fidzu : tech

Comments

05 Feb 2025 3:03pm GMT

Comments

05 Feb 2025 2:55pm GMT

Comments

05 Feb 2025 2:51pm GMT

The next major Debian release, 13 "Trixie," is expected to ship with GNOME 48 desktop environment.

05 Feb 2025 1:48pm GMT

Mozilla Thunderbird 135 rolls out with new add-on support, improved OAuth2 for CardDAV, and key bug fixes (only for testing purposes).

05 Feb 2025 12:31am GMT

Financial troubles force Ikey Doherty to delay Serpent OS development, putting the project's future at risk.

04 Feb 2025 9:12pm GMT

Good news in the US federal compliance space. The latest FedRAMP policy relaxes past restrictions that prevented organizations from applying critical security updates.

04 Feb 2025 6:30pm GMT

Right on schedule, a new update to the Mozilla Firefox web browser is available for download. Last month's Firefox 134 release saw the New Tab page layout refreshed for users in the United States, let Linux go hands-on with touch-hold gestures, seeded Ecosia search engine, and fine-tuned the performance of the built-in pop-up blocker. Firefox 135, as is probably intuit, brings an equally sizeable set of changes to the fore including a wider rollout of its new New Tab page layout to all locales where Stories are available: It's not a massive makeover, granted. But the new layout adjusts the […]

You're reading Firefox 135 Brings New Tab Page Tweaks, AI Chatbot Access + More, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

04 Feb 2025 10:10am GMT

Canonical Ceph with IntelⓇ Quick Assist Technology (QAT) In our last blog post we talked about how you can use Intel® QAT with Canonical Ceph, today we'll cover why this technology is important from a business perspective - in other words, we're talking data storage costs. Retaining and protecting data has an inherent cost based […]

03 Feb 2025 10:32am GMT

Do you use the official Spotify DEB on Ubuntu (or an Ubuntu-based Linux distribution like Linux Mint)? If so, you'll be used to receiving updates to the Spotify Linux client direct from the official Spotify APT repo, right alongside all your other DEB-based software. Thing is: if you haven't checked for updates from the command line recently you might not be aware the that security key used to 'sign' packages from the Spotify APT repo stopped working at the end of last year. Annoying, but not catastrophic as it-thankfully-doesn't stop the Spotify Linux app from working just pollutes terminal output […]

You're reading How to Fix Spotify 'No PubKey' Error on Ubuntu, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

03 Feb 2025 2:48am GMT

Fans of the Papirus icon theme for Linux desktops will be happy hear a new version is now available to download. Paprius's first update in 2025 improves support for KDE Plasma 6 by adding Konversation, KTorrent and RedShift tray icons, KDE and Plasma logo glyphs for use in 'start menu' analogues, as well as an assortment of symbolic icons. Retro gaming fans will appreciate an expansion in mime type support in this update. Papirus now includes file icons for ROMs used for emulating ZX Spectrum, SEGA Dreamcast, SEGA Saturn, MSX, and Neo Geo Pocket consoles; and Papirus now uses different […]

You're reading Linux Icon Pack Papirus Gets First Update in 8 Months, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

