Podcasts about docker

Python in 2025 is different. Threads really are about to run in parallel, installs finish before your coffee cools, and containers are the default. In this episode, we count down 38 things to learn this year: free-threaded CPython, uv for packaging, Docker and Compose, Kubernetes with Tilt, DuckDB and Arrow, PyScript at the edge, plus MCP for sane AI workflows. Expect practical wins and migration paths. No buzzword bingo, just what pays off in real apps. Join me along with Peter Wang and Calvin Hendrix-Parker for a fun, fast-moving conversation. Episode sponsors Seer: AI Debugging, Code TALKPYTHON Agntcy Talk Python Courses Links from the show Calvin Hendryx-Parker: github.com/calvinhp Peter on BSky: @wang.social Free-Threaded Wheels: hugovk.github.io Tilt: tilt.dev The Five Demons of Python Packaging That Fuel Our ...: youtube.com Talos Linux: talos.dev Docker: Accelerated Container Application Development: docker.com Scaf - Six Feet Up: sixfeetup.com BeeWare: beeware.org PyScript: pyscript.net Cursor: The best way to code with AI: cursor.com Cline - AI Coding, Open Source and Uncompromised: cline.bot Watch this episode on YouTube: youtube.com Episode #524 deep-dive: talkpython.fm/524 Episode transcripts: talkpython.fm Theme Song: Developer Rap

Nassim Eddequiouaq is co-founder and CEO of Bastion, a pioneer in regulated stablecoin infrastructure and NYDFS-certified provider. Bastion is the stablecoin issuance platform for financial institutions and enterprises. Prior to founding Bastion, Nass was the Chief Information Security Officer at a16z Crypto, and held senior management roles across Security and Infrastructure at Facebook, Anchorage, Docker, and Apple. He received a M.S. in Computer Science from Ecole d'Ingénieurs en Informatique. In this conversation, we discuss:- What happened on the 10/10 crypto crash? - Winners and losers after the crypto crash  - Bridging traditional finance and digital assets through enterprise-ready solutions  - The diverse use cases of stablecoins  - Why stablecoins (especially USD-pegged) are poised for mass enterprise adoption  - The growing interest in branded stablecoins  - Bastion's NYDFS trust charter  - GENIUS Act and STABLE Act  - Why regulatory clarity is critical  - Privacy for stablecoin users  BastionX: @BastionPlatformWebsite: bastion.comLinkedIn: BastionNassim EddequiouaqX: @nassyweazyLinkedIn: Nassim Eddequiouaq---------------------------------------------------------------------------------This episode is brought to you by PrimeXBT.PrimeXBT offers a robust trading system for both beginners and professional traders that demand highly reliable market data and performance. Traders of all experience levels can easily design and customize layouts and widgets to best fit their trading style. PrimeXBT is always offering innovative products and professional trading conditions to all customers.  PrimeXBT is running an exclusive promotion for listeners of the podcast. After making your first deposit, 50% of that first deposit will be credited to your account as a bonus that can be used as additional collateral to open positions. Code: CRYPTONEWS50 This promotion is available for a month after activation. Click the link below: PrimeXBT x CRYPTONEWS50

A revista TIME fez uma lista, o Rambo foi ali e já voltou, e o Coca manja muito de Docker.

We join a fair number of projects, and we often help teams bring their project up to our standard. This means bringing a lot of the same small pieces from project to project.In the latest episode of the No Compromises podcast, we rethink our “project standard” repo. Instead of a full Laravel skeleton, we propose a composable library of tool-specific, versioned configs (PHPUnit, Docker, etc.). We walk through the benefits for greenfield and legacy work, open questions about test organization, and how this approach scales as tools evolve.(00:00) - Why we keep our tooling current (00:15) - The “project standard” repo is aging (01:30) - Reference guide vs installable skeleton (02:30) - Supporting old and new stacks (versions, tags) (03:30) - Pivot: organize by tool and version, not app (04:30) - Example plan: folders for PHPUnit 11/12 (and beyond) (05:15) - What belongs where? Tests, traits, and context (10:00) - Docker-first thinking; where Horizon config lives (11:15) - Open questions: PHPUnit vs Pest vs “testing” folder (12:15) - Takeaway: evolve the repo as the tools evolve (12:45) - Silly bit Want help making your project as organized as one of our projects?

Bret is joined by Philip Andrews and Dan Muret of Cast AI to discuss pod live migration between nodes in a Kubernetes cluster.

This week it's all about your feedback! We answer your questions, and dig through your problems! -- During The Show -- 00:50 Intro Hallucinating 03:45 Friso from Mumble Moving all chats to one application Matrix Server Bridges Beeper Messages not flowing Self hosting beeper bridges E2EE 12:05 Security Cameras - Dustin Used Axis cameras Reolink Camera's POE Ethernet only models Some models require Reolink app for first setup Doorbell camera Steve's "doorbell camera flow" Surveillance Station Get one drive Reduce frame rate Weeks worth of footage Axis camera 2035 or 2036 Axis P3367 Write back in! 24:04 Laptops - Dasgeek Framework 12 Framework 12 vs Framework 13 25:45 News Wire Proxmox Mail Gateway 9.0 - helpnetsecurity.com (https://www.helpnetsecurity.com/2025/10/06/proxmox-mail-gateway-open-source-email-security-solution) GnuCash 5.13 - gnucash.org (https://www.gnucash.org/download.phtml) GNU Octave 10.3 - octave.org (https://octave.org/news/release/2025/10/01/octave-10.3.0-released.html) OpenSSL 3.6 - openssl-library.org (https://openssl-library.org/post/2025-10-01-3.6-release-announcement) Docker 28.5 - docker.com (https://docs.docker.com/engine/release-notes/28) Cairo-Dock 3.6 - phoronix.com (https://www.phoronix.com/news/Cairo-Dock-3.6-Released) GNU Linux Libre Kernel 6.17 - gnu.org (https://lists.gnu.org/archive/html/info-gnu/2025-09/msg00007.html) Tinycore 16.2 - tinycorelinux.net (https://forum.tinycorelinux.net/index.php/topic,27807.0.html) Opensuse Leap 16 - opensuse.org (https://get.opensuse.org/leap/16.0) Spine Endoscopic Atlas - nature.com (https://www.nature.com/articles/s41597-025-05897-7) Huawei Shrinks LLMs - venturebeat.com (https://venturebeat.com/ai/huaweis-new-open-source-technique-shrinks-llms-to-make-them-run-on-less) 4th Version of Granite AI - techrepublic.com (https://www.techrepublic.com/article/news-ibm-granite-40-ai) Granite AI Earns ISO 42001 - ibm.com (https://www.ibm.com/new/announcements/ibm-granite-iso-42001) 27:00 Send Feedback and Questions! Newbie questions welcome Fastest way to learn is immerse yourself Experts welcome too Email in! Follow up 30:45 Linux Basics - Kevin The bell story Level of learning GUI vs CLI Learning styles Ask your Linux friends Ask a LLM SIMPLE things Get hands on using it Set your expectations Tails Linux (https://tails.net/) Reproducibility Endless OS (https://www.endlessglobal.com/) Distro Hop Fedora (https://fedoraproject.org//) Ubuntu Arch Linux (https://archlinux.org/) Tiling window manager RHCSA and other Red Hat exams Canonical Academy ANS 437 (https://podcast.asknoahshow.com/437) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/462) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

In this episode of the Ardan Labs Podcast, Bill Kennedy talks with Mike Elgan, technology editorialist, about his journey to becoming a professional writer. Mike reflects on the evolution of journalism, the digital publishing revolution of the 90s, and the role of communication in shaping society. He also shares insights from his nomadic lifestyle, the realities of freelance writing, the impact of AI on creativity, and the importance of adaptability and passion in navigating a rapidly changing technological landscape.00:00 Introduction 05:54 Growing Up in the 70s and 80s11:32 Education, Passion & Early Work31:32 Politics, Journalism & First Writing Roles45:16 Transition to Technology Journalism54:30 Digital Media Revolution01:03:01 Becoming a Freelance Writer01:05:52 Nomadic Lifestyle & Financial Realities01:24:36 AI's Impact on Work, Writing & Education01:42:56 The Future of Writing & Communication01:50:52 Cyberpunk Reality & Technology's Next Era01:55:11 Finding Passion & Success in LifeConnect with Mike: Linkedin: https://www.linkedin.com/in/mikeelganX: https://x.com/MikeElganMentioned in this Episode:Mike Elgan's Newsletter: https://machinesociety.ai/Gastronomad: https://gastronomad.netWant more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

An airhacks.fm conversation with Alvaro Hernandez (@ahachete) about: Framework laptop experience and build process with DIY edition, modular connectors and upgradability, running Ubuntu 25.10 beta with nix package manager, automating installation with YAML and Ansible, comparison with IBM AS/400 feature activation model, docker adoption history for server maintenance and documentation, PostgreSQL extensions, upgradability and security concerns, challenges with packing 1000+ extensions into container images, security concerns with large monolithic images containing unused extensions, dynamic extension injection using sidecar pod local controller in kubernetes, problems with mutating running containers and security tool compliance, traditional Docker build approach requiring users to become image maintainers, challenging assumptions about container image immutability and Merkle tree, container images as JSON manifests pointing to tar file layers, Dynamic OCI Registry concept for composing images on-the-fly, generating manifests dynamically in milliseconds without Docker build, interface-based approach for mapping user preferences to layer digests, PostgreSQL-specific implementation with extension URL patterns, metadata storage in PostgreSQL database for layer digest resolution, potential applications for quarkus and Java microservices, serverless deployment possibilities with AWS Lambda, comparison with Cloudflare's serverless OCI registry, enterprise use cases for automated patching and security updates, integration possibilities with AWS EventBridge for CI/CD pipelines, transparency to Docker clients with only registry change required, stackgres platform using 4 million lines of Java code, ongres company services including PostgreSQL training and Oracle migrations, Alvaro's website: aht.es Alvaro Hernandez on twitter: @ahachete

