The Git Times

prompts.chat has extended its self-hosting capabilities to address a core tension in enterprise AI adoption: balancing access to battle-tested prompts with strict data governance. The project maintains a curated, model-agnostic collection of prompt examples that work with ChatGPT, Claude, Gemini, Llama, Mistral and other systems. Organizations can now deploy fully private instances without exposing proprietary use cases.

Setup has been simplified to a single command. Running npx prompts.chat new my-prompt-library launches an interactive wizard that configures branding, themes, and authentication through GitHub, Google, or Azure AD. The resulting Next.js application can run on-premises or in private cloud environments, with Docker images provided for consistent deployment. Administrators choose whether to sync new community prompts or keep the library entirely isolated.

The underlying data remains accessible in multiple formats, including CSV and a Hugging Face dataset, allowing teams to ingest prompts into internal tools. Recent updates emphasize granular feature toggles so organizations can disable public contributions while retaining the interactive prompt engineering book and its 25 chapters on chain-of-thought reasoning, few-shot learning, and agent design.

This matters now because fragmented prompt practices across teams produce inconsistent LLM outputs and raise compliance risks. Self-hosted prompts.chat gives engineering and research groups a single source of truth they control.

Self-hosting features:

• Wizard-driven configuration of auth and branding
• Docker support and one-click setup
• Optional bidirectional sync with the public library

Three years after its introduction, Anthropic’s claude-cookbooks repository received fresh commits in April 2026 that expand its library of Jupyter notebooks. The updates focus on production-oriented patterns that developers can copy directly into applications built against the Claude API.

The cookbooks are organized around three themes. Capabilities notebooks demonstrate text classification, efficient summarization, and retrieval-augmented generation that grounds Claude responses in external knowledge. Tool-use sections show how to bind Claude to external functions: a customer-service agent that routes queries, a calculator for precise arithmetic, and a notebook that translates natural-language requests into validated SQL before execution.

Third-party integration recipes cover Pinecone vector databases for semantic search, live Wikipedia lookups, web-page scraping, and embedding workflows. Each notebook includes prerequisites, error-handling examples, and minimal Python code that can be adapted to any language capable of making HTTP calls to the Claude API.

These recipes matter now because organizations are moving from chat prototypes to deployed agents that must reliably call tools and cite fresh data. The community-maintained repository lowers the cost of adopting current best practices without forcing teams to rediscover common failure modes around context windows, function-calling schemas, or retrieval precision.

Contributing remains straightforward: review open issues, submit new notebooks or fixes, and avoid duplicating existing work.

OGRE has issued version 14.5.2, a maintenance release that refines its long-standing role as a modular, high-performance rendering backend. The update focuses on platform reliability rather than headline features, reflecting the needs of teams maintaining complex 3D pipelines that scale from embedded robotics to high-end visualisation.

CMake scripts now align Android libraries to 16k boundaries, refresh project templates, update Freetype to 2.14.1 and Assimp to 6.0.3. Android touch input offsets with hidden navbars are fixed, gamma handling is synchronised with config dialogs, and Win32 pixel-format selection is improved. GL hardware buffers respect shadow-buffer requests, while GLES2 ensures sRGB formats are colour-renderable and mipmap generation works correctly with gamma. D3D11 properly honours automatic mip creation. The RTSS CookTorrance shader corrects double gamma on ambient colour, and the Assimp plugin resolves material-resource-map keys and WebP extension mapping.

These changes matter because OGRE abstracts Vulkan, Direct3D 11, OpenGL, OpenGL ES and Metal, letting engine programmers concentrate on application logic. Its battle-tested feature set—PBR workflows, stencil and texture shadows, skeletal animation, flexible particle systems, advanced compositor post-processing (bloom, HDR), multi-layer terrain with LOD, Dear ImGui integration and Bullet Physics support—remains in active use wherever developers need a flexible C++ foundation with Python, C# and Java bindings.

The HighPy bindings continue to enable rapid prototyping. A typical snippet loads a glTF DamagedHelmet.glb, places a point light and runs the render loop in fewer than ten lines.

Google DeepMind has updated its MuJoCo Menagerie with fresh MJCF assets and expanded MJX support, addressing the persistent demand for reliable simulation models in robotics research. First released in 2022, the curated collection now includes revised definitions that run cleanly on the latest MuJoCo binaries and JAX-accelerated MJX backend.

Each model follows a uniform layout. The unitree_go2 directory, refreshed in April, contains an assets folder with collision and visual meshes, a detailed README.md tracing XML generation from CAD, the core go2.xml, go2_mjx.xml variant, scene.xml with lighting and floor, and a PNG preview. Minimum MuJoCo version requirements appear in every README; most now target 3.1 or higher.

Installation options remain straightforward: download prebuilt binaries or run pip install mujoco for Python bindings. Models are also available through the robot-descriptions package, allowing one-line imports without cloning the full repository.

