Searching txt.sour.is

Twts matching #BUG
Sort by: Newest, Oldest, Most Relevant

OpenSSH 10.1 released
OpenSSH 10.1 has
been released. Along with “a minor security fix” and some other bug
fixes, this release disallows control characters in user names passed via
the command line, adds better logging around certificate refusals, and a
new RefuseConnection server configuration option. ⌘ Read more

⤋ Read More

MacOS Tahoe 26.0.1 Update Released to Fix Mac Studio Installation Bug
Apple has issued MacOS Tahoe 26.0.1 as a software update for Tahoe users. The update focuses primarly on resolving an issue for Mac Studio owners who were not able to install the initial MacOS Tahoe 26 release onto the M3 Ultra version of the Studio. Apparently other bug fixes and security improvements are included as … [Read More](https://osxdaily.com/2025/09/29/macos-tahoe-26-0-1-update-releas … ⌘ Read more

⤋ Read More

iOS 26.0.1 Update Released to Fix Various iPhone 17 Issues, & Blank Screen Icons
Apple has released the first update for iOS 26.0.1, which includes a handful of bug fixes specifically aimed at the new iPhone 17 lineup, as well as addressing an issue for all devices where Home Screen icons can appear blank after using various Liquid Glass customization settings, and another issue where VoiceOver might disable itself … [Read More](https://osxdaily.com/2 … ⌘ Read more

⤋ Read More

DietPi September 2025 Update Brings Faster Backups and Roon Server Early Access
The September 20th release of DietPi v9.17 introduces smaller and more efficient system images, faster backups with reduced disk usage, and a new toggle for Roon Server’s early access builds. The update also addresses SPI bootloader flashing issues on Rockchip devices, improves Raspberry Pi sound card handling, and includes multiple bug fixes across tools and […] ⌘ Read more

⤋ Read More

Kicking off Cybersecurity Awareness Month 2025: Researcher spotlights and enhanced incentives
For this year’s Cybersecurity Awareness Month, GitHub’s Bug Bounty team is excited to offer some additional incentives to security researchers!

The post [Kicking off Cybersecurity Awareness Month 2025: Researcher spotlights and enhanced incentives](https://github.blog/security/vulnerability-research/kicking-off-cybersecurity-aware … ⌘ Read more

⤋ Read More

Ignite Realtime Blog: Openfire 5.0.2 release!
The IgniteRealtime community is happy to announce a new release of its open source, real-time communications server server Openfire! Version 5.0.2 brings a number of stability improvements and bug fixes.

Notably, it addresses a recently identified security vulnerability, identifies as CVE-2025-59154. The issue allows for potential identity spoofing via unsafe Common Nam … ⌘ Read more

⤋ Read More
In-reply-to » @lyse a content warning is kind of like a forum spoiler cut, or like the <details> tag in HTML; it lets you write a sentence or so that someone can then click to expand to see the actual post. it's called a CW because most people use it to warn for potentially triggering/harmful subjects, but you can really use it for anything, like spoilers in a TV show or even for joke punchlines

@kat@yarn.girlonthemoon.xyz Ta. The only good use for <details> is to collapse long logs in bug analysis reports. Other than that, I find it rather annoying to expand sections manually.

As for spoilers, personally, I don’t care at all. Not the slightest bit. If there is something that I don’t wanna read, I just stop reading. ¯_(ツ)_/¯

But I’ve got the feeling that I’ve got an unpopular opinion on that matter. ;-)

⤋ Read More

Mathieu Pasquet: slixmpp v1.11
This new version includes a few new XEP plugins as well as fixes, notably
for some leftover issues in our rust JID code, as well as one for a bug that
caused issues in Home Assistant.

Thanks to everyone who contributed with code, issues, suggestions, and reviews!

CI and build

Nicoco put in a lot of work in order to get all possible wheels built in CI. We now have manylinux and musl builds of everything doable within codeberg,
published to the codeberg pypi repo, and published on pypi. … ⌘ Read more

⤋ Read More
In-reply-to » @itsericwoodward Also just a heads up, GIF(s) aren't supproted as an Avatar type on yarnd (what runs twtxt.net). I'd change this to something that's more supproted like PNG, JPEG, etc.