Foundations of Amateur Radio The pursuit of amateur radio is a glorious thing. On the face of it you're forgiven if you think of it as a purely technical endeavour. Far be it for me to dissuade you from that notion, but permit me to expand into other areas that rarely get a mention when we discuss this amazing hobby. It's the place where you go to communicate with other people, who live a different life, doing the things that they enjoy. It's also the place for finding an excuse to go outside and set-up your station on the side of a mountain, or a park, a museum or a lighthouse. Then there's the joy of finding new friends who introduce you to other aspects of life, super computing, the medical field, tow truck driving, radio astronomy and electronics, to name a few. While I was the first person in my school to save up their summer job earnings to buy their own computer, a Commodore VIC-20, I never did come across this. "It is pitch black. You are likely to be eaten by a grue." is a phrase that might mean something to you, or not. To set the stage, it's the 1960's, you're a science fiction author and you need a ravenous predator. With origins in Danish and Norwegian, "grue", from gruesome, seemed to fit the bill for Jack Vance while was writing his Dying Earth series, mind you, Robert Louis Stevenson used it in 1916 in a short story called "The Waif Woman", writing "and a grue took hold upon her flesh", which is more gruesome than predator. Flash forward to 1977, you're writing an adventure game for a PDP-10 mainframe computer whilst, let's call it studying, at MIT, and you need a way to stop people wandering off the map, and so the text adventure game "Zork" got its famous phrase. I'm mentioning this because I wondered if anyone had used their love for Zork as an excuse to set-up a server on HF radio that you could play with. I'll confess that I spent way too many hours looking at this and it appears that you can use the software "direwolf" as a way to get packet radio to work across amateur radio without needing anything more than a radio and a computer with a sound-card. There's even an article by Rick Osgood titled: "How to Setup a Raspberry Pi Packet Radio Node with Zork", though I will mention that it relies on hardware to connect to a radio, rather than use "direwolf". There's a few moving parts, but it looks like this is totally doable, there's already Docker containers for both Zork and direwolf, even a container called "packet-zork", and a multi-user version called "MultiZork", so how hard can it be? I jest. As an aside, because I'm a geek and I can, there's a common misconception that a Docker container is equivalent to a virtual machine. For lots of reasons, that's not true. A better way is to think of it as a security wrapper around an untrusted application. Speaking of untrusted, while we're all essentially bipedal lifeforms with a similar set of attributes, on a daily basis we seem to discover more and more reasons to find fault or demonise differences. Contrast this within the global community of radio amateurs, where we have this "weird" activity that we all seem to share. I think that the most under-reported, perhaps even undervalued aspect of our hobby is that it's an excuse to talk to someone else. It's like a force of attraction, the glue, the one starting point that you know another amateur has in common with you. So, next time you venture outside, either in real life, or virtually, consider, at least for a moment, that there are other radio amateurs among us, also having fun. I'm Onno VK6FLAB

 Parting ways with our popular purple people is particularly painful this year. 674 games of experience and 3 meaningful contributors. Time to Restump Podcast all the Docker developments.Any of us may momentarily win an aging process battle, but none of us win the war. While Jimmy Aish would have it in him to go around again, Nat Fyfe and Sonny Walters were formidable in their individual efforts to prolong the inevitable. But it does little to ease the pain of having to say goodbye. However, the cycle of purple life continues and the Freo show must go on. They're certainly not the first three we've had to watch disappear into the horizon and they won't be the last. This fast paced, often ruthless industry doesn't allow for long periods of mourning or reflection. The season's dust is barely settled, the send offs seemed shortened and we suddenly find ourselves in Brownlow medal, draft and trade talk territory. Almost in an instant the conversation switches from ‘who we're losing' to ‘who will take their place.' On some level it feels a little disrespectful, like we've moved on too soon. But such is the nature of the AFL beast.Were Andy Brayshaw and Caleb Serong's dominance of Fremantle's Brownlow votes a true reflection of our group's individual contributions, or was it simply a product of the ‘midfielders' award? Both had very good seasons, but you're trying to tell me the All-Australian jacket wearing Jordan Clark had just a 2-game polling, 4 vote total season? Really? In terms of personnel going forward, what do we need to compliment the list to take another step forward in 2026?With Will Brody and Liam Reidy requesting trades, Quinton Narkle joining the retirees and the unlucky Jack Delean and Odin Jones suffering delisting, it has opened up a substantial 8 list spots so far.The grapevine chatter regarding the possible departure of Sean Darcy just won't quieten down. Is it a case of where there's smoke there's fire or is it all smoke and fiery mirrors? What do the rumours do to Liam Reidy's thought process?33-year-old Collingwood forward Jamie Elliott's name keeps popping up in purple provinces. And while we're on the Collingwood camp, there seems to be a Bobby Hill Freo Fanclub? Regardless of 'get-ability' are they genuine needs?Those names and plenty more are, at the very least, up for discussion. Always plenty of Docker drivel to be discussed. We'll cast the net wide on all things Freo, we'll get an update on JoJo's long-awaited bar opening and the Chief has hinted that he may unfortunately subject us to another episode of the Neighbourhood Watch.With the ink running dry here, let's put down the purple pen, pick up the talking stick and continue on the pod. So, if you haven't got a sock drawer to tidy, grass to watch grow or purple paint to watch dry, by all means, join us and get involved in the conversation. Send us a textSupport the show

Discover how AI agents are reshaping B2B marketing in this episode of Tomorrow's Best Practices Today with guest Erin Cresta, Global VP of Digital and Demand at Sema4.ai. Erin shares what it's like to join a startup from day one, build a marketing engine from scratch, and apply agentic AI to real-world business challenges.With a career spanning leadership roles at Palo Alto Networks, Docker, Armis, Couchbase, and now Sema4, Erin brings a unique perspective on scaling teams, crafting go-to-market strategies, and staying ahead in a competitive market. She dives into how marketing leaders can:-Build foundational brand identity and messaging at early-stage companies- Apply AI agents to content creation, research, operations, and sales enablement- Align with sales through account-based strategies instead of lead-based metrics- Balance speed, experimentation, and customer feedback in startup growth-Think differently about hiring, operations, and organizational design in AI-driven environmentsWe also explore the “work room” model Erin's team uses to collaborate with AI agents, how generative AI supports digital ad copy and campaign prep, and why account engagement is becoming more important than traditional lead counts.-----CONNECT with us at:Website: https://leadtail.com/Leadtail TV: https://www.leadtailtv.com/LinkedIn: https://www.linkedin.com/company/lead...Twitter: https://twitter.com/leadtailFacebook: https://www.facebook.com/Leadtail/Instagram: https://www.instagram.com/leadtail/----0:00 – Why Enterprise Sales Depend on Accounts, Not Just Leads0:53 – Welcome & Guest Introduction: Erin Cresta and Semaphore.ai3:16 – Returning to Startup Life: Building from the Ground Up6:41 – Early Marketing Priorities: Brand, Content, and SEO9:17 – Hiring Strategy and Using AI Agents in Daily Work11:23 – Inside the “Work Room”: How Teams Collaborate with Agents13:40 – Rethinking Funnels: From Leads to Account-Based Strategies18:01 – Sharing Signals with Sales and Building Alignment20:32 – The Semaphore Platform: Runbooks, Outcomes, and Security25:15 – Startup Lessons, Personal Insights & Closing Thoughts#b2bmarketing #b2b

In this episode of the Ardan Labs Podcast, Bill Kennedy talks with Jasson Casey, CEO and co-founder of Beyond Identity, about modern cybersecurity. Jasson shares his journey from early interests in technology and networking to leading startups and building products that address today's security challenges. They explore the evolution of authentication, the need for hardware-backed identity systems, the realities of insider threats, and how cultural and customer insights shape better security solutions.00:00 Introduction00:30 What is Jasson Doing Today?7:00 Fundamentals of Security15:30 First Memory of a Computer22:00 Interest in Physics 36:00 Working in College43:00 Joining a Startup50:00 Becoming a Product Manager at 2158:30 Culture Shock 1:03:20 Moving to Executive Roles1:10:00 Starting Beyond Identity1:19:00 Monitoring Threats1:34:00 Contact InfoConnect with Jasson: Linkedin: https://www.linkedin.com/in/jassoncasey/X: https://x.com/jassoncaseyMentioned in this Episode:Beyond Identity: https://www.beyondidentity.com/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

¿Estás cansado de reconstruir una imagen de Docker cada vez que necesitas cambiar un simple archivo de configuración? Este problema, que consume tiempo y recursos, es más común de lo que piensas. En este episodio de atareao con Linux, te traigo la solución definitiva para optimizar tu flujo de trabajo: las configuraciones de Docker (Docker Configs).Las configuraciones son una herramienta fundamental para la gestión de contenedores en entornos de Docker Compose y Docker Swarm. A diferencia de los volúmenes, que se centran en datos persistentes, las configs te permiten desacoplar los archivos de configuración de tus aplicaciones de la propia imagen de Docker. Esto significa que puedes crear imágenes genéricas y altamente portables, y luego adaptar su comportamiento a cada entorno (desarrollo, pruebas, producción) de manera sencilla y centralizada.En este tutorial práctico, exploraremos todo lo que necesitas saber sobre las configs:¿Qué son las configuraciones de Docker y por qué son cruciales para la productividad? Te explico su propósito y cómo su uso puede acelerar tu ciclo de desarrollo y despliegue.Diferencias clave con otras herramientas de gestión de datos de Docker. Te ayudo a entender cuándo usar configs en lugar de volúmenes o secrets para garantizar la seguridad y la eficiencia en tus proyectos.Un ejemplo práctico y detallado. Nos pondremos manos a la obra para configurar un contenedor de Nginx usando configs. Aprenderás a declarar la configuración en tu archivo docker-compose.yml, a montarla en la ruta correcta del contenedor con el parámetro target, y a establecer los permisos de acceso (mode), como el 0644 que te comenté.Este enfoque de "problema-solución" te permitirá tomar el control total sobre tus despliegues. Olvídate de la tediosa tarea de reconstruir imágenes y adopta una práctica de software de código abierto más robusta y profesional.El conocimiento que adquirirás en este episodio es aplicable a un sinfín de proyectos, ya sea que estés configurando un proxy inverso con Traefik, una base de datos o un servicio de sincronización como Syncthing en una Raspberry Pi o un VPS. Con esta herramienta, podrás hacer "cualquier cosa que quieras hacer con Linux" de forma más inteligente y eficiente.¡Prepárate para llevar tu gestión de Docker al siguiente nivel y optimizar tus sistemas como nunca antes!Más información y enlaces en las notas del episodio

La sexta gran actualización de Ghost, el sistema que uso en la página web del podcast, nos ha traído un nuevo sistema de estadísticas, publicación en el fediverso y la instalación oficial con Docker.

Brandon interviews Michael Irwin, Principal Engineer at Docker. They cover Docker's evolution, why hardened images matter, and how AI fits in. Plus, Michael shares stories from teaching computer science. Watch the YouTube Live Recording of Episode 538 (https://youtu.be/ow1upEjVscg?si=ts-5lucWTE5mKJwD) Show Links Docker (https://www.docker.com) Docker Hub (https://hub.docker.com) Contact Michael LinkedIn: mikesir87 (https://www.linkedin.com/in/mikesir87/) Github: mikesir87 (https://github.com/mikesir87) Twitter: mikesir87 (https://x.com/mikesir87/) Blog: https://blog.mikesir87.io/ (https://blog.mikesir87.io/) Sponsor Docker: Your foundation for secure, intelligent development (https://www.docker.com) SDT News & Hype Join us in Slack (http://www.softwaredefinedtalk.com/slack). Get a SDT Sticker! Send your postal address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) and we will send you free laptop stickers! Follow us: Twitch (https://www.twitch.tv/sdtpodcast), Twitter (https://twitter.com/softwaredeftalk), Instagram (https://www.instagram.com/softwaredefinedtalk/), Mastodon (https://hachyderm.io/@softwaredefinedtalk), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk), Threads (https://www.threads.net/@softwaredefinedtalk) and YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured). Use the code SDT to get $20 off Coté's book, Digital WTF (https://leanpub.com/digitalwtf/c/sdt), so $5 total. Become a sponsor of Software Defined Talk (https://www.softwaredefinedtalk.com/ads)! Special Guest: Michael Irwin.

SMTP relays and observability, why we didn't recommend Podman over Docker to a newcomer, and Gary gives us an update on his homelab.             Insta360 Go Ultra Insta360 have just launched their brand-new pocket camera, the GO Ultra. To get free Sticky Tabs with it go to store.insta360.com and use... Read More

SMTP relays and observability, why we didn't recommend Podman over Docker to a newcomer, and Gary gives us an update on his homelab.             Insta360 Go Ultra Insta360 have just launched their brand-new pocket camera, the GO Ultra. To get free Sticky Tabs with it go to store.insta360.com and use … Continue reading "Hybrid Cloud Show – Episode 39"

Nathan Schmook and Michael Whiting bring you the latest footy news on AFL Daily. Murphy Reid has been considered by the AFL.com.au reporters the unanimous winner of this year's Rising Star award, will that set the young Docker up for future success? Fages has been prepared to give new Lion cubs a go this year after the 2024 premiership, so much so there'll be 6 new faces in the Prelim on Saturday. Collingwood have stood by their older brigade, headlined by Steele Sidebottom plus we take a look at the options in front of Sam Flanders. Subscribe to AFL Daily and never miss an episode. Rate and review wherever you listen to podcasts.See omnystudio.com/listener for privacy information.

¡Transforma tu Terminal Linux en una Máquina de Productividad! Domina fish shell con este Tutorial Práctico¿Te preguntas cómo los expertos en Linux logran trabajar tan rápido en la terminal? ¿Estás cansado de escribir los mismos comandos largos una y otra vez? Si la respuesta es sí, este episodio de Atareao con Linux es para ti. En él, vamos a desvelar uno de los secretos mejor guardados para la automatización y la eficiencia: el uso de fish shell. A diferencia de otras shells como Bash o Zsh, fish se diseñó desde cero pensando en la usabilidad y la productividad, y hoy te voy a enseñar por qué sus abreviaciones y funciones son una auténtica revolución para tu flujo de trabajo.Este no es solo un tutorial teórico. Te guiaré paso a paso para que puedas implementar estas herramientas en tu sistema Linux de inmediato. Te mostraré cómo dejar de depender de los alias tradicionales y aprovechar el poder de las abreviaciones (abbr) que se expanden en tiempo real, dándote un control sin precedentes antes de ejecutar un comando. Esto te permitirá evitar errores comunes y, sobre todo, ganar velocidad.Pero fish no se queda ahí. También te enseñaré a crear funciones personalizadas para automatizar tareas más complejas, scripts que puedes ejecutar con una simple palabra, sin importar si necesitas gestionar tus servicios con Docker, optimizar la copia de archivos con Syncthing, o simplemente simplificar tareas cotidianas de administración del sistema. Cada segundo que ahorras en la terminal se traduce en más tiempo para innovar y crear.¿Qué te llevas de este episodio de Atareao con Linux?Aprende la diferencia clave entre abbr y alias, y por qué las abreviaciones de fish te harán más productivo al instante.Descubre cómo crear y gestionar tus propios atajos de teclado para cualquier comando, desde operaciones de Git hasta el despliegue de contenedores.Dominas el arte de las funciones en fish para automatizar scripts y lógicas complejas de forma sencilla.Obtén consejos prácticos sobre cómo organizar tu configuración en ~/.config/fish/ para mantener un entorno de trabajo limpio y eficiente.Entiende la filosofía de fish y por qué es una de las mejores shells de código abierto para cualquier entusiasta de GNU/Linux.Este episodio está pensado para cualquier persona que quiera mejorar su productividad en la línea de comandos, ya seas un desarrollador de software que usa Neovim o Rust, un sysadmin que gestiona servidores, o un usuario que simplemente quiere sacar el máximo provecho a su escritorio GNOME. Si te gusta la programación, el scripting, el software libre y la automatización, te garantizo que este contenido resonará contigo.No dejes pasar esta oportunidad de darle un impulso a tu carrera y a tus proyectos personales. La terminal es tu herramienta más poderosa; aprende a usarla como un verdadero profesional.¡Sigue el podcast Atareao con Linux para no perderte ningún truco! Cada semana, te traemos soluciones prácticas y tutoriales detallados para que domines Linux de una vez por todas. Si este episodio te ha parecido útil, deja una valoración positiva para que más personas puedan descubrir este conocimiento.Más información y enlaces en las notas del episodio

Katia, Emmanuel et Guillaume discutent Java, Kotlin, Quarkus, Hibernate, Spring Boot 4, intelligence artificielle (modèles Nano Banana, VO3, frameworks agentiques, embedding). On discute les vulnerabilités OWASP pour les LLMs, les personalités de codage des différents modèles, Podman vs Docker, comment moderniser des projets legacy. Mais surtout on a passé du temps sur les présentations de Luc Julia et les différents contre points qui ont fait le buzz sur les réseaux. Enregistré le 12 septembre 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-330.mp3 ou en vidéo sur YouTube. News Langages Dans cette vidéo, José détaille les nouveautés de Java entre Java 21 et 25 https://inside.java/2025/08/31/roadto25-java-language/ Aperçu des nouveautés du JDK 25 : Introduction des nouvelles fonctionnalités du langage Java et des changements à venir [00:02]. Programmation orientée données et Pattern Matching [00:43] : Évolution du “pattern matching” pour la déconstruction des “records” [01:22]. Utilisation des “sealed types” dans les expressions switch pour améliorer la lisibilité et la robustesse du code [01:47]. Introduction des “unnamed patterns” (_) pour indiquer qu'une variable n'est pas utilisée [04:47]. Support des types primitifs dans instanceof et switch (en preview) [14:02]. Conception d'applications Java [00:52] : Simplification de la méthode main [21:31]. Exécution directe des fichiers .java sans compilation explicite [22:46]. Amélioration des mécanismes d'importation [23:41]. Utilisation de la syntaxe Markdown dans la Javadoc [27:46]. Immuabilité et valeurs nulles [01:08] : Problème d'observation de champs final à null pendant la construction d'un objet [28:44]. JEP 513 pour contrôler l'appel à super() et restreindre l'usage de this dans les constructeurs [33:29]. JDK 25 sort le 16 septembre https://openjdk.org/projects/jdk/25/ Scoped Values (JEP 505) - alternative plus efficace aux ThreadLocal pour partager des données immutables entre threads Structured Concurrency (JEP 506) - traiter des groupes de tâches concurrentes comme une seule unité de travail, simplifiant la gestion des threads Compact Object Headers (JEP 519) - Fonctionnalité finale qui réduit de 50% la taille des en-têtes d'objets (de 128 à 64 bits), économisant jusqu'à 22% de mémoire heap Flexible Constructor Bodies (JEP 513) - Relaxation des restrictions sur les constructeurs, permettant du code avant l'appel super() ou this() Module Import Declarations (JEP 511) - Import simplifié permettant d'importer tous les éléments publics d'un module en une seule déclaration Compact Source Files (JEP 512) - Simplification des programmes Java basiques avec des méthodes main d'instance sans classe wrapper obligatoire Primitive Types in Patterns (JEP 455) - Troisième preview étendant le pattern matching et instanceof aux types primitifs dans switch et instanceof Generational Shenandoah (JEP 521) - Le garbage collector Shenandoah passe en mode générationnel pour de meilleures performances JFR Method Timing & Tracing (JEP 520) - Nouvel outillage de profilage pour mesurer le temps d'exécution et tracer les appels de méthodes Key Derivation API (JEP 510) - API finale pour les fonctions de dérivation de clés cryptographiques, remplaçant les implémentations tierces Améliorations du traitement des annotations dans Kotlin 2.2 https://blog.jetbrains.com/idea/2025/09/improved-annotation-handling-in-kotlin-2-2-less-boilerplate-fewer-surprises/ Avant Kotlin 2.2, les annotations sur les paramètres de constructeur n'étaient appliquées qu'au paramètre, pas à la propriété ou au champ Cela causait des bugs subtils avec Spring et JPA où la validation ne fonctionnait qu'à la création d'objet, pas lors des mises à jour La solution précédente nécessitait d'utiliser explicitement @field: pour chaque annotation, créant du code verbeux Kotlin 2.2 introduit un nouveau comportement par défaut qui applique les annotations aux paramètres ET aux propriétés/champs automatiquement Le code devient plus propre sans avoir besoin de syntaxe @field: répétitive Pour l'activer, ajouter -Xannotation-default-target=param-property dans les options du compilateur Gradle IntelliJ IDEA propose un quick-fix pour activer ce comportement à l'échelle du projet Cette amélioration rend l'intégration Kotlin plus fluide avec les frameworks majeurs comme Spring et JPA Le comportement peut être configuré pour garder l'ancien mode ou activer un mode transitoire avec avertissements Cette mise à jour fait partie d'une initiative plus large pour améliorer l'expérience Kotlin + Spring Librairies Sortie de Quarkus 3.26 avec mises à jour d'Hibernate et autres fonctionnalités - https://quarkus.io/blog/quarkus-3-26-released/ mettez à jour vers la 3.26.x car il y a eu une regression vert.x Jalon important vers la version LTS 3.27 prévue fin septembre, basée sur cette version Mise à jour vers Hibernate ORM 7.1, Hibernate Search 8.1 et Hibernate Reactive 3.1 Support des unités de persistance nommées et sources de données dans Hibernate Reactive Démarrage hors ligne et configuration de dialecte pour Hibernate ORM même si la base n'est pas accessible Refonte de la console HQL dans Dev UI avec fonctionnalité Hibernate Assistant intégrée Exposition des capacités Dev UI comme fonctions MCP pour pilotage via outils IA Rafraîchissement automatique des tokens OIDC en cas de réponse 401 des clients REST Extension JFR pour capturer les données runtime (nom app, version, extensions actives) Bump de Gradle vers la version 9.0 par défaut, suppression du support des classes config legacy Guide de démarrage avec Quarkus et A2A Java SDK 0.3.0 (pour faire discuter des agents IA avec la dernière version du protocole A2A) https://quarkus.io/blog/quarkus-a2a-java-0-3-0-alpha-release/ Sortie de l'A2A Java SDK 0.3.0.Alpha1, aligné avec la spécification A2A v0.3.0. Protocole A2A : standard ouvert (Linux Foundation), permet la communication inter-agents IA polyglottes. Version 0.3.0 plus stable, introduit le support gRPC. Mises à jour générales : changements significatifs, expérience utilisateur améliorée (côté client et serveur). Agents serveur A2A : Support gRPC ajouté (en plus de JSON-RPC). HTTP+JSON/REST à venir. Implémentations basées sur Quarkus (alternatives Jakarta existent). Dépendances spécifiques pour chaque transport (ex: a2a-java-sdk-reference-jsonrpc, a2a-java-sdk-reference-grpc). AgentCard : décrit les capacités de l'agent. Doit spécifier le point d'accès primaire et tous les transports supportés (additionalInterfaces). Clients A2A : Dépendance principale : a2a-java-sdk-client. Support gRPC ajouté (en plus de JSON-RPC). HTTP+JSON/REST à venir. Dépendance spécifique pour gRPC : a2a-java-sdk-client-transport-grpc. Création de client : via ClientBuilder. Sélectionne automatiquement le transport selon l'AgentCard et la configuration client. Permet de spécifier les transports supportés par le client (withTransport). Comment générer et éditer des images en Java avec Nano Banana, le “photoshop killer” de Google https://glaforge.dev/posts/2025/09/09/calling-nano-banana-from-java/ Objectif : Intégrer le modèle Nano Banana (Gemini 2.5 Flash Image preview) dans des applications Java. SDK utilisé : GenAI Java SDK de Google. Compatibilité : Supporté par ADK for Java ; pas encore par LangChain4j (limitation de multimodalité de sortie). Capacités de Nano Banana : Créer de nouvelles images. Modifier des images existantes. Assembler plusieurs images. Mise en œuvre Java : Quelle dépendance utiliser Comment s'authentifier Comment configurer le modèle Nature du modèle : Nano Banana est un modèle de chat qui peut retourner du texte et une image (pas simplement juste un modèle générateur d'image) Exemples d'utilisation : Création : Via un simple prompt textuel. Modification : En passant l'image existante (tableau de bytes) et les instructions de modification (prompt). Assemblage : En passant plusieurs images (en bytes) et les instructions d'intégration (prompt). Message clé : Toutes ces fonctionnalités sont accessibles en Java, sans nécessiter Python. Générer des vidéos IA avec le modèle Veo 3, mais en Java ! https://glaforge.dev/posts/2025/09/10/generating-videos-in-java-with-veo3/ Génération de vidéos en Java avec Veo 3 (via le GenAI Java SDK de Google). Veo 3: Annoncé comme GA, prix réduits, support du format 9:16, résolution jusqu'à 1080p. Création de vidéos : À partir d'une invite textuelle (prompt). À partir d'une image existante. Deux versions différentes du modèle : veo-3.0-generate-001 (qualité supérieure, plus coûteux, plus lent). veo-3.0-fast-generate-001 (qualité inférieure, moins coûteux, mais plus rapide). Rod Johnson sur ecrire des aplication agentic en Java plus facilement qu'en python avec Embabel https://medium.com/@springrod/you-can-build-better-ai-agents-in-java-than-python-868eaf008493 Rod the papa de Spring réécrit un exemple CrewAI (Python) qui génère un livre en utilisant Embabel (Java) pour démontrer la supériorité de Java L'application utilise plusieurs agents AI spécialisés : un chercheur, un planificateur de livre et des rédacteurs de chapitres Le processus suit trois étapes : recherche du sujet, création du plan, rédaction parallèle des chapitres puis assemblage CrewAI souffre de plusieurs problèmes : configuration lourde, manque de type safety, utilisation de clés magiques dans les prompts La version Embabel nécessite moins de code Java que l'original Python et moins de fichiers de configuration YAML Embabel apporte la type safety complète, éliminant les erreurs de frappe dans les prompts et améliorant l'outillage IDE La gestion de la concurrence est mieux contrôlée en Java pour éviter les limites de débit des APIs LLM L'intégration avec Spring permet une configuration externe simple des modèles LLM et hyperparamètres Le planificateur Embabel détermine automatiquement l'ordre d'exécution des actions basé sur leurs types requis L'argument principal : l'écosystème JVM offre un meilleur modèle de programmation et accès à la logique métier existante que Python Il y a pas mal de nouveaux framework agentic en Java, notamment le dernier LAngchain4j Agentic Spring lance un serie de blog posts sur les nouveautés de Spring Boot 4 https://spring.io/blog/2025/09/02/road_to_ga_introduction baseline JDK 17 mais rebase sur Jakarta 11 Kotlin 2, Jackson 3 et JUnit 6 Fonctionnalités de résilience principales de Spring : @ConcurrencyLimit, @Retryable, RetryTemplate Versioning d'API dans Spring Améliorations du client de service HTTP L'état des clients HTTP dans Spring Introduction du support Jackson 3 dans Spring Consommateur partagé - les queues Kafka dans Spring Kafka Modularisation de Spring Boot Autorisation progressive dans Spring Security Spring gRPC - un nouveau module Spring Boot Applications null-safe avec Spring Boot 4 OpenTelemetry avec Spring Boot Repos Ahead of Time (Partie 2) Web Faire de la recherche sémantique directement dans le navigateur en local, avec EmbeddingGemma et Transformers.js https://glaforge.dev/posts/2025/09/08/in-browser-semantic-search-with-embeddinggemma/ EmbeddingGemma: Nouveau modèle d'embedding (308M paramètres) de Google DeepMind. Objectif: Permettre la recherche sémantique directement dans le navigateur. Avantages clés de l'IA côté client: Confidentialité: Aucune donnée envoyée à un serveur. Coûts réduits: Pas besoin de serveurs coûteux (GPU), hébergement statique. Faible latence: Traitement instantané sans allers-retours réseau. Fonctionnement hors ligne: Possible après le chargement initial du modèle. Technologie principale: Modèle: EmbeddingGemma (petit, performant, multilingue, support MRL pour réduire la taille des vecteurs). Moteur d'inférence: Transformers.js de HuggingFace (exécute les modèles AI en JavaScript dans le navigateur). Déploiement: Site statique avec Vite/React/Tailwind CSS, déployé sur Firebase Hosting via GitHub Actions. Gestion du modèle: Fichiers du modèle trop lourds pour Git; téléchargés depuis HuggingFace Hub pendant le CI/CD. Fonctionnement de l'app: Charge le modèle, génère des embeddings pour requêtes/documents, calcule la similarité sémantique. Conclusion: Démonstration d'une recherche sémantique privée, économique et sans serveur, soulignant le potentiel de l'IA embarquée dans le navigateur. Data et Intelligence Artificielle Docker lance Cagent, une sorte de framework multi-agent IA utilisant des LLMs externes, des modèles de Docker Model Runner, avec le Docker MCP Tookit. Il propose un format YAML pour décrire les agents d'un système multi-agents. https://github.com/docker/cagent des agents “prompt driven” (pas de code) et une structure pour decrire comment ils sont deployés pas clair comment ils sont appelés a part dans la ligne de commande de cagent fait par david gageot L'owasp décrit l'independance excessive des LLM comme une vulnerabilité https://genai.owasp.org/llmrisk2023-24/llm08-excessive-agency/ L'agence excessive désigne la vulnérabilité qui permet aux systèmes LLM d'effectuer des actions dommageables via des sorties inattendues ou ambiguës. Elle résulte de trois causes principales : fonctionnalités excessives, permissions excessives ou autonomie excessive des agents LLM. Les fonctionnalités excessives incluent l'accès à des plugins qui offrent plus de capacités que nécessaire, comme un plugin de lecture qui peut aussi modifier ou supprimer. Les permissions excessives se manifestent quand un plugin accède aux systèmes avec des droits trop élevés, par exemple un accès en lecture qui inclut aussi l'écriture. L'autonomie excessive survient quand le système effectue des actions critiques sans validation humaine préalable. Un scénario d'attaque typique : un assistant personnel avec accès email peut être manipulé par injection de prompt pour envoyer du spam via la boîte de l'utilisateur. La prévention implique de limiter strictement les plugins aux fonctions minimales nécessaires pour l'opération prévue. Il faut éviter les fonctions ouvertes comme “exécuter une commande shell” au profit d'outils plus granulaires et spécifiques. L'application du principe de moindre privilège est cruciale : chaque plugin doit avoir uniquement les permissions minimales requises. Le contrôle humain dans la boucle reste essentiel pour valider les actions à fort impact avant leur exécution. Lancement du MCP registry, une sorte de méta-annuaire officiel pour référencer les serveurs MCP https://www.marktechpost.com/2025/09/09/mcp-team-launches-the-preview-version-of-the-mcp-registry-a-federated-discovery-layer-for-enterprise-ai/ MCP Registry : Couche de découverte fédérée pour l'IA d'entreprise. Fonctionne comme le DNS pour le contexte de l'IA, permettant la découverte de serveurs MCP publics ou privés. Modèle fédéré : Évite les risques de sécurité et de conformité d'un registre monolithique. Permet des sous-registres privés tout en conservant une source de vérité “upstream”. Avantages entreprises : Découverte interne sécurisée. Gouvernance centralisée des serveurs externes. Réduction de la prolifération des contextes. Support pour les agents IA hybrides (données privées/publiques). Projet open source, actuellement en version preview. Blog post officiel : https://blog.modelcontextprotocol.io/posts/2025-09-08-mcp-registry-preview/ Exploration des internals du transaction log SQL Server https://debezium.io/blog/2025/09/08/sqlserver-tx-log/ C'est un article pour les rugeux qui veulent savoir comment SQLServer marche à l'interieur Debezium utilise actuellement les change tables de SQL Server CDC en polling périodique L'article explore la possibilité de parser directement le transaction log pour améliorer les performances Le transaction log est divisé en Virtual Log Files (VLFs) utilisés de manière circulaire Chaque VLF contient des blocs (512B à 60KB) qui contiennent les records de transactions Chaque record a un Log Sequence Number (LSN) unique pour l'identifier précisément Les données sont stockées dans des pages de 8KB avec header de 96 bytes et offset array Les tables sont organisées en partitions et allocation units pour gérer l'espace disque L'utilitaire DBCC permet d'explorer la structure interne des pages et leur contenu Cette compréhension pose les bases pour parser programmatiquement le transaction log dans un prochain article Outillage Les personalités des codeurs des différents LLMs https://www.sonarsource.com/blog/the-coding-personalities-of-leading-llms-gpt-5-update/ GPT-5 minimal ne détrône pas Claude Sonnet 4 comme leader en performance fonctionnelle malgré ses 75% de réussite GPT-5 génère un code extrêmement verbeux avec 490 000 lignes contre 370 000 pour Claude Sonnet 4 sur les mêmes tâches La complexité cyclomatique et cognitive du code GPT-5 est dramatiquement plus élevée que tous les autres modèles GPT-5 introduit 3,90 problèmes par tâche réussie contre seulement 2,11 pour Claude Sonnet 4 Point fort de GPT-5 : sécurité exceptionnelle avec seulement 0,12 vulnérabilité par 1000 lignes de code Faiblesse majeure : densité très élevée de “code smells” (25,28 par 1000 lignes) nuisant à la maintenabilité GPT-5 produit 12% de problèmes liés à la complexité cognitive, le taux le plus élevé de tous les modèles Tendance aux erreurs logiques fondamentales avec 24% de bugs de type “Control-flow mistake” Réapparition de vulnérabilités classiques comme les failles d'injection et de traversée de chemin Nécessité d'une gouvernance renforcée avec analyse statique obligatoire pour gérer la complexité du code généré Pourquoi j'ai abandonné Docker pour Podman https://codesmash.dev/why-i-ditched-docker-for-podman-and-you-should-too Problème Docker : Le daemon dockerd persistant s'exécute avec des privilèges root, posant des risques de sécurité (nombreuses CVEs citées) et consommant des ressources inutilement. Solution Podman : Sans Daemon : Pas de processus d'arrière-plan persistant. Les conteneurs s'exécutent comme des processus enfants de la commande Podman, sous les privilèges de l'utilisateur. Sécurité Renforcée : Réduction de la surface d'attaque. Une évasion de conteneur compromet un utilisateur non privilégié sur l'hôte, pas le système entier. Mode rootless. Fiabilité Accrue : Pas de point de défaillance unique ; le crash d'un conteneur n'affecte pas les autres. Moins de Ressources : Pas de daemon constamment actif, donc moins de mémoire et de CPU. Fonctionnalités Clés de Podman : Intégration Systemd : Génération automatique de fichiers d'unité systemd pour gérer les conteneurs comme des services Linux standards. Alignement Kubernetes : Support natif des pods et capacité à générer des fichiers Kubernetes YAML directement (podman generate kube), facilitant le développement local pour K8s. Philosophie Unix : Se concentre sur l'exécution des conteneurs, délègue les tâches spécialisées à des outils dédiés (ex: Buildah pour la construction d'images, Skopeo pour leur gestion). Migration Facile : CLI compatible Docker : podman utilise les mêmes commandes que docker (alias docker=podman fonctionne). Les Dockerfiles existants sont directement utilisables. Améliorations incluses : Sécurité par défaut (ports privilégiés en mode rootless), meilleure gestion des permissions de volume, API Docker compatible optionnelle. Option de convertir Docker Compose en Kubernetes YAML. Bénéfices en Production : Sécurité améliorée, utilisation plus propre des ressources. Podman représente une évolution plus sécurisée et mieux alignée avec les pratiques modernes de gestion Linux et de déploiement de conteneurs. Guide Pratique (Exemple FastAPI) : Le Dockerfile ne change pas. podman build et podman run remplacent directement les commandes Docker. Déploiement en production via Systemd. Gestion d'applications multi-services avec les “pods” Podman. Compatibilité Docker Compose via podman-compose ou kompose. Détection améliorée des APIs vulnérables dans les IDEs JetBrains et Qodana - https://blog.jetbrains.com/idea/2025/09/enhanced-vulnerable-api-detection-in-jetbrains-ides-and-qodana/ JetBrains s'associe avec Mend.io pour renforcer la sécurité du code dans leurs outils Le plugin Package Checker bénéficie de nouvelles données enrichies sur les APIs vulnérables Analyse des graphes d'appels pour couvrir plus de méthodes publiques des bibliothèques open-source Support de Java, Kotlin, C#, JavaScript, TypeScript et Python pour la détection de vulnérabilités Activation des inspections via Paramètres > Editor > Inspections en recherchant “Vulnerable API” Surlignage automatique des méthodes vulnérables avec détails des failles au survol Action contextuelle pour naviguer directement vers la déclaration de dépendance problématique Mise à jour automatique vers une version non affectée via Alt+Enter sur la dépendance Fenêtre dédiée “Vulnerable Dependencies” pour voir l'état global des vulnérabilités du projet Méthodologies Le retour de du sondage de Stack Overflow sur l'usage de l'IA dans le code https://medium.com/@amareshadak/stack-overflow-just-exposed-the-ugly-truth-about-ai-coding-tools-b4f7b5992191 84% des développeurs utilisent l'IA quotidiennement, mais 46% ne font pas confiance aux résultats. Seulement 3,1% font “hautement confiance” au code généré. 66% sont frustrés par les solutions IA “presque correctes”. 45% disent que déboguer le code IA prend plus de temps que l'écrire soi-même. Les développeurs seniors (10+ ans) font moins confiance à l'IA (2,6%) que les débutants (6,1%), créant un écart de connaissances dangereux. Les pays occidentaux montrent moins de confiance - Allemagne (22%), UK (23%), USA (28%) - que l'Inde (56%). Les créateurs d'outils IA leur font moins confiance. 77% des développeurs professionnels rejettent la programmation en langage naturel, seuls 12% l'utilisent réellement. Quand l'IA échoue, 75% se tournent vers les humains. 35% des visites Stack Overflow concernent maintenant des problèmes liés à l'IA. 69% rapportent des gains de productivité personnels, mais seulement 17% voient une amélioration de la collaboration d'équipe. Coûts cachés : temps de vérification, explication du code IA aux équipes, refactorisation et charge cognitive constante. Les plateformes humaines dominent encore : Stack Overflow (84%), GitHub (67%), YouTube (61%) pour résoudre les problèmes IA. L'avenir suggère un “développement augmenté” où l'IA devient un outil parmi d'autres, nécessitant transparence et gestion de l'incertitude. Mentorat open source et défis communautaires par les gens de Microcks https://microcks.io/blog/beyond-code-open-source-mentorship/ Microcks souffre du syndrome des “utilisateurs silencieux” qui bénéficient du projet sans contribuer Malgré des milliers de téléchargements et une adoption croissante, l'engagement communautaire reste faible Ce manque d'interaction crée des défis de durabilité et limite l'innovation du projet Les mainteneurs développent dans le vide sans feedback des vrais utilisateurs Contribuer ne nécessite pas de coder : documentation, partage d'expérience, signalement de bugs suffisent Parler du project qu'on aime autour de soi est aussi super utile Microcks a aussi des questions specifiques qu'ils ont posé dans le blog, donc si vous l'utilisez, aller voir Le succès de l'open source dépend de la transformation des utilisateurs en véritables partenaires communautaires c'est un point assez commun je trouve, le ratio parlant / silencieux est tres petit et cela encourage les quelques grandes gueules La modernisation du systemes legacy, c'est pas que de la tech https://blog.scottlogic.com/2025/08/27/holistic-approach-successful-legacy-modernisation.html Un artcile qui prend du recul sur la modernisation de systemes legacy Les projets de modernisation legacy nécessitent une vision holistique au-delà du simple focus technologique Les drivers business diffèrent des projets greenfield : réduction des coûts et mitigation des risques plutôt que génération de revenus L'état actuel est plus complexe à cartographier avec de nombreuses dépendances et risques de rupture Collaboration essentielle entre Architectes, Analystes Business et Designers UX dès la phase de découverte Approche tridimensionnelle obligatoire : Personnes, Processus et Technologie (comme un jeu d'échecs 3D) Le leadership doit créer l'espace nécessaire pour la découverte et la planification plutôt que presser l'équipe Communication en termes business plutôt que techniques vers tous les niveaux de l'organisation Planification préalable essentielle contrairement aux idées reçues sur l'agilité Séquencement optimal souvent non-évident et nécessitant une analyse approfondie des interdépendances Phases projet alignées sur les résultats business permettent l'agilité au sein de chaque phase Sécurité Cyber Attaque su Musée Histoire Naturelle https://www.franceinfo.fr/internet/securite-sur-internet/cyberattaques/le-museum-nati[…]e-d-une-cyberattaque-severe-une-plainte-deposee_7430356.html Compromission massive de packages npm populaires par un malware crypto https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised 18 packages npm très populaires compromis le 8 septembre 2025, incluant chalk, debug, ansi-styles avec plus de 2 milliards de téléchargements hebdomadaires combinés duckdb s'est rajouté à la liste Code malveillant injecté qui intercepte silencieusement l'activité crypto et web3 dans les navigateurs des utilisateurs Le malware manipule les interactions de wallet et redirige les paiements vers des comptes contrôlés par l'attaquant sans signes évidents Injection dans les fonctions critiques comme fetch, XMLHttpRequest et APIs de wallets (window.ethereum, Solana) pour intercepter le trafic Détection et remplacement automatique des adresses crypto sur multiple blockchains (Ethereum, Bitcoin, Solana, Tron, Litecoin, Bitcoin Cash) Les transactions sont modifiées en arrière-plan même si l'interface utilisateur semble correcte et légitime Utilise des adresses “sosies” via correspondance de chaînes pour rendre les échanges moins évidents à détecter Le mainteneur compromis par email de phishing provenant du faux domaine “mailto:support@npmjs.help|support@npmjs.help” enregistré 3 jours avant l'attaque sur une demande de mise a jour de son autheotnfication a deux facteurs après un an Aikido a alerté le mainteneur via Bluesky qui a confirmé la compromission et commencé le nettoyage des packages Attaque sophistiquée opérant à plusieurs niveaux: contenu web, appels API et manipulation des signatures de transactions Les anti-cheats de jeux vidéo : une faille de sécurité majeure ? - https://tferdinand.net/jeux-video-et-si-votre-anti-cheat-etait-la-plus-grosse-faille/ Les anti-cheats modernes s'installent au Ring 0 (noyau système) avec privilèges maximaux Ils obtiennent le même niveau d'accès que les antivirus professionnels mais sans audit ni certification Certains exploitent Secure Boot pour se charger avant le système d'exploitation Risque de supply chain : le groupe APT41 a déjà compromis des jeux comme League of Legends Un attaquant infiltré pourrait désactiver les solutions de sécurité et rester invisible Menace de stabilité : une erreur peut empêcher le démarrage du système (référence CrowdStrike) Conflits possibles entre différents anti-cheats qui se bloquent mutuellement Surveillance en temps réel des données d'utilisation sous prétexte anti-triche Dérive dangereuse selon l'auteur : des entreprises de jeux accèdent au niveau EDR Alternatives limitées : cloud gaming ou sandboxing avec impact sur performances donc faites gaffe aux jeux que vos gamins installent ! Loi, société et organisation Luc Julia au Sénat - Monsieur Phi réagi et publie la vidéo Luc Julia au Sénat : autopsie d'un grand N'IMPORTE QUOI https://www.youtube.com/watch?v=e5kDHL-nnh4 En format podcast de 20 minutes, sorti au même moment et à propos de sa conf à Devoxx https://www.youtube.com/watch?v=Q0gvaIZz1dM Le lab IA - Jérôme Fortias - Et si Luc Julia avait raison https://www.youtube.com/watch?v=KScI5PkCIaE Luc Julia au Senat https://www.youtube.com/watch?v=UjBZaKcTeIY Luc Julia se défend https://www.youtube.com/watch?v=DZmxa7jJ8sI Intelligence artificielle : catastrophe imminente ? - Luc Julia vs Maxime Fournes https://www.youtube.com/watch?v=sCNqGt7yIjo Tech and Co Monsieur Phi vs Luc Julia (put a click) https://www.youtube.com/watch?v=xKeFsOceT44 La tronche en biais https://www.youtube.com/live/zFwLAOgY0Wc Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 12 septembre 2025 : Agile Pays Basque 2025 - Bidart (France) 15 septembre 2025 : Agile Tour Montpellier - Montpellier (France) 18-19 septembre 2025 : API Platform Conference - Lille (France) & Online 22-24 septembre 2025 : Kernel Recipes - Paris (France) 22-27 septembre 2025 : La Mélée Numérique - Toulouse (France) 23 septembre 2025 : OWASP AppSec France 2025 - Paris (France) 23-24 septembre 2025 : AI Engineer Paris - Paris (France) 25 septembre 2025 : Agile Game Toulouse - Toulouse (France) 25-26 septembre 2025 : Paris Web 2025 - Paris (France) 30 septembre 2025-1 octobre 2025 : PyData Paris 2025 - Paris (France) 2 octobre 2025 : Nantes Craft - Nantes (France) 2-3 octobre 2025 : Volcamp - Clermont-Ferrand (France) 3 octobre 2025 : DevFest Perros-Guirec 2025 - Perros-Guirec (France) 6-7 octobre 2025 : Swift Connection 2025 - Paris (France) 6-10 octobre 2025 : Devoxx Belgium - Antwerp (Belgium) 7 octobre 2025 : BSides Mulhouse - Mulhouse (France) 7-8 octobre 2025 : Agile en Seine - Issy-les-Moulineaux (France) 8-10 octobre 2025 : SIG 2025 - Paris (France) & Online 9 octobre 2025 : DevCon #25 : informatique quantique - Paris (France) 9-10 octobre 2025 : Forum PHP 2025 - Marne-la-Vallée (France) 9-10 octobre 2025 : EuroRust 2025 - Paris (France) 16 octobre 2025 : PlatformCon25 Live Day Paris - Paris (France) 16 octobre 2025 : Power 365 - 2025 - Lille (France) 16-17 octobre 2025 : DevFest Nantes - Nantes (France) 17 octobre 2025 : Sylius Con 2025 - Lyon (France) 17 octobre 2025 : ScalaIO 2025 - Paris (France) 17-19 octobre 2025 : OpenInfra Summit Europe - Paris (France) 20 octobre 2025 : Codeurs en Seine - Rouen (France) 23 octobre 2025 : Cloud Nord - Lille (France) 30-31 octobre 2025 : Agile Tour Bordeaux 2025 - Bordeaux (France) 30-31 octobre 2025 : Agile Tour Nantais 2025 - Nantes (France) 30 octobre 2025-2 novembre 2025 : PyConFR 2025 - Lyon (France) 4-7 novembre 2025 : NewCrafts 2025 - Paris (France) 5-6 novembre 2025 : Tech Show Paris - Paris (France) 5-6 novembre 2025 : Red Hat Summit: Connect Paris 2025 - Paris (France) 6 novembre 2025 : dotAI 2025 - Paris (France) 6 novembre 2025 : Agile Tour Aix-Marseille 2025 - Gardanne (France) 7 novembre 2025 : BDX I/O - Bordeaux (France) 12-14 novembre 2025 : Devoxx Morocco - Marrakech (Morocco) 13 novembre 2025 : DevFest Toulouse - Toulouse (France) 15-16 novembre 2025 : Capitole du Libre - Toulouse (France) 19 novembre 2025 : SREday Paris 2025 Q4 - Paris (France) 19-21 novembre 2025 : Agile Grenoble - Grenoble (France) 20 novembre 2025 : OVHcloud Summit - Paris (France) 21 novembre 2025 : DevFest Paris 2025 - Paris (France) 27 novembre 2025 : DevFest Strasbourg 2025 - Strasbourg (France) 28 novembre 2025 : DevFest Lyon - Lyon (France) 1-2 décembre 2025 : Tech Rocks Summit 2025 - Paris (France) 4-5 décembre 2025 : Agile Tour Rennes - Rennes (France) 5 décembre 2025 : DevFest Dijon 2025 - Dijon (France) 9-11 décembre 2025 : APIdays Paris - Paris (France) 9-11 décembre 2025 : Green IO Paris - Paris (France) 10-11 décembre 2025 : Devops REX - Paris (France) 10-11 décembre 2025 : Open Source Experience - Paris (France) 11 décembre 2025 : Normandie.ai 2025 - Rouen (France) 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 17 juin 2026 : Devoxx Poland - Krakow (Poland) 4 septembre 2026 : JUG SUmmer Camp 2026 - La Rochelle (France) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

