I just tweeted about this, but here’s the blog post version:

I GOT THE DOMAIN! I FINALLY GOT IT!!!!!!!!!!!!!

https://paint.net is now the website for Paint.NET! Well, once I get content migrated and redirects set up, etc. For the moment it’s just a “hey go over here to getpaint.net” redirect page.

Read the tweets for the rest of the story

It has been a few days since the last DLC was released, so it is time for us to begin looking ahead in American Truck Simulator. While today is not quite the official reveal, we do have a small teaser from a brand-new destination currently in development for ATS, and we think some of you may already be able to guess where our journey will lead next.

Development on this project is still in its early stages, so we are not ready to share all the details just yet, including any release timeline. However, we couldn’t resist giving the #BestCommunityEver a tiny glimpse of what our teams have been working on behind the scenes.

From iconic roadside landmarks to stretches of highway surrounded by lush countryside, this upcoming map expansion will offer truckers a brand-new region of the United States to explore, haul through, and discover. Whether you enjoy cruising through bustling urban areas, navigating industrial hubs, or taking in scenic rural drives, there will be plenty waiting for you down the road.

Still unsure? Don’t worry, we have a screenshot for you to examine closely. We know our community is filled with expert detectives, and we are excited to see your guesses rolling in across the comments and social media.

As development continues, our map, asset, and research teams are hard at work recreating the atmosphere, industries, road networks, and landmarks that make this part of the United States unique. There is still a road ahead before we are ready to fully unveil this DLC, but we are already looking forward to sharing more about this journey soon.

We cannot wait to show you more when the time is right. Until then, stay up to date with the latest news, don’t forget to follow our blog, subscribe to our newsletter, and follow us on X/Twitter, Facebook, BlueSky, and Instagram. Until next time, keep on truckin’! 

This year marks the Apple Developer Academy in Detroit’s fifth commencement in collaboration with MSU and the Gilbert Family Foundation.

In September 2025, I attended the annual LibreOffice conference in Budapest, Hungary. This gave me an opportunity to explore the city, which I will cover in this post.

Let’s start with the currency. Although Hungary is a part of the European Union (EU), it doesn’t use the euro as its currency. Instead, it uses Hungarian forints (denoted by “Ft”). During my time in Hungary, 1 Indian rupee was equal to 4 Hungarian forints.

After reaching the Budapest airport, I bought a 15-day public transport pass. The public transport counter is after you pass customs and immigration. The pass allows unlimited use of public transport in the city. I had to show my passport and pay 5950 Ft to get the pass. The pass had my passport number mentioned on it. The public transport passes can also be bought at any of the tram stations as well.

This is the counter from where I bought my public transport pass.

My unlimited public transport pass for Budapest. I have redacted my passport number from it.

An automatic ticket machine at a tram station in Budapest.

Budapest is a union of two cities—Buda and Pest—lying on opposite sides of the Danube River. My hotel—Corvin Hotel—was on the Pest side.

Budapest had good public transport. The buses, metros, and trams complemented each other. For example, the airport didn’t have metro or tram connectivity, but it was served by the bus. Most of the metro was on the Pest side, with only a couple of stations falling in Buda. However, both sides had an extensive network of trams.

Furthermore, the information about the public transport was easily accessible. For instance, the map of tram stops inside the trams also included the bus routes one could get after alighting at those stops.

From the airport, I took a bus followed by taking a metro on the M3 line to reach within walking distance of my hotel.

An M3 line metro in Budapest.

During the conference I would take the tram to the conference venue. The trams were modern and fast. They also had a smiley face at the front, which gave them a friendly look. It seemed like the trams were happily doing their job. The city also had a good pedestrian infrastructure along with separate cycling tracks.

A tram in Budapest having a smiley face at the front.

Budapest’s tap water is officially safe to drink, which was mentioned on a sticker posted on the wall of the bathroom of my hotel room. So, I did not need to buy any water bottles while I was there.

On the 6th of September, I went on a sightseeing tour of Budapest with my Dione. Our friend Attila, who was a local (from Hungary), joined us. We went to the central market from our hotel by metro.

If you read my post on Vienna, I mentioned that the metro stations don’t have AFC gates but ticket validators instead. Budapest’s metro also has the same system. If you buy individual tickets, you need to validate them using the validators on the station before boarding the metro. If you are using a public transport pass like I was, then you do not need to validate, and you can board the metro directly.

A ticket validator at a metro station in Budapest.

In 10-15 minutes, we reached the central market. Attila showed us around. I bought a fridge magnet and paprika powder as souvenirs. Paprika powder is a signature spice of Hungary. It is mainly available in two forms—one is sweet and the other being spicy. I wanted the spicy one, but I didn’t get that in that market. Therefore, I had to contend with buying the sweet version. The sweet version isn’t sweet though, it is just not spicy. After bringing that paprika powder home, it is mainly used for food coloring. I like it though and use it frequently in my omelets and other dishes.

Central market.

The building right behind the tram is the central market building.

At some point, Atilla had to join the The Document Foundation (TDF) sightseeing group, so we parted ways at the central market. Dione and I continued our sightseeing and decided to start with visiting the Hungarian parliament, which is a tourist attraction. It was because we were on the Pest side and the parliament was also on the same side, while other tourist attractions were on the Buda side.

So, Dione and I hopped on a tram and went to the parliament. We got off at a tram station just outside the parliament. The parliament is the icon of Budapest. The building has a gothic architecture and colored brown and white. One can buy tickets and take an inside tour. However, we didn’t have a lot of time, so we stayed outside the building.

Hungarian Parliament building.

After spending some time outside the parliament building, we took a tram to the Chain Bridge. As I mentioned earlier, Budapest has two parts—Buda and Pest—separated by the Danube River. To go from one of the sides to the other requires crossing a bridge. Although Budapest has many bridges linking the two sides, the main one is the Chain Bridge.

We walked on the chain bridge to get to the other side. The bridge gave a good view of the Danube River. It also had a statue of a lion. The Buda Castle (another major landmark of Budapest) was visible from the bridge.

A shot of Chain Bridge.

The lion statue on the Chain Bridge.

After reaching the other side of the bridge (the Buda side), we sat on a bench for some time and then planned on where to go next. We decided to go to Fisherman’s Bastion, which is another tourist attraction.

We used the OSMAnd~ app to figure out which bus to take and hopped on one. Soon we reached Fisherman’s Bastion, where we found a flight of stairs that led upwards. Upon climbing the stairs, we got a panoramic view of the city. It also gave us a good view of the Hungarian parliament across the river. Going further upstairs, we found a statue of Stephen I of Hungary. He was the first king of Hungary, getting the crown in the year 1900.

A view of Hungarian parliament from Fisherman’s bastion.

I found Fisherman’s Bastion to be the best tourist attraction in the city. As mentioned earlier, it offers a panoramic view of the city, which I liked. I liked the arhitecture and open space there. If you find yourself in Budapest, I would highly recommend that you visit Fisherman’s Bastion.

Fisherman’s Bastion.

Statue of Stephen I of Hungary at Fisherman’s Bastion.

Next, we went downstairs and returned to where the bus dropped us. From here on, we walked in random streets to see the residential and non-touristy side of Budapest. It was not so random as we walked towards Batthyány tér metro station. Upon reaching the metro station, we found a café where we stopped for a while for some coffee. After injecting some caffeine into our blood, we proceeded to find a place to have lunch.

Batthyány tér metro station.

For lunch, we decided to go to Rákóczi tér metro station after reading on the internet about the food options there. Upon exiting the metro station, we found a market inside a building that had a lot of shops, but most of them were closed.

After roaming around inside a bit, we found an Italian place open and decided to eat there. The name of this place was Matteos. We ordered an eggplant parmigiana, a lasagna artichoke, and a classic tiramisu. It wasn’t very tasty but filled us up for the day.

A picture of Matteos, where we had our lunch.

Budapest has four metro lines, and we had been to three of them, so we decided to try the remaining line, which was the M1 line. It is the oldest line in the city and has a different vibe than the modern lines. This line was opened in 1896, one of the oldest subway systems in the world.

The coaches were much smaller than the other metro lines, and the seating arrangement was something you would expect from a bus than a typical metro train. We rode all the way to the last stop, Mexikói út. Upon going outside, we found out there wasn’t much to do here.

At this point, I checked the map and realized that Heroes’ Square is just a couple of metro stations away. Heroes’ Square is a tourist attraction in Budapest. It is located in Zuglóa and is a historically significant place in Budapest. It has a monument which features the Seven chieftains of the Magyars.

M1 line station and tracks. It is the oldest metro transit of Budapest and one of the oldest in the world. It started operations in 1896.

Here, our unlimited public transport pass was handy because if it was paid per trip, we would think of the stop as a “wasted” one because we would have to buy a ticket again, but in this case we could just hop on again without any regrets.

An M1 line metro train entering the station.

So we took the M1 line again and deboarded at Hősök tere station, followed by walking to the square. After roaming around for a while, we saw a trolleybus and decided to ride on that.

Heroes’ Square.

This is the trolleybus we took in Budapest.

A trolleybus is an electric bus that is powered by overhead electric cables. It is like a tram but runs on roads instead of tracks. We got down at Dózsa György út metro station. Then we took a metro to our hotel.

Before going to the hotel, we went to a place to eat something. We had coffee and lángos. Lángos is a deep-fried Hungarian dish, which looks exactly like the Indian flatbread bhatura. I found it tasty, but since it was deep-fried, that was almost a given.

Lángos — a dish which looks like the Indian flatbread bhatura.

The next day we went to Vienna—the capital of Austria—which I have already posted about. Check it out here.

I had a good time in Budapest, and it is a beautiful city with good public transport and some amazing sites to visit. That’s it for now, and see you next time!

Credits: Thanks Dione and Badri for proofreading.

{ Taipei, Taiwan, 29 mei 2026 – QNAP® Systems, Inc., een toonaangevende innovator op het gebied van computers, netwerken en opslag o ...} More

⚠️ Potential Breaking Changes

Introduced VERSION_KEY_ constants and renamed main to published @alvarosabu (#27397)*
Backward Compatibility: You can now use ?version=published to resolve versions of the main item(s) via the version query parameter. For backward compatibility, ?version=main will continue to work.

Replaced status field with archived boolean in collection settings @alvarosabu (#27397)
Backward Compatibility: Existing collections with string-based status fields continue to work unchanged; newly created collections now default to a boolean "Archived" field instead of the string "Status" field

Deprecated the VResizeable component @formfcw (#27437)

• Deprecation for extensions: The globally registered VResizeable component has been deprecated. Extension authors using <v-resizeable> should migrate to @directus/vue-split-panel or their own implementation.

Updated type system, borders, and theme variables @formfcw (#27437)

• Potential breaking change for theme extensions: headerShadow and sidebarShadow removed from LayoutConfig interface
• Potential breaking change for theme extensions: boxShadow removed from header theme rules schema
• Potential breaking change for theme extensions: sidebarShadow no longer exposed in layout wrapper state

Updated module navigation bar spacing and styling @HZooly (#27437)

• Potential breaking change in theme extensions: Removed navigation.project.borderColor / navigation.project.borderWidth / navigation.project.background from theming. No action is required — these props will simply no longer have any effect.

Locked published items in versioned collections from editing and added a header action button to edit in the draft version @alvarosabu (#27397)

• Breaking change — new behavior for versioned collections Published items in versioned collections are now locked. Edits must be made through the draft version.

