🏡

to read (pdf)

generated: June 11, 2026 at 07:29:24

June 11, 2026
1. 🔗 HexRaysSA/plugin-repository commits sync repo: +1 release rss
```
sync repo: +1 release

## New releases
- [yarg](https://github.com/r0ny123/yarg): 1.0.5
```
2. 🔗 anthropics/claude-code v2.1.173 release
  What's changed
  - Fixed Fable 5 model names with a [1m] suffix not being normalized — Fable 5 includes 1M context by default, so the suffix is now stripped automatically
  - Fixed a spurious "sandbox dependencies missing" startup warning on Windows when sandbox was enabled in settings
3. 🔗 r/reverseengineering Drive Firmware Security - Phison S11 rss
  
  submitted by /u/igor_sk
  [link] [comments]
4. 🔗 Console.dev newsletter sem rss
  
  Description: Semantic Git diffs.
  
  What we like: Provides a higher-level abstraction to understand what changed in the code e.g. showing function names added/removed. Includes a dependency graph to highlight what might be impacted by a change. Supports JSON output for LLMs to better analyze changes.
  
  What we dislike: Useful starting point to understand changes before you get into the details using Git.
5. 🔗 Console.dev newsletter Herdr rss
  
  Description: Agent terminal multiplexer.
  
  What we like: TUI for tmux-style persistence for multiple AI agent sessions. Easily detach, reattach, and work locality or remotely over SSH. Works with your existing terminal. Keyboard-first, but supports the mouse. Agents can use it to operate their own workspaces. Has a mobile-optimized view.
  
  What we dislike: Live handoff for updating a running Herdr server works well, but is still technically experimental so don’t rely on it yet.
June 10, 2026
1. 🔗 anthropics/claude-code v2.1.172 release
  What's changed
  - Sub-agents can now spawn their own sub-agents (up to 5 levels deep)
  - Amazon Bedrock now reads the AWS region from ~/.aws config files when AWS_REGION isn't set, matching AWS SDK precedence; /status shows where the region came from
  - Added a search bar when browsing a marketplace's plugins in /plugin
  - Added model attribute to the claude_code.lines_of_code.count OTEL metric
  - Fixed sessions using 1M context without usage credits getting permanently stuck — the session now automatically compacts back under the standard context limit
  - Fixed a repeating "an image in the conversation could not be processed and was removed" error when the conversation contained multiple images
  - Fixed the agents view keeping a session under Working with a busy spinner for up to 30 seconds after the worker replied
  - Fixed background agents potentially reading another directory's project settings (.mcp.json approvals, trust) when dispatched onto a pre-warmed worker
  - Fixed background-session attach failing with EAUTH for sessions started on an older version after the daemon auto-updated
  - Fixed a background sub-agent staying stuck as "active" in the agent panel after a nested agent it spawned was stopped
  - Fixed /model suggestions in the claude agents dispatch input rendering with a misleading slash prefix and showing models disabled for your org
  - Fixed availableModels restrictions not being applied to subagent model overrides, the agent dispatch model picker, and the advisor model
  - Fixed availableModels allowlists hiding the /model picker's Opus and Sonnet 1M rows when entries use version-specific IDs like claude-opus-4-8
  - Fixed the /model picker on Bedrock offering models the provider doesn't serve — selecting one silently switched the session model and lit the selection marker on multiple rows
  - Fixed model IDs getting a doubled 1M-context suffix (e.g. [1M][1m]) when ANTHROPIC_DEFAULT_OPUS_MODEL already includes one
  - Fixed opusplan model setting not shipping with 1M context in plan mode for entitled users; the opusplan[1m] workaround now also correctly switches to Opus in plan mode
  - Fixed WebFetch(domain:*.example.com) wildcard domain rules never matching subdomains in allow, deny, and ask position, and file permission rules with mid-pattern wildcards (e.g. Read(secrets-*/config.json)) being rejected at startup
  - Fixed up-arrow prompt history showing the main agent's prompts while a subagent's chat tab is open
  - Fixed memory recall not finding mounted team memory stores (CLAUDE_MEMORY_STORES) in remote sessions
  - Fixed workflow validation rejecting scripts whose prompt strings or comments merely mention Date.now()/Math.random()
  - Disable mouse tracking on Windows consoles that don't fully support it
  - Fixed the /plugin marketplace list losing its cursor after backing out of a long plugin list, and Esc from the plugin browser returning to the wrong tab
  - Improved performance in long conversations by removing redundant message normalization and avoiding full message-history transforms when streaming tool-use state is unchanged
  - Reduced idle CPU usage: /goal status chip no longer re-renders the terminal at 5 Hz while idle, and fewer UI re-renders while subagents run in parallel
  - Improved Claude in Chrome tool loading: browser tools now load in a single batched call instead of one per tool
  - Improved the non-interactive Usage Policy refusal message to suggest starting a new session or changing your model
  - /code-review now keeps the ultra option visible when you're not signed in to claude.ai, with an explanation that the cloud review requires a claude.ai account
  - Shortened the Remote Control footer indicator to "/rc active" and hid it on narrow terminals
  - Stopped promoting /loop in remote sessions, where pending loops don't keep the container alive
  - [VSCode] Fixed PowerShell tool calls rendering as raw JSON instead of a proper command display and permission dialog, and stripped ANSI escape codes from displayed shell output
2. 🔗 r/reverseengineering IDA 9.4 Beta | Hex-Rays Docs rss
  
  submitted by /u/kenansulayman
  [link] [comments]
3. 🔗 backnotprop/plannotator v0.20.1 release
  Follow @plannotator on X for updates
  
  What's New in v0.20.1
  
  A hotfix for Pi extension installs. If pi install npm:@plannotator/pi- extension failed for you today, this release fixes it.
  
  Pi Extension Install Failure
  
  Fresh installs of @plannotator/pi-extension started failing with an npm 404. The cause was upstream: our diff renderer dependency @pierre/diffs published a new 1.2.x line that depends on @pierre/theming@0.0.1, a package that does not exist on the npm registry. Plannotator declared the dependency with a loose ^1.1.12 range, so fresh installs floated onto the broken 1.2.9 and failed before Pi could finish loading extensions. Repo builds never saw it because the lockfile pinned an older version.
  
  The fix pins @pierre/diffs to exact 1.1.20 everywhere, whose dependency tree fully resolves. Update with:
```
pi install npm:@plannotator/pi-extension
```
  - closing #880
  Install / Update
  
  macOS / Linux:
```
curl -fsSL https://plannotator.ai/install.sh | bash
```
  Windows:
```
irm https://plannotator.ai/install.ps1 | iex
```
  Pi: Install or update the extension:
```
pi install npm:@plannotator/pi-extension
```
  Upgrading from before v0.20.0? Read the v0.20.0 release notes first; that release changed how skills install.
  
  What's Changed
  - fix(deps): pin @pierre/diffs to exact 1.1.20 by @backnotprop
  Community
  
  @ramarivera reported the install failure with a complete diagnosis of the broken dependency chain, down to the exact unpublished package. @MaksimZinovev and @archidemus confirmed the failure.
  
  Full Changelog : v0.20.0...v0.20.1
4. 🔗 r/LocalLLaMA DiffusionGemma: 4x faster text generation rss
  
  | submitted by /u/tevlon
  [link] [comments]
  ---|---
5. 🔗 sacha chua :: living an awesome life La semaine du 1 au 7 juin rss
  
  lundi le premier juin
  
  Ma fille a séché les cours et elle n'a pas non plus voulu aller à son cours de gymnastique parce qu'elle a eu une mauvaise nuit et elle était toujours grincheuse.
  
  Au lieu de la harceler, j'ai travaillé sur des transcriptions et sur mon bulletin d'information sur Emacs. J'ai écrit des fonctions pour comparer les mots et effacer les étendues qui correspondent avec les mots effacés.
  
  Après avoir lu dans sa chambre pendant longtemps, elle a finalement réapparu de bonne humeur. Elle et moi avons préparé du sushi pour le dîner. Ensuite, nous avons joué au Scrabble dehors.
  
  Elle a porté sa prothèse oculaire toute seule. Elle a dit qu'elle l'a fait pour elle-même. Je pense que l'autonomie est très importante pour ma fille.
  
  Nous avons fait du vélo à la cour de récréation avec son amie, où nous avons rejoint d'autres amies. De temps en temps, ma fille était surstimulée. Quand ça arrivait, elle a joué au Scrabble avec moi et la nourrice de ses amies. Après qu'une de ses amies soit partie, nous sommes allées à l'autre cour de récréation pour jouer encore.
  
  mardi 3
  
  Ma fille a participé à l'école ce matin même s'il y avait un remplaçant, mais elle n'a pas voulu y participer l'après-midi. Nous sommes assises dehors et nous avons travaillé sur ses devoirs. Nous avons vu des pics.
  
  J'ai emmené ma fille au parc pour jouer avec ses amis. Elle a aimé faire du vélo autour du parc avec ses amis et sans adultes. Ils ont aussi fait du vélo autour de la pataugeoire qui était sèche parce qu'elle n'était pas encore ouverte. Ils tournaient en rond.
  
  J'ai fait l'erreur de jouer à mon jeu de Tileman Reworked près de ma fille. Elle a voulu m'aider, bien. Elle a recueilli les citrouilles et les canneberges, bien. Elle a commencé à couper l'herbe près des récoltes, euh… J'ai essayé d'expliquer qu'il ne fallait pas la couper, mais elle est devenue grincheuse parce que je la corrigeais. Elle m'a dit qu'elle voulait seulement m'aider et elle est partie furieuse. Ce n'est pas grave. Je pense que cette ferme est trop compliquée pour elle pour le moment. Notre ferme habituelle est meilleure. J'apprécie qu'elle ait voulu m'aider, et c'était juste un jeu. C'est aussi bien si elle apprend comment coopérer.
  
  J'ai commencé à réécrire la transcription de la conversation entre ma sœur et notre cousine.
  
  jeudi 4
  
  J'ai discuté d'Emacs avec Ben Zanin. Il a partagé sa configuration sur elfeed, la musique, et d'autres sujets.
  
  J'ai travaillé comme consultante. J'ai pris un cours de formation.
  
  Ma fille et moi avons fait du vélo au parc. Nous avons joué à la pataugeoire et au bac à sable. Nous avons improvisé des histoires de Donjons et Dragons avec les dés sur mon smartphone.
  
  J'ai discuté avec mes sœurs et quelques personnes des assurances-vie de ma mère. Notre accès au compte bancaire sera limité si ma sœur décède, donc il vaut mieux que nous fassions la paperasse maintenant.
  
  vendredi 5
  
  J'ai eu ma première session de la conversation avec mon tuteur aujourd'hui ! À mon grand étonnement, j'ai pu suivre assez de ses mots et j'ai pu expliquer mes pensées ( avec une mauvaise grammaire, bien sûr ). Je sais qu'il fallait que je m'entraîne à penser en français au lieu de traduire de l'anglais, donc davantage parler, davantage apprendre. C'est un exercice intense. J'avais transpiré. Nous avons réussi à parler de la programmation, des études à l'université, le travail, la vie, et d'autres sujets.
  
  J'ai augmenté le stockage pour les vidéos de ma sœur.
  
  J'ai signé la paperasse pour les assurances-vie.
  
  J'ai appelé ma mère et je l'ai informée de la paperasse.
  
  samedi 6
  
  J'ai téléchargé encore d'autres vidéos de ma sœur.
  
  Nous avons joué aux Donjons et Dragons avec ses tantes et ses cousines. Ma fille était la meneuse de jeu pour une partie de la session. Nous avons cherché une petite chèvre perdue, et nous avons combattu quatre bandits déguisés en gardes.
  
  Nous avons fait des mochis.
  
  J'ai payé la pénalité pour la soumission en retard du bilan de vérification du revenu étranger que je n'ai pas pu finir l'année précédente parce que le banquier était peu communicatif. Tant pis. Je pense que si ça arrive encore, je dois le soumettre avec ma meilleure estimation.
  
  Dans mon jeu Tileman Reworked de Stardew Valley, j'ai finalement accédé à la boutique de Willy, le pêcheur. C'était le dernier jour d'automne de la quatrième année.
  
