The Git Times

Netdata has released v2.9.0, adding interactive query analysis for more than 14 databases and expanded OpenTelemetry support.

The new capabilities let users identify slow queries, debug bottlenecks and monitor database operations directly in the platform without manual connections. The SQL Server collector was rewritten in Go, delivering comprehensive metrics, Query Store integration and UI-based configuration.

OpenTelemetry logs are now ingested via the otel plugin and stored in systemd-compatible journal files with configurable retention policies. These additions address the growing complexity of database-dependent infrastructure.

The release builds on Netdata's core design: per-second metric collection, zero configuration deployment and minimal resource usage. Its machine learning features continue to detect anomalies and predict issues while keeping all data local. No central aggregation is required.

Written primarily in C, the project supports Linux, Docker, Kubernetes, MySQL, PostgreSQL, MongoDB and other environments. A University of Amsterdam study previously identified it as the most energy-efficient monitoring tool for Docker-based systems.

Community contributions in this release improved collectors, packaging and documentation. For lean teams, the update strengthens full-stack observability without adding operational complexity.

(178 words)

With the v1.0.1 stable release, OpenBB's Open Data Platform has matured into production-ready infrastructure that lets data engineers integrate proprietary, licensed and public sources once and expose them everywhere.

The platform operates on a "connect once, consume everywhere" model. It feeds Python environments for quantitative work, OpenBB Workspace and Excel for analysts, MCP servers for AI agents, and REST APIs for other applications. Coverage spans equities, options, derivatives, fixed-income, crypto and economic data.

Setup is deliberately simple. After pip install "openbb[all]", the command openbb-api launches a FastAPI server via Uvicorn at 127.0.0.1:6900. Python users can then retrieve data with just a few lines:

from openbb import obb
output = obb.equity.price.historical("AAPL")
df = output.to_dataframe()

Workspace integration follows the same backend. Users sign in, navigate to the Apps tab, add the ODP connector and test the connection. The architecture eliminates duplicate integration work while maintaining consistent data contracts across human and machine interfaces.

The timing matters. As financial institutions accelerate AI copilot deployments, ODP provides the stable data layer that both research dashboards and autonomous agents can rely on without custom ETL for each surface.

OpenArm has released version 1.1 of its open-source 7DOF humanoid arm, focusing on practical refinements that improve reliability for physical AI work in contact-rich environments. The update responds directly to user feedback by introducing automated zero-position calibration, removing the error-prone manual process that previously complicated setup.

A new modular camera mount base provides standardized fixtures for Realsense D435 chest cameras and D405 wrist cameras. This enables consistent, reproducible data collection setups essential for imitation learning pipelines. On the hardware side, the leader arm's J5 casing cover has been redesigned with a rubber band interface, delivering better coupling and allowing natural elbow tracking during bilateral teleoperation.

The arm retains its core characteristics: high backdrivability, compliance for safe human-robot interaction, human-scale proportions, and sufficient payload for real-world tasks. At $6,500 for a complete bimanual system, it remains an accessible platform supporting ROS2, MoveIt2, MuJoCo and Genesis simulation, CAN control, and gravity compensation.

Multiple repositories separate concerns cleanly—hardware CAD under CERN-OHL-S-2.0, robot descriptions, control libraries, and ROS2 packages under Apache-2.0—facilitating collaboration. The changes make OpenArm more dependable for researchers moving from simulation to physical deployment.

Project Chrono has released version 10.0.0, updating its mature C++ library for high-fidelity multiphysics and multibody dynamics simulations. The new version ships refreshed API documentation and continued refinements to its core solvers, reflecting more than a decade of steady development since the project launched in 2013.

The library models large systems of rigid bodies governed by differential-algebraic equations, deformable bodies through finite-element PDEs, and granular materials using either differential variational inequalities or smooth-contact DAEs. It also handles coupled fluid-solid interaction problems and supports first-order ODE systems. Optional modules extend these foundations to ground-vehicle dynamics, terramechanics, robotics and embodied AI.

