Welcome to LWN.net
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
[$] GoFundMe to delete unwanted open-source foundation pages
Open-source foundations and projects that have charity status in
the US may want to see if GoFundMe has created a profile
for them without permission. The company has operated since 2010 as a
self-service fundraising platform; individuals or groups could create
pages to raise money for all manner of causes. In June, the company announced
that it would expand its offerings to "manage all aspects of
charitable giving
" for users through its platform. That seems to
include creating profiles for nonprofit organizations without their
involvement. After pushback, the company said
on October 23 that it would be removing the pages. It has not
answered more fundamental questions about how it planned to disburse
funds to nonprofits that had no awareness of the GoFundMe pages in the
first place.
[$] Safer speculation-free user-space access
The Spectre class of hardware vulnerabilities truly is a gift that keeps on giving. New variants are still being discovered in current CPUs nearly eight years after the disclosure of this problem, and developers are still working to minimize the performance costs that come from defending against it. The masked user-space access mechanism is a case in point: it reduces the cost of defending against some speculative attacks, but it brought some challenges of its own that are only now being addressed.
[$] LWN.net Weekly Edition for October 23, 2025
Posted Oct 23, 2025 0:12 UTC (Thu)The LWN.net Weekly Edition for October 23, 2025 is available.
Inside this week's LWN.net Weekly Edition
- Front: Git 3.0 topics; Lazy imports for Python; RubyGems; LLMs for patch review; DebugFS.
- Briefs: Fedora AI policy; OpenBSD 7.8; DigiKam 8.8.0; Forgejo 13.0; KDE Plasma 6.5; RubyGems; Valkey 9.0.0; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
[$] DebugFS on Rust
DebugFS is the kernel's anything-goes, no-rules interface: whenever a kernel developer needs quick access to internal details of the kernel to debug a problem, or to implement an experimental control interface, they can expose them via DebugFS. This is possible because DebugFS is not subject to the normal rules for user-space-interface stability, nor to the rules about exposing sensitive kernel information. Supporting DebugFS in Rust drivers is an important step toward being able to debug real drivers on real hardware. Matthew Maurer spoke at Kangrejos 2025 about his recently merged DebugFS bindings for Rust.
[$] Git considers SHA-256, Rust, LLMs, and more
The Git source-code management system is a foundational tool upon which much of the free-software community is based. For many people, Git simply works, though perhaps in quirky ways, so the activity of its development community may not often appear on their radar. There is a lot happening in the Git world at the moment, though, as the project works toward a 3.0 release sometime in 2026. Topics of interest in the Git community include the SHA-256 transition, the introduction of code written in Rust, and how the project should view contributions created with the assistance of large language models.
[$] The RubyGems.org takeover
In September, a group of long-time maintainers of Ruby packaging tools projects had their GitHub privileges revoked by nonprofit corporation Ruby Central in what many people are calling a hostile takeover. Ruby Central and its board members have issued several public statements that have, so far, failed to satisfy many in the Ruby community. In response, some of the former contributors to RubyGems are working on an alternative service called gem.coop. On October 17, ownership of the RubyGems and Bundler repositories was handed over to the Ruby core team, even though those projects had never been part of core Ruby previously. The takeover and subsequent events have raised a number of questions in the Ruby community.
[$] Explicit lazy imports for Python
Importing modules in Python is ubiquitous; most Python programs start with at least a few import statements. But the performance impact of those imports can be largeāand may be entirely wasted effort if the symbols imported end up being unused. There are multiple ways to lazily import modules, including one in the standard library, but none of them are part of the Python language itself. That may soon change, if the recently proposed PEP 810 ("Explicit lazy imports") is approved.
[$] A brief history of RubyGems.org
Ruby libraries and applications are distributed via a packaging format called a gem. RubyGems.org has been the central hosting service for gems since about 2010. This article is part one of a two-part series on the RubyGems.org takeover by Ruby Central. Understanding the history of RubyGems.org, and the contributor community behind it, is vital to making sense of the current power struggle between Ruby Central and members of the Ruby community who have maintained those services and tools for many years.
[$] Large language models for patch review
There have been many discussions in the free-software community about the role of large language models (LLMs) in software development. For the most part, though, those conversations have focused on whether projects should be accepting code output by those models, and under what conditions. But there are other ways in which these systems might participate in the development process. Chris Mason recently started a discussion on the Kernel Summit discussion list about how these models can be used to review patches, rather than create them.
LWN.net Weekly Edition for October 16, 2025
Posted Oct 16, 2025 1:06 UTC (Thu)The LWN.net Weekly Edition for October 16, 2025 is available.
Inside this week's LWN.net Weekly Edition
- Front: LLMs and copyright; Systemd packaging in Debian; Gccrs; FineIBT; 6.18 Merge window; Interrupt-aware spinlocks; Fedora's /boot.
- Briefs: Linux 6.18-rc1; Librephone; LMDE 7; Ubuntu 25.10; Firefox 144.0; Julia 1.12; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
Typst 0.14 released
Version 0.14 of the Typst document processor has been released.