Removed rounded buttons and adopted shared header action button across all views @formfcw (#27437)

• Potential breaking change for extensions: The rounded prop has been removed from v-button. Extensions using rounded will still render correctly but buttons will appear as rounded rectangles instead of circles. No functional impact.

Changed license to MSCL-1.0-GPL (#27417)

• Breaking Change: Relicensed from BUSL-1.1 to MSCL-1.0-GPL (Monospace Sustainable Core License, Version 1.0).

Updated header and navigation bar base design and merged their theme properties into a new shell scope @formfcw (#27437)

• Potential breaking change for theme extensions: The theme properties navigation.background, navigation.backgroundAccent, navigation.borderWidth, navigation.borderColor, header.background, header.borderWidth, and header.borderColor have been removed and replaced by shell.background, shell.backgroundAccent, shell.borderWidth, and shell.borderColor.
• Potential breaking change for theme extensions: Custom themes overriding any of these removed properties must migrate to the new shell scope. The corresponding CSS variables change from --theme--navigation--background, --theme--navigation--background-accent, --theme--navigation--border-*, --theme--header--background, and --theme--header--border-* to --theme--shell--background, --theme--shell--background-accent, and --theme--shell--border-*.

Removed the extra confirmation step from the publish flow @alvarosabu (#27487)

• Breaking change — new publish flow: Publishing a version no longer shows an additional confirmation dialog after confirming changes in the comparison modal. The item is published directly once the changes are confirmed.

Updated sidebar styles @formfcw (#27437)

• Potential breaking change for theme extensions: Removed section.toggle.borderWidth / section.toggle.borderColor in favor of section-level border tokens. No action is required — these props will simply no longer have any effect.
• Potential breaking change for theme extensions: Removed sidebarShadow and headerShadow from defineLayout(). No action is required — these props will simply no longer have any effect.

Refactored focus ring from border/box-shadow to outline @formfcw (#27437)

• Potential breaking change for theme extensions: borderColorFocus, boxShadowHover, and boxShadowFocus are removed from the theme schema — custom themes referencing these will lose their focus overrides silently
• Potential breaking change for interface extensions that relied on --theme--form--field--input--border-color-focus or --theme--form--field--input--box-shadow-focus CSS variables will need to migrate to --theme--form--field--input--focus-ring-color

Updated header bar elements and deprecated the headline slot @formfcw (#27437)

• Deprecation for extensions: The headline slot on the private view header bar has been deprecated. Existing content keeps rendering, but consumers using <template #headline> will now see a deprecation hint from Volar.

Changed the default of IP_TRUST_PROXY from true to false to harden the default deployment against IP spoofing. (#27607)
The IP_TRUST_PROXY default was changed from true to false. If you run Directus behind a reverse proxy and rely on X-Forwarded-For (or similar) headers for client IP resolution, you must now explicitly set IP_TRUST_PROXY to true or a more specific trust configuration.

• @directus/app
  • Locked published items in versioned collections from editing and added a header action button to edit in the draft version @alvarosabu (#27397 by @formfcw)
  • Removed rounded buttons and adopted shared header action button across all views @formfcw (#27437 by @formfcw)
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
  • Updated header and navigation bar base design and merged their theme properties into a new shell scope @formfcw (#27437 by @formfcw)
  • Removed the extra confirmation step from the publish flow @alvarosabu (#27487 by @alvarosabu)
• @directus/api
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/themes

  • Updated module navigation bar spacing and styling @HZooly (#27437 by @formfcw)

  • Updated header and navigation bar base design and merged their theme properties into a new shell scope @formfcw (#27437 by @formfcw)

  • Updated sidebar styles @formfcw (#27437 by @formfcw)

  • Refactored drawer header layout and simplified v-drawer API @formfcw (#27437 by @formfcw)

    :::notice

    • Deprecation for extensions: The globally registered v-breadcrumb component has been deprecated. Extensions using <v-breadcrumb> keep rendering but will see a deprecation hint from Volar.
    • Deprecation for extensions: On v-drawer, the subtitle prop (use the title prop instead), the subtitle slot, the header:append slot, and the actions:append slot have been deprecated. Existing usage keeps rendering — actions:append content lands in the secondary-actions zone, and for primary CTAs in the drawer header use the new actions:primary slot. Consumers will see deprecation hints from Volar.
    • Potential Breaking change for theme extensions: The theme properties header.headline.foreground and header.headline.fontFamily have been removed. Custom themes overriding these properties should remove them. The corresponding CSS variables --theme--header--headline--foreground and --theme--header--headline--font-family no longer exist.

    :::

• @directus/types

  • Updated module navigation bar spacing and styling @HZooly (#27437 by @formfcw)

  • Updated header and navigation bar base design and merged their theme properties into a new shell scope @formfcw (#27437 by @formfcw)

  • Updated sidebar styles @formfcw (#27437 by @formfcw)

  • Refactored drawer header layout and simplified v-drawer API @formfcw (#27437 by @formfcw)

    :::notice

    • Deprecation for extensions: The globally registered v-breadcrumb component has been deprecated. Extensions using <v-breadcrumb> keep rendering but will see a deprecation hint from Volar.
    • Deprecation for extensions: On v-drawer, the subtitle prop (use the title prop instead), the subtitle slot, the header:append slot, and the actions:append slot have been deprecated. Existing usage keeps rendering — actions:append content lands in the secondary-actions zone, and for primary CTAs in the drawer header use the new actions:primary slot. Consumers will see deprecation hints from Volar.
    • Potential Breaking change for theme extensions: The theme properties header.headline.foreground and header.headline.fontFamily have been removed. Custom themes overriding these properties should remove them. The corresponding CSS variables --theme--header--headline--foreground and --theme--header--headline--font-family no longer exist.

    :::

• @directus/extensions
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/extensions-registry
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/extensions-sdk
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/format-title
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/memory
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/pressure
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/release-notes-generator
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/update-check
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/validation
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/schema
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/schema-builder
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/specs
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/storage
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/storage-driver-cloudinary
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/storage-driver-supabase
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/storage-driver-azure
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/storage-driver-gcs
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/storage-driver-local
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/storage-driver-s3
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/stores
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• create-directus-extension
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• create-directus-project
  • Changed license to MSCL-1.0-GPL (#27417 by @ComfortablyCoding)
• @directus/env
  • Changed the default of IP_TRUST_PROXY from true to false to harden the default deployment against IP spoofing. (#27607 by @br41nslug)
• @directus/sdk

  • Refactor sdk error to use class over object (#27417 by @ComfortablyCoding)

    :::warning
    Requests that fail will now throw a RequestError instead of returning a response with an error property.
    :::

✨ New Features & Improvements

• @directus/app

  • Introduced VERSION_KEY_* constants and renamed main to published @alvarosabu (#27397 by @formfcw)

  • Added auto-save for version editing @alvarosabu (#27449 by @alvarosabu)

  • Fixed Image Editor save button to use split button @HZooly (#27437 by @formfcw)

  • Added split-menu slot to v-button and migrate primary header actions @formfcw (#27437 by @formfcw)

  • Added AI-powered translations to the translations interface, including glossary, style guide, and configurable default model settings derived from the enabled providers and allowed models. (#26940 by @bryantgillespie)

  • Added version support to getItemRoute and update all callers to preserve version context when navigating to items from layouts and interfaces @alvarosabu (#27397 by @formfcw)

  • Added behavior to auto-switch to the draft version on the first edit of published item @alvarosabu (#27507 by @alvarosabu)

  • Added Publish without Review action to the publish split menu with shortcut @alvarosabu (#27501 by @alvarosabu)

  • Updated Visual Editor header bar buttons @formfcw (#27437 by @formfcw)

  • Updated content route middleware to handle singleton collections and draft flow via route guards @alvarosabu (#27397 by @formfcw)

  • Replaced status field with archived boolean in collection settings @alvarosabu (#27397 by @formfcw)

  • Updated module bar buttons style @HZooly (#27437 by @formfcw)

  • Deprecated the VResizeable component @formfcw (#27437 by @formfcw)

  • Updated VChip component to appear as a pill in form field label, group accordion, group tabs, kanban, deployment status, extension item, marketplace extension list item, marketplace extension banner, and user popover @formfcw (#27462 by @formfcw)

  • Updated type system, borders, and theme variables @formfcw (#27437 by @formfcw)

  • Rendered non-clickable version menu without directus_versions read access @alvarosabu (#27461 by @alvarosabu)

  • Added item-less draft creation flow for versioned collections @alvarosabu (#27397 by @formfcw)

  • Updated module navigation bar spacing and styling @HZooly (#27437 by @formfcw)

  • Updated Visual Editor popover/modal action buttons @formfcw (#27437 by @formfcw)

  • Updated UI for the Draft & Publish workflow @formfcw (#27437 by @formfcw)

  • Updated mobile appearance of drawer sidebar @formfcw (#27437 by @formfcw)

  • Moved Promote/Publish button to header actions @alvarosabu (#27397 by @formfcw)

  • Updated primary header actions to show label and replace outlined header action buttons @formfcw (#27437 by @formfcw)

  • Updated SearchInput component to match the new design @formfcw (#27437 by @formfcw)

  • Added MCP OAuth 2.1 authorization server. MCP clients (like Claude, Codex) can now authenticate via standard OAuth flow with PKCE instead of requiring a manually provisioned static token. Enable with MCP_OAUTH_ENABLED=true. Dynamic and client ID metadata registration were kept separately opt-in with MCP_OAUTH_DCR_ENABLED=true and MCP_OAUTH_CIMD_ENABLED=true. (#27069 by @hanneskuettner)

  • Refactored header bar action slots and reorganized CTAs @formfcw (#27437 by @formfcw)

    :::notice

    • Deprecation for extensions: The actions:append slot in the header bar has been deprecated in favor of the new actions:primary slot for primary CTAs. Existing actions:append usage keeps rendering in the secondary-actions zone, but consumers will now see a deprecation hint from Volar.

    :::

  • Added navigation logic on discarding item-less versions @alvarosabu (#27397 by @formfcw)

  • Put the sidebar into the content area @HZooly (#27437 by @formfcw)

  • Updated color system for VChip and VersionMenu components @formfcw (#27437 by @formfcw)

  • Updated content section spacing and drawer content spacing @HZooly (#27437 by @formfcw)

  • Extracted the card subheader into a reusable subheader component @HZooly (#27437 by @formfcw)

  • Added version select to collection page @alvarosabu (#27397 by @formfcw)

  • Updated sidebar styles @formfcw (#27437 by @formfcw)

  • Renamed "Promote" to "Publish" in version menu and disabled create version and published selection for item-less versions @alvarosabu (#27397 by @formfcw)

  • Added version query param guards on content-item route @alvarosabu (#27397 by @formfcw)

  • Improved bookmark flow @formfcw (#27450 by @formfcw)

  • Forwarded theme tokens and i18n strings from Studio to the visual-editing iframe @formfcw (#27469 by @formfcw)

  • Refactored focus ring from border/box-shadow to outline @formfcw (#27437 by @formfcw)

  • Introduced VersionChip component @formfcw (#27437 by @formfcw)

  • Updated theme preview component to match the new design @formfcw (#27437 by @formfcw)

  • Updated collab avatar indicator design @formfcw (#27437 by @formfcw)

  • Refactored drawer header layout and simplified v-drawer API @formfcw (#27437 by @formfcw)

    :::notice

    • Deprecation for extensions: The globally registered v-breadcrumb component has been deprecated. Extensions using <v-breadcrumb> keep rendering but will see a deprecation hint from Volar.
    • Deprecation for extensions: On v-drawer, the subtitle prop (use the title prop instead), the subtitle slot, the header:append slot, and the actions:append slot have been deprecated. Existing usage keeps rendering — actions:append content lands in the secondary-actions zone, and for primary CTAs in the drawer header use the new actions:primary slot. Consumers will see deprecation hints from Volar.
    • Potential Breaking change for theme extensions: The theme properties header.headline.foreground and header.headline.fontFamily have been removed. Custom themes overriding these properties should remove them. The corresponding CSS variables --theme--header--headline--foreground and --theme--header--headline--font-family no longer exist.

