Feed lwn LWN.net

Favorite IconLWN.net

Link https://lwn.net/
Feed http://lwn.net/headlines/rss
Updated 2025-07-11 12:30
[$] Anubis sends AI scraperbots to a well-deserved fate
Few, if any, web sites or web-based services have gone unscathed bythe locust-like hordes of AI crawlers looking to consume (and thenre-consume) all of the world's content. The Anubis project is designed toprovide a first line of defense that blocks mindless bots-whilegranting real users access to sites without too much hassle. Anubis isa young project, not even a year old. However, its development ismoving quickly, and the project seems to be enjoying rapidadoption. The most recent release of Anubis, version1.20.0, includes a feature that many users have been interested insince the project launched: support for challenging clients withoutrequiring users to have JavaScript turned on.
Five new stable kernels
Greg Kroah-Hartman has released the 6.15.6, 6.12.37, 6.6.97, 6.1.144, and 5.15.187 stable kernels. As is the usualcase, each contains important fixes all over the kernel tree.
Security updates for Thursday
Security updates have been issued by Debian (sslh), Oracle (container-tools:rhel8, gnome-remote-desktop, golang, javapackages-tools:201801, jq, libvpx, libxml2, mpfr, and perl-File-Find-Rule-Perl), Red Hat (glib2, libblockdev, and sudo), Slackware (git), SUSE (avif-tools, containerd, djvulibre, gpg2, helm, kernel, libpoppler-cpp2, libxml2, libxml2-2, openssl-3, perl-YAML-LibYAML, python-cryptography, python-setuptools, python311-pycares, tomcat10, and wireshark), and Ubuntu (djvulibre, git, libyaml-libyaml-perl, and protobuf).
[$] LWN.net Weekly Edition for July 10, 2025
Inside this week's LWN.net Weekly Edition:
Amarok 3.3 released
Version3.3 of the Amarok musicplayer has been released. This is the first release of Amarok based onKDEFrameworks6and Qt6. Amarok 3.3also includes a major rework of its audio engine to use GStreamer for audioplayback.
New upgrade paths for ELevate
The AlmaLinux project has announcednew upgrade paths for its ELevate utility, whichallows users to upgrade between major versions of Red Hat EnterpriseLinux derivatives. The new paths include upgrades from AlmaLinux9to AlmaLinux10 and CentOSStream9 toCentOSStream10, with support for EPEL, DockerCE, andPostgreSQL third-party package repositories. LWN covered ELevate lastyear.
[$] Reinventing the Python wheel
It is no secret that the Python packaging world is at something of acrossroads; there have been debates and discussions about the packaginglandscape that started long before our 2023series describing some of the difficulties. There has been progresssince then-and incremental improvements all along, in truth-but a newinitiative is looking to overhaul packaging for the language. At PyCon US 2025, Barry Warsaw andJonathan Dekhtiar gave a presentation on the WheelNext project, which is a communityeffort that aims to improve the experience for users and providers of Pythonpackages while also working with toolmakers and other parts of theecosystem to "reinvent the wheel". While the project's name refersto Python's wheelbinary distribution format, its goals stretch much further than simply theformat.
Security updates for Wednesday
Security updates have been issued by AlmaLinux (container-tools:rhel8, jq, kernel, podman, python-setuptools, socat, and thunderbird), Gentoo (Chromium, Google Chrome, Microsoft Edge. Opera, ClamAV, Git, NTP, REXML, and strongSwan), Oracle (buildah, gnome-remote-desktop, ipa, jq, kernel, podman, python-setuptools, ruby:3.3, socat, uek-kernel, and xorg-x11-server-Xwayland), SUSE (kernel), and Ubuntu (freerdp3, git, gnupg2, linux-aws, linux-oracle, linux-azure, linux-azure, linux-azure-6.11, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips, linux-ibm-5.15, linux-intel-iotg, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-kvm, linux-lowlatency, linux-oem-6.11, and onionshare).
A set of Git security-fix releases
Versions v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1 andv2.50.1 of the Git source-code management system have been released."This is a set of coordinated security fix releases. Please update atyour earliest convenience". See the announcement for details;many of the vulnerabilities have to do with tricks buried in untrustedrepositories.