The updates matter because modern training pipelines increasingly rely on thousands of parallel GPU rollouts. Accurate, stable models reduce the sim-to-real gap for locomotion, manipulation and contact-rich tasks. Contributors must supply reproduction steps and verify behavior across MuJoCo versions, maintaining the library’s quality standard.

Changelog entries document incremental improvements to existing robots rather than wholesale replacement, letting teams track changes without breaking existing experiments.

ROBOTIS has refreshed its emanual repository with expanded documentation for the latest DYNAMIXEL hardware. The April 2026 commits add detailed control tables for the full X Series (XL430-W250, XM540-W270, XH430-V350) and Pro Series (H54-200-S500-R, M42-10-S260-R, L54-50-S500-R), mapping every EEPROM address for torque limits, position gains, and operating modes.

The updates distinguish clearly between Protocol 1.0 and 2.0 implementations across MX, X, and Pro lines, giving engineers exact register values needed for deterministic behavior in multi-motor chains. TurtleBot3 sections now include revised bringup sequences for Burger and Waffle Pi variants, plus current SLAM configuration steps on Raspberry Pi and Intel platforms.

DYNAMIXEL SDK and Workbench references have been synchronized with the newest library releases, documenting installation paths and API changes that affect real-time control loops. These additions reflect the shift toward higher-bandwidth actuators in collaborative robots and autonomous research platforms, where incorrect register settings can cascade into mechanical failure.

The repository renders directly to emanual.robotis.com, keeping online content identical to the source. For teams shipping hardware this quarter, the single authoritative reference eliminates version mismatches between datasheet and firmware.

Strix has released version 0.8.3, tightening its autonomous AI agents into everyday development pipelines. The update delivers native GitHub Actions support so scans run on every pull request, letting teams block vulnerable code before merge.

The agents continue to execute applications dynamically inside Docker sandboxes, confirm vulnerabilities with working proof-of-concepts, and produce concrete remediation steps. False positives that plague static tools are avoided because each finding is validated through actual execution.

New capabilities in v0.8.3 include an interactive mode that lets operators guide the agent loop in real time. A dedicated NestJS security testing module broadens coverage to JavaScript backends. OpenTelemetry instrumentation now emits local JSONL traces with optional Traceloop export, giving observability into multi-agent collaboration.

Additional changes refine web-search tooling, fix configuration loading for API keys, expand tool-specific skills, and update dependencies. The CLI remains developer-first: after a one-line install and LLM provider setup, a single strix --target command generates reports inside the strix_runs/ directory.

These enhancements make continuous, validated security testing practical inside fast-moving CI/CD environments.

PayloadsAllTheThings, the nine-year-old repository of web application payloads and bypass methods, has shipped version 4.2 with substantial new material for penetration testers and red teams.

The release introduces two complete vulnerability pages. The External Variable Modification section documents PHP extract() weaknesses, variable pollution vectors, and their security consequences. A new Reverse Proxy Misconfigurations chapter catalogs common Nginx errors that expose internal services or enable request smuggling.

Existing sections received meaningful upgrades. Command Injection now includes the worstfit argument injection technique and fullwidth character bypasses. CSV Injection adds Google Sheets exploitation paths using IMPORTXML, IMPORTRANGE and remote resource formulas for data exfiltration. File Inclusion incorporates the lightyear tool for blind file-read primitives and expanded PHP filter chain examples.

Further updates cover headless browser CVEs, insecure debugging ports, PDF rendering attacks, comprehensive JSON deserialization vectors for Jackson and similar parsers, and a new PDO Prepared Statements discussion in SQL Injection. The maintainers also corrected formatting inconsistencies, repaired broken internal links and improved overall consistency.

These changes keep the resource aligned with current attacker tooling and obscure edge cases that continue to appear in bug bounties and CTF events.

Web-Check version 1.0.0 is now the stable release for the popular OSINT dashboard. The project has transferred maintenance of all v1.x.x branches to the new xray-web GitHub organization, allowing the original maintainer to prepare a major rewrite that will not guarantee backwards compatibility.

The React frontend paired with lambda-function backend delivers 18 distinct reconnaissance modules. It surfaces IP metadata and associated hostnames, full SSL certificate chains, DNS records with DNSSEC validation, HTTP security headers, cookie attributes, open-port results, traceroute paths, server geolocation, redirect ledger, robots.txt directives, sitemap entries, technology fingerprinting, tracker detection, performance scores and carbon-footprint estimates derived from page weight.

Deployment options remain unchanged: one-click Netlify or Vercel setup, or the official Docker image that bundles a Node server for completely local operation of both API and UI. This last path particularly benefits air-gapped environments and privacy-conscious operators who prefer not to forward target domains to third-party infrastructure.