  J'ai travaillé comme consultante. J'ai analysé des mises à jour.
  
  dimanche 7
  
  J'ai emmené ma fille chez le perceur pour examiner ses oreilles. Le perceur nous a dit qu'elle avait l'autorisation de changer pour de nouvelles boucles d'oreilles. Sur le chemin du retour, nous avons fait une promenade dans le parc.
  
  J'ai emmené ma fille au Dufferin Mall pour sélectionner des boucles d'oreilles. Après quelques comparaisons, ma fille a opté pour des clous d'oreilles en acier plaqué or avec des pierres moyennes chez New Steel. C'était bon marché.
  
  J'ai fini de coudre la robe de ma fille. Elle voulait me coudre une robe, donc j'ai préparé des pièces pour elle. Il vaut mieux que j'utilise beaucoup d'épingles et que je trace une ligne à la craie.
  
  View Org source for this post
  
  You can e-mail me at sacha@sachachua.com.
6. 🔗 Hex-Rays Blog IDA 9.4 Beta Is Now Available rss
  
  If you're part of our Beta Program, the new build is now available in the Download Center of your customer portal. Your testing and feedback are essential in validating new features, surfacing regressions, and ensuring this release is ready for production use.
  
  Not enrolled yet? Joining the program is quick and easy, just click Subscribe from your customer portal dashboard - see below for details.
7. 🔗 r/reverseengineering Trane Tracer HVAC cybersecurity issues rss
  
  submitted by /u/derp6996
  [link] [comments]
8. 🔗 3Blue1Brown (YouTube) What's the perfect encoding? How do you know? rss
  
  Full video: https://youtu.be/l6DKRf-fAAM
9. 🔗 HexRaysSA/plugin-repository commits sync repo: +2 releases rss
```
sync repo: +2 releases

## New releases
- [yarg](https://github.com/r0ny123/yarg): 1.0.4, 1.0.3
```
10. 🔗 r/reverseengineering 🚀 Release PyMemoryEditor v2.0 — read, write and scan the memory of any running process, in pure Python (Windows, Linux & macOS) rss
  
  submitted by /u/SupermarketTrue7507
  [link] [comments]
11. 🔗 r/LocalLLaMA Without open source LLMs, US AI companies could have already monopoled the technology rss
  
  For such technology with clear importance and impact on all of us, I believe that making it open source is an ethical duty, otherwise, especially with the 1-sided politics of the US we experience today, they could have already monopolized the technology by now, maybe make it exclusively available to US companies only, and starve the entire world including Europe.
  
  You could disagree with China on many topics, but the fact they released a couple of powerful open source LLMs is a direct contribution to humanity.
  
  What do you think what should be the future AI model.
  
  submitted by /u/Informal-Trouble2183
  [link] [comments]
12. 🔗 r/LocalLLaMA Anthropic is intentionally nerfing Fable when asked to develop other LLMs rss
  
  | Reason 458 why local LLMs are going to be a necessity edit: For those requesting the source check out their technical report look at page 13 submitted by /u/onil_gova
  [link] [comments]
  ---|---
13. 🔗 r/LocalLLaMA Without open llm competition, closed source LLM companies will become insatiable. rss
  
  | I can't imagine how arrogant one must be to make such a decision. People pay $200 a month for Anthropic to mess with their codebase. Imagine how they would humiliate their customers if the world didn't have an open-source model. https://preview.redd.it/6qr2ymt25d6h1.png?width=1646&format=png&auto=webp&s=bdc349c68bbf92285d5d5fbca39afa6494868aa8 submitted by /u/Chair-Short
  [link] [comments]
  ---|---
14. 🔗 exe.dev Sharing is Caring rss
  Today's quiz is to deploy a server-rendered hello world app (python3 -mhttp.server fine for these purposes, though I used Go below), publically visible, on your cloud of choice. On your marks, get set, GO!
```
$ ssh exe.dev new --name mr-rogers
$ ssh exe.dev share set-public mr-rogers
$ ssh mr-rogers.exe.xyz
# on that machine:
$ cat > main.go
package main

import (
        "fmt"
        "net/http"
)

func main() {
        http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
                fmt.Fprintln(w, "hello world")
        })
        http.ListenAndServe(":8000", nil)
}
^D
$ go run main.go  # maybe in a tmux

# back on your laptop, open https://mr-rogers.exe.xyz/
```
  At exe.dev, our goal is to make sharing a web app that you built as easy as forwarding an e-mail. You saw the command-line approach above; there's an equivalent web-based flow as well.
  
  If you don't want to share with the whole world, but only some friends, the share command also takes e-mail addresses, and your users can log into your site.
  
  If you use exe.dev on a team, the sharing hierarchy is richer in that you can also share SSH access to your VM with a team member. The full hierarchy of sharing is:
  
  | Individual Accounts | Team Accounts
  ---|---|---
  Administrative
  (e.g., removing the VM) | Only owner | Owner, and, indirectly, team administrators
  SSH access
  (and agent access) | Only owner | Owner, or can be shared with team
  Single web port | Can be shared publicly, or with individual e-mail addresses. | Can be shared publicly, with a team, or with individual e-mail addresses.
15. 🔗 Armin Ronacher Gaslighting Openness rss
  
  I have been a staunch supporter of Open Source for a long time, including experiments in funding it. I'm a true believer in the idea that Open Source always wins in the long run, but not automatically and not quickly. Right now it is being stressed by AI slop, shifting contributor dynamics, the falling cost of producing code, and large companies learning to close doors behind them.
  
  A lot of that battle today is manipulation of the narrative. Opinion makers on social media and in business circles increasingly frame access as irresponsibility. That is why the EU's DMA matters, even if many people (including myself) reflexively hate EU regulation. Apple's fight over delayed AI features in Europe is not about Brussels being annoying: it is about whether users can access their own devices and data. The phone is yours, the data is yours, yet Apple decides who may reach it and takes the agency away from you and then tries to make that sound like it is in your interest (supposedly it's for your safety and security).
  
  The closer you get to the core of AI, the more this shows up. Anthropic has every financial incentive to restrict what people can do with Mythos and Fable, and they wrap those restrictions in safety and (national) security language. Some restrictions may be defensible, but not all of them are. They trained their models on public works, then block Open Source attempts to learn from and distill these systems.
  
  Disliking the EU, China, or any other large government should not make us forget that true democratized access to technology including AI is in all our interest. Some temporary product pain, including delayed Apple AI features, will be worth paying if it keeps gates open. We should not let companies own the narrative that preventing access is in our interest, particularly not as Europeans where the odds are already stacked against us by our underdeveloped capital markets, brain drain and internal fighting.
June 09, 2026
1. 🔗 IDA Plugin Updates IDA Plugin Updates on 2026-06-09 rss
  IDA Plugin Updates on 2026-06-09
  
  Activity:
  - capa
    
    ccf3a87e: tests: add snapshot tests for feature extraction (#3069)
    
    58bfa760: Sync capa-testfiles submodule
2. 🔗 Simon Willison Initial impressions of Claude Fable 5 rss
  I didn't have early access to today's Claude Fable 5 release, but I've spent the past ~5.5 hours putting it through its paces. My initial impressions are that this is something of a beast. It's slow, expensive and has been quite happily churning through everything I've thrown at it so far. As is frequently the case with current frontier models the challenge is finding tasks that it can't do.
  
  First, let's review the key characteristics.
  
  Anthropic claim that Claude Fable 5 offers the same performance as Claude Mythos 5, except with much more strict guardrails in place to prevent it being used for harmful things. Those guardrails trigger often enough that the Claude API has new mechanisms for letting you know when you hit them, and even has a new option to request it falls back to another model automatically if something gets rejected.
  
  Claude Mythos 5 is out today as well, Anthropic say it "Shares Claude Fable 5's capabilities without the safety classifiers".
  
  The models have a 1 million token context window, 128,000 maximum output tokens and a knowledge cut-off date of January 2026.
  
  They are priced at twice the price of Claude Opus 4.5/4.6/4.7/4.8: $10/million input tokens and $50/million output tokens. There's no increase in price for longer context usage.
  
  Other than that the upgrade guide is substantially thinner than the similar guide for Opus 4.8.
  
  The big model smell
  
  The best way to describe Fable is that it feels big. Not just in terms of speed and cost, but also in how much it knows.
  
  Here's an example prompt, which I used to compare Fable's knowledge with Opus 4.8 (typo included):
  
  List all of Simon Willion's open source projects, most recent first, each with a rough date of when they were first released
  
  Opus 4.8's reply started like this:
  I don't have a reliable, comprehensive, and date-verified list of all of Simon Willison's open source projects, and I want to be honest about that rather than risk giving you inaccurate dates or fabricated entries.
  
  Here's what I can tell you with reasonable confidence:
  
  Well-known projects by Simon Willison:
  
  LLM (~2023) – A command-line tool and Python library for interacting with large language models.
  
  Datasette (~2017) – A tool for exploring and publishing data, probably his most prominent recent project.
  
  sqlite-utils (~2018-2019) – A Python library and CLI tool for manipulating SQLite databases, often used alongside Datasette.
  
  Django (2005) – He is one of the co-creators of the Django web framework, along with Adrian Holovaty, originally developed at the Lawrence Journal-World newspaper.
  
  He also maintains a large ecosystem of Datasette plugins and many smaller utilities (often with names like shot-scraper, various *-to-sqlite tools for importing data, etc.).
  That's not bad. Here's the start of the response for the exact same prompt from Fable 5 - both models were running without access to search:
  I think you mean Simon Willison — the prolific open source developer, co-creator of Django, and creator of Datasette.
  
  An important caveat upfront: a truly complete list isn't feasible. Simon Willison is famously prolific — he has published hundreds of repositories (Datasette alone has 100+ plugins, many written by him), and my knowledge has a cutoff date, so I'll be missing his most recent work. Below are his notable projects with approximate initial release dates, most recent first:
  
  Notable projects (approximate dates)
  
  files-to-prompt (April 2024) – concatenates files into a single prompt for LLMs
  
  datasette-extract (2024) – plugin for extracting structured data using LLMs
  
  LLM (May–June 2023) – CLI tool and Python library for interacting with large language models, plus a large ecosystem of plugins (llm-gpt4all, llm-mistral, llm-claude, etc., 2023 onward)
  
  symbex (June 2023) – search Python code for symbols
  
  ttok and strip-tags (May 2023) – CLI tools for token counting and HTML cleanup for LLM pipelines
  
  datasette-lite (May 2022) – Datasette running entirely in the browser via WebAssembly/Pyodide
  
  shot-scraper (March 2022) – automated website screenshots via Playwright
  
  s3-credentials (November 2021) – CLI for creating scoped AWS S3 credentials
  
  django-sql-dashboard (2021) – SQL reporting dashboards for Django
  
  Dogsheep suite (2019) – personal analytics tools: twitter-to-sqlite, github-to-sqlite, healthkit-to-sqlite, dogsheep-beta, etc.
  
  sqlite-utils (2018) – CLI and Python library for manipulating SQLite databases
  
  Datasette (November 2017) – his flagship project; tool for exploring and publishing data
  
  csvs-to-sqlite (2017) – convert CSV files to SQLite
  
  Various early tools (~2007–2010) – soupselect, json-head, geocoders, and others
  
  Django (developed 2003–2005, open-sourced July 2005) – co-created with Adrian Holovaty at the Lawrence Journal-World
  (Here's GPT-5.5 for good measure. It listed even more projects than Fable did!)
  
  In the past I've stated that I don't care about how much models know - I want them to be able to manipulate text and code in useful ways and actively look up the information they need via search tools, not bake it into their weights.
  
  But knowledge like this is a reasonably good proxy for model size - you can cram a whole lot more details about the world into a larger number of parameters.
  
  Does knowing more stuff mean the model is better at the tasks we pose to it? I can certainly imagine how a coding model with deeper knowledge of modern libraries and patterns could crunch through coding tasks more effectively.
  
  Is Fable really bigger than Opus? Anthropic haven't said anything about model size, so all we have are tea-leaves, but the speed, pricing and my own poking at its knowledge make me think that it's a large model. Maybe the largest yet from any vendor.
  