Thunderbird 140 released
Version140 of the Thunderbird mail client has been released. Notablefeatures include "dark message mode" to adapt message contentto dark mode, the ability to easily transfer desktopsettings to the mobile Thunderbird client, experimental support forMicrosoft Exchange, as well as global controls for message threadingand sort order.Thunderbird140 is an extended-supportrelease (ESR) which will be supported for 12 months. However, theThunderbird project is trying to encourage users to adopt the Releasechannel for monthly updates instead. The project is staggeringupgrades to 140 for existing Thunderbird users in order to catch anysignificant bugs before they are widely deployed, but users canupgrade manually via the Help > Aboutmenu. See the releasenotes for a full list of changes.
[$] Toward the unification of kselftests and KUnit
The kernel project, for many years, lacked a formal testing setup; it wasoften joked that testing was the project's main reason for keeping usersaround. While many types of kernel testing can only be done in thepresence of specific hardware, there are other parts of the kernelthat could be more widely tested. Over time, though, the kernel has gainedtwo separate testing frameworks and a growing body of automated tests to gowith them. These two frameworks - kselftests and KUnit - take differentapproaches to the testing problem; now thispatch series from Thomas Weischuh aims to bring them together.
Security updates for Tuesday
Security updates have been issued by Debian (djvulibre and slurm-wlm), Red Hat (apache-commons-vfs, container-tools:rhel8, kernel, kernel-rt, podman, python3, rsync, socat, and sudo), SUSE (apache2, helm-mirror, incus, kernel, openssl-3, python-Django, and systemd), and Ubuntu (dcmtk, File::Find::Rule, ghostscript, jquery, and libssh).
U-Boot v2025.07 released
The U-Boot universal bootloader projecthas announced the release of version 2025.07. It has multiple new featuresincluding "uthreads" (inspired by the "bthreads" coroutines in the barebox bootloader), exFAT support,new architecture and SoC support and improvements to existing platforms,cleanups, better testing, and more. Project leader Tom Rini took theopportunity to mention his effortstoward getting some help with the project and more formal governance:
Bash-5.3-release available
The GNU project's Bourne AgainSHell (Bash) has released version 5.3, with some significant newfeatures, including some from the associated Readline 8.3 release, which providescommand-line editing and other features for Bash and lots of otherprograms. Bash 5.3 has a "new form of command substitution that executes the command inthe current shell execution context", pathname-completion sortingwill be handled based on the GLOBSORT shell variable, generatedcompletions can go to a shell variable instead of to stdout, the sourcecode has been updated to C23, and more. Meanwhile:
[$] A tour of the niri scrolling-tiling Wayland compositor
Niriis a relatively new Rust-based compositorfor Wayland with a different take on tiling window management: windowsare placed onscreen in an "infinite" row that can expand beyond thebounds of the visible workspace. It is not a full-blown desktopenvironment, but niri may be a suitable option for Linux users whowant tiling features and the minimalism of a window manager forWayland.
