apr 29, 2026
7 links from the engineering internet.
zed editor hits 1.0 after five years
zed reaches 1.0 after five years of work on a custom rust + gpu editor architecture. ships parallel multi-agent ai workflows, edit predictions, and a zed for business tier for team deployments.
copy fail: 732 bytes to root on every major linux distro (cve-2026-31431)
an unprivileged user can chain a flaw in the kernel's authenc crypto template with af_alg and splice() to write 4 bytes into any file's page cache, then escalate to root via setuid binaries on ubuntu, amazon linux, rhel, and suse. no race needed.
fedora 44 ships with sealed bootable container images
fedora 44 introduces sealed bootable container images built on unified kernel images and systemd-boot, plus stratis 3.9.0 which can add or remove encryption on existing storage pools without recreating them.
hashimoto pulls ghostty off github, citing platform reliability
mitchell hashimoto says github is too unreliable for serious work and is moving ghostty, his terminal emulator project, to a different host. he is evaluating commercial and foss alternatives, with a read-only mirror staying on github.
llm 0.32a0 ships: messages-and-parts model replaces prompts-and-strings
simon willison's llm library ships 0.32a0, a backwards-compatible rewrite that models inputs as a sequence of messages and outputs as a stream of typed parts (text, reasoning, tool calls, images). aligns the api with how modern llms actually work.
stanford team drops recursive multi-agent systems paper
the paper introduces a framework for multi-agent systems where agents can recursively spawn and coordinate sub-agents, posted to hugging face daily papers as one of apr 29's featured releases.
python packaging council formally approved
the python steering council approved a formal governance structure for packaging: a five-member elected council with authority over packaging standards and tools, ending years of ad-hoc decision-making.