📬 Open Source & Linux Weekly - W142026

👨🏻‍💻 What I Wrote this Week

95 Million Downloads. Poisoned by Its Own Security Scanner.

You never installed LiteLLM. CrewAI did. For 5 hours on March 24, every Python process on your machine was stealing your AWS keys, SSH credentials, and Kubernetes tokens.

Medium Link | Canartuc.com Link

12.5 Million Downloads a Month. She’s Never Seen Her Code on a Screen.

A visually impaired developer in Copenhagen maintains pypandoc, a top 1% Python package with 12.5M monthly downloads used by Adobe, Google, and Microsoft

Medium Link | Canartuc.com Link

The Field Is Optional. The Death Threats Were Not.

He added an optional date field to Linux software. Nobody has to fill it in. Nobody checks it. His Social Security number ended up on 4chan.

Medium Link | Canartuc.com Link

⚡ TL;DR

This week, a security scanner designed to protect cloud infrastructure handed 340 GB of European Commission data to extortionists, one of the most popular HTTP clients on npm got backdoored by North Korean operatives who cloned a company founder's likeness, and Linux gaming crossed 5% market share because a handheld console did what decades of desktop advocacy could not.

The European Commission learned something this week that every CI/CD engineer already suspected: your security scanner is a liability. TeamPCP's Trivy compromise reached government infrastructure on March 19. By March 24, Amazon API calls looked wrong. By March 28, ShinyHunters had 340 GB on a leak site. The attack path is so clean: compromised a scanner, harvested AWS credentials via the Security Token Service, created new access keys for persistence, and exfiltrated everything. Mandiant says 1,000+ SaaS environments. vx-underground estimates 500,000 credential exfiltrations. The numbers keep climbing. Meanwhile, a completely separate North Korean operation hit the Axios npm package (over 100 million weekly downloads) through social engineering, so the attacker cloned a company founder's identity. Two independent, concurrent supply chain campaigns targeting different ecosystems with different methods. There is no precedent for this.

On the Linux side, 5.33% on Steam. Linux doubled macOS's market share on the platform where it was supposed to never compete. The 3.10 percentage point monthly jump is the largest in Steam survey history, and SteamOS is the engine behind it. But the real story is everything converging at once: Linux 7.0-rc7 ships this weekend, and whether Torvalds calls it clean determines if Ubuntu 26.04 LTS and Fedora 44 ship on schedule. Canonical raised the RAM floor to 6 GB (higher than Windows 11), made PipeWire a Snap (meaning de-snapping now breaks audio), and is shipping modified GNOME 50 as a Wayland-only release. Greg Kroah-Hartman told The Register that AI bug reports stopped being slop "about a month ago" and nobody knows why. Torvalds noticed the same thing independently. The kernel is getting better because machines are reading it.

On the open source side, PHP's BSD 3-Clause licensing vote closed at 51-0-2. Zero no votes across three weeks. Google released Gemma 4 under Apache 2.0, the first Gemma that is actually open source by any reasonable definition. The Document Foundation told the Euro-Office initiative that if your "sovereign" office suite uses Microsoft's format natively, the sovereignty is marketing. Nine AppArmor vulnerabilities dating back to 2017 were assigned CVEs. HarfBuzz shipped GPU-accelerated text rendering. And the man who wrote the text-shaping engine running on billions of devices was once held in solitary confinement in Evin Prison for his open-source work. Every week, the distance between software and the world that depends on it gets shorter.

🐧 Linux

Linux Crosses 5% on Steam for the First Time, More Than Doubles macOS

Valve's March 2026 Steam Hardware and Software Survey shows Linux at 5.33% of the total user base, up from 2.23% in February (a month skewed by a Simplified Chinese survey anomaly). That is a 3.10 percentage point monthly jump, the largest single-month gain in Steam survey history. SteamOS accounts for 24.48% of the Linux install base and is the primary driver. Linux is now more than double macOS at 2.35%. Windows declined to 92.33%, with significant migration from Windows 10 (25.36%) to Windows 11 (66.85%). Five percent is not a tipping point. But it is the floor that game developers and anti-cheat providers can no longer ignore.

