Hírolvasó

The Python Package Index (PyPI) has announced that it is now checking for expired domains to try to prevent domain-resurrection attacks. In this type of attack, a malicious user buys an expired domain and uses it to take over an account by resetting the password associated with the email used with PyPI. Since June, PyPI has unverified more than 1,800 email addresses after their associated domains entered expiration phases.

After an initial bulk check period that took place in April 2025, PyPI will check daily for any domains in use for status changes, and update its internal database with the most recent status.

If a domain registration enters the redemption period, that's an indicator to PyPI that the previously verified email destinations may not be trusted, and will un-verify a previously-verified email address. PyPI will not issue a password reset request to addresses that have become unverified.

PyPI recommends that users add a second verified email address "from another notable domain (e.g. Gmail)" to their account, if they do not have one already.

Version 142.0 of the firefox browser has been released. Changes include a new link preview feature (with optional "AI-generated key points"), and a "flexible exception list" for the strict tracking protection feature that allows relaxing specific protections on sites that otherwise will not work properly.

Statically typed programming languages can help catch mismatches between the kinds of values a program is intended to manipulate, and the values it actually manipulates. While there have been many bytes spent on discussions of whether this is worth the effort, some programming language designers believe that the type checking in current languages does not go far enough. Koka, an experimental functional programming language, extends its type system with an effect system that tracks the side-effects a program will have in the course of producing a value.

Security updates have been issued by AlmaLinux (golang, openjpeg2, toolbox, and xterm), Debian (libxslt, mbedtls, openjdk-17, and webkit2gtk), Fedora (apptainer, mingw-gstreamer1, mingw-gstreamer1-plugins-bad-free, mingw-gstreamer1-plugins-base, mingw-gstreamer1-plugins-good, rust-h2, and uv), Oracle (golang, kernel, and openjpeg2), Red Hat (kernel and xterm), SUSE (389-ds, cairo, container-suseconnect, kernel, lua51-luajit, postgresql13, and trivy), and Ubuntu (linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime and openldap).

A férfi karrierjének nem meglepő mód annyi.

Natívan ágyazódik be a COPILOT a népszerű táblázatkezelőbe.

Indiában olcsóbban használhatják netezők a legújabb GPT-5 modellt.

Az Egyesült Királyság visszavonja a rendeletet, amivel az Apple-felhasználóik adataihoz követeltek volna hozzáférést maguknak a nyomozók.

The JetBrains blog presents the results of the eighth annual Python Developers Survey, carried out in partnership with the Python Software Foundation.

This year, 51% of all surveyed Python developers are involved in data exploration and processing, with pandas and NumPy being the tools most commonly used for this.

Many of us in the Python pundit space have talked about Python as being divided into thirds: One-third web development, one-third data science and pure science, and one-third as a catch-all bin.

We need to rethink that positioning now that one of those thirds is overwhelmingly the most significant portion of Python.

The Git distributed version-control system has released version 2.51, with "506 non-merge commits since v2.50.1, contributed by 91 people, 21 of which are new faces". It brings multiple new features, some of which are highlighted in a post on the GitHub blog. It includes some performance improvements for multi-pack indexes (MIDXs), a way to import and export stash entries so they can be migrated more easily, and smaller pack files: Git 2.51 takes the spirit of that change and goes a step further by introducing a new way to collect objects when repacking, called "path walk". Instead of walking objects in revision order with Git emitting objects with their corresponding path names along the way, the path walk approach emits all objects from a given path at the same time. This approach avoids the name-hash heuristic altogether and can look for deltas within groups of objects that are known to be at the same path.

As a result, Git can generate packs using the path walk approach that are often significantly smaller than even those generated with the new name hash function described above. Its timings are competitive even with generating packs using the existing revision order traversal.

Rebooting a computer ordinarily brings an abrupt end to any state built up by the old system; the new kernel starts from scratch. There are, however, people who would like to be able to reboot their systems without disrupting the workloads running therein. Various developers are currently partway through the project of adding this capability, in the form of "kexec handover" and the "live update orchestrator", to the kernel.

Security updates have been issued by AlmaLinux (go-toolset:rhel8, kernel, and kernel-rt), Fedora (chromium), Oracle (libxml2), Red Hat (go-toolset:rhel8, golang, kernel, kernel-rt, openjpeg2, rsync, and tigervnc), and SUSE (apache-commons-lang3, chromedriver, fractal, framework_tool, go1.23-openssl, go1.24-openssl, grub2, gstreamer-devtools, gstreamer-plugins-rs, jasper, libavif, lighttpd, nginx, podman, postgresql13, postgresql14, postgresql15, postgresql16, python311-pypdf, ruby2.5, rust-keylime, tiff, tomcat, tomcat10, and tomcat11).

Fel kell kötni a gatyát konkurens fogyasztói chatbotoknak.

OpenSSH will now adapt IP QoS to actual sessions and traffic. In a fresh commit, Damien Miller (djm@) introduced a significant change, which enables ssh and sshd to set the IP QoS based on what connections and sessions are active.

The commit message says, List: openbsd-cvs Subject: CVS: cvs.openbsd.org: src From: Damien Miller <djm () cvs ! openbsd ! org> Date: 2025-08-18 3:43:01 CVSROOT: /cvs Module name: src Changes by: djm@cvs.openbsd.org 2025/08/17 21:43:01 Modified files: usr.bin/ssh : sshd-session.c sshd-auth.c ssh.c session.c serverloop.c packet.h packet.c mux.c misc.c clientloop.c channels.h channels.c Log message: Make ssh(1) and sshd(8) set IP QoS (aka IP_TOS, IPV6_TCLASS) continually at runtime based on what sessions/channels are open.

Read more…

Az AI-asszisztenssel ellátott Vive Eagle-t főleg utazásokhoz ajánlja a gyártó.

Mérnöki támogatás nélkül maradtak egyes Linux kernel illesztőprogramokért felelős projektek.

Muszáj lesz már valamit villantania az iPhone-gyártónak.

Version 0.117 of Game of Trees has been released (and the port updated):

• regress: replace "sed -i" with ed(1) for portable in-place editing
• ensure that error messages from gotsysd libexec helpers get logged
• fix gotsysd using wrong auth and hmac labels in the generated gotd.conf
• preserve bad symlinks across merges during rebase and histedit
• improve binary files detection: detect any control characters, not just NUL
• gotwebd: fix race condition resulting in trucated html with trailing garbage
• make commit coloring faster and more accurate, producing smaller pack files
• improve selection of pack files for pinning in the open pack file cache
• regress: don't load global/home git configuration files while running tests
• make 'got clone' set a got.conf default branch for fetching only, not sending

The second 6.17 kernel prepatch is out for testing. "So it's been a very calm week, and this is one of the smaller rc2 releases we've had lately. I'm definitely not complaining, since I've been jetlagged much of the week, but I have this suspicion that it just means that next week will see more noise."

In a recent entry on his blog, OpenBSD developer Ted Unangst (tedu@) asks, is OpenBSD 10x faster than Linux?. He explains,

Here’s a little benchmark complements of Jann Horn. It’s unexpectedly slow on Linux. OpenBSD is so fast, I had to modify the program slightly to measure itself, as the time utility is missing sufficient precision to even record nonzero. Go on, read the rest over at Ted's blog for some fun tidbits on performance and benchmarks.