  Using Fable in Claude.ai
  
  Anthropic made Fable 5 available across all of their surfaces - the Claude.ai chat interface, Claude Code for web, Claude Code CLI and Claude Cowork as well. The model is available "until June 22nd" on the subscription plans (I'm on $100/month Max at the moment), after which it will be billed extra.
  
  Claude.ai is often under-estimated. Since September 2025 every chat has had access to a full container environment to run code, including the ability to install additional packages and even clone repositories directly from GitHub.
  
  Last week I released micropython-wasm, a Python library that uses wasmtime to run a custom build of MicroPython in WebAssembly to act as a sandbox for untrusted Python code.
  
  I decided to see if Fable could upgrade that to running full Python instead. I started with this prompt:
  
  Clone simonw/micropython-wasm from GitHub and research how this could use a full Python as opposed to MicroPython
  
  Fable identified that it could use Brett Cannon's cpython-wasi-build builds for this, but was unable to download them itself due to environment restrictions.
  
  So I grabbed the two zip files from that page and uploaded them to Claude:
  
  Here's the Brett Cannon builds (python-3.zip, _build-python-3.zip as attachments)
  
  And that was that. It churned away for a few minutes and got the entire thing working.
  
  Part of the response included:
  
  I tried the cleaner single-zip-stdlib approach to shrink the filesystem surface, but CPython's getpath bootstrap fails to find encodings from inside a zip without more prefix finessing — the directory-preopen approach works reliably, so that's what the PoC uses. The zip path is solvable but needs _PYTHONHOME/frozen-getpath work.
  
  So I said:
  
  Try a bit more at the single-zip-stdlib problem
  
  Then a little later:
  
  I want a wheel that has the whole system in it, the Python wrappers and the WASM files and the stdlibrary, so I can do uv run --with path-to-whl python -c "demo code"
  
  ... and it gave me this 13.9MB cpython_wasm-0.1.0-py3-none-any.whl file. You can try running Python code in a sandbox using that wheel URL and uv like this:
  uv run --with https://static.simonwillison.net/static/cors-allow/2026/cpython_wasm-0.1.0-py3-none-any.whl \ cpython-wasm -c 'print(45 ** 56)'
  Here's the full chat transcript.
  
  This was a very strong start.
  
  Adding features to Datasette Agent and LLM using Claude Code
  
  Before I'd realized it was Fable day, my stretch goal for today was to add a new feature to Datasette Agent: I wanted tool calls within that agent software to gain the ability to pause mid-execution and request approval directly from the user.
  
  This felt like a suitably meaty task to throw at the new model.
  
  Over the course of the day Fable not only solved that problem, it also identified and then implemented four issues in my underlying LLM library that would help support this kind of advanced pause-resume mechanism in tool calls.
  
  It got everything working first using somewhat gnarly hacks, but the moment I told it that changes to LLM itself were in scope it set to work unraveling the hacks and turning them into supported features of LLM instead.
  
  My stretch goal turned into LLM 0.32a3, almost entirely written by Fable. Here are the release notes:
  Driven by the needs of Datasette Agent's human-in-the-loop ask_user() feature, made the following improvements to how tool calls work:
  
  Tool implementations can declare a parameter named llm_tool_call in order to be passed the llm.ToolCall object for the current invocation. This allows them to access the current llm_tool_call.tool_call_id. See Accessing the tool call from inside a tool. #1480
  
  Every tool call is now guaranteed a unique tool_call_id - providers that do not supply one get a synthesized tc_-prefixed ULID. #1481
  
  Tools can raise a llm.PauseChain exception to cleanly pause the tool chain, useful for things like waiting for human approval. The exception propagates to the caller with .tool_call and .tool_results (completed sibling results) attached, and no model call is made with a placeholder result. See Pausing a chain from inside a tool. #1482
  
  Failure semantics for concurrent tool execution: async sibling tool calls always run to completion before a pause or hook exception propagates. #1482
  
  Chains can now resume from a messages= history ending in unresolved tool calls: the calls are executed through the normal before_call/after_call machinery before the first model call, skipping any that already have results. The execute_tool_calls() method also accepts a new optional tool_calls_list= argument for executing an explicit list of ToolCall objects in place of the calls requested by the response. See Resuming a chain with pending tool calls. #1482
  
  Fixed a bug where the async tool executor silently dropped calls to tools not present in tools= - these now return Error: tool "..." does not exist results, matching the sync executor. #1483
  I'm really impressed with the quality of API design, tests, code and documentation that Fable put together for this. I spent several hours on it today, but it feels like several days' worth of work.
  
  How much I've spent
  
  I recently started using AgentsView to help track my local LLM usage across all of the different coding agents. I published a TIL today about adding custom Fable pricing to that tool, which I expect will not be necessary in the very near future.
  
  After setting the price, I ran this command to start a localhost web server to explore my usage:
```
uvx agentsview serve
```
  Here's the treemap showing the breakdown of my Fable usage across various projects today:
  
  I used $110.42 worth of tokens today, all as part of my $100/month subscription.
  
  And some pelicans
  
  I ran "Generate an SVG of a pelican riding a bicycle" against all five thinking effort levels with Fable.
  
  Here are the results, including the token cost for each one:
  
  low: 1,929 out, 9.67c
  
  medium: 2,290 out, 11.475c
  
  high: 2,057 out, 10.31c
  
  xhigh: 5,992 out, 29.985c
  
  max: 14,430 out, 72.175c
  
  It's interesting that high ended up using fewer tokens than medium for this particular run.
  
  Here are the Opus 4.8 pelicans for comparison.
  
  You are only seeing the long-form articles from my blog. Subscribe to /atom/everything/ to get all of my posts, or take a look at my other subscription options.
3. 🔗 @binaryninja@infosec.exchange Wake up binjas, new Binary Ninja 5.3.9757 stable just dropped. No mastodon
  
  Wake up binjas, new Binary Ninja 5.3.9757 stable just dropped. No functionality this time (head over to dev for that!) but lots of stability fixes for the appropriately named stable branch:
  
  https://binary.ninja/2026/06/09/5.3-release-2.html
4. 🔗 r/Harrogate Looking for a nail tech rss
  
  | Anyone know any nail girls/shops that can do me something like this? submitted by /u/Living-Yellow4188
  [link] [comments]
  ---|---
5. 🔗 backnotprop/plannotator v0.20.0 release
  Follow @plannotator on X for updates
  
  Missed recent releases? Release | Highlights
  ---|---
  v0.19.27 | Kiro CLI integration, Glimpse native window, annotate-last message picker
  v0.19.26 | Amp plugin production fixes, Mermaid rendering fix, Settings flicker fix, update notification toast and shimmer
  v0.19.24 | Amp integration, configurable data directory, Auto Mode permission option, Pi plan approval fix
  v0.19.23 | Droid integration, Windows Pi AI fix, quieter update indicator
  v0.19.22 | Safari copy fix in plan viewer, CLAUDE_CONFIG_DIR support for session logs
  v0.19.21 | Ask AI in plan review and annotate mode, shared AI runtime, origin-aware provider defaults
  v0.19.20 | Interactive goal setup UI, OpenCode submit_plan fixes, browser no-op sentinel handling for Claude agents
  v0.19.18 | Edit-based submit_plan for OpenCode, Pi namespace migration, Codex annotate-last fix, OpenCode commands dir fix
  v0.19.17 | Reworked goal setup skill (interview-driven flow), CLI --version flag
  v0.19.16 | Code navigation with peek view (Cmd/Ctrl+click tokens in diffs)
  v0.19.15 | Commit-based diff base, jj evolution diffs, GitLab reliability fixes, OpenCode command intercept fix
  
  What's New in v0.20.0
  
  v0.20.0 is the largest release in a while: 11 PRs, three of them from first- time contributors. Code review gains multi-repo workspace support and a semantic diff overview. The interface gets a full visual refresh with two new themes, a grid-versus-flat plan look, and a full-page HTML annotation mode. Under the hood, the way skills and commands install has been rationalized so each artifact has a single source of truth and a default install ships lean. Several reliability fixes round it out across OpenCode, Pi, Windows, and GitLab.
  
  Important
  
  v0.20.0 is a large release, and two of its changes affect existing installs. Please read these before you upgrade.
  
  1. Extra skills are no longer installed by default. The plannotator- compound, plannotator-setup-goal, and plannotator-visual-explainer skills used to ship with every install. They now install separately, so a default install stays lean. To add them:
```
npx skills add backnotprop/plannotator/apps/skills/extra
```
  When you upgrade, the installer performs a one-time cleanup that removes the old default-installed copies of these three skills from ~/.claude/skills and ~/.agents/skills. If you want them, reinstall with the command above. Copies you install yourself with npx skills add are never touched again. (Kiro CLI is the exception and keeps receiving setup-goal and visual-explainer.)
  
  2. On Claude Code, the slash commands are now skills. Claude Code merged custom commands into skills, so Plannotator follows suit. /plannotator- review, /plannotator-annotate, and /plannotator-last are now installed as Claude Code skills under ~/.claude/skills (same names, same behavior). The old ~/.claude/commands/plannotator-*.md files are removed automatically on upgrade. The standalone /plannotator-status and /plannotator-archive commands are gone: plan archive browsing now lives in a sidebar tab during plan review. If you use the marketplace plugin, run /plugin marketplace update once so the old namespaced plannotator:* entries disappear from the / menu.
  
  If git is missing or a fetch is blocked, the installer now stops with a clear message instead of silently leaving you half-installed. git is required.
  
  Multi-Repo Workspace Reviews
  
  Code review previously required a git repository as the working directory. Teams working across several services in a parent folder had no way to review them together: each repo needed its own session, and feedback was fragmented.
  
  You can now run plannotator review from a non-git parent directory that contains multiple repositories. Plannotator discovers the nested repos that have local changes, pre-selects them, and presents a single review session covering all of them. Diff switching, file-content lookups, staging, and agent operations are all repo-aware, and the review feedback covers every repo in one pass. The single-repo workflow is unchanged: the workspace flow only engages when the directory you start from is not itself a repository.
  - #543 closing #527, contributed by @Oscar-Silva
  Semantic Diff Overview
  
  Code review now opens to a semantic diff overview that groups changes by what was modified rather than only by which lines moved. It runs the sem analyzer over the active patch and shows the result as the default landing panel, with a sidebar entry above All Files, rows for binary changes, inline error reporting, and retry.
  
  The analyzer ships as an optional sidecar that the installers fetch without blocking the rest of the install, and the overview is available in both the Bun-based servers (Claude Code, OpenCode) and the Pi extension's Node server. When the sidecar is unavailable, review falls back cleanly to the standard diff view.
  - #871, contributed by @backnotprop
  UI 2.0: New Themes, Plan Look Chooser, and Full-Page HTML Annotation
  
  The interface received a broad visual refresh. Two new themes, Simple and Neutral, join the existing set, built on a refreshed design-system token bridge. The overlay scrollbar library was removed in favor of native scrolling, which is lighter and more accessible.
  
  Plan rendering now offers two looks. Grid keeps your plan as a floating card on grid paper; Clean is a simpler, edge-to-edge flat card. A first-run dialog announces the release and lets you pick. The release announcement also surfaces what is new in the release and links to the full notes.
  
  Annotation gains a full-page HTML mode. Running plannotator annotate --render-html opens an HTML report or explainer rendered edge-to-edge in a sandboxed frame, themed to match Plannotator, and lets you annotate it directly with text selection or by clicking an element, instead of flattening it to markdown first. This pairs naturally with the visual-explainer skill's HTML output.
  - #863 and #879, contributed by @backnotprop
  Leaner Install and Single-Source Skills
  
  The way Plannotator ships skills and commands was restructured so each artifact has exactly one authoritative source. Core skills (review, annotate, last) install from a single location to both ~/.claude/skills and Codex's ~/.agents/skills. The extra skills move to opt-in installation via npx skills add (see the note at the top of these release notes). Every installer's hard-coded command and skill text was removed in favor of copying the real files from the repository, which eliminates a class of cross-platform escaping bugs.
  
  The installers also became stricter and safer to re-run. git is now a hard requirement, and a missing git or a failed fetch stops the install with an actionable message rather than silently skipping steps. Cleanup of legacy command files and stale Codex skills only happens after the replacement skill is on disk, so no upgrade path can leave you with neither. A one-time migration ledger tracks the extras cleanup so re-running the installer never re-removes skills you reinstalled yourself.
  