The 1.0 release focuses on making self-hosting reliable rather than adding new checks. Users running the tool on their own hardware gain full control over data retention and query volume while still receiving the same comprehensive view of attack surface, misconfigurations and optimization opportunities that has made the project a regular part of security and sysadmin workflows since its 2023 debut.

**

scrcpy v3.3.4 arrived this week with six targeted fixes that restore reliability on devices hit by recent Android upgrades. The update corrects permission denial errors that surfaced post-upgrade, improves state restoration on affected hardware, fixes UHID_OUTPUT message parsing, and resolves startup failures on certain Meizu phones.

The eight-year-old C project remains the standard for USB or TCP/IP mirroring of Android screens and audio to desktop machines. Built with FFmpeg, libav and SDL2, it delivers 1920×1080 video at 30–120 fps with 35–70 ms latency. No root access or client app is required; the device needs only USB debugging enabled and API level 21 or higher.

Newer capabilities such as Android 11+ audio forwarding, bidirectional clipboard support, camera mirroring on Android 12, virtual displays, and Linux V4L2 webcam output continue unchanged. The release also tightens error logging and handles missing uniqueId fields gracefully.

For developers and power users, these patches matter because Android fragmentation keeps breaking edge-case input injection. By quietly eliminating recurring breakage, the Genymobile team ensures the tool stays the fastest, least intrusive way to control and record Android devices from Linux, Windows or macOS.

act has received a maintenance update with the release of v0.2.87. The primary change pins 11 actions that previously lacked version constraints, improving security and reproducibility for local runs.

The tool reads workflow files from .github/workflows/, constructs a dependency graph, and executes jobs in Docker containers that mirror GitHub's runtime. This setup provides fast feedback during workflow development and serves as an alternative to traditional build scripts.

Why it matters now: with increased scrutiny on software supply chains, pinning dependencies prevents unexpected behavior from upstream modifications. The update aligns act with best practices for secure CI configurations.

Installation and usage remain straightforward. After cloning the repository, users with Go 1.20 or newer can run make install. The binary then allows commands like act to trigger workflows or specific jobs.

A Visual Studio Code extension further integrates the tool, letting developers manage and execute actions directly from their editor.

The project maintains active development, with the latest changes focusing on stability rather than new features. Contributors can follow the guidelines to submit patches or improvements.

For support, the community gathers in discussions. As GitHub Actions usage grows across organizations, act remains essential for efficient development cycles.

The Gaggiuino project has issued a development release that expands hardware options and frontend flexibility for owners of the Gaggia Classic and Pro. Rather than a ground-up redesign, the update refines an established platform that replaces stock electronics while preserving the machine’s original buttons, aesthetics and core workflow.

The release provides separate core and frontend binaries. STM32F411 builds (lego-ncp.bin, pcb-ncp.bin) now run overclocked for noticeably quicker response times. Newer STM32U585 performance variants (performance-lego-pca.bin, performance-pcb-ncp.bin) target users seeking additional headroom for complex pressure and temperature algorithms. Frontend choices include ui-embedded.bin (on-device GUI plus web server), ui-headless.bin (web server only), and ui-web.bin for browser-based control from phones or laptops.

At the hardware level the system continues to rely on thermocouple readings, a pressure transducer and a triac dimmer to modulate boiler power. The microcontroller maintains tight PID loops that deliver shot-to-shot consistency difficult to achieve with the factory controller. Documentation walks users through binary selection and flashing; legacy firmware remains available on a separate branch for older hardware.

For a five-year-old open-source project, the update is pragmatic: it accommodates newer microcontrollers that builders are already adopting and adds remote monitoring without forcing cosmetic changes to the machine. Community support on Discord continues to focus on calibration, sensor placement and safe electrical practices.

**

Internet-in-a-Box has released version 8.2, integrating Calibre-Web as a default application even on its smallest installs. The update equips the offline server platform with experimental support for video, audio, and images alongside traditional e-books, while overhauling configuration defaults and logging.

The project assembles more than 30 educational services—including Wikipedia, Khan Academy video libraries, zoomable OpenStreetMap, WordPress, and a full learning management system—onto low-cost hardware. Administrators download content once, arrange it through a drag-and-drop interface, then serve it locally to any smartphone, tablet, or laptop within range. Mesh networking tools allow exchange of indigenous knowledge between neighboring installations.

Version 8.2 also improves iiab-diagnostics, piping output through cat -v to expose control characters and surfacing Calibre-Web version data, systemd status, and the last 300 lines of relevant logs. These changes simplify troubleshooting for volunteers supporting schools, clinics, and libraries in regions with limited connectivity.

The one-line installer targets Raspberry Pi, Ubuntu 24.04, Linux Mint 22, and Debian 12. Pre-built disk images remain available for rapid deployment. A newly published Contributors Guide aims to broaden participation in this long-running civic-tech effort.