Linux 7.0-rc7 Expected This Weekend, Release Date Determines Ubuntu and Fedora Schedules

Networking subsystem fixes for Linux 7.0-rc7 shipped April 2, ahead of the expected Sunday (April 5) release. The headline fix addresses a long-standing performance bug in Qualcomm Ath11k and Ath12k WiFi drivers where a request to stop an AMPDU session for one TID could incorrectly affect other active sessions, reducing throughput. This bug has existed since 2019. rc6 (March 29) carried an unexpectedly heavy patch count, reversing the calm trend from rc5. Torvalds commented that rc5's calming was "a mirage" and speculated AI tools may be surfacing more bugs. If rc7 is clean, stable Linux 7.0 releases April 12. An rc8 would push it to April 19, giving Fedora 44 (April 14) negative time and Ubuntu 26.04 LTS (April 23) only four days.

Ubuntu 26.04 LTS Raises RAM to 6 GB, Ships PipeWire as Snap, Locks Down the Stack

Ubuntu 26.04 LTS raises the minimum desktop RAM requirement from 4 GB to 6 GB, the first RAM increase since 2018. Ubuntu now exceeds Windows 11 on RAM requirements (6 GB vs. 4 GB) while needing less disk (25 GB vs. 64 GB). The Ubuntu version of GNOME 50 ships as a Wayland-only session. PipeWire is distributed as a Snap package, meaning removing snapd breaks audio. This is the first Ubuntu LTS release in which a fully "de-snapped" system is not achievable without losing core functionality. The Security Center now enables permissions prompting for Snap applications, bringing Snap security closer to the mobile app permission model. Canonical is making a clear strategic choice: more integrated, more secure, less flexible.

Greg Kroah-Hartman: AI Bug Reports Stopped Being Slop "About a Month Ago" and Nobody Knows Why

Linux kernel maintainer Greg Kroah-Hartman told The Register at KubeCon Europe that AI-driven code review activity has "really jumped" in a way no one expected. Previously, kernel maintainers received "AI slop," obviously wrong or low-quality AI-generated security reports. Something changed. "We have real reports. All open source projects have real reports that are made with AI, but they're good, and they're real." When asked what caused the shift, he was blunt: "We don't know. Nobody seems to know why." Torvalds echoed this in his rc6 release notes, speculating that AI tools may explain the unusually heavy late-cycle patch volume. The networking and BPF subsystem maintainers have been using LLM-generated reviews for a while. The DRM people and Google's Sashiko tool are consolidating all of those into a single interface. Kroah-Hartman's own experiments: 60 AI-generated patches, one-third wrong, two-thirds right.

CrackArmor: Nine AppArmor Vulnerabilities Since 2017 Get CVEs, Affect 12 Million+ Linux Systems

Qualys Threat Research Unit discovered nine confused deputy vulnerabilities in AppArmor that allow unprivileged users to bypass kernel protections, escalate to root, and break container isolation. All nine have been assigned CVEs as of April 1. These flaws have existed since kernel v4.11 (2017) and affect 12.6 million systems globally. AppArmor is the default mandatory access control mechanism for Ubuntu, Debian, SUSE, and numerous cloud platforms including Kubernetes, IoT, and edge environments. The practical impact ranges from denial of service and kernel memory information leaks to the removal of security controls and full local privilege escalation to root. Patches are available. The fact that nine vulnerabilities in Linux's mandatory access control system existed undetected for nine years says something about the state of kernel security auditing before the AI code review tools Kroah-Hartman mentioned.

Ubuntu CVE-2026-3888: Snapd Timing Bug Lets Local Attackers Gain Root

CVE-2026-3888 (CVSS 7.8) allows an unprivileged local attacker to gain root through the interaction of snap-confine and systemd-tmpfiles. The exploit relies on systemd's cleanup daemon deleting /tmp/.snap after a configurable period (10 to 30 days depending on Ubuntu version). Once deleted, an attacker recreates the directory with malicious payloads. During the next sandbox initialization, snap-confine bind-mounts these files as root. Canonical patched it in snapd across supported Ubuntu releases, including development builds of 26.04. Related note: Canonical also reverted the default rm implementation in Ubuntu 25.10 to GNU coreutils after a race condition in the Rust-based uutils posed additional risk in cron-driven cleanup jobs. The Snap integration story and the security story keep colliding.

