Huginn Daily

Wednesday, May 6, 2026

a9296d34-d69d-40a2-9743-1e5810a7b238

Weather

XKCD

Other

• The fossil fuel underneath your food 

  When the Strait of Hormuz closed, it did not just raise the price of petrol. It revealed the hidden energy bill of every meal on every table

  By Nicolas Netien

  On 28 February this year, the war between the United States, Israel and Iran turned the Strait of Hormuz into the most fought-over stretch of water on the planet. Within days, tanker traffic collapsed by more than 90 per cent. On April 13, the United States Navy formalised a blockade of Iranian ports. Negotiations in Islamabad failed.

  Most commentary has treated this as an energy story. It is also a food story. The Strait does not only carry about 20 per cent of the world’s oil and liquefied natural gas. It carries between 20 and 30 per cent of the world’s traded fertilisers, along with much of the natural gas used to manufacture the rest. Those shipments feed the fields that feed us.

  From gas wells to grain fields 

  Gulf countries account for nearly 49 per cent of global urea exports, around 30 per cent of ammonia exports, and close to half of all traded sulphur. When QatarEnergy announced in March that it was halting downstream urea production because it could not move its LNG out, the ripple reached wheat fields across the Northern Hemisphere within weeks. Middle East granular urea rose from roughly 450 dollars a tonne before the war to over 700, a jump of about fifty percent. European gas prices nearly doubled, and since natural gas makes up seventy to eighty percent of the production cost of nitrogen fertilisers, the two numbers move together. 

  FAO Chief Economist Máximo Torero called the disruption “one of the most rapid and severe disruptions to global commodity flows in recent times.” The UN World Food Programme estimates that if oil stays above $100 a barrel beyond June, an additional 45 million people could face acute hunger. “The clock is ticking,” Torero said. “We are in an input crisis. We don’t want to make it a catastrophe.” 

  The reason a Gulf crisis moves into kitchens so quickly is structural. The Haber-Bosch process, the industrial reaction that converts natural gas into synthetic nitrogen fertiliser, feeds roughly half the people alive today. It also consumes between 1 and 2 per cent of all the energy humanity uses in a year. Our food supply has quietly become a derivative of the natural gas market. In the most intensive agricultural systems, it takes 7 to 10 calories of fossil energy to produce a single calorie of food. Traditional and smallholder farming runs on far less. But the industrial model is the one that produces most of what moves in global trade, including the cereals and soybean meal that Cyprus imports to feed its own animals. When we buy that feed, we buy its embedded fossil fuel too. 

  The Cyprus balance sheet 

  For us, the Hormuz shock arrives on top of our own structural problems. Cyprus imports most of its cereals. In 2024 domestic cereal production was about 29,000 tonnes, against a historical average of roughly 180,000. Our animal feed sector is built largely on imported grain and imported soybean meal, the latter of which the European Union as a whole is only around three per cent self-sufficient in by protein. When world feed prices rise, Cypriot livestock farmers feel it faster than almost anyone else in Europe.

  The first piece of good news in a while is the weather. The winter of 2025 to 2026 has delivered genuinely meaningful rainfall. Reservoir storage, which stood at a catastrophic 13.7 per cent of capacity in February, had climbed to 35.3 per cent by April 9, more than 11 percentage points above the same date last year. The Tamassos dam overflowed on 2 April. Fields across the island are visibly green. A decent cereal harvest is now on the cards. The senior engineer at the Water Development Department, Marios Hadjicostis, was not exaggerating when he called the season’s inflows “life-saving.” 

  None of this means the structural crisis is over. Cyprus still has the highest Water Exploitation Index in the European Union at 71 per cent, against a severe scarcity threshold of 40. Our temperatures are rising roughly twenty per cent faster than the global average, and rainfall is down around fifteen per cent since 1901. One wet winter is weather. Four consecutive drought years is climate. 

  And then there is the livestock sector. The foot-and-mouth outbreak that spread from the north into Larnaca district in February has led to the culling of more than 30,000 animals and a grazing ban that pushed farmers onto imported feed, precisely as Hormuz pushed feed prices up. One shock exposed the other. 