    :::

  • Updated header bar elements and deprecated the headline slot @formfcw (#27437 by @formfcw)

  • Ensured to switch to the draft version when visually editing an item of a versioned collection @formfcw (#27595 by @formfcw)

  • Extracted reusable ModuleBarButton component @formfcw (#27437 by @formfcw)

  • Moved client-validation to promote version workflow instead of save version @alvarosabu (#27397 by @formfcw)

  • Added Create New action to publish split menu with shortcut @alvarosabu (#27425 by @alvarosabu)

• @directus/api
  • Introduced VERSION_KEY_* constants and renamed main to published @alvarosabu (#27397 by @formfcw)
  • Added auto-save for version editing @alvarosabu (#27449 by @alvarosabu)
  • Added AI-powered translations to the translations interface, including glossary, style guide, and configurable default model settings derived from the enabled providers and allowed models. (#26940 by @bryantgillespie)
  • Added Publish without Review action to the publish split menu with shortcut @alvarosabu (#27501 by @alvarosabu)
  • Added MCP OAuth 2.1 authorization server. MCP clients (like Claude, Codex) can now authenticate via standard OAuth flow with PKCE instead of requiring a manually provisioned static token. Enable with MCP_OAUTH_ENABLED=true. Dynamic and client ID metadata registration were kept separately opt-in with MCP_OAUTH_DCR_ENABLED=true and MCP_OAUTH_CIMD_ENABLED=true. (#27069 by @hanneskuettner)
  • Added JSON filtering, alias and sorting support (#26981 by @br41nslug)
  • Added support for item-less versions @Nitwel (#27397 by @formfcw)
  • Added support for the version query parameter in collections @Nitwel (#27397 by @formfcw)
• @directus/constants
  • Introduced VERSION_KEY_* constants and renamed main to published @alvarosabu (#27397 by @formfcw)
• @directus/env
  • Added auto-save for version editing @alvarosabu (#27449 by @alvarosabu)
  • Added MCP OAuth 2.1 authorization server. MCP clients (like Claude, Codex) can now authenticate via standard OAuth flow with PKCE instead of requiring a manually provisioned static token. Enable with MCP_OAUTH_ENABLED=true. Dynamic and client ID metadata registration were kept separately opt-in with MCP_OAUTH_DCR_ENABLED=true and MCP_OAUTH_CIMD_ENABLED=true. (#27069 by @hanneskuettner)
• @directus/system-data
  • Added auto-save for version editing @alvarosabu (#27449 by @alvarosabu)
  • Replaced status field with archived boolean in collection settings @alvarosabu (#27397 by @formfcw)
  • Added MCP OAuth 2.1 authorization server. MCP clients (like Claude, Codex) can now authenticate via standard OAuth flow with PKCE instead of requiring a manually provisioned static token. Enable with MCP_OAUTH_ENABLED=true. Dynamic and client ID metadata registration were kept separately opt-in with MCP_OAUTH_DCR_ENABLED=true and MCP_OAUTH_CIMD_ENABLED=true. (#27069 by @hanneskuettner)
• @directus/types
  • Added auto-save for version editing @alvarosabu (#27449 by @alvarosabu)
  • Updated type system, borders, and theme variables @formfcw (#27437 by @formfcw)
  • Added MCP OAuth 2.1 authorization server. MCP clients (like Claude, Codex) can now authenticate via standard OAuth flow with PKCE instead of requiring a manually provisioned static token. Enable with MCP_OAUTH_ENABLED=true. Dynamic and client ID metadata registration were kept separately opt-in with MCP_OAUTH_DCR_ENABLED=true and MCP_OAUTH_CIMD_ENABLED=true. (#27069 by @hanneskuettner)
  • Refactored focus ring from border/box-shadow to outline @formfcw (#27437 by @formfcw)
  • Added support for item-less versions @Nitwel (#27397 by @formfcw)
  • Added support for the version query parameter in collections @Nitwel (#27397 by @formfcw)
• @directus/errors
  • Added Publish without Review action to the publish split menu with shortcut @alvarosabu (#27501 by @alvarosabu)
• @directus/composables
  • Updated type system, borders, and theme variables @formfcw (#27437 by @formfcw)
  • Added version select to collection page @alvarosabu (#27397 by @formfcw)
• @directus/themes
  • Updated type system, borders, and theme variables @formfcw (#27437 by @formfcw)
  • Refactored focus ring from border/box-shadow to outline @formfcw (#27437 by @formfcw)
  • Updated header bar elements and deprecated the headline slot @formfcw (#27437 by @formfcw)
• @directus/utils
  • Added MCP OAuth 2.1 authorization server. MCP clients (like Claude, Codex) can now authenticate via standard OAuth flow with PKCE instead of requiring a manually provisioned static token. Enable with MCP_OAUTH_ENABLED=true. Dynamic and client ID metadata registration were kept separately opt-in with MCP_OAUTH_DCR_ENABLED=true and MCP_OAUTH_CIMD_ENABLED=true. (#27069 by @hanneskuettner)
• @directus/sdk
  • Added JSON filtering, alias and sorting support (#26981 by @br41nslug)
  • Added support for item-less versions @Nitwel (#27397 by @formfcw)
• @directus/specs
  • Added support for the version query parameter in collections @Nitwel (#27397 by @formfcw)
• @directus/visual-editing
  • Redesigned the editable-element overlay with theming, RTL support and improved a11y @formfcw (#27469 by @formfcw)

🐛 Bug Fixes & Optimizations

• @directus/app
  • Added DIRECTUS_DOMAIN constant and replaced hardcoded directus.io to directus.com using the new constant (#27417 by @ComfortablyCoding)
  • Limited mobile sidebar width so the overlay can be tapped to close it @HZooly (#27437 by @formfcw)
  • Bumped vue-tsc to 3.1.8 (#27437 by @formfcw)
  • Fixed icon alignment in v-divider component @HZooly (#27437 by @formfcw)
  • Fixed v-dialog returning focus to opener instead of an autofocused child on close @formfcw (#27464 by @formfcw)
  • Fixed flow handle button alignment in flow editor @HZooly (#27437 by @formfcw)
  • Shown "Import in background" checkbox only when a file is selected @HZooly (#27437 by @formfcw)
  • Fixed sidebar reopening at minimum size after being collapsed via drag handle @HZooly (#27437 by @formfcw)
  • Fixed vue console warnings related to the comparison modal (#27538 by @formfcw)
  • Fixed misaligned filter editor in search bar @formfcw (#27454 by @formfcw)
  • Changed back button behavior, always navigates one level up @HZooly (#27437 by @formfcw)
  • Fixed repeater interface ignoring per-field translations and $t: keys on sub-field labels, and added a "Field Name Translations" section to the sub-field configuration UI (#27374 by @khanahmad4527)
  • Fixed calendar layout toolbar responsiveness @HZooly (#27437 by @formfcw)
  • Fixed items not being selectable in the collection drawer when the Kanban layout is used while the parent item is opened in a version context @alvarosabu (#27427 by @alvarosabu)
  • Fixed bookmark icon and color not showing in header @formfcw (#27437 by @formfcw)
  • Fixed UI freeze caused by WYSIWYG interface when its non-editable state toggles @formfcw (#27515 by @formfcw)
• @directus/api
  • Fixed registration email verification tokens to use the configured secret fallback when SECRET is missing. (#27406 by @rijkvanzanten)
  • Bumped axios, js-cookie, samlify, systeminformation, simple-git, fast-uri dependencies (#27589 by @br41nslug)
  • Fixed MCP OAuth dynamic client registration defaults and metadata responses. (#27628 by @hanneskuettner)
  • Updated IP blocking (#27606 by @br41nslug)
  • Updated the built-in OpenAI and Anthropic AI model lists to use the latest available API models. (#27602 by @hanneskuettner)
• @directus/constants
  • Added DIRECTUS_DOMAIN constant and replaced hardcoded directus.io to directus.com using the new constant (#27417 by @ComfortablyCoding)
• @directus/system-data
  • Added AI-powered translations to the translations interface, including glossary, style guide, and configurable default model settings derived from the enabled providers and allowed models. (#26940 by @bryantgillespie)
  • Updated the built-in OpenAI and Anthropic AI model lists to use the latest available API models. (#27602 by @hanneskuettner)
• @directus/types
  • Added AI-powered translations to the translations interface, including glossary, style guide, and configurable default model settings derived from the enabled providers and allowed models. (#26940 by @bryantgillespie)
  • Added JSON filtering, alias and sorting support (#26981 by @br41nslug)
• @directus/utils
  • Added JSON filtering, alias and sorting support (#26981 by @br41nslug)
• @directus/ai
  • Updated the built-in OpenAI and Anthropic AI model lists to use the latest available API models. (#27602 by @hanneskuettner)
• @directus/release-notes-generator
  • Ignored private workspace packages when generating release notes (#27637 by @licitdev)

📦 Published Versions

• @directus/app@16.0.0-rc.0
• @directus/api@36.0.0-rc.0
• @directus/ai@1.3.2-rc.0
• @directus/composables@11.5.0-rc.0
• @directus/constants@14.4.0-rc.0
• create-directus-extension@12.0.0-rc.0
• create-directus-project@13.0.0-rc.0
• @directus/env@6.0.0-rc.0
• @directus/errors@2.4.0-rc.0
• @directus/extensions@4.0.0-rc.0
• @directus/extensions-registry@4.0.0-rc.0
• @directus/extensions-sdk@18.0.0-rc.0
• @directus/format-title@13.0.0-rc.0
• @directus/memory@4.0.0-rc.0
• @directus/pressure@4.0.0-rc.0
• @directus/release-notes-generator@3.0.0-rc.0
• @directus/schema@14.0.0-rc.0
• @directus/schema-builder@1.0.0-rc.0
• @directus/specs@14.0.0-rc.0
• @directus/storage@13.0.0-rc.0
• @directus/storage-driver-azure@13.0.0-rc.0
• @directus/storage-driver-cloudinary@13.0.0-rc.0
• @directus/storage-driver-gcs@13.0.0-rc.0
• @directus/storage-driver-local@13.0.0-rc.0
• @directus/storage-driver-s3@13.0.0-rc.0
• @directus/storage-driver-supabase@4.0.0-rc.0
• @directus/stores@3.0.0-rc.0
• @directus/system-data@4.5.0-rc.0
• @directus/themes@2.0.0-rc.0
• @directus/types@16.0.0-rc.0
• @directus/update-check@14.0.0-rc.0
• @directus/utils@13.5.0-rc.0
• @directus/validation@3.0.0-rc.0
• @directus/visual-editing@2.1.0-rc.0
• @directus/sdk@22.0.0-rc.0

Docker Images

Docker images have been built and pushed:

Docker Hub:

• alexta69/metube:latest
• alexta69/metube:2026.05.29

GitHub Container Registry:

• ghcr.io/alexta69/metube:latest
• ghcr.io/alexta69/metube:2026.05.29

Changes

• fix pnpm upgrade to the correct package age limit (baa72c0)
• review fixes (cf2d2dd)
• fix catch (56c0ad3)
• upgrade dependencies (4478d13)
• fix(ui): drop redundant tooltip on share button (ad92607)
• feat(ui): warn before share + surface failures for large files (6ff364a)
• feat(ui): add iOS Web Share button next to download link (39a8948)
• remove circle and make labels with help text have an underline (f034858)
• make ui more mobile mobile-friendly (e2773db)

Zswap vs Zram

Last year I blogged about using Zram for VMs [1]. That setup is still working well for VMs and for phones and laptops with no swap device.

