The Git Times

The Hands-On Large Language Models repository has refreshed its Jupyter notebooks to address compatibility with recent Hugging Face releases and PyTorch 2.5, keeping pace with production demands for customized LLMs.

Maintained as the official code companion to the O'Reilly book by Jay Alammar and Maarten Grootendorst, the project delivers concrete implementations for the full pipeline from tokenization to deployment. Notebooks now incorporate updated PEFT and transformers patterns for LoRA-based fine-tuning, retrieval-augmented generation pipelines, and multimodal processing that combine vision encoders with text decoders.

All examples remain optimized for Google Colab's free T4 GPU, with expanded setup folders providing conda environment files and local installation scripts. Results may vary slightly by Python version, yet stay consistent with the book's nearly 300 custom figures that visually explain attention mechanisms, embedding spaces, and model adaptation.

This practical focus matters now as enterprises move beyond prompt-only interfaces toward domain-specific models that run efficiently on modest hardware. The fine-tuning notebooks in particular demonstrate how to adapt open models for classification and generation tasks without requiring massive clusters, giving developers reproducible starting points for real deployments.

Why it matters now: rapid release cycles of new base models have increased demand for battle-tested adaptation code that the repository continues to maintain.

Keras has released version 3.14.0, delivering concrete upgrades to its multi-backend architecture that supports JAX, TensorFlow, PyTorch and OpenVINO.

The update introduces full Orbax checkpoint integration, including sharding, remote paths and step recovery for reliable large-scale training. Quantization tools now support Activation-aware Weight Quantization (AWQ) and Asymmetric INT4 Sub-Channel Quantization. A new ScheduleFreeAdamW optimizer joins the library, while the BatchRenormalization layer gains batch renormalization functionality.

Attention layers add optional gated mechanisms in both MultiHeadAttention and GroupedQueryAttention. The keras.ops.numpy module expands with NaN-aware functions such as nanmin, nanmax, nanquantile and nanstd. New operators include sinc, fmod, depth_to_space, space_to_depth and geomspace.

Preprocessing receives a CLAHE layer for contrast-limited adaptive histogram equalization. The adapt() method on preprocessing layers now accepts Python iterables, simplifying integration with Grain datasets. The OpenVINO backend implemented dozens of additional NumPy and neural-network operations, significantly broadening its inference coverage.

These changes let users select the fastest backend for a given model—frequently JAX—while preserving the high-level API that has powered computer vision, NLP, audio and recommender systems since the project's 2015 launch. Performance gains of 20 to 350 percent remain available depending on architecture.

Dify v1.13.3 focuses on stability for teams running agentic workflows at scale. The patch adds variable-reference support for model parameters inside LLM, Question Classifier, and Variable Extractor nodes, allowing dynamic configuration without manual code edits.

Streaming reliability received the heaviest investment. Engineers corrected StreamsBroadcastChannel replay and concurrency problems, eliminating dropped events between frontend canvas and backend execution engine. Workflow editor behavior was also cleaned up: pasted nodes no longer carry Loop or Iteration metadata, and HumanInput nodes are blocked from invalid containers.

Runtime fixes restored proper prompt message transformation and corrected max_retries=0 handling for HTTP Request nodes. On the knowledge side, citation metadata now survives web responses, missing dataset icons no longer crash queries, hit-count filtering works correctly, and indexed document chunk previews have returned.

These changes address concrete production friction for users who combine Dify’s visual canvas, extensive RAG pipeline, and support for hundreds of models ranging from GPT-4 and Llama 3 to self-hosted OpenAI-compatible endpoints. Observability hooks for Opik, Langfuse, and Arize Phoenix remain intact, letting teams monitor live executions without switching tools.

The release continues Dify’s emphasis on moving cleanly from prototype to self-hosted production using Docker Compose on modest hardware.

Makelangelo Software version 7.78.5 delivers targeted fixes to the Java application that converts vector art into G-code for CNC plotters, particularly the wall-hanging polargraph robot it was built to support.

The core improvement fixes infill of closed loops. Previous releases sometimes failed the in/out test, leaving gaps or scattered lines; the update ensures reliable detection and clean filling. The MickeyMoe1992 converter now respects margin limits exactly as other tools do, preventing drawings from extending beyond user-defined boundaries.

Rendering quality also advances. The application forces render hints to enable antialiasing, producing sharper previews before motors start moving. A modest usability change adds drag-and-drop files directly to the Recent Files list, trimming one small friction point in daily use.

These adjustments matter for makers who rely on the software to translate SVGs and other formats into precise stepper instructions. It pairs with Marlin firmware on Arduino-based controllers, driving two motors and a hanging gondola that moves a pen across vertical surfaces up to several meters wide. The program runs on Windows, macOS, and Linux without modification.