  First-run interactive installs ask whether to add the extra skills and whether to make any skills model-invocable, and the answers are saved and reused on later runs. Automated and piped installs never prompt and keep the safe defaults.
  - #850 closing #516, #817, #823, #842, #852, and #853; follow-ups in #872 and #873, contributed by @backnotprop
  Expand Unchanged Regions by Default
  
  Code review gains a persistent setting to expand unchanged diff regions by default. With it enabled, changed files open with their surrounding context already unfolded instead of requiring manual clicks. The toggle is available from both the main review display settings and the compact diff options popover, and it persists across sessions.
  - #858 closing #857, contributed by @Perlten
  OpenCode Runtime Compatibility
  
  The OpenCode plugin was split into a portable entry point and a Bun-only embedded runtime, so Node-hosted OpenCode no longer imports Bun server code at load time. On Bun hosts the plugin runs its full embedded runtime; on Node hosts it falls back gracefully to the installed Plannotator CLI. The fix restores agent switching, the recent-message picker for plannotator last, share disabling, and PR review semantics through the CLI bridge, and hardens sandboxed OpenCode startup so it uses a private port instead of attaching to an unrelated server.
  - #849 closing #596, #681, and #847, contributed by @backnotprop
  Glimpse Native Window on Windows
  
  On Windows, Glimpse never launched: npm installs glimpseui only as script shims with no native executable, so the plain spawn always failed and Plannotator fell back to a browser tab. The server now detects this case and launches Glimpse by running its package entry point directly with node, which keeps the HTML stdin pipe intact. Non-Windows hosts are unaffected.
  - #861 closing #860, contributed by @NikiforovAll
  Additional Changes
  - Windows install prompt timeout and OpenCode cleanup. The PowerShell installer's first-run prompts no longer hang indefinitely without a terminal, and a stale OpenCode archive command stub is swept on upgrade. #875
  - GitLab merge request review reliability. GitLab MR review keeps the raw-diffs endpoint as primary and falls back to the paginated diffs endpoint when it is empty or fails, with a clear error when a merge request genuinely has no diff. (in #879)
  - Claude Fable 5 model option. Fable 5 was added to the code review and Ask AI model selectors alongside Opus 4.8.
  Install / Update
  
  macOS / Linux:
```
curl -fsSL https://plannotator.ai/install.sh | bash
```
  Windows:
```
irm https://plannotator.ai/install.ps1 | iex
```
  Extra skills (compound, setup-goal, visual-explainer), now opt-in:
```
npx skills add backnotprop/plannotator/apps/skills/extra
```
  Claude Code Plugin: Run /plugin in Claude Code, find plannotator , and click "Update now". Then run /plugin marketplace update once to clear the old namespaced command entries.
  
  OpenCode: Clear cache and restart:
```
rm -rf ~/.bun/install/cache/@plannotator
```
  Then in opencode.json:
```
{
  "plugin": ["@plannotator/opencode@latest"]
}
```
  Pi: Install or update the extension:
```
pi install npm:@plannotator/pi-extension
```
  Droid: Install via the plugin marketplace:
```
droid plugin marketplace add backnotprop/plannotator
droid plugin install plannotator@plannotator
```
  Amp: Install the CLI first, then copy the plugin:
```
mkdir -p ~/.config/amp/plugins
curl -fsSL https://raw.githubusercontent.com/backnotprop/plannotator/main/apps/amp-plugin/plannotator.ts \
  -o ~/.config/amp/plugins/plannotator.ts
```
  Kiro CLI: The installer auto-detects Kiro and installs skills automatically. After installing the CLI, launch with:
```
kiro-cli chat --agent plannotator
```
  What's Changed
  - feat(review): support multi-repo workspace reviews by @Oscar-Silva in #543
  - Fix OpenCode plugin runtime compatibility by @backnotprop in #849
  - Single-source skills (core/extra), replace Claude Code commands with skills, de-hardcode installers by @backnotprop in #850
  - Add persistent full-file diff context setting by @Perlten in #858
  - fix(server): launch Glimpse via node on Windows instead of unspawnable npm shim by @NikiforovAll in #861
  - UI 2.0 visual refresh by @backnotprop in #863
  - feat(review): add semantic diff overview by @backnotprop in #871
  - fix(install): restore /plannotator-* bash execution on Claude Code and harden unattended installs by @backnotprop in #872
  - chore: remove the redundant /plannotator-status and /plannotator-archive commands by @backnotprop in #873
  - fix(install): Windows prompt timeout and stale OpenCode archive stub sweep by @backnotprop in #875
  - feat(plan): grid-default plan look chooser and 0.20.0 release dialog, with GitLab, sem, and install fixes by @backnotprop in #879
  - feat(review): add Claude Fable 5 to the model selectors by @backnotprop
  New Contributors
  - @Oscar-Silva made their first contribution in #543
  - @Perlten made their first contribution in #858
  - @NikiforovAll made their first contribution in #861
  Contributors
  
  @Oscar-Silva built multi-repo workspace review, adding repo discovery from a non-git parent directory and making diff switching, file-content lookups, staging, and agent routing repo-aware, with regression coverage for the new workspace paths. @Perlten contributed the persistent full-file diff context setting, wiring it through server config and both the single-file and all-files diff views, and also reported the original request. @NikiforovAll diagnosed and fixed the Windows Glimpse launch failure, tracing it to npm's script-shim packaging and switching to a direct node spawn that preserves the stdin pipe, and reported the underlying issue with a clear reproduction table.
  
  This release also resolved a number of community-reported issues. @daviziks requested multi-repo review support for poly-repo workflows. @possiblyneal asked for a way to hide legacy alias skill names from the Claude skill list. @stefanbinoj raised loading skills into the system prompt by default. @cwardgar reported that Plannotator did not respect CODEX_HOME. @robsonpeixoto reported the marketplace plugin not installing the compound skill. @mactavishz, @boris- gorbylev, and @matteo9924 reported the OpenCode plugin load and runtime failures that the runtime split resolves.
  
  Full Changelog : v0.19.27...v0.20.0
6. 🔗 r/Harrogate Red kites over showground area on Sunday rss
  
  | submitted by /u/DrMamaBear
  [link] [comments]
  ---|---
7. 🔗 r/reverseengineering I reverse engineered Lofree Hypace mouse firmware flashing protocol to bypass their official web based configuration on MacOS. rss
  
  submitted by /u/Qunit-Essential
  [link] [comments]
8. 🔗 anthropics/claude-code v2.1.170 release
  What's changed
  - Introducing Claude Fable 5: a Mythos-class model that we’ve made safe for general use. Fable’s capabilities exceed those of any model we’ve ever made generally available. Update to version 2.1.170 for access. https://www.anthropic.com/news/claude-fable-5-mythos-5
  - Fixed sessions not saving transcripts (and not appearing in --resume) when launched from the VS Code integrated terminal or any shell that inherited Claude Code environment variables.
9. 🔗 @HexRaysSA@infosec.exchange We're heading to [@x33fcon](https://infosec.exchange/@x33fcon) and we'd love mastodon
  
  We're heading to @x33fcon and we'd love to see you there!
  
  Stop by our expo table to dig into headless IDA, get a sneak peek at the newly revamped Teams, and check out our new malware-centric features. Or just come say hello! 👋
10. 🔗 sacha chua :: living an awesome life From DC Toedt: Copy Org Mode as Markdown rss
  DC Toedt is a lawyer and professor of practice who uses Emacs and Org Mode. He wanted a small Emacs Lisp function to convert Org Mode syntax to Markdown and copy it to the clipboard to make it easier to copy the materials he's writing for a course on contract drafting. This seems to be a common need, and here are several other approaches:
  Anyway, DC shared how he used Claude to generate a simple function to do it, which is here under public domain:
  (defun my/org-to-markdown-clipboard () "Export org region (or buffer) to Markdown and copy to clipboard. With no active region, exports the whole buffer." (interactive) (require 'ox-md) (let* ((text (if (use-region-p) (buffer-substring-no-properties (region-beginning) (region-end)) (buffer-substring-no-properties (point-min) (point-max)))) (md (org-export-string-as text 'md t '(:with-toc nil :with-author nil :with-date nil :with-title nil)))) (kill-new md) (message "Markdown copied (%d chars)" (length md)))) (with-eval-after-load 'org (define-key org-mode-map (kbd "C-c m") #'my/org-to-markdown-clipboard))
  View Org source for this post
  
  You can e-mail me at sacha@sachachua.com.
11. 🔗 r/Harrogate Tommy Robinson March rss
  
  | What do you think the turnout will be for the Tommy Robinson thing on the stray? I am surprised to see Harrogate on the list, to be honest. I can't imagine many people turning up, I would rather be in a beer garden enjoying the sun whilst we have it... 🍺🌅 https://preview.redd.it/1qfvlzikx96h1.png?width=980&format=png&auto=webp&s=79211b1ea3a1a1b0da157995a85ca901eae1ba37 submitted by /u/Beginning-Pass-8882
  [link] [comments]
  ---|---
12. 🔗 r/LocalLLaMA Rick & Morty rss
  
  | nobody expected HF there submitted by /u/jacek2023
  [link] [comments]
  ---|---
13. 🔗 r/Harrogate Restaurant suggestions like jodphur rss
  
  Hi everyone,
  I was looking at taking my friend to Jodphur in town today but I didn’t realise it’s closed on Tuesdays. What other good Indian restaurants are there nearby? I’m happy to go as far as north Bradford as I’ve heard there’s some good ones over there. Thanks
  
  submitted by /u/Time-Supermarket-433
  [link] [comments]
14. 🔗 Locklin on science Progress: real and Potemkin rss
  
  I ran across this essay, Freddie deBoer offering a bet to Scott Alexander that the AI singularity isn’t coming in the next 3 years, based on a decent decent set of economic measurements: https://substack.com/home/post/p-187862732 I used to find it somewhat mind-boggling that allegedly intelligent people think we’re on the eve of some giant technological leap […]
15. 🔗 navidrome/navidrome v0.62.0 release
  This release introduces support for the OpenSubsonic sonicSimilarity extension, enabling audio-based similarity through the plugin system: when a plugin provides the capability, the new getSonicSimilarTracks and findSonicPath endpoints unlock smarter, sound-based recommendations and playlists. One plugin that implements it is AudioMuse- AI. It also brings a major overhaul to playback reporting and the Now Playing experience — the UI now uses the new OpenSubsonic playbackReport extension, replacing the old scrobble flow with a redesigned panel and configurable reporting interval. On the security front, it hardens the server with stronger ownership and authorization checks across shares, players, and transcoding endpoints, caps concurrent transcodes to prevent ffmpeg-based denial of service, and adds an option to refuse to run as root. Smart playlists gain ReplayGain fields and new isMissing/isPresent operators, and there are five new UI themes to choose from.
  
  Security
  
  This release fixes several reported vulnerabilities. We thank the security researchers who responsibly disclosed them.
  - Fix cross-account disclosure of other users' shares (incl. share tokens) by enforcing per-user ownership on share reads. (1e7996f5d, GHSA-3g4p-jhv2-xrxf, reported by @Wernerina)
  - Fix cross-tenant player takeover and share-update IDOR by enforcing ownership atomically on player and share updates. (#5563, GHSA-x65f-m8x9-pjxm reported by @tonghuaroot; GHSA-58gr-c777-g23p reported by @lighthousekeeper1212; GHSA-wx2c-q8g7-4q5p reported by @CE2Sec)
  - Fix unauthenticated Last.fm scrobble session hijack (IDOR) by requiring a signed state token on the link callback. (#5521, GHSA-8jrh-w926-8rvw, reported by @geo-chen)
  - Fix JWT expiration bypass on public share stream endpoints by validating token expiration and share existence. (#5426, GHSA-3rfj-qx9q-jghx, reported by @wooseokdotkim)
  - Fix disclosure of admin-only transcoding configuration to non-admin users by restricting transcoding config reads to admins. (#5564, GHSA-4p3r-6362-833w, reported by @DavidCarliez)
  - Fix missing admin authorization on internet radio station management endpoints by requiring admin access for Subsonic management endpoints. (#5510, GHSA-jw24-qqrj-633c, reported by @osageling)
  - Cap concurrent transcodes to prevent an ffmpeg-based denial of service, with new per-server and per-user limits. (#5522 by @deluan)
  - Add EnforceNonRootUser option to exit early if Navidrome is started as root. (#5373 by @kopf)
  - Split HTML sanitization from plaintext handling. (7e083e079 by @deluan)
  Note: Several of the advisories linked above are still in draft/triage on GitHub at the time of writing. Their links will become publicly accessible once the advisories are published. The fixes themselves are already included in this release.
  