02 Feb 2025 7:54pm GMT

#​721 - January 31, 2025 Read on the Web JavaScript Weekly Things People Get Wrong About Electron - A long-time maintainer of the wildly successful Electron cross-platform app framework stands by the technical choices Electron has made over the years and defends it against some of the more common criticisms here. Felix Rieseberg Standard Schema: A Common Interface to Schema / Validation Libraries - From the creators of Zod, Valibot and ArkType comes a fantastic bit of collaboration to define a common interface to use JavaScript and TypeScript schema libraries. McDonnell, Hiller, and Blass JavaScript: The Hard Parts - Take your knowledge to the next level with the most loved JavaScript course in the industry. Deepen your understanding of the most important aspects of JavaScript. This highly rated video course goes under the hood, looking at callbacks, higher-order functions, object-oriented JS, and more. Frontend Masters sponsor A WebAssembly Compiler That Fits in a Tweet - Or 192 bytes, if you prefer. This is a look into a fantastic little bit of JavaScript hacking that can compile arithmetic expressions into WebAssembly you can run very easily. You can learn a lot in so little time here. Mariano Guerra and Patrick Dubroy Announcing TypeScript 5.8 Beta - It's that time again. What's new? Support for using require() for ES modules in Node 22+, checked returns for conditional and indexed access types, startup and building optimizations & more. While not a huge release overall, it's particularly good for Node devs. Daniel Rosenwasser 💡 One neat 5.8 feature is --erasableSyntaxOnly, a way to ensure that 'type stripping' techniques still result in runnable code by disallowing TypeScript-exclusive features like enums. IN BRIEF: 🎬 Remember Honeypot's well-received Node.js documentary? (If not, watch it!) Now there's a trailer for an Angular documentary due soon. There's been a lot of chatter about Create React App being effectively 'deprecated' due to a lack of updates from Meta. Turns out, it is deprecated, but the process is now being managed gracefully and some basic React 19 support will be merged in. A developer came up with an approach to making npm packages 5% smaller using Zopfli compression and asked the npm team to consider it. Ultimately the decision was no for a variety of reasons. ⭐ The Syntax YouTube channel presents ▶️ a fun countdown of the top 15 most starred JavaScript projects on GitHub. This is so well put together. RELEASES: Astro 5.2 - The popular framework adds Tailwind CSS 4 support and more niceties. pnpm 10.1 - The alternative, efficient package manager. Prisma 6.3 - Popular ORM for Node.js and TypeScript. ⭐ Phaser v4 Beta 5, Node.js 23.7, npm 11.1, Neutralinojs 5.6 📒 Articles & Tutorials The Modern Way to Write JavaScript Servers - The irony is that while Node popularized JavaScript on the server (though Netscape was doing it in the 90s) this modern, standardized cross-runtime approach doesn't work on Node ...yet ;-) Marvin Hagemeister Introducing Mentoss: The fetch Mocker - A new approach to mocking global fetch() calls (in both browsers and server-side runtimes) inspired by previous attempts like Nock and MSW. Nicholas C. Zakas Wish Your AI Co-Pilot Actually Knew Your Codebase? - Try the most context-aware Developer AI. Augment deeply understands your codebase, documentation, and dependencies. Augment Code sponsor Lessons from Scaling WebSockets for a JavaScript App - Scaling WebSockets for real-time apps presents hidden complexities. Compose shares some lessons learnt the hard way. Atul Jalan 📄 Computing with Tuples in TypeScript - A way to bring objects of different types together but in a lighter way than keyed objects. Dr. Axel Rauschmayer 📄 How Long is a Second in JavaScript? - What may seem like a straightforward query is actually one of surprising complexity. Iago Lastra 📄 Adding Maps to Your Pages with Leaflet.js - Quick, easy, and open source to boot. Raymond Camden 📄 How to Use Node's fs in the Browser for Custom Playgrounds Ivan Chebykin 📄 Building a QR Code HTML Web Component Scott Jehl 📄 How to Build a CMS with React Admin Thibault Barrat 🛠 Code & Tools docxtemplater: Generate docx and pptx Documents from Templates - Generate Word and PowerPoint files dynamically by merging against templates (ideal for invoices, contracts, certificates, etc.) It's open source (MIT or GPLv3), but the creator has a commercial version with more extensions (e.g. to work with Excel). GitHub repo and feature demos. Edgar Hipp 📊 Plotly 3.0: A JavaScript Graphing Library - A high-level, declarative charting library, built on top of D3 and stack.gl, with over 40 chart types, including 3D charts, statistical graphs, and SVG maps. v3 is largely to remove deprecations, fix bugs, and a switch to esbuild. Plotly, Inc. Using Clerk SSO to Access Google Calendar and Other Service Data - Leverage Clerk's social sign in providers to easily access service data on behalf of your users. Clerk sponsor Emittery 1.1: A Simple, Modern Async Event Emitter - A small, async event emitter for Node and the browser, and now with support for AbortController. Sindre Sorhus jsontr.ee: Visualize JSON Structures as Dynamic SVG Diagrams - You can try it out on this playground, which provides the option to download the diagram as PNG, or use it in an app with customizable styles. Lou Alcalá DBOS Transact v2: Lightweight Durable Execution in TypeScript - Durable execution means persisting the execution state of your program while it runs, so if it's interrupted or crashes, it resumes from where it left off - ideal for long-running or business-critical workflows. Docs. DBOS, Inc. 📰 Classifieds Meticulous automatically creates and maintains an E2E UI test suite with zero developer effort. Relied on by Lattice, Bilt Rewards, etc. Protect your SaaS app with advanced device fingerprinting from WorkOS Radar. Stop fake signups, free tier abuse, bot attacks and brute force attempts today. jscanify 1.3: JavaScript Document Scanning Library - Given raw photos of documents, this can do paper detection (along with glare suppression), distortion correction, highlighting and extracting. See some visual examples or try it out here. ColonelParrot Ruck 9.0: A React Webapp Framework for Deno - A lean React-based way to build modern React apps with Deno using features like ESM, dynamic imports, HTTP imports, and import maps with no transpilation or bundling. Jayden Seric OpenPGP.js 6.1 - OpenPGP implementation for JavaScript. wavesurfer.js 7.9 - Waveform rendering and playback. Poku 3.0 - Cross-platform JavaScript test runner.

31 Jan 2025 12:00am GMT

Canonical Ceph with IntelⓇ Quick Assist Technology (QAT) When storing large amounts of data, the cost ($) to store each gigabyte (GB) is the typical measure used to gauge the efficiency of the storage system. The biggest driver of storage cost is the protection method used. It is common to protect data by either having […]

