** Mitchell Hashimoto (founder of HashiCorp) has announced that the **Ghostty terminal emulator**, originally hosted on GitHub, will be moved to a new, independent repository and will no longer be maintained there. The decision is driven by concerns over GitHub’s changing governance and licensing policies, which Hashimoto feels could jeopardize the project’s long‑term independence. This move reflects a broader trend of open‑source maintainers seeking more control over their codebases and licensing models. **中文:** Mitchell Hashimoto(HashiCorp 创始人)宣布,原本托管在 GitHub 的 **Ghostty 终端模拟器** 将搬到独立仓库,并不再在 GitHub 上维护。原因在于对 GitHub 政策变动的担忧,可能威胁项目的长期独立性。此举凸显了越来越多的开源维护者希望自行掌控代码仓库和许可证的趋势。
--- **Article 2** **ENGLISH:** The article reminisces about the early era of version control before GitHub’s dominance, highlighting tools like **CVS, SVN, and Bitbucket**, and the community dynamics that shaped collaborative coding. It explains how those early platforms lacked modern features such as pull‑requests and issue tracking, leading developers to build work‑arounds that later influenced GitHub’s design. The narrative underscores how historical constraints fostered innovative practices that still echo in today’s developer ecosystems. **中文:** 文章回顾了 GitHub 成为主流之前的版本控制时代,重点提到 **CVS、SVN、Bitbucket** 等工具以及当时的协作文化。由于缺乏拉请求和问题跟踪等现代功能,开发者们只能自行创建解决方案,这些早期创新对后来的 GitHub 设计产生了影响,说明历史限制正是当代开发实践的根源。
--- **Article 3** **ENGLISH:** A recent “Carrot Disclosure” blog post reveals a newly discovered security flaw in **Forgejo**, a self‑hosted Git service written in Go. The vulnerability permits remote code execution when an attacker can upload a specially crafted repository, and the author provides a detailed proof‑of‑concept and mitigation steps. The post emphasizes the importance of timely patching for self‑hosted services, especially those used by enterprises that cannot rely on managed platforms. **中文:** “Carrot Disclosure” 的最新博客文章披露了 **Forgejo**(Go 编写的自托管 Git 服务)中的新发现安全漏洞。攻击者通过上传精心构造的仓库可实现远程代码执行,并提供了 PoC 与缓解措施的详细说明。文章强调及时修补自托管服务的重要性,尤其是对无法依赖托管平台的企业用户。
**Article 4** **ENGLISH:** In an interview with **Stratechery**, OpenAI CEO Sam Altman and AWS CEO Matt Garman discuss the upcoming integration of OpenAI models into **Amazon Bedrock**, describing it as a strategic partnership that expands accessible AI services for enterprises. They discuss implications for model licensing, cost structures, and the competitive landscape, noting that Bedrock’s managed‑agent framework could accelerate AI adoption across AWS customers. The conversation also touches on concerns about vendor lock‑in and the need for open standards. **中文:** 在与 **Stratechery** 的采访中,OpenAI CEO Sam Altman 与 AWS CEO Matt Garman 讨论了 OpenAI 模型即将加入 **Amazon Bedrock** 的合作前景,称其为扩大 AI 服务可访问性的战略举措。双方分析了合作对模型授权、费用结构以及竞争格局的影响,指出 Bedrock 的托管代理框架有望加速 AWS 客户的 AI 落地。同时,他们也提到了供应商锁定问题,呼吁推动开放标准。
**Article 5** **ENGLISH:** Puget Systems reviews the **Intel Arc Pro B70**, Intel’s newest mid‑range GPU aimed at professional workloads such as CAD and AI inference. The review covers benchmark performance against NVIDIA’s RTX series, power consumption, driver stability, and price‑to‑performance ratio. It concludes that while the B70 offers competitive rasterization capabilities, its compute performance and ecosystem support still lag behind established competitors. **中文:** Puget Systems 对全新 **Intel Arc Pro B70** 进行测评,该显卡面向 CAD 与 AI 推理等专业工作负载。