The seL4 organisation on GitHub uses git-repo to manage multiple source repositories, and so there are a large number of projects to get your head around when figuring out the ecosystem.

As an experiment, I have taken the various manifest files across the org, and constructed a graph based on how frequently each pair of repositories is mentioned in a manifest together. See below:

[This may render badly when syndicated outside of my blog; and also on small screens. And probably large screens. I’ve attempted to make sure there’s a non-JS fallback – on my site with JS enabled, if you hover over a node, it should highlight connected nodes.]

The colouring of the nodes is mostly manual; I experimented with graph clustering algorithms but have not found a satisfactory result so far. Still, some clusters are obvious:

• Kernel – the seL4 microkernel proper. This often but not always co-exists with the main cluster of core libraries, but it is pulled away slightly by the verification and microkit manifests.

• Verification – the verification repositories (l4v, HOL, graph-refine, polyml, isabelle) form a very distinct group. These are connected only to the seL4 microkernel itself, which is the only component formally verified.

• Microkit – microkit is a newer operating system framework that does not use CAmkES, so stands apart from the rest of the pack. I chose to scope this work to the seL4 org, so the LionsOS ecosystem and sDDF which are maintained by Trustworthy Systems are not shown. Also not linked is rust-sel4, because this modern world isn’t using git-repo in the main to manage its repositories.

• RefOS – I’d not come across refos before, but it appears to be an example OS from 2021 built on the seL4 kernel.

It’s quite hard to pull apart the CAmkES framework and the core libraries; there are definitely some which are more associated with VM management, but the overall shape of this co-occurence data is a messy ball in the middle with some outliers in orbit. One observation is that camkes is correctly identified as more peripheral than camkes-tool, which contains the actual core CAmkES code.

Reflecting on this approach, in hindsight I’m surprised that using co-occurences worked as well as it did – there was no attempt to actually inspect the code and find direct mentions of other code e.g. library header dependencies. As the newer microkit effort largely eschews git-repo, better results might be found by actually taking that more detailed approach, so that graph edges could represent real dependencies between two packages. Additionally, this could allow diving into the various libraries held in the different ’libs’ repos, to get a more granular graph of relationships between them.

However, I think I spent more time on making it possible to render graphviz graphs easily on my blog than actually gaining any insight into the codebase!

Armadillo is a powerful and expressive C++ template library for linear algebra and scientific computing. It aims towards a good balance between speed and ease of use, has a syntax deliberately close to Matlab, and is useful for algorithm development directly in C++, or quick conversion of research code into production environments. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 1282 other packages on CRAN, downloaded 47.1 million times (per the partial logs from the cloud mirrors of CRAN), and the CSDA paper (preprint / vignette) by Conrad and myself has been cited 697 times according to Google Scholar.

This versions updates to the 15.4.0 upstream Armadillo release made on Thursday. We had run a complete reverse-dependency check leading up to it, asserting there were no issues with packages dependent on it. As it sometimes goes with that many packages involved, one CRAN package reported one test failure. And it turned out to be both unrelated and pre-existing. But sorting this out over one round of email delayed things by a day. And then I went cycling for a good cause so this announcement post comes a little later than usual. The package has also been updated for Debian, built for r2u, and by now also at CRAN for the different binary releases.

All changes since the last CRAN release follow.

Changes in RcppArmadillo version 15.4.0-1 (2026-06-17)

• Upgraded to Armadillo release 15.4.0 (Medium Roast Agave)

  • Added fill::nan, fill::pos_inf, fill::neg_inf as optional fill forms for the Mat class

  • Added .push_back() for appending elements to vectors

  • Faster handling of find() within .elem()

  • Faster element-wise min() and max()

  • Faster conv_to when element types of input and output objects are the same

Courtesy of my CRANberries, there is a diffstat report relative to previous release. More detailed information is on the RcppArmadillo page. Questions, comments etc should go to the rcpp-devel mailing list off the Rcpp R-Forge page.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. If you like this or other open-source work I do, you can sponsor me at GitHub. You can also sponsor my Tour de Shore 2026 ride in support of the Maywood Fine Arts Center.

[0.16.10] - 2026-06-21

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

• International Domain Names (IDN) support (#207).
• OAuth:
  • OAuth Profile for Open Public Clients (draft-ietf-mailmaint-oauth-public)
  • Client secret verification for confidential clients.
• HTTP: Add redirectRoot option to Http object to allow redirecting requests to the root path to a different path (e.g. /account).
• ACME: reuseKey option to allow reusing private keys in renewals.
• IMAP:
  • IMAP Extension for Object Identifiers (draft-ietf-mailmaint-imap-objectid-bis)
  • GETJMAPACCESS command to discover the JMAP session resource URL (#2736).

Changed

Fixed

• JMAP conformance (pass the jmap-test-suite tests):
  • Methods are only available if their capability is in using.
  • Reject requests that do not specify application/json in the Content-Type header.
  • Require accountId argument on requests.
  • Return unparsable ids in notFound / notUpdated / notDestroyed / notCopied instead of dropping them.
  • Default calendars and address books are not subscribed by default.
  • */set: Unchanged immutable id property is rejected on update.
  • */query and */queryChanges: nullrejected asnotRequest`.
  • Email/query:
    • Improper anchor handling.
    • Total miscount when collapseThreads is enabled.
    • Wrong sort order on hasKeyword, allInThreadHaveKeyword, and someInThreadHaveKeyword conditions.
    • Non-standard header values are not searchable.
  • Email/copy: Take the source message id from the value's id property.
  • Email/set: Bump reference-resolution max_depth from 1 to 2.
  • Email/import: Reject blobs that do not contain valid messages.
  • EmailSubmission/set: return sendAt and undoStatus in the created response.
  • Mailbox/set: Return alreadyExists instead of invalidProperties when creating a mailbox with an existing name.
  • SearchSnippet/get: incorrect response structure.
  • Thread/changes: emit a container delete when a thread becomes empty.
  • VacationResponse/set: incorrect singleton handling.
• IMAP: Discard oversized non-synchronizing literals (#2768).
• DANE: Improper TLSA record validation (#2328 - credits to @vdukhovni).
• OIDC: Add default domain name to groups that are not email addresses.
• RocksDB: Enable blob garbage collection to reclaim disk space from deleted blobs.
• Sieve: include statements ignore capitalisation of sub-script names (#1643)
• Cache: Invalidate negative email caches when an account is created.
• Troubleshoot tool: Use the configured source IP address when connecting to remote servers (#2867).

Check binary attestation here

Following up on my previous post, I have released the debvulns CLI. This utility uses the same parsing logic as the debsecan-mcp server but exposes the functionality directly via the command line.

usage: debvulns [-h] [-s {critical,high,medium,low,negligible}] [-f {json,csv}] [--sort-by {package,cve}] [--vuln-url VULN_URL] [--epss-url EPSS_URL] [--suite SUITE]
                [--cache-dir CACHE_DIR] [--no-cache] [-v]

debvulns - CLI Debian Vulnerabilities Tracker

options:
    -h, --help            show this help message and exit
    -s, --severity {critical,high,medium,low,negligible}
                          Filter vulnerabilities by severity
    -f, --format {json,csv}
                          Output format (default: json)
    -sort-by {package,cve}
                          Sort vulnerabilities by 'package' or 'cve'
    --vuln-url VULN_URL   Custom URL or local path for Debian Security Tracker data
    --epss-url EPSS_URL   Custom URL or local path for EPSS scores data
    --suite SUITE         Debian suite name (e.g. bookworm, sid). Auto-detected by default.
    --cache-dir CACHE_DIR
                          Directory to cache fetched and parsed data (default: /var/cache/debvulns)
    --no-cache            Do not use cached data, force downloading and parsing
    -v, --verbose         Enable verbose debug logging (sent to stderr)

Part-DB 2.12.3

Security fixes

• Fixed missing SVG sanitatization, when file was uploaded with non-svg extension
• Added CSP headers to static files, to prevent script execution, should an vulnerable file be uploaded somehow

Other changes

• Updated KiCad symbols
• Updated dependencies

Full Changelog: v2.12.2...v2.12.3

This post is an unpublished review for systemd for Linux SysAdmins

systemd. Yes, in full lowercase. If there is ever a technology to cause controversy in the Linux world, this is it. Since its inception in 2010, systemd’s goals were set quite high — replacing the vital part in every Linux system that takes care of the system boot process. It quickly reached maturity, allowing its to be adopted as the main init system in most major distributions just five years later. But even given we are describing events that happened over a decade ago, systemd adoption still raises the temperature in any Linux-related discussion.