27 Jan 2025 9:11am GMT

#​720 - January 24, 2025 Read on the Web JavaScript Weekly Bun 1.2: A Big Step Forward for the Fast JS/TS Runtime - The JavaScriptCore-based Bun continues to up its server-side runtime game with strides forward in Node.js compatibility, performance boosts, and new APIs for interacting with S3 and S3-like object stores as well as Postgres. If you'd prefer to be ▶️ introduced to Bun 1.2 with a keynote-style video, it's a good watch. Ashcon Partovi and the Bun Team 🦖 ..and by no means should we forget Deno whose team have published a roundup of all of Deno's progress in the past year. FlexGrid by Wijmo: The Industry-Leading JavaScript Datagrid - A fast and flexible DataGrid for building modern web apps. Key features and virtualized rendering are included in the core grid module. Pick & choose special features to keep your app small. Built for JavaScript, extended to Angular, React, and Vue. Wijmo From MESCIUS inc. sponsor 🤖 Transformers.js v3.3: Machine Learning and AI for the Web - This is a dry release announcement but I wanted to highlight the rapid pace that this exciting library is making for browser-based NLP, speech recognition, vision, and now text-to-speech use cases (live TTS demo here - it takes a while to load though). It's also being used in Firefox for various enhancements (see below). Hugging Face IN BRIEF: The creator of SolidJS says that Angular and Vue are the frameworks to watch in 2025, while reflecting on JS framework progress generally. A year ago, Kelly Sutton wrote about his company's move away from React but how did it pan out? In Moving On from React, a Year Later he explains how things have gone since. JSON Query is a neat, flexible JSON querying language. The demos really sell it IMHO. The ESLint project takes a look back at ESLint's 2024 year in review. GitHub has unveiled sub-issues, issue types, and advanced search for issues. RELEASES: Rspack v1.2 - Fast Rust-based Web bundler adds a peristent cache feature that improves hot start performance by up to 250%. Node v23.6.1 (Current), v22.13.1 (LTS), v20.18.2 (LTS), v18.20.6 (LTS) to resolve some security vulnerabilities. Capacitor 7.0 - Build cross-platform native apps/PWAs with web technologies. React Native 0.77 - Now with enhanced styling capabilities. Vitest 3.0 - The fast Vite-native testing framework. NestJS 11, Storybook 8.5, Unpic 1.0, Inferno 9.0 📒 Articles & Tutorials 🕒 JavaScript Temporal is Coming (For Real!) - We first mentioned the Temporal API proposal providing a better way to handle dates and times in JavaScript almost five years ago (in issue 496!) but now it really is almost here. Brian explains its basic concepts and where initial support is starting to appear. Brian Smith Avoiding anys with Linting and TypeScript - any is TypeScript's famous type fallback/safety hatch but if you can avoid it, you can benefit more from TypeScript's type-checking features. Josh shares some tips to do just that. Josh Goldberg [Workshop] How to Build Testing Culture on Your Team - Join our live session to learn strategies for gaining buy-in, balancing testing, and integrating it into daily workflows. Sentry sponsor 🤖 Running Inference in Web Extensions - Firefox Nightly is shipping with a new API that can let you use their AI runtime for offline machine learning tasks in Web extensions you create. It uses the previously mentioned Transformers.js and is already used in Firefox 133 to provide alt text for images in PDFs. Tarek Ziadé (Mozilla) 📄 Generating Test Values using JavaScript Generators Peter Leonov 📄 TypeScript Enums: Use Cases and Alternatives Dr. Axel Rauschmayer 📄 Fetch and HTTP/2 Support in Node, Bun and Deno Georges Haidar 📊 A Deep Dive into Initial Load Performance Nadia Makarevich 📄 Improving UI Performance by Optimizing Our Debouncer Atul Jalan (Compose) 📄 Angular Clean Coding Fundamentals Jonathan Gamble 🛠 Code & Tools deck.gl 9.1: GPU-Powered Large Scale Data Visualization - deck.gl provides a way to create complex yet high performance data visualizations composed of multiple layers (examples). It can be used in a vanilla JS way or through React components and it's ready for WebGPU. OpenJS Foundation Breakpoints and console.log Is the Past, Time Travel Is the Future - Next-level testing in any editor, 15x faster with Interactive Time Travel Debugger, real-time insights & advanced coverage in a new UI. Wallaby Team sponsor ArkType 2.0: Runtime Validation Library - An easy-to-deploy solution for schema validation that can infer TypeScript definitions 1:1 and use them as optimized validators for your data, both at runtime and for immediate type-level feedback in your editor. ArkType NodeBB v4.0.0 Released: Node.js Powered Forums - Offers a classic forum experience in a modern Node.js-shaped guise. v4 adds support for federation between instances and the wider 'fediverse.' NodeBB, Inc. SRCL: Build React Apps with 'Terminal Aesthetics' - The homepage is a live demonstration of what SRCL has to offer. It's a suite of React components and styling to recreate a monospaced, terminal-like atmosphere Internet Development Studio Company 🎶 Chiptune.js: Module / Tracker File Player - A library for playing 'module' music files like MOD, XM and S3M. (Demo.) Chiptune Contributors 📰 Classifieds Meticulous automatically creates and maintains an E2E UI test suite with zero developer effort. Relied on by Lattice, Bilt Rewards, etc. ☀️ The main JS conference returns to a unique venue! Enjoy 50+ talks & workshops, a food truck festival, networking with 1.5K devs, & 10% off with code JSWEEKLY! GoReleaser v2.6 - A popular 'release engineering' tool in the Go world has just added support for Bun and Deno. React Admin 5.5 - Framework for building B2B frontend interfaces. Now with React 19 and React Router 7 support. React Scan 0.1 - Automatically scan for performance issues and eliminate slow renders in your app. 🎵 ChordSheetJS 12.0 - Library for parsing and formatting chords and chord sheets. (Demo.) Fortune Sheet 1.0 - Drop-in Excel-like spreadsheet control. ApexCharts 4.4 - Popular JS charting library. (Demos.) YouTube.js 13.0 - JS client for YouTube's private API. BlockNote 0.23 - 'Notion-style' block-based editor.

24 Jan 2025 12:00am GMT

This is the fourth interview of a SIG Architecture Spotlight series that will cover the different subprojects, and we will be covering SIG Architecture: Enhancements.

In this SIG Architecture spotlight we talked with Kirsten Garrison, lead of the Enhancements subproject.

The Enhancements subproject

Frederico (FSM): Hi Kirsten, very happy to have the opportunity to talk about the Enhancements subproject. Let's start with some quick information about yourself and your role.

Kirsten Garrison (KG): I'm a lead of the Enhancements subproject of SIG-Architecture and currently work at Google. I first got involved by contributing to the service-catalog project with the help of Carolyn Van Slyck. With time, I joined the Release team, eventually becoming the Enhancements Lead and a Release Lead shadow. While on the release team, I worked on some ideas to make the process better for the SIGs and Enhancements team (the opt-in process) based on my team's experiences. Eventually, I started attending Subproject meetings and contributing to the Subproject's work.

FSM: You mentioned the Enhancements subproject: how would you describe its main goals and areas of intervention?

KG: The Enhancements Subproject primarily concerns itself with the Kubernetes Enhancement Proposal (KEP for short)-the "design" documents required for all features and significant changes to the Kubernetes project.

The KEP and its impact

FSM: The improvement of the KEP process was (and is) one in which SIG Architecture was heavily involved. Could you explain the process to those that aren't aware of it?

KG: Every release, the SIGs let the Release Team know which features they intend to work on to be put into the release. As mentioned above, the prerequisite for these changes is a KEP - a standardized design document that all authors must fill out and approve in the first weeks of the release cycle. Most features will move through 3 phases: alpha, beta and finally GA so approving a feature represents a significant commitment for the SIG.

The KEP serves as the full source of truth of a feature. The KEP template has different requirements based on what stage a feature is in, but it generally requires a detailed discussion of the design and the impact as well as providing artifacts of stability and performance. The KEP takes quite a bit of iterative work between authors, SIG reviewers, api review team and the Production Readiness Review team¹ before it is approved. Each set of reviewers is looking to make sure that the proposal meets their standards in order to have a stable and performant Kubernetes release. Only after all approvals are secured, can an author go forth and merge their feature in the Kubernetes code base.

FSM: I see, quite a bit of additional structure was added. Looking back, what were the most significant improvements of that approach?

KG: In general, I think that the improvements with the most impact had to do with focusing on the core intent of the KEP. KEPs exist not just to memorialize designs, but provide a structured way to discuss and come to an agreement about different facets of the change. At the core of the KEP process is communication and consideration.

To that end, some of the significant changes revolve around a more detailed and accessible KEP template. A significant amount of work was put in over time to get the k/enhancements repo into its current form -- a directory structure organized by SIG with the contours of the modern KEP template (with Proposal/Motivation/Design Details subsections). We might take that basic structure for granted today, but it really represents the work of many people trying to get the foundation of this process in place over time.

As Kubernetes matures, we've needed to think about more than just the end goal of getting a single feature merged. We need to think about things like: stability, performance, setting and meeting user expectations. And as we've thought about those things the template has grown more detailed. The addition of the Production Readiness Review was major as well as the enhanced testing requirements (varying at different stages of a KEP's lifecycle).

Current areas of focus

FSM: Speaking of maturing, we've recently released Kubernetes v1.31, and work on v1.32 has started. Are there any areas that the Enhancements sub-project is currently addressing that might change the way things are done?

KG: We're currently working on two things:

1. Creating a Process KEP template. Sometimes people want to harness the KEP process for significant changes that are more process oriented rather than feature oriented. We want to support this because memorializing changes is important and giving people a better tool to do so will only encourage more discussion and transparency.
2. KEP versioning. While our template changes aim to be as non-disruptive as possible, we believe that it will be easier to track and communicate those changes to the community better with a versioned KEP template and the policies that go alongside such versioning.

Both features will take some time to get right and fully roll out (just like a KEP feature) but we believe that they will both provide improvements that will benefit the community at large.

FSM: You mentioned improvements: I remember when project boards for Enhancement tracking were introduced in recent releases, to great effect and unanimous applause from release team members. Was this a particular area of focus for the subproject?

KG: The Subproject provided support to the Release Team's Enhancement team in the migration away from using the spreadsheet to a project board. The collection and tracking of enhancements has always been a logistical challenge. During my time on the Release Team, I helped with the transition to an opt-in system of enhancements, whereby the SIG leads "opt-in" KEPs for release tracking. This helped to enhance communication between authors and SIGs before any significant work was undertaken on a KEP and removed toil from the Enhancements team. This change used the existing tools to avoid introducing too many changes at once to the community. Later, the Release Team approached the Subproject with an idea of leveraging GitHub Project Boards to further improve the collection process. This was to be a move away from the use of complicated spreadsheets to using repo-native labels on k/enhancement issues and project boards.

FSM: That surely adds an impact on simplifying the workflow...

KG: Removing sources of friction and promoting clear communication is very important to the Enhancements Subproject. At the same time, it's important to give careful consideration to decisions that impact the community as a whole. We want to make sure that changes are balanced to give an upside and while not causing any regressions and pain in the rollout. We supported the Release Team in ideation as well as through the actual migration to the project boards. It was a great success and exciting to see the team make high impact changes that helped everyone involved in the KEP process!

Getting involved

FSM: For those reading that might be curious and interested in helping, how would you describe the required skills for participating in the sub-project?

KG: Familiarity with KEPs either via experience or taking time to look through the kubernetes/enhancements repo is helpful. All are welcome to participate if interested - we can take it from there.

FSM: Excellent! Many thanks for your time and insight -- any final comments you would like to share with our readers?

KG: The Enhancements process is one of the most important parts of Kubernetes and requires enormous amounts of coordination and collaboration of people and teams across the project to make it successful. I'm thankful and inspired by everyone's continued hard work and dedication to making the project great. This is truly a wonderful community.

21 Jan 2025 12:00am GMT

#​719 - January 17, 2025 Read on the Web JavaScript Weekly Learn Yjs and Building Realtime Collaborative Apps in JavaScript - Yjs is a CRDT (Conflict-free replicated data type) library for building collaborative and local-first apps. CDRTs are powerful but can be tricky to 'get' which is why this new interactive Yjs tutorial is so valuable. A great way to learn about building collaborative, syncing webapps from the ground up. Jamsocket Bun v1.1.44: The Fast JS Runtime Adds On-Demand Frontend Bundling - The popular, high-performance alternative JavaScript runtime has extended its Bun.serve() HTTP handler with support for bundling frontend apps on demand using HTML imports. Ben Grant Protect Against Bots, Fraud, and Abuse in Real Time - With WorkOS Radar you can detect, verify and block harmful behaviour, protecting your app with advanced device fingerprinting. Stop fake signups, stop free tier abuse, and stop bot attacks and brute force attempts today. WorkOS sponsor A Checklist for Your tsconfig.json - What I love about Dr. Axel is when he's done the hard work of figuring something out for himself, he writes it down. So it goes here, with his journey to set up a good tsconfig.json for his projects. Dr. Axel Rauschmayer IN BRIEF: The Angular team shares a brief update on how they're working on Angular's strategy for 2025. 👽 Alien Signals are coming to Vue 3.6... (it's basically a really fast way to handle signals.) Tired of seeing this everywhere in your code? Dave Rupert has a fun way to turn it into a single glyph in VS Code. RELEASES: Electron 34 - The JS, HTML and CSS desktop app framework updates to Chromium 132, Node 20.18.1, and adds a way to access the JavaScript call stack of unresponsive renderers. Puppeteer 24 - Popular high-level API to control Chrome or Firefox. Cypress 14 - Easy testing for anything that runs in a browser. Now supporting the latest versions of React, Angular, Svelte & Vite for component testing. Storybook 8.5, ESLint 9.18.0, ESLint Config Inspector 1.0, AngularFire 19.0 📒 Articles & Tutorials A Look at Regular Expression Pattern Modifiers - You may be familiar with using flags to change the behavior of regexes, but Dr. Axel looks at a proposal bringing a way to change regex flags within subexpressions (e.g. /^[a-z](?-i:[a-z])$/i;). It's at stage 4 and should land in ECMAScript 2025. Dr. Axel Rauschmayer Accessibility Essentials Every React JS Developer Should Know - If you're an experienced frontend developer, these might be second nature to you by now, but this is a good roundup of the entry level 'table stakes' for frontend accessibility, whether using React or not. Martijn Hols Write More Maintainable JavaScript with AI Code Reviews - CodeRabbit is your AI-powered code review companion that deeply understands the JavaScript codebase. Free for open source. CodeRabbit sponsor Five Years of React Native at Shopify - Five years ago, Shopify said React Native was the future for mobile development at their company and they meant it, with every mobile app moving to RN over time. Here's what they learnt along the way and why they're sticking with it. Mustafa Ali (Shopify) Revealed: React's Experimental Animations API - <ViewTransition /> is based on the browser's View Transition API. It's only in pre-release versions of React, but Matt is armed with examples for you to get a feel for the potential. Matt Perry (Motion) 📄 All JavaScript Keyboard Shortcut Libraries are Broken - Reflections on long standing complexities with the myriad ways of detecting keypresses. Jack Duvall 📄 JavaScript Hashing Speed Comparison: MD5 vs. SHA-256 - You shouldn't be using MD5 anyway, but you especially shouldn't be using it with the misconception that it's faster. Daniel Lemire 📄 5 Technical JavaScript Trends You Need To Know About in 2025 Alexander T. Williams 📄 Creating a Generative Artwork with Three.js Eduard Fossas 📄 JavaScript's Promise.race and Promise.all Are Not "Fair" Chris Krycho 📄 Node.js's Type Stripping Explained Marco Ippolito 🛠 Code & Tools ♟️ Chess.js: A Library to Manage a Chess Game - Provides move generation, validation, piece placement, check/checkmate/stalemate detection - "everything but the AI!" v1.0 offers a rewrite to TypeScript and a variety of enhancements. Jeff Hlywa 💡 Chess Engines: A Zero to One is a neat article digging into the technicalities of implementing a chess engine. react-nil 2.0: A React 'Null Renderer' - An interesting experiment to use React in situations where you don't need it to render anything, but you want to use hooks, suspense, context, and other bits of the React lifecycle. Like in, say, a Node app. Maybe this CodeSandbox example will provoke some ideas. Poimandres 🔎 file-type 20.0: Detect the File Type of a File, Stream or Data - For example, give it the raw data from a PNG file, and it'll tell you it's a PNG. Uses a 'magic number' approach so is targeted at non text-based formats. v20 adds support for yet more formats, including JARs, Word/Excel templates, and now supports ZIP decompression. Sindre Sorhus Node Web Audio API 1.0: A Web Audio API Implementation for Node - More accurately, it's a set of Node bindings for a Rust-powered non-browser implementation of the Web Audio API. IRCAM - Centre Pompidou ⚙️ Vue Spring Bottom Sheet - A lightweight, flexible solution for bottom sheets in Vue apps. megaarmos ⚙️ Act - A Go-powered tool that looks at your repo's GitHub Actions, uses Docker to grab the necessary images, and runs the tasks locally. Nektos ⚙️ Svar - A new suite of open source UI components for Svelte, React, and Vue. XB Software 📰 Classifieds Optimize Your Next.js App's Metadata - Discover practical ways to boost your site's SEO and visibility by customizing metadata in Next.js. 🎹 STRICH: Add blazing fast and reliable 1D/2D Barcode Scanning to your web apps. Free demo app and 30-day trial available. Meticulous automatically creates and maintains an E2E UI test suite with zero developer effort. Relied on by Lattice, Bilt Rewards, etc. Perspective 3.3 - Streaming data viz and analytics component. The core is written in C++ and compiled to WebAssembly. The homepage shows it off well. eslint-plugin-functional 8.0 - ESLint rules to disable mutation and promote functional approaches. React Testing Library 16.2 - DOM testing utils that encourage good practices. Happy DOM 16.6 - Cross-runtime JS implementation of a web browser sans UI. PowerGlitch 2.4 - Tiny library to add a 'glitch' effect to images on the Web. 🤖 node-llama-cpp 3.4 - Run LLMs locally with bindings to llama.cpp. Faker 9.4 - Generate fabricated data to your heart's content. Gridstack.js 11.3 - Build responsive interactive dashboards quickly. Mineflayer 4.25 - Create Minecraft bots in JavaScript.

17 Jan 2025 12:00am GMT

Volume group snapshots were introduced as an Alpha feature with the Kubernetes 1.27 release. The recent release of Kubernetes v1.32 moved that support to beta. The support for volume group snapshots relies on a set of extension APIs for group snapshots. These APIs allow users to take crash consistent snapshots for a set of volumes. Behind the scenes, Kubernetes uses a label selector to group multiple PersistentVolumeClaims for snapshotting. A key aim is to allow you restore that set of snapshots to new volumes and recover your workload based on a crash consistent recovery point.

This new feature is only supported for CSI volume drivers.

An overview of volume group snapshots

Some storage systems provide the ability to create a crash consistent snapshot of multiple volumes. A group snapshot represents copies made from multiple volumes, that are taken at the same point-in-time. A group snapshot can be used either to rehydrate new volumes (pre-populated with the snapshot data) or to restore existing volumes to a previous state (represented by the snapshots).

Why add volume group snapshots to Kubernetes?

The Kubernetes volume plugin system already provides a powerful abstraction that automates the provisioning, attaching, mounting, resizing, and snapshotting of block and file storage.

Underpinning all these features is the Kubernetes goal of workload portability: Kubernetes aims to create an abstraction layer between distributed applications and underlying clusters so that applications can be agnostic to the specifics of the cluster they run on and application deployment requires no cluster specific knowledge.

There was already a VolumeSnapshot API that provides the ability to take a snapshot of a persistent volume to protect against data loss or data corruption. However, there are other snapshotting functionalities not covered by the VolumeSnapshot API.

Some storage systems support consistent group snapshots that allow a snapshot to be taken from multiple volumes at the same point-in-time to achieve write order consistency. This can be useful for applications that contain multiple volumes. For example, an application may have data stored in one volume and logs stored in another volume. If snapshots for the data volume and the logs volume are taken at different times, the application will not be consistent and will not function properly if it is restored from those snapshots when a disaster strikes.

It is true that you can quiesce the application first, take an individual snapshot from each volume that is part of the application one after the other, and then unquiesce the application after all the individual snapshots are taken. This way, you would get application consistent snapshots.

However, sometimes the application quiesce can be so time consuming that you want to do it less frequently, or it may not be possible to quiesce an application at all. For example, a user may want to run weekly backups with application quiesce and nightly backups without application quiesce but with consistent group support which provides crash consistency across all volumes in the group.

Kubernetes APIs for volume group snapshots

Kubernetes' support for volume group snapshots relies on three API kinds that are used for managing snapshots:

VolumeGroupSnapshot

Created by a Kubernetes user (or perhaps by your own automation) to request creation of a volume group snapshot for multiple persistent volume claims. It contains information about the volume group snapshot operation such as the timestamp when the volume group snapshot was taken and whether it is ready to use. The creation and deletion of this object represents a desire to create or delete a cluster resource (a group snapshot).

VolumeGroupSnapshotContent

Created by the snapshot controller for a dynamically created VolumeGroupSnapshot. It contains information about the volume group snapshot including the volume group snapshot ID. This object represents a provisioned resource on the cluster (a group snapshot). The VolumeGroupSnapshotContent object binds to the VolumeGroupSnapshot for which it was created with a one-to-one mapping.

VolumeGroupSnapshotClass

Created by cluster administrators to describe how volume group snapshots should be created, including the driver information, the deletion policy, etc.

These three API kinds are defined as CustomResourceDefinitions (CRDs). These CRDs must be installed in a Kubernetes cluster for a CSI Driver to support volume group snapshots.

What components are needed to support volume group snapshots

Volume group snapshots are implemented in the external-snapshotter repository. Implementing volume group snapshots meant adding or changing several components:

• Added new CustomResourceDefinitions for VolumeGroupSnapshot and two supporting APIs.
• Volume group snapshot controller logic is added to the common snapshot controller.
• Adding logic to make CSI calls into the snapshotter sidecar controller.

The volume snapshot controller and CRDs are deployed once per cluster, while the sidecar is bundled with each CSI driver.

Therefore, it makes sense to deploy the volume snapshot controller and CRDs as a cluster addon.

The Kubernetes project recommends that Kubernetes distributors bundle and deploy the volume snapshot controller and CRDs as part of their Kubernetes cluster management process (independent of any CSI Driver).

What's new in Beta?

• The VolumeGroupSnapshot feature in CSI spec moved to GA in the v1.11.0 release.

• The snapshot validation webhook was deprecated in external-snapshotter v8.0.0 and it is now removed. Most of the validation webhook logic was added as validation rules into the CRDs. Minimum required Kubernetes version is 1.25 for these validation rules. One thing in the validation webhook not moved to CRDs is the prevention of creating multiple default volume snapshot classes and multiple default volume group snapshot classes for the same CSI driver. With the removal of the validation webhook, an error will still be raised when dynamically provisioning a VolumeSnapshot or VolumeGroupSnapshot when multiple default volume snapshot classes or multiple default volume group snapshot classes for the same CSI driver exist.

• The enable-volumegroup-snapshot flag in the snapshot-controller and the CSI snapshotter sidecar has been replaced by a feature gate. Since VolumeGroupSnapshot is a new API, the feature moves to Beta but the feature gate is disabled by default. To use this feature, enable the feature gate by adding the flag --feature-gates=CSIVolumeGroupSnapshot=true when starting the snapshot-controller and the CSI snapshotter sidecar.

• The logic to dynamically create the VolumeGroupSnapshot and its corresponding individual VolumeSnapshot and VolumeSnapshotContent objects are moved from the CSI snapshotter to the common snapshot-controller. New RBAC rules are added to the common snapshot-controller and some RBAC rules are removed from the CSI snapshotter sidecar accordingly.

How do I use Kubernetes volume group snapshots

Creating a new group snapshot with Kubernetes

Once a VolumeGroupSnapshotClass object is defined and you have volumes you want to snapshot together, you may request a new group snapshot by creating a VolumeGroupSnapshot object.

The source of the group snapshot specifies whether the underlying group snapshot should be dynamically created or if a pre-existing VolumeGroupSnapshotContent should be used.

A pre-existing VolumeGroupSnapshotContent is created by a cluster administrator. It contains the details of the real volume group snapshot on the storage system which is available for use by cluster users.

One of the following members in the source of the group snapshot must be set.

• selector - a label query over PersistentVolumeClaims that are to be grouped together for snapshotting. This selector will be used to match the label added to a PVC.
• volumeGroupSnapshotContentName - specifies the name of a pre-existing VolumeGroupSnapshotContent object representing an existing volume group snapshot.

Dynamically provision a group snapshot

In the following example, there are two PVCs.

NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE
pvc-0 Bound pvc-6e1f7d34-a5c5-4548-b104-01e72c72b9f2 100Mi RWO csi-hostpath-sc <unset> 2m15s
pvc-1 Bound pvc-abc640b3-2cc1-4c56-ad0c-4f0f0e636efa 100Mi RWO csi-hostpath-sc <unset> 2m7s

Label the PVCs.

