Linux - The Good Stuff is a book bundle by No Starch Press that really has good stuff! Including the book I recommend to everyone starting with Linux - "How Linux Works" by Brian Ward and "The Linux Programming Interface" by Michael Kerrisk for those who want to know how Linux works, but on the API level.
There are some other interesting books as well. Yet, this bundle is not cheap: you have to pay at least €56 unlike the usual €20-25 to unlock it.
#books #linux
There are some other interesting books as well. Yet, this bundle is not cheap: you have to pay at least €56 unlike the usual €20-25 to unlock it.
#books #linux
Humble Bundle
Humble Tech Book Bundle: Linux, the Good Stuff by No Starch
Unlock new levels of freedom and creativity when you use Linux—master the ins and outs of Linux today and help support charity!
😱3
A new issue of CatOps Digest is here!
https://newsletter.catops.dev/p/catops-digest-2026-04-04
#digest #newsletter
https://newsletter.catops.dev/p/catops-digest-2026-04-04
#digest #newsletter
newsletter.catops.dev
CatOps Digest 2026-04-04
What was on CatOps in the last couple of weeks
❤13
From time to time, I share a standing jar for FPV drones for a guy from my wife’s hometown.
Today, I’d like to share a fundraiser for rehabilitation of his brother-in-arms, who lost his leg near Kostiantynivka. Now he needs to undergo a series of surgeries. Here’s a Monobank jar to help him financially:
https://send.monobank.ua/jar/5AmpbpVRxm
Card number:
4874 1000 2602 4938
#donations #Ukraine
Today, I’d like to share a fundraiser for rehabilitation of his brother-in-arms, who lost his leg near Kostiantynivka. Now he needs to undergo a series of surgeries. Here’s a Monobank jar to help him financially:
https://send.monobank.ua/jar/5AmpbpVRxm
Card number:
4874 1000 2602 4938
#donations #Ukraine
🫡7
Terragrunt has released version 1.0. According to them, this is not about a lot of brand-new features, but a commitment to backwards compatibility within the 1.x branch.
The press-release also has an overview of some features that Terragrunt has.
#terraform #terragrut #opentofu
The press-release also has an overview of some features that Terragrunt has.
#terraform #terragrut #opentofu
www.gruntwork.io
Gruntwork Blog | Terragrunt 1.0 Released!
🔥12👍3🤮1
The Comforting Lie Of SHA Pinning is an article inspired by those supply chain attacks that happened lately.
It shows some quirks of how GitHub works with SHAs, which are quite unexpected. The gist and the main excerpt:
The article also describes the way of how to mitigate this risk in GitHub organizations, if you have one.
#security #github
It shows some quirks of how GitHub works with SHAs, which are quite unexpected. The gist and the main excerpt:
From the platform’s perspective, a fork is a separate repository with a shared object graph/history. When the runner resolves the reference, it ultimately looks up the commit in the Git object database; if that object exists and is reachable, it can be used regardless of which fork introduced it. A commit object is globally identifiable. If the SHA exists anywhere reachable, that is apparently sufficient.
The article also describes the way of how to mitigate this risk in GitHub organizations, if you have one.
#security #github
👍3🌚2
As you may know, LocalStack deprecates their community version starting from the 23rd of March.
So, here are a few alternatives you may consider:
- MiniStack - a free alternative written in Python.
- Floci - another free alternative written in Java.
- Kumo - a lightweight AWS simulator written in Go.
I haven't tried any of them yet. I guess, I'll need to, since I'm using LocalStack to test my open sourced Terraform module.
#aws #localstack
So, here are a few alternatives you may consider:
- MiniStack - a free alternative written in Python.
- Floci - another free alternative written in Java.
- Kumo - a lightweight AWS simulator written in Go.
I haven't tried any of them yet. I guess, I'll need to, since I'm using LocalStack to test my open sourced Terraform module.
#aws #localstack
LocalStack Blog
The Road Ahead for LocalStack: Upcoming Changes to the Delivery of Our AWS Cloud Emulators
We’re simplifying and improving the LocalStack for AWS experience by unifying Community and Pro into one image, offering a free account-based experience for individuals and open source users, and introducing a new CLI (CLI v2) to power the next generation…
👍7
For today’s Donations Monday, I’d like to ask you to help with another smaller scale fundraiser for radio-electronic equipment for the 25th Brigade.
