GitHub Availability Report: April 2025
In April, we experienced three incidents that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: April 2025 appeared first on The GitHub Blog. ⌘ Read more
Podman 5.5.0 released
Version\
5.5.0 of the Podman container-management tool has been
released. Notable features include the addition of a podman machine cp command to copy files into a running Podman\
VM, a podman artifact extract command to copy
contents of an OCI\
artifact to disk, and a --mount=artifa ... ⌘ [Read more](https://lwn.net/Articles/1021217/)
Introducing k0rdent v0.3.0: Smarter observability, smoother operations
In my previous blog I wrote a detailed version describing how k0rdent eases platform engineering at scale. For those of you who are unaware, k0rdent is a Kubernetes-native distributed container management environment (DCME) designed to help… ⌘ Read more
Documentation done right: A developer’s guide
Learn why and how you should write docs for your project with the Diátaxis framework.
The post Documentation done right: A developer’s guide appeared first on The GitHub Blog. ⌘ Read more
Announcing Kyverno Release 1.14!
TL;DR We are excited to announce the release of Kyverno 1.14.0, marking a significant milestone in our journey to make policy management in Kubernetes more modular, streamlined, and powerful. This release introduces two new policy types… ⌘ Read more
RIP GitHub https://github.blog/changelog/2025-05-08-updated-rate-limits-for-unauthenticated-requests/
Good thing I left long ago.
On my blog: Firefox’s Local Storage https://john.colagioia.net/blog/2025/05/14/firefox-local-storage.html #programming #techtips
Satechi X1 Slim
I bought a Satechi X1 Slim for dad’s iPad about a year ago. It’s a 60%
scissor switch Bluetooth keyboard that you can use wired (USB-C), too
(Fn + Eject). The feel is rather close to the Apple Magic Keyboard.
Yeah, not even mechanical! I know, I know.
For reasons dad’s not using this keyboard so when I recently visited I
brought it back with me. It’s decent enough but in the ISO version
some keys on the right side, close to the return key, are … ⌘ Read more
Nextcloud claims Google is being anticompetitive
Nextcloud provides an
open-source collaboration platform called Nextcloud Hub, which includes file-sharing and syncing
features. The company has written
a blog post explaining that Google has revoked a critical permission
from the Nextcloud Files app for Android that allows it to sync files
to Nextcloud Hub.
Google is stati … ⌘ Read more
little blog post on how i got my astro site to automatically build & deploy with my git instance + sourcehut builds yayyy https://bubblegum.girlonthemoon.xyz/articles/14
GitHub Issues search now supports nested queries and boolean operators: Here’s how we (re)built it
Plus, considerations in updating one of GitHub’s oldest and most heavily used features.
The post [GitHub Issues search now supports nested queries and boolean operators: Here’s how we (re)built it](https://github.blog/developer-skills/application-development/github-issues-search-now-supports-nested-queries-an … ⌘ Read more
How to install and run Minikube with Rootless Podman on ARM-based MacBooks
minikube provides a local Kubernetes cluster on macOS, Linux, and Windows. minikube’s primary goals are to be the best tool for local Kubernetes application development and to support all Kubernetes features that fit into that environment…. ⌘ Read more
Erlang Solutions: Common MVP mistakes: How to build smart without overbuilding
A Minimum Viable Product (MVP) is your first real signal to the market, your team, and your investors that you’re solving the right problem in the right way. While it’s often mentioned alongside terms like Proof-of-Concept (PoC), prototype, or pilot, an MVP plays a distinct role: validating real value with real users.
Avoiding common missteps early sets the stage for faster itera … ⌘ Read more
** How Hackers Bypass Login Pages with SQL, Logic Flaws, and Headers **
Welcome to the underworld of cybersecurity! 🌐 In this blog, we dive deep into how hackers bypass login pages — the digital gatekeepers of…
[Continue rea … ⌘ Read more
Guix project migrating to Codeberg
The Guix project has announced
that it is migrating all of its Git repositories, as well as bug
tracking and patch tracking, from Savannah to the Codeberg Git forge.
As a user, the main change is that your
channels.scm
configuration files, if they refer to the
git.savannah.gnu.orgURL, should be changed to refer to
https://codeberg.org ... ⌘ [Read more](https://lwn.net/Articles/1020885/)
i got so emo about my site not being statically generated and instead hand coded but it’s like i don’t even know if i want that because i feel most SSGs are built for blogging and continuous posting and i don’t want that i just want to make my silly pages….
that being said, the one i’d use if i did switch to one would be astro and that one is so flexible i could really do anything with it including keeping my pages as is mostly without doing the blog stuff. idk! something to consider
GitHub for Beginners: Building a React App with GitHub Copilot
Follow along and build a frontend client using React and Copilot Chat.
The post GitHub for Beginners: Building a React App with GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
On my blog: Developer Diary, International Nurses Day https://john.colagioia.net/blog/2025/05/12/nurses.html #programming #project #devjournal
VPS troubles and the weekend
This weekend I went to the cottage with P on Friday. I hoped I would
have a nice weekend reading in front of the wood stove, but I had also
planned to spend at least a few hours trying to configure Maddy as the
new mail server for hack.org et al.
Then the web server I moved to the new VPS died. Again. I connected to
the VNC console and, like before, the Linux kernel couldn’t find its
root disk. A simple:
# mount /dev/vda2 /sysroot; exit
in the emergency shell solved thi … ⌘ Read more
↳
In-reply-to
»
My main domain name turned 24 years old today. That feels weird.
⤋ Read More
@anth@a.9srv.net 24 years is quite a long time. 😳 My blog domain is from 2006 (still, almost 20 years, oof).
Real‑world video demo: Using different AI models in GitHub Copilot
Curious about how AI models perform in real-world scenarios with GitHub Copilot? Same. We made a live video demo to find out, and wrote up our key takeaways.