David Both’s comprehensive book tackles the “what”, the “why” and the “how” issues surrounding systemd. Carefully divided in 16 chapters, going from explaining the basics and some of the technical and political history behind the project to the different subsystems and aspects covered by systemd, its almost 450 pages can scare people away — but the text is written in a very clear, tutorial-like fashion, and while it can be read sequentially, cover-to-cover, the book is amenable for readers to pick a single aspect and jump straight to the relevant chapter.

One of the frequent criticisms the systemd project has received is that it aims to basically rewrite all of a Linux system, and just looking at this book’s index shows there is some truth to it. The first chapter is an introduction to the systemd project and a brief overview of its history (including the controversies around it), and the following four chapters deal about understanding and controlling the system boot process.

But that still leaves ten chapters to account for — they cover different aspects or sub-projects of systemd, such as time and date issues (synchronization, time specifications, and controlling repetitive tasks), understanding and leveraging the system journal that strongly departs from the old syslog system, network configuration and firewall management, system health and performance debugging — all of them, aspects that in the traditional Unix philosophy were managed by independent programs… And I can identify several systemd sub-projects not covered by this book!

We long-time Unix and Linux administrators took pride in how highly performant and stable systems were supported by the simplicity of our tools; systemd critics point out this massive project has absorbed dozens of individual tools, yielding corporate control over vast swaths of vital system tooling. Truth is… as a sysadmin myself, systemd is today one of my greatest allies.

I appreciate the author evaluates every component independently, including his personal evaluation of each — even stating he prefers working with the traditional programs in several areas.

If there is a criticism I must make about this book is that, although typographically it is well formed and taken care of, given it includes large amounts of console captures, having a maximum width below 70 characters means several lines are unnaturally cut short (and continued with odd indentations). I understand there is probably no “right” way to solve this, but it does affect the feeling of naturally reading the text.

32.2 New Features

• Replaced add source dropdown with new dialog [Warchamp7]
• Improved FPS selector UX [jcm93]
• Added missing file support for filters [exeldro]
• Added ability for plugins to set custom icons for new source types [cg2121]
• Included .webp files when adding a directory to Image Slide Show source [TarunCore]
• Added copy paste functions to frontend API [exeldro]
• Added filter to compose SDR into HDR [jpark37]
• Added delete as a hotkey to delete sources on macOS [PatTheMav]
• Added dynamic bitrate support to multitrack video [lexano-ivs]

32.2 Changes

• Forced Intel-based installations to update to Apple Silicon version on macOS [PatTheMav]
  • This change means that OBS Studio versions built for Intel-based Macs but running on Apple Silicon Macs will automatically update to OBS Studio built for Apple Silicon Macs. If an installation was using third-party plugins, those plugins will no longer load until replaced with Apple Silicon versions.
• Fixed audio mixer state getting out of sync when changing settings via websockets or plugins [Warchamp7]
• Added theming for checked QToolButtons [glikely]
• Improved OpenGL performance slightly on low-end machines [kkartaltepe]
• Set minimum size for color source to 1 pixel [exeldro]
• Added minimum width to spinboxes [Warchamp7]
• Disallowed overwriting the crash handler [sebastian-s-beckmann]
• Applied process mitigation policies for Windows [notr1ch]
• Adjusted description of multitrack video [jhnbwrs]
• Changed new capture devices to use fallback frame rate by default [PatTheMav]
• Improved DLL loading behavior on Windows [notr1ch]
• Limited multitrack video config to Custom service [PatTheMav]

32.2 Bug Fixes

• Fixed OAuth and dock state save corruption [PatTheMav]
• Fixed group bounds not resizing when removing items [howellrl]
• Fixed canvas mixes not being restored after video reset [dsaedtler]
• Fixed some erroneous crashes during shutdown [Warchamp7]
• Fixed display capture sometimes capturing black after a duplicator failure [ThrowTop]
• Fixed color of controls dock output buttons in System theme [shiina424]
• Fixed virtual camera reset failures [stephematician]
• Fixed potential crash when user discards changes in the settings window [suogesi]
• Fixed incorrect return value in virtualcam filter [xtfo]
• Fixed source toolbar buttons not working after dragging a source into a group [Warchamp7]
• Fixed properties hint icon spacing [Warchamp7]
• Fixed potential crash when a video device reconnects on macOS [jcm93]
• Fixed an issue where PipeWire could fail on NVIDIA GPUs [hoshinolina]
• Fixed obs_canvas_get_video_info returning incorrect framerate [dsaedtler]

32.2 Deprecations

• Deprecated obs_properties_add_button [sebastian-s-beckmann]

Today, we’re excited to introduce the team behind the upcoming Soul of Anatolia map expansion for Euro Truck Simulator 2. This upcoming DLC will take drivers on a journey through one of Türkiye’s most diverse and captivating regions, featuring a rich blend of landscapes, historic cities, cultural landmarks, and scenic roads waiting to be explored.

In this edition of Meet the Team, we’d like to give you a closer look at some of the people working on the project. They have prepared a few words about themselves, their roles, and the work they have been focusing on throughout the map's development. We hope you enjoy getting to know the team helping shape the world of Soul of Anatolia.

Ernest - ETS2 Map DLC Lead

I’ve been working at SCS for seven years now, and during that time I’ve been involved in a wide range of projects. Following the Greece DLC, Soul of Anatolia is my second project as lead. Just as in the past, I’m fortunate to have a very talented and enthusiastic team, whose work, even now in the development stage, shows that Anatolia will once again be a breathtaking DLC. Türkiye is a beautiful country, and everyone on the team is fully committed and proud to bring it to players in the most perfect form possible. I can’t wait to show you more! 

Tomáš - Senior Map Designer

I joined SCS in December 2017 as a map designer, and I’ve been working in the same role ever since. Over the years, I’ve created many locations in our game world that you can drive through. I played a major role in the creation of cities such as Klaipeda, Andenes, Larissa, Lillehammer, Zadar, Olbia, and Kovrov, and I am currently creating cities for the Soul of the Anatolia DLC. I have also created many roads connecting these cities.

One of the major tasks that is part of my job as a map designer is working on border crossings. If you’ve ever driven through a border crossing in our game, you’ve likely come across my work. At some point, I became a specialist in this area, and I’m now in charge of all work related to borders. 

What I enjoy the most about being a map designer is discovering new possibilities for map creation. I always try to get the most out of a specific location and bring as much originality and authenticity as possible into the game world. What brings me the most joy is when a player drives along our roads and recognises places they’ve visited in real life. Euro Truck Simulator 2 is still just a game, but we strive to make the player feel like they’re moving through the real world, and when that feeling comes to the player, it’s a sign to me that I’m doing my job well.

Jakub - Map Designer

My journey into game development began at SCS four years ago, when I joined the team working on the West Balkans DLC. Since then, I’ve had the opportunity to grow both professionally and creatively while contributing to projects such as the Greece DLC and the Nordic Horizons DLC.

Creating immersive game worlds is where I feel most at home. As a creative person with a keen eye for detail, map design allows me to make the most of my strengths, bringing virtual environments to life and shaping experiences for players to explore.

I specialise primarily in landscapes, expansive scenery, and distinctive locations with unique character and atmosphere. I enjoy finding ways to get the most out of every location and creating a world that feels natural and authentic.

The greatest reward for me is the moment when I see that players are truly enjoying the game and that the world we’ve worked on is able to draw them in.

In addition to designing the game world, I also contribute to the creation of cutscenes and enjoy sharing my experience with my colleagues. I consider the sharing of knowledge across the team to be an important part of our work, as is our collective effort to continually improve the quality of our game.

Soul of Anatolia will be another beautiful and entertaining map DLC. You have a lot to look forward to!

