Hi everyone! 👋
Welcome to cron.weekly issue #151.
A bit of drama, some very cool new projects, a variety of interesting guides/tips and a request for comments section. That’s what I call a good issue! 💪
Enjoy your fresh ☕️ and happy reading.
News & general 🗞
Every year, Digital Ocean holds an open-source support campaign called Hacktoberfest. It incentivizes users to contribute to open-source projects in a meaningful way. As a reward, you get a free t-shirt.
Sounds like fun, but it seems this year there’s been a rush of low-quality PRs that are flooding open-source maintainers. You know, the men & women already struggling to maintain their packages …
It appears to come from one popular Youtuber demonstrating how easy it is to send a PR and get a t-shirt. Nice idea, perhaps poorly executed? The fall-out of this all is hurting maintainers, after all.
If you’re a maintainer and are struggling with lots of PRs, there’s a tool called derek that can auto-close PRs based on criteria you define. Github just rolled out a new feature to temporarily limit repo interactions, too.
Meanwhile, as of yesterday, the rules of Hacktoberfest have been changed: to be eligible, PRs have to be submitted to a repository that has ‘hacktoberfest’ as a repository topic. In other words: it’s now opt-in.
Side note: I still love Digital Ocean for running this program, next year might need some stricter rules but they’ve been contributing to open-source for a very long time and this is the first time it’s had issues.
The change is now: Comodo -> Sectigo -> GI Partners.
Because of the change of ownership, additional CA checks will happen to make sure the new owner has earned the right to remain in the root certificate program. Curious to learn the outcome here.
A fair critique on how even simple Unix/Linux tools have added more & more complexity, to the point where they may have surpassed their original usefulness.
Tools & Projects 🛠
A pure PHP implementation of
youtube-dl, requiring only PHP (and libcurl) without any external dependencies.
Derek reduces fatigue for maintainers by automating governance and delegating permissions to your team and community.
Get comprehensive visibility into Linux out-of-memory errors with Datadog. Visualize OOM error logs, memory utilization metrics, and memory profiles in one place so you can get a complete overview of your system’s memory usage.
Sign up for a free trial today, install the agent, Datadog will send you a free t-shirt! Sponsored
Ali is an HTTP load testing tool aimed to perform real-time analysis, inspired by vegeta and jplot. The results are shown in your terminal in real-time, much like top/htop.
A new version of
grep, mostly covering bugfixes.
A new major release for OBS Studio that allows you to do live streaming and screen recording.
A user flow chart real-time collaborative tool.
This new release adds better support for FIDO keys and announces the future deprecation of the “ssh-rsa” public key signature algorithm.
Stop emailing like it’s 2010 and get a fresh start with HEY. HEY is an all-new take on email designed to give you back control with features like the screener, reply later workflow, file attachment explorer and more. Run your email, don’t let it run you.
Learn more and try it free today at HEY.com. Sponsored
This point release mainly adds corrections for security issues, along with a few adjustments for serious problems.
A client-side code quality tool for PHP, preventing commits unless they adhere to a set of defined rules.
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.
Guides & Tutorials 🎓
This is a neat trick: enter a line of Bash starting with a # comment, then run !:q on the next line to see what that would be with proper Bash escaping applied.
I learned that there’s a new
HTTPS resource record in DNS (like
MX, …)! It can be used to avoid the initial HTTP request to a new website, only to learn it’s being served over HTTPs and will be redirected away. Now, a browser/client can request the
HTTPS resource record instead and avoid the initial HTTP-hit on the origin server (without HSTS).
I didn’t know there was a structure to UUIDs, with meta data hidden inside it to clarify the format used. Cool!
The order in which you define your columns can, in some cases, influence the disk space consumption of your database server! In this example, you can save 10% on disk space used just by re-ordering columns.
A historical look at cgroups and how they can be used to get a better handle on the resources of your Linux server.
gawk is the GNU implementation of the Awk programming language. This guide contains practical examples and demo’s of using it in every-day sysadmin life.
This guide introduces the method of using your own CA to sign/revoke SSH certificates, giving you a bit more flexibility to control server access (especially in larger environments).
Request for Comments 💡
A first release candidate of PHP 8! Lots of things are making it in this release, any help testing will be appreciated.
Fedora 33 is scheduled for release at the end of October, you can now try the latest beta release to help ensure a smooth launch.
It’s your last chance to provide feedback on the QUIC working group (also known as “HTTP/3”), as the baseline requirements are almost nearing a final state.