Post Syndicated from jake original https://lwn.net/Articles/1033373/

Ken Jin welcomed EuroPython 2025 attendees to
his talk entitled “Building a new tail-calling interpreter for Python”, but
noted that the title really should be: “Measuring the performance of
compilers and interpreters is really hard”. Jin’s efforts to switch the CPython interpreter to use tail calls,
which can be optimized as regular jumps,
initially seemed to produce an almost miraculous performance improvement.
As his modified title suggests, the actual improvement
was rather smaller; there is still some performance improvement and
there are other benefits from the change.

Post Syndicated from jake original https://lwn.net/Articles/1034306/

The Git distributed version-control
system has release version 2.51, with “506 non-merge commits since
v2.50.1, contributed by 91 people, 21 of which are new faces“. It
brings multiple new features, some of which are highlighted in a post
on the GitHub blog. It includes some performance improvements for multi-pack indexes
(MIDXs), a way to import and export stash entries so they can be migrated
more easily, and smaller pack files:

Git 2.51 takes the spirit of that change and goes a step further by introducing a new way to collect objects when repacking, called “path walk”. Instead of walking objects in revision order with Git emitting objects with their corresponding path names along the way, the path walk approach emits all objects from a given path at the same time. This approach avoids the name-hash heuristic altogether and can look for deltas within groups of objects that are known to be at the same path.

As a result, Git can generate packs using the path walk approach that are often significantly smaller than even those generated with the new name hash function described above. Its timings are competitive even with generating packs using the existing revision order traversal.

Post Syndicated from jake original https://lwn.net/Articles/1034267/

Security updates have been issued by AlmaLinux (go-toolset:rhel8, kernel, and kernel-rt), Fedora (chromium), Oracle (libxml2), Red Hat (go-toolset:rhel8, golang, kernel, kernel-rt, openjpeg2, rsync, and tigervnc), and SUSE (apache-commons-lang3, chromedriver, fractal, framework_tool, go1.23-openssl, go1.24-openssl, grub2, gstreamer-devtools, gstreamer-plugins-rs, jasper, libavif, lighttpd, nginx, podman, postgresql13, postgresql14, postgresql15, postgresql16, python311-pypdf, ruby2.5, rust-keylime, tiff, tomcat, tomcat10, and tomcat11).

Post Syndicated from jake original https://lwn.net/Articles/1033737/

Security updates have been issued by AlmaLinux (kernel, python3.11-setuptools, thunderbird, and toolbox), Debian (chromium), Fedora (open62541 and perl-Authen-SASL), Oracle (git, kernel, konsole, and webkit2gtk3), SUSE (framework-inputmodule-control and poppler), and Ubuntu (apache2, mysql-8.0, mysql-8.4, node-qs, request-tracker5, and ruby-sidekiq).

Post Syndicated from jake original https://lwn.net/Articles/1032422/

The Indico event-management tool has
been in development at CERN for two
decades at this point. The MIT-licensed web application helps organize
conferences, meetings, workshops, and so on; it runs on Python and uses the Flask web framework. Two software engineers on the project, Dominic
Hollis and Tomas Roun, came to
EuroPython 2025 in Prague to talk about
Indico, its history, and some metrics about its community. There is a bit of a
connection between Indico and the conference: in 2006 and 2007,
the tool was used to manage EuroPython.

Post Syndicated from jake original https://lwn.net/Articles/1033335/

Richard Hughes, creator and maintainer of the Linux Vendor Firmware Service (LVFS), has
written a blog
post about the sustainability
plan he has put together for the service. He is calling for the
vendors that use the service to help fund its development and maintenance
going forward.

The Linux Foundation is kindly paying for all the hosting costs of the LVFS, and Red Hat pays for all my time — but as LVFS grows and grows that’s going to be less and less sustainable longer term. We’re trying to find funding to hire additional resources as a “me replacement” so that there is backup and additional attention to LVFS (and so that I can go on holiday for two weeks without needing to take a laptop with me).

This year there will be a fair-use quota introduced, with different sponsorship levels having a different quota allowance. Nothing currently happens if the quota is exceeded, although there will be additional warnings asking the vendor to contribute. The “associate” (free) quota is also generous, with 50,000 monthly downloads and 50 monthly uploads. This means that almost all the 140 vendors on the LVFS should expect no changes.

(Thanks to Paul Wise.)

