Josse-posten

Twin earthquakes flatten parts of Caracas as a record heatwave grips Western Europe, Ukraine’s drones reach 1,400km into a fuel-starved Russia, and Anthropic accuses Alibaba of stealing Claude at “industrial scale.”

Twin magnitude 7.2 and 7.5 earthquakes devastate Venezuela

Rescuers carry a survivor from a collapsed building in Caracas. Photo: AFP

Two powerful earthquakes struck northern Venezuela seconds apart on Wednesday evening — a 7.2 followed roughly a minute later by a 7.5, with an epicentre about 200km west of Caracas. At least 32 people are confirmed dead and more than 700 injured, but the USGS warns the final toll could run far higher — into the thousands — given the country’s fragile infrastructure and ongoing humanitarian crisis. The 7.5 was the largest quake to hit Venezuela since 1900. The government declared a state of emergency, buildings collapsed across the capital, and rescuers are digging for survivors as aftershocks continue. A tsunami warning was issued for Puerto Rico and US Caribbean territories; the US said it is mobilising assistance. (Also covered in Norge.)

Ukraine’s strike campaign reaches record depth as Russia’s fuel crisis goes systemic

The Kapotnya refinery near Moscow — the capital’s only refinery, now offline until at least 2027 after Ukrainian drone strikes.

Ukraine struck the Orenburg Gas Processing Plant (~1,200km from the front) and the Ufa Oil Refinery (~1,400km) in what appear to be the campaign’s deepest strikes yet. Confirmed battle-damage assessments are mounting: Moscow’s Kapotnya refinery is offline until at least 2027, the Baltic Fleet arsenal near St. Petersburg lost 6,000 tons of ammunition, and two satellite communications centres were damaged. Russia is redeploying air defences from interior regions to ring Moscow and the Kerch Bridge — a sign the heartland is increasingly exposed. The pressure is now economic: Russian airline Azimuth warns aviation fuel has hit a “critical situation,” gasoline prices are at a 20-year high, and Moscow is negotiating emergency imports from Kazakhstan and India to cover a 25% production plunge. (Full frontline and Belarus coverage in Ukraine.)

Anthropic accuses Alibaba of illicitly extracting Claude at industrial scale

Anthropic has formally accused Chinese tech giant Alibaba of using fraudulent accounts to systematically extract capabilities from its Claude model — distilling the underlying intelligence through deceptive API access rather than developing it independently. Norway’s DN calls it “the largest known attack to date,” with Anthropic describing the operation as “illegal, systematic and at an industrial scale.” If proven, it would mark a significant case of corporate AI espionage, and it lands amid intensifying US–China friction over model supremacy and IP transfer. (More AI coverage in Tech & Science.)

Western Europe shatters heat records — UK and France hottest June days ever

A record-breaking heatwave gripped France, the UK and Spain, with parts of France hitting 40°C and West Sussex recording 35.8°C — the UK’s hottest June temperature since 1976. Paris hit 40.9°C, and France set a national record for highest single-day mean temperature (29.8°C). Red alerts covered 72 of France’s 96 mainland departments. The crisis exposed deep climate inequality — low-income concrete housing estates becoming heat traps, migrants in Paris left without shelter — and is forcing France to reconsider its cultural resistance to air conditioning. The heatwave is now spreading north and is expected to bring Norway its hottest days of the summer from Thursday. (Norwegian angle in Norge.)

Indicator Value Change
S&P 500 (f) 7,485.5 +0.77%
Dow 30 (f) 52,341 +0.12%
Nasdaq (f) 30,168 +2.22%
Russell 2000 (f) 3,021.8 +0.28%
VIX 17.99 -3.44%
Gold 3,999.3 -0.24%
BTC $61,817 -1.20%
EUR/USD 1.1355 0.00%
USD/NOK 9.8558 +0.03%
  • Nasdaq futures +2.22% — Anthropic’s espionage allegations against Alibaba may be boosting AI/tech sentiment; VIX sliding to 18 reflects receding war risk after Iran ceasefire progress.
  • Gold flat near $4,000 — Hormuz shipping uncertainty (IRGC warnings vs. successful tanker transits) keeping safe-haven demand in check without a clear breakout.

