What we learned from the Security Lab’s Community Office Hours
TheGitHub Security Lab provided office hours for open source projects looking to improve their security posture and reduce the risk of breach. Here’s what we learned and how you can also participate. ⌘ Read more
Prosodical Thoughts: Mutation Testing in Prosody
This is a post about a new automated testing technique we have recently
adopted to help us during our daily development work on Prosody. It’s probably
most interesting to developers, but anyone technically-inclined should be able
to follow along!
If you’re unfamiliar with our project, it’s an open-source real-time messaging
server, built around the XMPP protocol. It’s used by many organizations and
self-hosting hobbyists, and also powers applications such as [Snikke … ⌘ Read more
On the go with GitHub Projects on GitHub Mobile (public beta)
Stay connected and up to date on your work with GitHub Projects on GitHub Mobile, now in public beta. ⌘ Read more
Working on a creative project? Unleash your originality and start to tinker with the Aspiring Creatives Experience
Develop your design and collaboration skills to get your clever intentions off the ground. ⌘ Read more
Expand your open source contributions during Hacktoberfest 2022
Give back to open source projects during the month of October! This year, we’re encouraging more than code contributions: writing, design, advocacy, and financial donations. ⌘ Read more
The XMPP Standards Foundation: The XMPP Newsletter September 2022
Welcome to the XMPP Newsletter, great to have you here again! This issue covers the month of September 2022.
Like this newsletter, many projects and their efforts in the XMPP community are a result of people’s voluntary work. If you are happy with the services and software you may be using, especially throughout the current situation, please consider saying thanks or help these projects! Interested in supporting the Newsletter team? Read mor … ⌘ Read more
Tigase Blog: Tigase XMPP Libraries
Our software philosophyActually nothing new and nothing surprising here. We want to have as much of a reusable code as possible. And this
reusable code should have a simple but powerful API to be useful for quickly creating software.
That’s it.
And this is how we design and develop our XMPP libraries. Check them out.
Documentation to all our projects is available online and sample codes? Take a look at our XMPP Chat apps which are
open source too. ⌘ Read more
Why Does The Project Even Exist? ⌘ Read more
Tillitis Key 1
The secret project I’ve been mentioning in my gemlog is out!
This week we presented the Tillitis Key 1 at the Open Source Firmware\
Conference (OSFC). What we unveiled is a new kind of USB security
stick and a new company, a sister company to Mullvad VPN: Tillitis.
The stick is a small computer that can load and run small programs
uploded to it from a host computer. It always measures … ⌘ Read more
The ReadME Project: Built for you!
The ReadME Project & Podcast evolve with community expert voices and topics to stoke discussion about the culture and craft of software development. ⌘ Read more
You may start century time horizon projects
5 tips for prioritizing Dependabot alerts
Dependabot alerts can give you the ability to secure your project by keeping dependency-based vulnerabilities out of your code. Here are some tips to more efficiently prioritize and take action on your alerts, so you can get back to building. ⌘ Read more
Linux, Alternative OS, & Retro Computing News - Sep 17, 2022
KDE on your TV, Godot Engine news, & SerenityOS browser officially becomes own project ⌘ Read more
Maxime Buquet: Versioning
I finally took time to setup a forge and some old drafts turned up. I am
publishing one of them today as is even though it’s 4 years old
(2018-08-07T13:27:43+01:00). I’m not as grumpy as I was at the time but I
still think this applies.
Today I am grumpy at people’s expectation of a free software project, about
versioning and releases. I am mostly concerned about applications rather than
libraries in this article but I am sure some of this would apply to libraries
as well.
Today we were discussing ab … ⌘ Read more
Arnaud Joset: Updates: chatty server and HTTPAuthentificationOverXMPP
It’s been a long time since I updated this blog. It will be a short update post about two projects.
The first is chatty_server, a small XMPP bot I use to interact with my server. It allows me to get information about the CPU load, traffic, weather etc.
It also has a small feature to get reminder messages. There was a bug that allowed anyone to spam reminders. Anybody can add the bot to their rooster and could create random reminders t … ⌘ Read more
Monal IM: Monal IM – project moved
We recently started to migrate the App from Anu Pokharel‘s Apple account to Thilo Molitor‘s Apple account.
Aspart of this transition we also deployed some new push servers to not let an old retired developer pay for the infrastructure needed for Monal.
Coming along with this transition from the old developer team to the new one is our new clean website at https://monal-im.org/. From now on, this blog will not be used for Monal anymore.
**Many t … ⌘ Read more
SCA vs SAST: what are they and which one is right for you?
