Tootfinder

@… the downside here is that I’d guess bundled deps behave like pinned deps if they get a new version upstream

Presumably even more to HostRoyale. They use edgoo for all upstream.
https://social.bgp.tools/@transfers/statuses/01K9QJX3EHY2276BFBBCR3JK0Y

Post by IP/ASN Transfers, @transfers@bgp.tools
"VODAFONE ONO, S.A." transferred: 82.158.232.0/21 (Taken from 82.158.128.0/17), 82.158.240.0/20 (Taken from 82.158.128.0/17), 85.136.224.0/19 (Taken from 85.136.0.0/15) to "cleardocks LLC" (Estimated Market Value: $288.77 K)

The Greenland sea cables are probably being closely monitored, but redundancy seems minimal likely limited to OneWeb satellite connectivity and some VSAT links.
Looking at the routing side, AS8818 announces just two /19s and one /22 (and two /32s in IPv6) with a single upstream provider, Level 3 Inc. This suggests that Layer 3 redundancy is even more constrained.
I would have expected at least one EU-based provider as an additional upstream...
🔗

Nonlinear System Identification for Model-Based Control of Waked Wind Turbines
Sebastiano Randino, Lorenzo Schena, Nicolas Coudou, Emanuele Garone, Miguel Alfonso Mendez
https://arxiv.org/abs/2510.07336

Nonlinear System Identification for Model-Based Control of Waked Wind Turbines
This work presents a nonlinear system identification framework for modeling the power extraction dynamics of wind turbines, including both freestream and waked conditions. The approach models turbine dynamics using data-driven power coefficient maps expressed as combinations of compact radial basis functions and polynomial bases, parameterized in terms of tip-speed ratio and upstream conditions. These surrogate models are embedded in a first-order dynamic system suitable for model-based control…

It's alive! OpenOCD release doesn't support the STM32MP2 and apparently ST's fork doesn't either??
But latest upstream git head works fine.
Now to try and poke an LED or something to make sure it's responsive.

@… Ah shit, I fucked it up. The actual icons really are called vivaldi in our upstream package. I undid the change for the desktop file but also changed the icons. Damn it. I need to remove that from SBo pending, fix it and submit again. Wait a moment.

Does Turbulence at the Correlation Scale Regulate the Statistics of Magnetic Reconnection?
M. B. Khan, M. A. Shay, S. Oughton, W. H. Matthaeus, C. C. Haggerty, S. Adhikari, P. A. Cassak, S. Fordin, D. O'Donnell, Y. Yang, R. Bandyopadhyay, S. Roy
https://arxiv.org/abs/2510.07502

Does Turbulence at the Correlation Scale Regulate the Statistics of Magnetic Reconnection?
We study the statistics of dynamical quantities associated with magnetic reconnection events embedded in a sea of strong background magnetohydrodynamic (MHD) turbulence using direct numerical simulations. We focus on the relationship of the reconnection properties to the statistics of global turbulent fields. For the first time, we show that the distribution in turbulence of reconnection rates (determined by upstream fields) is strongly correlated with the magnitude of the global turbulent magn…

@… DOCSIS has some really crazy mechanisms for QoS when your segment is congested, I really can‘t quite believe that‘s what you’re seeing in your rural area, though.
Are you running a DOCSIS 3.1 capable modem? What are your upstream measurements like? All channels running on proper modulation modes?

achievement unlocked: first outage involving BGP and an upstream provider doing something deranged

If you have a problem with secureblue being open and honest, we’re not the same.
"secureblue is for those whose first priority is using Linux, and second priority is security. secureblue does not claim to be the most secure option available on the desktop. We are limited in that regard by the current state of desktop Linux standardization, tooling, and upstream security development. What we aim for instead is to be the most secure option for those who already intend to use Linux. …

Working on upgrading my :nixos: #NixOS to 25.11, one of the config evaluation errors is:
error: 'kbibtex' has been removed, as it is unmaintained upstream
#KBibTeX is unmaintained? Aha. This commit history with recent commits in the last days does not look like an unmaintained project:…

HTTP/1.1 must die: the desync endgame
Upstream HTTP/1.1 is inherently insecure and regularly exposes millions of websites to hostile takeover. Six years of attempted mitigations have hidden the issue, but failed to fix it.
🌐 https://portswigger.net/research/http1-must-die

HTTP/1.1 must die: the desync endgame
Abstract Upstream HTTP/1.1 is inherently insecure and regularly exposes millions of websites to hostile takeover. Six years of attempted mitigations have hidden the issue, but failed to fix it. This p

Mekong sand mining risks collapse of SE Asia’s largest freshwater lake, study finds https://news.mongabay.com/2025/12/mekong-sand-mining-risks-collapse-of-se-asias-largest-freshwater-lake-study-finds/

Mekong sand mining risks collapse of SE Asia’s largest freshwater lake, study finds
Rampant sand mining in the Mekong River is directly weakening critical seasonal river flows that sustain Southeast Asia’s largest freshwater lake, new research indicates. The Mekong’s annual wet season flood pulse that feeds water into Cambodia’s Tonle Sap Lake has been dwindling year by year. Experts have long pointed to upstream hydropower dams in China […]

Hmm I kinda wish the #dirvish extension had submitted fixes and enhancements to the #upstream project rather than just lift and shifted the code. At least the license is the same:

Outcomes-over-outputs is one thing — but even outcomes aren't always impactful.
Investing in any outcome carries opportunity cost. Any effort you expend means not spending that effort elsewhere.
And when there's a bottleneck in the system, effort upstream of the bottleneck has diminishing returns. Typically, that bottleneck is your process.
Since the process is made up of people, technical solutions won't help.