Rust DRM Abstractions and NVIDIA Nova Driver Additions Queued for Linux 7.1

DRM Rust changes sent for DRM-Next ahead of the Linux 7.1 merge window include a reworked DMA coherent API, GPU buddy allocator abstractions in Rust, DRM shared memory GEM helper abstractions, I/O infrastructure improvements, and workqueue enhancements. The experimental NVIDIA Nova Core driver (the Rust-written successor to Nouveau) receives major updates: more Turing GPU enablement, GPU System Processor command queue hardening, large RPC support, refactored Falcon firmware handling, and DebugFS support. Nova is progressing from skeleton to functional driver framework. Combined with Canonical's Rust coreutils strategy and Rust's formal graduation from experimental kernel status in 7.0, the pattern is clear: Rust in Linux is no longer a kernel-only experiment but a distribution-level commitment.

Artix Linux Ships XLibre as Default X Server, First Major Rolling Distro to Do So

Artix Linux ISO 2026.04.02 makes XLibre the default X server, becoming the first major rolling-release distribution to ship it officially. XLibre is a fork of X.org created by Enrico Weigelt (Metux IT Consult) in June 2025 after Red Hat's Wayland-first push left X.org without adequate maintenance. Current version: xlibre-xserver 25.1.2. Xorg remains installable manually. KDE Plasma offers a choice between Wayland or XLibre sessions. Artix also ships PipeWire (replacing PulseAudio) and supports multiple init systems (OpenRC, runit, s6, dinit). While Ubuntu, Fedora, GNOME, and SteamOS all default to Wayland, Artix chooses maintenance independence for users who need or prefer X11 with continued security patches.

Wayland xdg-session-management Protocol Sees Rapid Adoption Across Desktop Stack

The xdg-session-management Wayland protocol, merged March 23 after six years in development, is seeing rapid ecosystem adoption. Chromium merged initial support for browser window state save and restore. GNOME Mutter merged its implementation. KDE's KWin has a draft implementation. Mozilla filed a tracking bug for Firefox. The protocol enables automatic session save and restore for window position, size, and state, eliminating one of the most cited gaps between Wayland and X11. Three major implementations landing within a week of the protocol merge is unusual speed for the Wayland ecosystem.

MX Linux Rejects Age Verification, Joins Growing Distribution Pushback

MX Linux publicly rejected implementing age verification at the operating system level in response to US legislation (California's AB 1043, effective January 2027). The team stated they have "no intention of implementing such measures," citing privacy concerns, impracticality for non-commercial open source distributions, and conflict with open source principles. Parrot Linux has taken a similar stance. The broader question of how these laws apply to non-commercial open source operating systems remains unresolved pending court challenges. The pattern from systemd birthDate controversy (March 18), through Garuda Linux's jurisdictional statement (March 24), to MX Linux and Parrot Linux this week is clear: non-US distributions are refusing voluntary compliance.

Ubuntu MATE Founder Steps Back After 12 Years, No LTS for 26.04

Martin Wimpress, who founded Ubuntu MATE in 2014, announced he is stepping down. "I don't have the passion for the project that I once had," Wimpress wrote. Ubuntu MATE did not apply for LTS qualification for 26.04, meaning there will be no Ubuntu MATE 26.04 LTS release. The project is actively seeking new maintainers. Ubuntu MATE fills a specific niche: a traditional desktop experience on Ubuntu for users who find GNOME too opinionated. Without a 26.04 LTS, that niche is served by Linux Mint MATE and Fedora MATE spin. Wimpress's departure is honest and handled well. The project's viability depends on whether new maintainers step up before the next LTS cycle.

