Affected versions Symfony versions >=6.4, =7.0, =8.0, <8.0.12 of the Symfony Lox24 Notifier and Symfony Mailjet Mailer components are affected by this security issue. The issue has been fixed in Symfony 6.4.40, 7.4.12,…
Read the full post on https://stitcher.io/blog/php-ecosystem-security-team
Release: llm-gemini 0.32 New model gemini-3.5-flash for Gemini 3.5 Flash. See also my notes on Gemini 3.5 Flash, and the pelican I drew using this upgrade to the plugin. Tags: gemini, llm
Today at Google I/O, Google released Gemini 3.5 Flash. This one skipped the -preview modifier and went straight to general availability, and Google appear to be using it for a whole lot of their key products: 3.5 Flash is available today to billions of people globally: For everyone via the Gemini app and AI Mode in Google Search For developers in our agent-first development platform Google Antigravity and Gemini API in Google AI Studio and Android Studio For enterprises in Gemini Enterprise…
Release: datasette-llm-accountant 0.1a4 Fixed bug tracking chains of responses. Refs datasette-llm#7 Tags: llm, datasette
Release: llm-gemini 0.32a0 Compatible with llm>=0.32a0 alpha - adds the ability to stream reasoning tokens. Tags: gemini, llm
Release: datasette-llm 0.1a8 Fix for bug where llm_prompt_context() hook did not fully collect chains of responses. #7
Socket's Threat Research Team identified a malicious Go module published as github.com/shopsprint/decimal, a typosquat of the widely used github.com/shopspring/decimal arbitrary precision arithmetic library. The typosquatted module has been present on the Go ecosystem since 2017-11-08 and was weaponized on 2023-08-19 when version v1.3.3 added a malicious init() function that opens a DNS TXT record command and control channel to a threat actor controlled subdomain on a free dynamic DNS provider.…
Jakub shares a collection of small interface details that compound into a much better user experience, from text wrapping and concentric radius math to interruptible animations and optical alignment. It is packed with practical UI polish ideas that are easy to miss, but hard to unsee once you notice them. Read more
SymfonyDay Montreal 2026 is just around the corner, taking place on June 4 at L'Espace Quartier Latin (UQAM). Get ready for a day of high-level technical exchange! 🎤 Speaker announcement! Arnaud Oltra, Tech lead developer, Alesco, will share his…
Symfony 8.1 improves the Validator component with new constraints, Clock support, and reentrant validators. New Xml Constraint Contributed by Mokhtar Tlili…
Socket’s Threat Research team is investigating an active npm supply chain attack involving compromised packages in the @antv ecosystem. The attack affects packages tied to the npm maintainer account atool, including echarts-for-react, a widely used React wrapper for Apache ECharts with roughly 1.1 million weekly downloads. Socket quickly detected the malicious publish wave and classified the affected versions as known malware. Socket’s internal review identified hundreds of unique packages. The…
I put together these annotated slides from my five minute lightning talk at PyCon US 2026, using the latest iteration of my annotated presentation tool. # I presented this lightning talk at PyCon US 2026, attempting to summarize the last six months of developments in LLMs in five minutes. # Six months is a pretty convenient time period to cover, because it captures what I've been calling the November 2025 inflection point. November was a critical month in LLMs, especially for coding. # For one…
Glaucous-winged Gull, Brown Pelican, Snowy Egret, Canada Goose, in Los Angeles River, CA, USI'm heading home from PyCon US today so I went on a last morning walk to try and spot a pelican. I saw one! Didn't get a great photo of that, but I did see some goslings down by the swan boat lake.
In this post, Dries shows how they use Claude Skills to automate repetitive work in client projects, like generating Saloon requests, DTOs, and Livewire pages. It is a practical look at where these workflows save a lot of time, and where careful review still matters. Read more