@eric@itsericwoodward.com Name change is no worries! 😉 Interesting/funnily enough my client yarnd seems to have picked it up automatically which is nice (I’ve historically always had a few bugs to iron out there 🤣)

⤋ Read More
In-reply-to » Twtxt as a network is so neat. Sucks it isn't more widely adopted ): I feel like it'd be way easier to host than say, mastodon or GTS. & would require WAYYYY less resources. Not a diss on GTS, I love GTS , just saying because it's text files, I assume the minimum amount of ram needed to host any of the twtxt server software is very low.

@lyse@lyse.isobeef.org you will have to agree, though, that Yarn has contributed to make it possible to mass adopt (with its many glitches, bugs, and all) because, still, the web is king.

⤋ Read More

Just realized: One of the reasons why I don’t like “flat UIs” is that they look broken to me. Like the program has a bug, missing pixmaps or whatever.

Take this for example:

Image

I’m talking about this area specifically:

Image

One UI element ends and the other one begins – no “transition” between them.

The style of old UIs like these two is deeply ingrained into my brain:

Image


Image

When all these little elements (borders, handles, even just simple lines, …) are no longer present, then the program looks buggy and broken to me. And I’m not sure if I’ll ever be able to un-learn that.

⤋ Read More
In-reply-to » I did a “lecture”/“workshop” about this at work today. 16-bit DOS, real mode. 💾 Pretty cool and the audience (devs and sysadmins) seemed quite interested. 🥳

@movq@www.uninformativ.de I also don’t think that I’m a particularly good speaker. :-) The workshop model is a good idea, I like that.

Yeah, it’s really good fun. I can highly recommend it. This is also a good way to train (new) developers to think like attackers, how to break in, destroy something or raise awareness of some classes of bugs. Then you can avoid them next time. It’s surprising to me what vulnerabilities come up during this event every time. So, absolutely worth it, win, win.

⤋ Read More

Saw this on Mastodon:

https://racingbunny.com/@mookie/114718466149264471

18 rules of Software Engineering

  1. You will regret complexity when on-call
  2. Stop falling in love with your own code
  3. Everything is a trade-off. There’s no “best” 3. Every line of code you write is a liability 4. Document your decisions and designs
  4. Everyone hates code they didn’t write
  5. Don’t use unnecessary dependencies
  6. Coding standards prevent arguments
  7. Write meaningful commit messages
  8. Don’t ever stop learning new things
  9. Code reviews spread knowledge
  10. Always build for maintainability
  11. Ask for help when you’re stuck
  12. Fix root causes, not symptoms
  13. Software is never completed
  14. Estimates are not promises
  15. Ship early, iterate often
  16. Keep. It. Simple.

Solid list, even though 14 is up for debate in my opinion: Software can be completed. You have a use case / problem, you solve that problem, done. Your software is completed now. There might still be bugs and they should be fixed – but this doesn’t “add” to the program. Don’t use “software is never done” as an excuse to keep adding and adding stuff to your code.

⤋ Read More

OpenBSD has the wonderful pledge() and unveil() syscalls:

https://www.youtube.com/watch?v=bXO6nelFt-E

Not only are they super useful (the program itself can drop privileges – like, it can initialize itself, read some files, whatever, and then tell the kernel that it will never do anything like that again; if it does, e.g. by being exploited through a bug, it gets killed by the kernel), but they are also extremely easy to use.

Imagine a server program with a connected socket in file descriptor 0. Before reading any data from the client, the program can do this:

unveil("/var/www/whatever", "r");
unveil(NULL, NULL);
pledge("stdio rpath", NULL);

Done. It’s now limited to reading files from that directory, communicating with the existing socket, stuff like that. But it cannot ever read any other files or exec() into something else.

I can’t wait for the day when we have something like this on Linux. There have been some attempts, but it’s not that easy. And it’s certainly not mainstream, yet.

I need to have a closer look at Linux’s Landlock soon (“soon”), but this is considerably more complicated than pledge()/unveil():

https://landlock.io/

⤋ Read More
In-reply-to » So I was using this function in Rust:

@lyse@lyse.isobeef.org Rust is so different and, at the same time, so complex – it’s not far fetched to assume that I simply don’t understand what’s going on here. The docs appear to be clear, but alas … is it a bugs in the docs? Is it a lack of experience on my part? Who knows.