文章详细对比了其在栅格化、计算性能、功耗以及价格效能上的表现,指出与 NVIDIA RTX 系列相比,B70 在光栅化方面具竞争力,但在计算密度和生态支撑方面仍落后于既有方案。
**Article 6** **ENGLISH:** The satirical piece “I Won a Championship That Doesn’t Exist” describes a fictional personal achievement—a made‑up national championship—by compiling fabricated evidence, press releases, and social media posts. The author uses humor to critique the culture of prestige‑chasing and the ease with which false credentials can be propagated online. It also serves as a reminder of the importance of verification and critical consumption of digital content. **中文:** 文章《我获得了一个不存在的冠军》讲述作者如何凭虚构的全国冠军头衔编造“证据”、新闻稿和社交媒体内容来炫耀。此举讽刺了追求荣誉的网络文化,以及虚假成就可以轻易传播的现象,提醒读者在数字内容消费时需保持核实与批判的态度。
**Article 7** **ENGLISH:** A Quantamagazine feature reports on **behavioral timescale synaptic plasticity**, a newly identified neuroplasticity mechanism that can rewire brain circuits after a single experience. The article explains the experimental methodology, the brain regions involved, and potential implications for understanding learning, memory disorders, and brain‑machine interfaces. It also discusses how this discovery may reshape computational models of cognition. **中文:** Quantamagazine 报道了一种全新的神经可塑性机制——**行为时标突触可塑性**,该机制在单次体验后即可重塑脑部回路。文章详细阐述了其实验方法、涉及的脑区,以及对学习、记忆障碍以及脑机接口的潜在影响,进而指出该发现可能对认知计算模型产生深远影响。
**Article 8** **ENGLISH:** The article introduces **CJIT** (“C, Just in Time”), a lightweight just‑in‑time compiler for the C programming language that aims to bring dynamic optimization to traditional compiled code. It describes the design goals, the performance gains observed on microbenchmarks, and the challenges of integrating CJIT with existing C toolchains. The author also outlines future work, including support for C++ and broader optimizations. **中文:** 文章介绍了 **CJIT**(即 “C, Just in Time”)——一种面向 C 语言的轻量级即时编译器,目标是为传统编译代码提供动态优化。文章阐述了其设计目标、在微基准测试中取得的性能提升,以及与现有 C 工具链集成的挑战,并展望了对 C++ 的支持及更广泛优化的未来计划。
**Article 9** **ENGLISH:** A security blog by **Wiz** publishes a thorough breakdown of **CVE‑2026‑3854**, a critical remote code execution vulnerability affecting GitHub’s core services. The post walks through the exploit chain, the underlying code flaw, and the patch released by GitHub, while also highlighting the broader implications for platform security and supply‑chain risk. It urges developers to update dependencies and adopt hardened CI/CD practices. **中文:** 安全公司 **Wiz** 发布了对 **CVE‑2026‑3854** 的深入拆解——一种影响 GitHub 核心服务的远程代码执行漏洞。文章详细描述了漏洞利用链、底层代码缺陷以及 GitHub 发布的补丁,并分析了其对平台安全和供应链风险的深远影响,呼吁开发者更新依赖、强化 CI/CD 流程。
**Article 10** **ENGLISH:** An advocacy site argues that upcoming Android OS updates will increasingly restrict user‑level control, effectively “taking back” ownership of devices from owners. It outlines the technical mechanisms (e.g., verified boot, privileged system partitions) and the legal ramifications of reduced device sovereignty. The article calls for community resistance and invites developers to join the “Keep Android Open” movement to preserve user freedoms. **中文:** 倡导网站指出即将到来的 Android 系统更新将进一步限制用户级别的控制权,实际上在“夺回”设备所有者的所有权。文章详细解释了技术手段(如经过认证的启动、特权系统分区)以及因设备主权下降可能带来的法律后果,呼吁社区抵抗,并邀请开发者加入 “Keep Android Open” 运动,以维护用户自由。