Post Syndicated from jake original https://lwn.net/Articles/1033328/

Security updates have been issued by AlmaLinux (jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base and libxml2), Debian (distro-info-data, gnutls28, modsecurity-crs, and node-tmp), Fedora (chromium, incus, perl, perl-Devel-Cover, perl-PAR-Packer, polymake, varnish, and xen), Red Hat (kernel, kernel-rt, and rhc), and SUSE (chromedriver, ffmpeg-4, go1.23, go1.24, go1.25, govulncheck-vulndb, himmelblau, iperf, keylime-ima-policy, net-tools, sqlite3, texmaker, tomcat, and zabbix).

Post Syndicated from jake original https://lwn.net/Articles/1031979/

Debugging in Python is not like it is for some other languages, as there is
no way to attach a debugger to a running program to try to diagnose its
ills. Pablo Galindo Salgado noticed that when he started programming in
Python ten years ago or so; it bugged him enough that he helped fill the hole. The results will be delivered in October with Python 3.14.
At EuroPython 2025, he
gave a characteristically fast-paced and humorous look at debugging and
what will soon be possible for Python debugging—while comparing it all to
medical diagnosis.

Post Syndicated from jake original https://lwn.net/Articles/1032861/

Security updates have been issued by AlmaLinux (glibc, kernel, libxml2, python-requests, and python-setuptools), Debian (chromium), Fedora (chromium, firefox, gdk-pixbuf2, iputils, libsoup3, libssh, perl, perl-Devel-Cover, perl-PAR-Packer, polymake, and poppler), Gentoo (Composer and Spreadsheet-ParseExcel), Oracle (glibc, kernel, libxml2, python-setuptools, sqlite, and virt:rhel and virt-devel:rhel), Red Hat (libxml2), SUSE (grub2, libarchive, libgcrypt, and python311), and Ubuntu (cifs-utils and poppler).

Post Syndicated from jake original https://lwn.net/Articles/1031707/

Antonio Cuni, who
is a longtime Python performance engineer and PyPy developer, gave a presentation at EuroPython
2025 about “Myths and fairy tales around Python performance” on
the first day of the conference in Prague. As might be guessed from the
title, he thinks that much of the conventional wisdom about Python
performance is misleading at best. With lots of examples, he showed where
the real problems that he sees lie. He has come to the conclusion that memory
management will ultimately limit what can be done about Python performance,
but he has an
early-stage project called SPy that
might be a way toward a super-fast Python.

Post Syndicated from jake original https://lwn.net/Articles/1032371/

Security updates have been issued by AlmaLinux (java-21-openjdk, kernel, libxml2, and lz4), Debian (exempi, ruby-graphql, and sope), Fedora (binutils, chromium, gdk-pixbuf2, libsoup3, poppler, and reposurgeon), Mageia (glib2.0 and wxgtk), Oracle (jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base and libxml2), Red Hat (kernel, pandoc, pcs, qemu-kvm, redis, and rsync), SUSE (chromedriver, coreutils, cosign, docker, gdk-pixbuf-devel, glib2, gnutls, grub2, gstreamer-plugins-base, helm, ignition, java-21-openjdk, jbigkit, jq, kernel, kubernetes1.28, kwctl, libxml2, nvidia-open-driver-G06-signed, opensc, pam-config, protobuf, python310, tgt, and valkey), and Ubuntu (linux-iot).

Post Syndicated from jake original https://lwn.net/Articles/1032083/

Security updates have been issued by AlmaLinux (firefox, java-21-openjdk, kernel, thunderbird, and unbound), Debian (chromium and systemd), Fedora (libtiff), Oracle (java-21-openjdk, libtpms, nodejs:22, redis:7, thunderbird, and unbound), Red Hat (firefox, redis, and thunderbird), SUSE (apache2, cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont, java-11-openjdk, kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestf, libarchive, nvidia-open-driver-G06-signed, redis, and rmt-server), and Ubuntu (linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-oracle-5.15, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-hwe-6.14, linux-oem-6.14, linux-raspi, linux-realtime, linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux, linux-aws, linux-kvm, linux-aws, linux-lts-xenial, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure, linux-fips, linux-intel-iot-realtime, linux-realtime, linux-oracle, linux-oracle-6.8, linux-realtime, and sqlite3).

Post Syndicated from jake original https://lwn.net/Articles/1030821/

In the first keynote at
EuroPython 2025 in Prague,
Savannah Bailey described her path to becoming a CPython core developer in
November 2024. She started down that path a few years earlier and her
talk was meant to inspire others—not to slavishly follow hers,
but to create their own. In the talk, entitled “You don’t have to be a compiler engineer
to work on Python”, she had lots of ideas for those who
might be thinking about contributing and are wondering how to do so.