Chrono integrates sensor models for camera, LiDAR, GPS, IMU and SPAD devices, with a dedicated ROS2 interface that simplifies simulation of autonomous agents. Parallel computing support spans multi-core CPUs, GPUs and distributed clusters, enabling large-scale runs that mix rigid-body, flexible-body and fluid dynamics in a single simulation.

Distributed under a permissive BSD license and built with CMake, the package remains platform-independent and offers Python and C# bindings alongside its native C++ API. Researchers in academia, automotive firms and government laboratories rely on it for problems where off-the-shelf game engines fall short on accuracy or extensibility.

The 10.0 release underscores the project's focus on production-grade stability while expanding capabilities that matter to current robotics and vehicle development pipelines.

Cyberbotics has released Webots R2025a, delivering a new robot model, additional demonstration scenarios, and significantly improved ROS 2 integration for the open-source simulator.

The update strengthens compatibility with modern robotics pipelines, allowing smoother transfer of control code between simulated and physical systems. Enhanced ROS 2 support addresses latency and messaging improvements critical for autonomous vehicle development and multi-robot coordination. The physics engine also receives refinements that benefit simulations involving computer vision, fluid dynamics, and complex mechanical interactions.

Pre-compiled binaries are now available across platforms. Windows users can install via the setup executable, while Linux offers Debian packages for Ubuntu 22.04 and 24.04, a tar archive, Snap package, and official Docker image. The release is recommended for all users due to accumulated stability fixes and performance gains.

Developers building from source will find updated compilation instructions in the project wiki. The changelog details numerous smaller enhancements that improve daily usability without disrupting existing worlds or controllers.

These changes reflect ongoing evolution of the tool originally created at EPFL, now sustained through customer projects while remaining fully open source.

Webots continues to serve as a bridge between theoretical robotics research and practical implementation, particularly as ROS 2 adoption accelerates across industry and academia.

CISO Assistant has shipped version 3.15.2, extending its MCP server with new vulnerabilities capabilities and adding DORA incidents reporting. These changes allow security findings to flow directly into risk registers and nested interface views without manual re-entry.

The Python project operates as an API-first GRC platform that unifies risk management, AppSec, compliance, audit, TPRM, privacy and reporting. It ships with more than 130 frameworks and performs automatic control mapping, eliminating duplicated effort across standards.

Its architecture deliberately decouples compliance requirements from technical controls. This separation enables reuse of the same security measures across multiple regulatory contexts. Built-in risk assessment workflows, remediation tracking and threat libraries sit at the center of the system. An open format lets teams define custom frameworks using simple syntax and import or export data through UI, CLI, Kafka or report channels.

Recent updates also refine the framework builder, fixing parent-child ordering and preview behavior. Reverse foreign-key handling now surfaces vulnerabilities on relevant object tabs. The release reflects the project's consistent focus on reducing data duplication and supporting automation for practitioners who previously managed these tasks across fragmented tools.

The changes arrive as organizations face tighter operational resilience and incident reporting obligations. By tightening integration between vulnerabilities, risks and regulatory requirements, the platform lets teams spend less time on administration and more on decision-making.

Matomo has released version 5.8.0, updating its full-featured analytics platform that serves as a privacy-first alternative to Google Analytics. The PHP and MySQL application allows users to install the software on their own servers for complete data ownership.

The installation process requires uploading files to a web server and following a five-minute setup wizard. A JavaScript tag is then inserted into target websites to begin collecting data in real time.

Core functionality includes visitor segmentation, goal tracking, and detailed reporting. The system supports analysis of websites, mobile apps, and intranet environments.

Privacy forms the foundation of Matomo's design. Data remains under user control, avoiding the transmission of information to external providers. This approach aids compliance with data protection regulations.

The project, under GPL v3 licensing, encourages community contributions. Pull requests are welcome for extending its capabilities in analytics, marketing, and security.

System requirements include PHP 7.2.5+, MySQL 5.5 or MariaDB, and the pdo_mysql extension. It operates independently across operating systems.

