Introducing a Richer ”docker model run” Experience
The command line is where developers live and breathe. A powerful and intuitive CLI can make the difference between a frustrating task and a joyful one. That’s why we’re excited to announce a major upgrade to the interactive chat experience in Docker Model Runner, our tool for running AI workloads locally. We’ve rolled out a… ⌘ Read more
Docker Model Runner Meets Open WebUI: A Simpler Way to Run Local AI Models
Hi, I’m Sergei Shitikov - a Docker Captain and Lead Software Engineer living in Berlin. I’m focused on DevOps, developer experience, open source, and local AI tools. I created this extension to make it easier for anyone - even without a technical background - to get started with local LLMs using Docker Model Runner and… ⌘ Read more
Trump Could Soon Make America’s Refugee Program a Tool for White Nationalism
Noal Lanard, Reporter - Mother Jones
_Stephan: Yet another story about the growing White supremacy racism of dictator Trump, who has always been a racist, his administration, and the Republican Party. Soon, we are going to see whether the fascist majority of the Supreme Court eliminates the Voting Rights Act. The United States has rejected 160 years of its history since … ⌘ Read more
Windows 11, now with even more “AI” where you don’t want it
Microsoft has posted a blog post about detailing its latest round of additions to Windows 11, and as will surely not surprise you, it’s “AI”, all the time, whether you like it or not. I’m not even going to detail most of these “features”, as I’m sure most of them will just become yet another series of checkboxes on whatever debloating tool you prefer. Still, there’s one recurring theme running throughout Microsoft’s … ⌘ Read more
How to add MCP Servers to OpenAI’s Codex with Docker MCP Toolkit
AI assistants are changing how we write code, but their true power is unleashed when they can interact with specialized, high-precision tools. OpenAI’s Codex is a formidable coding partner, but what happens when you connect it directly to your running infrastructure? Enter the Docker MCP Toolkit. The Model Context Protocol (MCP) Toolkit acts as a… ⌘ Read more
Accelerate developer productivity with these 9 open source AI and MCP projects
GitHub Copilot and VS Code teams, along with the Microsoft Open Source Program Office (OSPO), sponsored these nine open source MCP projects that provide new frameworks, tools, and assistants to unlock AI-native workflows, agentic tooling, and innovation.
The post [Accelerate developer productivity with these 9 open source AI and MCP projects](https://github.blog/open-source/acce … ⌘ Read more
Lexical differential highlighting instead of syntax highlighting
Recently there is a lot of discussion around syntax highlighting ( 1, 2, 3), which reminds me of this old post I read a while ago.
💻 Issue 491 - Simpler Build Tools with Functional and Object Oriented Programming, Scala Workshop 2025 ⌘ Read more
The Ultimate Guide to 403 Forbidden Bypass (2025 Edition)
Master the art of 403 bypass with hands-on examples, tools and tips..
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-ultimate-guide-to-403-forbidden-byp … ⌘ Read more
Colored Highlighter - A terminal tool to highlight specific words in your command output with colors
I needed to take a look at some live logs and quickly analyze some old ones, but I couldn’t find anything effective to highlight terms, except for esoteric sed and awk commands.
So I built ch - Colored Highlighter - a simple terminal tool to highlight specific words in your command output with colors. Perfect for tailing logs, debugging, and making command output more readable.
Try it out, all feedback is welcome!
23. Tools vs. Mindset: What Matters More in 2025
Why the Right Mindset Will Outperform the Most Advanced Tools
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/23-tools-vs-mindset-what-matters-more-in-2025-1be217350787?source=rss—-7b7 … ⌘ Read more
Copilot: Faster, smarter, and built for how you work now
Discover how GitHub Copilot has evolved from a high-powered autocomplete tool to a powerful, multi-model agentic assistant.