I have just read Chris Down’s insightful blog post about Zswap vs Zram [2] which convinced me to setup Zswap on some systems. I have had some of the problems that were described in his blog post when trying to run Zram on workstation and server systems.

One limitation of zswap is that it doesn’t allow specifying the compression level. For zram I can put the following in /etc/systemd/zram-generator.conf to set the zstd compression level (this works well on my Thinkpad X1 Carbon Gen6):

[zram0]
compression-algorithm=zstd(level=10)

For the BTRFS filesystem I can put “compress=zstd:13” in the mount options to specify the compression level. They really should support different compression levels in zswap. The ideal compression level depends on the speed of the CPU and new CPUs keep getting faster.

Setup

The documentation says to use something like the following on the kernel command-line to enable zswap:

zswap.enabled=1 zswap.compressor=zstd zswap.max_pool_percent=20 zswap.shrinker_enabled=1

The max_pool_percent=20 setting is the default which means to use up to 20% of system RAM for compressed data. I’ve seen documentation sugesting up to 50% which seems a little excessive.

Note that a lot of documentation says to use zswap.zpool=z3fold, but z3fold is going to be removed and zsmalloc (the default) is recommended [3].

There is documentation about changing the compression algorithm via command line parameters, on Debian only lzo is linked in to the kernel and zstd (my preferred option) is a module so the kernel command line can’t be used to set zstd, but the following command works:

echo zstd > /sys/module/zswap/parameters/compressor

The shrinker_enabled option is to allow the kernel to evict cold pages without waiting for memory pressure.

You can enable zswap without rebooting by running commands like the following. You could even put them in /etc/rc.local or something, but I think putting it in the kernel command line is a good idea as it makes it obvious to the next sysadmin what is happening.

echo 1 > /sys/module/zswap/parameters/enabled
echo zstd > /sys/module/zswap/parameters/compressor
echo 1 > /sys/module/zswap/parameters/shrinker_enabled

Monitoring

The following command is documented as a way of finding out what zswap is doing:

# grep -r . /sys/kernel/debug/zswap/
/sys/kernel/debug/zswap/stored_pages:262541
/sys/kernel/debug/zswap/pool_total_size:455266304
/sys/kernel/debug/zswap/written_back_pages:384
/sys/kernel/debug/zswap/reject_compress_poor:0
/sys/kernel/debug/zswap/reject_compress_fail:160911
/sys/kernel/debug/zswap/reject_kmemcache_fail:0
/sys/kernel/debug/zswap/reject_alloc_fail:0
/sys/kernel/debug/zswap/reject_reclaim_fail:0
/sys/kernel/debug/zswap/pool_limit_hit:0

The following command gives the zswap compression level which gives a result of 2.36 for this example:

echo "scale=2; " $(</sys/kernel/debug/zswap/stored_pages) " * $(getconf PAGESIZE) /" $(</sys/kernel/debug/zswap/pool_total_size) | bc

This table documents my current understanding of the debug values. The difference between reject_compress_fail and reject_compress_poor isn’t clear in a lot of the documentation, even reading the source didn’t make it easy to understand.

File	Meaning (LC is lifetime count)
pool_limit_hit	LC pool limit hit and pages are forced to the swap partition
pool_total_size	RAM used for zswap data
reject_alloc_fail	LC can’t allocate memory because max_pool_percent has been reached
reject_compress_fail	LC of pages with a compression algorithm failure so go straight to swap partition
reject_compress_poor	LC of pages that can’t compress so go straight to swap partition
reject_kmemcache_fail	LC kernel malloc failure (serious problem?)
reject_reclaim_fail	LC failure to move a page from compressed RAM to disk – serious problem!
stored_pages	Swapped pages stored by zswap
written_back_pages	LC of pages written back to swap partition from zswap

All of this is not nearly as easy to understand as the following command for zram:

# zramctl 
NAME       ALGORITHM DISKSIZE  DATA COMPR TOTAL STREAMS MOUNTPOINT
/dev/zram0 zstd          7.7G  2.1G  375M  386M       4 [SWAP]

Debian Wiki

The Debian Wiki page about Zswap is very brief [4] and needs more description about this, I think a lot of Debian users will use zram instead of zswap because setting up zram is just a single apt command. I’m not planning to immediately add to that wiki page because I’m not an expert on this, I would appreciate comments on this blog post from others who have got zswap working. I will update the wiki if others report matching experiences to mine.

Conclusion

I’m now using zswap on a few systems including my main home workstation which had performed poorly with zram and a swap device in the past. If that goes well I’ll put it on other systems.

I wrote the following shell script to display zswap stats, consider it GPL if you want to use it:

#!/bin/bash

if [ ! -f /sys/kernel/debug/zswap/stored_pages ]; then
  echo "ZSwap not enabled"
  exit 0
fi
PAGES=$(</sys/kernel/debug/zswap/stored_pages)
PAGESIZE=$(getconf PAGESIZE)
RAM=$(echo "$PAGESIZE * " $(getconf _PHYS_PAGES) | bc)
POOL=$(</sys/kernel/debug/zswap/pool_total_size)
if [ "$POOL" == "0" ]; then
  echo "ZSwap not used yet"
  exit 0
fi
COMP=$(</sys/module/zswap/parameters/compressor)
echo -n "$COMP compression ratio: "
echo "scale=2; $PAGES * $PAGESIZE / $POOL" | bc
echo -n "RAM%: "
echo "100 * $POOL / $RAM" | bc

• [1] https://etbe.coker.com.au/2025/08/27/zram-vms/
• [2] https://tinyurl.com/2bhknn7e
• [3] https://tinyurl.com/2bxvj3pq
• [4] https://wiki.debian.org/Zswap

Fixes crash with MLT version 7.38.

The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. Andreas Mueller has announced the release of Gnoppix Linux 26_6, the latest version of the project's privacy-focused and AI-optimised Linux distribution. This version is based on Debian's "Testing" branch and showcases the latest Xfce desktop: "We are excited to announce the release of Gnoppix Linux 26.6. This release....

[p]\[ COLOGNE 2026 ][/p]

• [p]Added ability to bookmark stickers in Cologne 2026 Shop.[/p][/*]

[p]\[ MISC ][/p]

• [p]Added convar r_spectator_flashbang_opacity to control flashbang opacity for remote spectators.[/p][/*]
• [p]Flashbang effect for remote spectators now renders underneath the HUD.[/p][/*]
• [p]Stability improvements[/p][/*]

[p]\[ MAPS ][/p][p]Ancient[/p]

• [p]Updated clipping to prevent certain boost locations[/p][/*]

[p]Sanctum[/p]

• [p]Updated to the latest version from Steam Workshop (Update Notes)[/p][/*]

The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. The Rocky Linux project has announced the release of Rocky Linux 9.8 which retains 1:1 compatibility with Red Hat Enterprise Linux. The release notes share highlights of the new version: "Major changes: This document highlights major changes between Rocky Linux (RL) 9.7 and RL 9.8. If this is....

1.7.2 (2026-05-28)

Features

• Mail: Scheduled send and send delay (#322)
• Mail: Drag emails out to the file explorer as .eml
• Mail: Import emails from .zip archives
• Mail: "Move to Trash and mark as read" delete action (#323)
• Mail: Include group inboxes in the unified mailbox view (#328)
• Mail: Locale-aware date format in the email list with a preset picker (#331)
• Mail: Allow drag-and-drop into shared mailboxes
• Composer: Ctrl/Cmd+Enter sends the open draft
• Settings: New Downloads tab with template editor for .eml and attachment filenames
• Settings: Filename transform settings and an ASCII-only "date (from-to) subject" template
• Settings: Post-export action (keep / archive / trash)
• Settings: Template for multi-email .zip filenames
• Admin: Per-domain branding editor with overrides on /api/config, manifest, and PWA icon (#332)
• Admin: Policy-controlled push relay URL with optional user lock
• i18n: NEXT_PUBLIC_DEFAULT_LOCALE for fallback UI locale (#243)

Fixes

• Mail: Editable HTML signature in new mail; clean state on every compose entry (#329)
• Mail: Report real upload progress with XHR progress events (#333)
• Mail: Restore blob: in object-src and frame-src CSP for PDF/HTML previews
• Mail: Match user-avatar treatment on quick reply
• Email viewer: Stop shattering table cells with word-break: break-word
• Composer: Scope Ctrl/Cmd+Enter send to the focused composer
• Composer: Stop closing the form when editing any field
• Pro: Keep the empty viewer pane visible in the split layout
• Pro: Prevent an empty main pane when reordering tabs across panes
• Mobile: Collapse focus mail layout to multi-line
• Mobile: Keep a gutter on bare-HTML and plain-text emails
• Calendar: Align continued multi-week events with the week's left edge
• Calendar: Show the end date in the event popover for multi-day events (#318)
• Calendar: Convert recurrenceRules to singular in batch create
• Calendar: Handle malformed event dates (#316)
• Files: Stop URL-encoding drag-out filenames and preserve Unicode letters
• Routing: Prefix remaining <img>, favicon, and WebDAV URLs with basePath (#319)
• Routing: Prefix hand-written URLs with basePath for subpath deployments
• Auth: OAUTH_ALLOW_PRIVATE_ENDPOINTS for split-DNS setups

i18n

• Add missing translation keys across 16 locales

[0.16.7] - 2026-05-28

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

• RateLimit header fields for HTTP (draft-ietf-httpapi-ratelimit-headers-10)
• MTA: Implement spamtest in trusted Sieve scripts.

Changed

Fixed

• Log rejected messages to tracing store.
• MTA:
  • Always update next DSN notify times.
  • Expand lists and resolve catch-all addresses when building autogenerated messages.
• Sharing: Includes resource that themselves carry a direct ACL grant and are leaves.
• Tasks cannot be deleted in OSS builds.
• Directory: Per-domain external directory resolution fails.
• DNS updater: Keep external TXT records when updating RRSet.
• HTTP: Reject requests from blocked IPs when Keep-Alive is enabled.

---

Check binary attestation here

26.2 Pre-Release 2 (known as 26.2-pre-2 in the launcher) is the second pre-release for Java Edition 26.2, released on May 28, 2026. Full changelog: https://minecraft.wiki/Java_Edition_26.2-pre-2

In today's blog, we bring you another piece of the puzzle from the upcoming 1.60 update for both Euro Truck Simulator 2 and American Truck Simulator, which we hope will get our #BestCommunityEver very excited. In this update, we will be introducing the Improved Material System for the interior of selected trucks! Let's take a look.

The Improved Material System, which will be introduced in the 1.60 update for both games, significantly improves the lighting and visual quality of vehicle interiors in selected trucks. Its main focus is to enhance how interior materials react to light, which will result in a more readable, detailed, and visually pleasing cabin environment.

During the development of Project Road Trip, we implemented a wide range of visual and technical improvements. One of the most significant changes was a redesign of the materials used in vehicle interiors. 

This has been requested from our community for some time, as the previous system often made interiors appear too dark and flat, especially in scenes without direct lighting. As a result, it makes differences between materials such as leather, fabric, plastic, and metal far more apparent, even in low-light conditions.