Security updates for Monday
Security updates have been issued by Debian (thunderbird and xmedcon), Fedora (darktable, mbedtls, sudo, and yarnpkg), Mageia (catdoc and php), Red Hat (java-1.8.0-ibm, kernel, python-setuptools, python3, python3.11, python3.12, python3.9, socat, sudo, tigervnc, webkit2gtk3, webkitgtk4, xorg-x11-server, and xorg-x11-server-Xwayland), SUSE (alloy, apache-commons-fileupload, apache2-mod_security2, assimp-devel, chromedriver, clamav, clustershell, corepack22, ctdb, curl, dpkg, erlang-rabbitmq-client, ffmpeg-4, firefox, firefox-esr, flake-pilot, fractal, gdm, ggml-devel-5699, gio-branding-upstream, git-lfs, glib2, glibc, go1.23, go1.24, govulncheck-vulndb, gpg2, grafana, grype, helm, himmelblau, icu, jgit, jq, jupyter-bqplot-jupyterlab, jupyter-jupyterlab-templates, jupyter-matplotlib, jupyter-nbclassic, jupyter-nbdime, jupyter-panel, jupyter-plotly, keylime-ima-policy, kubernetes1.30-apiserver, kubernetes1.31-apiserver, kubernetes1.32-apiserver, libbd_btrfs-devel, libetebase-devel, libmozjs-128-0, libprotobuf-lite31_1_0, libQt5Bootstrap-devel-static-32bit, libsoup, libsoup-2_4-1, libsoup-3_0-0, libspdlog1_15, libssh, libssh-config, libsystemd0, libtpms-devel, libwireshark18, libwx_gtk2u_adv-suse16_0_0, mirrorsorcerer, moarvm, nix, nodejs-electron, nova, oci-cli, opa, openbao, ovmf-202505, pam, pam_pkcs11, perl, perl-32bit, perl-CryptX, perl-File-Find-Rule, perl-YAML-LibYAML, podman, polaris, postgresql-jdbc, pure-ftpd, python-furo-doc, python-requests, python310, python311, python311-Django, python311-Django4, python311-jupyter-core, python311-Pillow, python311-pydata-sphinx-theme, python311-requests, python311-salt, python311-urllib3, python312, python313, python314, python39, radare2, redis, samba, SDL, SDL2, sudo, teleport, thunderbird, tomcat, tomcat10, tomcat11, traefik, traefik2, valkey, velociraptor, vim, xorg-x11-server, and xwayland), and Ubuntu (linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-6.11, and linux-oem-6.14).
Kernel prepatch 6.16-rc5
The 6.16-rc5 kernel prepatch has beenreleased. Quoth Linus: "Please keep testing, but this all feels fairlyregular for this phase of the release".
Four new stable kernels
The6.15.5,6.12.36,6.6.96, and6.1.143stable kernels have been released; each contains another set of importantfixes.
[$] Python audio processing with pedalboard
Thepedalboardlibrary for Python is aimed at audio processing of various sorts, fromconverting between formats to adding audio effects. The maintainer ofpedalboard, Peter Sobot, gave a talk about audio in Python atPyCon US 2025, which was held in Pittsburgh,Pennsylvania in May. He started from the basics of digital audio and thenmoved into working with pedalboard. There were, as might be guessed, audio examplesin the talk, along with some visual information; interested readers may want to view the YouTube video of thepresentation.
Security updates for Friday
Security updates have been issued by AlmaLinux (.NET 9.0, container-tools:rhel8, ghostscript, git-lfs, grafana-pcp, pandoc, perl-FCGI:0.78, ruby:2.5, ruby:3.3, tigervnc, and varnish:6), Debian (jpeg-xl and mediawiki), Fedora (darktable, guacamole-server, mingw-gdk-pixbuf, and yarnpkg), Oracle (gimp, kernel, libsoup, python-tornado, python3.12, and thunderbird), Slackware (php), SUSE (libgepub), and Ubuntu (libtpms, linux-aws-5.15, linux-intel-iot-realtime, and linux-bluefield).
Richards: Introducing tmux-rs
Collin Richards has announced version0.0.1 of tmux-rs, a port of the tmux terminal multiplexerto Rust.
[$] Kernel API specification and validation
The kernel project makes a strong promise to its users: the kernel ABI willnot be changed in ways that break user-space code. The occasional failurenotwithstanding, kernel developers do try to live up to that promise. Theyare handicapped by one little problem, though: there is no description ofwhat the kernel ABI is, and no comprehensive way to test whether a givenchange breaks it. The kernel APIspecification framework proposed (in its second revision) by SashaLevin addresses some of those concerns, but the solution is incomplete anddoes not come for free.
