Bonum Certa Men Certa

Links 06/09/2023: Istio 1.19.0 and Arti 1.1.8



  • GNU/Linux

  • Distributions and Operating Systems

    • New Releases

    • Gentoo Family

      • GentooMy thin wrapper for emerge(1)

        I’ve recently written a thin wrapper over emerge that I use in my development environment. It does the following: [...]

    • SUSE/OpenSUSE

      • SUSE's Corporate BlogGetting granular on GCC 12

        Once again, experts from our SUSE toolchain development team (Jan Hubička, Michael Matz, Richard Biener) led by Martin Jambor have joined forces with Brent Hollingsworth from AMD, to publish a new SUSE Best Practices guide. >

      • OpenSUSESurvey Reveals Community Preferences for openSUSE's Future Direction

        The openSUSE contributor community recently completed a comprehensive survey last week aimed at determining the project’s future direction. The results were obtained from 327 respondents, and it sheds some light on various aspects of openSUSE’s development, deployment and upgrade plans.

        A pdf of the survey can be found on the openSUSE Wiki.



        [...]

        I'd prefer no Leap replacement and just use Tumbleweed: 15.29%

        The results of this comprehensive survey offer a clear snapshot of the openSUSE community’s preferences and priorities, which will undoubtedly influence the project’s future direction.

    • Arch Family

      • DebugPointManjaro 23 "Uranos" Delivers Exciting Updates

        Manjaro, the user-friendly Arch-based Linux distribution, has just released its latest version, Manjaro 23, codenamed "Uranos". Since the release of Talos in April 2023, the Manjaro team has been diligently working to bring you this exciting update. In this article, we'll recap the key features and improvements you can expect in Manjaro 23 across various desktop environments.

    • Fedora Family / IBM

      • Announcing Istio 1.19.0

        We are pleased to announce the release of Istio 1.19. This is the third Istio release of 2023. We would like to thank the entire Istio community for helping get the 1.19.0 release published. We would like to thank the Release Managers for this release, Kalya Subramanian from Microsoft, Xiaopeng Han from DaoCloud, and Aryan Gupta from Google. The release managers would specially like to thank the Test & Release WG lead Eric Van Norman (IBM) for his help and guidance throughout the release cycle. We would also like to thank the maintainers of the Istio work groups and the broader Istio community for helping us throughout the release process with timely feedback, reviews, community testing and for all your support to help ensure a timely release.

      • Istio 1.19.0 Change Notes
        Deprecation Notices

        These notices describe functionality that will be removed in a future release according to Istio’s deprecation policy. Please consider upgrading your environment to remove the deprecated functionality.

      • Istio 1.19 Upgrade Notes

        When you upgrade from Istio 1.18.x to Istio 1.19.x, you need to consider the changes on this page. These notes detail the changes which purposefully break backwards compatibility with Istio 1.18.x. The notes also mention changes which preserve backwards compatibility while introducing new behavior. Changes are only included if the new behavior would be unexpected to a user of Istio 1.18.x.

        Use the canonical filter names for EnvoyFilter

        If you are using EnvoyFilter API, please use canonical filter names. The use of deprecated filter name is not supported. See the Envoy documentation for further details.

        base Helm Chart removals

        A number of configurations previously present in the the base Helm chart were copied to the istiod chart in a previous releases.

        In this release, the duplicated configurations are fully removed from the base chart.

        Below shows a mapping of old configuration to new configuration: [...]

      • Packit Team: Call for volunteers: help to test us the release syncing using staging instance

        In the upcoming months, we plan to migrate our service to a new cluster. However, this may affect propose_downstream and pull_from_upstream jobs due to the new firewall rules. The problematic aspects could be:

        • commands you run in your actions during syncing the release involving interactions with external servers
        • downloading your sources from various hosting services (crates.io, npm, gems, etc.)

        To smoothen this transition, we kindly encourage you to enable one of these jobs on our already migrated staging instance. This recommendation is particularly important if you belong to one of the groups affected by the two previous points. This proactive step will help us identify and address any issues promptly.

        Both instances can be run at the same time and the behaviour can be configured via the packit_instances configuration key, which is by default set to ["prod"].

      • CentOSCentOS Hyperscale SIG Quarterly Report for 2023Q2

        This report covers work that happened between April 4th 2023 and August 31st 2023. For previous work, see the 2023Q1 report. Purpose The Hyperscale SIG focuses on enabling CentOS Stream deployment on large-scale infrastructures and facilitating collaboration on packages and tooling. Membership update Since the last update, the SIG gained four new members (Raymond Colebaugh, […]

    • Canonical/Ubuntu Family

      • OMG Ubuntu Ubuntu 23.10 Mascot Art, Default Wallpaper Revealed
        Ubuntu 23.10’s default wallpaper and mascot artwork draws heavily on the motifs afforded to it by its mythological moniker – to a greater degree than I think many of us had expected.