  Configuration Changes
  
  Status | Option | Description | Default
  ---|---|---|---
  New | EnforceNonRootUser | Exit early on startup if Navidrome is running as root (ignored on Windows). (#5373) | false
  New | Transcoding.MaxConcurrent | Maximum number of concurrent transcodes server-wide (0 = unlimited). (#5522) | 0
  New | Transcoding.MaxConcurrentPerUser | Maximum number of concurrent transcodes per user (0 = unlimited). (#5522) | 0
  New | Matcher.PreferStarred | Bias the fuzzy matcher toward starred/high-rated tracks. (#5387) | true
  New | UIPlaybackReportInterval | How often the UI reports playback progress. (#5448) | 1m
  Deprecated | EnableTranscodingCancellation → Transcoding.EnableCancellation | Renamed and moved under the new Transcoding section. (#5523) | false
  Deprecated | SimilarSongsMatchThreshold → Matcher.FuzzyThreshold | Renamed and moved under the new Matcher section. (#5387) | 85
  
  For a complete list of all configuration options, see the Configuration Options documentation.
  
  UI
  - Replace UI scrobble with reportPlayback and redesign the Now Playing panel. (#5448 by @deluan)
  - Add Tokyo Night theme. (#5497 by @Metalhearf)
  - Add Catppuccin Latte theme. (#5250 by @lov3b)
  - Add Moonbase themes (Alpha light + Bravo dark). (#5243 by @craiglush)
  - Add a "Not Starred" filter option. (#5362 by @danielbanariba)
  - Add a Rescan button to the plugin list empty state. (#5471 by @deluan)
  - Suppress capitalization and autocorrection for login on mobile keyboards. (#3783 by @bdefore)
  - Show album tile actions on keyboard focus. (#5434 by @danielbanariba)
  - Start a new album from track 1 after closing the player. (#5441 by @deluan)
  - Prevent autoplay when clearing the play queue. (#5430 by @deluan)
  - Fix Gruvbox Dark colors. (#5553 by @Tal0na)
  - Update the AMusic theme to use the correct text color for primary confirmation buttons. (#5509 by @VirtualWolf)
  Smart Playlists
  - Add ReplayGain fields to the criteria system. (d9dac4445 by @deluan)
  - Add isMissing and isPresent operators. (#5436 by @deluan)
  - Relax playlist visibility in inPlaylist/notInPlaylist rules. (#5411 by @deluan)
  - Optimize smart playlist performance for role and tag criteria. (#5515 by @deluan)
  - Coerce string booleans in smart playlist rules. (#5450 by @deluan)
  Subsonic API
  - Implement the playbackReport OpenSubsonic extension. (#5442 by @deluan)
  - Add the sonicSimilarity extension as a plugin capability. (#5419 by @deluan)
  - Add a groupings field to the OpenSubsonic Child response. (f12e75aa1 by @deluan)
  - Use SQLite RANDOM() sorting in getRandomSongs for faster results. (cf1f190bb by @deluan)
  - Mark AlbumID3 songCount and created as required. (8897ec918 by @deluan)
  - Normalize non-NFKD Unicode letters (ø, æ, œ, ß) in search. (#5413 by @deluan)
  Transcoding
  - Place -ss before -i for fast input seeking. (#5492 by @deluan)
  - Don't apply server-side override on getTranscodeDecision. (#5473 by @deluan)
  - Log a warning for invalid or stale transcode tokens. (9a2eb483e by @deluan)
  Scanner
  - Respect tag-split config when multiple frames map to the same tag. (#5193 by @trek-e)
  - Fix error when importing playlists without an admin user. (5b85b2839 by @deluan)
  Artwork
  - Fix stale cache and top-level album artwork for multi-disc albums. (#5457 by @deluan)
  - Prefer album-root images over disc-subfolder images for multi-disc albums. (#5451 by @deluan)
  - Return the correct timestamp when disc or album cover art changes. (#5378 by @bobo-xxx)
  Server
  - Prevent artwork throttle token starvation on slow clients. (#5472 by @deluan)
  - Proxy NowPlaying even when ignoreScrobble is set. (#5559 by @deluan)
  - Make the /api/song path filter work and use startsWith. (#5566 by @deluan)
  - Preserve unchanged fields on partial REST playlist updates. (#5542 by @deluan)
  - Allow toggling playlist auto-import and avoid unnecessary artwork reloads. (#5421 by @deluan)
  Matcher
  - Add Matcher.PreferStarred option to bias the fuzzy matcher toward starred/high-rated tracks. (#5387 by @deluan)
  Plugins
  - Add PlaybackReport to the scrobbler capability. (#5452 by @deluan)
  - Add LibraryID to TrackInfo. (fd930eefd by @deluan)
  CLI
  - Add pls export/import subcommands for bulk playlist management. (#5412 by @deluan)
  - Restore int cast for syscall.Stdin on Windows. (e75ab3b03 by @deluan)
  Build & Dependencies
  - Improve Windows support: the Go test suite now runs on Windows CI, with previously-skipped Subsonic, artwork, watcher, and scheduler tests enabled and fixed. (#5380, #5427, #5416 by @deluan)
  - Upgrade Go to 1.26. (#5361 by @deluan)
  - Enable native libwebp encoding in the Docker image. (#5350 by @deluan)
  - Update TagLib to 2.3. (e55a35544 by @deluan)
  Translations
  - Add Estonian translation. (725f6ab34 by @deluan)
  - Update Indonesian translations from POEditor. (#5575 by @deluan)
  - Update Spanish translations and add missing gain keys. (#5433 by @danielbanariba)
  - Update Basque localisation. (#5364 by @xabirequejo)
  - Update German, Finnish, Galician, Dutch, Slovak, Thai, and Chinese (traditional) translations from POEditor. (#5351 by @deluan)
  - Update Serbian translation. (#5444 by @nenadjokic)
  - Update Traditional Chinese translation. (#5470 by @IEEE-754)
  - Complete Italian translation. (#5407 by @DanieleMassa)
  New Contributors
  - @bdefore made their first contribution in #3783
  - @craiglush made their first contribution in #5243
  - @lov3b made their first contribution in #5250
  - @danielbanariba made their first contribution in #5362
  - @kopf made their first contribution in #5373
  - @bobo-xxx made their first contribution in #5378
  - @DanieleMassa made their first contribution in #5407
  - @nenadjokic made their first contribution in #5444
  - @IEEE-754 made their first contribution in #5470
  - @Metalhearf made their first contribution in #5497
  - @VirtualWolf made their first contribution in #5509
  - @Tal0na made their first contribution in #5553
  Full Changelog : v0.61.2...v0.62.0
  
  Helping out
  
  This release is only possible thanks to the support of some awesome people!
  
  Want to be one of them?
  You can sponsor, pay me a Ko- fi, or contribute with code.
  
  Where to go next?
  - Read installation instructions on our website.
  - Host Navidrome on PikaPods or Danian for a simple cloud solution.
  - Reach out on Discord, Reddit and Twitter!
16. 🔗 HexRaysSA/plugin-repository commits sync repo: +1 plugin, +2 releases rss
```
sync repo: +1 plugin, +2 releases

## New plugins
- [yarg](https://github.com/r0ny123/yarg) (1.0.2, 1.0.1)
```
17. 🔗 doomemacs/core v2.2.0 release
  
  v2.2.0
18. 🔗 sacha chua :: living an awesome life June 11: Sacha and Prot Talk Emacs: Built-ins rss
  
  On June 11, I'm going to chat with Prot about the Emacs Carnival June 2026 topic Underappreciated Emacs Built-ins. Thanks to Ross A. Baker for hosting the carnival!
  
  Watch on YouTube
  
  <2026-06-11 Thu 10:30>–<2026-06-11 Thu 11:30> (America/Toronto) = Thu Jun 11 1030H EDT / 0930H CDT / 0830H MDT / 0730H PDT / 1430H UTC / 1630H CEST / 1730H EEST / 2000H IST / 2230H +08 / 2330H JST
  
  View Org source for this post
  
  You can e-mail me at sacha@sachachua.com.
19. 🔗 cloudflare/capnweb capnweb-validate@0.2.0 release
  Minor Changes
  - #169 2cb51eb Thanks @teamchong! - Introduced capnweb-validate, a separate package that allows you to wrap your RPC interfaces in runtime type-checking based on your TypeScript interfaces.
20. 🔗 panda-re/panda v1.8.85 @ refs/heads/dev release
  What's Changed
  - Update AAarch64 VM to both run and copy_to_guest by @AndrewQuijano in #1578
  - Urgent Fix for DwarfDump Pathing and Action Version Upgrades by @AndrewQuijano in #1623
  Full Changelog : v1.8.83...v1.8.85
21. 🔗 panda-re/panda v1.8.84 @ refs/heads/dev release
  What's Changed
  - Update AAarch64 VM to both run and copy_to_guest by @AndrewQuijano in #1578
  - Urgent Fix for DwarfDump Pathing and Action Version Upgrades by @AndrewQuijano in #1623
  Full Changelog : v1.8.83...v1.8.84
22. 🔗 Baby Steps Only Bounds rss
  only bounds are going to be the most impactful change to Rust that you've never heard of. They are currently being designed and developed by the Arm team (David Wood, Rémy Rakic, et al.) as part of the Sized Hierarchy and Scalable Vector Extension project goal. This post explores the feature and aims to answer a particular question about the design (the scope of bounds, I'll explain). But before I dive in, I want to give a bit of context.
  
  Rust generics have a Sized bound by default today
  
  In today's Rust, every type parameter (except for Self) has a default bound called Sized:
```
// So this function...
fn identity<T>(t: T) -> T {
    t
}

// ...is actually short for
fn identity<T>(t: T) -> T
where
    T: Sized, // <-- Added by default!
{
    t
}
```
  A type T implements Sized if the compiler can compute the size of a T value at compilation time. This is true for almost every type, with a few notable exceptions. Consider [u32], which refers to "some number of u32 instances". We know that a single u32 is 4 bytes, but without knowing how many u32 there are, you can't know the size of [u32]. This means you can't have a value of type [u32] on the stack (how big should the stack frame be?).
  
  You opt out with ?Sized
  
  However, if you have a function like by_ref, that just takes the value by reference (i.e., by pointer), you shouldn't need to know how big the [u32] value is, because you're not manipulating it directly. You can have a type parameter U that doesn't require Sized, but you have to explicitly "opt out" from the default bound:
```
fn by_ref&lt;U&gt;(t: &U)
where
    U: ?Sized, // <-- Opt out from the default
{ }
```
  As a fun bit of historical trivia, this system was introduced way back in 2014 to accommodate Dynamically Sized Types. Before that, &[u32] was actually a built-in, indivisible type; we even wrote it like [u32]/& for a time.1
  
  But Sized vs ?Sized isn't enough for everything we need
  
  The Sized vs ?Sized design has served us reasonably well but it is also showing its limits. It turns out that "value has a statically computable size" vs "each value has a distinct size computable at runtime" doesn't cover all the things you might want. For example, extern types are types whose values have no known size, even at runtime. And then Arm's Scalable Vector Extension want to describe SIMD types where every value of the type has the same size (unlike str and [T], where each value can have a different length) but where that size is not known until runtime.
  
