🚀 Gitea v1.24.0 is here! This release is loaded with 🔒 security, ⚡ performance, and 🛠 quality-of-life improvements: • Mandatory 2FA (TOTP or WebAuthn) for all users via security.TWO_FACTOR_AUTH • Anonymous access now supports private/unlisted repos — browse issues, wikis, and code publicly • New file tree in the repo file view for easier navigation • Fullscreen mode for a distraction‑free project experience • Material icons theme for file lists (enable via ui.FILE_ICON_THEME=material) • ⚡ Performance boosts: database query caching, optimized PR/file list & heatmap loading 🔗 Dive into the full release notes: blog.gitea.com/release-of-1.… #Gitea #Git #DevOps #SelfHosted #DevTools

blog.neon.kde.org/2024/02/28… Today KDE has made its biggest release ever, never before in the 25 year history of the project have we announced so many new products at the same time but it brings the newly refreshed base to keep our software foundation strong. #Plasma6 @kdecommunity

New Blog Post From the @golang team: Fixing For Loops in Go 1.22 You can read the original blog post here: go.dev/blog/loopvar-preview, summary below. The problem The below should print a,b,c right? It will actually print c,c,c. This is due to go.dev/doc/faq#closures_and_… Its also possible to face this issue without concurrency: In Go 1.22, the Go team are changing for loops to have per iteration scope instead of per loop scope. This is kind of a big change, so this will only apply to go programs that declare go 1.22 in their go.mod file, or use the GOEXPERIMENT=loopvar environment variable. Google have been running this change in production since May 2023 and have yet to see any issues with it. Another great milestone and another great blog post by the Go team!

We found a Remote Code Execution vulnerability in every #PostgreSQL database in #IBMCloud 😱 Here is how we did it: 🧵 #HellsKeychain

Multiple error wrapping is coming in Go 1.20 🎉 Try → go.dev/play/p/VjgP4M3GFTJ?v=… Proposal: github.com/golang/go/issues/… There is a new: `Unwrap() []error` behavior too. See: github.com/golang/go/blob/0f… #golang

#golang #gem: Use golang.org/x/time/rate for rate limiting.

Familiar? 🤣 (from @_workchronicles, who are always good for a smile!)

Go

We are proud to present the release of Gitea version 1.17.0 with a lot of new and exciting features. We highly encourage users to update to this version after carefully reading about the breaking changes for some important bug-fixes. blog.gitea.io/2022/07/gitea-…

#golang assembly and source viewer from @egonelbre github.com/loov/lensm

Paldies, cerams te viss smuki izdosies :)

UDP Technology IP Camera vulnerabilities 11 RCE and a complete authentication bypass 😎 Impact also: Geutebruck Ganz Visualint Cap THRIVE Intelligence Sophus VCA TripCorps Sprinx Technologies Smartec Riva randorisec.fr/fr/udp-technol… #0day

I made of one those too😆#oss

Today received my first bug bounty 🎉 Though a bit sad thing that @Microsoft did not fix the problem, so will have to use everywhere my own workaround to fix problems in @dotnet security

Hey, @msftsecresponse @msftsecurity. How providing invalid X-Forwarded-For header through proxy thus hiding real IP address from Microsoft .NET 5 application is not considered security issue? Quite confused... :/

🥳 Go 1.16 is released! 🗞 Blog: blog.golang.org/go1.16 📦 Download: golang.org/dl/#go1.16 #golang

"I have a particular set of skills..."

We've been informed of CVE-2020-14144, and we disagree with rating. We provide admins the ability to run githooks (just like @gitlab and @github), which allow scripts to be run on host. Think: @WordPress admins can install plugins that run arbitrary code, that's not a vuln.