Security updates for Thursday
Security updates have been issued by AlmaLinux (.NET 9.0, aardvark-dns, apache-commons-beanutils, bootc, buildah, corosync, delve and golang, exiv2, expat, firefox, ghostscript, git, git-lfs, gnutls, grafana, grafana-pcp, grub2, gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server, gstreamer1-plugins-base, gstreamer1-plugins-good, gvisor-tap-vsock, iptraf-ng, java-21-openjdk, kernel, keylime-agent-rust, krb5, libarchive, libblockdev, libsoup3, libtasn1, libvpx, libxslt, microcode_ctl, mod_auth_openidc, nodejs22, nodejs:20, openjpeg2, osbuild and osbuild-composer, perl-FCGI, perl-Module-ScanDeps, perl-YAML-LibYAML, php, php:8.2, php:8.3, podman, protobuf, python-jinja2, python-requests, python3.11, python3.12, python3.12-cryptography, python3.9, rpm-ostree, rsync, rust-bootupd, skopeo, thunderbird, tigervnc, tomcat, tomcat9, webkit2gtk3, xdg-utils, xorg-x11-server, and xorg-x11-server-Xwayland), Debian (ring), Mageia (libarchive and rootcerts, nss & firefox), Oracle (.NET 9.0, corosync, firefox, osbuild-composer, pam, python3, python3.11, python3.12, python3.9, skopeo, sudo, and thunderbird), Red Hat (microcode_ctl, pam, php, thunderbird, tigervnc, xorg-x11-server, xorg-x11-server and xorg-x11-server-Xwayland, and xorg-x11-server-Xwayland), SUSE (clamav, icu, libgepub, libsoup, python-requests, tomcat, and xorg-x11-server), and Ubuntu (clamav, logback, mongo-c-driver, pcs, and python-flask-cors).
[$] LWN.net Weekly Edition for July 3, 2025
Inside this week's LWN.net Weekly Edition:
Debian looking for testers with Apple M1/M2 machines
Debian's Bananas team has putout a call for people with Apple M1 or M2 systems to help testDebian on those machines:
The Netdev Foundation launches
The NetdevFoundation, which is "a user-led effort under the supervision of theLinux Foundation, focused on financially supporting Linux networkingdevelopment", has announced itsexistence.
[$] Accessing new kernel features from Python
Every release of the Linux kernel has lots of new features, many of whichare accessible from user space. Usually, though, the GNU C Library (glibc)and tools that access the Linux user-space API lag behind the kernelreleases. Geoffrey Thomas showed how Python programs can access these newkernel features as soon as the kernel is released in his "What's New in theLinux Kernel... from Python" talk atPyCon US 2025. While he had twoexamples of accessing new kernel features, the real goal of the talk was todemonstrate how to go about connecting Python tothe Linux kernel.
Copyleft-next project relaunched
The copyleft-next project is aneffort to develop a next-generation copyleft license; it was covered here back in 2013 (as well as in 2015 and 2021). The project has stalled in recentyears, but now Richard Fontana and Bradley Kuhn have announceda new effort to push copyleft-next forward:
Security updates for Wednesday
Security updates have been issued by AlmaLinux (apache-commons-beanutils, firefox, kea, kernel, kernel-rt, libblockdev, libvpx, pam, python-setuptools, python3, python3.11, python3.12, python3.9, and sudo), Debian (chromium), Gentoo (sudo), Oracle (.NET 8.0, buildah, firefox, freerdp, golang-github-openprinting-ipp-usb, grafana, grafana-pcp, gvisor-tap-vsock, libsoup3, mod_proxy_cluster, perl-FCGI, podman, python-setuptools, qt6-qtbase, skopeo, sudo, and thunderbird), Slackware (mozilla), SUSE (redis, runc, xorg-x11-server, and xwayland), and Ubuntu (composer, linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracle-6.8, linux-raspi, linux, linux-aws, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime, linux, linux-aws, linux-lts-xenial, linux, linux-gcp, linux-raspi, linux-realtime, linux-fips, linux-fips, linux-aws-fips, linux-gcp-fips, linux-realtime, and linux-realtime, linux-raspi-realtime).
GNU Health Hospital Information System 5.0 released
Version 5.0 of theGNU Health Hospital Information System has been released. This project,working to support medical offices, shows just how far the free-softwareeffort can reach. Changes in this release include improved reporting andanalytics, more comprehensive handling of many types of patientinformation, a reworked medical-imaging subsystem, better insurance andbilling functionality, and more.
[$] Yet another way to configure transparent huge pages
Transparent huge pages (THPs) are, theoretically, supposed to allow processes tobenefit from larger page sizes without changes to their code. This does work,but the performance impacts from THPs are not always a benefit, so systemadministrators with specific knowledge of their workloads may want the abilityto fine-tune THPs to the application. On May15, Usama Arifshared a patch set that would add aprctl() option for setting THP defaults for a process; that patchset has sparked discussion about whether such a setting is a good fit forprctl(), and what alternative designs may work instead.