Klára - Map Designer

Hi, my name is Klára, and I have been working at SCS for 3 years. During this time, I had the opportunity to be part of the amazing map teams that worked on the Greece DLC and the Nordic Horizons DLC. This time we are going to Türkiye, a country that truly stands out with its breathtaking landscapes, rich history, and unique culture. I am looking forward to capturing its atmosphere and bringing it to our game. Buckle up because this is just the beginning, and there will be much more to see!

Vlad - Map Designer

I come from the modding community, where I passionately built map mods for ETS2 for more than 10 years. Now, I have finally decided to join SCS Software, where I've already been working for almost 2 months! As a former experienced logistician and expeditor, SCS' trucking games actually inspired me to study transport and logistics, which led me to work in the logistics industry in the past. On the modding forums, I'm also known by the nickname "Vladzz-G".

Türkiye is my first project at SCS. It is a quite mountainous country, so it’s a great challenge and opportunity to apply my 10 years of mapping experience to represent the region as realistically as possible. Even so, I am still discovering new mapping tricks that make the work easier. Right now, I’m working hard on a coastal city (the name of which I won't reveal just yet!), creating advanced road layouts and doing initial landscape work. It is interesting that a long time ago, I tried to avoid mapping mountainous areas because I thought it would be too difficult, and I mostly preferred mapping flat or gently rolling terrain. But now, I feel quite confident mapping mountains too!

I can't wait to see how this DLC will look in the end, and I'm so excited to share my work with you all when the official DLC releases!

Ondřej - Junior Map Designer

Hi everyone. I've been a fan of city-builders and simulators for a long time now, so a few months ago I decided to join the SCS family as a map designer, which combines both of my favourite genres in one.

Currently, I'm still learning and working on my very first project. The southern part of the Turkish coastline is as beautiful as it is challenging. I think that with its big hills and windy roads, it will be a great visual experience.

Petr - Junior Map Designer

Hi! I joined SCS Software a few months ago. Ever since I was a kid, I’ve always loved building miniature cities with toy blocks. Today, I’m a huge fan of building and strategy games, and I also love digital drawing. It’s awesome that I get to build worlds for a living!

Soul of Anatolia DLC is my first project. Currently, I’m working on the southern part of the country, which is known for its massive and beautiful mountain ranges. I’m still learning the ropes and gaining valuable experience from my amazing colleagues. I’m doing my best to truly capture the style of the local atmosphere. I’m giving it my all, and I really hope the players will enjoy exploring the new map.

Lucie - Junior Map Designer

I joined SCS in 2024 as part of the Nordic Horizons team, where I spent most of my time creating roads throughout Finland. 

Now, I have the opportunity to work on several cities and interesting locations across Anatolia. Each place has its own distinct character and atmosphere, which makes the work varied and constantly challenging. What I enjoy most is the chance to capture the richness and uniqueness of this region and bring it to life in our game world.

Kristýna - Map Designer

I joined SCS Software in 2020 and started working on the Iberia DLC, which was then in the middle of production. The last project I had the honour of working on before Anatolia called me was Nordic Horizons. I moved to the south from the towns below the Arctic Circle - there couldn't be a bigger contrast! It is this diversity and learning the peculiarities typical of different countries that keep us curious and eager to present those beautiful places in our game.

I joined the Türkiye team in the pre-production phase. I worked on various tasks across the map and in the process, got to know the variability and diversity of the regions of Anatolia. I was greatly impressed by the traces of rich history in the landscape. Due to the focus of our game on transporting goods, for example, Sultanhani Caravanserai cannot be missing. It is fascinating that sometimes, even at first glance, an ordinary hill, around which we drive, hides an archaeological site of ancient monuments.

Pavel - Map Designer

Hi, my name is Pavel, and I have been working at SCS Software for almost seven years. As a Map Designer, I have collaborated with many great people on projects such as the Iberia, West Balkans, and Greece DLCs.

Thanks to my passion for roads and driving, I gradually transitioned into the role of a road specialist, contributing my experience to other projects as well, including the Nordic Horizons DLC, the Scandinavia Refresh, and the Benelux Rework.

My goal is always to enrich each project with new ideas and details, such as new prefab types and road accessories, to bring the experience of our virtual world a little closer to the real one. I hope to deliver something special for you in this project as well.

That concludes today’s Meet the Team! We’d like to thank everyone featured in this blog for taking the time to share a little about themselves and their contributions to Soul of Anatolia.

We always enjoy giving our community a glimpse behind the curtain and highlighting the talented people who bring our virtual worlds to life. We hope you enjoyed learning more about the team and the passion driving this project forward.

As development continues, we look forward to sharing more updates from the road ahead. Until then, make sure to add the Soul of Anatolia DLC to your Steam wishlist and remember to follow us on X/Twitter, Instagram, Facebook, Bluesky, and TikTok, or subscribe to our newsletter, so you never miss any updates. Until next time, we will see you on the road!

In what is hopefully the conclusion of my hunt for a cheap tower server supporting REBAR [1] I have just bought a HP Z4 G4 with W-2125 CPU for $320.

Hardware

One interesting thing is that it has an adaptor from SATA power to 8 pin PCIe power. According to Wikipedia the 8 pin connector provides 150W at 12V [2]. According to Wikipedia SATA power cables include 3 12V pins each of which can deliver 1.5A [3] which is 54W. The system as I received it had a single SATA power plug connected so potentially 150W could be drawn from a connector designed for 54W. The first thing I did was to connect a second SATA power connector on the same cable so I could have connectors designed for a total of 108W supplying potentially 150W (and definitely more than 75W).

I found two versions of the specs for this system, this version seems to match what I bought as it references W-21xx CPUs [4] while this version matches what I would rather have with a W-22xx CPU [5]. The URL naming scheme implies that there are potentially at least a few other variants out there. So much for the “buy name brand and you can buy two systems with the same model and have them work the same” benefit you hope to get. Why don’t they just name them “G4.1”, “G4.2”, etc?

It seems that W-21xx and W-22xx CPUs are incompatible, so the W-2295 scoring 30,804 multithread and 2,634 single thread on passmark that I hoped to get isn’t an option [6].

The system is well designed for space efficiency, both it and the Z640 are 17cm wide but the Z4G4 allows my to close the lid with the Intel Battlemage card installed which doesn’t come close to fitting in a Z640. It has 8 DIMM sockets and with the ready availability of 32G DIMMS that allows 256G of RAM which is the maximum the motherboard supports. That compares well to the Z640 that only has 4 DIMM slots and the Z6G4 which only has 6.

The system supports a maximum RAM speed of DDR4-2666 which is better than the DDR4-2400 of the Z640 but less than the DDR4-2933 of the Z6G4.

The NVMe sockets on the motherboard are a convenient feature. Most systems I run need at most two NVMe devices so this saves a PCIe slot which is important when dealing with GPUs that take 2+ slots. Also for systems that don’t really need NVMe I can use some of the small NVMe devices that I have no other use for. 128G NVMe devices aren’t even worth selling and 256G will be of little use in the near future. So when I move to gen4 Z servers I can use up some of them without wasting slots.

Using the lesser socket LGA2066 in the Z4G4 is a minor annoyance, but for a single socket system 18 cores is probably enough.

The BIOS has an option for single-socket NUMA, which is basically locking cores in a single CPU to specific RAM channels. I enabled it but it did nothing presumably because I only have 2 DIMMs. When I get more DIMMs I’ll do some tests of that and compare it with NUMA on my Z840.

Variants

There are many different variants of the Z4G4 and the only way to recognise them is by the CPU not by any part number or serial number AFAIK. The first difference is between server grade CPUs (the W-2xxx CPUs) and desktop grade CPUs (the i7 and i9 CPUs). The systems with i7 and i9 CPUs don’t support ECC RAM which makes them less reliable, gives smaller limits for RAM

The below table compares the Z640 which is my current desktop PC with the Z4G4, Z6G4, and Z8G4 systems. For the latter 3 I have included multiple options for the parts that differ in different models in the same name series. The Z4G4 I have is an early one which only supports W-21xx CPUs which means a maximum RAM speed of 2666 and the best possible CPU would only be 15% faster than my Z640. I can only use this for ML stuff as it’s the only system I have with REBAR support (which works well).