The post Copilot: Faster, smarter, and built for how you work now appeared first on The GitHub Blog. ⌘ Read more
The tools for overcoming the top 10 DevOps challenges
DevOps is a way of working that reduces waste. It uses smart tools and practices to build, test, and ship software faster. It makes teams quicker, systems stronger and problems smaller when done right. It’s not… ⌘ Read more
** How to Use AI to Learn Bug Hunting & Cybersecurity Like a Pro (in 2025)**
Hey there 👋,
I’m Vipul, the mind behind The Hacker’s Log — where I break down the hacker’s mindset, tools, and secrets 🧠💻
[Continue reading … ⌘ Read more
How to Add MCP Servers to Claude Code with Docker MCP Toolkit
AI coding assistants have evolved from simple autocomplete tools into full development partners. Yet even the best of them, like Claude Code, can’t act directly on your environment. Claude Code can suggest a database query, but can’t run it. It can draft a GitHub issue, but can’t create it. It can write a Slack message,… ⌘ Read more
Unlocking Local AI on Any GPU: Docker Model Runner Now with Vulkan Support
Running large language models (LLMs) on your local machine is one of the most exciting frontiers in AI development. At Docker, our goal is to make this process as simple and accessible as possible. That’s why we built Docker Model Runner, a tool to help you download and run LLMs with a single command. Until… ⌘ Read more
Qualcomm gobbles up Arduino
It was good while it lasted, I guess. Arduino will retain its independent brand, tools, and mission, while continuing to support a wide range of microcontrollers and microprocessors from multiple semiconductor providers as it enters this next chapter within the Qualcomm family. Following this acquisition, the 33M+ active users in the Arduino community will gain access to Qualcomm Technologies’ powerful technology stack and global reach. Entrepreneurs, businesses, tech profess … ⌘ Read more
↳
In-reply-to
»
Today, I experimented with Linux Capabilities as a continuation to my Unix Domain Sockets research from a few months ago: https://lyse.isobeef.org/caller-information-via-unix-domain-sockets/#capabilities
⤋ Read More
@lyse@lyse.isobeef.org Cool! 😎 You might be interested in my own learnings and toying around with building my own container engine / tooling (whatever you wanna call it) box. I had to learn a bunch of this stuff too 😅 Control Groups, Namespaces, Process Isolation, etc.
My open letter, to the European Commission digital markets act team:
Hello,
I am joining other developers, concerned about Googles new plan, to approve every app and effectively destroy most of the competing 3rd party stores this way. The biggest one of these alternative stores, most known for their focus on user and developer privacy, already states, this would make it impossible for them to operate: https://f-droid.org/cs/2025/09/29/google-developer-registration-decree.html
Even communities like the XDA forum, where new developers are often introduced to the world of Android development, would likely be strongly impacted, as making, publishing and installing Android apps is made less accessible.
I am not just writing on their behalf, I run a small website myself (https://thecanine.ueuo.com/), that both provides legal modifications, for some android apps - for example adding an amoled dark theme, to the most popular XMPP chat client for Android, or increasing one of Androids keyboard apps height. This all comes after Googles previous changes to the Android operating system, that prevent users from installing old apps (old to Google, can mean only a couple of months, without an update - https://developer.android.com/google/play/requirements/target-sdk and the target version gets increased every year). I rely on apps developed by a single developer, even for things like making the pixel art presented on my website and sideloading as a way to make these apps work, before developers can catch up to Google’s new requirements - if Google is allowed to slowly kill these options, us digital artists will soon lose the tools we need to create digital art.
Create a MacOS Tahoe VM with tart
The Mac command line tool tart continues to offer one of the simplest and fastest ways to setup a new virtual machine, and setting up a Tahoe VM is no exception. Whether you’re a developer, tinkerer, tester, or just someone who wants to give the latest MacOS Tahoe 26 operating system a trial run without … Read More ⌘ Read more
2 Ways to Install Homebrew in MacOS Tahoe
Homebrew is a powerful command line package manager that allows you to easily install, update, and manage popular command line programs and tools, as well as traditional graphical apps with cask (and third party tools like Applite help you manage cask through the GUI too). It’s a popular tool with advanced Mac users and those … Read More ⌘ Read more
Computational tool helps forecast volcano slope collapses and tsunamis
For people living near volcanoes, danger goes well beyond lava flows and clouds of ash. Some explosive eruptions can lead to dramatic collapses of the sides of a volcano, like those at Mount St. Helens, Washington, and Anak Krakatau, Indonesia. The latter triggered tsunamis blamed for most deaths from its historic eruptions in 1883. ⌘ Read more
Potential issues in curl found using AI assisted tools
https://joshua.hu/llm-engineer-review-sast-security-ai-tools…
https://joshua.hu/files/AI_SAST_PRESENTATION.pdf
Comments URL: https://news.ycombinator.com/item?id=45449348
Points: 527
# Comments: 169 ⌘ Read more
Expanding Docker Hardened Images: Secure Helm Charts for Deployments
Development teams are under growing pressure to secure their software supply chains. Teams need trusted images, streamlined deployments, and compliance-ready tooling from partners they can rely on long term. Our customers have made it clear that they’re not just looking for one-off vendors. They’re looking for true security partners across development and deployment. That’s why… ⌘ Read more
100% All Achievements
⌘ Read more
100% All Achievements
⌘ Read more
DietPi September 2025 Update Brings Faster Backups and Roon Server Early Access
The September 20th release of DietPi v9.17 introduces smaller and more efficient system images, faster backups with reduced disk usage, and a new toggle for Roon Server’s early access builds. The update also addresses SPI bootloader flashing issues on Rockchip devices, improves Raspberry Pi sound card handling, and includes multiple bug fixes across tools and […] ⌘ Read more
↳
In-reply-to
»
For a very first attempt, I'm extremely happy how this tray turned out: https://lyse.isobeef.org/tmp/blechschachtel/ The photos look rougher than in person. The 0.5mm aluminium sheet was 300x200mm to begin with. Now, the accidental outside dimensions are 210x110mm. It took me about an hour to make. Tomorrow, I gotta build a simple folder, so I don't have to hammer it anymore, but can simply bend it a little at a time.
