Yeah I should tell whoever is still using them, especially with DNS-PERSIST-01.

It's quite crazy to see that endpoints that are supposed to be used programmatically don't properly account for this. But then I see the garbage .zip files we get from CAs when certificates get renewed and I understand.

There's always something new to find out

This software is awesome. I've never seen a document flex this many PDF features. It even uses roman-numeral page labels in the PDF metadata, so front matter shows up as i, ii, iii in the bookmark panel 😍.

Have people on the orange site never heard of pgbackrest?

It's out!

crates.io/crates/warb

After years of wishing I could programmatically deal with .braw files, Opus 4.7 wrote a Blackmagic RAW SDK wrapper via cxx and debugged it all in less than two hours. Performance is decent while not using GPU acceleration.

Publishing a crate soon after reviewing all of the C++ that it wrote.

Maybe I'm missing something obvious, but what's up with bots flooding your webserver with requests and setting the Host header to `some-string.imi.zone`.

Am I missing something obvious? Nothing comes up when I google it. This has been going on for years.

Testing some stuff

Bailey Pumfleet @pumfleet (1h ago) post in X: Open source is dead. That’s not a statement we ever thought we’d make. @calcom was built on open source. It shaped our product, our community, and our growth. But the world has changed faster than our principles could keep up. AI has fundamentally altered the security landscape. What once required time, expertise, and intent can now be automated at scale. Code is no longer just read. It is scanned, mapped, and exploited. Near zero cost. In that world, transparency becomes exposure. Especially at scale. After a lot of deliberation, we’ve made the decision to close the core @calcom codebase.

So we're back to security through obscurity? Sorry, but this is wrong. Our OSS apps and libs will be more secure thanks to the new models, not less. They are being released to researchers responsibly. Let's help maintainers avoid burnout. Let's fund them. Let's welcome more eyes checking our code.

The state of GitHub in 2026.

Should we return to smaller-scale infrastructure to avoid the consequences of these giant services piecing out their resources?

blog.rust-lang.org/inside-rust/...

DaVinci Resolve 21 rocks!

What do you do when you get to this point and most of them seem plausible?

Found two more issues plus another ~15 to triage on two particularly problematic crates:

github.com/rust-lang/fu...

github.com/tokio-rs/mio...

Two more issues and two other privately disclosed:

github.com/rayon-rs/ray...

github.com/rust-lang/fu...

Nicholas Carlini - Black-hat LLMs | [un]prompted 2026 YouTube video by unprompted

Inspired from youtu.be/1sd26pWhfmg

Help me find unsound code in this crate or it's dependencies. Pick a file to start from, and iteratively analyze it. Log your findings and ideas you come up with in a file. Then you'll move to dependencies next. If you'd like, use cargo geiger, it's already installed.

github.com/image-rs/ima...

Why do we still have to manually deal with this BS in 2026?

Axum + Aide are amazing. I just need to figure out an efficient way to have builtin errors return as json instead of plaintext because that's driving me crazy.

An update on rustls performance: it’s still pretty fast.

www.memorysafety.org/blog/26q1-ru...

The real issue is with 50-400 line queries. Having good indentation, formatting similar to other languages, full names instead of 1-letter abbreviations and so on makes a big difference

Velocity Europe, Artur Bergman, "Full Stack Awareness" YouTube video by O'Reilly

More people should see this talk.

youtu.be/oebqlzblfyo

Mozilla is the closest to what I like, but the OR should be at the end of the previous line

Am I the only one that doesn't format SQL this way? This is very hard to read, to format by hand, and no other language follows this kind of style anyway...

Oh hey, with all the 🔥 I almost missed that today was the 12th anniversary of Heartbleed.

The online test I cobbled together that night gave me the opportunities to get started in this line of work!

Initially it was hilariously bad: a Flask server shelling out to a patched Go crypto/tls binary.

Tell that to Netflix, Prime Video and literally everyone else.

Did some experiments with ffmpeg + SVT-AV1 lately on a Ryzen 5950x. Incredible how much things have improved since the previous tests I did with libaom a few years ago.

I'm converting H264 1366x768 to AV1 1366x768 preset 8 at 8.7x on 24 vCPUs out of 32 💪.

It is totally fine to not like AI, want to use AI, or hear about it. But “I won’t use any thing that transitively has ever touched AI” is virtually impossible.

I've used Claude Code to do some work on rust-postgres. I guess I'm banned too 😆

🤯