We take a high-level look at where the next major opportunities in crypto may emerge, connecting developments in $NAT with broader market narratives. We begin with a deep dive into $NAT's latest progress and why its evolving role as a Bitcoin-native secondary subsidy could address long-term network sustainability—placing it in the same early-stage category as other innovations once dismissed before gaining mainstream adoption. We then shift to the surging ZORA ecosystem, now nearing a $500M market cap, and examine its structural parallels to earlier BASE projects like Virtuals. This leads us to $DOCKER—a $3M market cap asset designed to capture ecosystem upside through buyback-driven flywheels—mirroring the path that propelled $VADER to $100M+. By unpacking the economic models, token mechanics, and adoption curves at play, we highlight why these assets may offer asymmetric potential in the current market. Whether your interest lies in Bitcoin's evolving economic design or identifying high-conviction bets before they go mainstream, this discussion distills the signals from the noise to give you a clear strategic edge. Topics: First up, look at where the next major opportunities in crypto may emerge, connecting developments in $NAT with broader market narratives. Next, shift to the surging ZORA ecosystem, now nearing a $500M market cap, and examine its structural parallels to earlier BASE projects like Virtuals. and Finally, unpacking the economic models, token mechanics, and adoption curves at play Please like and subscribe on your favorite podcasting app! Sign up for a free newsletter: www.theblockrunner.com Follow us on: Youtube: https://bit.ly/TBlkRnnrYouTube Twitter: bit.ly/TBR-Twitter Telegram: bit.ly/TBR-Telegram Discord: bit.ly/TBR-Discord