Linux Gems

Arch Linux April 2026 ISO Ships Archinstall 4.1 with Textual TUI

Arch Linux 2026.04.01 ships with the Archinstall 4.1 text-based installer, which replaced the old curses-based interface with a modern TUI built on the Textual framework. New in 4.1: the NVIDIA proprietary driver option is removed (nvidia-dkms replaced by nvidia-open-dkms in repos), and users get a warning when a desktop profile's greeter needs a regular user to log in. Firewalld zone-based firewall management is now integrated. The Textual TUI is a genuine usability improvement for anyone who reinstalls or tests Arch regularly. Asynchronous menus make the process noticeably faster.

sched_ext Roadmap: GPU Awareness, Energy-Aware Abstractions, Composable Schedulers

Andrea Righi of NVIDIA shared the sched_ext development roadmap for 2026. Planned features include GPU-aware scheduling for GPU-bound workloads, energy-aware abstractions exposing the kernel's Energy Model to BPF programs via a new netlink interface, hierarchical schedulers, composable scheduler designs, Rust reimplementation of some C code paths, and BPF hot-path optimizations. GPU-aware scheduling is the feature to watch. Current Linux scheduling treats GPU workloads as CPU tasks with occasional device waits. Making the scheduler aware of GPU state (memory pressure, compute queue depth, thermal limits) would change scheduling decisions for ML training, rendering, and gaming workloads. Targets Linux 7.1+ merge windows.

AerynOS 2026.03 Brings GNOME 50 and KDE Plasma 6.6.3

AerynOS (formerly Serpent OS), the from-scratch Linux distribution, released 2026.03 with GNOME 50, KDE Plasma 6.6.3, Wayland 1.25, Qt 6.11, FFmpeg 8.1, Mesa 26.0.3, and a refreshed Moss package manager. Still alpha, but the project is building its own package management, build system, and distribution infrastructure from scratch. If you want to see what a modern Linux distribution looks like without inheriting decades of packaging decisions, AerynOS is the one to follow.

🤓 Can's Take: Linux This Week

The Linux 7.0 release timeline is creating cascading dependencies that will test how well the biggest distributions handle compressed integration windows. Ubuntu 26.04 LTS (April 23) and Fedora 44 (April 14) are both awaiting the stable Linux 7.0 release. An April 12 release gives Fedora two days. An April 19 release gives Fedora negative time. Two of the three largest desktop Linux distributions shipping a major kernel version within days of each other is unusual. Any remaining 7.0 regressions will be hit by a large user population at the same time. The Qualcomm WiFi driver fix (a bug present since 2019) being resolved this late illustrates why Torvalds flagged rc6's patch volume as concerning.

AI-assisted bug finding is reshaping how kernel releases unfold in real time. Both Kroah-Hartman ("AI bug reports aren't slop anymore") and Torvalds ("I wonder if some of it is just AI tools being better") independently noted a quality shift. If AI tools are now systematically surfacing real bugs that older static analysis missed, kernel development enters a structural transition: higher late-cycle fix volumes become the new normal rather than a one-time anomaly. The question is whether this resolves into a brief "catch-up" period in which AI finds the backlog, or a permanent state in which AI continuously finds more than humans can review.

Ubuntu 26.04 LTS is Canonical's most opinionated release in years. Three simultaneous platform shifts (post-quantum crypto, Rust coreutils, Wayland-only) from the previous weeks are now joined by a 6 GB RAM requirement exceeding Windows 11 and PipeWire-as-Snap, making de-snapping break audio. Meanwhile, the CrackArmor AppArmor vulnerabilities (nine bugs, nine years, 12 million systems) and the snapd privilege escalation both landed in the same release cycle. Canonical is tightening the stack while the stack keeps discovering it was never as tight as it claimed. In the coming months, we will probably see Linux Mint being based on Debian rather than Ubuntu: https://linuxmint.com/download_lmde.php . They have been running both versions in parallel (Ubuntu and Debian) for a while, and Linux Mint is completely doing "de-snapped" and using Flatpak.