  A richer Sized hierarchy
  
  Rather than just Sized or ?Sized, what we really want is to have a richer hierarchy. The current plans look something like this:
```
flowchart TD
  subgraph S["Sizedness traits"]
      Sized[["Sized (default)"]] -- extends --> MetadataSized
      MetadataSized -- extends --> MaybeSized
  end
```
  where
  - trait Sized means that all values have the same size and that size can be computed knowing only the type.
  - trait MetadataSized means that values can have different sizes and that size can be computed given the metadata attached to a reference to the value. Examples include [T] or dyn Trait.
  - trait MaybeSized is implemented for all values and tells you nothing about the value's size.
  Two caveats:
  1. I'm excluding the way that Arm's Scalable Vector Extension fit into this, because it's orthogonal.
  2. The trait names aren't settled. I'm using the names I understand the libs-api team to prefer; they're not my favorites, but that's ultimately the team who owns stdlib bikesheds, so I defer to them.2
  Problem: ?Sized notation doesn't scale to this hierarchy
  
  But now we have a kind of problem. The ?Sized notation was predicated3 on the idea that users should specify the default bound they are opting out of - i.e., the ? is meant to say "I don't know if this is Sized or not" (unlike the default, where you know it is Sized). But "opting out" from a bound doesn't work so well with a multi-level hierarchy. When you write ?Sized, does that correspond to T: MetadataSized (but not T: Sized)? And what if we want to insert another level in between T: MetadataSized and T: Sized later? Then we either have to change what T: ?Sized means (to refer to the new bound) or we have to have T: ?Sized drop two levels down the hierarchy. Even more annoying, what do we do while that middle rung is unstable? Surely T: ?Sized shouldn't refer to an unstable trait… what if we decide to remove it
  
  Solution: only bounds
  
  The new proposal is to write T: only MetadataSized or T: only UnknownSized instead of T: ?Sized. An only bound combines two things:
  1. Like any bound, it includes a "minimum requirement" - i.e., T: only MetadataSized means that T must implement at least MetadataSized.
  2. It additionally disables some default bounds - i.e., we will not add the default T: Sized bound.
  The name only comes from the fact that T: Sized implies T: MetadataSized. So the default of T: Sized already means that T: MetadataSized for free; but when you write only MetadataSized, you are saying "I don't need the full hierarchy, just MetadataSized will do".
  
  only bounds work like normal bounds: ask for what you need
  
  A nice feature of only bounds is that they work more like a regular bound. Whereas a ? bound is saying "I don't need this", an only bound is saying what you do need. So e.g. if you are writing a function that just has references to values of type T does not care what their size is, you can write
```
fn by_ref&lt;U&gt;(u: &U)
where
    U: only MaybeSized,
{}
```
  If you are writing a function that does need to compute the size of values of type V, you can ask for that capability:
```
fn checks_size<V>(v: &V)
where
    V: only MetadataSized,
{
    std::mem::size_of_val(v)
}
```
  only bounds allow for new levels to be added later
  
  A nice feature of only bounds is that, later on, we can add new levels to the hierarchy, and they work normally. For example, suppose we wish to add something like Aligned where the size is not known at compilation time but the alignment is. We could change the hierarchy to
```
trait Sized: Aligned
trait Aligned: MetadataSized // <-- new!
trait MetadataSized: MaybeSized
trait MaybeSized
```
  and functions with U: only MaybeSized (like by_ref) and with V: only MetadataSized (with checks_size) would continue to have the same requirements. But new functions could be written with T: only Aligned that would use the new bound. And there is no conflict with stabilization; code that writes T: only Aligned can be considered unstable until that middle hierarchy is finalized.
  
  only bounds compose normally
  
  Like any other bound, only bounds are combined with other bounds to form the overall requirements. So it is possible to write e.g. T: only MetadataSized + Sized. This is equivalent to T: Sized and therefore equivalent to the default and therefore kind of pointless, but you can write it. Similarly, given that trait Clone: Sized, if you write T: only MetadataSized + Clone, that is kind of pointless too: you might as well write T: Clone, which would be equivalent. We plan to have a warn-by-default lint for that.
  
  Scaling only to other "default bound families" (speculative)
  
  The final strength of only bounds is that they allow us to introduce whole new families of default bounds. One example is the idea of introducing a Move bound. Note that this is a distinct feature and is not covered under the current RFC.
  
  All types in Rust today are "movable" and "forgettable", meaning that you can memcpy the value from place to place so long as you stop using the previous location and you can recycle the memory where it is stored without running the value's destructor. There is one notable exception - when you pin a value, you it can no longer be moved, and you must run its destructor before its memory is reused - but otherwise this is a hard-and-fast rule. And that's annoying!
  
  The problem is that not being able to guarantee that a destructor runs blocks a lot of unsafe code patterns. For example, scoped tasks a la rayon depend on a destructor for safety. In sync code, this works because we've decided it's UB to unwind a stack frame without running the destructors of values stored there, and so if you put a local variable on the stack, you can be sure its destructor will run. But that doesn't work in async code! And there are times when unwinding without running destructors would be nice.
  
  The solution is to introduce a second family of default traits. Unlike the Sized family we saw before, this family defines fine-grained capabilities about how values of that type can be used:
```
flowchart TD
  subgraph A["Accessability traits"]
      Forget[["Forget (default)"]] -- extends --> Leak
      Leak -- extends --> Destruct
      Destruct -- extends --> Access
      Move[["Move (default)"]] -- extends --> Access
  end
  Copy -- extends --> Move
```
  The meaning of the traits are as follows:
  - Forget, the default, says that you can recycle the memory for a value without running its destructor.
  - Leak says that you can skip running a destructor for a value, but only if you never reuse the memory where the value resides.
  - Destruct says that if you have a value of this type, you can reuse the memory where it resides by running its destructor.
  - Copy, which already exists, says that you can memcpy the place and keep using the original place; it's not really a default, but I included it because it is relevant.
  - Move, another default, says that you can memcpy the value to a new place if you stop using the original.
  - Access is the root of this family. It indicates a value that can be "accessed in place" (basically, any value at all).
  This introduces new checks into the compiler:
  - When you move a value (i.e., a = b where b is not used later), we will check that the type implements Move (whereas today, it is always allowed).
  - When you exit a scope, we will check that the values in each local variables have either been moved or have a type that implements Destruct.
  Some implications:
  - If your function owns a value of type T: only Destruct, then you must destruct it before your function returns. You can't move it (because you don't know if it implements Move) and you can't leak or forget it either.
  - If your function owns a value of type T: only Move, then the only thing you can do with it is move it somewhere else. You can't drop it (because you don't know if it implements Destruct).
  - No function can own a value of type T: only Access, because you wouldn't be able to move it nor drop it, and hence you could not return. But you could have such a value (say) in a static.
  How only bounds could work in the presence of multiple families
  
  The spur for writing this blog post was a question in a lang team meeting on how only bounds ought to work given the existence of multiple "families" of default traits, as I described above. Although the current RFC is looking only at the Sized traits, we expect to look at the "access family" in a future RFC, so we want to be sure we are not making any decisions that won't scale to cover both.
  
  The way I imagine it working is like this. Each default traits is associated with one or more "families". When you have an only bound, it "opts out" from all default traits in each family that the trait is associated with:
  - T: only Move opts out from Forget, Leak, Destruct - but not Sized.
  - T: only Destruct opts out from Forget, Leak, and Move - but not Sized.
  - T: only MetadataSized opts out from Sized - but not Forget or Move.
  - T: only MaybeSized opts out from Sized - but not Forget or Move.
  You may also want to "opt back in" to some defaults. For example, T: only Move + Destruct is a sensible thing to do. It means values that can be moved and destructed but not leaked or forgotten.
  
  Examples
  
  Option::map requires only Move
  
  map is an example of a function that only needs Move. You need to be able to destructure self (which moves the optional value out into a local variable v and then invoke the closure op, which again moves the wrapped value v:
```
impl<T: only Move> Option<T> {
    fn map<U: only Move>(
        self,
        op: impl FnOnce(T) -> U,
    ) -> Option&lt;U&gt; {
        match self {
            Some(v) => Some(op(v)),
            None => None,
        }
    }
}
```
  One interesting thing is the result type U. Using only the stuff I wrote in this blog post, it needs to be only Move, because the result will be moved into the Some value and so forth. But in-place-init would allow for this definition to omit the U: only Move bound because we could statically guarantee that the Option will be constructed in place and never moved after that.
  
  Option::or requires only Move + Destruct
  
  The a.or(b) method on Option returns a if it is Some and otherwise returns b. This is an interesting one because the value b may not be used and therefore requires only Move + Destruct bounds.
```
impl<T: only Move> Option<T> {
    fn or(
        self,
        alternate: Option<T>,
    ) -> Option<T>
    where
        T: Destruct, // <-- because it may be dropped
    {
        match self {
            Some(v) => Some(v), // drops `alternate`
            None => alternate, // moves `alternate`
        }
    }
}
```
  Rc requires MaybeSized + Leak
  
  The Rc type is an example where we would want to relax bounds from both families:
```
struct Rc<T: only MaybeSized + only Leak> {}
```
  I believe the proper minimum bounds for Rc are:
  - only MaybeSized because while it can store MetadataSized or Sized things, it doesn't have to, it can also store things of an non-computable size (although it does raise the question of how they would be freed, but that's an allocator concern).
  - only Leak because Rc values can form cycles and thus we can't ever guarantee the destructor will be run. Interestingly, Rc<T> can implement Forget even its contents don't.
  Frequently asked questions
  
  What is actually under RFC today?
  
  The post may be a bit confusing here. The current RFC is looking only at the proposed "Sized" traits. The Access family is a speculative future extension that we are exploring but at a much earlier stage.
  
  Can I use only with any trait?
  
  In the beginning, the plan would be that only can only be used for well- known, default traits (e.g., Move, Sized, etc). In the future though there are some thoughts to generalizing it.
  
  Why not opt out from all defaults at once?
  
  An alternative that was proposed is to have the opt-out be per-type-parameter. So you might write something like
```
fn foo<T: MetadataSized + ?default>
```
  which would "opt out" from all defaulted bounds. Obviously we'd have to bikeshed the syntax, but ignore that for now. The question is whether opting out of all defaults is better than opting out of a single family. I prefer the per-family option for two reasons:
  - First, things like T: only Move demonstrate that you might very reasonably which to opt out from a single family but retain the default Sized bound. I think it's likely that there will be many functions that want to opt out of Sized or Forget but not both.
    
    You might think that we could make Move: Sized to get the same effect, but I think that would be a mistake. The fact that a value's size must be computed dynamically doesn't inherently mean it can't be moved.
  - Second, it makes it harder to introduce new families later, if we decide there are other orthogonal properties of values that we'd like to relax.
  Why do you think it's likely that people want to opt out of being Sized
  
  xor Forget but not both?
  
  Because the Forget, Move, and similar traits mostly apply to owned values. The examples we saw with Option<T> were quite typical. And when you are moving values of type T around, you need that T to be Sized.
  
  But we saw that Rc wanted to opt out of both families with `only Leak +
  
  only MetadataSized`, right?
  
  Yes, that's true, and I think that particular combo will be common. I don't think that's an argument for the ?default approach on its own, though, particularly since that case would not be much cleaner or shorter…
```
impl<T: ?default + Leak + MetadataSized> Rc<T> {}
```
  …what I think that argues for is actually trait aliases and shorthands.
  
  Wait, trait aliases and shorthands? Can you elaborate?
  
  Yes! I think that a future RFC could extend only bounds to allow you to define trait aliases with "only bounds" as supertraits:
```
trait RefCountable = only Leak + only MetadataSized;

// Equivalent to:
// trait RefCountable: only Leak + only MetadataSized {}
// impl<T> RefCountable for T where T: only Leak + only MetadataSized {}
```
  You could then use an only RefCountable bound to define Rc<T>:
```
impl<T: only Refcountable> Rc<T>
```
  Without theonly, T: Refcountable would just be a regular trait bound and would not opt-out from any defaults.
  
  Can we use a "root" trait to opt out of all defaults?
  
  Yes, we could! You could define an alias like Value:
```
trait Value = only Access + only MaybeSized;
```
  Since Access and MaybeSized are both implemented for all types, this effectively becomes part of both families:
```
flowchart TD
  subgraph All["All default families"]
  subgraph A["Access family"]
    Forget[["Forget (default)"]] -- extends --> Leak
    Leak -- extends --> Destruct
    Destruct -- extends --> Access
    Move[["Move (default)"]] -- extends --> Access
  end

  subgraph S["MaybeSized family"]
    Sized[["Sized (default)"]] -- extends --> MetadataSized
    MetadataSized -- extends --> MaybeSized
  end

  Access -- extends --> Value
  MaybeSized -- extends --> Value
  end
```
  Then you can do T: only Value and opt out from both families at once.
  