        Most Ubuntu mascot artwork has, during the past 5 years or so, been fashioned from geometric shapes, simplistic lines, or concentric circles. But Mantic is a far more complex beast. The ‘bull’ head is present but it is not as linearly distinct as mascots past.

        Instead, Ubuntu’s designers have chosen to encapsulate the mascot image within a maze1, rather than a labyrinth like the Minotaur of legend. It’s still a clever intertwining and creates a conceptually bold centerpiece for the wallpaper – ancient and classical yet modern and dynamic...

    • Open Hardware/Modding

      • HackadayRaspi-Powered Typewriter Is A Real MUSE

        Thanks to parenting and life in general, [Brendan] had fallen out of the habit of writing and wasn’t happy about it. If you write anything ever, you already know there are endless distractions when it comes to doing so on a computer. Sure, there always typewriters, but it’s difficult to do anything with the fruits of a typewriter other than scan it in or make copies, and it’s basically un-editable except by hand.

      • Tom's HardwareRaspberry Pi Projects: September 2023

        These are the best Raspberry Pi projects we’ve had the honor of covering over the last month for September 2023.

      • HackadayJenny’s Daily Drivers: Raspberry Pi Desktop

        One of the more exciting prospects upon receiving one of the earliest Raspberry Pi boards back in 2012 was that it was a fully-functional desktop computer in the palm of your hand. In those far-off days, the Debian OS distro for the board wasn’t even yet called Raspbian, but it would run a full-on desktop on your TV and you could use it after a fashion to browse the web or do wordprocessing. It wasn’t in any way fast, but it was usable enough to be more than a novelty. I’ve said before on these pages that the Raspberry Pi folks’ key product is their OS rather than their computers. While they rarely have the fastest or highest spec hardware, you can depend on Raspberry Pi OS being updated and supported through the life of the board unlike many of their competitors. I can download their latest OS image and still run it on that 2012 board, which to me ranks as a very laudable achievement.

      • Linux GizmosLibre Computer showcases low-cost SBC with PoE support

        Yesterday, Libre Computer unveiled a new variant of the Le Potato Single Board Computer launched a few years ago. The new Sweet Potato board is also based on the Amlogic S905X SoC as its predecessor, but targets commercial and consumer applications instead.

      • ArduinoThis gargantuan 3D-printed robot hand is just the beginning

        Ivan Miranda has a humble dream: he wants to build a massive 3D-printed robot that he can ride upon. In other words, he wants a mech. But that is obviously a very challenging project that will take an incredible amount of time and money.

      • ArduinoBipedal robot walks with a single motor

        A popular goal among roboticists is animal-like locomotion. Animals move with a fluidity and grace that is very hard to replicate artificially. That goal has led to extremely complex robots that require a multitude of motors and sensors, along with heavy processing, to walk. But even those don’t quite match biological movement.

      • HackadayStreaming Video From An ESP32

        The ESP32, while first thought to be little more than a way of adding wireless capabilities to other microcontrollers, has quickly replaced many of them with its ability to be programmed as its own platform rather than simply an accessory. This also paved the way for accessories of its own, such as various sensors and even a camera. This guide goes over taking the input from the camera and streaming it out over the network to multiple browsers.

      • Jeff GeerlingTesting the Coral TPU Accelerator (M.2 or PCIe) in Docker

        I recently tried setting up an M.2 Coral TPU on a machine running Debian 12 'Bookworm', which ships with Python 3.11, making the installation of the pyCoral library very difficult (maybe impossible for now?).

        Some of the devs responded 'just install an older Ubuntu or Debian release' in the GitHub issues, as that would give me a compatible Python version (3.9 or earlier)... but in this case I didn't want to do that.

      • 10 Free Online Gerber Viewers: View Your PCB Files on the Go

        Gerber files are the standard way to store PCB design images. Gerber viewers let you see the content of a Gerber file. These files usually come in .gbr, .gbx, .top, .bot, etc file extensions. You can open and check Gerber files from your browser with online Gerber viewers. No download or installation is needed.

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Web Browsers/Web Servers

      • Mozilla and Tor

        • TorArti 1.1.8 is released: Onion service infrastructure

          Arti is our ongoing project to create a next-generation Tor client in Rust. Now we're announcing the latest release, Arti 1.1.8.