% kubectl label pvc pvc-0 group=myGroup
persistentvolumeclaim/pvc-0 labeled

% kubectl label pvc pvc-1 group=myGroup
persistentvolumeclaim/pvc-1 labeled

For dynamic provisioning, a selector must be set so that the snapshot controller can find PVCs with the matching labels to be snapshotted together.

apiVersion: groupsnapshot.storage.k8s.io/v1beta1
kind: VolumeGroupSnapshot
metadata:
 name: snapshot-daily-20241217
 namespace: demo-namespace
spec:
 volumeGroupSnapshotClassName: csi-groupSnapclass
 source:
 selector:
 matchLabels:
 group: myGroup

In the VolumeGroupSnapshot spec, a user can specify the VolumeGroupSnapshotClass which has the information about which CSI driver should be used for creating the group snapshot. A VolumGroupSnapshotClass is required for dynamic provisioning.

apiVersion: groupsnapshot.storage.k8s.io/v1beta1
kind: VolumeGroupSnapshotClass
metadata:
 name: csi-groupSnapclass
 annotations:
 kubernetes.io/description: "Example group snapshot class"
driver: example.csi.k8s.io
deletionPolicy: Delete

As a result of the volume group snapshot creation, a corresponding VolumeGroupSnapshotContent object will be created with a volumeGroupSnapshotHandle pointing to a resource on the storage system.

Two individual volume snapshots will be created as part of the volume group snapshot creation.

NAME READYTOUSE SOURCEPVC RESTORESIZE SNAPSHOTCONTENT AGE
snapshot-0962a745b2bf930bb385b7b50c9b08af471f1a16780726de19429dd9c94eaca0 true pvc-0 100Mi snapcontent-0962a745b2bf930bb385b7b50c9b08af471f1a16780726de19429dd9c94eaca0 16m
snapshot-da577d76bd2106c410616b346b2e72440f6ec7b12a75156263b989192b78caff true pvc-1 100Mi snapcontent-da577d76bd2106c410616b346b2e72440f6ec7b12a75156263b989192b78caff 16m

Importing an existing group snapshot with Kubernetes

To import a pre-existing volume group snapshot into Kubernetes, you must also import the corresponding individual volume snapshots.

Identify the individual volume snapshot handles, manually construct a VolumeSnapshotContent object first, then create a VolumeSnapshot object pointing to the VolumeSnapshotContent object. Repeat this for every individual volume snapshot.

Then manually create a VolumeGroupSnapshotContent object, specifying the volumeGroupSnapshotHandle and individual volumeSnapshotHandles already existing on the storage system.

apiVersion: groupsnapshot.storage.k8s.io/v1beta1
kind: VolumeGroupSnapshotContent
metadata:
 name: static-group-content
spec:
 deletionPolicy: Delete
 driver: hostpath.csi.k8s.io
 source:
 groupSnapshotHandles:
 volumeGroupSnapshotHandle: e8779136-a93e-11ef-9549-66940726f2fd
 volumeSnapshotHandles:
 - e8779147-a93e-11ef-9549-66940726f2fd
 - e8783cd0-a93e-11ef-9549-66940726f2fd
 volumeGroupSnapshotRef:
 name: static-group-snapshot
 namespace: demo-namespace

After that create a VolumeGroupSnapshot object pointing to the VolumeGroupSnapshotContent object.

apiVersion: groupsnapshot.storage.k8s.io/v1beta1
kind: VolumeGroupSnapshot
metadata:
 name: static-group-snapshot
 namespace: demo-namespace
spec:
 source:
 volumeGroupSnapshotContentName: static-group-content

How to use group snapshot for restore in Kubernetes

At restore time, the user can request a new PersistentVolumeClaim to be created from a VolumeSnapshot object that is part of a VolumeGroupSnapshot. This will trigger provisioning of a new volume that is pre-populated with data from the specified snapshot. The user should repeat this until all volumes are created from all the snapshots that are part of a group snapshot.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
 name: examplepvc-restored-2024-12-17
 namespace: demo-namespace
spec:
 storageClassName: example-foo-nearline
 dataSource:
 name: snapshot-0962a745b2bf930bb385b7b50c9b08af471f1a16780726de19429dd9c94eaca0
 kind: VolumeSnapshot
 apiGroup: snapshot.storage.k8s.io
 accessModes:
 - ReadWriteOncePod
 resources:
 requests:
 storage: 100Mi # must be enough storage to fit the existing snapshot

As a storage vendor, how do I add support for group snapshots to my CSI driver?

To implement the volume group snapshot feature, a CSI driver must:

• Implement a new group controller service.
• Implement group controller RPCs: CreateVolumeGroupSnapshot, DeleteVolumeGroupSnapshot, and GetVolumeGroupSnapshot.
• Add group controller capability CREATE_DELETE_GET_VOLUME_GROUP_SNAPSHOT.

See the CSI spec and the Kubernetes-CSI Driver Developer Guide for more details.

As mentioned earlier, it is strongly recommended that Kubernetes distributors bundle and deploy the volume snapshot controller and CRDs as part of their Kubernetes cluster management process (independent of any CSI Driver).

As part of this recommended deployment process, the Kubernetes team provides a number of sidecar (helper) containers, including the external-snapshotter sidecar container which has been updated to support volume group snapshot.

The external-snapshotter watches the Kubernetes API server for VolumeGroupSnapshotContent objects, and triggers CreateVolumeGroupSnapshot and DeleteVolumeGroupSnapshot operations against a CSI endpoint.

What are the limitations?

The beta implementation of volume group snapshots for Kubernetes has the following limitations:

• Does not support reverting an existing PVC to an earlier state represented by a snapshot (only supports provisioning a new volume from a snapshot).
• No application consistency guarantees beyond any guarantees provided by the storage system (e.g. crash consistency). See this doc for more discussions on application consistency.

What's next?

Depending on feedback and adoption, the Kubernetes project plans to push the volume group snapshot implementation to general availability (GA) in a future release.

How can I learn more?

• The design spec for the volume group snapshot feature.
• The code repository for volume group snapshot APIs and controller.
• CSI documentation on the group snapshot feature.

How do I get involved?