  If we did that, what would happen if we wanted to add a new family in the
  
  future?
  
  Ay, there's the rub. If we wish to add a new family in the future, let's say for values that don't live in the same memory space (T: only Distributed…?), then Value would be "out of date" because code written against Value would still be assuming uni-memory-space values. But we could make Value into an edition-dependent alias or something like that, as has been discussed.
  
  Can we decide whether we want Value later?
  
  Yes! We can introduce a root trait at any time. So we can add the Sized-ness family first, then the Access family, and then see how we feel. Maybe we find people are very commonly opting out of both- in which case, some aliases are useful, or perhaps a Value variant.
  
  The only way we might "regret" it is if, in practice, people usually just opted out of both and then opted back in to what they want specifically. But we already know that T: only Move will be common and clearly T: only Value + Move + Sized is more awkward in that case, so I don't consider that very likely.
  
  Why the name Destruct and not Drop?
  
  That name comes from the const trait RFC. There are a few reasons to move away from Drop. The first is that it is possible to have a destructor even if you don't implement Drop: Drop really refers to user-provided logic in the destructor, but the compiler adds its own logic ("drop glue", it's sometimes called) to drop all the fields in the value. The second reason is that the Drop trait itself needs some revision, so moving away from that name lets us have other ways to specify custom logic (e.g., pinned self, or by-value, etc etc).
  
  How does this interact with const traits anyway?
  
  Quite beautifully! In fact, the proposal from Arm for SVE is to introduce the idea of T: const Sized being "a type whose size can be computed at compilation time", which I find quite elegant. Similarly T: const Destruct was proposed by the const RFC as a way to say that a value has a constant destructor.
  
  It's annoying to write T: only Move + Destruct. Couldn't we have
  
  Destruct imply Move so that I can just write T: only Destruct?
  
  My original proposal for introducing linear types had Destruct extending Move. This would mean that the Option::or proposal could simply do U: only Destruct and not U: only Move + Destruct. However, Alice Ryhl and others pointed out that there are immovable types that must nonetheless be destructed, so it doesn't make sense to combine those.
  
  Where can I learn more?
  
  The Project Goal has a lot of details. The latest updates are available on the tracking issue. If you like watching videos, I recommend David Wood's Rust Nation talk.
  
  Conclusion
  
  I want to close with a meta-observation and a big shout-out to the Arm team. I think they are showing how awesome open-source can be. The Arm team's primary motivation is adding support for Scalable Vector Extension. This helps Rust make full use of Arm processors. This is, in and of itself, a laudable goal, and valuable to Rust: One of Rust's assets, in my view, is that it gives you access to all the power your processor has to provide, and that should include unique extensions.
  
  But rather than add the feature as a kind of special-case extension to Rust, the Arm team is going further and driving a general purpose improvement, one that will unlock a bunch of other features (extern types and, to some extent, guaranteed destructors; guaranteed destructores themselves unlock scoped async threads and better Wasm integration). I love that.
  1. In fact, I recall that in one of my blog posts I proposed writing "" as the way to spell &str. I kinda wish we had done that just for the sheer wackiness of it (fn foo(name: "")). ↩︎
  2. I prefer names that refer to the operations that can be performed on the values, so e.g. instead of MetadataSized I would prefer SizeOfVal, since it means that you can invoke the std::mem::size_of_val function on it. ↩︎
  3. Little logic pun there for you. ↩︎
June 08, 2026
1. 🔗 IDA Plugin Updates IDA Plugin Updates on 2026-06-08 rss
  IDA Plugin Updates on 2026-06-08
  
  Activity:
  - distro
    
    4a1d8520: Update Ghidra PPA source to 12.1.2
  - frinet
    
    fbbd663c: spatial frinet
  - hrtng
    
    70a6c31d: merge fix proposed in #58; doc fix; turn off experimental deref ptr r…
2. 🔗 anthropics/claude-code v2.1.169 release
  What's changed
  - Added --safe-mode flag (and CLAUDE_CODE_SAFE_MODE) to start Claude Code with all customizations (CLAUDE.md, plugins, skills, hooks, MCP servers) disabled for troubleshooting
  - Added /cd command to move a session to a new working directory without breaking the prompt cache mid-session
  - Added a disableBundledSkills setting and CLAUDE_CODE_DISABLE_BUNDLED_SKILLS environment variable to hide bundled skills, workflows, and built-in slash commands from the model
  - Fixed Up/Down arrows jumping to command history past the wrapped rows of a long input line — they now move through each visual row first, and history recall enters at the near edge
  - Fixed enterprise managed MCP policies (allowedMcpServers/deniedMcpServers) not being enforced on reconnect, IDE-typed configs, --mcp-config servers during the first session after install, or before remote settings loaded; also fixed slow cold starts for orgs without remote settings
  - Fixed a ~30-50ms UI stall at the start of each turn for macOS users logged in with claude.ai credentials
  - Fixed claude -p being slow or appearing to hang on Windows while waiting for the slash-command/skill scan (regression in 2.1.161)
  - Fixed Remote Control getting stuck on "reconnecting" after resuming a session when an OAuth token refresh happened at the same time
  - Fixed Git Credential Manager's "Connect to GitHub" popup appearing on Windows at startup when background git commands ran without cached credentials
  - Fixed footer hints (e.g. "esc to interrupt") not showing for users with a custom statusline
  - Fixed stale permission and dialog prompts reappearing every time you reattached to a remote session whose worker had died while waiting on them
  - Fixed claude agents --json omitting blocked and just-dispatched background sessions; added --all to include completed sessions, plus new id and state fields
  - Fixed agents view leaving a stale/garbled frame after navigating back from an agent on WSL in Windows Terminal
  - Fixed background agents ignoring project-level settings env values (e.g. ANTHROPIC_MODEL) when dispatched onto a pre-warmed worker
  - Fixed MCPB plugin cache being spuriously invalidated on Windows, causing unnecessary re-extraction
  - Fixed plugin .in_use PID lock files accumulating without bound; stale markers from crashed sessions are now swept once per day
  - Fixed untrusted project settings being able to set OTEL client-certificate paths without trust confirmation
  - /workflows now opens immediately even while a turn is in progress
  - Improved TaskCreate reliability: malformed inputs are repaired automatically and validation errors for unloaded tools include the schema
  - Improved the error message shown when your organization has disabled API key authentication, with guidance based on where the active API key comes from
  - Reduced CPU usage while responses stream and during spinner animations
  - Restored a default 5-minute idle timeout on Vertex/Foundry so a stalled stream aborts instead of hanging indefinitely; set API_FORCE_IDLE_TIMEOUT=0 to opt out
  - Remote-managed settings with an invalid entry now apply their remaining valid policies and surface the validation error, instead of silently dropping the whole payload
  - Background sessions now preserve --ide, --chrome, --bare, --remote-control, and other flags across retire→wake, and respawn state validation was hardened
  - Background sessions are now told that shared-checkout edits are blocked until they enter a worktree, avoiding a wasted rejected edit before EnterWorktree
  - The "CLAUDE.md is too long" warning threshold now scales with the model's context window
  - Auto-updater on Windows now stops retrying within a session once claude.exe is held by another process
  - Improved color contrast for skill tags in the slash-command menu
  - Promo credit claims for Apple/Google-billed subscribers without a payment method now explain where to add one
  - Added a tip suggesting claude agents when running multiple concurrent sessions
3. 🔗 r/Harrogate My Red Kite spotting PB in Harrogate today - nearly 50! rss
  
  | Hard to count, but there must be nearly 50 red kites in the first photo if you zoom in. In the second photo, they were just flying low. I wish I were out with my proper camera this evening. I often see big groups, but this was something else. submitted by /u/namboozle
  [link] [comments]
  ---|---
4. 🔗 r/LocalLLaMA Me: Arguing with an AI bot who just posted something on this sub about Llama 3.1. rss
  
  | For real tho, these bots need to turn on their web search functions and quit living in the past. It’s bad enough we gotta deal with all the “Qwen3.6 27b helped me quit drinking and brought my dog back from the dead” posts. Sheesh /s submitted by /u/Porespellar
  [link] [comments]
  ---|---
5. 🔗 sacha chua :: living an awesome life 2026-06-08 Emacs news rss
  It's Emacs Built-ins appreciation month! I'm coming to appreciate the menu bar more. What built-ins do you appreciate? Write about it and send Ross a link!
  - Emacs updates:
    
    Emacs 31.0.90 pretest is available (Reddit, Linux Compatible, Irreal)
  - Upcoming events (iCal file, Org):
    
    Emacs Berlin: In-Person-Only Emacs-Berlin Stammtisch https://emacs-berlin.org/ Tue Jun 9 1900 Europe/Berlin
    
    OrgMeetup (virtual) https://orgmode.org/worg/orgmeetup.html Wed Jun 10 0900 America/Vancouver - 1100 America/Chicago - 1200 America/Toronto - 1600 Etc/GMT - 1800 Europe/Berlin - 2130 Asia/Kolkata – Thu Jun 11 0000 Asia/Singapore
    
    Atelier Emacs Montpellier (in person) https://lebib.org/date/atelier-emacs Fri Jun 12 1800 Europe/Paris
    
    M-x Research: TBA https://m-x-research.github.io/ Wed Jun 17 0800 America/Vancouver - 1000 America/Chicago - 1100 America/Toronto - 1500 Etc/GMT - 1700 Europe/Berlin - 2030 Asia/Kolkata - 2300 Asia/Singapore
  - Beginner:
    
    How to Install Emacs on a Chromebook in 2026 (07:15)
    
    How to Setup Emacs on a Chromebook Without Elisp in 2026 (10:37)
  - Emacs configuration:
    
    Useful Emacs key bindings (@spnw@plexwave.org)
    
    function to list bindings
    
    Raymond Zeitler: Emacs and the Numeric Keypad
    
    new embark-automatic-prefix-help-mode (@oantolin@mathstodon.xyz)
    
    How I structure my Emacs init.el file (27:05, GitHub)
    
    minimal-emacs.d: A Customizable init.el and early-init.el for Optimized Startup and Better Emacs Defaults [Release 1.5.0] (Reddit)
    
    dotfiles/OpenBSD/.emacs.d at main · scovl/dotfiles · GitHub (@lobocode@hachyderm.io)
  - Emacs Lisp:
    
    k3jph/stops-el: stops: Guards in Emacs Lisp · GitHub (@k3jph)
    
    imarko/vared.el: Emacs command for interactively editing a variable - Codeberg.org (@zrzz@fosstodon.org)
  - Appearance:
    
    vim-tab-bar: A Vim inspired Emacs tab-bar that adapts to any Emacs theme [Release 1.1.5] (Reddit)
    
    svg-line: Better Status Bars for Emacs (Reddit, lobste.rs)
    
    Raymond Zeitler: Change Emacs Cursor to Indicate Overwrite Mode
    
    tykayn/emacs-theming (@tykayn@mastodon.cipherbliss.com)
    
    Emacs themes inspired by pixel art palettes (Reddit)
    
    How to Change Themes in Emacs (01:31)
    
    How to Inhibit the Welcome Screen in Emacs (01:12)
    
    How to Maximize Emacs' Screen Upon Startup (01:24)
    
    How to Hide the Tool Bar, Scroll Bar, and Menu Bar in Emacs (02:00)
    
    Nicolas Rougier's Talk at 39C3 - The art of text (rendering) (Reddit) see discussion for more thoughts on SVG in Emacs
  - Navigation:
    
    Post a solution: embark-act-on-last-message
    
    Project-x revived with Emacs 30+ support! (Reddit) - session persistence
    
    Little LLM helper function for copying file:line coordinates
    
    kirigami: A unified Emacs method to fold and unfold text in Emacs: outline, outline-indent, org-mode, markdown-mode, vdiff, hideshow, treesit-fold… [Release 1.1.2] (Reddit)
  - Writing:
    
    mmarshall540/electric-sentence: Automatically add the extra space between sentences in Emacs. · GitHub (Reddit)
    
    quick-sdcv: Emacs offline dictionary using 'sdcv' [Release 1.0.5] (Reddit, Irreal)
    
