Platform Democracy: Rethinking Who Builds and Consumes Your Internal Platform
Platform engineering has gone through multiple iterations over the years. First, there was the split between Development and Operations, a model that broke the flow of value by creating dependencies, bottlenecks, and misaligned incentives. Then came… ⌘ Read more
Bypassing MTE with CVE-2025-0072
In this post, I’ll look at CVE-2025-0072, a vulnerability in the Arm Mali GPU, and show how it can be exploited to gain kernel code execution even when Memory Tagging Extension (MTE) is enabled.
The post Bypassing MTE with CVE-2025-0072 appeared first on The GitHub Blog. ⌘ Read more
Shine a spotlight on your open source project
Celebrate #MaintainerMonth with two big opportunities to showcase your open source project at GitHub Universe and WeAreDevelopers World Congress. Applications are open. Don’t miss out!
The post Shine a spotlight on your open source project appeared first on The GitHub Blog. ⌘ Read more
On my blog: Real Life in Star Trek, Season 6, TNG https://john.colagioia.net/blog/2025/05/22/ng-season-6.html #scifi #startrek #closereading
Streamlining application deployment on Kubernetes at RBC Capital Markets: A journey with FluxCD
As we learned from the first blog in our series, RBC has taken a holistic approach on our cloud journey, as it enables technologies across our enterprise. In today’s post, we’re going to share how Capital Markets… ⌘ Read more
Agent mode 101: All about GitHub Copilot’s powerful mode
A full look at agent mode in GitHub Copilot, including what it can do, when to use it, and best practices.
The post Agent mode 101: All about GitHub Copilot’s powerful mode appeared first on The GitHub Blog. ⌘ Read more
Home Assistant deprecates the “core” and “supervised” installation modes
Our recent article on Home Assistant
observed that the project emphasizes installations using its own Linux
distribution or within containers. The project has now made that emphasis
rather stronger with this\
announcement of the deprecation of the “core” and “supervised”
installation modes, which allowed H … ⌘ Read more
@movq@www.uninformativ.de Regarding https://www.uninformativ.de/blog/postings/2025-05-21/0/POSTING-en.html: Hahaha, that’s what I immediately thought, too! The pain of going back to CVS. :-D I used that back in school. Quickly after, I upgraded to SVN and even that was terrible in comparison to a modern VCS, such as git.
In any case, happy hacking!
How to thrive as a junior engineer: tips and insights
Plus, ways teammates and leaders can be better mentors for their new counterparts.
The post How to thrive as a junior engineer: tips and insights appeared first on The GitHub Blog. ⌘ Read more
On my blog: Firefox’s Tabs https://john.colagioia.net/blog/2025/05/21/firefox-tabs.html #programming #techtips
Not-so-esoteric Kakoune: a point-by-point comparison with a Vim blog article about advanced text edits ⌘ Read more
Red Hat Enterprise Linux 10 released
Red Hat has announced
the release of Red Hat Enterprise Linux (RHEL) 10. A blog post
accompanying the release provides details on some of the more notable
features, such as encrypted DNS, a developer preview of RHEL 10
for RISC-V,
and image\
mode for RHEL using [bootc](https://lwn.net/A … ⌘ Read more
A milestone for lightweight Kubernetes: k0s joins CNCF sandbox
Member post originally published on the Mirantis blog by Prithvi Raj We are excited to announce that k0s, our lightweight, zero dependencies, and fully open-source Kubernetes distribution, has officially joined the Cloud Native Computing Foundation (CNCF) as a Sandbox project!… ⌘ Read more
Google Releases NotebookLM App for iOS and Android
Google has launched iOS and Android apps for NotebookLM, the company’s advanced AI-powered research and note-taking tool.
Commenting on the launch in a blog post, Google said:
We’ve received a lot of great feedback from the millions of people using NotebookLM, our tool … ⌘ Read more
Moving secure GitOps forward with Flux
Spirits were high as the Flux team came together in London for KubeCon + CloudNativeCon Europe this year. With plenty to celebrate and even more to accomplish, one theme stood out as omnipresent: project security. The… ⌘ Read more
Go cryptography security audit (The Go Blog)
Roland Shoemaker has published a blog post about a
recent security audit of the cryptography packages shipped as part of
the Go standard library. The audit, performed by the Trail of Bits security firm,
uncovered one low-severity vulnerability in the legacy Go+BoringCrypto
integration, as well as a handful of informational findings.