The post Real‑world video demo: Using different AI models in GitHub Copilot appeared first on The GitHub Blog. ⌘ Read more
Lume 3 was released
After several months of work, I’d like to share with you the release of a new major of Lume, a static site generator for Deno. Apologies for the autopromotion 🙏
On my blog: Free Culture Book Club — Pilogy, part 3 https://john.colagioia.net/blog/2025/05/10/pilogy-3.html #freeculture #bookclub
Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape
Comments ⌘ Read more
On my blog: Toots 🦣 from 05/05 to 05/09 https://john.colagioia.net/blog/2025/05/09/week.html #linkdump #socialmedia #quotes #week
Tea & Peaches: KubeCon + CloudNativeCon London Recap, Atlanta Sneak-Peek
KubeCon + CloudNativeCon Europe 2025 in London was nothing short of historic. As the biggest KubeCon to date — with 12,418 attendees, including 46% first-timers — it was a moment of celebration, reflection, and connection for… ⌘ Read more
Design system annotations, part 2: Advanced methods of annotating components
How to build custom annotations for your design system components or use Figma’s Code Connect to help capture important accessibility details before development.
The post [Design system annotations, part 2: Advanced methods of annotating components](https://github.blog/engineering/user-experience/design-system-annotations-part-2-advanced-methods-of-annotating-component … ⌘ Read more
Design system annotations, part 1: How accessibility gets left out of components
The Accessibility Design team created a set of annotations to bridge the gaps that design systems alone can’t fix and proactively addresses accessibility issues within Primer components.
The post [Design system annotations, part 1: How accessibility gets left out of components](https://github.blog/engineering/user-experience/design-system-annotations-part-1-how … ⌘ Read more
Albertson: OSL’s path to sustainability
Lance Albertson writes that the
Oregon State University Open Source Lab has been funded for the next
year, following his announcement in April
that the future of OSL was in jeopardy. OSL is now focusing on
becoming self-sustainable long term.
The recent support was amazing for our immediate team needs. But
for the OSL to thrive long-term, we need a sustainable financial
foundation. This is crucial, as the … ⌘ Read more
Announcing Linkerd 2.18: Battlescars, lessons learned, and preliminary Windows support
We’re happy to announce the release of Linkerd 2.18. The theme of this release is battlescars: we’ve added features and updated functionality to reduce operational pain in response to real life, hard-won lessons we’ve learned with… ⌘ Read more
Bluetooth 6.1 Update Set to Improve Privacy, Battery Life of iPhone Accessories
The Bluetooth Special Interest Group (SIG) has released Bluetooth 6.1 as part of its new bi-annual update schedule. The update introduces Randomized Resolvable Private Address (RPA), a feature designed to enhance both privacy and power efficiency.
 is the technical governing body responsible for maintaining the technical vision of the CNCF. At the time the CNCF was founded in 2015 and as of 2016, there were four… ⌘ Read more
Technology Where I Belong
When I first started working with technology, it felt like a promise. A promise that we could change the world for the better. As a young developer building Java applications, I was fascinated by how code… ⌘ Read more
The state of SSL stacks
Willy Tarreau and William Lallemand have posted an extensive white\
paper examining the landscape of the available SSL implementations.
OpenSSL 3.0 performs significantly worse than alternative SSL
libraries, forcing organizations to provision more hardware just to
maintain existing throughput. This raises important questions about
performance, energy efficiency, and operational costs.Examining alternatives—BoringSSL, LibreSSL, WolfSSL, and
… ⌘ Read more
↳
In-reply-to
»
https://alex.party/posts/2025-05-05-the-future-of-web-development-is-ai-get-on-or-get-left-behind/
⤋ Read More
And on a similar note, cross-post from Mastodon:
What I love about HTML and HTTP is that it can degrade rather gracefully on old browsers.
My website isn’t spectacular but I don’t think it looks horrible, either. And it’s still usable just fine all the way down to WfW 3.11:
It’s not perfect, but it’s usable. And that makes me happy. Almost 30 years of compatibilty.
The biggest sacrifice is probably that I don’t enforce TLS and that HTTP 1.0 has no Host: header, so no vhosts (or rather, everything must come from the default vhost). (Yes, some old browsers send Host:, even though they predate HTTP 1.1. Netscape does, but not IBM WebExplorer, for example.)
(On the other hand, it might completely suck on modern mobile devices. Dunno, I barely use those. 🤪)
Securing Model Context Protocol: Safer Agentic AI with Containers
Model Context Protocol (MCP) tools remain primarily in the hands of early adopters, but broader adoption is accelerating. Alongside this growth, MCP security concerns are becoming more urgent. By increasing agent autonomy, MCP tools introduce new risks related to misalignment between agent behavior and user expectations and uncontrolled execution. These systems also present a novel… ⌘ Read more
Dos and don’ts when sunsetting open source projects
Three maintainers share their tips for gracefully sunsetting open source projects.
The post Dos and don’ts when sunsetting open source projects appeared first on The GitHub Blog. ⌘ Read more
Announcing OpenReports: Standardized Kubernetes Reporting
The Kubernetes ecosystem, while powerful, is a sprawling landscape of tools. As organizations scale their deployments, ensuring compliance and security becomes paramount. But how do you effectively track and report on your Kubernetes policies and scanners… ⌘ Read more
foss-north 2025
I attended foss-north, a free / open source conference covering both
software and hardware from the technical perspective, at Chalmers
Conference Center in Gothenburg on April 14 & 15. A great conference.
Lots of interesting talks:
https://foss-north.se/2025/speakers-and-talks.html
My own presentation was “Forking QEMU to emulate and secure the
Tillitis TKey”. Recording is here: