Tool: GitHub Repo Size GitHub doesn't tell you the repo size in the UI, but it's available in the CORS-friendly API. Paste a repo into this tool to see the size, for example for simonw/datasette (8.1MB). Tags: cors, github
We’re excited to announce that SymfonyLive Berlin 2026 will take place April 23–24, 2026 at CineStar CUBIX Alexanderplatz, right in the heart of Berlin, directly on Alexanderplatz and easily accessible by public transport. 🎤 New talk announced…
We’re excited to announce that SymfonyLive Berlin 2026 will take place April 23–24, 2026 at CineStar CUBIX Alexanderplatz, right in the heart of Berlin, directly on Alexanderplatz and easily accessible by public transport. Before the conference,…
A good reminder that trust matters more than ever when every week brings another AI-made product. The post argues that real faces, founder stories, and a visible reputation help both people and LLMs trust what you build. Read more
Release: asgi-gzip 0.3 I ran into trouble deploying a new feature using SSE to a production Datasette instance, and it turned out that instance was using datasette-gzip which uses asgi-gzip which was incorrectly compressing event/text-stream responses. asgi-gzip was extracted from Starlette, and has a GitHub Actions scheduled workflow to check Starlette for updates that need to be ported to the library... but that action had stopped running and hence had missed Starlette's own fix for this…
Meta announced Muse Spark today, their first model release since Llama 4 almost exactly a year ago. It's hosted, not open weights, and the API is currently "a private API preview to select users", but you can try it out today on meta.ai (Facebook or Instagram login required). Meta's self-reported benchmarks show it competitive with Opus 4.6, Gemini 3.1 Pro, and GPT 5.4 on selected benchmarks, though notably behind on Terminal-Bench 2.0. Meta themselves say they "continue to invest in areas with…
Socket CEO Feross Aboukhadijeh joined the TBPN podcast today to break down the Axios npm supply chain attack, one of the most significant open source compromises in recent months. TBPN, recently acquired by OpenAI, is a live daily tech show hosted by John Coogan and Jordi Hays. Feross walked through how North Korean state actors socially engineered the lead Axios maintainer over weeks, building a fake company, a fake Slack workspace, and a staged Microsoft Teams call before delivering malware…
A social engineering campaign is actively targeting open source developers through Slack, according to a high-severity advisory posted April 7 to the OpenSSF Siren mailing list. The attacker impersonates a known Linux Foundation community leader to lure victims into a multi-stage attack that ends with malware delivery and potential full system compromise. OpenSSF Siren is a public threat intelligence mailing list run by the Open Source Security Foundation (OpenSSF), a Linux Foundation project.…
I have a feeling that everyone likes using AI tools to try doing someone else’s profession. They’re much less keen when someone else uses it for their profession. — Giles Turnbull, AI and the human voice Tags: ai-ethics, writing, ai
A thorough explainer on how quantization makes LLMs 4x smaller and 2x faster while losing only 5-10% accuracy. Covers floating point precision, compression techniques, and how to measure quality loss, with interactive examples throughout. Read more
We’re excited to announce that SymfonyLive Berlin 2026 will take place April 23–24, 2026 at CineStar CUBIX Alexanderplatz, right in the heart of Berlin, directly on Alexanderplatz and easily accessible by public transport. Before the conference,…
We have been tracking North Korea’s Contagious Interview operation since 2024 and maintain a dedicated campaign page that now tracks more than 1,700 malicious packages linked to the activity. In this newly identified cluster, the threat actors operated under GitHub aliases including golangorg and published malicious packages across five open source ecosystems: npm: dev-log-core, logger-base, logkitx PyPI: logutilkit, apachelicense, fluxhttp, and license-utils-kit Go Modules:…
GLM-5.1: Towards Long-Horizon Tasks Chinese AI lab Z.ai's latest model is a giant 754B parameter 1.51TB (on Hugging Face) MIT-licensed monster - the same size as their previous GLM-5 release, and sharing the same paper. It's available via OpenRouter so I asked it to draw me a pelican: llm install llm-openrouter llm -m openrouter/z-ai/glm-5.1 'Generate an SVG of a pelican on a bicycle' And something new happened... unprompted, the model decided to give me an HTML page that included both the SVG…
Anthropic didn't release their latest model, Claude Mythos (system card PDF), today. They have instead made it available to a very restricted set of preview partners under their newly announced Project Glasswing. The model is a general purpose model, similar to Claude Opus 4.6, but Anthropic claim that its cyber-security research abilities are strong enough that they need to give the software industry as a whole time to prepare. Mythos Preview has already found thousands of high-severity…
Microsoft has published its Agent Governance Toolkit, an open source project that brings runtime policy enforcement to autonomous AI agents. The release lands as the industry grapples with a widening gap between how fast AI agents are being deployed and how little infrastructure exists to govern what they do once they're running. The toolkit is available under the MIT license at the Microsoft GitHub organization and supports Python, TypeScript, Rust, Go, and .NET. Agent Governance Is Getting…