Conclusion

In my previous blog post I concluded that the next step up for me would be DDR5 systems [10]. But now some of the LGA3647 systems are appealing. The Z8G4 would be a decent upgrade from my current Z840 build server and should be affordable long before any two socket DDR5 system becomes affordable.

The Z4G4 doesn’t have any potential for useful upgrades. But for me it was a good cheap way to house a GPU that had already damaged the motherboard of one good system. If the Z4G4 has a PCIe slot break the way my Z840 did then it wouldn’t bother me a lot. It was annoying to discover how limited this variant of the Z4G4 is after buying it, but at that price I can’t complain.

A Z6G4 could be a nice workstation if I found one at a really low price. The only reason I’d seek one out is if I had a need for a desktop workstation with REBAR support, which seems unlikely.

• [1] https://etbe.coker.com.au/2026/05/04/tower-servers-rebar/
• [2] https://en.wikipedia.org/wiki/PCI_Express#6-_and_8-pin_power_connectors
• [3] https://en.wikipedia.org/wiki/SATA#SATA_power_connectors
• [4] https://h20195.www2.hp.com/v2/getpdf.aspx/c05527757.pdf?ver=4
• [5] https://h20195.www2.hp.com/v2/getpdf.aspx/c05527757.pdf
• [6] https://tinyurl.com/2avfb8qe
• [7] https://tinyurl.com/2ddf7t5y
• [8] https://tinyurl.com/kgmagfs
• [9] https://etbe.coker.com.au/2026/04/10/hp-z640-e5-2696-v4/
• [10] https://etbe.coker.com.au/2025/08/02/server-cpu-sockets/

The Problem

In 2019 I blogged about getting a 4K monitor because of my vision being inadequate for a 2560*1440 monitor [1]. Now I’m using a 40″ 5120*2160 monitor [2] and still trying to find the correct balance between how much I want to see on the screen and what I am physically capable of seeing on screen.

Currently Kitty is my terminal emulator of choice [3]. What I most like about it is the feature of having multiple terminal windows in a single OS window, so instead of having 9 or 16 different xterm instances running all with possible alignment issues I have a single window for all terminals which can be brought to the foreground. The impending 6.7 release of KDE (my favourite Linux desktop environment) [4] includes the feature of per-screen virtual desktops which might be the feature I need to make multiple monitors usable for me. One of the factors stopping me from using multiple monitors in the past was the issue of not getting the alignment of dozens of xterms right if a monitor goes to sleep mode and is regarded as disconnected, moving a few Kitty windows is much easier than moving dozens of xterms (also a tiling window manager isn’t my style).

I’ve just decided that the Terminus font (my favourite out of the monospaced fonts in Debian) is too small for me at 9.0 point. But then I tried 10.0 which looked really ugly and an experiment showed that 10.5 looked good.

What I’ve Learned

This is the best explanation I’ve seen of how ridiculous the whole font point thing is [5]. It doesn’t and won’t ever correlate to pixels. So what we ideally want to do is set the size on screen to match the actual pixel size of the font. I can’t find any software to interrogate a font file and find out what sizes it supports. The web page for the Terminus font says that it supports 6×12, 8×14, 8×16, 10×18, 10×20, 11×22, 12×24, 14×28 and 16×32 [6]. So the question is how to get a terminal program that uses one of those.

Kitty doesn’t and won’t support specifying font size by pixel. I tried some other terminal programs, I started with the Debian Wiki page TerminalEmulator [7] which wasn’t very helpful, I added some new entries to that page. There doesn’t seem to be another option for a terminal emulator with multiple terminals in one OS window that can arrange them automatically. I didn’t even get to the stage of checking whether other terminal emulators supported font size in pixels.

The lcdf-typetools package contains the program otfinfo which gives some interesting information on fonts but nothing about the font sizes in pixels.

Sites like Coding Font to compare fonts [8] can never work properly as the fonts will always be slightly different sizes as the same point size doesn’t mean the same display size.

The Current Situation

On my 5120*2160 monitor with 9 Kitty terminal sessions with 9.0 point font they each have 277*50 characters. With 10 point it’s 237*46 but fuzzy and unpleasant to read. With 10.5 point it’s 208*43 which isn’t as good as I’m used to but is still almost 4.5* as many characters as the original 80*25 standard for terminals.

Some time before 2019 I had a 4*4 array of terminal windows that were 100*25 or 120*25. That left some space at the right and bottom so I could open another 8 or 9 terminals that were partially obscured if I needed to. By 2019 before getting a 4K monitor I had a 3*3 array of terminal windows as my standard desktop and a larger monitor that did 4K resolution allowed me to have 16+ terminals again. Now with Kitty I routinely have 9 terminals in a 3*3 array and I can easily open more if I need them and have them resize appropriately.

This situation works reasonably well, but the element of just trying different sizes in 0.5 point increments until I find something that looks good is unpleasant. I should be able to specify the next largest increment of the bitmaps in the font and just have it look good.

Conclusion

It would be good if more people tested the terminal emulators in Debian and added information to the wiki page about them. The current page is useful but needs more information to support the variety of features that people find important.

We need some tools to provide information on fonts in Debian, such as the sizes of bitmapped fonts.

The whole point size thing is just wrong and would ideally go away. The vast majority of font use nowadays is for things that will probably never end up on a printed page so trying to map it to a physical size in fractions of an inch makes no sense. But that’s just one of many horrible things used for backwards compatibility that aren’t going to go away any time soon. Really everything involving inches should go away.

• [1] https://etbe.coker.com.au/2019/11/18/4k-monitors/
• [2] https://etbe.coker.com.au/2024/07/23/more-5120×2160-monitor/
• [3] https://etbe.coker.com.au/2023/10/29/hello-kitty/
• [4] https://kde.org/announcements/plasma/6/6.7.0/
• [5] https://tonsky.me/blog/font-size/
• [6] https://terminus-font.sourceforge.net/
• [7] https://wiki.debian.org/TerminalEmulator
• [8] https://www.codingfont.com/

12.19 - 2026-06-20

⛰️ Features

• Label the new tab like the selected table, in the "Select top x rows" action - (f87cc85)

🚀 Enhancements

• Pass LogLevel=error to the SSH command line - (923296d)

🐛 Bug Fixes

• (ui) Apply "disabled painting" to tree node icons, not to the text which gets unreadable - (4b2f469)
• Crash in grid export with no focused column and usage of IfThen() which evaluates all arguments before the function is called - (bfe336b)
• Reveal default text value of SQLite columns - (7f6e368)
• Do not use INVISIBLE keyword on MariaDB - (fb082b8)
• Prevent duplicate icons in Linux Alt-Tab by providing StartupWMClass with what xprop told me in the WM_CLASS line - (249c311)
• Compiler error 4001 on arm64: Incompatible type - (1dbe1ae)
• Compiler error 4001 and 4025on arm64: Incompatible type for arg no. 1: Got "SYSTEM.UITYPES.TFontStyles", expected "GRAPHICS.TFontStyles" - (aefc8fb)
• Compiler error 4001 on arm64: Incompatible types: got "TFontStyles" expected "Set Of TFontStyle" - (f67445f)
• Unhide hint on lblPasswordHint - (5f35d41)
• Initially visible password hint may confuse user - (ed0f932)
• Set new authentication plugin only if the user changed it, and then hint the user this will reset the password - (4ed89b8)
• Error dialog due to unsupported SHOW GLOBAL VARIABLES query on MySQL 3.x servers - (49c70f8)
• Truncate strings on UTF-8 boundaries in StrEllipsis - (2174388)
• Prevent access violation on session disconnect (nil ActivePage) - (f878277)
• "sort alphabetically" checkbox in column selector does nothing on macOS - (ec2b942)
• A checkbox does not seem to have Focused on macOS during a mouse-click - (c21f646)
• Work around mysql bug for "hidden" routines in UPPERCASE databases - (f51834c)

⚙️ Miscellaneous Tasks

• Add missing download QT6ARM step to release job - (7df0567)
• Align hostname in Transifex config file with the one in my ~/.transifexrc - (1a316c6)
• Align Transifex config to current directory structure, and add a client for Windows - (40bfb69)
• Require new step in release job, fix /tmp naming - (1fb805d)
• Attempt to compile a QT6 binary for Linux ARM64 / RaspiOS - (5dc2bc4)

Localize

• Update compiled .mo translation files - (ae730a8)

Contributors

• @ansgarbecker
• @ in #2514

Bump version for v12.19 release

Docker Images

Docker images have been built and pushed:

Docker Hub:

• alexta69/metube:latest
• alexta69/metube:2026.06.20

GitHub Container Registry:

• ghcr.io/alexta69/metube:latest
• ghcr.io/alexta69/metube:2026.06.20

Changes

• fix open download of cookie files (ce897ee)
• upgrade dependencies (dd1b4c2)

The diffoscope maintainers are pleased to announce the release of diffoscope version 321. This version includes the following changes:

[ Chris Lamb ]
* Fix compatibility with Ocaml 5.4.1.