Fourteen years after its first commit, the project continues steady refinement rather than radical redesign. The result is more predictable output for artists and engineers producing large-scale drawings without interrupting the familiar workflow.

Full changelog is available on the repository.

Dora shipped v0.5.0 this week, bumping its workspace and dora-message crate while tightening the performance characteristics that have defined the project since 2022. The middleware continues to model robotic applications as directed graphs, with nodes exchanging data through a 100% Rust runtime built for low-latency, distributed execution.

Version 0.5.0 makes fuller use of the Zenoh shared-memory data plane. Nodes publish directly to SHM, bypassing the daemon and cutting latency by 35% while delivering three to ten times higher throughput on large payloads. Network fallback remains automatic for multi-machine graphs. End-to-end Apache Arrow columnar format eliminates serialization; zero-copy IPC keeps latency flat from 4 KB to 4 MB messages. A dedicated drain task offloads publishes, preserving a non-blocking event loop that responds to control commands in microseconds.

These changes matter for embodied AI workloads where Python-based ROS2 pipelines introduce jitter unacceptable for tight control loops. Dora’s Rust core delivers 10–17× faster throughput than ROS2 Python equivalents while supporting both Rust and Python operators through the same Arrow memory layout. The project itself is now developed via agentic engineering—autonomous AI agents generate, review, refactor, test, and commit code—mirroring the autonomous systems it helps build.

The result is a leaner foundation for real-time robotics that prioritizes predictable latency over framework bloat.

CARLA has shipped version 0.9.16, shifting its development branch to Unreal Engine 5.5 while maintaining the mature UE 4.26 codebase in parallel. The ue5-dev branch introduces materially different graphics, physics and asset handling; teams must validate compatibility before migrating.

The release integrates NVIDIA Cosmos Transfer1 and the Neural Reconstruction Engine (NuRec), enabling higher-fidelity neural rendering and synthetic data transfer. New SimReady OpenUSD and MDL Converters now support bidirectional exchange of digital-twin stages and materials. Support for left-handed traffic maps expands the simulator’s relevance to European and Asian urban layouts.

Infrastructure improvements include consistent python3 usage across scripts, devcontainer documentation, GUI-enabled Ubuntu 22.04 Docker images, and the ability to mount host UE installations inside containers. Navigation fixes eliminate infinite waypoint loops on opposing lanes, while map-loading and OpenDrive parsing bugs have been resolved. Vehicle door states are now recorded, and component transforms are queryable via the API.

Pre-built packages for Ubuntu 22.04/24.04 and Windows 11 ship with optional AdditionalMaps content. Recommended hardware now centers on RTX 4070-class GPUs with 16 GB VRAM to drive the UE5.5 renderer. These changes tighten the feedback loop between simulated and real-world autonomous stacks.

Ciphey has served CTF players, penetration testers and malware analysts since 2019 by automatically trying dozens of ciphers, encodings and hash formats until plaintext is recognised through natural-language checks. Version 5.14.0, released this week, tightens the Rust codebase without altering the core approach.

The rewrite already delivers roughly seven times the throughput of the original Python Ciphey by replacing AI-driven path selection with simple, rapid iteration. The latest changes focus on usability and reliability. The CLI now defaults to a five-second timeout, the library gained smarter __main__ handling, and terminal progress uses Rich instead of yaspin. Dependency updates tightened PyWhat/LemmeKnow integration for faster identification of hashes and encodings before decryption begins.

Library-first design remains central. The Discord bot, comprehensive test suite (now around 120 tests) and documentation tests all consume the same Rust library that powers cargo install ciphey. This architecture lets security teams embed Ciphey in custom pipelines rather than treating it as a standalone binary.

For practitioners facing time-boxed engagements or late-night CTF challenges, the incremental gains matter: quicker feedback, fewer hanging processes and clearer output reduce context switching. The project continues to expand its 16 decoders while maintaining the strict testing and documentation standards established after the original Ciphey’s limitations became apparent.

Caddy 2.11.2 addresses two security vulnerabilities that could have been exploited through configuration directives. The forward_auth flaw, reported by NucleiAv, risked identity injection and privilege escalation. The vars_regexp bug, discovered by sammiee5311, double-expanded placeholders and could leak secrets in certain setups. Both have been corrected.

The binary is now built on Go 1.26.1, inheriting its CVE patches. Reverse-proxy behavior received the most changes: dynamic upstreams are now tracked, enabling passive health checking. Edge cases involving PROXY protocol headers, health-check port selection, and request-body closure on retries have been fixed.

Operators gain a new global tls_resolvers option to control DNS servers used for ACME challenges across every site. Log rolling now supports zstd compression; roll_gzip is deprecated in favor of the more general roll_compression.