          This release continues our work on support for onion services in Arti. It includes backend support for nearly all of the functionality needed to launch and publish an onion service and accept incoming requests from onion service clients. This functionality is not yet usable, however: we still need to connect it all together, test and debug it, and provide high-level APIs to allow the user to actually turn it on.

        • MozillaThe Mozilla Blog: A New York Times Magazine editor on her internet obsessions
          New York Times Magazine editor Iva Dixit talks about being ratioed on Twitter, an internet equivalent of a “healing sound bath” and the pieces she rereads to take a break from online discourse.

          Here at Mozilla, we are the first to admit the internet isn’t perfect, but we know the internet is pretty darn magical. The internet opens up doors and opportunities, allows for human connection, and lets everyone find where they belong — their corners of the internet. We all have an internet story worth sharing.

        • MozillaHacks.Mozilla.Org: Faster Vue.js Execution in Firefox

          Speedometer 3 is a cross-industry effort to build a modern browser benchmark rooted in real-world user experiences. Its goal is to focus browser engineering effort towards making the Web more smooth for actual users on actual pages. This is hard to do and most browser benchmarks don’t do it well, but we see it as a unique opportunity to improve responsiveness broadly across the Web.

          This requires a deliberate analysis of the ecosystem — starting with real user experiences and identifying the essential technical elements underlying them. We built several new tests from scratch, and also updated some existing tests from Speedometer 2 to use more modern versions of widely-used JavaScript frameworks.

        • LinuxSecurityCritical Memory Safety Bug, Other Severe Vulns Fixed in Thunderbird

          A critical memory safety bug has been discovered in Thunderbird 115.0 and Thunderbird 102.13 ( CVE-2023-4056 ). Due to the severity of this vulnerability's threat to the confidentiality, integrity, and availability of impacted systems, it has received a National Vulnerability Database base score of 9.8 out of 10. Other severe vulnerabilities have also been found in Thunderbird, including improper validation of the Text Direction Override Unicode Character in filenames ( CVE-2023-3417 ) and copying of an untrusted input stream to a stack buffer without checking its size ( CVE-2023-4050 ).

    • SaaS/Back End/Databases

      • Martijn BraamSquirrel Strings

        The possibility for injection vulnerabilities is everywhere. Most famously SQL injections where string templating or concatenation is used to build SQL commands. It's still very easy to create one of these vulnerabilities because the APIs are perfect for injection.

      • Peter EisentrautPostgreSQL make install times revisited

        We continue our exploration of PostgreSQL build system performance. A long time ago, I wrote an article about how to optimize the performance of make install. This was quite helpful, as it reduced the time from 10.493 s by default to 1.654 s with some tweaks (6x faster). Now, with different hardware, a much newer PostgreSQL, and a new build system looming, let’s take another look.

      • TecAdminGROUP BY Statement in MySQL

        In the realm of relational databases, data retrieval and manipulation form the crux of most operations. MySQL, one of the most popular open-source relational database management systems, offers a plethora of SQL statements and clauses to cater to these needs.

    • Content Management Systems (CMS)

      • Andrea Corbellini: My journey from Disqus to Remark42

        Readers of this blog might have noticed a few changes recently. For example, I’ve been working on improving the look of the blog (maybe with questionable results), as well as improving the experience on mobile. But one of the biggest changes that perhaps some have noticed is that all of the comments on all of my articles have suddenly disappeared since February 2023. Now, almost 7 months later, all comments have finally been restored.

    • Programming/Development

      • Chris CoyierRewrite & Rethink

        Baldur wrote up some thoughts about how companies don’t typically reward refactoring code. There isn’t a lot of incentive at many companies for slow work, rewriting old code, refactoring toward better ideas, paying down technical debt, and that kind of thing. I get that impression anyway, I don’t have much first-hand experience as I’ve spent the last decade at CodePen.

      • University of TorontoHaving ClamAV reject email using the Malwarepatrol database seems unwise

        In practice, ClamAV is both a virus and malware recognition engine and a collection of malware signatures. ClamAV only comes with a limited set of signatures, so supplementing it with additional third party sources is popular (and perhaps almost essential). Often people use update tools and scripts to configure and fetch these additional signatures, such as Fangfrisch. One of the popular providers of third party signatures is Malware Patrol, who have a number of tiers of access, including a (free) tier for educational institutions. Since we are an educational institution, we signed up for this tier and added it to the configuration of the third party update script we were using at the time so that it would be part of our email anti-spam filtering (when we switched over to ClamAV from our prior solution). Well, we thought we'd added it; in fact we'd made a configuration mistake such that we were silently failing to fetch the Malware Patrol database. We only noticed and fixed this mistake when we switched to Fangfrisch for our third party updates.