During the review, there were … ⌘ Read more
GitHub Copilot: Meet the new coding agent
Implementing features has never been easier: Just assign a task or issue to Copilot. It runs in the background with GitHub Actions and submits its work as a pull request.
The post GitHub Copilot: Meet the new coding agent appeared first on The GitHub Blog. ⌘ Read more
Introducing Docker Hardened Images: Secure, Minimal, and Ready for Production
From the start, Docker has focused on enabling developers to build, share, and run software efficiently and securely. Today, Docker Hub powers software delivery at a global scale, with over 14 million images and more than 11 billion pulls each month. That scale gives us a unique vantage point into how modern software is built… ⌘ Read more
On my blog: Developer Diary, Malcolm X Day https://john.colagioia.net/blog/2025/05/19/malcolm-x.html #programming #project #devjournal
Write Cybersecurity Blog Titles That Get Clicks ⌘ Read more
Ayllu Code Forge 0.4 Has Been Released
Ayllu’s self-hosted instance https://ayllu-forge.org/ayllu/ayllu
Codeberg mirror https://codeberg.org/ayllu/ayllu
i have a blog roll now! with a single yaml file! https://eunoia.sayitditto.net/blogroll/
On my blog: Copyright Thoughts https://john.colagioia.net/blog/2025/05/18/copyright-thoughts.html #copyright #freeculture #rant
On my blog: Free Culture Book Club — Pilogy, part 4 https://john.colagioia.net/blog/2025/05/17/pilogy-4.html #freeculture #bookclub
On my blog: Toots 🦣 from 05/12 to 05/16 https://john.colagioia.net/blog/2025/05/16/week.html #linkdump #socialmedia #quotes #week
Code. Create. Commit. Welcome to dev/core
The new GitHub Shop collection is here. We’re celebrating you.
The post Code. Create. Commit. Welcome to dev/core appeared first on The GitHub Blog. ⌘ Read more
Vibe coding: Your roadmap to becoming an AI developer
Learn how to go from curious coder to AI wizard—with a little help from GitHub.
The post Vibe coding: Your roadmap to becoming an AI developer appeared first on The GitHub Blog. ⌘ Read more
Cloud Native Bangkok launched as the official chapter for Thailand
We’re happy to announce that, following the growing interest in and adoption of Cloud Native technologies in Thailand, an official chapter was just launched within the CNCF platform: Cloud Native Bangkok. Local enthusiasts from various companies… ⌘ Read more
Docker at Microsoft Build 2025: Where Secure Software Meets Intelligent Innovation
This year at Microsoft Build, Docker will blend developer experience, security, and AI innovation with our latest product announcements. Whether you attend in person at the Seattle Convention Center or tune in online, you’ll see how Docker is redefining the way teams build, secure, and scale modern applications. Docker’s Vision for Developers At Microsoft Build… ⌘ Read more
On my blog: Real Life in Star Trek, Descent, part 1 https://john.colagioia.net/blog/2025/05/15/descent-1.html #scifi #startrek #closereading
Rust 1.87.0 released
To commemorate the tenth anniversary of the 1.0 release
of the Rust language,
version\
1.87.0 was announced live today at the 10 Years of Rust
celebration in Utrecht, Netherlands. Notable changes
include the addition of anonymous pipes to the standard library and
the ability for inline assembly ( asm!) to jump to labeled
blocks within Rust code. ⌘ Read more
Oniux: kernel-level Tor isolation for Linux applications
The Tor project has announced
the oniux utility which provides Tor network isolation, using Linux
namespaces, for third-party applications.
Namespaces are a powerful feature that gives us the ability to
isolate Tor network access of an arbitrary application. We put each
application in a network namespace that doesn’t provide access … ⌘ Read more
Our pledge to help improve the accessibility of open source software at scale
GitHub takes the Global Accessibility Awareness Day (GAAD) pledge.
The post Our pledge to help improve the accessibility of open source software at scale appeared first on The GitHub Blog. ⌘ Read more
Data is code
Meta: no Forth or concatenative tag, but in the future hopefully search will find it via this.
** Blog Title: Not Your File: How Misconfigured MIME Types Let Me Upload Evil Scripts **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/blog-title-not-your … ⌘ Read more
[$] LWN.net Weekly Edition for May 15, 2025
Inside this week’s LWN.net Weekly Edition:
Front: Home Assistant; YaST; bpfilter; Flatpak; More LSFMM+BPF 2025 coverage.
Briefs: Screen security; Guix on Codeberg; Postgres I/O; GNOME executive director; Nextcloud blog; Podman 5.5.0; OSL sustainability; Quotes; …
Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more