These refinements matter for teams running Caddy at scale. The server already coordinates certificate issuance across clusters, falls back between issuers, and stays online when TLS or OCSP problems take down other infrastructure. Its automatic HTTPS—ZeroSSL and Let’s Encrypt for public names, a managed local CA for internal IPs—combined with HTTP/3 support and a dependency-free Go binary, keeps operational toil low while delivering memory safety guarantees absent in many competitors.

The modular architecture continues to let users extend functionality through plugins without bloating the core.

The trickest/cve repository has sharpened its automated collection process to keep pace with accelerating vulnerability disclosures. Maintained through Trickest workflow architecture, the system ingests fresh records from the CVE Project's cvelist, organizes them by year, and locates associated proof-of-concept material through two distinct methods.

It scans each CVE's reference links with ffuf, applying the regex (?i)[^a-z0-9]+(poc|proof of concept|proof[-_]of[-_]concept)[^a-z0-9]+ to surface candidate PoCs. Complementary searches query GitHub repositories via find-gh-poc and pull relevant HackerOne disclosures through AllVideoPocsFromHackerOne. Fresh data merges automatically without overwriting manually contributed entries, while blacklist.txt filters recurring false positives.

Each resulting markdown file includes shields.io badges showing affected software versions and direct links to exploits. An atom feed supports product-specific monitoring, and the bundled template generates searchable HTML tables on demand.

The refinements matter as organizations confront frequent supply-chain and zero-day threats. By reducing manual effort while expanding source coverage, the repository delivers timely, structured intelligence that security teams can put to immediate use in testing and mitigation planning.

(178 words)

uv 0.11.7, released April 15, delivers targeted security and reliability improvements that matter to teams running the tool at scale.

The update upgrades the bundled CPython build to the 20260414 revision, pulling in a fresh OpenSSL security patch. This directly strengthens certificate validation during package resolution from PyPI and private indices. New logic filters invalid TLS certificates and emits clearer warnings instead of silent failures or abrupt halts, particularly useful for users behind corporate proxies or in air-gapped environments.

Configuration handling has been tightened. Errors are now elevated to the same level as required-version mismatches, producing consistent feedback when pyproject.toml or lockfiles deviate from expectations. The --exclude-newer flag receives better hints, while version-specifier equality checks involving the ~= operator have been corrected.

Bug fixes address workspace metadata quoting in linehaul data, prevent accidental editable installs of tool workspace members, improve JSON reporting for uv sync --check failures, and normalize Windows paths more reliably. Preview-mode uv audit now correctly traverses scripts and extras.

These changes reinforce uv’s position as a single, fast binary replacing pip, Poetry, and virtualenv workflows. The focus on certificate hygiene and deterministic error behavior signals growing maturity for enterprise and regulated use.

(178 words)

Coolsnowwolf/lede remains a widely used source tree for constructing customized router firmware based on the LEDE codebase. Its newest tagged release, 20251001, focuses on timely kernel refreshes and expanded device compatibility rather than radical architectural shifts.

Four kernel branches received updates: 5.4 advanced to 5.4.247, 6.1 to 6.1.34, 5.15 to 5.15.116, and 5.10 to 5.10.183. These bumps pull in upstream security patches, improved drivers, and stability fixes essential for 24×7 routing workloads.

The release integrates a MultiPath TCP kernel module, enabling concurrent use of multiple network paths for greater resilience and aggregated bandwidth. It also resolves an x86_64 cfg80211 kernel panic by disabling Intel IBT, corrects missing sha1-arm.ko crypto modules, and adds required build dependencies such as python3-setuptools, ssb, and bcma.

New targets include the NRadio WT6285, panther x2 on RK3566, Codinge Xiaobao NAS-I, and refined Rockchip support. The tree continues to maintain specialized architecture coverage for loongarch64 Loongson SoCs and Phytium D2000 series processors.

Compilation still demands a non-root environment on Debian or Ubuntu LTS with a lengthy list of packages. Resulting images retain the conventional default of 192.168.1.1 and password password. For builders needing current kernels and niche hardware enablement, this update keeps the repository relevant.

(178 words)

Moby has shipped version 29.4.1, delivering targeted fixes and updates to the modular container platform that has powered Docker and custom systems since 2013.

The release corrects practical issues affecting daily operations:

• docker image prune --filter label!=key=value no longer skips images missing the label in the containerd image store.
• --log-opt "tag={{.ImageID}}" now correctly strips the digest algorithm.
• Intermittent EBUSY failures during secrets and configs remount on busy Swarm nodes are eliminated through retry logic.

Packaging updates pull in containerd v2.2.3 (static binaries) and Go 1.26.2. Networking changes ensure IPv4-only or IPv6-only endpoints with higher gateway priority are selected as the default route over dual-stack alternatives.

Moby supplies a swappable “Lego set” of components—build tools, registry, orchestration, runtime—guided by principles of modularity, usable security defaults, and developer-focused APIs. Components are designed to combine with other projects or be replaced entirely.