You find out more by visiting the project homepage.

The diffoscope maintainers are pleased to announce the release of diffoscope version 320. This version includes the following changes:

[ Chris Lamb ]
* Support androguard 4 and previous versions. Thanks, linsui!
  (Closes: #1140016)
* Use --long-form arguments when calling apktool in order to support apktool
  version 3. Thanks again to linsui. (Closes: #1140015)
* Update copyright years.

You find out more by visiting the project homepage.

Creating Euro Truck Simulator 2 and American Truck Simulator is a collaborative effort involving many talented teams across SCS Software. While map designers, artists, programmers and more build the driving experience, another team works alongside them to ensure everything functions exactly as intended before players hit the road.

David - ATS Map QA Lead

Ivan - World Map Design QA Lead

Through work, I have paid license to windsurf (recently renamed to "devin"), an application for LLM-based (aka, "Agentic") development.

I hadn't been using it that much, but in an effort to more clearly understand how this whole AI development thing works, I decided to give it a closer look recently.

My conclusions:

In its current form, this whole LLM wave is problematic for multiple reasons. But ignoring that, and looking at the technology only, I can say that:

• it is a paradigm shift;
• it is, at the technological level, a positive evolution;
• and it is a threat to free software.

Problems

Lest someone (incorrectly) assume that I am arguing in favour of the current state of affairs with regards to LLMs, let me state this first.

The way LLMs are built today is highly parasitic. Websites are downloaded in whole, at unsustainable rates, regardless of the consent of the people who made the original content. The result is predictable: servers get overloaded, server administrators attempt to implement various mitigations. Some of these mitigations work; some do, for a while; some are entirely useless. In actual fact, the mitigations are an arms race -- if too many people implement the same mitigation, then the people who try to build yet another LLM so they can extract rent will just try to work around the mitigation, eventually they will succeed, and you'll just have to come up with another mitigation. It's a bit like spam; you introduce regex-based spam filters, they introduce spelling mistakes, you introduce bayesian filters, they add a large batch of markov chain-generated semi-nonsense words made invisible by markup, you add filters to block emails with such markup, they move the text into an image. We have working mitigations today, but eventually we'll run out of ideas.

LLMs glob up everything they can while ignoring the license of the source material. The people who push those LLMs claim that pushing the source material through the machine learning algorithms makes the output of the algorithm distinct enough from the source material that the license no longer applies; I'm not so sure that this is true. I guess the New York Times v OpenAI lawsuit will teach us some of the answer to that question here, but even so the ethical questions about "is it OK to bring down another server just so we can download the internet for another for-pay LLM" are still open. And regardless of what the law states, my opinion on "you're using my copyleft code to generate code under a different license" is not something you might like if you agree with the rent seekers' opinion on the subject.

That all being said and true, the technology works. You can have a "conversation" with an LLM that resembles a human one. If you pass it some data, you can use plain english to ask it questions about that data, which is a lot easier than to ask it about that in a formal way. You can request it to generate some code, and it will generate something that looks like what you need and that will be mostly correct for like 95% of the time.

Now, yes, 95% of the time is not 100% of the time, and no, you can't ask it to "write me a piece of software that implements this 300-page requirements document and get back to me when you're done", because it will fail, and you won't know where it has failed, and you'll take it into production and expect everything to be fine because it won't and this one minor logic bug will cause half your servers to spin and consume credits with your infrastructure provider with nothing to show for it.

But that doesn't mean you can't use an LLM to build a large piece of software. It just means you have to understand the LLMs limitations and strenghts, and use them correctly.

Here's what an LLM is good at:

• Generating plausible text
• Interpreting text to figure out what a plausible meaning or summary of that text is
• Giving vague indications as to what the probable context of a given body of text is.

It turns out that that's enough to use the LLM to build a reliable piece of software, provided you do it right.

Paradigm shift

An LLM can generate text by the truckful. The generated text could be code. Given a good enough LLM, the generated text might even run and do something useful.

You can try to blindly run the code, and if it doesn't run correctly, you can paste the error message to the LLM, and it can tell you what went wrong and how you could possibly fix it. This creates a feedback loop: you ask it for an amount of code, you run the code, you receive an error, you tell it that the code is problematic and give it the error message, it makes changes to the code, now you have something that at least no longer fails at startup.

If you ask it to add tests to make sure that your code acts as per your specification, now you get an error if and when the code doesn't act as per your specification. Or, well, at least not as per the part of the specification that was correctly turned into a unit test by the LLM.

LLMs have a context window, so if the error message is pasted in the same conversation as where the code was generated, it is able to reuse the earlier prompts to refine how it should interpret the error message that you received.

You can't really paste the source code of an entire application into the prompt of your LLM, that would quickly overrun its context window. But LLMs also allow you to provide some form of background information -- a document, say -- on which you ask it to reason. It will interpret that document, but doing so uses less of the LLMs context window. So providing the LLM with your application's source code as background information can help it understand better how your code interacts. This is especially helpful if you only provide the LLM the background information relevant to the actual question.

So now if you are able to:

• Create background context with your application's source code
• Have the LLM generate a first draft of your requested change, plus the tests to make sure it works
• Compile (if applicable) the generated code (and tests) and run said tests
• Return any error messages to the LLM with a request to correct the error

Then the combination of "getting it 95% right off the bat" and the above feedback loop means you can generate syntactically correct code, that probably does what you need, in minutes.

I say "probably" for a reason. There are going to be cases where you specify a request without a number of details (because they are implied), and the LLM will get most of those details right but just not implement the one bit because it's an automaton and it doesn't think. Or you will ask it to make sure that two bits of the application look exactly the same, without specifying that they must act the same, now and in the future, and it will just generate the same block of code twice and then in a future change it will change one but not the other.

But if you review the changes, and you have experience as a programmer, you will be able to spot most cases where the LLM got it wrong. And so it's possible, if not necessarily easy at first, to use an LLM to generate mostly correct code.

There are certain places where "mostly correct" code is not desireable. But equally, there are also cases where, "mostly correct" is good enough.

After all, most of the software you run today -- the bits of it that weren't, yet, generated by an LLM -- is only "mostly correct", too, because to err is human and we all make mistakes. If not, there wouldn't be any CVEs and your software would never do anything wrong.

Now, doing the feedback loop described above is certainly something you could do manually. You could open an account on one of the LLM websites, upload the source code of your application, ask it to generate some new feature, download the newly generated feature, run it, and then copy/paste any error messages back into the LLM.

But that's a lot of manual work of the type that computers are pretty good at. So that's what the "windsurf" tool helps you with: you run it inside your IDE -- either a VSCode-based tool that you download from their website which comes with their product preinstalled, or a separate JetBrains plugin that you can install. You can then open your entire relevant codebase in a workspace in your IDE. You then ask the LLM, through the IDE, to generate a new feature in your codebase, and to also generate the test while it's at it. It will use a mixture of LLM interpretation and non-LLM functionality to scoop out the relevant bits of your codebase to send to the LLM as background information, will send it your prompt, will download the generated code and patch or create files, will compile (if required) and run the newly generated code and tests, and will refine the generated code if the tests produce any errors. All mostly automatic; by default, running anything requires explicit confirmation. You can turn that off completely (probably not a good idea), or you can give it a whitelist of things that you don't want to confirm (perhaps OK), and the tool also passes standing instructions to the LLM to never generate any command that deletes a file (which, like with any LLM, can be overridden, but it requires you to be very stubborn and to use more credits than you'd probably like).