  A quieter statistic sits under all of this. According to the European Medicines Agency’s ESVAC data, Cyprus sells more veterinary antibiotics per kilogram of livestock than any other country in Europe, at 254.7 mg per population correction unit. Iceland uses 4.4. Denmark uses 34. The Cypriot number describes a sector that manages disease through chemistry rather than through system design. Confinement, stress, and routine mass medication are the conditions that produce that kind of figure. They are also the conditions that make an outbreak like foot-and-mouth so devastating when it arrives. 

  The pattern on the crop side is similar. Ninety-nine per cent of synthetic pesticides are derived from petroleum feedstocks, making them another fossil fuel product hiding in our food. According to Eurostat, Cyprus was the second-highest user of pesticides per hectare in the EU and while the island has made strides toward organic targets, the legacy of intensive use remains stubborn.

  Historical data has shown residue exceedances at five times the EU average. A peer-reviewed study by the Organiko LIFE+ project, published in PLOS One, found that switching Cypriot primary school children to an organic diet significantly reduced pesticide biomarkers in their urine and lowered oxidative stress.

  When the inputs are petroleum-derived, the health cost is not only environmental. It is personal, and it is measurable in the bodies of our children. 

  What a less dependent food system actually looks like 

  The alternative is not a return to subsistence. It is a set of well-documented farming practices that reduce the number of failure points between a Cypriot farmer and a container ship in a war zone. 

  Start with the soil. No-till farming, in which crops are sown directly into undisturbed ground rather than ploughed fields, cuts fuel consumption by 50 to 80 per cent compared to conventional tillage.

  But the gains go well beyond diesel.

  In Mediterranean field trials, no-till systems have been shown to retain significantly more soil moisture than ploughed land, with durum wheat studies in southern Italy showing that no-till outperforms conventional tillage specifically when rainfall drops below 300 millimetres during the growing cycle.

  Dryland modelling studies have estimated a 21 to 26 per cent wheat yield increase from the improved spring soil moisture alone. For an island where water is the binding constraint on agriculture, this matters as much as any dam or desalination plant. 

  No-till also builds soil organic matter over time. In the low-organic-matter soils typical of the eastern Mediterranean, where levels often sit below 1 per cent, even modest gains in organic carbon translate directly into improved water-holding capacity and nutrient cycling. It is not a fast process, but it compounds.

  In the soils across the Mesaoria plain and much of Cyprus, each percentage point of organic matter gained can hold an additional 70,000 to 100,000 litres of water per hectare in the topsoil alone. In a country that rations water, that is not a marginal gain. 

  Then there is nitrogen. Legumes, through their symbiosis with Rhizobium bacteria, fix atmospheric nitrogen into the soil for free, at rates ranging from 50 to over 200 kilograms per hectare per year depending on species and conditions. Vetch-barley and vetch-oat mixes, fava bean, chickpea and lentil are all species that thrive in Cypriot conditions and were part of the island’s traditional rotations within living memory.

  Every kilogram of nitrogen fixed biologically is a kilogram not manufactured from natural gas, not shipped through a contested strait and not subject to the pricing power of a commodity market in crisis. 

  Then there are the animals. Mixed crop and livestock systems, where animals are rotated through fields as part of the cropping cycle, close the nutrient loop. Grazing animals convert crop residues and cover crops into manure, which feeds soil biology, which feeds the next crop. The animals benefit too: rotational grazing breaks parasite cycles, reduces chronic stress, and with it the need for routine antibiotics. This is how most of Cyprus farmed until the second half of the twentieth century. It is also, according to a 2022 meta-analysis in ecological economics, on average more profitable than conventional monoculture even after accounting for higher labour costs. 

  At the Cypriot end of the argument, there is also a tree we essentially stopped taking seriously.

  Carob pod meal, evaluated by the Agricultural Research Institute in Nicosia as early as the 1960s, can replace up to a quarter of the barley in lamb diets with no effect on growth or meat quality, and up to a third in calf and goat rations. Its condensed tannins even suppress gastrointestinal parasites. The area of carob cultivation across the Mediterranean has shrunk by about 65 per cent this century.

  Cyprus used to call this tree its black gold. It is drought-tolerant and protein-supplementing, tolerates our poorest soils and grows here without irrigation. Bringing it back is not nostalgia. It is infrastructure. 

