September 16, 2025

Platform

A Go program establishes an HTTP/2 CONNECT tunnel through a proxy server to secure data transmission between a client and target server. It uses the golang.org/x/net/http2 package to create a raw TCP or TLS connection, then sends a connection preface and SETTINGS frame to initiate the tunnel. This allows for efficient port scanning by sending CONNECT requests and monitoring response headers.

Understanding latency percentiles is crucial for reliable systems and performance management. Traditional metrics like mean latency are misleading due to skewed distributions, where a small number of slow requests can inflate the average. Percentile-based metrics like P50, P95, and P99 provide a more accurate representation of system behavior, helping detect regressions and architectural bottlenecks.

A threat group known as WhiteCobra is targeting developers using malicious coding tools dropped into popular marketplaces like VSCode and Open VSX. The group's aim is to drain cryptocurrency wallets through infected extensions, with researchers tracking their activities for over a year. WhiteCobra's tactics have been ongoing for an extended period.

The libcurl library has dropped support for pthread_cancel with getaddrinfo due to potential memory leaks caused by cancelled threads accessing sensitive configuration files. The issue was not addressed by glibc's implementation of getaddrinfo, leading developers to recommend c-ares as a more reliable alternative for applications relying on libcurl.

Companies like GitHub and Jira are experiencing outages and breaches that threaten delivery pipeline reliability, highlighting growing DevOps toolchain vulnerabilities. To mitigate these risks, platform engineers must adopt a robust approach by designing for failure, strengthening security, and reevaluating third-party vendor reliance to prevent fragile foundations from collapsing in modern software development.

Oskar Dudycz's article explores various PostgreSQL topics, including native partitioning for efficient data storage, composing plugins like TimescaleDB and PostGIS, and logical replication using a Write-Ahead Log. The article also tackles common misconceptions about PostgreSQL, such as connection pooling and sequence understanding, emphasizing the importance of tuning queries and indexes.

A long-time KDE contributor reflects on their 25-year journey with the organization, sharing stories of involvement in Linux and a significant role in Qt's open-source development. However, they became disillusioned with the lack of business model, control, and profit sharing among team members, leading to a rift and ultimately leaving their job behind.

A comprehensive report outlines an optimized routing system for city delivery operations, demonstrating significant improvements over industry leaders in route distance, vehicle capacity utilization, and time-window compliance on modest hardware, making it a viable solution with cost savings and faster execution times.

Intel's Arc A750 GPU prototype has been spotted with 16GB of GDDR6 memory and a 512-bit memory bus, double the VRAM and twice the width of the standard model. The engineering sample features two 8-pin PCIe power connectors, differing from the retail version. It appears to be working, but no benchmarking results are available yet.

Laptop users can now upgrade their GPUs with a swappable RTX 5070 module developed by Framework and Nvidia, allowing for customization without replacing the entire device. This feature enables easy component swapping as part of Framework's modular design philosophy, providing an opportunity to upgrade without buying a new laptop.

A tech enthusiast successfully set up Continuous Integration for libvirt on FreeBSD with the help of a sponsorship from the FreeBSD Foundation. However, they faced challenges due to porting issues and missing dependencies, eventually finding workarounds and implementing patches. They also identified areas for improvement, including pipeline simplification and Jenkins integration.