🧩 Open Source

TeamPCP Supply Chain Campaign Reaches Government Infrastructure: European Commission AWS Breached, 1,000+ SaaS Environments Confirmed

CERT-EU published an advisory on April 3 confirming that the European Commission's Europa web hosting platform on AWS was breached through TeamPCP's Trivy supply chain compromise (CVE-2026-33634). The Commission's CI/CD pipeline pulled a compromised Trivy version on March 19. The Security Operations Centre detected suspicious Amazon API activity on March 24, notified CERT-EU on March 25, and by March 28 ShinyHunters had published the stolen dataset on its dark web leak site. Approximately 340 GB of data was exfiltrated, including 51,992 files of outbound email and personal data from European Commission websites. Up to 71 hosted clients were affected. The attackers deployed TruffleHog to validate AWS credentials via Security Token Service, then created new access keys for persistent access. Separately, Mandiant CTO Charles Carmakal confirmed Google's incident response team knew of "over 1,000 impacted SaaS environments," adding the number would "probably expand into another 500, another 1,000, maybe another 10,000." Sportradar AG was confirmed as a joint TeamPCP/Vect ransomware victim, exposing 26,000 users, 23,169 athlete records, and 328 API key pairs. This is now the most consequential open source supply chain attack ever documented.

North Korean Group UNC1069 Compromises Axios npm Package in Separate Supply Chain Attack

Google's Threat Intelligence Group attributed a supply chain compromise of the Axios npm package to UNC1069, a financially motivated North Korean threat actor active since 2018. On March 31, two trojanized versions (1.14.1 and 0.30.4) were pushed to npm within 40 minutes via social engineering of the package maintainer. The attacker introduced a malicious dependency called "plain-crypto-js" that deployed the WAVESHAPER.V2 cross-platform backdoor. Wiz estimates Axios is present in approximately 80% of cloud and code environments, with the package receiving over 100 million weekly downloads. The malicious versions were removed within three hours. The maintainer confirmed the attackers "cloned a company founder's likeness" and the company itself in a targeted social engineering campaign. Two concurrent, unrelated supply chain campaigns (TeamPCP and UNC1069) targeting major package registries in the same two-week window has no recent precedent.

Google Releases Gemma 4 Under Apache 2.0, First Genuinely Open Source Gemma

Google announced Gemma 4 on April 2 at Google Cloud Next, marking the first Gemma release under the standard Apache 2.0 license. Previous Gemma releases used a custom policy with clauses Google could update at any time. No MAU limits, no acceptable use policies, unrestricted commercial redistribution. Four model variants ship (E2B, E4B, 26B MoE, and 31B Dense) with native vision, audio input, and over 140 languages. The 31B Dense model ranks third among open models on the LM Arena leaderboard (1452 Elo). Hugging Face CEO Clement Delangue called the licensing shift "a huge milestone." Since launch, Gemma has been downloaded over 400 million times with 100,000+ community variants. A performance issue surfaced post-launch: the 26B MoE variant runs at 11 tokens/sec versus 60+ for Qwen 3.5 on equivalent hardware. The licensing shift matters more than the benchmarks. Gemma reaches licensing parity with Qwen and Mistral Small 4 (both Apache 2.0) and becomes more permissive than Meta's Llama models.

PHP BSD 3-Clause Relicense Vote Closes at 51-0-2, Ending 26 Years of Custom Licensing

The PHP community vote to relicense from the PHP License 3.01 and Zend Engine License 2.00 to BSD 3-Clause closed April 4 with 51 yes votes, 0 no, and 2 abstentions, far exceeding the two-thirds supermajority threshold. The change takes effect in PHP 9.0. The switch eliminates one of the last major custom-license holdouts in open source, resolving a GPL incompatibility issue in the Zend Engine License that has been a compliance friction point for 26 years. BSD 3-Clause is a standard SPDX identifier recognized by all major compliance tooling. Zero opposition across a three-week voting period. Ben Ramsey coordinated legal sign-off from The PHP Group, Zend/Perforce, and external counsel over months of patient groundwork. This is governance done right.