World

Trump–NATO rift deepens over Iran war; Congress rebukes war powers

NATO Secretary-General Mark Rutte meets Trump in the Oval Office, June 24. Photo: Aaron Schwartz/AFP

NATO Secretary-General Mark Rutte traveled to the White House to smooth mounting tensions between Trump and European allies over the Iran conflict, ahead of the annual summit. Trump publicly lambasted NATO members for insufficient participation in the war; Rutte countered that the use of US bases in Europe constitutes meaningful support. The friction comes a day after US lawmakers voted to rein in Trump’s unilateral military authority — the sharpest institutional pushback yet — even as the White House submitted a request for $87.6bn in supplemental spending, the bulk earmarked for “urgent” Iran war costs. Asked about a strike on an Iranian girls’ school, Trump said it may never be known who was responsible.

Post-war Iran: Ashura observed after Khamenei’s death; Hormuz shipping contested

Thousands gathered in Tehran to mark Ashura — the first observance since Supreme Leader Khamenei was killed in the US–Iran war. Iran’s Revolutionary Guard declared a new Oman/IMO-facilitated shipping lane through the Strait of Hormuz “unacceptable and dangerous,” warning that ships transiting without IRGC approval face risk; US crude dipped below $70/barrel as some tankers successfully transited. The IAEA’s Rafael Grossi confirmed inspectors will visit Iranian nuclear sites under terms being negotiated, though Tehran insists inspections form part of a comprehensive final deal, not a preliminary step. Complicating matters, Israeli Defence Minister Israel Katz confirmed the IDF will not withdraw from southern Lebanon — undercutting a key Iranian condition. Hundreds of ships worth $125bn that had been stuck near Hormuz for nearly four months are now being evacuated.

Trump-endorsed far-right candidate wins Colombia by a razor margin

Abelardo de la Espriella, a Trump-admiring far-right millionaire lawyer, narrowly defeated leftist senator Iván Cepeda in Colombia’s presidential runoff by less than a percentage point. Cepeda conceded. The result marks a sharp rightward shift for Latin America’s third-largest country, continuing the regional trend of polarised elections breaking toward nationalist right-wing figures.

Mamdani-backed candidates sweep New York Democratic primaries

Candidates backed by Zohran Mamdani won a clean sweep in New York City’s Democratic primaries, with Brad Lander unseating Israel-defender Dan Goldman in a race that exposed the city’s divisions over Gaza. The New York Times now characterises the 34-year-old Mamdani as the party’s new “kingmaker,” and the result is read as a test of whether his left coalition can translate energy from his mayoral run into broader electoral power. Republicans warn that the leftward shift should alarm voters.

Dozens of former Israeli prime ministers, generals and intelligence chiefs signed a leaked letter threatening legal action against the government, demanding it stop enabling “Jewish terrorism” and ethnic-cleansing ideology against Palestinians in the occupied West Bank. Separately, an independent UN inquiry concluded that Israeli forces deliberately killed Palestinian children and destroyed their childhoods — constituting war crimes — including after the October 2025 ceasefire. Over 20,000 children have been killed since October 2023; one researcher described “an entire society that is thoroughly traumatised.”

Bill Gates testified that Epstein blackmailed him over extramarital affairs

A transcript of Bill Gates’s closed-door congressional testimony reveals that he told lawmakers Jeffrey Epstein had made “veiled” threats to expose his extramarital affairs — effectively blackmail. This is the first time Gates has publicly confirmed Epstein leveraged personal information against him, adding to a growing body of evidence that Epstein operated a systematic blackmail network over powerful figures.

Also today

Europe
France calls for an ‘orderly’ drawdown of US military presence in Europe rather than a scramble to replace every capability — Politico
France confirms its first Ebola case — a doctor returned from the DRC outbreak that has killed over 260; public risk called “very low” — Guardian · BBC
EU’s decision to open direct talks with the Taliban sparks outrage among Afghan women — “a slap in the face” — Guardian
Rest of world
China claims a legal right to target its own citizens overseas under a new “ethnic unity” law — a major expansion of claimed extraterritorial jurisdiction — Reuters
Kenya passes a controversial finance bill two years after the deadly Gen Z protests; families still seek justice — Al Jazeera
Papua New Guinea faces a food crisis — up to 3 million at risk as El Niño brings frost and drought to the Highlands — Guardian
Meta is building a standalone AI-powered prediction-market app with play-money wagering — NPR
AI virtually unwraps a Vesuvius-burnt papyrus scroll, reading a lost Stoic philosophy text without unrolling it — Guardian