All this put together means you can build something without writing any piece of code, provided you do it right.

A technically positive evolution

Don't go and say, "here's a 300-page document, read it and write whatever the document says". It will get it wrong, it will write a massive test suite that it will only run at the end, it will choke itself up trying to interpret the massive amount of failures it encounters, it will fill up its context window and it will start to forget some of the requirements. That won't work.

But what you can do -- what I did, in fact -- is this.

First, create an empty workspace. Don't put any code in it.

Then, tell the LLM to generate a backend framework using technology X and a frontend framework using technology Y that initially only says "hello, world". Also add tests to it, and run the tests.

It will do that. You'll not get much, but it will work.

Then, ask it to add some UI elements. A login page, perhaps. A navigation bar. Small things. Most of it doesn't have to be functional -- but tests must be there for the bits that are, and have it run the tests and evaluate the results.

Rinse, repeat, until you have a working application.

Importantly, in between the steps, you should also run the application yourself and see if the change was implemented correctly. Sometimes it won't be. Sometimes there will be a subtle bug -- I at one point had a the application hang after a few minutes. Sometimes you tell it that there's a subtle bug, and it will discover it more quickly than you could, and it will fix it, and in implementing the fix it will uncover another bug, and then you have to fix that one -- the fix it came up with for the hang was to move something to an async process on the server, which caused the application to start spinning while trying to create hundreds of async jobs (this is when I realized that the hang was a deadlock due to some part of the codebase doing something that indirectly triggered itself). Sometimes it will try to fix the bug you tell it about, and you'll see that it's going off on a tangent that has nothing to do with what you're seeing. It's important to keep an eye on what it's doing, so you can guide it back on track when that happens -- when I told it about the hang, it started investigating the part of the code which sends out emails, thinking that it could hang while waiting for sendmail to finish, but the hang was happening when the application was idle, not when it was sending out emails, and only when I told it about it happening when it was idle did it find the deadlock.

So it's not a fully automatic process, and it needs to be guided by someone who knows what they're doing. But if that is the case, you can come up with something that works. I spent evenings and breaks for about a week, and I managed to create a working application which, had I written it by hand, would have taken me a few months of full-time work to come up with. And I now have a side project, fully complete and working, that I had been thinking about doing for more than a decade, but never got around to actually doing, because of all the work that would be involved and I just didn't see myself having the time for.

It's not perfect code. But it's mostly good enough, and it will perform the job it needs to. And it looks far slicker than most of the side projects I've done in the past, because in the past I would prioritize between implementing new features or making something look slick, and I would decide that the new feature was more important because it's only for me and there's only me and nobody cares if it looks good or not and I don't have three weeks to come up with something that looks better. But here, I found myself sometimes spending 10 minutes writing a prompt with instructions on making things look better. Because what's 10 minutes when you just spent an hour writing down and refining specifications for functionality and tests?

There are a number of other things in which an LLM can help a programmer.

For instance.

I received a bug report recently in a project I'm paid to maintain that I couldn't make heads or tails of. I opened the source code in my windsurf IDE, pasted the bug report in the prompt, and then requested the tool to analyze the source code and the associated logs and tell me how the described behavior could be happening. It turned out that I had overlooked something, but with the help of the tool, I found the bug in minutes.

I was trying to understand a particular part of a large codebase that I didn't really grasp very well. I loaded the codebase in the tool, and asked it to explain to me how a particular action is performed by the code. I requested specific functions and line numbers. I now have a far better understanding of how the code works, and will be able to write that patch that I've been wanting to write for years -- without using the LLM.

I have been struggling for, literally, years with understanding why another tool that I maintain was misbehaving in a particular way but only in Firefox. I opened the codebase in Firefox, explained the buggy behavior in plain English, and asked it to explain how this could be happening. It picked up some obscure corner case behavior of ffmpeg and mp4 containers that I was not aware of and that perfectly explained why things were misbehaving in the way that they were.

At the same time, there are limitations. Giving an LLM a codebase that was originally generated by an LLM (either the same one or another one) seems to work well. Giving it a codebase that was written by a human and expecting it to correctly update it seems to be more error-prone. I did one or two of those as a trial, and it is more problematic than anything.

An LLM is also not intelligent, notwithstanding the popular term of "Artificial Intelligence". On multiple occasions, I've asked it to write a test case for some code that was not set up to do so; and rather than suggesting a refactor is required, it would instead copy the code that needed to be tested and then test the copy, rather than the original. The tool has made multiple similar errors. I have sometimes people describe agentic coding as "similar to interacting with junior programmers", but that is not the case. A junior programmer will either fill in the gaps in your specifications, or ask for clarification when something seems off. The LLM will not do that; it will do what you ask, exactly that and nothing more. If you missed a corner case in your specification, then all bets are off.

I remember learning about programming language generations in college. A first-generation language is "machine code", a second-generation language is "assembler", a third-generation language is any high-level language such as C, Perl, or Pascal. I've forgotten what set a 3rd-generation language apart from a 4th-generation language. But I remember the definition they gave me for a 5th-generation language: "you tell the computer what to do, and it will do it". At the time, I thought it was ridiculous. Nobody could ever write something like that.

But it's here.

And it's a threat to free software.

A threat to free software?

Yes.

There is the obvious part where most of the well-known LLMs are non-free software. I mean, there are some "open source" LLM models. The windsurf tool that I used doesn't allow you to use them (directly), but they're there. There are also open source applications that implement what the windsurf editor does. So it's definitely possible to work like this without resorting to non-free software and non-free services, even though the non-free LLMs might be a bit ahead of the curve of the free ones. But that's not what I mean.

And there is also the obvious thing which I mentioned earlier in this post, which is that the people who try to build LLMs are doing it in unethical, disgusting ways, causing downtimes and disregarding licenses for whatever they can get their grubby hands on. Ideally we wouldn't be in that situation, and ideally this wouldn't be a problem, but we are where we are.

And there's the obvious thing where the OSI sold itself out and declared that a machine learning program can be open source even when the very things it was built from -- the training data -- is not available. That's a major issue that the free software community needs to fight against, but there's not really anything that that is a threat to free software. You just build your own, free software, LLM, and you're done.

The actual threat is in funding and developer support.

Most large businesses do not care about free-as-in-freedom software. They like the free-as-in-beer part, and they appreciate that the free-as-in-freedom bits can make the software more customizable. They are (mostly) happy to do sponsorships of the free-as-in-freedom projects that they use if that means their free-as-in-beer usage of the software gets improved.

But why would you care about all that when you can just generate the code you need, rather than interacting with an open source community that may or may not care about your business's interests?

Where to go from here

Although I think the moral and environmental issues with LLMs are real and problematic, given the experiments I did I am not convinced that the concept of interacting with a computer system in natural language and to use it to generate code is necessarily deficient. There are pitfalls, but they can be managed. It is possible to use such a system to create throwaway, proof-of-concept type "good enough" code bases. It can be used to interpret code bases and to understand bug reports.

I believe that the major issue with LLMs has to do with that saying about hammers and nails:

If all you have is a hammer, then everything looks like a nail.

LLMs are an outgrowth of machine learning, pushed by large corporations. These large corporations have a lot of money. If all you have is money, then every problem can be fixed by throwing more money at it. The initial language models were promising but not (yet) good enough, and it seemed that one way in which they could be improved was to increase the scale of the statistics: throw more hardware (and thus money) at it, and rather than improving the efficiency of the models, just scale up.

Scaling up is something that megacorporations are very good at. It's only a money problem, after all. Does that mean that "scaling up" is the only way to improve the models, though? I'm not convinced.

