What’s the point: GitLab, Python, and Kubevirt

By Julia Schmidt
-
What’s the point: GitLab, Python, and Kubevirt


Repository managing service GitLab has released versions 11.7.4 and 11.6.9 of their Community and Enterprise Editions. The updates include important security fixes, so installing them is strongly recommended.

One of the issues mitigated affects v11.7 and later and could allow users to view confidential issue and merge request titles of other projects. Another one makes v11.6 susceptible to cross site scripting attacks in user status. Details on both vulnerabilities will be made public in about 30 days as has become usual with GitLab security fixes.

Python

The results of the first ever Python Steering Council Election are in, which means Barry Warsaw, Brett Cannon, Carol Willing, Guido van Rossum, and Nick Coghlan are now the ones controlling the fate of the programming language until the next feature release. 69 of 96 eligible voters cast ballots to choose between the 17 nominated candidates.

The voter list was restricted to active Python core team members. Council members are able to resign any time – if they drop out and can’t be contacted for longer than a month, the council may vote for a replacement. The election had become necessary, because language creator Guido van Rossum stepped down as Benevolent Dictator for Life in 2018.

Initially he wanted to remove himself entirely from the decision process back then, since he needed “a very long break” and didn’t “ever want to have to fight so hard for a PEP [Python Enhancement Proposal] and find that so many people despise my decisions”. It therefore remains to be seen how often he’ll make his way onto the candidate list before he’ll withdraw from the core team.

KubeVirt

KubeVirt, an add-on for virtual machine management for Kubernetes, is now available in v0.14. The project can be used to, for example, declaratively schedule a VM on a Kubernetes cluster or create, stop and delete a predefined one.

With the version number bump comes support for generating cloud-init network configurations as well as ready and created conditions for operators. Other than that the team has updated CDI and the Kubernetes version used to 1.12, updated the documentation, and worked on stabilising the project.

AWS combines "building block" blueprints with CodeCatalyst for rapid project creation including DevO...
Atlassian takes another step toward full DevOps automation
Podman 5.0 released with native Mac hypervisor support, new features and breaking changes
GitHub autofix progresses to public beta: insecure code corrected with AI, but only for enterprise
Fermyon promises over 5000 WebAssembly applications on one Kubernetes node via new platform
Secret leakage in public GitHub repositories increasing, claims new report
Test launch of TEA open source reward project clouded by repository spam attack 
From Docker to Dagger: Solomon Hykes on modernisation of the DevOps pipeline
Kubecost 2.0 released as reports show persistent Kubernetes over-provisioning
Docker introduces Build Cloud for accelerated local development
Enterprises struggle with Agile methodology, reports long-standing survey of practitioners
Spotlight on GitHub self-hosted runners again as researcher demonstrates attack on PyTorch code