In this week’s issue of README Highlight (#41, 2023), we are taking a look at the following project: Jellyfin.

Jellyfin is a Free Software Media System that allows users to manage and stream media from a dedicated server to end-user devices via multiple apps. It is an alternative to proprietary media server solutions like Emby and Plex. What sets Jellyfin apart is its commitment to being an open-source project with no premium licenses, hidden agendas, or proprietary features.

Jellyfin is descended from Emby’s 3.5.2 release and has been ported to the .NET Core framework, enabling full cross-platform support. It puts users in control of their media, allowing them to organize and stream their media collection on various devices.

To get started with Jellyfin, users can visit the downloads page or refer to the installation guide and quick start guide. For those interested in contributing to the project, there is a contributing guide and community standards available.

Jellyfin supports all major operating systems except FreeBSD and requires the installation of the .NET 7.0 SDK. Users can choose to run Jellyfin with an IDE like Visual Studio or Visual Studio Code, or run it from the command line. The repository also includes unit tests that can be run using dotnet test or in Visual Studio or Visual Studio Code.

For more information about Jellyfin and its features, users can refer to the documentation page and about page. The project also has a feature request hub for users to suggest new ideas or improvements.

Jellyfin is an open-source project supported by DigitalOcean and JetBrains. Users who want to contribute to the project can check out the contributing choose-your-own-adventure to find ways to help and contribute to the project.

In conclusion, Jellyfin is a powerful and open-source media system that gives users full control over their media collection. With its cross-platform support and active community, Jellyfin is a great choice for those interested in managing and streaming media from their own dedicated server.

For more details about Jellyfin, please visit the Jellyfin README.

Uptime Kuma has released version 1.23.3, bringing several bug fixes and security enhancements. This update includes important changes that users need to be aware of.

First and foremost, due to the security fix in this version, all login sessions will be logged out after updating. This is a necessary measure to ensure the security of the system. Users will need to log in again with their credentials to access the platform.

It is worth noting that if you are using any unofficial or third-party tools with Uptime Kuma, there is a possibility of breaking changes with this update. In such cases, it may be necessary to re-generate an authentication token to ensure seamless integration with these tools.

Now let’s take a closer look at the bug fixes included in this release:

• Fixed an issue where notifications were not working if the configuration was too long. This bug has been resolved thanks to the contribution of @FJBlok.
• Enabled the status page certificate expiry badge for all HTTP(s) monitors. This improvement was made possible by the work of @marvinruder.
• Addressed Kafka producer bugs, ensuring smoother operation of this feature. This fix was made possible by the contributions of @mhkarimi1383.
• Fixed an issue with the incorrect usage of x-forwarded-host. This bug has been resolved thanks to the efforts of @xuexb.
• Resolved a race condition issue in the status page editor, ensuring that all data is saved correctly. This fix was made possible by the contribution of @chakflying.

In addition to these bug fixes, version 1.23.3 also includes security enhancements. One of the notable security fixes is the resolution of a persistent session tokens issue. Previously, there was no way to revoke session tokens even if the password was changed. With this update, users can now revoke session tokens by changing their password. For more information on this security fix, you can refer to the advisory GHSA-g9v2-wqcj-j99g.

Orange Pi has released new versions of its single board computers, the Orange Pi 5, Orange Pi 5B, and Orange Pi 5 Plus, with 32GB of RAM. These boards are powered by the Rockchip RK3588S or RK3588 octa-core Cortex-A76/A55 SoC. The addition of 32GB RAM is the only change made to the boards. Pre-orders are currently available on Amazon, with shipping scheduled to start by October 31.

Source: CNX Software – Embedded Systems News.

openSUSE has announced the availability of Leap Micro 5.5, the latest version of its modern lightweight host operating system. Leap Micro 5.5 is essentially a rebranded version of SLE Micro, so all the documents and release notes from SLE Micro 5.5 are applicable to Leap Micro as well.

It’s important to note that with the release of Leap Micro 5.5, Leap Micro 5.3 has reached its End of Life (EOL). Users of Leap Micro 5.3 are strongly advised to upgrade to either the Leap Micro 5.4 or 5.5 release to ensure access to the latest features, security enhancements, and ongoing support.

