Free, Libre Software; Standards and Security Leftovers

posted by Roy Schestowitz on Apr 14, 2026

• Sacha Chua ☛ 2026-04-13 Emacs news

  Lots of little improvements in this one! I'm looking forward to borrowing the config tweaks that bbatsov highlighted and also trying out popterm for quick-access shells. Also, the Emacs Carnival for April has a temporary home at Newbies/starter kits - feel free to write and share your thoughts!

• Content Management Systems (CMS) / Static Site Generators (SSG)

  • Jakub Steiner ☛ release.gnome.org refactor

    The main work was porting the templates from Liquid to Tera, the same exercise as the blog. That included structural change to shift releases from Jekyll pages to proper Zola posts. This enabled two things that weren't possible before: [...]

• Education

  • APNIC ☛ CDNs, optical communications, and AI at NZNOG 2026

    NZNOG 2026 was held in Christchurch in March 2026. The networking community continues to grow, and the attendee count of 260 was the largest so far. New Zealand is a moderately small island economy in the South Pacific, and it appears to make up for its geographic isolation with its openness to innovation and experimentation. The networking community has a long track record of innovation, both in technology and in the underlying investment models for its network infrastructure.

    Here’s a summary of some of the sessions that I found to be of interest.

• FSF / Software Freedom

  • Alisa Sireneva ☛ Programming used to be free

    I’m deeply grateful to the FOSS community and the people around it for enabling unfettered access to information and software, because that’s what allowed me to get into this profession in the first place.

    It wasn’t thanks to programs or services with free trials – I needed to be able to keep learning after a month has passed.

    It wasn’t thanks to student plans – I was a child without agency who couldn’t submit any confirmational documentation or pay out of pocket.

    It wasn’t thanks to free plans – I was already limited by status and knowledge gaps, and further restrictions would only exacerbate the issue.

    I hacked together GitHub Pages, GitLab CI/CD, and Heroku to implement server-side logic. I used decentralized networks. The difference between $0 and $1 wasn’t “free” vs “cheap”. In my circumstances, it was “possible” vs “unachievable”.

• Openness/Sharing/Collaboration

  • Open Data

    • [Old] OpenStreetMap ☛ OpenStreetMap Carto version v6.0.0 released

      I am happy to annouce that, after a long time we, the OpenStreetMap Carto maintainers, have prepared a new major release of the OpenStreetMap Carto stylesheet (the default stylesheet on the OSM website). Once changes are deployed on openstreetmap.org it will take a couple of days before all tiles show the new rendering.

• Standards/Consortia

  • Rob Knight ☛ This Post About Outdoor Taps Is Actually About Sharing Things

    This page from Hozelock explains threads on a tap are "sized according to the standard British Standard Pipe, also known as BSP". Yay standards. Looking into it more there seemed to be three options: 1/2″ BSP, 3/4″ BSP, and 1″ BSP which correspond to an outer thread measurement of 21mm, 26.5mm, and 33mm. I measured my tap with my tape measure and it looked to be 21mm or 1/2″ BSP. I found the correct adaptor I would need based on this but I already had that exact thing in my hand and it was the aforementioned one that didn't fit. The 1/2 was a tiny bit too small, the 3/4 was too big. I grabbed my calipers to get a more accurate measurement and it was actually 22mm which according to maths is larger than 21mm.

  • Joost de Valk ☛ Standards don't prove themselves

    Web standards don’t get adopted because bots start requesting something that doesn’t exist yet. They get adopted because publishers start serving something, which gives crawlers a reason to look for it, which gives more publishers a reason to serve it. That’s the cycle. Someone has to go first.

• Security

  • APNIC ☛ NIST updates its secure DNS deployment guide: What operators need to know

    NIST’s updated DNS deployment guide treats DNS as a core security control, offering practical guidance on protective DNS, encryption, DNSSEC, and both authoritative and recursive operations to help operators strengthen resilience, visibility, and policy enforcement.

  • LWN ☛ Security updates for Monday

    Security updates have been issued by AlmaLinux (fontforge, freerdp, libtiff, nginx, nodejs22, and openssh), Debian (bind9, chromium, firefox-esr, flatpak, gdk-pixbuf, inetutils, mediawiki, and webkit2gtk), Fedora (corosync, libcap, libmicrohttpd, libpng, mingw-exiv2, mupdf, pdns-recursor, polkit, trafficserver, trivy, vim, and yarnpkg), Mageia (libpng12, openssl, python-django, python-tornado, squid, and tomcat), Red Hat (rhc), Slackware (openssl), SUSE (chromedriver, chromium, cockpit, cockpit-machines, cockpit-podman, cockpit-tukit, crun, firefox, fontforge-20251009, glibc, go1, helm3, libopenssl-3-devel, libpng16, libradcli10, libtasn1, nghttp2, openssl-1_0_0, openssl-1_1, ovmf, perl-XML-Parser, python-cryptography, python-Flask-HTTPAuth, python311-Django4, python313-Django6, python315, sudo, systemd, tar, tekton-cli, tigervnc, util-linux, and zlib), and Ubuntu (mongodb, qemu, and retroarch).