    Notes, Linking and Tagging systems in Emacs
    
    blk: creating and navigating titles of text files, linking between them
    
    Dave Pearson: blogmore.el v4.6.0 - show toc, show toc inline
  - Org Mode:
    
    Much Ado About Emacs 014: Org-Mode and the Capture System, creating headings at different levels, and changing bindings
    
    TAONAW - Emacs and Org Mode: Correcting photo orientation for org-mode in Linux (Irreal)
    
    Citing with Citum in Emacs org-mode | News | Citum (@bdarcus@mas.to)
    
    How I wrote an Emacs plugin to build my blog (@evgandr@bsd.cafe)
    
    Migrating a Zola blog from Markdown to Org-mode — with a lint/export/check pipeline to keep them in sync | The Cloudlet
    
    Org development: Generate images in TOC for HTML export
  - Completion:
    
    Beyond ICR: Incremental 'Suggesting' Read in Emacs (YouTube 20:10, Reddit, @chiply@fosstodon.org)
  - Coding:
    
    Introducing magit-difftastic: integrate difftastic into magit (Reddit)
    
    inline-review: review merge/pull requests directly within emacs (Reddit)
    
    Building alc-jj-log-view-mode — Alex Carney (@alcarney)
    
    Building IOS Apps With Doom Emacs | Wassim Mansouri (HN)
    
    CEDET for Plan 9 coding (01:14)
    
    Tim Heaney: Ziglings
  - Shells:
    
    A Simple jj Integration for eshell — Alex Carney (@alcarney)
    
    Raymond Zeitler: exeln: EXEcute LiNe
    
    Follow-on to exeln
  - Web:
    
    Irreal: My Growing Appreciation For EWW
  - Mail, news, and chat:
    
    Setting up offline email for Microsoft O365 with notmuch and emacs | Ashish Panigrahi (@paniash@ioc.exchange)
    
    Lars Ingebrigtsen: Super Simple Spam Splitting for Gnus
    
    New Elfeed 4.0.0 release (Irreal, HN)
    
    Chatting via Meshtastic in Emacs | Andros Fenollosa
  - Multimedia:
    
    Marcin Borkowski: Copying images in Emacs
    
    Kokoro-onnx with Cuda for text to speech with Emacs (01:26:56)
  - Fun:
    
    I ported GNU Emacs 30.2 to the browser with WebAssembly (Reddit)
    
    Emacs Appearance in Pop Culture (Reddit)
  - AI:
    
    Structural diffing in Emacs; deterministic agent harnesses (GitHub)
    
    Emacs client for Pi Coding Agent (Reddit)
    
    jaketothepast/codetutor: An AI Pair Programmer, that teaches you to code as you write, for Emacs · GitHub (HN)
  - Community:
    
    Fortnightly Tips, Tricks, and Questions — 2026-06-02 / week 22
    
    Learning Emacs with Progressive Vision Loss
    
    Amin Bandali: Free software activities in May 2026
    
    Emacs Chat 25: Ben Zanin (@gnomon@mastodon.social) (YouTube 59:30)
    
    Sacha Chua: Emacs Carnival May 2026 wrap-up: "May I recommend…"
    
    Sacha Chua: Transcript of chat with Matei Candea about Emacs and AI
    
    This perfect text editor doesn't exist (15:57)
    
    From TECO to Neovim: 50 Years of Text Editing on Unix and Linux (Reddit)
    
    PceEmacs is an Emacs written in Prolog instead of Lisp! It also seems to support LSP (Reddit)
  - Emacs Carnival: Underappreciated Emacs Builtins:
    
    Emacs carnival: rec mode, an all-text database system (@ericsfraga@fediscience.org)
    
    Jakub Nowak: Radical Builtins
    
    Emacs DWIM case commands by spnw
  - Other:
    
    phony.el: Define voice commands in Emacs (Reddit)
    
    Bicycle for Your Mind: Much Ado About Emacs 013 - anddo.el (todos), substitute
    
    Lars Ingebrigtsen: Todo Lists and Procrastination
    
    jamescherti/inhibit-mouse.el 1.0.4 (Reddit, Irreal)
    
    Charles Choi: Revisiting Emacs Keyboard Macros with a Mouse
    
    Sacha Chua: Emacs PDF View: Replace current page with file using PDFtk
    
    conquering the Emacs daemon - Blog In Isolation (@andyc@mastodon.me.uk)
    
    tanrax/emacs-gpu: GNU Emacs with a GPU-accelerated display backend · GitHub (@andros@activity.andros.dev)
    
    emacs-devel re: overlap with Canvas patch, can't accept LLM-generated contributions
    
    emacs | extensions.fcos.fr (Fedora) (@alcarney) - emacs sysext for Fedora image-based systems
    
    I built a floating HUD for Emacs, rendered in Rust egui via WASM (Reddit) macOS
    
    Charles Choi: Opening macOS Finder Folders in Emacs with Scrim (@kickingvegas@sfba.social)
    
    Damn! Emacs Regex problem | Unixbhaskar's Blog (@unixbhaskar@fosstodon.org)
    
    самый хайповый гайд на Emacs (15:40)
  - Emacs development:
    
    emacs-devel: markdown-ts-mode and markdown-ts-view-mode demoted on the release branch
    
    project-vc-dir: Use truenames
    
    (Fmarkers_in): New function (bug#81153)
    
    Support Ansible messages in compilation-mode
  - New packages:
    
    bluesky: A Bluesky client (MELPA)
    
    cui: AI-LLM chat blocks for org-mode (MELPA)
    
    desert-theme: A warm earthy port of Vim's desert theme (MELPA)
    
    flamegraph: Flame graphs for Emacs's native profiler and folded stacks files (NonGNU ELPA)
    
    sleek-modeline: Minimal and elegant modeline (MELPA)
  Links from reddit.com/r/emacs, r/orgmode, r/spacemacs, Mastodon #emacs, Bluesky #emacs, Hacker News, lobste.rs, programming.dev, lemmy.world, lemmy.ml, planet.emacslife.com, YouTube, the Emacs NEWS file, Emacs Calendar, and emacs-devel. Thanks to Andrés Ramírez for emacs-devel links. Do you have an Emacs-related link or announcement? Please e-mail me at sacha@sachachua.com. Thank you!
  
  View Org source for this post
  
  You can e-mail me at sacha@sachachua.com.
6. 🔗 r/LocalLLaMA When every other post is an AI generated benchmark report, a question about the best model, or a slop-coded application or engine that pretends to be groundbreaking rss
  
  | submitted by /u/Honest-Kangaroo-1830
  [link] [comments]
  ---|---
7. 🔗 r/reverseengineering [Tool/Writeup] PureBasic FLIRT Signature for IDA Pro — demo + crackme rss
  
  submitted by /u/No-Figure-7595
  [link] [comments]
8. 🔗 r/LocalLLaMA Xiaomi just claimed 1,000+ tps on a 1T model using a standard 8-GPU server rss
  
  Just saw Xiaomi MiMo announce MiMo-V2.5-Pro UltraSpeed , claiming they broke the 1,000 tokens/sec output barrier on a 1 trillion parameter MoE model. According to them, they’re doing it on a single standard 8-GPU node , not custom wafer-scale hardware like Cerebras and not SRAM-heavy hardware like Groq.
  
  Crazy if true.
  
  submitted by /u/No-Selection2972
  [link] [comments]
9. 🔗 r/reverseengineering First Public Analysis of the BoldTealLayer Loader: A Custom Lua Script that Blinds Windows Security rss
  
  submitted by /u/TheOneEyedArgus
  [link] [comments]
10. 🔗 r/LocalLLaMA Gemma 4 Chat Template now has preserve thinking rss
  
  | submitted by /u/seamonn
  [link] [comments]
  ---|---
11. 🔗 r/reverseengineering EMBA firmware analysis framework v2.0.2 available - Party the big 2k rss
  
  submitted by /u/m-1-k-3
  [link] [comments]
12. 🔗 r/reverseengineering /r/ReverseEngineering's Weekly Questions Thread rss
  
  To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the Reverse Engineering StackExchange. See also /r/AskReverseEngineering.
  
  submitted by /u/AutoModerator
  [link] [comments]
13. 🔗 openonion/connectonion Release v1.0.1: supersede stray 1.0.0 with hosted-agent endpoint fix release
  
  Carries the AGENT_PUBLIC_DOMAIN announce fix (also in 0.9.7) on a version
  above 1.0.0 so unpinned pip install resolves to a build that has it.
14. 🔗 openonion/connectonion Release v0.9.7: announce public Caddy domain for hosted agents release
  
  host() now announces https://{domain} + wss://{domain}/ws to the relay
  when AGENT_PUBLIC_DOMAIN is set, instead of unreachable in-container IPs.
  Fixes peers being unable to connect to cloud-deployed (co deploy) agents.
15. 🔗 HexRaysSA/plugin-repository commits sync repo: +2 releases, ~1 changed rss
```
sync repo: +2 releases, ~1 changed

## New releases
- [BinSync](https://github.com/binsync/binsync): 5.15.2, 5.15.1

## Changes
- [BinSync](https://github.com/binsync/binsync):
  - 5.10.1: archive contents changed, download URL changed
```

generated: June 11, 2026 at 07:31:42

to read (pdf)

What's changed

What's changed

What's New in v0.20.1

Pi Extension Install Failure

Install / Update

What's Changed

Community

lundi le premier juin

mardi 3

jeudi 4

vendredi 5

samedi 6

dimanche 7

IDA Plugin Updates on 2026-06-09

Activity:

The big model smell

Notable projects (approximate dates)

Using Fable in Claude.ai

Adding features to Datasette Agent and LLM using Claude Code

How much I've spent

And some pelicans

What's New in v0.20.0

Multi-Repo Workspace Reviews

Semantic Diff Overview

UI 2.0: New Themes, Plan Look Chooser, and Full-Page HTML Annotation

Leaner Install and Single-Source Skills

Expand Unchanged Regions by Default

OpenCode Runtime Compatibility

Glimpse Native Window on Windows

Additional Changes

Install / Update

What's Changed

New Contributors

Contributors

What's changed

Security

Configuration Changes

UI

Smart Playlists

Subsonic API

Transcoding

Scanner

Artwork

Server

Matcher

Plugins

CLI

Build & Dependencies

Translations

New Contributors

Helping out

Where to go next?

Minor Changes

What's Changed

What's Changed

Rust generics have a Sized bound by default today

You opt out with ?Sized

But Sized vs ?Sized isn't enough for everything we need

A richer Sized hierarchy

Problem: ?Sized notation doesn't scale to this hierarchy

Solution: only bounds

only bounds work like normal bounds: ask for what you need

only bounds allow for new levels to be added later

only bounds compose normally

Scaling only to other "default bound families" (speculative)

How only bounds could work in the presence of multiple families

Examples

Option::map requires only Move

Option::or requires only Move + Destruct

Rc requires MaybeSized + Leak

Frequently asked questions

What is actually under RFC today?

Can I use only with any trait?

Why not opt out from all defaults at once?

Why do you think it's likely that people want to opt out of being Sized

But we saw that Rc wanted to opt out of both families with `only Leak +

Wait, trait aliases and shorthands? Can you elaborate?

Can we use a "root" trait to opt out of all defaults?

If we did that, what would happen if we wanted to add a new family in the

Rust generics have a `Sized` bound by default today

You opt out with `?Sized`

But `Sized` vs `?Sized` isn't enough for everything we need

A richer `Sized` hierarchy

Problem: `?Sized` notation doesn't scale to this hierarchy

Solution: `only` bounds

`only` bounds work like normal bounds: ask for what you need

`only` bounds allow for new levels to be added later

`only` bounds compose normally

Scaling `only` to other "default bound families" (speculative)

How `only` bounds could work in the presence of multiple families

`Option::map` requires `only Move`

`Option::or` requires `only Move + Destruct`

`Rc` requires `MaybeSized + Leak`

Can I use `only` with any trait?

Why do you think it's likely that people want to opt out of being `Sized`

But we saw that `Rc` wanted to opt out of both families with `only Leak +

Can we decide whether we want `Value` later?

Why the name `Destruct` and not `Drop`?

How does this interact with `const` traits anyway?

It's annoying to write `T: only Move + Destruct`. Couldn't we have