Expat 2.8.2 released, fixes 13 vulnerabilitiesblog.hartwork.org3 points·by spyc·18 giorni fa·0 comments
Expat 2.8.1 released, CVE-2026-45186 and CVSS unreliabilityblog.hartwork.org4 points·by spyc·2 mesi fa·0 comments
Python 3.14 started enabling color for argparse by defaultgithub.com2 points·by spyc·6 mesi fa·0 comments
Reconsider W3C Recommendation status of XSLT 2.0 and XSLT 3.0github.com11 points·by spyc·9 mesi fa·1 comments
spyc·28 giorni fa·discussBoth libexpat ("Expat") and uriparser are following the curl security vacation and will not accept new vulnerability reports before 2026-08-01, starting today.[1] https://github.com/libexpat/libexpat/issues/1277[2] https://github.com/uriparser/uriparser/issues/323
spyc·7 mesi fa·discussThe current implementation breaks semantics of functions with tail recursion from within loops: https://github.com/raaidrt/tacopy/issues/1
spyc·9 mesi fa·discussPotentially the movie itself is also or more of interest. The related thread is: https://news.ycombinator.com/item?id=45056377
spyc·anno scorso·discussLost trust for sure. Who knows if Redis would be AGPL now if Valkey did not exist.
[1] https://github.com/libexpat/libexpat/issues/1277
[2] https://github.com/uriparser/uriparser/issues/323