Introducing GNOME 3.30: “Almería", Great release video, and I'm there, in the photos part :D youtube.com/watch?v=bNA-Q8fQqT

I've just setted CI for Gtranslator \o/, @gitlab@twitter.com CI is great and combinig that with flatpak, it's really easy to generate binary bundle for testing purpose for each MR:
gitlab.gnome.org/danigm/gtrans

Some love for gtranslator gitlab.gnome.org/GNOME/gtransl

First step: meson, then flatpak, then remove all deprecated code

danigm boosted

GNOME Podcasts 0.4.5 is out!

@danigm added support for translations and the application is now on damned lies [1] infrastructure!

Initial translations support includes:

* Finish
* Polish
* Turkish
* Spanish
* German
* Galician
* Indonesian
* Korean

There are also a couple of bug fixes in the release along with further polishing of the UX.

Already available from Flathub! [2]

[1] l10n.gnome.org/module/podcasts
[2] flathub.org/apps/details/org.g

danigm boosted

De hecho, hay muchas formas de atacar un servidor que descomprima archivos tar: bugs.python.org/issue21109#msg

Por ejemplo, se puede atacar una web django que descomprima ficheros tar, metiendo un archivo en el tar con la ruta "../../../../../../../../usr/bin/ls" y sobreescribiría el fichero ls de ese servidor, siempre y cuando se esté ejecutando como root.

Esta es la vulnerabilidad, lwn.net/Vulnerabilities/587141 Así que cuidado al abrir *tar* en cosas hechas con python, si tienes rutas relativas dentro del tar "../" puedes conseguir sobreescribir cualquier archivo.

Un parche enviado en 2014, para evitar un problema de seguridad en tar en python, vuelve a la vida 4 años después: bugs.python.org/issue21109

I've been working on gnome-class to add GIR xml generation. I've something "working":
* gitlab.gnome.org/danigm/gnome-
* gitlab.gnome.org/danigm/gnome-
So write code in rust, this generates glib C-compatible binary lib and that can be called using GIR (gjs, python, etc)

Firmware update for my Lenovo from gnome software

Show more
Mastodon

Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!