By the way, looks like there was a bit of a discussion regarding that name:

https://github.com/rust-lang/rust/issues/120048

⤋ Read More

Hmmm 🧐 Not what I thought was going on… No bug…

 time="2025-06-14T15:24:25Z" level=info msg="updating feeds for 8 users"
 time="2025-06-14T15:24:25Z" level=info msg="skipping 0 inactive users"
 time="2025-06-14T15:24:25Z" level=info msg="skipping 0 subscribed feeds"
 time="2025-06-14T15:24:25Z" level=info msg="updating 80 sources (stale feeds)"

⤋ Read More

上下文取消鏈:摧毀我們支付系統的 bug
一個看似無害的 Go 語言特性如何引發級聯故障,導致了 110,000 美元的交易損失。警報響起時,我們的支付處理系統已經癱瘓。信用卡交易失敗、訂閱無法續訂、客服聊天窗口被憤怒的消息淹沒。一次常規部署演變成了我們兩年內最嚴重的生產事故。罪魁禍首?對 Go 語言上下文取消的細微誤解,它引發了一連串我從未預料到的反應。背景:一次 “簡單” 的優化三週前,我接到了優化支付處理流程的任務。系統每分鐘處理數 ⌘ Read more

⤋ Read More

上下文取消鏈:摧毀我們支付系統的 bug
一個看似無害的 Go 語言特性如何引發級聯故障,導致了 110,000 美元的交易損失。警報響起時,我們的支付處理系統已經癱瘓。信用卡交易失敗、訂閱無法續訂、客服聊天窗口被憤怒的消息淹沒。一次常規部署演變成了我們兩年內最嚴重的生產事故。罪魁禍首?對 Go 語言上下文取消的細微誤解,它引發了一連串我從未預料到的反應。背景:一次 “簡單” 的優化三週前,我接到了優化支付處理流程的任務。系統每分鐘處理數 ⌘ Read more

⤋ Read More

How can one write blazing fast yet useful compilers (for lazy pure functional languages)?
I’ve decided enough is enough and I want to write my own compiler (seems I caught a bug and lobste.rs is definitely not discouraging it). The language I have in mind is a basic (lazy?) statically-typed pure functional programming language with do notation and records (i.e. mostly Haskell-lite).

I have other ideas I’d like to explore as well, but mainly, I want the compiler to be so fast (w/ optimisations) that … ⌘ Read more

⤋ Read More

golang 每日一庫之 GoAdmin
你是不是曾經想用 Go 寫個後臺系統,結果一不小心就寫成了 Bug 系統?是不是寫到權限控制的時候,感覺自己變成了權限受害者?是不是本來想安安心心做個 CRUD 工人,結果被前端 UI 折磨到懷疑人生?別怕,GoAdmin 來拯救你了!什麼是 GoAdmin簡單說,GoAdmin 就是 Go 語言界的 “萬能後臺神器”。它能幫你:三分鐘起飛 :快速搭出一個後臺系統; 一行不寫也 ⌘ Read more

⤋ Read More

golang 每日一庫之 GoAdmin
你是不是曾經想用 Go 寫個後臺系統,結果一不小心就寫成了 Bug 系統?是不是寫到權限控制的時候,感覺自己變成了權限受害者?是不是本來想安安心心做個 CRUD 工人,結果被前端 UI 折磨到懷疑人生?別怕,GoAdmin 來拯救你了!什麼是 GoAdmin簡單說,GoAdmin 就是 Go 語言界的 “萬能後臺神器”。它能幫你:三分鐘起飛 :快速搭出一個後臺系統; 一行不寫也 ⌘ Read more

⤋ Read More

DietPi May 2025 Update Introduces Security Changes, Kernel Fixes, and Software Cleanups
The latest DietPi release (v9.13) focuses on improving security defaults, enhancing support for specific SBCs, and removing outdated software options. The update also brings kernel upgrades, interface refinements, and dozens of bug fixes for improved stability across platforms. DietPi: DietPi is a lightweight, Debian-based operating system optimized for single-board compu … ⌘ Read more

⤋ Read More

The 6.15 kernel has been released
Linus has released the 6.15 kernel, as
expected.

So this was delayed by a couple of hours because of a last-minute
bug report resulting in one new feature being disabled at the
eleventh hour, but 6.15 is out there now.