Some hardware, such as most modern Apple and Samsung devices, ship with accelerator hardware for machine learning algorithms. There are some models that are small enough to be able to run on these devices. I don't see why it should not be possible to create a small(er) language model that can do some useful part of the above-described use cases; if not locally, then at least on a server that one can run on-prem rather than requiring that you pay rent to one of the LLM companies.

The Software Freedom Conservancy has published an aspirational statement on machine learning-assisted programming that, I think, gets a lot right. It's not quite a definition, but it's something to keep in mind.

Perhaps that's the way forward?

More questions than answers at this point, anyway.

Releases Notes for 30.2.4

Windows Installer
Windows No Installer (zip)
macOS - Universal
Linux - deb, AppImage or rpm

Windows intel x32 releases are marked -ia32-

ChangeLog:

• Uses electron 42.4.1
• Updates to draw.io core 30.2.4.

Every smart home has them: the older devices that still work perfectly well but no longer fit neatly into a modern setup. Instead of letting them gather dust in a drawer, the Open Home Foundation’s projects can help you bring them back into the fold. Here’s how a little proxying can give your beloved old gear a new lease of life, and keep your smart home that bit more sustainable.

There has been a video blog post recently published with a review of Ubuntu Touch as an option to opt out of the Android world: https://www.youtube.com/watch?v=wTK6TS3pXgc

Thanks to @SwitchandClick for spending time on this and publishing that video. Much appreciated.

Many Issues amended in upcoming 24.04-2.0 Release

When I watched that video referenced above, I continuously thought: ah... this is fixed in the next major release of Ubuntu Touch, or: ah... this is a known issue that we have on the roadmap..., or: ah... this is done in this ways by design (so it's a feature or basic functionality)...

Let me just state, that most of the criticized aspects will be resolved in upcoming Ubuntu Touch release 24.04-2.0 (the tests in that video blog post have been run on Ubuntu Touch 24.04-1.x):

• Camera notch and rounding corners get honoured now by the UI
• Ubuntu Touch's default webbrowser (Morph Browser) has been bumped from Chromium engine v87 (Qt5 based) to v134 (Qt6 based), installing another browser should not be necessary anymore (note that the privacy level in Morph Browser is pretty high, so using other browsers could mean a loss of privacy).
• Bluetooth pairing agent got added to the bluetooth indicator
• Ubuntu Touch now supports Snaps on CLI level and in the OpenStore app
• Libertine has received fixes, but no substantial improvements. It mainly targets users who want to use their Ubuntu Touch device as desktop daily driver. Libertine-provided desktop apps UI-wise are often not usable on a phone-like device.

The full feature preview of the 24.04-2.0 release can be found here: https://ubports.com/blog/ubports-news-1/ubuntu-touch-24-04-2-0-beta-is-n...

Ubuntu Touch App Ecosystem

The app ecosystem of Ubuntu Touch is quite specific, because many apps in Ubuntu Touch have been explicitly developed for Ubuntu Touch using a widget toolkit called Lomiri.Components. However, in Ubuntu Touch we also encourage developers to provide apps written with other convergent-capable toolkits, such as QQC2-based apps or Kirigami-based apps.

One reason for the very different app ecosystem in Ubuntu Touch is that many service providers don't have Ubuntu Touch on their radar when investing in app development for their services. Some Ubuntu Touch App Developers work around this by either implementing unofficial client apps for web services (e.g. the Flow app for Deezer by Sander Klootwijk), others provide the web service via implementing a web app (will not work when offline, but at least will show up as an app in the launcher).

The overall solution for making Open-Store.io more familiar to users who migrate from Android is that commercial service providers start honouring digital sovereignty and start providing apps for Linux. Not just for the Linux desktop, but also for mobile Linux platforms. This dual use case can easily achieved with an app development that bears convergence in mind.

App Ecosystems are also a Matter of Perspective

And one more minor note: whenever I open an Android appstore or can peak over someone's shoulder using an iOS device: I always wonder: what are all these apps about??? Never heard about them.

So, familiarity really depends on perspective. And perspective depends on what you are used to. Change what you do and your perspective will follow.

Ubuntu Touch's root filesystem (rootfs) is Immutable

Only thing from that video blog post that we haven't fixed and won't do so in the midterm future is apt-get not working on the command line.

The reason for this is: the Ubuntu Touch root file system is an immutable file system and thus shall not be changed via apt-get & friends by ordinary users.

There are various discussions ongoing such as dpkg-divert'ing apt-get to a wrapper shell script that spits out an error message if rootfs is mounted read-only and someone tries to install packages the Debian/Ubuntu way. Other approaches are to mount some RAM disk over the rootfs, so apt-get can be used at runtime but changes to the system get reset at reboot.

However, it is possible to mount the root filesystem read-write and test newer package versions (as UT core developers do regularly, in fact). If you tinker with this, it is recommended to reflash your device (don't wipe user data, when you reflash!) from time to time, because adding packages or package upgrades to your rootfs may over time corrupt the integrity of the rootfs.

One reason for apt-get breaking the rootfs and thus your Ubuntu Touch development device is that the upgrade process of the rootfs image is incremental, so update tarballs sometimes contain only those parts that got changed between this and your previous upgrade (sometimes, upgrades contain a complete rootf image, depending on the interval between upgrades). If files from an incremental update tarball mix into a rootfs that got tinkered with via apt-get, you really end up on your own. Re-flashing will grab the complete rootfs tarball and wipe the whole rootfs and reinstall a fresh version of the newest rootfs image. Developers also do this in regular intervals to ensure their test device is clean again before running more/other tests.

We are excited to announce that the 1.60 update for Euro Truck Simulator 2 is now officially released! Let's dive in and take a look at what's in store.

As always, we would first like to thank everyone who participated in the open beta phase and helped us fine-tune all the new content by reporting issues to the dedicated section on our forum. Now let's see what's new in the 1.60 update!

Game Radio

With the 1.60 update, we are introducing Game Radio, a brand-new in-game radio system designed to make every drive feel more immersive and authentic. Rather than just playing music, Game Radio gives you five stations with their own distinct sounds, identities, and moods, each one built to shape the atmosphere of your journey in a different way.

Players can tune into Rust FM, Escape, PUMP IT!, Pop Gear, and Roadio, spanning guitar-driven rock and American roots music to electronic, pop, and lo-fi. Each station features carefully curated tracks, handpicked to hold up across many hours on the road. Escape is also a radio station designed to help content creators, and we are committed to do our best to keep it stream-safe.

Game Radio also introduces a new in-game widget displaying station info, track titles, and artist names while driving. Players can customize widget behavior through the Widget Options menu (F6). This update also brings a range of improvements to the existing radio and music player systems.

Game Radio arrives with its musical foundation in place, with more planned for future updates. You can find out more information about Game Radio in our dedicated blog post.

Improved Material System

The Improved Material System significantly improves the lighting and visual quality of vehicle interiors in selected trucks. Its main focus is to enhance how interior materials react to light, which results in a more readable, detailed, and visually pleasing cabin environment.

During the development of Project Road Trip, we implemented a wide range of visual and technical improvements. One of the most significant changes was a redesign of the materials used in vehicle interiors. As a result, it makes differences between materials such as leather, fabric, plastic, and metal far more apparent, even in low-light conditions. The new solution uses multiple variants of dynamic cubemaps, allowing all materials to reflect their surroundings more naturally and respond to ambient light in a more realistic way.

The entire system was designed from the start with the interiors of trucks in both games in mind, so the base games and their existing fleets will gradually benefit from these improvements as well. The first trucks to benefit from the Improved Material System in ETS2 are the DAF NGD and MAN TG3 TGX models. With future updates, we will gradually add this technology for other trucks across both games. You can read more about this feature here.

Light Tweaks

We have carried out minor adjustments to the global lighting, primarily focused on exposure and contrast balancing, along with subtle visual refinements for bad weather conditions. The work mainly consisted of smoothing out and polishing the overall visuals to achieve a more consistent and refined look.

Volvo FH Series 6 Update

With this update, truckers can customize their Volvo FH Series 6 with a selection of several new aerodynamic parts, including the newly designed aerodynamic roof deflectors available for the Sleeper Cab, Globetrotter, and Globetrotter XL cab variants. These updated components help create a smoother and more refined roof profile, blending seamlessly into the truck's overall design.