[$] Improved load balancing with machine learning
The extensible scheduler class("sched_ext") allows the loading of a custom CPU scheduler into the kernelas a set of BPF functions; it was merged for the 6.12 kernel release.Since then, sched_ext has enabled a wide range of experimentation withscheduling algorithms. At the 2025 OpenSource Summit North America, Ching-Chun ("Jim") Huang presented workthat has been done to apply (local) machine learning to the problem ofscheduling processes on complex systems.
15 Years of OsmAnd
The OsmAnd map and navigation app project recently celebrated its 15thanniversary.
Security updates for Tuesday
Security updates have been issued by AlmaLinux (delve, emacs, gimp, gimp:2.8, glibc, idm:DL1, ipa, iputils, kernel, krb5, libarchive, libblockdev, libxml2, mod_proxy_cluster, osbuild-composer, pam, perl-File-Find-Rule, perl-YAML-LibYAML, qt5-qtbase, weldr-client, xorg-x11-server and xorg-x11-server-Xwayland, and xorg-x11-server-Xwayland), Debian (mbedtls and sudo), Oracle (.NET 8.0, delve, delve, golang, firefox, ghostscript, glibc, golang, grafana, iputils, kernel, krb5, libarchive, libblockdev, nodejs22, ruby, thunderbird, tomcat, tomcat9, unbound, and wireshark), Red Hat (glibc and mod_auth_openidc), Slackware (sudo), SUSE (gpg2, ImageMagick, iputils, jakarta-commons-fileupload, kernel, libblockdev, libsoup, open-vm-tools, pam, python-tornado6, screen, sudo, and xwayland), and Ubuntu (linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime, linux-gcp, linux-gcp-6.8, linux-hwe-5.4, linux-oem-6.11, and sudo).
[$] Fedora's i686 support gets a reprieve
A changeproposal to end support for 32-bit x86 (i686) applications on thex86_64 architecture with the Fedora44 release has been withdrawnafter significant pushback. As proposed, the change could havehad a significant impact on gamers, compiler development, and the Bazzite project, which uses Fedora as abase for a gaming-focused distribution. While i686 gets a reprieve fornow, the question still lingers: who is going to keep the necessaryi686 packages in working order when few upstream maintainers orvolunteer packagers care about the architecture?
Security updates for Monday
Security updates have been issued by AlmaLinux (mod_proxy_cluster), Debian (catdoc, chromium, nagvis, and sudo), Fedora (chromium, gum, kubernetes1.32, moodle, podman, python3-docs, python3.13, salt, and tigervnc), Mageia (x11-server, x11-server-xwayland & tigervnc), Oracle (apache-commons-beanutils, exiv2, expat, firefox, git, git-lfs, gstreamer1-plugins-bad-free, ipa, java-21-openjdk, kea, kernel, libarchive, libblockdev, libsoup3, libvpx, libxslt, mod_auth_openidc, nodejs22, osbuild-composer, perl, perl-File-Find-Rule, php, python-jinja2, python-tornado, sqlite, thunderbird, valkey, varnish, weldr-client, xorg-x11-server-Xwayland, xz, and yggdrasil), Red Hat (apache-commons-beanutils, javapackages-tools:201801, kernel, and python3.11), SUSE (apache-commons-fileupload, gimp, glib2, himmelblau, nvidia-open-driver-G06-signed, sqlite3, thunderbird, yelp, and yelp-xsl), and Ubuntu (samba).
Kernel prepatch 6.16-rc4
Linus has released 6.16-rc4 for testing."Despite a fairly large merge window, things continue to look fairlycalm on the rc front".
[$] How to write Rust in the kernel: part 2
In 2023, Fujita Tomonoriwrote a Rust version of the existing driver for theAsix AX88796B embedded Ethernet controller. At slightly more than 100 lines,it's about as simple as a driver can be, and therefore is a useful touchstone forthe differences between writing Rust and C in the kernel. Looking at the Rustsyntax, types, and APIs used by the driver and contrasting them with the Cversion will help illustrate those differences.