We’re taking a look at two commonly-used security tools and detailing how they can help secure your projects. ⌘ Read more
Dino: Stateless File Sharing: Async, Metadata with Thumbnails and some UI
AsyncAsynchronous programming is a neat tool, until you work with a foreign project in a foreign language using it.
As a messenger, Dino uses lots of asynchronous code, not always though.
Usually my progress wasn’t interfered by such instances, but sometimes I had to work around it.
Async in Vala
No surprises here.
Functions are annotated with async, and yield expressions that are asyn … ⌘ Read more
@akoizumi@social.kyoko-project.wer.ee What I don’t like is that openbsd is secure and then that means some things are different from like debian. Sometimes the security maens some change or whatever has to be done when on debian nothing additional has to be done.
@akoizumi@social.kyoko-project.wer.ee I don’t really like the way openbsd does things and use Debian on all my servers. But on the desktop side I like it but don’t use it
The XMPP Standards Foundation: The XMPP Newsletter August 2022
Welcome to the XMPP Newsletter, great to have you here again! This issue covers the month of August 2022.
Like this newsletter, many projects and their efforts in the XMPP community are a result of people’s voluntary work. If you are happy with the services and software you may be using, especially throughout the current situation, please consider saying thanks or help these projects! Interested in supporting the Newsletter team? Read more at the … ⌘ Read more
Join us for OctogatosConf 2022
Live on September 15, 2022, with talks by industry experts in Spanish, Portuguese, and English, on topics including software development, security, technical project management, community, open source, professional development and best practices. ⌘ Read more
A script for Go dependency updates
I regularly update the dependencies of my blog software, a Go based project. Dependency updates are important because they can contain security fixes or fixes for bugs. ⌘ Read more
Kaidan: Encrypted Audio and Video Calls
Kaidan will receive a grant by NLnet for adding encrypted audio and video calls.
The calls will be end-to-end encrypted and authenticated via OMEMO.
Furthermore, Kaidan will support small group calls.
We strive for interoperability between Kaidan and other XMPP apps supporting calls.
In order to achie … ⌘ Read more
Release Radar · August 2022 Edition
We’ve been gearing up to launch GitHub Universe 2022 and our community has been launching cool projects left right and center. These projects include everything from world-changing technology to developer tooling, and weekend hobbies. Here are some of the open source projects that released major version updates this August. Read more about these projects in […] ⌘ Read more
Paul Schaub: Creating a Web-of-Trust Implementation: Accessing Certificate Stores
Currently, I am working on a Web-of-Trust implementation for the OpenPGP library PGPainless. This work is being funded by the awesome NLnet foundation through NGI Assure. Check them out! NGI Assure is made possible with financial support from the European Commission’s Next Generation Internet programme.
[ I’ve noticed that I have trouble focusing on programming tasks; I’m able to do what I need to do for work and family but, when it comes time for hobby projects I’m just gloop. Totally oozy.
Because of that I’ve been drawn to do more reading and game playing, but also still wanna code…I’ve found that it is easier to use more“batteries included” kinda languages, namely scheme, over what I’d … ⌘ Read more
Dino: Stateless File Sharing: Sources and Compatibility
This is my next progress post about my Google Summer of Code project of implementing Stateless File Sharing (sfs)
Like everything else we receive, we need to store the sfs sources in a database.
In this case, we are in a unique position:
Not only are there different kinds of sources, but even http sources on their own are not trivial.
For now, we only … ⌘ Read more
The XMPP Standards Foundation: Mid Term Evaluation Updates
It’s been a month since I wrote my last blog. For those of you who have been following my blogs, thanks a lot for taking the time to read them. In this blog, I will give the updates post mid-term evaluation and the challenges that I have been facing and how I overcame some of them.
For those of you who don’t know much about GSoC, a mid-term evaluat … ⌘ Read more
Release Radar · July 2022 Edition
While some of us have been wrapping up the financial year, and enjoying vacation time, others have been hard at work shipping open source projects and releases. These projects include everything from world-changing technology to developer tooling, and weekend hobbies. Here are some of the open source projects that released major version updates this July. […] ⌘ Read more
Hi, I am playing with making an event sourcing database. Its super alpha but I thought I would share since others are talking about databases and such.
It’s super basic. Using tidwall/wal as the disk backing. The first use case I am playing with is an implementation of msgbus. I can post events to it and read them back in reverse order.
I plan to expand it to handle other event sourcing type things like aggregates and projections.
Find it here: sour-is/ev
@prologic@twtxt.net @movq@www.uninformativ.de @lyse@lyse.isobeef.org
Ignite Realtime Blog: REST API Openfire plugin 1.9.0 released!