One of the standout features of Leap Micro 5.5 is its enhanced support for SELinux. Security-Enhanced Linux (SELinux) now includes podman-docker and hyper-v support for AArch64, providing users with a more robust and secure computing experience. Leap Micro 5.5 also includes podman 4.4, which introduces podman quadlets. Users can check out the Nextcloud deployment using quadlets to explore this feature. Additionally, Leap Micro ships with podman-docker, a podman wrapper that can be used together with docker-compose.

The container management interface Cockpit has also received notable improvements in version 298. Users can now use Cockpit to manage all of their home workloads, providing a more convenient management solution.

For users new to the immutable OS space, which consists of systems with read-only /root, there is a transactional update guide available to help navigate the update process. Additionally, users can use the Toolbox tool to install additional software without the need for a reboot, making it particularly useful for debugging scenarios where a reboot is not feasible.

Flux CD, a tool for keeping Kubernetes clusters in sync with sources of configuration like Git, has released version 2.1.2. This patch release comes with various fixes and improvements to provide users with the best experience.

One of the key fixes in this release is the faster recovery of resources such as Kustomization and HelmRelease when the source-controller has restarted and is working on restoring storage. Additionally, the source-controller now prevents failing to reconcile OCIRepositories when artifacts contain symlinks.

Another important fix addresses an issue with the helm-controller miss-labeling Custom Resource Definitions. Flux now also detects immutable field errors in Google Cloud resources managed by Kustomizations, improving the overall stability and reliability of the system.

The CLI has also seen some updates. The error reporting for flux bootstrap has been enhanced when the owner doesn’t match the identity associated with the given token. Furthermore, the flux pull artifact command now allows fetching OCI artifacts produced by other tools.

Here are the components and CLI changes in Flux CD v2.1.2:

Components Changelog

• source-controller v1.1.2
• kustomize-controller v1.1.1
• helm-controller v0.36.2

CLI Changelog

• PR #4324 - @somtochiama - bootstrap: Fix error msg when the Git token doesn’t match the repo owner
• PR #4323 - @stefanprodan - e2e: Update Go dependencies
• PR #4313 - @fluxcdbot - Update toolkit components
• PR #4296 - @Skarlso - fix: only wait for changeset if the result is not empty
• PR #4285 - @matheuscscp - Add badge for SLSA Level 3
• PR #4284 - @errordeveloper - Make flux pull work for OCI artifacts produced by other tools

Flux CD users are highly encouraged to upgrade to version 2.1.2 to benefit from these fixes and improvements.

MakerWorld’s open beta has been live for 20 days, and in that time, it has gained significant support from creators and users. The platform has acquired numerous models and has been actively addressing bugs, receiving feedback, and resolving complaints. To showcase the platform’s growth, a set of charts has been provided.

One challenge MakerWorld has faced is the misunderstanding regarding the robot named Bean Overlord. Many users have reported that Bean has been farming points by uploading an excessive number of profiles. However, Bean is actually part of Bambu Lab’s test farm, and the profiles it uploads are the result of extensive testing of new hardware, firmware, slicer settings, and filaments. To address this issue, MakerWorld plans to introduce a feature that allows profile uploaders to donate their incentives to the model creators. Additionally, future updates will require profile uploaders to include a photo of the actual printed result to ensure quality.

Complaints have also arisen regarding model sharing on MakerWorld. While the platform has implemented a Creative Commons License option and requires users to provide source and author information when sharing models, there have been violations of this policy. Some users have copied images and descriptions that are not under the CC umbrella, and some model creators are uncomfortable with their CC models being shared freely. As a result, MakerWorld has decided to temporarily disable the Share function and will seek input from the community to develop better moderation policies before reintroducing the feature.

In order to prevent exploitation of the platform’s rules, MakerWorld will be implementing a manual review process during the incentive redemption phase. Accounts that repeatedly violate the rules will face penalties, including the deduction of incentives and account deletion.

MakerWorld values feedback and opinions from its users and is committed to continuously improving the platform. The adjustments mentioned above have been made based on constructive feedback received through social media comments, platform reports, and emails. Users are encouraged to provide additional suggestions or concerns through the support system of MakerWorld.