The project remains aimed at engineers, integrators and enthusiasts who modify, experiment with, or build container-based infrastructure. It functions as the upstream for Docker while accepting community direction on its roadmap.

This incremental release demonstrates the project’s continued focus on stability for production workloads and those working directly with open source container code.

ESPectre version 2.7.0 expands deployment options for its Wi-Fi CSI motion detection system by adding Bluetooth Low Energy control. The update allows the ESP32 firmware to operate independently of Home Assistant, with developers now able to build custom BLE clients that receive motion events and adjust detection thresholds at runtime.

The BLE command channel supports live threshold changes and can be extended for additional parameters. The project's web game demonstration has migrated from serial to Web Bluetooth, providing a working example for new client development.

On the technical side, both the ESPHome C++ component and Micro-ESPectre Python library now follow identical CSI normalization paths. Support has been added for 256->128, 228->114 and 114->128 remappings before HT20 processing. This reduces packet drops on varied ESP32 hardware including S3, C6 and C3 variants. New unit tests validate these scenarios in both codebases.

The changes make the roughly €10 solution more versatile for builders working outside the Home Assistant ecosystem while preserving its core privacy advantage: detecting movement through existing 2.4 GHz Wi-Fi signals without cameras or microphones.

Bambu Studio AI delivers a comprehensive Python skill for the OpenClaw framework that connects every stage of 3D printing with Bambu Lab hardware. Users issue a single instruction such as “print a phone stand” and the agent searches existing models or generates new ones across five AI providers, applying automatic prompt enhancement, retry logic and consistent scaling via a --height parameter.

The pipeline then runs an 11-point printability analysis, executes automatic mesh repair, verifies dimensions and handles multi-color files by extracting hues from textures or vertex-colored OBJs. HSV-based classification removes baked lighting artifacts before mapping colors to AMS filaments. After rendering previews the skill hands off cleanly to Bambu Studio for slicing, starts the print job, and activates AI vision monitoring on the printer camera feed to detect failures, auto-pause and notify the user.

The project supports all ten Bambu Lab models with accurate build volumes, temperature limits and material profiles. Release v1.0.1 skipped parametric tests when manifold3d is unavailable, fixed scoring caps in analyze.py and brought the test suite to 53 passed checks.

This unified approach eliminates the fragmented tool chain that otherwise forces manual transfers between model sites, slicers and monitoring apps.

raylib 6.0 introduces rlsw, a software renderer that lets the library run entirely on CPU and system RAM with no GPU or OpenGL required. This completes the project's original goal of delivering a completely self-contained graphics library that works on any device possessing modest processing power and memory.

The new backend integrates directly with raylib's existing architecture, preserving the same API while offering an alternative to the OpenGL 1.1–4.3 and ES paths. It supports the library's full feature set, including 3D shapes, skeletal animation of IQM, M3D and glTF models, PBR materials, post-processing shaders, and audio streaming for WAV, OGG, MP3 and tracker formats.

Since the previous release the project incorporated more than 2000 commits, closed over 330 issues, added 20 new API functions for a total of 600, and expanded its example collection by 70 to exceed 215 working samples. More than 210 new contributors participated, many focused on the software renderer and platform compatibility for RISC-V and embedded targets.

The release was made possible in part by full-time development funded through NLnet and the NGI Zero Commons Fund. For educators, toolmakers and embedded developers, the software path removes previous hardware barriers while retaining raylib's characteristic minimalism: no external dependencies, plain C99 code, and immediate usability for prototyping and teaching.

The MakeUp Ultra Fast shader has rolled out version 9.4e, extending support to Minecraft 1.21 and Iris 1.5.1 or above. The GLSL-based pack targets users with low-spec computers who want graphical upgrades without heavy performance penalties.

Key implemented features include temporal antialiasing for reduced jagged edges, depth of field, enhanced ambient occlusion for better depth perception, and realistic water reflection plus refraction. Players can activate optional elements such as shadows, volumetric clouds, bloom, motion blur, and chromatic aberration according to their hardware capabilities. An auto-exposure system adjusts brightness dynamically across the Overworld, Nether, and End.

• TAA and enhanced ambient occlusion
• Water reflection and refraction
• Optional volumetric clouds and shadows
• Motion blur with auto-exposure

The shader maintains compatibility with Optifine alongside Iris. It has been validated on Nvidia, AMD, and Intel hardware running Windows or Linux, delivering consistent frame rates from version 1.12 up to the latest release.

This update addresses evolving mod loader requirements while preserving the project's core promise of speed. Community members continue to fork and adapt the code for specialized needs, referencing the original sources on Modrinth, Planet Minecraft, CurseForge, and GitHub.

Such maintenance ensures the shader remains viable as Minecraft evolves, offering concrete visual improvements to a broad audience.