Ukraine

Belarus backs down, Moscow fortifies, refinery out for a year

Belarus disabled the Russian-installed signal repeaters on its border with Ukraine as of June 22, ahead of Zelensky’s June 26 ultimatum — de facto compliance that confirms Lukashenko is still resisting full military integration into Russia’s war. The Kremlin has been pressuring him to allow drone launches from Belarusian soil and extend the frontline westward, reportedly threatening to cut financial support; Lukashenko continues to thread the needle. Meanwhile Russia has ringed Moscow with S-400, S-500 and Pantsir systems in what Zelensky calls turning the capital into a “fortress,” and a US State Department assessment holds that Ukraine is “currently winning” the war.

US quietly removes Russians from sanctions; IOC opens door to Russian return

The US Treasury removed seven Russian individuals, two vessels and two Turkish companies from sanctions with no public explanation — an unusual, uncommented move. Separately, the IOC approved Olympic Charter amendments strengthening “political neutrality,” which Ukraine’s sports minister condemned as facilitating Russia’s return while the war continues. Against this backdrop Washington sends mixed signals: the State Department says Ukraine is winning, and Trump called Zelensky “doing pretty well,” even as negotiations remain stalled.

Frontline: 232 clashes in a day; Russia’s Kupyansk assault groups shrink to one or two men

232 combat clashes were recorded over the past day, with Pokrovsk the most contested (32 attacks), followed by Kostyantynivka, Slovyansk and Lyman — no significant territorial changes. The telling indicator is in the Kupyansk direction: heavy Ukrainian interdiction has forced Russian assault groups to shrink from 4–8 soldiers to 1–2, or switch to ATVs and motorcycles, with troops trekking 5–7km on foot to deliver ammunition. In the Oleksandrivka area, Russian reinforcements halted Ukrainian counterattacks, stabilising a sector that briefly looked vulnerable.

Also today

  • Kremlin spreading false claims that NATO is preparing to attack Russia — pre-justifying further escalation and mobilisation, per Ukraine’s counter-disinformation centre — Ukrinform
  • Russian opposition figure sentenced to prison for anti-war social media posts under wartime censorship laws — Al Jazeera

Norge

Skattekommisjonen foreslår 23 milliarder i netto skattekutt

Jens Stoltenberg-ledede skattekommisjon la onsdag frem rapporten sin — de største skatteendringene på ti år. Inntektsskatten kuttes med over 20 milliarder kroner gjennom lavere trygdeavgift og økt personfradrag, mens formuesskatten beholdes, men reduseres fra 1–1,1 % til 0,25–0,75 %. Til gjengjeld foreslås økt moms på kultur og reiseliv (12→15 %), ny kilometerskatt for alle biler inkludert elbiler, tredobling av botidskravet for skattefritt boligsalg (1→3 år), og utredning av digitalskatt på internasjonale teknologiselskaper. Rundt 65 000 pensjonister vil betale ca. 23 000 kroner mer per år. Rødt forlot kommisjonen før fremleggingen; Frp er åpen for forlik, men krever store kutt; gründermiljøet kaller forslaget «ekstremt skuffende», og stjerneøkonomen Thomas Piketty mener det er grunnleggende feil. På r/norge er poenget tilbakevendende: «kuttene» flytter regningen mer enn de krymper den.

To mineryddere fra Norsk Folkehjelp drept i Ukraina

To mineryddere som arbeidet på vegne av Norsk Folkehjelp ble drept i et russisk Iskander-M-missilangrep i Novopetrivka nær Kryvyj Rih onsdag. Begge var ukrainske statsborgere ansatt i en ukrainsk partnerorganisasjon; flere andre ble skadet. Generalsekretær Raymond Johansen understreket at ofrene bar klart merkede humanitære klær og kalte det en påminnelse om hvor farlig humanitært arbeid i konfliktsoner har blitt. Utviklingsminister Åsmund Aukrust (Ap) karakteriserte angrepet som «fullstendig uakseptabelt og et klart brudd på folkeretten». Norsk Folkehjelp har over 450 ansatte i Ukraina.