"The main goal of the new technology was to bring more light into shadowed areas of vehicle interiors. The previous system struggled to handle indirect lighting in these situations, causing many details to be lost in darkness. The new solution uses multiple variants of dynamic cubemaps, allowing all materials to reflect their surroundings more naturally and respond to ambient light in a more realistic way. Environmental reflections are no longer limited to highly polished metallic surfaces. This change gives interiors significantly greater depth and readability," says our Vehicle Technical Leader, Daniel.

We have also carried out minor adjustments to the global lighting, primarily focused on exposure and contrast balancing, along with subtle visual refinements for bad weather conditions to achieve a more consistent and refined look. 

The development of this system took place in parallel with Project Road Trip, where its importance became even more apparent. Smaller, darker passenger vehicle interiors suffered from a lack of indirect light more than trucks with bright cabs and large windows, which often allow direct light to enter. Road Trip thus served as the ideal environment for developing and fine-tuning these technologies.

The entire system was designed from the start with the interiors of trucks in both games in mind, so the base games and their existing fleets will gradually benefit from these improvements as well. Throughout the entire process, we kept players with lower-end hardware in mind. We aimed to make the visual improvements as impactful as possible while minimizing the performance cost.

The first trucks to benefit from the Improved Material System will be the DAF NGD and MAN TG3 TGX models in ETS2. In ATS, players will see redesigned interiors for the Mack Anthem and the Western Star 49X. With future updates, we will gradually add this technology for other trucks across both games.

We hope this new feature has you looking forward to the 1.60 update even more, as it brings a major enhancement to these truck interiors and makes the view from the driver's seat better than ever! Please note that the Road Trip vehicles are not releasing with the 1.60 update.

Until next time, be sure to follow us on X/Twitter, Facebook, Instagram, Bluesky, and YouTube for all the latest updates. Don't forget to sign up for our newsletter as well! See you out on the road, and keep on truckin'!

We’re sensing a change in the air this month as we welcome Sensereo to the Works with Home Assistant program 🎉. Specialists in environmental sensing, Sensereo brings Matter smoke and carbon monoxide (CO) alarms into the Home Assistant ecosystem – meaning more ways to keep your home open, safe, and sound.

Built from a burning question…

What happens if your smoke alarm goes off, but you’re not there to hear it? It’s an unsettling question, and one that led Roy Chen to found Sensereo in 2024. Driven to create safety devices that were equal parts reliable and resilient, Sensereo built the Matter-based MS-1 Smoke Alarm and MSC-1 Smoke and Carbon Monoxide Alarm, because as they put it: “every home deserves a system that will not fall silent when it matters most.”

It’s just good sense

For anyone unfamiliar, Matter is an open standard that lets smart home devices from different brands work together, regardless of who made them – no lock-in, no closed ecosystems. It’s exactly the kind of open, interoperable technology the Open Home Foundation exists to champion. Thread operates on the same principle: it’s an energy-efficient, wireless mesh network that connects devices directly to one another and can automatically reroute around disruptions. And for battery-powered alarms like Sensereo’s, Thread’s low-power design means fewer battery changes for devices that are always on duty.

While we’re talking about safety, it’s important to note that if your Thread network did for any reason drop out, Sensereo’s smoke and CO alarms will keep working as a “regular” alarm would – no smart home required.

That peace of mind is central to how Sensereo thinks about their products, and having caught up with the team at CES 2026 earlier this year, we can tell you it’s just the beginning. Air quality sensors and more are on the horizon, all building toward the same vision: to build an environmental intelligence system for the home that helps users understand and respond to their surroundings.

Devices

Most of us want our smoke alarms to be “reasonably annoying,” and Sensereo clearly agrees, because they printed this very description on the MS-1’s packaging. Which, as we love to see, has been designed sustainably – signaling the company’s commitment to one of the Open Home Foundation’s three core principles before you’ve even opened the box.

Sensereo MSC-1 smoke and carbon monoxide detector

The MSC-1 goes a step further with a nifty, built-in digital display showing real-time carbon monoxide levels. Since CO is odorless and invisible, being able to accurately check levels at a glance lets you know if there is a rise and act before it becomes an emergency – not just after an alarm sounds.

And with local integration, that kind of proactive awareness extends further still – allowing you to build around the people in your home, not just the devices. A smoke detection event could flash smart bulbs for a family member who’s hard of hearing, or send a separate alert to a caregiver. Your alarm does its job – and so does everything else around it. It’s this kind of thoughtful design that shows us Sensereo are here for all the right reasons.

• Sensereo MS-1 Smoke Alarm
• Sensereo MSC-1 Carbon Monoxide Alarm

Like all partners of the Works with Home Assistant program, Sensereo commits to providing long-term support and firmware updates, as well as staying connected to the community they’re helping protect 💪. As always, the MS-1 and MSC-1 have been rigorously tested and certified by our in-house team to meet our core requirements of local control, privacy, and long-term sustainability. The program’s operated by the Open Home Foundation, which is funded with the support of Home Assistant Cloud subscribers. With each new partner like Sensereo that expands the program, we’re able to give more choice, support, and peace of mind to Home Assistant users.

Breathe easy

No smoke and mirrors – just reliable home safety devices and a team that clearly gets what this community is about. Sensereo’s commitment to building open, locally controlled tech is fundamental to the Works with Home Assistant program, and why we’re so thrilled to have them on board. Check out our certified device list to see what else is there!

FAQs

Q: If I have a device that is not listed under “Works with Home Assistant” does this mean it’s not supported?

A: No! It just means that it hasn’t gone through a testing schedule with our team or doesn’t fit the requirements of the program. It might function perfectly well but be added to the testing schedule later down the road, or it might work under a different connectivity type that we don’t currently test under the program.

Q: OK, so what’s the point of the Works with program?

A: It highlights the devices we know work well with Home Assistant and the brands that make a long-term commitment to keeping support for these devices going. The certification agreement specifies that the devices must have the functionality you would expect within Home Assistant, operate locally without the need for cloud and that they will continue to do so long-term.

Q: How were these devices tested?

A: All devices in this list were tested using a standard Home Assistant Green Hub with the Home Assistant Connect ZBT-2 as the Thread Border Router and with our certified Matter integration. If you have another hub / border router set-up / integration that’s not a problem but we test against these as they are the most effective way for our team to certify within our ecosystem.

Q: Will you be adding more Sensereo devices to the program?

A: Why not! We’re thrilled to foster a close relationship with the team at Sensereo to work together on any upcoming releases or add in further products that are not yet listed here.

Through its Community Education Initiative, Apple has been working with OCU and Cherokee Nation to equip young learners with iPad and Mac.

Links

• Release video overview
• Update instructions
• Update details on blog

Upgrade Notices

• Folder Permissions - Due to some changes in how fonts are used for exports, after updating you may need to ensure that the storage/fonts folder (and all folders within that) are accessible & writable by the web-server. If you start seeing errors on PDF export after updating, it's likely this issue. See this page for guidance on setting permissions.
• Revision Access - Revision access & visibility is now controlled separately to pages. In some cases, after upgrading, users may no longer be able to access revisions by default (for example, where users had access to view page content but had no role-level view permissions).

Full List of Changes

• Added page contents view to page editor. (#6131, #4218)
• Added API endpoints for browsing tags. (#6095, #5835)
• Added custom font load handling for default PDF renderer. (#6109, #148, #719, #5770)
• Added in-UI option to reset user multi-factor authentication methods. Thanks to @clauvaldez. (#6056)
• Added hints to sort rule selection alongside empty lists. (#5967)
• Added specific permission for revision viewing. (#6108, #4526)
• Added new image and CSS CSP controls. Thanks to @Zhey-on. (#6071, #6033)
• Added Thai language support. (#6105)
• Updated codebase to meet PHPStan Level 4. (#6085)
• Updated comment/description WYSIWYG editor to support inline code. (#6100, #6003)
• Updated HTML to plain text conversion handling. (#6083)
• Updated image upload handling to validate referenced page. (#6126)
• Updated JavaScript packages. (#6090)
• Updated module install command with usability improvements. (#6094, #6066)
• Updated new WYSIWYG editor with a range of fixes. (#6119, #5631)
• Updated translations with latest Crowdin changes. (#6084)
• Fixed misaligned link attachment validation rules. (#6093)
• Fixed non-ascii character issues in headers on PDF exports. Thanks to @alexwoo-awso. (#6069, #6107)

5.47.0 (2026-05-28)

🚀 New feature

• BETA: MCP server (#26371)
• publicationFilter param in REST and document service (#25793)
• admin-tokens: remove adminTokens future flag (#26391)
• admin: add documentation helper link in HeaderLayout (#26422)

🔥 Bug fix

• Relation Search in Nested Components (#26023)
• unable to access content manager page with required and private … (#24101)
• admin: gate expiresIn deprecation on user auth options (#26298)
• admin: redirect active tab to login on session expiry (#26165)
• admin: avoid serving extensionless admin paths as static files (#26368)
• content-manager: content history crash on deleted relations (#26245)
• core: preserve createdBy/updatedBy on drafts created by discard-drafts migration (#26461)
• core/core: codeBlockValidator uses language instead of syntax (#26392)
• graphql: inherit publicationFilter into populated relations (#26400)

⚙️ Chore

• dedupe yarn.lock file (#26376)
• fix dependabot cooldown config for github-actions (#26438)
• ci: improve dependabot security grouping and version update policy (#26408)
• commitlint: disable body-max-line-length rule (#26406)
• deps: bump simple-git from 3.32.3 to 3.36.0 (#26220)
• deps: bump sanitize-html from 2.13.0 to 2.17.4 (#26342)
• deps: bump ws from 8.17.1 to 8.20.1 in @strapi/data-transfer (#26379)
• examples: remove sdk-plugin from todo-example plugin (#26341)
• strapi: upgrade webpack ecosystem dependencies (#26385)

💅 Enhancement

• db: migration performance improvements (#25988)
• provider-amazon-ses: replace node-ses with AWS SDK SESClient (#26054)
• i18n: update and create Slovak translations (#25831)

❤️ Thank You

• Adrien L @Adzouz
• Andrei L @unrevised6419
• Arav Menon @Arav-Menon
• bartsmartshore @bartsmartshore
• Bassel Kanso @Bassel17
• Ben Irvin @innerdvations
• Dhruv Chheda @chhedadhruv
• DMehaffy @derrickmehaffy
• Filip Ónodi @fonodi
• Nico André @nclsndr
• Sjouke de Vries @sjoukedv
• Vishal Kumar Singh @singhvishalkr

VIENNA, Austria – May 28, 2026 – Enterprise software developer Proxmox Server Solutions GmbH today announced the availability of a new point release for Proxmox Datacenter Manager. The centralized management platform designed to oversee distributed Proxmox infrastructures introduces new enhancements including an automated installation workflow, comprehensive subscription handling, unified Ceph cluster monitoring, and expanded central guest and snapshot management.

Highlights in Proxmox Datacenter Manager 1.1

Integrated automated installation workflows

Proxmox Datacenter Manager 1.1 now acts as a central configuration server for provisioning. The integration of automated installation functionality standardizes the deployment of hosts across distributed infrastructures. Administrators can centrally manage answer file configurations containing predefined installation parameters and provide them for unattended installations of new hosts. A new ‘Automated Installations’ tab in the ‘Remotes’ section provides access to these workflows, while installation progress can be tracked directly from within the Proxmox Datacenter Manager web interface. A token-based security mechanism protects the installation process and helps ensure that prepared configurations are accessed only by authorized installations.