Monobank jar:
https://send.monobank.ua/jar/5cXWfFMLHR
The fundraiser is ~41% complete for now.
#donations #Ukraine
Monobank jar:
https://send.monobank.ua/jar/5cXWfFMLHR
The fundraiser is ~41% complete for now.
#donations #Ukraine
❤3
Yet another article on the topic of technical debt.
It uses Martin Fowler's "Technical Debt Quadrant" to reason about the technical debt and provides some advices on how to address it.
P.S. There is some self-promotion in the end, but it's subtle. So, I would say that this article is still a nice entry point into the topic.
#culture
It uses Martin Fowler's "Technical Debt Quadrant" to reason about the technical debt and provides some advices on how to address it.
P.S. There is some self-promotion in the end, but it's subtle. So, I would say that this article is still a nice entry point into the topic.
#culture
Medium
The Engineer’s Complete Guide to Technical Debt
In this guide, you’ll learn how to prevent, fix and manage tech debt. Understand types of tech debt, the cost of tech debt and more.
This article may upset some people, but this is a very good retrospective on measuring developer productivity, and what the new AI era may mean for this.
The Developer Productivity Trap is a rather long article, but it totally worth the time! Especially, if you work on the “development experience” side of things or is responsible for engineering metrics. It’s especially valuable read, if you’re on the journey of implementing AI assistants in your company.
#devex #culture
The Developer Productivity Trap is a rather long article, but it totally worth the time! Especially, if you work on the “development experience” side of things or is responsible for engineering metrics. It’s especially valuable read, if you’re on the journey of implementing AI assistants in your company.
#devex #culture
Substack
The Developer Productivity Trap
Why Everything We Think We Know About Developer Productivity Is Wrong — And Why AI Is Making It Worse
👍5
Do you trust your colleagues?
An article Stop Using Pull Requests from the same author as the previous article in the channel, argues that they may be not ideal.
The core argument is that pull requests were originally created for low trust open source environment, in which contributors may have never seen each other, and often do not know each other at all. Development teams in the corporate world operate on another set of assumptions.
It's interesting that this article also builds up on the ideas of Thierry de Pauw. IIRC, I already posted his talk "Non blocking Pull Requests" on the channel, but in any case, I can do it again.
The main premise of the article is that you need to adopt T*D practices: test-driven development, trunk-based development, and another made-up T*D practice that basically means pair-programming.
From my experience I can say, that eliminating pull requests is probably not something you can do in a short run, but measuring the waiting time before PRs are merged is a good practice. Another good practice is to team-up on tasks or projects. So, basically pair-programming, but several people can still work on different tasks within a project, share context on this project, and thus be able to review each other's work almost immediately without much context switching.
T*D practices are also nice. Honestly, I have an impression that the majority of people are using the trunk-based merge model and continuous deployment these days. Also, it's interesting how AI can facilitate test-driven development: spec (by human) => test (by a machine) => tests review (by humans) => coding (by a machine).
#culture #programming
An article Stop Using Pull Requests from the same author as the previous article in the channel, argues that they may be not ideal.
The core argument is that pull requests were originally created for low trust open source environment, in which contributors may have never seen each other, and often do not know each other at all. Development teams in the corporate world operate on another set of assumptions.
It's interesting that this article also builds up on the ideas of Thierry de Pauw. IIRC, I already posted his talk "Non blocking Pull Requests" on the channel, but in any case, I can do it again.
The main premise of the article is that you need to adopt T*D practices: test-driven development, trunk-based development, and another made-up T*D practice that basically means pair-programming.
From my experience I can say, that eliminating pull requests is probably not something you can do in a short run, but measuring the waiting time before PRs are merged is a good practice. Another good practice is to team-up on tasks or projects. So, basically pair-programming, but several people can still work on different tasks within a project, share context on this project, and thus be able to review each other's work almost immediately without much context switching.