Alongside these additions, all Aero cabin variants also have the option to add new distinctive black aerodynamic A-Pillar trim, as featured on the newest generation of Volvo FH truck. These new additions reflect Volvo Trucks' ongoing efforts to improve aerodynamic efficiency and optimise airflow around the cab to help enhance energy efficiency and overall vehicle performance.

Job Details Widget

Based on feedback from our #BestCommunityEver and upcoming widget designs, the Job Details Widget is introduced with the 1.60 update. Its primary purpose is to enable a new, more immediate, and concise way of displaying relevant job info. Also, in response to community feedback, the GPS now displays the estimated arrival day and time, along with the remaining travel time and distance.

You can enable the Job Details Widget through the Widget Options menu (F6). The widget displays key job information, including cargo type and weight, delivery location, job income (colour-highlighted), and the remaining time to complete the job, so players will have this info available immediately without the necessity to pause the game. You can read more about the feature here.

Expanded Rest Mechanic

This new feature gives players greater control over their rest periods by allowing them to choose how long they want to sleep and exactly when they want to wake up, instead of being limited to a predefined rest duration.

Alongside this change, the Fatigue system is now split into two separate values: Rest State and Mandatory Break, each represented by its own icon in the UI.

The Rest State, symbolised by a bed icon, now gradually depletes rather than recovers over time. Extended periods of driving will steadily reduce the Rest State, while resting will restore it at a faster rate.

The Mandatory Break system, indicated by a "P" icon along with the remaining hours before a required stop, functions more strictly. In Euro Truck Simulator 2, drivers may drive for up to 10 hours before taking a mandatory break, which requires 9 consecutive hours of rest. You can read more about this feature here.

Changelog

Vehicles

• Volvo FH Series 6 Update

Visual

• Improved Material System
• Light Tweaks

Sound

• Game Radio

UI/UX

• Job Details Widget
• Expanded Rest Mechanic

Docker Images

Docker images have been built and pushed:

Docker Hub:

• alexta69/metube:latest
• alexta69/metube:2026.06.18

GitHub Container Registry:

• ghcr.io/alexta69/metube:latest
• ghcr.io/alexta69/metube:2026.06.18

Changes

• Incorporate PR feedback (04b9366)
• Create AUDIO_DOWNLOAD_DIR in Docker image (d157444)

Postfix stable release 3.11.4 and legacy releases 3.10.11, 3.9.12, 3.8.18

[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.11.4.html]

This release addresses five low-impact problems that need to be addressed as they can reduce safety margins.

In addition to updated releases for the supported Postfix versions 3.8-3.11, patches will also be available at the Postfix source mirror sites for the out-of-support Postfix versions 2.9-3.7:

• postfix-3.1-3.5-tlsa-death-patch (for Postfix 3.1 .. 3.5)
• postfix-3.6-3.7-tlsa-death-patch (for Postfix 3.6 .. 3.7)

• postfix-2.9-3.3-input-limit-patch (for Postfix 2.9 .. 3.3)
• postfix-3.4-3.7-input-limit-patch (for Postfix 3.4 .. 3.7)

These patches come with the same PGP, GPG1 and GPG2 signatures as Postfix release tarballs and patches.

Fixed in Postfix 3.8-3.11:

• Bug 1 (defect introduced: Postfix 3.1, date 20150607): null pointer read and heap data overread in the Postfix SMTP client's smtp_dns_reply_filter. Problem reported by TristanInSec, found with ASAN. Also reported by other people. Reproduction and real-world impact researched by Wietse.

  • Root cause for bug 1:

    A missing 'break' statement after the code that converts a TLSA record to string.

  • Reproduction for bug 1:

    The problem happens when smtp_dns_reply_filter is configured (this is disabled by default); the Postfix SMTP client is configured to use opportunistic or mandatory DANE authentication (this is disabled by default); the destination domain publishes a TLSA record that is empty or shorter than 20 bytes; and the OS is configured to use a resolver that passes such a TLSA record. For example, a zero-length TLSA record is blocked by BIND, Google DNS, OpenDNS, and by configurations that use systemd-resolved (the default on many LINUX systems); it is passed by Cloudflare, Quad9 DNS, and unbound, as long as these resolvers are used without systemd-resolved.

  • Impact statement for bug 1:

    SMTP client termination with a null pointer read crash when the TLSA record length is zero; or an SMTP client data overread (or rarely, SMTP client termination with a read segfault crash) when 0 < record length < 20 bytes. The overread content is not disclosed.

  • Performance impact of bugs 1 and 2:

    The impact of SMTP client crashes (voluntary or not) is easily overstated. That said, crashes must be eliminated regardless of their impact.

    On systems that deliver fewer than one message per minute, an SMTP client crash can result in a delay of up to one minute for email delivery to other destination domains.

    On systems with a larger traffic volume, the impact of an SMTP client crash on deliveries to other destination domains is minor because Postfix reuses SMTP client processes and replaces a failed process within seconds (self-healing); the practical impact is believed to be no worse than that of an uncooperative receiver that tarpits SMTP connections from Postfix to one or more destination domains under their control (by replying within Postfix SMTP client read time limits which are several minutes by default).

• Bug 2 (defect introduced: Postfix 3.6, date: 20200710): panic (assertion failure and voluntary crash) while parsing a TLSA reply with length 3. Found during code maintenance. See below for root cause, reproduction, and impact.

  • Root cause for bug 2:

    An incorrect test 'length < 3' instead of 'length <= 3' causes a safety check to fail when a TLSA parser attempts to create zero-length storage for a non-existent TLSA certificate association data field.

  • Reproduction for bug 2:

    The problem happens when the Postfix SMTP client is configured to use opportunistic or mandatory DANE authentication (this is disabled by default); a destination domain publishes a TLSA record with a length of three bytes; and the OS is configured to use a resolver that passes such a TLSA record. For example, a length-three TLSA record is blocked by BIND, and by configurations that use systemd-resolved (the default on many LINUX systems). It is passed by many other resolvers.

    Bug 2 enables an attack that is more potent than bug 1.

    • An attack with a length-three TLSA reply does not depend on smtp_dns_reply_filter configuration.

    • An attack with a length-three TLSA reply propagates through more resolvers than an attack with a length-zero TLSA reply.

  • Impact statement for bug 2:

    SMTP client voluntary termination (crash) after an assertion failure. This is a fail-safe mechanism.

    See also above for "Performance impact of bugs 1 and 2".

• Bug 3 (Problem introduced: Postfix 2.9, date: 20110205) Robustness: the Postfix SMTP server will no longer receive (and discard) an unlimited amount of text while receiving a long SMTP command line. Problem reported by Michael Wollner (Ibonok). Under high load conditions, the amount of text was already limited by a 10-second deadline to receive an SMTP command.

• Bug 4 Robustness: with the above change the Postfix SMTP client will no longer receive (and discard) an unlimited amount of text while receiving a long SMTP response line.

• Bug 5 (Problem introduced: Postfix 3.4, date: 20180825) Robustness: do not receive (and discard) unlimited amounts of data with BDAT commands. Problem found during code maintenance. File: smtpd/smtpd.c.

  • Impact statement for bugs 3, 4, 5:

    Postfix should not receive and discard unlimited amounts of input in SMTP command lines or BDAT chunks, but fixing that will not fundamentally change the situation.

    By design, any SMTP client can force a server to receive (and discard) an unlimited amount of text.

    For example, an attacker can repeatedly send messages that are a little under the server's message size limit and abort each transaction a before reaching the message end. When sending a message with the "DATA" command, an attacker would disconnect instead of sending <CR><LF>.<CR><LF>; and when sending a message with the "BDAT" command, an attacker would send "RSET" instead of "BDAT LAST".

    To mitigate such abuse, Postfix can rate-limit the number of message transactions from the same IP address or address range (see smtpd_client_message_rate_limit and *prefix_length parameters). Such a defense is ineffective when faced with a distributed attack (botnet); for that, postscreen combined with an IP reputation service (DNSBL) may be more effective.

You can find the updated Postfix source code at the mirrors listed at https://www.postfix.org/.