LWN.net
[$] Imitation, not artificial, intelligence
Improvements to the PSF Grants program
The Python Software Foundation (PSF) board has announced improvements to its grants program that have been enacted as a response to "concerns and frustrations" with the program:
The PSF Board takes the open letter from the pan-African delegation seriously, and we began to draft a plan to address everything in the letter. We also set up improved two-way communications so that we can continue the conversation with the community. The writers of the open letter have now met several times with members of the PSF board. We are thankful for their insight and guidance on how we can work together and be thoroughly and consistently supportive of the pan-African Python community.So far the PSF has set up office hours to improve communications, published a retrospective on the DjangoCon Africa review, and put out a transparency report on grants from the past two years. The PSF board has also voted to "use the same criteria for all grant requests, no matter their country of origin".
Zuckerberg: Open Source AI Is the Path Forward
AI has more potential than any other modern technology to increase human productivity, creativity, and quality of life – and to accelerate economic growth while unlocking progress in medical and scientific research. Open source will ensure that more people around the world have access to the benefits and opportunities of AI, that power isn't concentrated in the hands of a small number of companies, and that the technology can be deployed more evenly and safely across society.
There is an ongoing debate about the safety of open source AI models, and my view is that open source AI will be safer than the alternatives. I think governments will conclude it's in their interest to support open source because it will make the world more prosperous and safer.
Of course, whether Llama is truly open source is debatable at best, but it is more open than many of the alternatives.
[$] A look inside the BPF verifier
LWN has covered BPF since its initial introduction to Linux, usually through the lens of the newest developments; this can make it hard to view the whole picture. BPF provides a way to extend a running kernel, without having to recompile and reboot. It does this in a safe way, so that malicious BPF programs cannot crash a running kernel, thanks to the BPF verifier. So how does the verifier actually work, what are its limits, and how has it changed since the early days of BPF?
GNU C Library 2.40 released
Security updates for Tuesday
[$] "Opt-in" metrics planned for Fedora Workstation 42
Red Hat, through members of the Fedora Workstation Working Group, has taken another swing at persuading the Fedora Project to allow metrics related to the real-world use of the Workstation edition to be collected. The first proposal, aimed for Fedora 40, was withdrawn to be reworked based on feedback. This time around, the proponents have shifted from asking for opt-out telemetry to opt-in metrics, with more detail about what would be collected and the policies that would govern data collection. The change seems to be on its way to approval by the Fedora Engineering Steering Council (FESCo) and is set to take effect for Fedora 42.
[$] "Opt-in" metrics planned for Fedora Workstation 42
Red Hat, through members of the Fedora Workstation Working Group, has taken another swing at persuading the Fedora Project to allow metrics related to the real-world use of the Workstation edition to be collected. The first proposal, aimed for Fedora 40, was withdrawn to be reworked based on feedback. This time around, the proponents have shifted from asking for opt-out telemetry to opt-in metrics, with more detail about what would be collected and the policies that would govern data collection. The change seems to be on its way to approval by the Fedora Engineering Steering Council (FESCo) and is set to take effect for Fedora 42.
[$] "Opt-in" metrics planned for Fedora Workstation 42
Red Hat, through members of the Fedora Workstation Working Group, has taken another swing at persuading the Fedora Project to allow metrics related to the real-world use of the Workstation edition to be collected. The first proposal, aimed for Fedora 40, was withdrawn to be reworked based on feedback. This time around, the proponents have shifted from asking for opt-out telemetry to opt-in metrics, with more detail about what would be collected and the policies that would govern data collection. The change seems to be on its way to approval by the Fedora Engineering Steering Council (FESCo) and is set to take effect for Fedora 42.
Security updates for Monday
NGI project may lose funding
The Next Generation Internet (NGI) project, an initiative of the EU's European Commission (EC), provides funding in the form of grants for a wide variety of open-source software, including Redox, Briar, SourceHut, and many more. But the NGI project is not among those that would be funded under the current draft budget for 2025, as The Register reports. More than 60 organizations have signed on to an open letter asking the EC to reconsider:
We find this transformation incomprehensible, moreover when NGI has proven efficient and economical to support free software as a whole, from the smallest to the most established initiatives. This ecosystem diversity backs the strength of European technological innovation, and maintaining the NGI initiative to provide structural support to software projects at the heart of worldwide innovation is key to enforce the sovereignty of a European infrastructure. Contrary to common perception, technical innovations often originate from European rather than North American programming communities, and are mostly initiated by small-scaled organizations.[$] A new major version of NumPy
The NumPy project released version 2.0.0 on June 16, the first major release of the widely used Python-based numeric-computing library since 2006. The release has been planned for some time, as an opportunity to clean up NumPy's API. As with most NumPy updates, there are performance improvements to several individual functions. There are only a few new features, but several backward-incompatible changes, including a change to NumPy's numeric-promotion rules. Changes to the Python API require relatively minor changes to Python code using the library, but the changes to the C API may be more difficult to adapt to. In both cases, the official migration guide describes what needs to be adapted to the new version.
[$] Restricting execution of scripts — the third approach
Security updates for Friday
Peter de Schrijver RIP
Evolving the ASF Brand (Apache Software Foundation blog)
So why would we change it? As a non-Indigenous entity, we acknowledge that it is inappropriate for the Foundation to use Indigenous themes or language. We thank Natives in Tech and other members of the broader open source community for bringing this issue to the forefront. Today we are announcing we will be retiring the feather icon and logo and replacing it with a new logo that embodies the Foundation's rich history of providing software for the public good.