May 2023

Open sourcing our Rust crate audits
Open sourcing our Rust crate audits
We hope that by sharing our work with the open-source community, we can make the Rust ecosystem even safer and more secure for everyone.
·opensource.googleblog.com·
Open sourcing our Rust crate audits
PyPI was subpoenaed - The Python Package Index
PyPI was subpoenaed - The Python Package Index
The PSF received three subpoenas from the US Department of Justice for PyPI user data in March and April of 2023.
·blog.pypi.org·
PyPI was subpoenaed - The Python Package Index
Report on platform-compliance for cargo directories
Report on platform-compliance for cargo directories
When you use the Rust programming language toolchain, usually through a cargo command, it needs a place to store a bunch of config files, caches, and the cargo binary itself. By default, that place will be your operating system’s user directory, which I’m going to refer to as $HOME or ~, where it will put a .cargo folder.
·poignardazur.github.io·
Report on platform-compliance for cargo directories
Trusted publishing: a new benchmark for packaging security
Trusted publishing: a new benchmark for packaging security
Read the official announcement on the PyPI blog as well! For the past year, we’ve worked with the Python Package Index to add a new, more secure authentication method called “trusted publishing.” T…
·blog.trailofbits.com·
Trusted publishing: a new benchmark for packaging security
Envisioning a Simplified Intel Architecture for the Future
Envisioning a Simplified Intel Architecture for the Future
PC computing rests heavily on Intel Architecture processors with an enormous installed base, and cloud computing is synonymous with Intel Architecture.
·intel.com·
Envisioning a Simplified Intel Architecture for the Future
Linux_6.3 - Linux Kernel Newbies
Linux_6.3 - Linux Kernel Newbies
Summary of the changes and new features merged in the Linux kernel during the 6.3 development cycle
·kernelnewbies.org·
Linux_6.3 - Linux Kernel Newbies
Sourceware becomes an SFC member project
Sourceware becomes an SFC member project
Sourceware.org, which has long played host to many important projects, has announced that it has become a member project of the Software Freedom Conservancy — a move that has been in the works for some time. Recent discussions have inspired the Sourceware volunteers to think carefully about the future and succession of the leadership for this important hosting project. By joining SFC, Sourceware gains access to strategic advice and governance expertise to recruit new volunteers and raise funds to support work on Sourceware infrastructure. See this article for more background on those recent discussions.
·lwn.net·
Sourceware becomes an SFC member project
jackdewinter/pymarkdown
jackdewinter/pymarkdown
Contribute to jackdewinter/pymarkdown development by creating an account on GitHub.
·github.com·
jackdewinter/pymarkdown
Bringing Memory Safety to sudo and su
Bringing Memory Safety to sudo and su
Our Prossimo project has historically focused on creating safer software on network boundaries. Today however, we're announcing work on another critical boundary - permissions. We're pleased to announce that we're reimplementing the ubiquitous sudo and su utilities in Rust. Sudo was first developed in the 1980s. Over the decades, it has become an essential tool for performing changes while minimizing risk to an operating system. But because it's written in C, sudo has experienced many vulnerabilities related to memory safety issues.
·memorysafety.org·
Bringing Memory Safety to sudo and su
Building the Micro Mirror Free Software CDN
Building the Micro Mirror Free Software CDN
As should surprise no one, based on my past projects of running my own autonomous system , building my own Internet Exchange Point , and bui...
·blog.thelifeofkenneth.com·
Building the Micro Mirror Free Software CDN
When “free forever” means “free for the next 4 months”
When “free forever” means “free for the next 4 months”
Last week, the open-core team chat platform Mattermost announced that “Mattermost Cloud Free will no longer be offered after July 26, 2023.” This likely came as an unpleasant surprise to users on that plan, as less than a month before, Mattermost’s pricing page featured the promise that the Cloud Free …
·blog.zulip.com·
When “free forever” means “free for the next 4 months”
Ruff: a fast Python linter [LWN.net]
Ruff: a fast Python linter [LWN.net]
Linters are tools that analyze a program's source code to detect various problems such as syntax errors, programming mistakes, style violations, and more. They are important for maintaining code quality and readability in a project, as well as for catching bugs early in the development cycle. Last year, a new Python linter appeared: Ruff. It's fast, written in Rust, and in less than a year it has been adopted by some high-profile projects, including FastAPI, Pandas, and SciPy.
·lwn.net·
Ruff: a fast Python linter [LWN.net]
New C features in GCC 13 | Red Hat Developer
New C features in GCC 13 | Red Hat Developer
The latest major version of the GNU Compiler Collection (GCC), 13.1, was released in April 2023. Like every major GCC release, this version will bring many
·developers.redhat.com·
New C features in GCC 13 | Red Hat Developer
Will A.I. Become the New McKinsey? | The New Yorker
Will A.I. Become the New McKinsey? | The New Yorker
The technology, as it’s currently imagined, promises to concentrate wealth and disempower workers. Is an alternative imaginable?
·newyorker.com·
Will A.I. Become the New McKinsey? | The New Yorker
Thunderbird Is Thriving: Our 2022 Financial Report
Thunderbird Is Thriving: Our 2022 Financial Report
Last year, our mighty donor base generously donated a record-breaking amount to the Thunderbird project! Here's our 2022 Financial Report.
·blog.thunderbird.net·
Thunderbird Is Thriving: Our 2022 Financial Report