Bcachefs may be headed out of the kernel
The history of the bcachefs filesystem in the kernel has been turbulent,most recently with Linus Torvalds refusinga pull request for the 6.16-rc3 release. Torvalds has now pulledthe code in question, but also said:
Seven more stable kernel updates
Kernel versions6.15.4,6.12.35,6.6.95,6.1.142,5.15.186,5.10.239, and5.4.295 have all been released.
Security updates for Friday
Security updates have been issued by Debian (freeradius and icu), Fedora (clamav, glow, libssh, perl-Crypt-OpenSSL-RSA, perl-CryptX, podman, trafficserver, and xorg-x11-server), Mageia (gdk-pixbuf2.0 and thunderbird), Red Hat (osbuild-composer and weldr-client), SUSE (afterburn, google-osconfig-agent, libblockdev, pam, python-tornado6, screen, and yelp-xsl), and Ubuntu (libxslt and python-pip).
Rust 1.88.0 released
Version1.88.0 of the Rust language has been released. Changes include theability to chain let expressions, "naked" functions that have nocompiler-generated prologue or epilogue, automatic garbage collection incargo, a set of stabilized APIs, and more.
Oracle Linux 10 released
Version10 of the Oracle Linux distribution has been released.
Coccinelle for Rust progress report (Collabora blog)
Over on the Collabora blog, Tathagata Roy has an updateon the progress of targeting the Coccinelle toolfor matching and transforming source code to Rust. The Coccinelle for Rustproject, which we covered in a 2024talk by Roy at Kangrejos, is addingthe ability to transform Rust programs and the goal is "to bringCoccinelle For Rust at par with Coccinelle For C in terms of basicfunctionalities". There is still work to be done to get there, butprogress is being made in various areas.
[$] Supporting kernel development with large language models
Kernel development and machine learning seem like vastly different areas ofendeavor; there are not, yet, stories circulating about the vibe-coding ofnew memory-management algorithms. There may well be places where machinelearning (and large language models - LLMs - in particular) prove to behelpful on the edges of the kernel project, though. At the 2025North-American edition of the Open Source Summit, Sasha Levin presentedsome of the work he has done putting LLMs to work to make the kernel better
Security updates for Thursday
Security updates have been issued by Debian (firefox-esr and libxml2), Fedora (firefox, libtpms, and tigervnc), Mageia (chromium-browser-stable and nss & firefox), Oracle (emacs, iputils, kernel, krb5, libarchive, mod_proxy_cluster, pam, perl-File-Find-Rule, perl-YAML-LibYAML, and qt5-qtbase), Red Hat (opentelemetry-collector, osbuild-composer, and weldr-client), SUSE (clamav, firefox, go1.24-openssl, and helm), and Ubuntu (libarchive, linux-azure, linux-azure-5.4, linux-azure-fips, linux-fips, linux-azure-nvidia, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-xilinx-zynqmp, and python-urllib3).
[$] LWN.net Weekly Edition for June 26, 2025
Inside this week's LWN.net Weekly Edition:
NLnet announces funding for 62 projects
The NLnet Foundation has announceda new group of projects receiving funding through the NextGeneration Internet (NGI) Zero Commons Fund.
[$] Libxml2's "no security embargoes" policy
Libxml2, anXML parser and toolkit, is an almost perfect example of the successesand failures of the open-source movement. In the 25 years since itsfirst release, it has been widely adopted by open-source projects, foruse in commercial software, and for government use. It alsoillustrates that while many organizations love using open-source software,far fewer have yet to see value in helping to sustain it. That has ledlibxml2's current maintainer to reject security embargoes and sparkeda discussion about maintenance terms for free and open-sourceprojects.
[$] Getting extensions to work with free-threaded Python
One of the biggest changes to come to the Python world is the addition of the free-threadinginterpreter, which eliminates the globalinterpreter lock (GIL) that kept the interpreter thread-safe, but alsoserialized multi-threaded Python code. Over the years, the GIL has been asource of complaints about the scalability of Python code usingthreads, so many developers have been looking forward to the change, whichhas been an experimental feature since Python 3.13was released in October 2024. Making the free-threaded version workwith the rest of the Python ecosystem, especially native extensions, is anongoing effort, however; Nathan Goldbaum and Lysandros Nikolaou spoke at PyCon US 2025 about those efforts.
12345678910...