Significant changes in 6.15 include smarter timer-ID assignment to make
checkpoint/restore operations more reliable, the [ability](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/comm … ⌘ Read more

⤋ Read More

自制 ResponseWriter:Go 安全 HTTP
Go 的 http.ResponseWriter 會直接向套接字(socket)寫入數據,這可能會導致一些隱蔽的 bug,例如忘記設置狀態碼,或是在爲時已晚的時候意外修改了響應頭(header)。本文將展示如何通過包裝 ResponseWriter 來強制執行自定義規則,例如要求 WriteHeader() 以及在出錯後阻止寫入操作,從而讓你的處理器(handler)更安全、也更易於梳理邏輯。我用 ⌘ Read more

⤋ Read More

自制 ResponseWriter:Go 安全 HTTP
Go 的 http.ResponseWriter 會直接向套接字(socket)寫入數據,這可能會導致一些隱蔽的 bug,例如忘記設置狀態碼,或是在爲時已晚的時候意外修改了響應頭(header)。本文將展示如何通過包裝 ResponseWriter 來強制執行自定義規則,例如要求 WriteHeader() 以及在出錯後阻止寫入操作,從而讓你的處理器(handler)更安全、也更易於梳理邏輯。我用 ⌘ Read more

⤋ Read More

[$] Recent disruptive changes from Setuptools
In late March, version 78.0.1 of Setuptools — an important
Python packaging tool — was released. It was scarcely half an hour before
the first bug\
report came in, and it quickly became clear that the change was far
more disruptive than anticipated. Within only about five hours [78.0.2 was\
published to roll back the change](https://setuptools.pypa.io/e … ⌘ Read more

⤋ Read More

OpenAI 公開 Codex 系統提示詞
昨天,OpenAI 發佈了一個新功能:Codex。一個在雲端運行的 Coding Agent。體驗鏈接:chatgpt.com/codex可以處理包括跑現成代碼、解答 Github 上的項目、修復 BUG 以及提 PR 等功能。目前還不能聯網,不能裝包,只能基於倉庫裏已有的代碼 + 提前配置好的環境進行工作。Codex 背後的模型來自 codex-1,基於 OpenAI o3 微調,專門針對軟件工 ⌘ Read more

⤋ Read More

MacOS Sequoia 15.5 Update Released with Bug Fixes & Security Enhancements
MacOS Sequoia 15.5 is now available as a software update for Mac users running the Sequoia operating system. The system software update includes bug fixes and security enhancements, but does not appear to include any new features or other major changes. Additionally, Apple has also released MacOS Ventura 13.7.6 and macOS Sonoma 14.7.6 for Mac, … [Read More](https://osxdaily.com/2025/05/12/macos-sequoia-15-5-update-downlo … ⌘ Read more

⤋ Read More

iOS 18.5 Update Released for iPhone & iPad with Bug Fixes & Security Enhancements
iOS 18.5 for iPhone and iPadOS 18.5 for iPad have been released by Apple. According to the release notes accompanying the update download, the software updates primary focus is the introduction of a new Pride Harmony LGBTQ wallpaper. Additionally, parents will now receive a notification when the Screen Time passcode is used on a childs … [Read More](https://osxdaily.com/2025/05/12/ios-18-5-update-iphone-ip … ⌘ Read more

⤋ Read More

Raspberry Pi OS Update Finalizes Bookworm-Based Release Ahead of Debian Trixie
A new version of Raspberry Pi OS is now available, marking what is likely the final release based on Debian Bookworm before the upcoming transition to Debian Trixie later this year. The update introduces usability enhancements, bug fixes, and performance optimizations across the system. One notable addition is a customized screen locking mechanism based on […] ⌘ Read more

⤋ Read More

Guix project migrating to Codeberg
The Guix project has announced
that it is migrating all of its Git repositories, as well as bug
tracking and patch tracking, from Savannah to the Codeberg Git forge.

As a user, the main change is that your channels.scm
configuration files, if they refer to the
git.savannah.gnu.org URL, should be changed to refer to
https://codeberg.org ... ⌘ [Read more](https://lwn.net/Articles/1020885/)

⤋ Read More

用了這麼久的 Git,這些冷門命令纔是提效神器
Git 作爲開發者的必備工具,大家都用得很熟了。但其實,除了常用的 add、commit、push、pull 這些命令,Git 還有很多冷門但極其實用的命令,能大大提升你的開發效率。今天就來盤點一下那些你可能沒用過,但用上就離不開的 Git 冷門命令! git stash - 臨時保存工作進度———————–有時候你在開發新功能,突然需要切換分支修復 bug,但當前代 ⌘ Read more

⤋ Read More