In this episode of the Ardan Labs Podcast, Bill Kennedy interviews Jonathan Amsterdam from the Go team at Google about his journey from academia and finance to software engineering, his work on Go and API design, and the importance of adaptability, community, and building impactful software.00:00 Introduction00:30 What is Jonathan Doing Today?02:00 First Memories of a Computer09:30 Entering University14:00 Early Coding / Academics 20:50 Interest in AI / ML27:00 Career Beginnings 33:00 Transitioning to Java and Teaching41:00 Distributed Software45:00 Ambitions / Finding Stability 55:00 Experiences at Google 1:07:20 Joining the Go Team1:17:00 Go and MCP1:24:00 API Design and Philosophy1:30:20 Contact InfoConnect with Jonathan: Linkedin: https://www.linkedin.com/in/jonathan-amsterdam-b901b21/Mentioned in this Episode:Go-sdk: https://github.com/modelcontextprotocol/go-sdkWant more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Mike Judge breaks down why he doesn't believe the AI coding claims add up, the folks behind Cactoide create an open source alternative to Meetup / Eventbrite, Ryan Farley tells the story of how RSS beat Microsoft, Dominik Szymański ditched Docker for Podman (and thinks you should too), and Stripe announces a new layer 1 blockchain called Tempo.

Mike Judge breaks down why he doesn't believe the AI coding claims add up, the folks behind Cactoide create an open source alternative to Meetup / Eventbrite, Ryan Farley tells the story of how RSS beat Microsoft, Dominik Szymański ditched Docker for Podman (and thinks you should too), and Stripe announces a new layer 1 blockchain called Tempo.

Mike Judge breaks down why he doesn't believe the AI coding claims add up, the folks behind Cactoide create an open source alternative to Meetup / Eventbrite, Ryan Farley tells the story of how RSS beat Microsoft, Dominik Szymański ditched Docker for Podman (and thinks you should too), and Stripe announces a new layer 1 blockchain called Tempo.