      • Dirk EddelbuettelDirk Eddelbuettel: RcppInt64 0.0.1 on CRAN: New Package!

        Happy to share that a new package RcppInt64 arrived on CRAN earlier today after a brief one-day inspection round. RcppInt64 collects some of the previous conversions between 64-bit integer values in R and C++, and regroups them in a single package.

      • QtQt Visual Studio Tools 3.0 Released [Ed: Qt is spreading proprietary software and helps Microsoft's too]

        We are happy to announce the release of the Qt Visual Studio Tools version 3.0.1. Installation packages are now available at the Visual Studio Marketplace and download.qt.io.

      • Russell John: Tips for Competitive Programmers

        I received the following question on my AMA section and thought of writing a blog post instead of answering in a few lines. I like Linux but I do not enjoy competitive programming (sport programming). How can I enjoy competitive programming?

      • Linux Links10 Best Free and Open Source Web-Based Git Clients

        Git is an open source distributed version control system which was originally designed by Linus Torvalds, the creator of Linux, in 2005 for Linux kernel development. We explore our recommended web-based tools.



Recent Techrights' Posts

Video: The Rise of GNU/Linux and Free Software as Seen by RMS in 2004
DTP's founder argued that when Windows goes below 85% "market share", it'll lose its grip in the monopoly sense
When (Almost) One-Man Operations Are Disguised as Medium-Sized Companies
the CEO hides in the US (hiding from his ex-wives, 4 daughters from those wives, and Sirius staff that he defrauded)
Microsoft Actually in Trouble, Microsofters Unable to Obey Judges' Orders
For the second time in a week, Microsofters are unable to obey orders
Over at Tux Machines...
GNU/Linux news for the past day
 