This project, like all of Kubernetes, is the result of hard work by many contributors from diverse backgrounds working together. On behalf of SIG Storage, I would like to offer a huge thank you to the contributors who stepped up these last few quarters to help the project reach beta:

• Ben Swartzlander (bswartz)
• Cici Huang (cici37)
• Hemant Kumar (gnufied)
• James Defelice (jdef)
• Jan Šafránek (jsafrane)
• Madhu Rajanna (Madhu-1)
• Manish M Yathnalli (manishym)
• Michelle Au (msau42)
• Niels de Vos (nixpanic)
• Leonardo Cecchi (leonardoce)
• Rakshith R (Rakshith-R)
• Raunak Shah (RaunakShah)
• Saad Ali (saad-ali)
• Xing Yang (xing-yang)
• Yati Padia (yati1998)

For those interested in getting involved with the design and development of CSI or any part of the Kubernetes Storage system, join the Kubernetes Storage Special Interest Group (SIG). We always welcome new contributors.

We also hold regular Data Protection Working Group meetings. New attendees are welcome to join our discussions.

18 Dec 2024 12:00am GMT

Managing Kubernetes clusters efficiently is critical, especially as their size is growing. A significant challenge with large clusters is the memory overhead caused by list requests.

In the existing implementation, the kube-apiserver processes list requests by assembling the entire response in-memory before transmitting any data to the client. But what if the response body is substantial, say hundreds of megabytes? Additionally, imagine a scenario where multiple list requests flood in simultaneously, perhaps after a brief network outage. While API Priority and Fairness has proven to reasonably protect kube-apiserver from CPU overload, its impact is visibly smaller for memory protection. This can be explained by the differing nature of resource consumption by a single API request - the CPU usage at any given time is capped by a constant, whereas memory, being uncompressible, can grow proportionally with the number of processed objects and is unbounded. This situation poses a genuine risk, potentially overwhelming and crashing any kube-apiserver within seconds due to out-of-memory (OOM) conditions. To better visualize the issue, let's consider the below graph.

The graph shows the memory usage of a kube-apiserver during a synthetic test. (see the synthetic test section for more details). The results clearly show that increasing the number of informers significantly boosts the server's memory consumption. Notably, at approximately 16:40, the server crashed when serving only 16 informers.

Why does kube-apiserver allocate so much memory for list requests?

Our investigation revealed that this substantial memory allocation occurs because the server before sending the first byte to the client must:

• fetch data from the database,
• deserialize the data from its stored format,
• and finally construct the final response by converting and serializing the data into a client requested format

This sequence results in significant temporary memory consumption. The actual usage depends on many factors like the page size, applied filters (e.g. label selectors), query parameters, and sizes of individual objects.

Unfortunately, neither API Priority and Fairness nor Golang's garbage collection or Golang memory limits can prevent the system from exhausting memory under these conditions. The memory is allocated suddenly and rapidly, and just a few requests can quickly deplete the available memory, leading to resource exhaustion.

Depending on how the API server is run on the node, it might either be killed through OOM by the kernel when exceeding the configured memory limits during these uncontrolled spikes, or if limits are not configured it might have even worse impact on the control plane node. And worst, after the first API server failure, the same requests will likely hit another control plane node in an HA setup with probably the same impact. Potentially a situation that is hard to diagnose and hard to recover from.

Streaming list requests

Today, we're excited to announce a major improvement. With the graduation of the watch list feature to beta in Kubernetes 1.32, client-go users can opt-in (after explicitly enabling WatchListClient feature gate) to streaming lists by switching from list to (a special kind of) watch requests.

Watch requests are served from the watch cache, an in-memory cache designed to improve scalability of read operations. By streaming each item individually instead of returning the entire collection, the new method maintains constant memory overhead. The API server is bound by the maximum allowed size of an object in etcd plus a few additional allocations. This approach drastically reduces the temporary memory usage compared to traditional list requests, ensuring a more efficient and stable system, especially in clusters with a large number of objects of a given type or large average object sizes where despite paging memory consumption used to be high.

Building on the insight gained from the synthetic test (see the synthetic test, we developed an automated performance test to systematically evaluate the impact of the watch list feature. This test replicates the same scenario, generating a large number of Secrets with a large payload, and scaling the number of informers to simulate heavy list request patterns. The automated test is executed periodically to monitor memory usage of the server with the feature enabled and disabled.

The results showed significant improvements with the watch list feature enabled. With the feature turned on, the kube-apiserver's memory consumption stabilized at approximately 2 GB. By contrast, with the feature disabled, memory usage increased to approximately 20GB, a 10x increase! These results confirm the effectiveness of the new streaming API, which reduces the temporary memory footprint.

Enabling API Streaming for your component

Upgrade to Kubernetes 1.32. Make sure your cluster uses etcd in version 3.4.31+ or 3.5.13+. Change your client software to use watch lists. If your client code is written in Golang, you'll want to enable WatchListClient for client-go. For details on enabling that feature, read Introducing Feature Gates to Client-Go: Enhancing Flexibility and Control.

What's next?

In Kubernetes 1.32, the feature is enabled in kube-controller-manager by default despite its beta state. This will eventually be expanded to other core components like kube-scheduler or kubelet; once the feature becomes generally available, if not earlier. Other 3rd-party components are encouraged to opt-in to the feature during the beta phase, especially when they are at risk of accessing a large number of resources or kinds with potentially large object sizes.

For the time being, API Priority and Fairness assigns a reasonable small cost to list requests. This is necessary to allow enough parallelism for the average case where list requests are cheap enough. But it does not match the spiky exceptional situation of many and large objects. Once the majority of the Kubernetes ecosystem has switched to watch list, the list cost estimation can be changed to larger values without risking degraded performance in the average case, and with that increasing the protection against this kind of requests that can still hit the API server in the future.

The synthetic test

In order to reproduce the issue, we conducted a manual test to understand the impact of list requests on kube-apiserver memory usage. In the test, we created 400 Secrets, each containing 1 MB of data, and used informers to retrieve all Secrets.

The results were alarming, only 16 informers were needed to cause the test server to run out of memory and crash, demonstrating how quickly memory consumption can grow under such conditions.

Special shout out to @deads2k for his help in shaping this feature.

17 Dec 2024 12:00am GMT