Descripción SEO para el episodio 727 de "atareao con Linux":En este episodio, abordo un problema común: la frustración al crear documentos importantes como tesis, proyectos o informes extensos utilizando herramientas tradicionales como Microsoft Word. Para ello, te traigo una solución innovadora y mucho más eficiente: Typst.Typst no es solo otra alternativa, es un lenguaje de marcado que combina la sencillez de Markdown con la potencia de LaTeX. Esto te permite centrarte únicamente en el contenido de tu documento, sin preocuparte por el formato. Una vez que eliges o creas una plantilla, la estética del documento, la tipografía y el diseño se manejan automáticamente.El episodio explora a fondo por qué Typst es la herramienta que estabas buscando: su sintaxis es increíblemente fácil de aprender y usar, la compilación a PDF es muchísimo más rápida que con LaTeX y, al ser un lenguaje de programación, permite automatizar tareas y simplificar tu trabajo.Para ilustrar su potencial, se presentan cuatro ejemplos prácticos:Un álbum de fotos: Demuestra cómo manejar fácilmente documentos con muchas imágenes.Un libro: Muestra la plantilla que Lorenzo usa para escribir sus libros sobre Bash y Docker, gestionando documentos largos de manera eficiente.Un CV: Utilizando una plantilla del Universo de Typst, se demuestra la capacidad para crear documentos con una presentación impecable.Un paper científico: Se destaca su capacidad para manejar documentos complejos con fórmulas y gráficos, igualando a LaTeX pero de forma más simple.Además, el episodio ofrece tres opciones para empezar a usar Typst: la versión en línea para trabajar en equipo, el editor gráfico Katvan y la integración con editores de código como Visual Studio Code y, la favorita de Lorenzo, Neovim, con la extensión Tinymist y Typst-Preview.Si eres un estudiante, un profesional o simplemente alguien que busca una forma más inteligente y productiva de crear documentos, este episodio es para ti. Descubre cómo dejar atrás las limitaciones de Word y adoptar una solución que te ahorrará tiempo y te permitirá enfocarte en lo que realmente importa: tu contenido.Más información y enlaces en las notas del episodio

This is a recap of the top 10 posts on Hacker News on September 05, 2025. This podcast was generated by wondercraft.ai (00:30): I ditched Docker for PodmanOriginal post: https://news.ycombinator.com/item?id=45137525&utm_source=wondercraft_ai(01:49): Anthropic agrees to pay $1.5B to settle lawsuit with book authorsOriginal post: https://news.ycombinator.com/item?id=45142885&utm_source=wondercraft_ai(03:09): I'm absolutely rightOriginal post: https://news.ycombinator.com/item?id=45137802&utm_source=wondercraft_ai(04:29): Fil's Unbelievable Garbage CollectorOriginal post: https://news.ycombinator.com/item?id=45133938&utm_source=wondercraft_ai(05:48): Purposeful animationsOriginal post: https://news.ycombinator.com/item?id=45139088&utm_source=wondercraft_ai(07:08): I bought the cheapest EV, a used Nissan LeafOriginal post: https://news.ycombinator.com/item?id=45136103&utm_source=wondercraft_ai(08:28): European Commission fines Google €2.95B over abusive ad tech practicesOriginal post: https://news.ycombinator.com/item?id=45140730&utm_source=wondercraft_ai(09:47): Nepal moves to block Facebook, X, YouTube and othersOriginal post: https://news.ycombinator.com/item?id=45137363&utm_source=wondercraft_ai(11:07): ML needs a new programming language – Interview with Chris LattnerOriginal post: https://news.ycombinator.com/item?id=45137373&utm_source=wondercraft_ai(12:27): Making a font of my handwritingOriginal post: https://news.ycombinator.com/item?id=45141636&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

In the second half of this crossover between Hands On IT and Automate IT, hosts Landon Miles and Jeremy Maldonado shift from defining IT problems to actually building, testing, and refining solutions. They dig into choosing the right tools without getting lost in endless options, the value of learning from APIs and documentation, and why “don't reinvent the wheel” is a mantra every IT pro should adopt.Along the way, they share real-world stories about discovering hidden libraries, avoiding common pitfalls, and leaning on version control to save projects from chaos. From Python and Bash basics to Git, Postman, and even the “bus test” for documentation, this episode is packed with practical lessons to help you turn automations into lasting, maintainable solutions.Whether you're just starting your automation journey or looking to optimize and scale what you've already built, you'll find insights, strategies, and inspiration to take your IT problem-solving further.Awesome-Selfhosted GitHub Link: https://github.com/awesome-selfhosted/awesome-selfhosted

Si la temporada pasada fue un poco caótica y no se concretaron muchos de los planes, no fue en absoluto un año perdido. De hecho, fue muy productivo desde el punto de vista de la programación. Abordé temas fascinantes como Obsidian (aunque al final volví a mi querido Neovim), la shell Fish, cómo mejorar tus copias de seguridad con Restic en Android, o la exploración de un gestor de ventanas diferente como Niri. A pesar de los avances, eché de menos lo que más me apasiona: los tutoriales prácticos y detallados que nos permiten profundizar en cada tema.Este es el espíritu que quiero recuperar en esta nueva temporada, pero sin caer en la ambición desmedida. Mi objetivo es ofreceros soluciones concretas y métodos que podáis aplicar para mejorar vuestra productividad y optimizar vuestros sistemas Linux.Si eres de los que, como yo, valora tener el control total sobre tus datos y servicios, este pilar te encantará. Hace casi tres años que publiqué mi tutorial de autoalojamiento, y desde entonces, muchas cosas han cambiado. Por eso, mi plan es renovar ese tutorial desde cero, partiendo de Traefik, mi proxy inverso de cabecera. A lo largo de los episodios, configuraremos Traefik desde cero, incluyendo extensiones para mejorar su funcionamiento, y le iremos añadiendo todos los servicios que utilizo en mi día a día, como Docker y más.Hace años que no me meto de lleno en el desarrollo para Android, pero el uso masivo de dispositivos móviles y la evolución de la plataforma me han hecho reconsiderarlo. Mi idea es implementar al menos tres aplicaciones prácticas y funcionales, todas ellas conectadas a un backend robusto en Rust:Un gestor de redes sociales: Automatizaré la publicación de contenidos, pero esta vez con un frontend en Android que te permitirá monitorizar múltiples feeds y configurar la publicación con total libertad.Un gestor Docker: Si alguna vez soñaste con gestionar los contenedores de tu servidor desde el móvil, este proyecto es para ti. Crearé una aplicación Android que, a través de una API en el servidor, te permitirá gestionar todos tus contenedores de forma sencilla y en movilidad.Gestión del Blog y Podcast: Aunque es una tarea muy ambiciosa a largo plazo, quiero empezar a dar los primeros pasos para dejar WordPress atrás y poder gestionar todo el contenido del blog y del podcast desde una aplicación móvil.Finalmente, volveré a un tema recurrente y muy demandado en el canal: las configuraciones. Desgranaré poco a poco la configuración de mis herramientas clave. Veremos cómo tengo configurados Niri, Neovim y mi escritorio GNOME, con tutoriales específicos que te ayudarán a personalizar y optimizar tu propio entorno de trabajo.De nuevo, puede que me haya ido un poco de las manos con las promesas de la nueva temporada, pero como siempre digo, si no nos planteamos metas, es difícil que lleguemos a nada. Así que, esto es lo que propongo.Espero que estos nuevos temas os resulten tan interesantes como a mí. Os animo a seguirme en esta nueva aventura y, como siempre, no dudes en escribirme para proponerme cualquier tema. ¡Nos escuchamos la próxima semana en "atareao con Linux"!¿Te ha gustado la propuesta para esta temporada? ¿Qué proyecto te interesa más? ¡Déjame un comentario y dime qué te gustaría que tratara en profundidad!Más información y enlaces en las notas del episodio

Topics covered in this episode: * rathole* * pre-commit: install with uv* A good example of what functools.Placeholder from Python 3.14 allows Converted 160 old blog posts with AI Extras Joke Watch on YouTube About the show Sponsored by DigitalOcean: pythonbytes.fm/digitalocean-gen-ai Use code DO4BYTES and get $200 in free credit Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: rathole A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok. Features High Performance Much higher throughput can be achieved than frp, and more stable when handling a large volume of connections. Low Resource Consumption Consumes much fewer memory than similar tools. See Benchmark. The binary can be as small as ~500KiB to fit the constraints of devices, like embedded devices as routers. On my server, it's currently using about 2.7MB in Docker (wow!) Security Tokens of services are mandatory and service-wise. The server and clients are responsible for their own configs. With the optional Noise Protocol, encryption can be configured at ease. No need to create a self-signed certificate! TLS is also supported. Hot Reload Services can be added or removed dynamically by hot-reloading the configuration file. HTTP API is WIP. Brian #2: pre-commit: install with uv Adam Johnson pre-commit doesn't natively support uv, but you can get around that with pre-commit-uv $ uv tool install pre-commit --with pre-commit-uv Installing pre-commit like this Installs it globally Installs with uv adds an extra plugin “pre-commit-uv” to pre-commit, so that any Python based tool installed via pre-commit also uses uv Very cool. Nice speedup Brian #3: A good example of what functools.Placeholder from Python 3.14 allows Rodrigo Girão Serrão Remove punctuation functionally Also How to use functools.Placeholder, a blog post about it. functools.partial is cool way to create a new function that partially binds some parameters to another function. It doesn't always work for functions that take positional arguments. functools.Placeholder fixes that with the ability to put in placeholders for spots where you want to be able to pass that in from the outer partial binding. And all of this sounds totally obscure without a good example, so thank you to Rodgrigo for coming up with the punctuation removal example (and writeup) Michael #4: Converted 160 old blog posts with AI They were held-hostage at wordpress.com to markdown and integrated them into my Hugo site at mkennedy.codes Here is the chat conversation with Claude Opus/Sonnet. Had to juggle this a bit because the RSS feed only held the last 50. So we had to go back in and web scrape. That resulted in oddies like comments on wordpress that had to be cleaned etc. Whole process took 3-4 hours from idea to “production”duction”. The chat transcript is just the first round getting the RSS → Hugo done. The fixes occurred in other chats. This article is timely and noteworthy: Blogging service TypePad is shutting down and taking all blog content with it This highlights why your domain name needs to be legit, not just tied to the host. I'm looking at you pyfound.blogspot.com. I just redirected blog.michaelckennedy.net to mkennedy.codes Carefully mapping old posts to a new archived area using NGINX config. This is just the HTTP portion, but note the /sitemap.xml and location ~ "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.+?)/?$" { portions. The latter maps posts such as https://blog.michaelckennedy.net/2018/01/08/a-bunch-of-online-python-courses/ to https://mkennedy.codes/posts/r/a-bunch-of-online-python-courses/ server { listen 80; server_name blog.michaelckennedy.net; # Redirect sitemap.xml to new domain location = /sitemap.xml { return 301 ; } # Handle blog post redirects for HTTP -> HTTPS with URL transformation # Pattern: /YYYY/MM/DD/post-slug/ -> location ~ "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.+?)/?$" { return 301 ; } # Redirect all other HTTP URLs to mkennedy.codes homepage location / { return 301 ; } } Extras Brian: SMS URLs and Draft SMS and iMessage from any computer keyboard from Seth Larson Test and Code Archive is now up, see announcement Michael: Python: The Documentary | An origin story is out! Joke: Do you know him? He is me.