Centralized management of subscription keys

For large-scale deployments, managing subscriptions across multiple sites can be complex. A new subscription registry in Proxmox Datacenter Manager enables administrators to manage a central pool of subscription keys, assign them to specific remotes, and remove assignments when no longer needed. A prepared answer file can also include a specific subscription key, allowing a newly provisioned host to register its subscription automatically during installation.

Unified Ceph cluster monitoring

For organizations utilizing hyper-converged infrastructure (HCI) powered by Proxmox VE, tracking storage health across distributed sites is vital. Proxmox Datacenter Manager 1.1 delivers deep, unified visibility across these distributed storage environments by introducing native monitoring for all connected Ceph clusters. A single, consolidated panel allows administrators to verify the health, capacity, and real-time performance of multiple Ceph clusters at a glance. The dashboard provides comprehensive, granular insights into the status of Object Storage Daemons (OSDs), monitors, managers, Metadata Servers (MDS), storage pools, CephFS, and specific cluster flags.

Enhanced infrastructure visualization

New dashboard widgets provide administrators with an overview of their distributed Proxmox infrastructures:

• Geographic widgets: A new world map widget visualizes the physical locations of connected remotes. Locations can be defined via the node or datacenter options on Proxmox VE remotes, or under the configuration settings for Proxmox Backup Server remotes.
• New gauge-based widgets display visual context for CPU, memory, and storage utilization at a glance.
• Local host metrics are now also collected for the Proxmox Datacenter Manager host itself, visualizing resource consumption through integrated Round-Robin Database (RRD) graphs on the node status panel.

Central guest and snapshot management

Proxmox Datacenter Manager 1.1 marks the initial milestone toward comprehensive, central guest management. A new cross-remote view expands guest management by displaying all QEMU virtual machines and LXC containers across connected remotes. Administrators can display these guests in a sortable table or in a tree grouped by remote, use text filtering to quickly locate individual guests, and access frequently used actions from a unified overview.

The same interface now also provides snapshot management for these guest environments. Administrators can view snapshots in a parent-child tree and create, roll back, delete, or edit snapshot descriptions. In addition, a new “Resume” action for paused or suspended QEMU virtual machines complements the existing start, stop, and shutdown operations. As this represents the initial phase of centralized guest orchestration, users can expect additional day-to-day management tasks to be integrated in upcoming point releases.

Updated technology stack

Proxmox Datacenter Manager 1.1 is based on Debian 13.5 “Trixie” and features Linux kernel 7.0 as the new stable default. Along with ZFS 2.4, this release provides an up-to-date open-source software stack for modern centralized infrastructure management and day-to-day lifecycle operations.

Availability

Proxmox Datacenter Manager 1.1 is open-source software and immediately available for download at the official website. Users can obtain a complete installation image via ISO download, which contains the full feature set of the solution and can be installed quickly on bare-metal systems using an intuitive installation wizard.

Seamless distribution upgrades from older versions of Proxmox Datacenter Manager are possible using the standard APT package management system. Furthermore, it is also possible to install the platform on top of an existing Debian installation. As Free/Libre and Open Source Software (FLOSS), the entire solution is published under the GNU AGPLv3.

For enterprise environments, customers with active Enterprise support plans for their managed Proxmox Virtual Environment and Proxmox Backup Server remotes also gain access to Proxmox Datacenter Manager updates and support. No separate subscription key is required.

Resources:

• ISO Image Download: https://www.proxmox.com/downloads
• Forum Announcement: https://forum.proxmox.com/
• Video: What’s new in Proxmox Datacenter Manager 1.1
• Roadmap: For published and upcoming features, see the Release Notes & Documentation

###

About Proxmox Datacenter Manager
Proxmox Datacenter Manager is a centralized open-source management layer for distributed, large-scale Proxmox infrastructures. As a core building block of the expanding Proxmox ecosystem, it unifies independent Proxmox Virtual Environment clusters and Proxmox Backup Server instances across multiple sites and data centers into a single control plane. The web interface provides consolidated dashboards for real-time health, performance, and capacity tracking of nodes, virtual machines, containers, and storage. IT teams can centrally manage guest lifecycles, perform migrations, and execute global updates across connected remotes. Developed by Proxmox Server Solutions GmbH, the software is written in Rust, based on Debian, and released under the GNU AGPLv3.

About Proxmox Server Solutions
Proxmox Server Solutions provides powerful, intuitive open-source server software that guarantees vendor independence and minimizes total cost of ownership. Enterprises of all sizes rely on the company’s reliable vendor support, certified training services, and a global network of 3,000 integration partners to ensure business continuity. Established in 2005 and headquartered in Vienna, Austria, tens of thousands of corporate customers worldwide trust Proxmox solutions to secure mission-critical IT environments. To learn more visit https://www.proxmox.com or follow us on LinkedIn and YouTube.

Media contact
Daniela Häsler, Proxmox Server Solutions GmbH, marketing@proxmox.com 

In January 2025, as a pre-requisite for something else, I published a minimal neovim plugin called nvim-µwiki. It's essentially just the features from vimwiki that I regularly use, which is a small fraction them. I forgot to blog about it. I recently dusted it off and cleaned it up. You can find it here, along with a longer list of its features and how to configure it: https://github.com/jmtd/nvim-microwiki

I had a couple of design goals. I didn't want to define a new filetype, so this is designed to work with the existing markdown one. I'm using neovim, so I wanted to leverage some of its features: this plugin is written in Lua, rather than vimscript. I use the parse trees provided by TreeSitter to navigate the structure of a document. I also decided to "plug into" the existing tag stack navigation, rather than define another dimension of navigation (along with buffers, etc.) to track: Following a wiki-link pushes onto the tag stack, just as if you followed a tag.

This was my first serious bit of Lua programming, as well as my first dive into neovim (or even vim) internals. Lua is quite reasonable. Most of the vim and neovim architecture is reasonable. The emerging conventions about structuring neovim plugins are mostly reasonable. TreeSitter is, well, interesting, but the devil is very much in the details. Somehow all together the experience for me was largely just frustrating, and I didn't really enjoy writing it.

{ Taipei, Taiwan, 14 mei 2026 – QNAP Systems, Inc. today announced that it has once again achieved ISO/IEC 27001:2022 certific ...} More

The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. OviOS Linux is an independent, storage operating system. The project's latest release, version 6, makes some significant changes behind the scenes. One of the key changes is swapping out SysV init in favour of systemd: "The most fundamental change in OviOS v6 is the transition of the init....

The Stable channel has been updated to 148.0.7778.216/217 for Windows and 148.0.7778.215/216 Mac  and 148.0.7778.215 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

This update includes 151 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$43000][505077859] Critical CVE-2026-9872: Out of bounds write in GPU. Reported by cinzinga on 2026-04-21

[$43000][507365348] Critical CVE-2026-9873: Use after free in Network. Reported by cinzinga on 2026-04-28

[$11000][500609038] Critical CVE-2026-9874: Use after free in Dawn. Reported by Anonymous on 2026-04-08

[$5000][507508103] Critical CVE-2026-9875: Out of bounds read in WebGL. Reported by Anonymous on 2026-04-29

[TBD][493747593] Critical CVE-2026-9876: Use after free in WebGL. Reported by happy2me on 2026-03-18

[N/A][496445460] Critical CVE-2026-9877: Use after free in ANGLE. Reported by Google on 2026-03-26

[N/A][499054245] Critical CVE-2026-9878: Use after free in ANGLE. Reported by Google on 2026-04-02

[N/A][499129768] Critical CVE-2026-9879: Out of bounds write in ANGLE. Reported by Google on 2026-04-03

[N/A][503615025] Critical CVE-2026-9880: Insufficient validation of untrusted input in WebGL. Reported by Google on 2026-04-17

[N/A][505140741] Critical CVE-2026-9881: Use after free in Bluetooth. Reported by Google on 2026-04-22

[N/A][506375217] Critical CVE-2026-9882: Integer overflow in ANGLE. Reported by Google on 2026-04-25

[N/A][506477192] Critical CVE-2026-9883: Use after free in Base. Reported by Google on 2026-04-25

[N/A][508289938] Critical CVE-2026-9884: Use after free in Browser. Reported by Google on 2026-04-30

[N/A][508452241] Critical CVE-2026-9885: Insufficient validation of untrusted input in UI. Reported by Google on 2026-05-01

[N/A][508456788] Critical CVE-2026-9886: Use after free in Base. Reported by Google on 2026-05-01

[N/A][511249104] Critical CVE-2026-9887: Use after free in Proxy. Reported by Google on 2026-05-08

[N/A][511715166] Critical CVE-2026-9888: Use after free in WebView. Reported by Google on 2026-05-10

[N/A][511727159] Critical CVE-2026-9889: Out of bounds read and write in Dawn. Reported by Google on 2026-05-10

[N/A][513135985] Critical CVE-2026-9890: Use after free in XR. Reported by Google on 2026-05-14

[N/A][513508128] Critical CVE-2026-9891: Use after free in Extensions. Reported by Google on 2026-05-15

[N/A][513948178] Critical CVE-2026-9892: Inappropriate implementation in Skia. Reported by Google on 2026-05-16

[N/A][513972075] Critical CVE-2026-9893: Use after free in Skia. Reported by Google on 2026-05-17

[$25000][507707838] High CVE-2026-9894: Use after free in GPU. Reported by tohafrit on 2026-04-29

[$3000][491685406] High CVE-2026-9895: Out of bounds read in GPU. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-11

[$500][508811474] High CVE-2026-9896: Out of bounds write in V8. Reported by 303f06e3 on 2026-05-02

[N/A][496271580] High CVE-2026-9897: Use after free in DOM. Reported by Google on 2026-03-25

[N/A][496282591] High CVE-2026-9898: Insufficient validation of untrusted input in GPU. Reported by Google on 2026-03-25

[N/A][497533569] High CVE-2026-9899: Use after free in ANGLE. Reported by Google on 2026-03-29

[N/A][497637277] High CVE-2026-9900: Out of bounds write in ANGLE. Reported by Google on 2026-03-30

[N/A][497737770] High CVE-2026-9901: Use after free in ANGLE. Reported by Google on 2026-03-30

[N/A][498205735] High CVE-2026-9902: Use after free in Accessibility. Reported by Google on 2026-03-31

[N/A][498783665] High CVE-2026-9903: Insufficient validation of untrusted input in Site Isolation. Reported by Google on 2026-04-02

[N/A][498804020] High CVE-2026-9904: Use after free in ANGLE. Reported by Google on 2026-04-02

[N/A][498883610] High CVE-2026-9905: Use after free in Accessibility. Reported by Google on 2026-04-02

[N/A][499005260] High CVE-2026-9906: Out of bounds write in GPU. Reported by Google on 2026-04-02

[N/A][499091269] High CVE-2026-9907: Out of bounds read in Dawn. Reported by Google on 2026-04-03

[N/A][499091328] High CVE-2026-9908: Out of bounds read in ANGLE. Reported by Google on 2026-04-03

[N/A][499152771] High CVE-2026-9909: Integer overflow in Skia. Reported by Google on 2026-04-03

[N/A][499176133] High CVE-2026-9910: Out of bounds memory access in ANGLE. Reported by Google on 2026-04-03

[N/A][499205491] High CVE-2026-9911: Integer overflow in ANGLE. Reported by Google on 2026-04-03

[N/A][499873765] High CVE-2026-9912: Inappropriate implementation in GPU. Reported by Google on 2026-04-06