T*D practices are also nice. Honestly, I have an impression that the majority of people are using the trunk-based merge model and continuous deployment these days. Also, it's interesting how AI can facilitate test-driven development: spec (by human) => test (by a machine) => tests review (by humans) => coding (by a machine).
#culture #programming
Substack
Stop Using Pull Requests
Your team’s code review process is probably an expensive illusion of quality. Here’s what the evidence says, and what to do instead.
🤨8😐2❤1
After painful and not particularly successful adoption path of IPv6, a draft proposal for IPv8 is here. However, it has some critical flaws not on the technical, but on the operational and policy level. In short, in its current form, it would make the Internet more prone to be controlled by a centralized entity.
Here’s the draft itself I haven't read it yet, but now I sure will.
#networking
Here’s the draft itself I haven't read it yet, but now I sure will.
#networking
Substack
We Need to Talk About the IPv8 Draft
The Good, The Bad, and the Heinous
🤡3
The Laws Of Architectural Work is a short article with two important insights about architectural decisions:
- They always come with trade-offs.
- Context matters.
This reminded me of a university professor from back in a day. He used to say: “There is no good solution, there is only an optimal solution for our case”. This phrase pretty much summarizes the whole premise of this article.
In any case, I think it’s an important reminder, taking into account that we can “outsource” more and more coding work, so what we left with is basically architectural work, being it software, infrastructure, networks, or something else.
P.S. This article was written in 2020, so take it into account, when you encounter words “recent” there. I’m digging through my archive of saved articles.
#architecture
- They always come with trade-offs.
- Context matters.
This reminded me of a university professor from back in a day. He used to say: “There is no good solution, there is only an optimal solution for our case”. This phrase pretty much summarizes the whole premise of this article.
In any case, I think it’s an important reminder, taking into account that we can “outsource” more and more coding work, so what we left with is basically architectural work, being it software, infrastructure, networks, or something else.
P.S. This article was written in 2020, so take it into account, when you encounter words “recent” there. I’m digging through my archive of saved articles.
#architecture
Uwe Friedrichsen
The laws of architectural work
Understanding architectural decisions
👍3
A new issue of the CatOps Digest is here!
https://newsletter.catops.dev/p/catops-digest-2026-04-24
#newsletter #digest
https://newsletter.catops.dev/p/catops-digest-2026-04-24
#newsletter #digest
newsletter.catops.dev
CatOps Digest 2026-04-24
What was on CatOps in the last couple of weeks...
👍3
For today’s Donations Monday, I would like to remind you about a smaller fundraiser that I posted several weeks ago. It’s moving, but rather slow. So, let’s boost it!
A fundraiser for radio-electronic equipment for the 25th Brigade.
Monobank jar:
https://send.monobank.ua/jar/5cXWfFMLHR
The fundraiser is 60% complete.
#donations #Ukraine
A fundraiser for radio-electronic equipment for the 25th Brigade.
Monobank jar:
https://send.monobank.ua/jar/5cXWfFMLHR
The fundraiser is 60% complete.
#donations #Ukraine
❤4
Apparently, the Dutch Central Bank is opting for the Lidl cloud instead of a US solution as their cloud provider.
Right now, digital sovereignty may sound like loud promises, but this is one of the main issues the European tech sector will have to solve in the nearest future.
P.S. It’s also a bit funny that a grocery store is completing with a book store in cloud computing.
#cloud #lidl
Right now, digital sovereignty may sound like loud promises, but this is one of the main issues the European tech sector will have to solve in the nearest future.
P.S. It’s also a bit funny that a grocery store is completing with a book store in cloud computing.
#cloud #lidl
discount-retail-consulting
Netherlands: Dutch Central Bank (DNB) goes to Lidl for cloud services
Discount Retail Chain Lidl's sister company Schwarz Digits signs a major contract as a supplier of IT services to the Dutch Central Bank (DNB).This was announced by sales director Bernd Wagner on Monday during a major industrial fair in Hanover. Schwarz Gruppe…
❤15❤🔥3😁1
If you're hosting GitHub Enterprise Server, you need to update to address a recently discovered CVE.