Putins skyggeflåte langs norskekysten vokser 175 prosent

Russiske sanksjonsbelagte skip gjennomførte 398 passeringer langs norskekysten fra januar til april 2026 — en økning på 175 % fra samme periode i fjor. Mange mangler gyldig forsikring (49 hadde falske papirer). Forskere advarer om en dobbelt risiko: miljøfaren fra dårlig vedlikeholdte tankere og hybridtrusler, ettersom noen skip slår av AIS-sporing nær norsk undervannsinfrastruktur som gassrørledninger og internettkabler. Norge har juridisk og praktisk kapasitet til å gripe inn, men har hittil vært tilbakeholden.

NRK

Riksrevisjonen slakter statens IKT-sikkerhet etter DDoS-angrep mot Digdir

Riksrevisjonen har funnet en rekke alvorlige svakheter i statens IKT-sikkerhetsprogram og kritiserer det for å ha «drevet med høy risiko». Kritikken kommer dagen etter at et DDoS-angrep mot Digdirs nettverksleverandør Vivicta slo ut åtte kritiske offentlige tjenester i helgen — inkludert ID-porten, MinID, Maskinporten, eInnsyn og Ansattporten. Angrepet medførte ingen sikkerhetsbrudd, og ingen persondata ble kompromittert; Datatilsynet og NSM ble varslet som rutine. I samme uke varsler digitaliseringsminister Karianne Tung ny nasjonal skypolitikk og strategi for åpen kildekode, for å redusere avhengigheten av enkeltleverandører.

DDoS-angrepet mot Digdirs nettverksleverandør la ned ID-porten og andre kritiske tjenester. Foto: Fredrik Hagen / NTB

Høyanger-vannskandalen: 15 år med ulovlige aluminiumsmålinger

Drikkevannet i Høyanger kommune (Kyrkjebø) inneholdt aluminiumsnivåer opp til 28 ganger grenseverdien, med dokumenterte avvik tilbake til 2011. Kommunen sendte skriftlig forsikring til innbyggerne om at vannet var trygt 2. juni — bare åtte dager før FHI oppdaget krisen og drikkeforbudet ble innført 18. juni. Barn under tre år ble innkalt til helsesjekk for mulig aluminiumsforgiftning. Over 300 innbyggere møtte opp på folkemøtet onsdag i en sal bygget for 120; mange måtte stå utenfor.

Norge — på grasrota

Skatteetatens chatbot sendte kvinne på fire timers bomtur

En kvinne i Nord-Troms spurte Skatteetatens chatbot før hun tok en fire timers busstur til Tromsø for å registrere flytting fra Sverige. Chatboten bekreftet at hennes svenske pass ville bli godtatt som ID. På kontoret ble det avvist blankt — «du kan ikke stole på en chatbot». Da kvinnen spurte på nytt, innrømmet samme chatbot: «Jeg har ikke nok data om hvilke ID-dokumenter vi godtar ved oppmøte.» Innleggsforfatteren mener saken er symptomatisk: Skatteetaten satte en KI-assistent i drift uten god nok kvalitetssikring, og kostnaden faller på borgere som med rimelighet venter at offentlige kanaler er til å stole på.

Shada-saka: viral barnevernsløgn endte i straffesak mot fylkespolitiker

«Shada-saka» er en årelang desinformasjonskampanje som feilaktig hevder at en tenåringsjente ble tvunget til prostitusjon og drept i det norske barnevernet — påstander dokumentert som oppdiktet av både VG og Faktisk.no. Likevel sendte Vestland-fylkespolitiker Bente Spissøy sensitive bilder fra saken til andre fylkestingsmedlemmer, med påstand om at hun bygget støtte for en drapsetterforskning. Politiet opprettet straffesak på eget initiativ (§267a — deling av krenkende bilder). Spissøy kaller etterforskningen «et alvorlig inngrep i fritt politisk arbeid». Saken viser hvordan desinformasjon kan få sitt eget politiske liv lenge etter at den er avkreftet.