[N/A][500046096] High CVE-2026-9913: Inappropriate implementation in ANGLE. Reported by Google on 2026-04-06

[N/A][500047428] High CVE-2026-9914: Insufficient validation of untrusted input in ANGLE. Reported by Google on 2026-04-06

[N/A][500063836] High CVE-2026-9915: Heap buffer overflow in ANGLE. Reported by Google on 2026-04-06

[N/A][500080303] High CVE-2026-9916: Out of bounds write in ANGLE. Reported by Google on 2026-04-06

[N/A][500095304] High CVE-2026-9917: Uninitialized Use in WebGL. Reported by Google on 2026-04-06

[N/A][500099471] High CVE-2026-9918: Inappropriate implementation in Tint. Reported by Google on 2026-04-06

[N/A][500114058] High CVE-2026-9919: Out of bounds read in WebGL. Reported by Google on 2026-04-06

[N/A][500138014] High CVE-2026-9920: Uninitialized Use in GPU. Reported by Google on 2026-04-07

[N/A][500150338] High CVE-2026-9921: Uninitialized Use in WebGL. Reported by Google on 2026-04-07

[N/A][500187083] High CVE-2026-9922: Use after free in GPU. Reported by Google on 2026-04-07

[N/A][500393328] High CVE-2026-9923: Use after free in Skia. Reported by Google on 2026-04-07

[N/A][500398345] High CVE-2026-9924: Heap buffer overflow in ANGLE. Reported by Google on 2026-04-07

[N/A][500536458] High CVE-2026-9925: Use after free in ANGLE. Reported by Google on 2026-04-08

[N/A][500540748] High CVE-2026-9926: Heap buffer overflow in ANGLE. Reported by Google on 2026-04-08

[N/A][500540958] High CVE-2026-9927: Use after free in ANGLE. Reported by Google on 2026-04-08

[TBD][501125002] High CVE-2026-9928: Out of bounds read in ANGLE. Reported by Jeff Muizelaar - Mozilla on 2026-04-09

[N/A][501367791] High CVE-2026-9929: Inappropriate implementation in WebGL. Reported by Google on 2026-04-10

[N/A][501499832] High CVE-2026-9930: Out of bounds write in Dawn. Reported by Google on 2026-04-10

[N/A][501524262] High CVE-2026-9931: Use after free in GPU. Reported by Google on 2026-04-10

[N/A][501563323] High CVE-2026-9932: Use after free in ANGLE. Reported by Google on 2026-04-11

[N/A][501575979] High CVE-2026-9933: Use after free in Input. Reported by Google on 2026-04-11

[N/A][501576946] High CVE-2026-9934: Use after free in Aura. Reported by Google on 2026-04-11

[N/A][501584689] High CVE-2026-9935: Uninitialized Use in ANGLE. Reported by Google on 2026-04-11

[N/A][502104354] High CVE-2026-9936: Use after free in GFX. Reported by Google on 2026-04-13

[N/A][502112506] High CVE-2026-9937: Use after free in UI. Reported by Google on 2026-04-13

[N/A][502300817] High CVE-2026-9938: Inappropriate implementation in V8. Reported by Google on 2026-04-13

[N/A][502735235] High CVE-2026-9939: Heap buffer overflow in WebCodecs. Reported by Google on 2026-04-15

[N/A][502738003] High CVE-2026-9940: Heap buffer overflow in ANGLE. Reported by Google on 2026-04-15

[N/A][502812366] High CVE-2026-9941: Use after free in ANGLE. Reported by Google on 2026-04-15

[N/A][503438092] High CVE-2026-9942: Uninitialized Use in ANGLE. Reported by Google on 2026-04-16

[N/A][503464551] High CVE-2026-9943: Out of bounds read in WebGL. Reported by Google on 2026-04-16

[N/A][503471286] High CVE-2026-9944: Uninitialized Use in ANGLE. Reported by Google on 2026-04-16

[N/A][503565293] High CVE-2026-9945: Use after free in Media. Reported by Google on 2026-04-17

[N/A][503596863] High CVE-2026-9946: Use after free in ANGLE. Reported by Google on 2026-04-17

[N/A][503627446] High CVE-2026-9947: Use after free in XML. Reported by Google on 2026-04-17

[N/A][503790201] High CVE-2026-9948: Use after free in Views. Reported by Google on 2026-04-17

[N/A][503793153] High CVE-2026-9949: Use after free in Core. Reported by Google on 2026-04-17

[N/A][503862359] High CVE-2026-9950: Insufficient validation of untrusted input in iOS. Reported by Google on 2026-04-17

[N/A][503873388] High CVE-2026-9951: Use after free in UI. Reported by Google on 2026-04-17

[N/A][503929476] High CVE-2026-9952: Use after free in WebAudio. Reported by Google on 2026-04-18

[N/A][503985322] High CVE-2026-9953: Out of bounds read in ANGLE. Reported by Google on 2026-04-18

[TBD][504175497] High CVE-2026-9954: Use after free in TabStrip. Reported by yueliu of Microsoft on 2026-04-19

[N/A][504184408] High CVE-2026-9955: Inappropriate implementation in iOS. Reported by Google on 2026-04-19

[N/A][504195132] High CVE-2026-9956: Use after free in iOS. Reported by Google on 2026-04-19

[N/A][504516117] High CVE-2026-9957: Use after free in PDF. Reported by Google on 2026-04-20

[N/A][504555886] High CVE-2026-9958: Use after free in PDFium. Reported by Google on 2026-04-20

[N/A][504557432] High CVE-2026-9959: Race in WebRTC. Reported by Google on 2026-04-20

[N/A][504573260] High CVE-2026-9960: Integer overflow in PDFium. Reported by Google on 2026-04-20

[N/A][504710769] High CVE-2026-9961: Use after free in SurfaceCapture. Reported by Google on 2026-04-20

[N/A][504716948] High CVE-2026-9962: Use after free in WebRTC. Reported by Google on 2026-04-20

[N/A][505143241] High CVE-2026-9963: Uninitialized Use in iOS. Reported by Google on 2026-04-22

[N/A][505190999] High CVE-2026-9964: Use after free in Bluetooth. Reported by Google on 2026-04-22

[N/A][506377574] High CVE-2026-9965: Out of bounds write in ANGLE. Reported by Google on 2026-04-25

[N/A][506388321] High CVE-2026-9966: Integer overflow in XML. Reported by Google on 2026-04-25

[N/A][506414791] High CVE-2026-9967: Out of bounds write in GPU. Reported by Google on 2026-04-25

[N/A][506499280] High CVE-2026-9968: Integer overflow in V8. Reported by Google on 2026-04-25

[N/A][506550494] High CVE-2026-9969: Insufficient validation of untrusted input in ANGLE. Reported by Google on 2026-04-26

[TBD][506653647] High CVE-2026-9970: Use after free in WebGL. Reported by TFGC on 2026-04-26

[N/A][508448586] High CVE-2026-9971: Inappropriate implementation in iOS. Reported by Google on 2026-05-01

[N/A][508463705] High CVE-2026-9972: Uninitialized Use in Gamepad. Reported by Google on 2026-05-01

[TBD][509268941] High CVE-2026-9973: Out of bounds write in V8. Reported by amyb of OpenAI on 2026-05-04

[N/A][511710468] High CVE-2026-9974: Out of bounds write in GPU. Reported by Google on 2026-05-10

[N/A][511719039] High CVE-2026-9975: Out of bounds read and write in ANGLE. Reported by Google on 2026-05-10

[N/A][511732828] High CVE-2026-9976: Inappropriate implementation in USB. Reported by Google on 2026-05-10

[N/A][511741173] High CVE-2026-9977: Insufficient validation of untrusted input in WebShare. Reported by Google on 2026-05-10

[N/A][511741396] High CVE-2026-9978: Use after free in Glic. Reported by Google on 2026-05-10

[N/A][511742228] High CVE-2026-9979: Insufficient validation of untrusted input in Input. Reported by Google on 2026-05-10

[N/A][511776372] High CVE-2026-9980: Insufficient validation of untrusted input in Printing. Reported by Google on 2026-05-10

[N/A][512995705] High CVE-2026-9981: Inappropriate implementation in Skia. Reported by Google on 2026-05-13

[N/A][513001247] High CVE-2026-9982: Insufficient validation of untrusted input in ANGLE. Reported by Google on 2026-05-13

[N/A][513001309] High CVE-2026-9983: Type Confusion in Skia. Reported by Google on 2026-05-14

[N/A][513002543] High CVE-2026-9984: Use after free in UI. Reported by Google on 2026-05-14

[N/A][513019760] High CVE-2026-9985: Insufficient validation of untrusted input in Media. Reported by Google on 2026-05-14

[N/A][513028160] High CVE-2026-9986: Insufficient validation of untrusted input in OptimizationGuide. Reported by Google on 2026-05-14

[N/A][513046475] High CVE-2026-9987: Insufficient validation of untrusted input in WebAppInstalls. Reported by Google on 2026-05-14

[N/A][513049286] High CVE-2026-9988: Use after free in WebRTC. Reported by Google on 2026-05-14

[N/A][513054053] High CVE-2026-9989: Inappropriate implementation in Media. Reported by Google on 2026-05-14

[N/A][513128608] High CVE-2026-9990: Use after free in WebAppInstalls. Reported by Google on 2026-05-14

[N/A][513173565] High CVE-2026-9991: Inappropriate implementation in Media. Reported by Google on 2026-05-14

[N/A][513177826] High CVE-2026-9992: Use after free in Network. Reported by Google on 2026-05-14

[N/A][513208588] High CVE-2026-9993: Use after free in Views. Reported by Google on 2026-05-14

[N/A][513235131] High CVE-2026-9994: Use after free in Core. Reported by Google on 2026-05-14

[N/A][513256572] High CVE-2026-9995: Use after free in WebXR. Reported by Google on 2026-05-14

[N/A][513268100] High CVE-2026-9996: Out of bounds read in WebRTC. Reported by Google on 2026-05-14

[N/A][513324041] High CVE-2026-9997: Use after free in Input. Reported by Google on 2026-05-14

[N/A][513337118] High CVE-2026-9998: Integer overflow in Skia. Reported by Google on 2026-05-14

[N/A][513364480] High CVE-2026-9999: Inappropriate implementation in ANGLE. Reported by Google on 2026-05-15

[N/A][513505608] High CVE-2026-10000: Use after free in Passwords. Reported by Google on 2026-05-15

[N/A][513505927] High CVE-2026-10001: Use after free in PerformanceManager. Reported by Google on 2026-05-15

[N/A][513536416] High CVE-2026-10002: Use after free in PDFium. Reported by Google on 2026-05-15

[N/A][513609324] High CVE-2026-10003: Use after free in Views. Reported by Google on 2026-05-15

[N/A][513730012] High CVE-2026-10004: Insufficient validation of untrusted input in Passwords. Reported by Google on 2026-05-16

[N/A][513750089] High CVE-2026-10005: Use after free in WebAppInstalls. Reported by Google on 2026-05-16

[N/A][513750691] High CVE-2026-10006: Race in WebAudio. Reported by Google on 2026-05-16

[N/A][513754619] High CVE-2026-10007: Use after free in SVG. Reported by Google on 2026-05-16

[N/A][513768979] High CVE-2026-10008: Uninitialized Use in GPU. Reported by Google on 2026-05-16

[N/A][513973560] High CVE-2026-10009: Integer overflow in Skia. Reported by Google on 2026-05-17

[N/A][513995565] High CVE-2026-10010: Inappropriate implementation in Input. Reported by Google on 2026-05-17