The result is a more capable digital library that fits in a pocket yet delivers the core of the internet’s reference material where bandwidth remains scarce or unaffordable.

The photobooth-app project has shipped version 8.7.0, its final feature release in the v8 lineage. The update centers on a new synchronization tool that leverages Rclone through the rclone-bin-api package, providing consistent file transfer capabilities across operating systems without additional user configuration.

This open-source Python application paired with a Vue 3 frontend has become a go-to solution for custom photobooth builders. It supports capture of still photographs, animated GIFs, image collages, boomerangs and 3D wigglegrams. Compatible hardware includes DSLRs using gphoto2, Raspberry Pi cameras with picamera2, and standard webcams.

Operators can combine cameras, using one for high-resolution stills and another dedicated to livestream preview. The interface delivers live views during countdown sequences and on the home screen. WLED integration allows LED rings to provide visual countdown cues.

Technical improvements address long-term reliability. Services can declare permanent crashes for unrecoverable errors like invalid configurations. Multicamera setups benefit from enabled TCP keepalive in pynng connections, resolving dropped links after extended use.

The frontend now refers to its sharing feature as the sharepage rather than downloadportal. Visual adjustments and updated dependencies complete the package.

With an MIT license and 3D-printable box designs available, the project continues to support community-driven hardware projects on Raspberry Pi, Linux and Windows systems. The Rclone synchronizer consolidates previous options including QR sharing, FTP, Nextcloud and USB transfers.

PlayCanvas Engine released v2.17.2 this week, delivering three precision fixes that improve stability and efficiency in its dual WebGL2 and WebGPU backends.

The most consequential change alters Compute.calcDispatchSize to use a y-first approach. This reduces wasted workgroups during compute dispatches, delivering measurable gains for techniques such as 3D Gaussian splatting now supported by the engine. With WebGPU adoption accelerating, the tweak matters for developers pushing real-time 3D in browsers.

Additional corrections address rendering correctness and memory hygiene. Blend state is now properly preserved inside drawQuadWithShader and RenderPassQuad operations, eliminating artifacts in multi-pass effects. The octree system no longer double-decrements file reference counts when entities are disabled, preventing leaks in large streaming scenes that rely on glTF 2.0, Draco, and Basis compression.

The engine supplies a complete runtime: rigid-body physics through ammo.js, state-machine animation, positional audio via the Web Audio API, and full input plus VR controller support through WebXR. Scripts run in TypeScript or JavaScript, with asynchronous asset streaming designed for fast browser load times.

Contributed primarily by core maintainer mvaligursky, the release keeps the 11-year-old project current as teams ship 3D experiences that run without plugins on desktop and mobile.

GodSVG has reached late alpha with measurable improvements to its real-time synchronization between visual canvas and raw SVG markup. Built in GDScript on the Godot engine, the editor treats SVG as structured data rather than a proprietary document format. Edits performed through the interface immediately update the code view, and the exported files contain no added metadata.

This matters now because web and game pipelines increasingly demand minimal, standards-compliant vector assets. GodSVG generates human-readable XML that integrates directly into Godot projects, frontend codebases, or technical documentation without cleanup steps. Optimization tools let users strip unnecessary attributes, shorten path commands, and enforce consistent decimal precision, producing smaller files that render identically across browsers and runtimes.

The application is available on Windows, macOS and Linux, with an official web build at godsvg.com/editor. Experimental Android versions require signature verification using the provided SHA-256 fingerprint. macOS users must bypass Gatekeeper, a limitation the solo developer attributes to distribution costs.

Development remains independent, funded largely by donations. The low-abstraction philosophy delivers precision that high-level design tools often sacrifice for convenience.

OpenRA has issued release-20250330, delivering incremental upgrades to its C# engine that reimplements the core mechanics of Westwood's Command & Conquer: Red Alert, Tiberian Dawn and Dune 2000. The project, under active development since 2010, continues to provide fully playable, asset-independent versions that run natively on Windows, Linux, *BSD and macOS.

The update improves SDL and OpenGL handling for better high-DPI support and Apple Silicon performance, addressing compatibility issues that arise on newer distributions and kernels. Modders now benefit from expanded trait documentation and more robust YAML parsing for unit behaviors, game rules and AI. The Lua API received refinements that simplify scripted mission triggers and event handling.

Mapping and total conversion workflows remain central. The in-game editor lets users alter gameplay radically through custom rules, while the Mod SDK supplies templates for new factions and mechanics. Maps and mods are distributed via the OpenRA Resource Center; dedicated server binaries allow instant multiplayer hosting.

In an age of subscription-based live-service titles, OpenRA preserves the precise balance and pace of these late-1990s originals. Its GPL-licensed codebase serves as both preservation tool and reference implementation for open game engine design.