GNU/Linux is Thriving This Summer
It is meanwhile acknowledged, even by Microsoft pushers, that many GNU/Linux PCs will get sabotaged next month
The End of Microsoft's Reign in Spain: Windows Falls to All-Time Lows in Spanish Web Traffic
Windows sank to new lows in Spain
The Bots Never Sleep: In The Weekends, Slopfarms Dominate Google News, Majority of Entries in Google Are Fake Articles About 'Linux'
Google is fast becoming an ocean of plagiarism; the same goes for Google News, which was supposed to have extra quality control
Russia's Yandex Has Caught Up With Bing in Terms of "Market Share"
Microsoft has been firing loads of Bing workers for over 2 years already
Canada: GNU/Linux Up to Records Highs, Windows Down to Record Lows
Microsoft already announcing some plans to shut down Vista 11
Gemini Links 02/08/2025: Transducers in Typed Racket and American ISPs
Links for the day
Links 02/08/2025: Microsoft Already Kills Vista 11 SE, Smartphone Sales Down, Truth Gets "You're Fired!" in the US
Links for the day
Russia: GNU/Linux Rises to Highest Adoption Level Since Invasion of Ukraine
Moving up in the north
Microsoft's Latest Financial Report: We "Gained" 300 Million Dollars in "Goodwill" and Liabilities Grew by 32 Billion Dollars
Microsoft's debt has reached an all-time high
The Register US = The Register MS
Formerly The Register UK
Weeks After Microsoft Shut Down Its Operations in Pakistan Windows Falls to All-Time Lows
Only less than a month ago it was quietly revealed, based on laid-off staff, that Microsoft shut down in Pakistan
Criminal Behaviour is the Standard Operating Procedure at Microsoft
In the future I'll be able to tell how, when dealing with SLAPPs from Microsofters, their Microsoft services failed me and sometimes even blocked my contacts
GNU/Linux Rises to All-Time Highs in Europe
many people will get fired for buying Microsoft
All-Time Highs for GNU/Linux on the Client Desktop/Laptop, Based on Steam Survey
GNU/Linux rose to 2.89% in Steam
Links 02/08/2025: Blaugust 2025 and "Russia Declares Navalny Memoir ‘Extremist’"
Links for the day
Free Software is Not a Business Model
Go ahead, ask your friend, "how do you plan to monetise your children?"
LLM Slop Harms Real Literature, Real Web Sites, Real Journalism
LLM slop is a parasite and it'll run out of legitimate outputs
Upcoming OSI Scandal Series
The OSI is a rogue actor because it serves Microsoft in exchange for money
Slopwatch: The Issue Persists, But the Consensus in the Media Changes as Google Enrages It With LLM Plagiarism
We've meanwhile assessed the latest output from Linuxiac
IRC Proceedings: Friday, August 01, 2025
IRC logs for Friday, August 01, 2025
Links 02/08/2025: İstanbul Retail Inflation Reaches 42.48%, US FBI Opens Office in New Zealand
Links for the day
Gemini Links 02/08/2025: ZFS, LLM Hype, and Fake Modules
Links for the day
Links 01/08/2025: Health, Conflict, and Attacks on Freedom of the Press
Links for the day
Microsoft's Debt Exploded by 15.4 Billion Dollars in the Past 9 Months Alone (Despite All the Layoffs)
As of minutes ago, at 6PM on a Friday, the numbers are made public
Meeting (Webchat) With Maria Arranz Gomez, Florian Grundies, Jürgen Janda and Konstantinos Kortsaris Confronts EPO Management About Breaking Promises and Crushing Workers
The lack of consistent messages suggests plans other than what's advertised and the lack of consultation (secrecy) likewise
Links 01/08/2025: "The Great British Firewall" and U.S. Army Sponsors Palantir
Links for the day
For Second Day in a Row, Top Story in The Register MS is "Microsoft Says"
The editor in chief exercises control over everybody else
LLMs as Attack Method Against Free Software and Programming
DDoS in "hey hi" (slop) clothing
Stability and Reliability, Backward Compatibility
I don't fancy relying on social control media as "sources"
What "the News" Looks Like in 2025
The "says" (or "sez") phenomenon
History Will Be Distorted, Sometimes Intentionally, Under the Guise of Intelligence (Manipulated/Curated Slop)
Militarised misinformation or military-grade chaff is a national security threat, even domestically
Financial Engineering Companies: A Company Worth 4 Trillion Dollars Would Not Borrow 100+ Billion Dollars at Interest Rates Like Today's
Many headlines perpetuate the lie Microsoft had just 2 waves of layoffs
Microsoft is Googlebombing "Linux" While Paying Former News Sites to Publish SPAM
How much lower will IDG sink?
Google as a 'Bullshit Generator' Disguised as Intelligence
It'll probably cause Google to get sued a lot, both by individuals and companies
As Expected, Google in the UK Now Experiments With Slop Instead of Web Search
At this point more people ought to stop and think: Does Google's search engine deserve trust?
The Data You Don't Give Away is Your Advantage
stop sharing data that does not need to be shared
Being Obedient or Doing the Right Thing
The world always changes for the better because of people who think "Outside the Box", not the cogs
Gemini Links 01/08/2025: Happy Hacking Keyboards and New Gemini Arrivals
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 31, 2025
IRC logs for Thursday, July 31, 2025
Sabotaging Linux on Behalf of Microsoft With UEFI 'Secure' Boot (De Facto Remote 'Kill Switch'), Then Defaming, Stalking and Harassing Critics of 'Secure' Boot for 12 Years, Then SLAPPing Their Spouses and Them
The sorts of stubborn lunatics we've been dealing with
Moving on in Techrights, Geeks Gonna Geek
In the coming weeks we plan to focus (as we explained last week) on patents, GNU/Linux issues, and the occasional philosophical essays
Slopwatch: Google News Has Lost the Plot
Almost the majority of articles returned for "Linux" are fakes
Links 31/07/2025: Australia Restricts YouTube Access, Personal Privacy at Risk
Links for the day
Links 31/07/2025: Spotify Collapses and Spotify Now Forcing Some Users to Undergo Face-Scanning
Links for the day
A Lot of Supposedly "Successful" Businesses Are Just Debt-Racking Vessels Without Any Prospects of Financial Sustainability
The probability of bankruptcy of any business is more than 0%
theregister.com: The Voice of Microsoft US?
It basically sold out
Yes, You Can Love and Adore Things Whilst Also Criticising Them
Is society being divided and groomed/primed to be resistant to constructive criticism?
Links 31/07/2025: War in Ukraine, Security News, and Cyberattacks Against Journalists on the Rise
Links for the day
Gemini Links 31/07/2025: Fake Money and Gemini Diaries
Links for the day
An Illusion and Cult Worship of Magnitude (Ubiquity as "Victory")
GNU has been around for over 40 years and it'll likely continue to exist for another 40 (in some form)
Google: From Pointing to Relevant Sites to Pointing to Social Control Media to Actually Parroting Social Control Media as "Facts"
Google has become a misinformation company
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 30, 2025
IRC logs for Wednesday, July 30, 2025