⤋ Read More
@bender@twtxt.net @movq@www.uninformativ.de Thank you! Not sure what I end up putting in there, but I’m sure I will find some tools to go in. :-)
Yes, this was a flat piece of sheet metal. It went together like a cardboard box, just much slower and with timbers clamped down to get a straight folding line. I don’t have a sheet metal brake, so I just carefully hammered the piece bit by bit. Like in this video by the Sheet Metal Dude: https://www.youtube.com/watch?v=WYgEfWEMXk0
ESP32 Bus Pirate Turns Low-Cost Boards into Multi-Protocol Debugging Tools
An open-source project called ESP32 Bus Pirate has been released, inspired by the classic Bus Pirate and adapted for modern ESP32-S3 hardware. Developed by Geo-tp, the firmware transforms low-cost ESP32 boards into versatile debugging devices that can probe, sniff, and interact with a wide range of digital and radio protocols. The firmware supports protocols such […] ⌘ Read more
yt-dlp will soon require a full JS runtime to overcome YouTube’s JS challenges
If you download YouTube videos, there’s a real chance you’re using yt-dlp, the long-running and widely-used command-line program for downloading YouTube videos. Even if you’re not using it directly, many other tools for downloading YouTube videos are built on top of yt-dlp, and even some media players which offer YouTube playback use it in the background. Now, yt-dlp has alway … ⌘ Read more
Run, Test, and Evaluate Models and MCP Locally with Docker + Promptfoo
Promptfoo is an open-source CLI and library for evaluating LLM apps. Docker Model Runner makes it easy to manage, run, and deploy AI models using Docker. The Docker MCP Toolkit is a local gateway that lets you set up, manage, and run containerized MCP servers and connect them to AI agents. Together, these tools let… ⌘ Read more
Legacy Update 1.12 released
If you’re still running old versions of Windows from Windows 2000 and up, either for restrocomputing purposes or because you need to keep an old piece of software running, you’ve most likely heard of Legacy Update. This tool allows you to keep Windows Update running on Windows versions no longer supported by the service, and has basically become a must-have for anyone still playing around with older Windows versions. The project released a fairly major update today. Legacy Up … ⌘ Read more
MCP Horror Stories: The Drive-By Localhost Breach
This is Part 4 of our MCP Horror Stories series, where we examine real-world security incidents that expose the devastating vulnerabilities in AI infrastructure and demonstrate how Docker MCP Gateway provides enterprise-grade protection against sophisticated attack vectors. The Model Context Protocol (MCP) has transformed how developers integrate AI agents with their development environments. Tools like… ⌘ Read more
Here is just a small list of things™ that I’m aware will break, some quite badly, others in minor ways:
- Link rot & migrations: domain changes, path reshuffles, CDN/mirror use, or moving from txt → jsonfeed will orphan replies unless every reader implements perfect 301/410 history, which they won’t.
- Duplication & forks: mirrors/relays produce multiple valid locations for the same post; readers see several “parents” and split the thread.
- Verification & spam-resistance: content addressing lets you dedupe and verify you’re pointing at exactly the post you meant (hash matches bytes). Location anchors can be replayed or spoofed more easily unless you add signing and canonicalization.
- Offline/cached reading: without the original URL being reachable, readers can’t resolve anchors; with hashes they can match against local caches/archives.
- Ecosystem churn: all existing clients, archives, and tools that assume content-derived IDs need migrations, mapping layers, and fallback logic. Expect long-lived threads to fracture across implementations.