In this special crossover between Hands On IT and Automate IT, hosts Landon Miles and Jeremy Maldonado dive into the building blocks of IT solutions. They share practical ways to approach automation without the overwhelm—starting from defining real-world problems and breaking them into manageable steps. Along the way, they explore Linux as a problem-solving tool, home lab tinkering, Docker, Proxmox, and the power of learning by experimenting (and breaking things!). Whether you're new to IT or ready to sharpen your automation mindset, this episode is packed with insights, inspiration, and actionable takeaways.Stay tuned for Part 2, where we dig into the tools, testing, and turning automations into solutions! Awesome-Selfhosted GitHub Link: https://github.com/awesome-selfhosted/awesome-selfhosted

This is a recap of the top 10 posts on Hacker News on August 28, 2025. This podcast was generated by wondercraft.ai (00:30): Ask HN: The government of my country blocked VPN access. What should I use?Original post: https://news.ycombinator.com/item?id=45054260&utm_source=wondercraft_ai(01:58): Altered states of consciousness induced by breathwork accompanied by musicOriginal post: https://news.ycombinator.com/item?id=45046916&utm_source=wondercraft_ai(03:26): Are OpenAI and Anthropic losing money on inference?Original post: https://news.ycombinator.com/item?id=45050415&utm_source=wondercraft_ai(04:55): Open Source is one personOriginal post: https://news.ycombinator.com/item?id=45047460&utm_source=wondercraft_ai(06:23): The Deletion of Docker.io/BitnamiOriginal post: https://news.ycombinator.com/item?id=45048419&utm_source=wondercraft_ai(07:52): UncertainOriginal post: https://news.ycombinator.com/item?id=45054703&utm_source=wondercraft_ai(09:20): AI adoption linked to 13% decline in jobs for young U.S. workers: studyOriginal post: https://news.ycombinator.com/item?id=45052423&utm_source=wondercraft_ai(10:49): Important machine learning equationsOriginal post: https://news.ycombinator.com/item?id=45050931&utm_source=wondercraft_ai(12:17): Claude Sonnet will ship in XcodeOriginal post: https://news.ycombinator.com/item?id=45058688&utm_source=wondercraft_ai(13:46): Some thoughts on LLMs and software developmentOriginal post: https://news.ycombinator.com/item?id=45055641&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

Rob Allen joins us to discuss the importance of security research teams, and some cool stuff they've worked on. Then, in the Security News: Flipper Zero, unlocking cars: The saga continues The one where they stole the vulnerabilities ESP32 Bus Pirates AI will weaponize everything, maybe What are in-the-wild exploits? Docker and security boundaries, and other such lies AI-powered ransomeware BadCAM, BadUSB, and novel defenses 5G sniffers Jeff breaks down all the breach reports AI in your browser is a bad idea And How to rob a hotel - a nod to the way hacking used to be This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-889

Rob Allen joins us to discuss the importance of security research teams, and some cool stuff they've worked on. Then, in the Security News: Flipper Zero, unlocking cars: The saga continues The one where they stole the vulnerabilities ESP32 Bus Pirates AI will weaponize everything, maybe What are in-the-wild exploits? Docker and security boundaries, and other such lies AI-powered ransomeware BadCAM, BadUSB, and novel defenses 5G sniffers Jeff breaks down all the breach reports AI in your browser is a bad idea And How to rob a hotel - a nod to the way hacking used to be This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweekly.com/psw-889

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

In this conversation, career coach Kacie Bail discusses her work helping others navigate the job market. She emphasizes the growing importance of soft skills in job applications, the challenges of job rejections, and the need for empathy from interviewers. Kacie shares her journey from bioengineering to consulting, highlighting the significance of internships and the continuous nature of career development. The discussion also touches on the impact of automation on job opportunities and the importance of finding clarity in career goals. 00:00 Introduction00:30 What is Kacie Doing Today? 01:30 Job Search Process09:00 Interviewing and Soft Skills15:00 Having Attention20:00 Highschool Interests33:00 University in Maryland39:00 Entering Consulting55:00 Looking for Change01:03:00 Moving to Chile1:18:00 Getting the Interview1:22:00 Sourcing Clients1:27:10 AI Automation for Resumés1:31:30 Contact InfoConnect with Kacie: Linkedin: https://www.linkedin.com/in/kaciebail/Kacie's Newsletter: https://kaciebail.substack.comInstagram: @kaciebailMentioned in this Episode:Kacie's Site: https://www.kaciebail.com/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords. • Germany may soon outlaw ad blockers • What's happening in the courts over AI • The U.K. drops its demands of Apple • New Microsoft 365 tenants being throttled • Is Russia preparing to block Google Meet? • Bluesky suspends its service in Mississippi • How to throttle AI • A tricky SSH-busting Go library • Here comes the Linux desktop malware • Apple just patched a doozy of a vulnerability • A trivial Docker escape was found and fixed • Why the recent browser 0-day clickjacking is really just whac-a-mole Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: 1password.com/securitynow zscaler.com/security bigid.com/securitynow uscloud.com

Naughty RBG, Docker, RDP, SBOMS, Kullback-Leibler, Oneflip, Youtube, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-506

Take a Network Break! We double-dip on red alerts as the FBI warns that Russian state hackers are targeting a seven-year-old vulnerability on Cisco IOS and IOS-XE devices (a patch has been available for seven years), and a compromised XZ Utils backdoor is still lurking in some Docker images. Palo Alto Networks has added support... Read more »

Take a Network Break! We double-dip on red alerts as the FBI warns that Russian state hackers are targeting a seven-year-old vulnerability on Cisco IOS and IOS-XE devices (a patch has been available for seven years), and a compromised XZ Utils backdoor is still lurking in some Docker images. Palo Alto Networks has added support... Read more »

Take a Network Break! We double-dip on red alerts as the FBI warns that Russian state hackers are targeting a seven-year-old vulnerability on Cisco IOS and IOS-XE devices (a patch has been available for seven years), and a compromised XZ Utils backdoor is still lurking in some Docker images. Palo Alto Networks has added support... Read more »

Don't Forget The "-n" Command Line Switch Disabling reverse DNS lookups for IP addresses is important not just for performance, but also for opsec. Xavier is explaining some of the risks. https://isc.sans.edu/diary/Don%27t%20Forget%20The%20%22-n%22%20Command%20Line%20Switch/32220 watchTowr releases details about recent Commvault flaws Users of the Commvault enterprise backup solution must patch now after watchTowr released details about recent vulnerabilities https://labs.watchtowr.com/guess-who-would-be-stupid-enough-to-rob-the-same-vault-twice-pre-auth-rce-chains-in-commvault/?123 Docker Desktop Vulnerability CVE-2025-9074 A vulnerability in Docker Desktop allows attackers to escape from containers to attack the host. https://docs.docker.com/desktop/release-notes/#4443

In this potluck episode of Syntax, Wes and Scott answer your questions about VS Code vs Cursor, navigating promotions and job titles, database fundamentals, avoiding decision paralysis, how AI is shaping frameworks, and more! Show Notes 00:00 Welcome to Syntax! 00:56 Brought to you by Sentry.io 06:24 Moving from VS Code to Cursor without losing your shortcuts 12:13 Should you bring up a senior promotion at a new job? 16:32 Relying on LLMs vs. learning database fundamentals 20:42 Overcoming decision paralysis in programming 25:00 What to do when your code gets too messy 27:39 Could Wasm replace Docker and Kubernetes? 32:14 Organizing mini-apps in Express: monorepo, micro frontends, or something else? 38:49 Will AI lock us into React and make new frameworks irrelevant? 46:57 Sick Picks + Shameless Plugs Sick Picks Wes and Scott: Niimbot Shameless Plugs Subscribe to Syntax on YouTube Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Hoje o papo é sobre DevOps! Neste episódio, mergulhamos em como o Santander F1rst lida com algo tão complexo e tão essencial, desde o fluxo do dia a dia, até os desafios de entender as melhores aplicações de cada nova ferramenta de IA. Vem ver quem participou desse papo: André David, o host que não está querendo puxar a sardinha para o back-end Yago Oliveira, Coordenador de Conteúdo Técnico na Alura Fabiano Carneiro, IT Manager no Santander F1rst Leandro Matinez, Arquiteto de TI no Santander F1rst

CVE-2017-11882 Will Never Die The (very) old equation editor vulnerability is still being exploited, as this recent sample analyzed by Xavier shows. The payload of the Excel file attempts to download and execute an infostealer to exfiltrate passwords via email. https://isc.sans.edu/diary/CVE-2017-11882%20Will%20Never%20Die/32196 Windows Kerberos Elevation of Privilege Vulnerability Yesterday, Microsoft released a patch for a vulnerability that had already been made public. This vulnerability refers to the privilege escalation taking advantage of a path traversal issue in Windows Kerberos affecting Exchange Server in hybrid mode. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53779 Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images Some old Debian Docker images containing the xz-utils backdoor are still available for download from Docker Hub via the official Debian account. https://www.binarly.io/blog/persistent-risk-xz-utils-backdoor-still-lurking-in-docker-images FortiSIEM / FortiWeb Vulnerablities Fortinet patched already exploited vulnerabilities in FortiWeb and FortiSIEM https://fortiguard.fortinet.com/psirt/FG-IR-25-152 https://fortiguard.fortinet.com/psirt/FG-IR-25-448