Document Foundation Challenges Euro-Office: ODF Must Be Native Format for Real Sovereignty

The Document Foundation published a pointed response on April 1 to the Euro-Office initiative (a coalition of IONOS, Nextcloud, and others building European office software), welcoming its intent but questioning whether it will achieve genuine independence from Microsoft. The foundation's core argument: if Euro-Office uses OOXML as its native document format, European digital sovereignty remains "subordinate to architectural decisions made in Redmond." ODF, an ISO standard controlled by no single company, is already mandated by Germany's Deutschland-Stack (announced March 19-20) and approved by the EU Commission. A follow-up post on April 2 explained the ODF/OOXML distinction for non-technical readers. The timing is deliberate. Germany's Deutschland-Stack mandated ODF and PDF/UA as the two document formats for all German public administration with a 2028 implementation target. The Document Foundation is using Germany's precedent to pressure Euro-Office before architecture finalization.

HarfBuzz 14.0 Ships GPU-Accelerated Text Rendering Library

HarfBuzz 14.0, released April 1, ships libharfbuzz-gpu, a new library for GPU-accelerated text rasterization using the Slug algorithm. Glyph outlines are encoded on the CPU into compact blobs that the GPU decodes and rasterizes directly in the fragment shader, eliminating the traditional bitmap atlas approach. The library supports GLSL, WGSL, Metal MSL, and HLSL shaders for cross-platform coverage across Vulkan, WebGPU, Metal, and DirectX. A new hb-gpu utility demonstrates interactive GPU text rendering, and a live web demo runs via WebGPU. HarfBuzz is the text shaping engine used by virtually every major application stack: Firefox, Chrome, Android, GNOME, KDE, LibreOffice, and many others. If browsers, game engines, and UI toolkits adopt this approach, text rendering changes at the architectural level. Text scales to arbitrary sizes without re-rasterization, memory usage drops, and rendering quality stays consistent across resolutions.

Nginx 1.29.7 Ships Multipath TCP, Open-Sources Session Persistence, Patches Six CVEs

Nginx 1.29.7, released March 24, is a substantial mainline update. The headline feature is Multipath TCP support, allowing connections to use multiple network paths simultaneously. Session persistence via cookies, previously exclusive to the commercial Nginx Plus product, is now available in open source Nginx (added in 1.29.6). The default proxy HTTP version is upgraded to HTTP/1.1 with keep-alive enabled. Six security vulnerabilities are patched: buffer overflows in ngx_http_dav_module (CVE-2026-27654) and ngx_http_mp4_module (CVE-2026-27784, CVE-2026-32647), mail session authentication flaws (CVE-2026-27651, CVE-2026-28753), and an OCSP result bypass in stream (CVE-2026-28755). Cookie-based session persistence was one of the key features justifying Nginx Plus pricing. Releasing it to the open source version narrows the gap between free and commercial Nginx.

OpenSSH 10.3 Patches Shell Injection, Drops Legacy Rekeying Compatibility

OpenSSH 10.3, released April 2, patches five security vulnerabilities. The most significant: a shell injection flaw where metacharacters in usernames could expand through %-tokens in ssh_config before validation, allowing arbitrary command execution in configurations using %u tokens in Match exec blocks. A second fix addresses the -J (ProxyJump) option where user and host names were not validated against shell injection. Other fixes cover incorrect certificate principal matching with commas, ECDSA algorithm enforcement failures, and scp setuid/setgid bit preservation when running as root. The release also drops backward compatibility for SSH implementations that do not support rekeying. If you run SSH servers with Match exec blocks using %u tokens, patch now.