[N/A][514017326] High CVE-2026-10011: Inappropriate implementation in Skia. Reported by Google on 2026-05-17

[N/A][514063977] High CVE-2026-10012: Use after free in Skia. Reported by Google on 2026-05-17

[N/A][514715455] High CVE-2026-10013: Use after free in WebCodecs. Reported by Google on 2026-05-19

[N/A][514742327] High CVE-2026-10014: Use after free in WebMIDI. Reported by Google on 2026-05-19

[N/A][514746176] High CVE-2026-10015: Integer overflow in WTF. Reported by Google on 2026-05-19

[TBD][515155946] High CVE-2026-10016: Use after free in DOM. Reported by pwn2addr on 2026-05-20

[$3000][504156069] Medium CVE-2026-10017: Out of bounds read in Headless. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-04-19

[$2000][504175501] Medium CVE-2026-10018: Integer overflow in ANGLE. Reported by Rahul Raj on 2026-04-19

[$2000][505056913] Medium CVE-2026-10019: Integer overflow in ANGLE. Reported by Mufeed VH from Winfunc Research (winfunc.com) on 2026-04-21

[N/A][496565479] Medium CVE-2026-10020: Insufficient validation of untrusted input in Skia. Reported by Google on 2026-03-26

[N/A][497327715] Medium CVE-2026-10021: Insufficient validation of untrusted input in USB. Reported by Google on 2026-03-29

[TBD][513289241] Medium CVE-2026-10022: Type Confusion in V8. Reported by ggwhyp on 2026-05-14

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

Srinivas Sista

Google Chrome

Releases Notes for 30.0.4

Windows Installer
Windows No Installer (zip)
macOS - Universal
Linux - deb, AppImage or rpm

Windows intel x32 releases are marked -ia32-

ChangeLog:

• Uses electron 42.3.0
• Updates to draw.io core 30.0.4.

Today, we are excited to share with our community a brand-new feature coming to both Euro Truck Simulator 2 and American Truck Simulator with the upcoming 1.60 update - Game Radio!

For many drivers, music and the open road naturally belong together. Whether you are cruising through the countryside at sunset, hauling cargo across busy interstates, or relaxing during a long night drive, the right soundtrack can completely change the atmosphere of your journey. With Game Radio, we wanted to take that experience much further than a simple music player.

Game Radio is a brand-new in-game radio system designed to deepen immersion, support roleplay, and make every drive feel more authentic. Rather than approaching radio as just another technical feature, we created a collection of stations with their own distinct identities, philosophies, moods, and sounds. This is Game Radio's first chapter - built on music, with more layers planned for the road ahead.

At launch, Game Radio will feature five unique radio stations:

Rust FM

Rust FM is a guitar-driven station bridging five decades of rock, from the psychedelic garage sounds of the late 60s all the way to modern indie. Built for drivers who enjoy raw riffs, extended solos, distortion, and live energy.

This station features, amongst others, Sorry and SASAMI, both on Domino Records. Sorry is a North London indie band whose debut was co-produced by James Dring of Gorillaz fame, while SASAMI is a classically trained French horn player from the Eastman School of Music who scored films and commercials before going solo. Also on the roster: Holiday Ghosts, a DIY duo from Cornwall who record on their own equipment and have built a devoted cult following in the UK underground. 

Escape

Escape is for drivers whose nervous systems are stretched thin, a place to slow down, settle in, and find some quiet. Lo-fi textures, jazzy chords, minimal beats. Escape is ideal for peaceful night drives and calm moments behind the wheel.

Escape is also currently the only stream-safe station available at launch, featuring StreamBeats by Harris Heller, a music library built by a streamer, for streamers. Its music is specifically licensed with streamers in mind, designed to help avoid copyright claims and support content monetization. Players will be able to enable Streamer Mode directly from the game menu.

PUMP IT!

PUMP IT! turns your truck cabin into a dance floor, built on hypnotic beats and precisely engineered production. This station is all about movement and intensity. Don't think it. Just feel it. Featuring Tony Romera, a French producer with official remixes for Calvin Harris and Diplo, and a #1 track on the Beatport Overall Charts, and KIDSØ, a Munich duo known for fully improvised live shows with live visual installations across the European festival circuit.

Pop Gear

Pop Gear runs on hooks, momentum, and dopamine. Designed to capture attention and trigger the irresistible urge for just one more song, the station thrives on the emotional highs of contemporary pop: modern production, catchy melodies, hook after hook. Featuring Palace Winter, a Copenhagen duo the New York Times called "a darkly intoxicating potion," and School of X, a Danish artist whose music moves between orchestral pop and raw electronics.

Roadio

Roadio is dedicated to American roots music that feels grounded, honest, and deeply connected to the spirit of the open road. Inspired by wide landscapes, truck stops, desert highways, and classic Americana, Roadio aims to become the perfect companion for long-distance hauls and quiet moments of reflection. Featuring Bonnie 'Prince' Billy, one of indie folk's most revered voices whose song "I See a Darkness" was covered by Johnny Cash; Grammy nominee and 2021 IBMA Songwriter of the Year Thomm Jutz; and New Zealand singer-songwriter Amber Lynn Nicol.

Game Radio features music from artists across some of the most respected independent labels in the world, including Domino Recording Company, home to Arctic Monkeys, Franz Ferdinand, and Wet Leg, alongside Drag City, Ninja Tune, and independent artists who record and tour entirely on their own terms. Every track was chosen by hand, built to hold up across hundreds of hours of driving.

Game Radio Feature

Game Radio will expand the existing audio experience alongside the current Radio Stream (Online Radio) and Music Player systems, while also bringing a variety of improvements to music selection, user experience, and overall interaction with the in-game audio players.

In-game Widget

While driving, the Audio Player widget will appear above the navigation interface and display detailed playback information, including:

• Unique station name and icon
• Current song title
• Artist name
• Animated audio wave visualization
• Favorite station indicator

Players will also be able to customize the behavior of the widget through the Widget Options menu (F6), allowing them to tailor how and when radio information appears during gameplay. 

Support for Community-Created Stations

We are also excited to support creative possibilities for our modding community. Players will be able to create their own custom radio stations featuring their own music and share them with the community for playback, just like any other mods.

Game Radio has been designed to become part of the driving experience itself. Different stations can completely change the atmosphere of your journey, whether you are hauling cargo through dense urban traffic, crossing remote deserts, or enjoying scenic roads across Europe and North America.

This feature also brings improvements to the existing music and radio systems, creating a more seamless listening experience while driving.

We are incredibly excited to finally begin sharing more about Game Radio with our community, and we look forward to hearing which station becomes your favorite once 1.60 arrives. The stations you hear at launch are the foundation. Music comes first, and there is plenty more we want to build on top of it in the future!

Be sure to follow us on X/Twitter, Facebook, Instagram, Bluesky, and YouTube for all the latest updates. Don't forget to sign up for our newsletter as well! See you out on the road, and until next time, keep on truckin’.

Alexander heeft Claude Code ingeruild voor Codex en vibecodet inmiddels vanaf zijn telefoon met een talent voor overgave dat Ernst-Jan de stuipen op het lijf jaagt: wie geeft er nou zijn DNS-paneel en Beeper aan een AI met de woorden 'succes, one shot'?De Substack tax jaagt makers massaal weg vanwege die 10 procent, maar POM stapte zelf over naar Beehiiv en ontdekte dat het gras daar niet per se groener is, alleen anders gemaaid. Verder een ode aan NRC, dat een nerdenkrant is geworden en gewoon 'VPN' in de kop durft te zetten, plus een essay van Andreessen Horowitz over de diepgewortelde haat tussen Silicon Valley en de media. En vandaag een heus cultuurblokje: Ernst-Jans maand zonder social media, een verslavende Substack over stoppen met drinken, en een true crime-boek dat eigenlijk gewoon een podcast op papier is. Veel plezier met luisteren!

Verder lezen over wat Carbon Equity nog meer doet? Lees meer op carbonequity.com

📧 Volg onze eigen nieuwsbrief via pom.show

🧡 Hier word je lid van de Telegram community: pom.community

🚀 Kijk clips via onze Instagram: https://instagram.com/podcastovermedia

💚 Volg de nieuwsbrief van Ernst-Jan.

💫 Volg de nieuwsbrief van Alexander.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.pom.show

💾

Om deze aflevering te kijken (YouTube bant ons steeds) → https://www.pom.show/p/papa-is-niet-boos-papa-is-teleurgesteld

Met Alex Mazereeuw bespreken we weer de televisiemaand en het thema is splitbrain. De NOS pakte het Songfestival over van AvroTros en koos niet voor sobere journalistiek maar voor de sportredactie-aanpak: twee showponies in het commentaarhokje en feestneuzen op. Jack van Gelder liet zich live inbellen bij Shownieuws om zijn Telegraaf-uitspraken over Hélène Hendriks terug te draaien, compleet met AirPods die naar boven wijzen en een teddybeer op de achtergrond. Yvonne Coldeweijer won haar rechtszaak tegen Talpa maar mag nu exclusief content maken op Kijk.nl, waar niemand kijkt. Pesterij verpakt als schikking. Ondertussen grijpen de streamingdiensten hard terug naar platheid: Videoland kondigt een Flodder-remake aan en Amazon Prime lanceert Ticket to the Tribes, een programma waarin Nederlanders stammen in Afrika bezoeken dat zo uit 2010 lijkt weggelopen…

Verder lezen over wat Carbon Equity nog meer doet? Lees verder op carbonequity.com

📧 Volg onze eigen nieuwsbrief via pom.show

🧡 Hier word je lid van de Telegram community: pom.community

🚀 Kijk clips via onze Instagram: https://instagram.com/podcastovermedia

💚 Volg de nieuwsbrief van Ernst-Jan.

💫 Volg de nieuwsbrief van Alexander.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.pom.show

💾

Gen Z doet aan China Maxxing: warm water drinken, appeltjes koken en warme voeten als levensfilosofie. Alexander ging een stap verder en vloog naar Shenzhen, waar het standaard toeristenprogramma bestaat uit drone-bezorging, zelfrijdende taxi's en een exoskelet aantrekken. Op de elektronicamarkten liggen volledig werkende iPhones zonder serienummer voor de helft van de prijs, samengesteld uit onderdelen die allemaal in de buurt gemaakt worden. Een lokale VC legt uit waarom slimme Chinezen na een Amerikaanse studie gewoon terugkomen: research grants drie keer zo hoog, iteratiecycli van een dag voor hardware-startups, en ieder jaar wordt het leven zichtbaar beter. Op een roboticabeurs verkoopt stand na stand losse oogjes, haartjes en software voor humanoids, inclusief een robot die patrouilleert op een basisschool. Autofabrikant Xpeng laat een vliegende auto zien die er absurd uitziet maar wel echt in productie gaat. En dan is er nog de Chinese bureaucratie: Alexander haalt zijn rijbewijs via een kafkaësk parcours met stempels, Noord-Koreaanse microfoons en een verplicht halfuur SBS6-achtige verkeersongelukken kijken.

Meer weten over Carbon Equity? Lees verder op carbonequity.com

Meer informatie over Undersigned vind je hier.

📧 Volg onze eigen nieuwsbrief via pom.show

🧡 Hier word je lid van de Telegram community: pom.community

🚀 Kijk clips via onze Instagram: https://instagram.com/podcastovermedia

💚 Volg de nieuwsbrief van Ernst-Jan.

💫 Volg de nieuwsbrief van Alexander.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.pom.show

💾