Grasrota

  • Ny forskning: rundt 150 000 nordmenn har høyreekstreme sympatier — og tallet har økt siden løftet om et nasjonalt oppgjør etter 22. juli 2011, ifølge forsker Anders Ravik Jupskås — VG · Reddit
  • Kom inn uten mattekrav: 73–76 % av lærerstudentene som ble tatt opp uten mattekrav strøk på nasjonal eksamen, mot 16–19 % blant de sterkeste — Khrono · Reddit
  • Oslos anonyme rusanalysetjeneste på Lilletorget legges ned — fant livsfarlige stoffer som metonitazen, men mangler stabil finansiering; sosialbyråden frykter flere overdosedødsfall — NRK

Også i dag

Økonomi
SAS-streik avverget 15 timer på overtid — Fellesforbundet og Parat enige med NHO Luftfart, over 700 kabinansatte unngår streik — NRK · E24
Spanske Audax byr ca. 4,5 mrd. (≈40 % premie) på Elmera Group, eier av Fjordkraft — styret kjente ikke til prosessen og ser etter høyere bud — DN · E24
Vår Energi investerer 14 mrd. i tre nye undervannsfelt i Gjøa-området i Nordsjøen — DN
Sommervarme
Paris satte junirekord (40,9 °C); hetebølgen ventes å gi Norge sommerens høyeste temperaturer fra torsdag, og eksperter advarer om at Oslo blir en «varmeøy» — NRK
Vys 40 år gamle lokaltog på L1 og L2 svikter i varmen — ventilasjon og kompressorer slår ut, færre avganger i Oslo-området — TU
Kultur og sport
Tons of Rock dag 1: strømbrudd to ganger, Yungblud avlyser (erstattes av Joan Jett & The Blackhearts) — NRK · Aftenposten
VM 2026: Brasil tar gruppeseier med emosjonelt Neymar-comeback, Sør-Afrika til sluttspill for første gang, Haiti scorer turneringens vakreste mål — NRK · Aftenposten
Ishockeykeeper Henrik Haukeland (31) signerer med russiske Traktor Tsjeljabinsk — mister landslagsplassen — NRK
Krim og rett
Gutt (6) drept i påkjørsel på Kvernaland i Time kommune onsdag — NRK
Marius Borg Høiby anker ikke fengslingskjennelsen — sitter i varetekt i ytterligere fire uker — NRK

Tech & Science

Qualcomm acquires Modular — Lattner’s Mojo and MAX go to Qualcomm

Qualcomm is acquiring Modular Inc., Chris Lattner’s AI software infrastructure company behind the Mojo programming language and the MAX deployment framework. The deal, expected to close in H2 2026, combines Qualcomm’s chip leadership with Modular’s AI-native software platform. Lattner’s vision of a Python-compatible, high-performance language for AI/ML — and the MAX serving framework — now move under Qualcomm’s umbrella, with the strategic play being edge-to-cloud AI deployment across heterogeneous hardware.

OpenAI’s first custom inference chip “Jalapeño” targets Nvidia independence

OpenAI and Broadcom CEOs flanking a circular Jalapeño wafer.

OpenAI has unveiled Jalapeño, its first custom inference processor, co-designed with Broadcom. The chip targets inference workloads specifically, with early results showing “significantly better performance-per-watt than current state-of-the-art alternatives,” particularly for real-time coding models. Notably, OpenAI’s own AI models assisted in the chip’s development. Pre-training will continue on Nvidia hardware for now — this is a first step toward vertical integration on the inference stack.

Armin Ronacher: the two-loop AI coding model and what it costs us

Ronacher (Flask, Jinja) describes the emerging two-loop pattern in AI development: an inner agent loop (model calls tools until done) and an outer harness loop (a system that decides when work is truly finished and may restart the session with new instructions). He identifies tasks where loops work well — porting, benchmarking, security scanning — but warns against unattended loops producing code that is “too defensive, too complex, too local in its reasoning.” His core concern: as codebases increasingly require machines to comprehend and maintain them, how do human engineers retain meaningful oversight and enforce good engineering principles?