OpenClaw Becomes Most-Starred GitHub Repository, Faces Critical Security Vulnerabilities

OpenClaw surpassed React in early March 2026, crossing 250,000 GitHub stars to become the most-starred software repository in GitHub history, reaching this from near-zero in roughly 60 days. Security concerns followed rapidly. CVE-2026-25253 (CVSS 8.8) is a WebSocket authentication RCE where the app accepted a gatewayUrl query parameter without user confirmation, leaking the auth token. Over 40,000 instances were found exposed at disclosure, growing to 135,000+ afterward. The ClawHavoc campaign targeted the ClawHub plugin marketplace: security audits found over 800 malicious skills across the registry, with 91% combining prompt injection with traditional malware. The primary payload is Atomic Stealer (AMOS), a macOS infostealer. OpenClaw moved to an independent 501(c)(3) foundation with OpenAI as sponsor, but bylaws and governance charters remain unpublished. 250,000 stars in 60 days with 135,000+ exposed instances, a CVSS 8.8 RCE, and 800+ malicious marketplace plugins. Velocity without maturity.

Supply Chain Security Reports Converge: 454,648 New Malicious Packages in 2025, 65% of CVEs Unscored

Three major supply chain security reports published within weeks of each other converge on the same conclusion: vulnerability discovery outpaces remediation. Sonatype counted 454,648 new malicious packages in 2025 (75% year-over-year increase) with cumulative totals exceeding 1.233 million across npm, PyPI, Maven Central, NuGet, and Hugging Face. Kaspersky found 65% of OSS CVEs lack CVSS scores, with 46% of unscored CVEs rating High if scored. Median time to assign a CVSS score is 41 days while proof-of-concept exploits appear within one week. Chainguard's container data shows a 145% increase in unique CVEs quarter-over-quarter. The AI dimension adds a new vector: 45% of AI-generated code contains OWASP Top 10 flaws (Kaspersky), and GPT-5 hallucinated 27.8% of component versions (Sonatype). Three independent reports, same conclusion. The methodological bias argument is gone.

Open Source Gems

Servo 0.0.6 Released with Layout and Developer Tools Improvements

Servo 0.0.6, the Rust-based web rendering engine, shipped March 31 with partial support for lazy loading iframes, @property rules, and most of the Pointer Events API. The servoshell browser adds a servo:config preferences page and F5 reload support. Images now rotate according to EXIF metadata by default. Complete source tarballs are included for offline builds. Servo is the long-term insurance policy against browser engine monoculture. Each release incrementally closes the gap with production web standards compliance. The 0.0.6 numbering undersells the maturity; the Pointer Events API implementation alone enables a significant class of interactive web applications. If you build desktop applications that need a web view without bundling Chromium's 100+ MB runtime, Servo's lightweight embedding story is worth evaluating.

GIMP 3.2.2, Krita 5.3.1/6.0.1, FreeCAD 1.1: Open Source Creative Tools Had a Big Week

GIMP 3.2.2 shipped tightening non-destructive workflows, improving PSD and PaintShop Pro import, and fixing regressions from 3.2. Krita delivered 5.3.1 and 6.0.1 as quick follow-ups to its twin 5.3.0/6.0.0 releases (the 6.0 branch is the first on Qt 6 with expanded Wayland support). FreeCAD 1.1 landed with transparent Part Design previews, a new CAM tool-library system, three-point lighting, interactive draggers for fillets and chamfers, and improved Wayland support. All three projects are shipping production-quality creative tools on Linux. The Wayland support across all three makes the Linux desktop a more viable workstation for digital art and CAD in a week where Wayland-only became the default.

Qwen 3.6 Plus Advances Agentic Coding, But Marks Alibaba's Shift Toward Closed Models

Alibaba released Qwen 3.6 Plus, a multimodal large-language model built for "agentic coding" with iterative code writing, testing, and troubleshooting. Benchmarks show it matching or slightly exceeding Claude Opus 4.5 on several coding and agent tasks, including SWE-bench, while supporting a 1M-token context window. Unlike the earlier Qwen 3 open-weight family (Apache 2.0), Qwen 3.6 Plus is a closed-source commercial model available via API through Alibaba Cloud and OpenRouter. Within the last week, developer guides began treating the Qwen 3.5 open-weight models as the default open-weight choice for coding-heavy workloads. Combined with Gemma 4's Apache 2.0 move, the open-weight tier of Qwen and Google's models now ship under genuinely open licenses, even as Alibaba's flagship models move in the opposite direction.