Administrators can generate test data using the VisitorGenerator plugin. Those preferring managed services can opt for Matomo Cloud with a free trial period.

This release continues the project's 15-year mission to empower ethical decision-making through open analytics tools.

Caddy has shipped version 2.11.2 with security patches and feature improvements. This release fixes two CVEs. One in the forward_auth directive prevents identity injection and privilege escalation. The other corrects double expansion in vars_regexp that could leak secrets.

The binary is built on Go 1.26.1, incorporating its recent security updates. Reverse proxy enhancements address PROXY protocol scenarios, health check ports, and retry behaviors. Dynamic upstreams now support tracking for passive health checks.

Users can now set the tls_resolvers global option to control DNS resolvers for TLS challenges. Logging features zstd compression for roll files, deprecating the older gzip method. A rewrite handler bug was fixed for escaped URI paths, and error messages have been improved.

The changes enhance an already robust platform that provides automatic HTTPS by default, using Let's Encrypt or ZeroSSL for public domains and a local CA for internal ones. Caddy supports HTTP/1.1, HTTP/2 and HTTP/3, runs without dependencies, and scales effectively in production. Its extensible design, powered by Go, allows it to serve trillions of requests while managing millions of certificates securely.

PocketBase has released version 0.36.8, addressing a specific bug that caused OAuth2 client secrets to reset when serializing cached collection models. The update also bumps all Go and npm dependencies, silencing false positive security alerts related to CVE-2026-33809. The project remains unaffected by the vulnerability because it does not support TIFF thumbnails.

The single-file Go backend continues to deliver an embedded SQLite database with realtime subscriptions, built-in files and users management, an Admin dashboard UI, and a simple REST-ish API. Builders use it either as a standalone executable or as a regular Go library.

In standalone mode, downloading the prebuilt binary and running pocketbase serve spins up a complete backend in seconds. The default binary includes the JavaScript VM plugin, enabling extensions without additional compilation. As a framework, developers import the package, initialize pocketbase.New(), and attach custom logic through app.OnServe().BindFunc to register routes or modify behavior.

The project is still pre-1.0.0, so full backward compatibility is not guaranteed. Official SDKs for JavaScript and Dart simplify integration across browsers, mobile, and desktop.

This maintenance release demonstrates the project's focus on reliability for developers who need a lightweight, portable backend without managing separate databases or servers.

(178 words)

With Raspberry Pi OS Bookworm now standard in new deployments, Paraphraser/PiBuilder remains essential for builders who need consistent, auditable environments for SensorsIot/IOTstack. The bash scripts transform a freshly imaged Raspberry Pi OS installation into a fully configured Docker host, satisfying every prerequisite so the IOTstack menu never needs to install Docker or docker-compose.

After writing the OS image to SD card or SSD and completing first boot, the entire process runs headless over SSH. Users clone the repository and execute the scripts in order. These handle system updates, user setup, Docker installation, directory creation, and performance tweaks optimized for container workloads. The design deliberately favors speed over interaction.

A flexible patching system lets users override the author's opinionated choices without rewriting core scripts. The project has been validated on Raspberry Pi 3B+, 4B and Zero W2 hardware, both 32-bit and 64-bit variants of Buster, Bullseye and Bookworm, plus Debian and Ubuntu Bookworm guests under Proxmox VE and Parallels.

For practitioners managing home automation, this eliminates repetitive setup errors and produces identical builds across devices. Recent testing on 64-bit platforms and virtual environments keeps the tooling relevant as containerized sensor networks grow more common.

**

MiniBolt has released version 2.0, refreshing its established guide for building a Bitcoin and Lightning node on a personal computer. First published in 2022, the project continues to show users how to run their own infrastructure using only standard Debian-based Linux commands.

The guide delivers a complete stack that includes Bitcoin Core for full block validation, an Electrum server for wallet connections, a private blockchain explorer, and a Lightning node with web and mobile management interfaces. Services run 24/7 and remain reachable from anywhere.

