears them in one click.
macOS 13+ · Apple Silicon · open source
Why it exists
I kept wedging my own machine with leftover local-dev infra. The last straw: two abandoned local Supabase stacks once pinned my Docker VM at roughly 100% host CPU for 19 hours before I noticed. Hunting stray PIDs by hand — lsof, ps, kill, repeat — got old fast.
So Pidlyse lives in the menu bar and does the hunting: it surfaces the stray dev processes and Docker containers worth killing, and clears them on a click. Risk-tiered, surgical, never automatic.
Download
Get it, then verify it.
Pidlyse ships as a signed DMG attached to each GitHub Release. Check the download against its published SHA-256 before you open it.
Pidlyse.dmg
macOS 13+ · Apple Silicon
SHA-256
Published with each release as Pidlyse.dmg.sha256. Download both the DMG and the checksum file, then run:
Verify the download matches its published checksum:
shasum -a 256 -c Pidlyse.dmg.sha256A matching OK means the bytes are intact and untampered. Run it from the folder holding both files.
First launch on macOS
The DMG is ad-hoc signed but not yet Apple-notarized, so Gatekeeper will warn the first time you open it. This is expected for an indie build — not a sign anything is wrong.
- 1Drag Pidlyse into Applications.
- 2Right-click (or Control-click) Pidlyse → Open, then confirm Open in the dialog. macOS remembers the choice — subsequent launches are a normal double-click.
- 3Prefer no warning at all? Build from source — the repo's README has the steps.
Notarization is on the roadmap (pidlyse PID-030); once it lands this step goes away.
Safety
What Pidlyse can touch.
It kills processes, so the boundaries matter. Here's exactly what it can and can't do — the same contract as the repo's Security section.
Runs as you — never root
No privilege escalation, no setuid helper, no sudo prompt. Pidlyse can only touch processes your own user account already owns.
No network, no telemetry
Pidlyse never opens a socket. Nothing is uploaded, logged remotely, or phoned home — it reads your local process table and acts on it, full stop.
Explicit-click kills only
Nothing dies on a timer or in the background. Every kill is a button you press — a graceful SIGTERM first, then SIGKILL only if the process ignores it after 2 seconds.
Narrow, injection-free shell-out surface
The handful of system commands Pidlyse runs are fixed and argument-safe (no string-built shell, no user input interpolated into a command line) — a deliberately tiny attack surface.
Open source, all the way down.
Read the code, build it yourself, or open an issue. Same Flowtron workflow that scoped this site.