We have released version 1.9.0 of the Openfire REST API plugin! This version adds functionality and provides some bug fixes that relates to multi-user chat rooms.
The updated plugin should become available for download in your Openfire admin console in the course of the next few hours. Alternatively, you can download the plugin directly, from [the plugin’s archive page](https://www.igniterealtime.org/projects/openfire/pl … ⌘ Read more
The XMPP Standards Foundation: The XMPP Newsletter July 2022
Welcome to the XMPP Newsletter, great to have you here again! This issue covers the month of July 2022.
Like this newsletter, many projects and their efforts in the XMPP community are a result of people’s voluntary work. If you are happy with the services and software you may be using, especially throughout the current situation, please consider saying thanks or help these projects! Interested in supporting the Newsletter team? Read more at the bottom … ⌘ Read more
https://dthompson.us/projects/chickadee.html game guile
@movq@www.uninformativ.de From my limited experiences in two companies I can anedoctic tell you, that what we developers told our support work mates after analyzing things and what they replied back to the enquirers was not always the same. That also happend when we gave them answers in written form. Always super nice support folks, no a single doubt, but their basic technical knowledge was pretty much non-existent. And plenty of them didn’t even really know the softwares they’re supposed to support. Granted, those were not easy programs, one was indeed super complex. But if they use them on a daily basis for years one would expect that they know them quite well. At least the main features and workflows. We also often had to tell them basic stuff several times, which was quite a bit frustrating for both sides.
But, I was super glad, that we had them in the front row. You wouldn’t believe what crap queries they had to deal with and what utter bullshit they kept off our shoulders. Sometimes people wrote really offensive e-mails for no reason. Holy moly. I wouldn’t want to trade with them, not in a hundred years. Lots of my developer work mates, however, didn’t value our first level support at all. I mean, I totally understand, that after telling the same things over and over and over and over again it pisses you off, but treating them in a way they feel like shit, doesn’t help either. It only makes things worse. I had the impression that there was a slight war between development and support.
One thing that was totally stupid, is that the POs didn’t listen to improvements and suggestions on how to make things easier for the support team and also all our users. I mean, support has to deal with this software all day long and also get the same questions about workflows and stuff that’s too complicated or unintuitive. So a lot of things were really low hanging fruit to improve everybody’s live. But when they suggested anything, the POs always declined it, nah, it’s the support’s job. Period. A few times I teamed up with the support work mates and told the POs the same, the support team was suggesting and then it was accepted without hesitation. So that clearly shows there really was a two-tier society.
In my current project we don’t have a support team, so we need to handle all the support queries ourselves. In that regard I miss the old project. But luckily, it’s basically just other developers who are needing our help, so that’s fairly okay.
Marketing for maintainers: Promote your project to users and contributors
Marketing your open source project can be intimidating, but three experts share their insider tips and tricks for how to get your hard work on the right people’s radars. ⌘ Read more
Release Radar · June 2022 Edition
It’s been a crazy couple of months with the end of financial year and lots of products shipping. Our community has been hard at work shipping projects too. These projects can include everything from world-changing technology to developer tooling, and weekend hobbies. Here are some of these open source projects that released major updates this […] ⌘ Read more
Planning next to your code – GitHub Projects is now generally available
Today, we are announcing the general availability of the new and improved Projects powered by GitHub Issues. GitHub Projects connects your planning directly to the work your teams are doing in GitHub and flexibly adapts to whatever your team needs at any point. ⌘ Read more
@prologic@twtxt.net Damn, I was 100% sure to have set visibility to public, but I’m also prompted to log in. O_o Turns out, the project move must have ruined this setting somehow. Should now work.
@eaplmx@twtxt.net That reminds me, I should start doing some exercises, too. Years ago, I wrote a web application to track those and two other mates used it as well. This way we motivated us to do our daily pushups and situps. I even extended it to upload GPX trajectories from our bike rides and hikes to show the route on an OSM map. Finally, you could enter your weights and get a nice graph with all the ups and downs. I should revibe this project. And maybe even rewrite it.
Tips & tricks for using GitHub projects for personal productivity
GitHub Issues is a core component of how developers get things done and, as we built more project planning capabilities into GitHub, we’ve found some fun and unique ways to use the new projects experience for personal productivity. ⌘ Read more
Paul Schaub: Creating a Web-of-Trust Implementation: Certify Keys with PGPainless
Currently I am working on a Web-of-Trust implementation for the OpenPGP library PGPainless. This work will be funded by the awesome NLnet foundation through NGI Assure. Check them out! NGI Assure is made possible with financial support from the European Commission’s Next Generation Internet programme.
[![](https://nlnet.nl … ⌘ Read more