Silent Component Updates & Redesigned Update Experience
Following on from our previous initiative to improve how Docker Desktop delivers updates, we are excited to announce another major improvement to how Docker Desktop keeps your development tools up to date. Starting with Docker Desktop 4.46, we’re introducing automatic component updates and a completely redesigned update experience that puts your productivity first. Why We’re… ⌘ Read more
↳
In-reply-to
»
added opengraph to my blog :D https://bubblegum.girlonthemoon.xyz/articles/underground-soundcloud-remixes
⤋ Read More
@kat@yarn.girlonthemoon.xyz it is not showing for me, on a validator. Missing something?
Winemaker shares devastation after lithium battery fire guts warehouse
A long-time winemaker says he opened his door to explosions and a black ball of smoke as a fire caused by a cordless screwdriver destroyed a lifetime collection of tools and machinery. ⌘ Read more
Erlang Solutions: Supporting the BEAM Community with Free CI/CD Security Audits
At Erlang Solutions, our support for the BEAM community is long-standing and built into everything we do. From contributing to open-source tools and sponsoring events to improving security and shaping ecosystem standards, we’re proud to play an active role in helping the BEAM ecosystem grow and thrive.
One way we’re putting that support into action is by offering free CI/CD-based security … ⌘ Read more
↳
In-reply-to
»
i am having fun with dmenu
⤋ Read More
@kat@yarn.girlonthemoon.xyz dmenu is such a great tool. So simple, yet so versatile.
↳
In-reply-to
»
Been spending a lot of time researching campers as I want to / plan to upgrade our current Camper Trailoer (forward fold) Stoney Creek XL-FF6 to a slightly larger Hybrid Camper/Caravan with ensuite, internal kitchenette, external full hitchen, pop-top roof and twin bunks.
⤋ Read More
@prologic@twtxt.net @bender@twtxt.net That’s what I thought as well, sounds way too expensive to me. But I have no idea what the prices are over here. Probably also astronomical. Campers sit around most of the time, one really would need to use them a lot to justify spending so much money on them.
But yeah, each to their own (expensive) hobbies. :-) I, for example, burn my money on tools that I don’t really™ need. :-P
↳
In-reply-to
»
The lack of suckless-like simple, hackable software these days is appalling.
⤋ Read More
@prologic@twtxt.net Ah, I’m referring to software that’s similar to that of suckless.org: Small, minimal codebases, small tools, but still useful. dmenu is probably the best example and also farbfeld.
Here’s the author of Anubis talking about some of their experiences:
https://xeiaso.net/blog/why-i-use-suckless-tools-2020-06-05/
(You can skip the long config and keybinds part.)
↳
In-reply-to
»
A good blog post that makes some good points: Can I ethically use LLMs?
⤋ Read More
@eldersnake@we.loveprivacy.club This was an interesting read for sure! 👍 I don’t think it had anything I hadn’t already considered in terms of the ethical/moral points of view. I’m not sure where I stand myself either to be honest. I’ve forced myself to get familiar with the ecosystem and tooling, because in my line of work as a tech lead (staff engineer in sre) you don’t want to be that one guy that ya know 😉 Ethically/Morally though, I’m definitely with the sentiment of this post 😅 Much like the whole Crypto hype yaers back (if y’all remember?!) this is also one of the most energy hungry pieces of “tech” (if you can call it that?) in a while. Then there’s these other issues “stealing people’s work”, “reliance is causing humans to become cognitively weak and neural connections to shrink”, to name a few…
↳
In-reply-to
»
This aggressive auto-logout on my bank’s website …
⤋ Read More
@lyse@lyse.isobeef.org I have to say, this sounds much worse than our stuff at work. (We don’t use any Microsoft services, at least not for core tools.)
It annoys me when I clone a git repository A in order to build and self-host some software, only to realize later that I also needed to clone repos B, C and D. I’m not saying that’s a bad thing–logical separation of code between, say, a client and a server is very handy–but some projects do not communicate very well when you need multiple tools to get it running independently.
↳
In-reply-to
»
@prologic I am finding writing my Notes very therapeutic. Just create a markdown file and commit, push, and it’s live. Whatever comes to mind, whatever I want to keep as relevant. Silly things, more like a dump.
⤋ Read More
@bender@twtxt.net Maybe one day I’ll take back over my prologic.blog domain from µBlog and redoit with my handy zs tool with some nice CSS 🤣