390: Eating the License Cake
26 January 2021
Successful open-source projects all seem to struggle with one major gorilla. Who it is, and what their options are now.
- Security Disclosure 2: vulnerabilities in custom integrations HACS, Font Awesome and others - Home Assistant — Multiple custom integrations were found that allowed an attacker to steal any file without logging in. Previously implemented fixes were not sufficient.
- FEDORA-2021-48866282e5 — security update for chromium — Fedora Updates System — I gave a lot of thought to whether I wanted to continue to maintain the Chromium package in Fedora, given that many (most?) users will be confused/annoyed when API functionality like sync and geolocation stops working for no good reason. Ultimately, I decided to continue for now, because there were at least some users who didn’t mind, and if I stopped, someone else would start over and run blindly into this problem.
- Introduction to Elasticsearch - YouTube
- Stepping up for a truly open source Elasticsearch | AWS Open Source Blog — In order to ensure open source versions of both packages remain available and well supported, including in our own offerings, we are announcing today that AWS will step up to create and maintain a ALv2-licensed fork of open source Elasticsearch and Kibana.
- AWS, as predicted, is forking Elasticsearch | ZDNet
- All Jupiter Broadcasting Shows
- Jellyfin 10.7.0 Release Changelog — SyncPlay for TV shows and Music, significantly improved web performance, an upgrade to .NET SDK 5.0 for improved performance in the backend, and more!
- Jellyfin 10.7.0 RC3
- LWN.net - Wikipedia
- Welcome to LWN.net [LWN.net]
- Jonathan Corbet - Faces of Open Source
- Pick: polybar — A fast and easy-to-use status bar
- Pick: dust — A more intuitive version of du in rust
- Pick: Waybar — Highly customizable Wayland bar for Sway and Wlroots based compositors.
Linode Cloud Hosting
A special offer for all Linux Unplugged Podcast listeners and new Linode customers, visit linode.com/unplugged, and receive $100 towards your new account.
Oh Dear monitors uptime, SSL certificates, broken links, scheduled tasks, and more. We send out notifications when something's wrong. All that paired with a developer-friendly API and kick-ass documentation.
A Cloud Guru
Hundreds of courses, thousands of hands-on labs.