AI-generated PR spam is hitting open source like email spam hit inboxes in 2000

A study of the OpenClaw repository found weekly PRs exploded from 2 to 3,400 as AI coding agents flooded the repo, with merge rates collapsing from 48% to 9.3%. One contributor submitted 106 PRs in a single day; multiple agents independently submitted identical fixes, undermining the “many eyeballs” principle. Deep-understanding contributions (refactors) merged at 35% versus 9% for AI-generated features. The article argues reputation systems and vouch/trust mechanisms will become as essential to open source as spam filters were to email — a thesis that rhymes with a parallel Science.org finding that medical students are using AI research tools to flood journals with misleading studies.

Open weight models are ~50× cheaper than proprietary frontier — and labs may seek regulatory moats

An analysis argues that open weight models (e.g., DeepSeek V4) now cost roughly 50× less than comparable proprietary models from Anthropic and OpenAI, with frontier labs maintaining prices through access gating rather than genuine capability advantage. The author’s pointed concern: US labs may leverage “China fears” to push regulatory bans on open weight models as a competitive strategy rather than a safety one. American labs have largely exited the open-weight space, ceding it to international players.

Security researcher bypasses auth in J&J apps, accesses enterprise-wide audit data

A security researcher found two critical vulnerabilities in Johnson & Johnson web applications: a campus recruiting system exposed ~1,000 students’ data via hardcoded AWS API keys and no server-side auth validation; an enterprise audit tracking system (ATMS) spanning 20 J&J companies was fully accessible by spoofing credentials in localStorage. The ATMS breach exposed confidential audit data and meeting transcripts across J&J’s entire enterprise. The fix took 6+ months and required journalist intervention to force action — a governance failure as much as a technical one.

A $500M initiative proposes systematically ending respiratory infections

The Intercept Fund has published a proposal to eliminate respiratory infections by combining broad-spectrum preventatives (vaccines and antivirals covering multiple respiratory viruses simultaneously) with air-cleaning technologies (filtration and far-UVC light). Authors estimate respiratory infections consume roughly 5% of people’s lives annually and are calling for $500 million in coordinated development funding. Far-UVC in particular has strong safety data at wavelengths safe for continuous human exposure.

Also today

Models & tools
Google makes computer use a native built-in tool in Gemini 3.5 Flash, with adversarial prompt-injection training and confirmation gates — Google · HN
OpenAI and Anthropic race to be the next big AI IPO in SpaceX’s wake — “being first may matter” — E24
Estonia plans to be the first country to give AI agents their own official ID numbers — for tracking, accountability and oversight — Digi.no
Languages & platform
Free-threaded Python — LWN’s deep dive on where GIL removal stands (PEP 703) and the road to making it the default — LWN · Lobsters
HTTP gets a QUERY method — safe, idempotent, cacheable requests with a body, fixing the GET-can’t-carry-a-body problem — IETF Draft · Lobsters
Security & infrastructure
Ignoring DNSSEC is choosing to accept DNS man-in-the-middle attacks — Hugo Landau on why the risk is practical, not theoretical — whynothugo.nl · Lobsters
Germany’s rail network ground to a halt after routine IT maintenance went wrong — no cyberattack, just an internal error — Guardian

NixOS, Hyprland & Self-Hosting

Security advisory: NixOS MySQL module allows passwordless root login by local processes

The services.mysql NixOS module initialises MySQL in a way that lets any local unprivileged process (e.g. a web or CGI service) authenticate as root with no password — when using pkgs.mysql84 or pkgs.percona-server. MariaDB (the default) is unaffected. The fix is in current Unstable, 26.05 and 25.11, which now use socket peer-credential auth for new deployments. Existing systems need a manual migration: ALTER USER root@localhost IDENTIFIED WITH auth_socket; or set a root password. Test exposure with sudo -u nobody mysql -u root <<<'SELECT 1;'.

nixfmt 1.3.1 is now the standard formatter in nixpkgs CI

The NixOS formatting team shipped nixfmt 1.3.0 and 1.3.1 in quick succession, and both have landed in nixpkgs-ci — meaning all new nixpkgs PRs are now checked against this formatter version. The team plans to wait a few weeks before any further changes. If you contribute to nixpkgs or run nixfmt locally, upgrade to at least 1.3.1 to stay in sync with CI.

declarr: fully declarative *arr stack configuration with a NixOS module

declarr is an idempotent syncing engine that configures Sonarr, Radarr, Lidarr, Prowlarr and Jellyseerr from declarative JSON/YAML or Nix config files, using each app’s API. It auto-resolves human-readable names to numeric IDs and deletes any config not present in your declared state. The NixOS module (via flake input) wires everything under services.declarr. Compared to Buildarr or Recyclarr, it deliberately avoids heavy validation for a simpler, more hackable design. Credentials can be injected via environment variables or file paths — handy for reproducible media-server setups.