All your problems are people problems (Don't Just Do Things, Part 2)
If you want to do strategy, you must be willing to do process transformation first.

one of my stupider pet-peeves:
"what's the meta"
not all strategy is *meta-game* strategy. "the meta" is only *possible* in a multiplayer game, where the balance of the characters is being continuously tweaked by upstream developers.
Choosing a tool just because it's known to be strong: *strategy*. that's strategy. you're describing *fucking strategy*. not meta-strategy.
Choosing a tool because *other players are known to be choosin…

#Seafile has been removed in #NixOS 25.11 because "upstream only supports docker now", but I didn't want to migrate to docker. Good thing that NixOS 25.11 also introduces an #OpenCloud

This log entry always appears at the top of my cable modem's web view of the log. Every 36 hours, the timestamp changes. It's not new,. just the same line with a new timestamp.
It has been this way for years, I believe for the whole decade that I've had it, although its rock-solid regularity may have started with the last update (2019) or with some upstream behavior change. It is harmless (DHCP clients must tolerate unrecognized options).
And people wonder why I e…

Musl support finally merged in upstream Systemd!!

Wow. I've dealt with various toxic personalities in software development, but a good portion of the time those toxic personalities were at least extremely knowledgeable in their (often, very limited) domain.
AI, however, seems to be enabling toxic personalities *who are completely clueless*. Impressive!
https://github…

When you find an issue with software you use that you can fix right away, what are hurdles you are prepared to take while sending that fix upstream?
#FLOSS #supplychain #opensource

An annoying bug in Plasma 6.4.5 on FreeBSD 15.0 in VirtualBox.
Not present with 6.3.4 on Kubuntu 25.04. If it's reproducible on 25.10, I might report upstream.
<https://wiki.ubuntu.com/QuestingQuokka/ReleaseNotes/Kubuntu#Plasma_6.4> "… …

About a month ago the UK government announced "internet sanctions" against AS210644 / Aéza International. I assume that prevents UK companies offering upstream connections - does this also cover any "UK" companies peering?

Pharmacist: Safety Alignment Data Curation for Large Language Models against Harmful Fine-tuning
Guozhi Liu, Qi Mu, Tiansheng Huang, Xinhua Wang, Li Shen, Weiwei Lin, Zhang Li
https://arxiv.org/abs/2510.10085

Pharmacist: Safety Alignment Data Curation for Large Language Models against Harmful Fine-tuning
Harmful fine-tuning issues present significant safety challenges for fine-tuning-as-a-service in large language models. Existing alignment-stage defenses, e.g., Vaccine, Repnoise, Booster, and T-Vaccine, mitigate harmful fine-tuning issues by enhancing the model's robustness during the alignment phase. While these methods have been proposed to mitigate the issue, they often overlook a critical upstream factor: the role of the original safety-alignment data. We observe that their defense perform…

Honestly, #libfuse3 is the single worst library I have worked with. The API is a random mix of bugs, hacks and historical changes. The documentation is barely existing for the more common API, and practically non-existing for anything else. And upstream's attitude is, basically "lack of documentation is not a bug, feel free to contribute". Because obviously people have nothing better to do than dig through tons of your awful code, figure out how it interacts with the #Linux kernel, and then document it all.
#FUSE

I'm looking for "alpha testers" for an alternative forge ( based on #Forgejo )
#floss projects, likely paid for private projects (although we are providing the service for free for a while, until we do an official launch).
Once/If we start having paid customers, we'll donate part of that income to the upstream Forgejo project.
This forge is 100% hosted in #Europe, and operated & maintained by a very small workers-owned #coop .
P.S.: Yep, we know about the great Codeberg :) .
#BetaTesting #Git

#Mozilla is doing great. #Firefox is vendoring an old vulnerable version of #Expat with custom patches on top. Of course, they never even bothered communicating their needs to Expat upstream. But I guess when AI is the future, #security is a thing of the past.
(That said, I don't know if these vulnerabilities actually affect Firefox.)
https://bugs.gentoo.org/967032#c1

Totally normal #Python upstream attitude:
1. Ignore a reply on a bug report for 3 years.
2. Install a #StaleBot in the middle of the night.
3. 7 minutes after the bug is marked stale, claim that you "never heard back on this" and that "the issue was somewhere downstream", without even checking another linked issue.
#Matplotlib

I've filed a report about a minor problem with a #Python package, namely that the source distribution contained some trailing junk that breaks GNU #tar. On one hand, I'm happy that upstream took the issue seriously. On the other hand, I'm terrified of how much #AI slop was involved in the response.
I mean, my short bug report yielded a few walls of text of #LLM analysis of what the cause of the problem might be, of suggested solutions… and praise of the author's fix. These are interspersed with short comments from the author, all pasted under their own personal account. And the linked pull request is also huge, with "verification code" that's quite sloppy (bits that don't do anything, conditions that will never be true… but at least it seems to do what it was supposed to do).
Honestly, I don't know what to do. Not that I ever planned using this package, but at this point I will definitely stay away from it. It's in #Gentoo, and I'll have to continue maintaining it for the sake of reverse dependencies, but I feel like it's unfair to expose our users to packages that have clearly proven to accept AI slop without reviewing it properly. Or rather, AI slop that's being reviewed… by AI. How can anyone think this a good idea?!
There were multiple times in my life when I've considered retiring from Gentoo, for variety of reasons. There were also multiple times when I wanted to get away from computers altogether. Unfortunately, we're living in a truly fucked up world, and there is no escape. The best you can do is put an ever increasing effort to keep fixing all that crap that will just keep piling on faster and faster.
#FreeSoftware #OpenSource