What's interesting about this CVE is that it is a legit CVE that was discovered with AI. As WIZ researchers put it in the related article
Security notice from GitHub.
Fixed versions:
- GitHub Enterprise Server 3.14.25 or later
- GitHub Enterprise Server 3.15.20 or later
- GitHub Enterprise Server 3.16.16 or later
- GitHub Enterprise Server 3.17.13 or later
- GitHub Enterprise Server 3.18.7 or later
- GitHub Enterprise Server 3.19.4 or later
- GitHub Enterprise Server 3.20.0 or later
P.S. These news came from our chat (in Ukrainian).
#security #github
What's interesting about this CVE is that it is a legit CVE that was discovered with AI. As WIZ researchers put it in the related article
Notably, this is one of the first critical vulnerabilities discovered in closed-source binaries using AI, highlighting a shift in how these flaws are identified.
Security notice from GitHub.
Fixed versions:
- GitHub Enterprise Server 3.14.25 or later
- GitHub Enterprise Server 3.15.20 or later
- GitHub Enterprise Server 3.16.16 or later
- GitHub Enterprise Server 3.17.13 or later
- GitHub Enterprise Server 3.18.7 or later
- GitHub Enterprise Server 3.19.4 or later
- GitHub Enterprise Server 3.20.0 or later
P.S. These news came from our chat (in Ukrainian).
#security #github
wiz.io
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown | Wiz Blog
A CVSS 8.7 vulnerability in GitHub Enterprise Server allows remote code execution. Read the threat brief and find vulnerable GHES instances from Wiz.
https://copy.fail/
Basically, you need to patch/recreate with new version everything that interact with not trusted part of internet.
Bug found was AI-assisted, btw.
#security
Basically, you need to patch/recreate with new version everything that interact with not trusted part of internet.
Bug found was AI-assisted, btw.
#security
Xint
Copy Fail — 732 Bytes to Root
CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
🔥4
An interesting application for eBPF: patching your Kubernetes nodes against CopyFail (see the previous post) with a DaemonSet. It is supposed to work even if the
https://github.com/iwanhae/copyfail-ebpf-k8s
#security
algif_aead module is built into the kernel.https://github.com/iwanhae/copyfail-ebpf-k8s
#security
GitHub
GitHub - iwanhae/copyfail-ebpf-k8s: CVE-2026-31431 eBPF fix
CVE-2026-31431 eBPF fix. Contribute to iwanhae/copyfail-ebpf-k8s development by creating an account on GitHub.
😎3
My friends started a helper jar for two pickup trucks for AFU.
More info: https://www.instagram.com/p/DXpgaaWgH00
Monobank jar: https://send.monobank.ua/jar/3U1hBa5WPp
#donations #Ukraine
More info: https://www.instagram.com/p/DXpgaaWgH00
Monobank jar: https://send.monobank.ua/jar/3U1hBa5WPp
#donations #Ukraine
Figma has replaced PGBouncer with their own implementation called PGKeeper written in Go as a connection pooler for Postgres.
I really enjoyed this article, because they go into the implementation depths and describe why certain decisions were taken. Unfortunately, it doesn't always happen in such articles. Also, this is a nice reminder that software engineering is not only about writing CRUDs.
Unfortunately, they do not plan to open source it for now, also because it's too tightly coupled with libraries and approaches Figma uses internally. To be honest, it makes sense for in-house software to aim to one's specific needs rather than being generic enough to be open sourced.
#databases #postgres
I really enjoyed this article, because they go into the implementation depths and describe why certain decisions were taken. Unfortunately, it doesn't always happen in such articles. Also, this is a nice reminder that software engineering is not only about writing CRUDs.
Unfortunately, they do not plan to open source it for now, also because it's too tightly coupled with libraries and approaches Figma uses internally. To be honest, it makes sense for in-house software to aim to one's specific needs rather than being generic enough to be open sourced.
#databases #postgres
Figma
PGKeeper: Building the Bouncer We Needed for Postgres | Figma Blog
This is the story of why and how we built PGKeeper, a scalable and reliable service to support Figma’s rapidly growing products and database workload.
😁4👍2