Winix: write NixOS/Home Manager configs in TypeScript, compile to a flake

Winix is a TypeScript frontend that lets you define your NixOS, nix-darwin and Home Manager configuration in TS and compiles it down to a standard Nix flake. It targets users who find Nix’s syntax and type system awkward after other languages. Outputs are regular Nix — no runtime dependency on Winix. Niche, but potentially interesting for teams or individuals more comfortable in TypeScript. (See also Zen, an experimental actor-based module system, in Also today.)

Home Assistant Matter support rebuilt on matter.js (TypeScript)

New Thread/Wi-Fi network topology map with color-coded link quality. Image: Home Assistant

Home Assistant has replaced its Python-based Matter server with matter.js, an open-source TypeScript implementation of the Matter 1.5.1 spec. Key improvements: faster device reconnections, better network stability, a new Thread/Wi-Fi network map with color-coded link quality, and certificate revocation checks during commissioning. Matter 1.6 support (cameras, doorbells, closures) is coming soon. Migration is automatic — existing setups carry over unchanged. Matter is now active in 38% of HA instances.

Hyprland’s config syntax shift to Lua is causing churn anxiety

A community thread reflects frustration with Hyprland’s recent hyprlang → Lua config migration and worries about future instability. The Lua transition is real: Hyprland 0.46+ uses hyprland.lua as the main config entrypoint, which means NixOS users must update their Nix-managed config generation. One silver lining from the thread: you can use Fennel (a Lisp that compiles to Lua) as a hyprland.lua frontend if you prefer a Lisp-style config.

Also today

Nix
Zen — an experimental actor-based Nix module system (actors, lenses, algebraic effects, real dependent types) in a ~100-line kernel — pad.lassul.us
Impermanence — community recommendations on what system paths to persist (/var/lib subtrees, machine-id, ssh host keys, logs) — NixOS Discourse
nixos-unstable stalled at commit 567a49d since June 16 — ~9 days with no movement, cause appears CI-related; consider pinning until it resumes — Reddit
Hyprland & Wayland
Riftbar 0.2.4 — Rust/GTK4 status bar for Hyprland, now with a fully working dbus system tray — Codeberg
bezel — per-edge-zone trackpad gesture daemon for Wayland (Rust, evdev), macOS-style edge swipes bound to commands, with a Nix package — GitHub
hstui — a TUI for managing hyprsunset night-light profiles without remembering hyprctl invocations — Reddit
“Are We GlobalShortcuts Yet?” — a tracker for which Wayland apps respect the sandboxed XDG GlobalShortcuts portal — areweglobalshortcutsyet
GIMP 0.54.1 from 1996 gets a working Flatpak package — software archaeology and a neat portability showcase — GitLab
Self-hosting
Hassette — async Python framework for Home Assistant automations with typed Pydantic config, a built-in test harness and hot-reloading — docs
ESPHome fan controller for a server cabinet — two thermostatic zones, every probe a native HA entity, fully open-source — GitHub
TIL: Shelly Plus/Gen3 devices can act as Bluetooth proxies for Home Assistant — free BLE coverage if you already run Shellys — Reddit
MDN launches an official MCP server — live web platform docs and browser-compat data for AI coding assistants (claude mcp add --transport http mdn https://mcp.mdn.mozilla.net/) — MDN Blog
Databasus PostgreSQL backup tool moves to PG 17 native incremental backups, cutting storage vs. full/differential — Reddit
Docmost shifting toward a closed-source commercial model — community wary of open-core bait-and-switch; Outline and AFFiNE remain fully open — Reddit
cd ~/repos/ratatosk && claude --resume 78a89484-3136-4543-94c4-22f3293f76f4