New in version 2:

• Migration to GitBook for a responsive, full-width design
• Restructured menu and visual navigation aids
• Light/dark theme toggle and Cloudflare protection
• Dedicated organization at github.com/minibolt-guide

Additional resources now include a project roadmap, network diagrams, and a custom Linktree fork. A new contact address handles support requests.

For users, the guide eliminates reliance on third-party servers. Running a personal node lets participants independently validate transactions, preserve financial privacy, enforce consensus rules, and strengthen both the Bitcoin and Lightning networks. The update arrives as more builders seek sovereign computing solutions that require no special hardware.

(178 words)

SmartSpin2k has released version 26.4.5, updating the CA certificate for raw.githubusercontent.com from the expired Sectigo certificate to Let's Encrypt R12. The change, though technical, prevents download failures that would otherwise disrupt users relying on the project for firmware and configuration files.

The open-source system converts conventional spin bikes into smart trainers using an ESP32 microcontroller and a stepper motor that physically turns the resistance knob. Written in C++ and built with PlatformIO, the device receives commands over Bluetooth Low Energy and adjusts resistance automatically to match requirements from training software.

Core capabilities include ERG mode for maintaining target wattage and real-time resistance control synced to incline changes. The hardware mounts on bikes equipped with a standard resistance knob and is assembled from 3D-printed parts using basic soldering. Complete builds typically take under an hour.

First published in 2020, the project remains actively maintained with revision 3 hardware delivering the most reliable performance. A companion mobile app for iOS and Android simplifies calibration and settings. Pre-assembled kits are sold through the project site for users who prefer not to source components.

The latest release demonstrates continued stewardship of a solution that lets cyclists integrate existing equipment with Zwift, TrainerRoad and similar platforms without purchasing new hardware. (178 words)

melonJS has shipped version 18.2.2, a maintenance update that corrects a missing README in NPM packages and bumps the Spine plugin to 2.0.1. The changes are small but reflect the project's ongoing stewardship more than 15 years after its creation.

The engine lets developers concentrate on game logic rather than rendering plumbing. Its Canvas2D-inspired API mirrors familiar calls such as save, restore, translate, rotate, setColor and fillRect. A true renderer abstraction means the same code runs on WebGL, WebGL2 or Canvas2D with zero modifications and automatic fallback when hardware acceleration is unavailable. Future WebGPU backends can be added without touching game code.

melonJS ships as a single tree-shakeable ES module built with ES6 classes and esbuild. The bundle includes physics, tilemaps, audio, input, cameras, tweens, particles and UI while avoiding dependency sprawl. Tiled integration remains a core strength, natively parsing orthogonal, isometric, hexagonal and staggered maps, animated tilesets, collision shapes and compressed formats.

Licensed under MIT and maintained by a small team at AltByte in Singapore, the engine continues to balance completeness with a minimal footprint. Its clean architecture and plugin system invite extension when developers need to go beyond the batteries-included feature set.

**

The latest version of beehave brings targeted improvements for Godot 4.5 users. Release v2.9.2 focuses on stability and integration rather than new features, addressing several long-standing issues in the behavior tree addon.

Key changes include updating the CooldownDecorator to use the Time singleton instead of physics processes, resolving timing inconsistencies. The addon now ensures BeehaveTree remains available even when Godot's class cache breaks, eliminates plugin usage warnings, and prevents raw objects from crossing the engine debugger connection. Blackboards are properly cleared after orientation changes, and docstrings have been repositioned for better editor integration.

These fixes matter because Godot 4.5 introduced changes that affected several addons. Beehave continues to let developers compose behavior trees directly in the scene tree and attach them to any node. Its dedicated debug view displays real-time node status, while custom performance monitors help maintain frame rates during complex AI evaluation.

Every feature remains covered by automated tests using the upgraded GDUnit v6 framework. A new tutorial by community member Queble demonstrates practical implementation patterns for both beginners and experienced developers.

Installation follows the standard addon workflow, with version 2.x targeting Godot 4.x projects. The structured branching ensures users select the correct release for their engine version.