Post Syndicated from jake original https://lwn.net/Articles/1031667/

Security updates have been issued by Debian (audiofile, libcaca, libetpan, libxml2, php7.4, snapcast, and thunderbird), Fedora (glibc, iputils, mingw-binutils, and thunderbird), Red Hat (kernel, kernel-rt, mod_auth_openidc, and mod_auth_openidc:2.3), SUSE (afterburn, apache2, atop, chromedriver, chromium, cloud-init, deepin-feature-enable, firefox, firefox-esr, grafana, grype-db, gstreamer-plugins-bad, javamail, jupyter-jupyterlab-templates, jupyter-nbdime, konsole, libetebase, libxmp, minio-client-20250721T052808Z, MozillaFirefox, MozillaFirefox-branding-SLE, opera, pdns-recursor, perl-Authen-SASL, polkit, python-Django, python3-pycares, python311-starlette, rpi-imager, ruby3.4-rubygem-thor, spdlog, thunderbird, varnish, viewvc, and xtrabackup), and Ubuntu (openjdk-21-crac).

Post Syndicated from jake original https://lwn.net/Articles/1030818/

There is an inherent limit to the privacy of the public
cloud. While Linux can isolate virtual machines (VMs) from each other,
nothing in the system’s memory is ultimately out of reach for the host cloud
provider. To accommodate the most privacy-conscious clients, confidential
computing protects the memory of guests, even from
hypervisors. But the Linux cloud stack needs to be rethought in order to host
confidential VMs, juggling two goals that are often at odds: performance
and security.

Post Syndicated from jake original https://lwn.net/Articles/1031280/

The 6.15.8, 6.12.40, 6.6.100, and 6.1.147 stable kernels have been released.
Each contains important fixes throughout the kernel tree, as usual.

Post Syndicated from jake original https://lwn.net/Articles/1031274/

Security updates have been issued by Debian (chromium, firefox-esr, and mediawiki), Fedora (firefox), Oracle (git, kernel, redis, and sudo), Red Hat (aardvark-dns, firefox, kernel, and thunderbird), Slackware (httpd), SUSE (php7, php8, and salt), and Ubuntu (linux-raspi-realtime and ruby-rack).

Post Syndicated from jake original https://lwn.net/Articles/1030774/

Security updates have been issued by AlmaLinux (java-1.8.0-openjdk), Debian (angular.js and batik), Fedora (chromium, pypy, screen, unbound, wine, and wine-mono), Mageia (djvulibre, quictls, and redis), Red Hat (avahi, gnome-remote-desktop, java-1.8.0-openjdk, java-11-openjdk with Extended Lifecycle Support, java-21-openjdk, kernel, kernel-rt, python-setuptools, redis, and valkey), SUSE (chromedriver, coreutils, cosign, docker, FastCGI, ffmpeg-4, fractal, gimp, glib2, ImageMagick, iputils, java-17-openjdk, java-24-openjdk, jq, kubelogin, kubernetes1.23, kubernetes1.24, kubernetes1.26, python-requests, python3, rmt-server, rustup, and thunderbird), and Ubuntu (apache2).

Post Syndicated from jake original https://lwn.net/Articles/1030256/

Security updates have been issued by AlmaLinux (emacs, java-17-openjdk, kernel, kernel-rt, microcode_ctl, python3.11-setuptools, python3.12-setuptools, and socat), Debian (gnutls28), Fedora (vim), Red Hat (java-1.8.0-ibm), Slackware (bind), SUSE (docker, erlang, erlang26, ggml-devel-5889, gnuplot, kernel, kubernetes1.27, libQt6Concurrent6, mailman3, and transfig), and Ubuntu (apache2, bind9, linux-iot, linux-lowlatency-hwe-6.11, and linux-raspi, linux-raspi-5.4).

Post Syndicated from jake original https://lwn.net/Articles/1029767/

Linux users who have Secure Boot
enabled on their systems knowingly or unknowingly rely on a key from
Microsoft that is set to expire in September. After that point, Microsoft
will no longer use that key to sign the shim
first-stage UEFI bootloader that is used by Linux distributions to boot the
kernel with Secure Boot. But the replacement key, which has been available
since 2023, may not be installed on many systems; worse yet, it may require
the hardware vendor to issue an update for the system firmware, which may
or may not happen. It seems that the vast majority of systems will not be
lost in the shuffle, but it may require extra work from distributors and
users.