If you need to comply with accessibility-related regulations, Typst 0.14 has your back. Typst now generates accessible documents by default, with opt-in support for stricter checks. For those working with complex illustrations, PDFs are now supported as a native image format. In case you're typesetting a book, the new character-level justification will give your layout the final touch. And if you're building a website or blog, many improvements to Typst's HTML export are waiting for you.
LWN looked at Typst in September.
Security updates for Friday
Security updates have been issued by AlmaLinux (webkit2gtk3), Debian (bind9, chromium, python-internetarchive, and tryton-sao), Fedora (dokuwiki and php-php81_bc-strftime), Mageia (firefox, nss & rootcerts and thunderbird), Slackware (openssl), SUSE (bleachbit, chromium, kernel, mozilla-nss, and python311-uv), and Ubuntu (fetchmail, golang-go.crypto, and linux-oracle-5.4).
Date bug affects Ubuntu 25.10 automatic updates
The Ubuntu Project has announced that a bug in the Rust-based uutils version of the date command shipped with Ubuntu 25.10 broke automatic updates:
Some Ubuntu 25.10 systems have been unable to automatically check for available software updates. Affected machines include cloud deployments, container images, Ubuntu Desktop and Ubuntu Server installs.
The announcement includes remediation instructions for those affected by the bug. Systems with the rust-coreutils package version 0.2.2-0ubuntu2 or earlier have the bug, it is fixed in 0.2.2-0ubuntu2.1 or later. It does not impact manual updates using the apt command or other utilities.
Ubuntu embarked on a project to "oxidize" the distribution by switching to uutils and sudo-rs for the 25.10 release, and to see if the Rust-based utilities would be suitable for the long-term-release slated for next April. LWN covered that project in March.
Three new stable kernels for Thursday
Greg Kroah-Hartman has released the 6.17.5, 6.12.55, and 6.6.114 stable kernels. As usual, each contains important fixes throughout the tree; users are advised to upgrade.
Btrfs support coming to AlmaLinux 10.1
The AlmaLinux project has announced that the upcoming 10.1 release will include support for Btrfs:
Btrfs support encompasses both kernel and userspace enablement, and it is now possible to install AlmaLinux OS with a Btrfs filesystem from the very beginning. Initial enablement was scoped to the installer and storage management stack, and broader support within the AlmaLinux software collection for Btrfs features is forthcoming.
Btrfs support in AlmaLinux OS did not happen in isolation. This was proposed and scoped in RFC 0005, and has been built upon prior efforts by the Fedora Btrfs SIG in Fedora Linux and the CentOS Hyperscale SIG in CentOS Stream.
AlmaLinux OS is designed to be binary compatible with Red Hat Enterprise Linux (RHEL); Btrfs, however, has never been supported in RHEL. A technology preview of Btrfs in RHEL 6 and 7 ended with the filesystem being dropped from RHEL 8 and onward. AlmaLinux OS 10.1 is currently in beta.
Security updates for Thursday
Security updates have been issued by AlmaLinux (ipa, kernel, and thunderbird), Debian (gdk-pixbuf, gegl, gimp, intel-microcode, raptor2, request-tracker4, and request-tracker5), Fedora (samba and wireshark), Mageia (haproxy, nginx, openssl, and python-django), Oracle (kernel and thunderbird), Red Hat (redis and redis:7), Slackware (bind), SUSE (aws-cli, local-npm-registry, python-boto3, python- botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python- pytest-cov, python-pytest-html, python-pytest-metada, cargo-audit-advisory-db-20251021, fetchmail, git-bug, ImageMagick, istioctl, kernel, krb5, libsoup, libxslt, python-Authlib, and sccache), and Ubuntu (bind9, linux, linux-aws, linux-azure, linux-azure-6.8, linux-gcp, linux-gkeop, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-azure, linux-azure-5.15, linux-gcp-5.15, linux-gcp-6.8, linux-gke, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, and linux-realtime, linux-realtime-6.8).
Fedora Council approves AI-assisted contributions policy
The Fedora Council has approved
an AI-assisted
contributions policy. This follows several
weeks of discussion, some of which was covered by LWN on
October 1. The final policy contains substantial differences from
the initial
proposal, and now requires disclosure of AI tools "when the
significant part of the contribution is taken from a tool without
changes
".
KDE Plasma 6.5 released
KDE Plasma 6.5 has been released. Notable new features include automatic light-to-dark theme switching based on time of day, support for the experimental Wayland picture-in-picture protocol, as well as a number of usability and accessibility improvements. See the complete changelog for a list of the new features, enhancements, and bug fixes.
OpenBSD 7.8 released
OpenBSD 7.8 has been released. As usual, this release includes a long list of changes; see the changelog for all of the details.
Security updates for Wednesday
Security updates have been issued by Fedora (inih, mingw-exiv2, and mod_http2), SUSE (ffmpeg-4, kernel, libqt5-qtbase, protobuf, python-ldap, and python313), and Ubuntu (erlang, ffmpeg, linux, linux-aws, linux-gcp, linux-oem-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime, linux-aws, linux-azure, linux-azure-6.14, linux-azure-nvidia-6.14, linux-azure-fips, linux-oracle-5.4, and linux-realtime-6.14).