🤓 Can's Take: Open Source This Week

Two concurrent supply chain campaigns define a new threat model. TeamPCP (five ecosystems, 1,000+ SaaS environments, governmental infrastructure) and UNC1069/Axios (100M+ weekly npm downloads, state-backed social engineering) are separate operations that run simultaneously within the same two-week window. Dependency management strategies must now account for multiple concurrent threats operating through different vectors (PyPI, npm, GitHub Actions) with different objectives (credential harvesting vs. financial exfiltration) and different operational models (automated CI/CD credential chains vs. targeted social engineering of individual maintainers). The assumption that supply chain attacks are isolated incidents is no longer tenable. And the 41-day median delay between CVSS scoring and one-week proof-of-concept exploit availability means attackers have a 34-day window during which defenders lack standardized severity assessments.

Google's Gemma 4 licensing shift, combined with the Qwen 3/3.5 open-weight family under Apache 2.0 and GLM-5.1 under MIT, creates a genuine open source AI competition in the mid-tier. Three of the most capable open model families are now on identical or equivalent licensing terms, while Meta's Llama retains a custom license with commercial caps and competitor restrictions. Alibaba's flagship Qwen 3.6 Plus remains closed-source (API-only). The open licensing trend holds for mid-range models but not for frontier releases. For enterprise compliance teams, the open-weight tier eliminates the primary objection. The competition shifts from licensing to inference performance, where Gemma's 26B MoE at 11 tokens/sec versus Qwen 3.5's 60+ tokens/sec is a meaningful gap. Licensing parity without performance parity limits production adoption, but the licensing precedent is set. The industry is moving toward genuinely open terms at the mid-tier, even as frontier models diverge.

PHP's unanimous license vote deserves attention not for PHP itself, but for what it reveals about open source governance. 51-0-2 across three weeks. Zero opposition. After 26 years of a custom license that confused everyone. Ben Ramsey's multi-month coordination across The PHP Group, Zend/Perforce, and external legal counsel produced the kind of sustained stakeholder alignment that projects with far louder governance crises have failed to achieve. The contrast with OpenClaw (250K stars, unpublished bylaws, 800+ malicious plugins) is instructive. Stars grow faster than governance. They always do.

🔍 Spotlight

Behdad Esfahbod - HarfBuzz

Behdad Esfahbod created HarfBuzz, the open source text-shaping engine used by virtually every major application stack: Firefox, Chrome, Android, GNOME, KDE, LibreOffice, Adobe Photoshop, Illustrator, Figma, PlayStation, Unreal Engine, smart TVs, and car displays. If software displays text on your screen, there is a good chance HarfBuzz is involved. He won a gold medal at the International Olympiad in Informatics in 2000, moved from Iran to Canada in 2003, and spent the next two decades building the infrastructure that makes the world's writing systems work on computers. He served as president of the GNOME Foundation from 2008 to 2009, worked at Red Hat, then Google, then Facebook.

With HarfBuzz 14.0, released this week, Esfahbod introduced GPU-accelerated text rendering using the Slug algorithm, a potential architectural shift for how computers display text. In January 2020, during a visit to Tehran, he was arrested by the Islamic Revolutionary Guards Corps, held in solitary confinement in Evin prison for seven days, and psychologically pressured to serve as an informant on expatriate networks and open source communities. He publicly disclosed this in August 2020.

His long-term goal since the late 1990s has been to make Persian work correctly in computer software, and since the mid-2000s, that focus expanded to international text rendering in general. HarfBuzz handles the complex transformation from Unicode text to positioned glyphs for scripts from Arabic and Devanagari to CJK and emoji. The text on billions of devices depends on his work. This week, that work took another step forward. The man they tried to silence in Evin prison just shipped GPU-accelerated text rendering to the world.

If you need me, I will be raising my RAM to 6 GB so Ubuntu will let me log in, cloning a company founder's likeness so I can social-engineer my own npm packages, and trying to figure out why AI bug reports suddenly got good and nobody, not even the people receiving them, can explain it.

Have a great week!