  Food security is energy security 

  The deeper lesson of the past seven weeks is the one we have not yet absorbed. For most of human history, food was solar. Photosynthesis captured sunlight, animals ate plants, humans ate both and soil fertility was maintained through rotations, manure, and legumes.

  Over the course of the 20^th century, we replaced a large part of that solar system with a fossil one.

  The calories on our plates now contain, invisibly, Qatari gas, Iranian urea and diesel burnt in a field in Ukraine. When that supply chain is working, the system looks abundant and cheap. When it is not, the fragility becomes visible overnight. 

  Food security in the 21^st century is, at its foundation, energy security. A country that imports its fertiliser imports its weather too, in the form of whoever controls the gas that makes the fertiliser. A country that grows its own nitrogen, through legumes and livestock and trees, is less at the mercy of other people’s wars. 

  Cyprus will not feed itself entirely. No small island does. But the distance between total dependence and reasonable autonomy is not ideological, and it is not out of reach. It begins with the soil under our feet, and with a few species, carob among them, that were feeding this island long before anyone had heard of Hormuz. 

  Nicolas Netien is an environmental engineer, specialising in agroecology and permaculture design, based in Cyprus

• Farmers plan to block key roundabout in foot and mouth protest

  Farmers will once again block the Rizoelia roundabout, which sits at the intersection of the motorway connecting Larnaca and Nicosia, and the motorway connecting Larnaca and Ayia Napa, on Friday, in protest at the government’s handling of the ongoing outbreak of foot and mouth disease, the newly established “voice of livestock breeders” organisation said on Tuesday night.

  The group’s protest will begin at 11am on Friday, with organisation spokesman Neophytos Neophytou saying that “we are sure that everyone will see something very big and correct which the whole world will understand”.

  He was asked whether it will be ensured that people will not be inconvenienced by the protest, given that the Rizoelia roundabout effectively acts as the chokepoint for all road traffic between Larnaca airport and Nicosia and all road traffic to and from Ayia Napa and Paralimni.

  “All members and the whole world understands, respects, and appreciates every other person who moves around Cyprus. We did not want and do not want anyone to be inconvenienced, and everyone should be sure that the protest is not just for us. It is not just for livestock farming. It is for everyone,” he replied.

  He added that “everyone must understand that livestock farming is one of the biggest pillars of Cyprus’ economy”.

  The group’s main source of dissatisfaction appears to be the fact that if one animal on a farm is found to have foot and mouth disease, every animal on the farm must be killed.

  However, veterinary association chairman Demetris Epaminondas had earlier in the day explained that European Union law on the matter does not allow for any other solution, and that non-adherence to the EU’s laws could see Cyprus run the risk of being unable to export halloumi to the rest of the bloc.

  “If EU legislation is not implemented, then there is a risk that the export of halloumi from Cyprus will be banned”.

  He also dismissed claims made by “voice of livestock breeders” representative Stella Petrou, who said that there may be “alternative European protocols” which could allow Cyprus to avoid culling infected animals.

  To this end, he said that “European legislation regarding the treatment of the disease is unified,” and made it clear that no such “alternative protocols” exist.

  “Europe has chosen the extreme strategy of eradicating the problem. This leaves no room for any differentiation in the measures taken in any of the member states,” he said.

  Asked whether some animals may test positive for foot and mouth disease if they possess antibodies as a result of having been vaccinated against the disease, he said that “it is possible to differentiate vaccine antibodies from antibodies which have developed due to natural infection”.

  More than 30,000 animals have already been culled, with Epaminondas having said previously that there is “no less painful alternative” to culling when attempting to stem the spread of the disease.

  He also stressed that vaccinations of animals cannot replace culling as a method of preventing the disease’s spread, as the vaccine’s aim is “to limit the transmissibility of the disease”.

  “Even a vaccinated animal, if it is found to test positive, must be culled,” he said, before going on to say that animals can remain infectious for four to six months.

  He added that allowing infected animals to live also entails the “risk that the virus will be transmitted further either by air, or by machinery, or in any other way which would affect other units”.

  “That is why these extreme measures are being taken,” he said.

• Fallout continues over north’s ‘attack on journalists’ in new law

  Political and legal figures weighed in on Tuesday over a law passed by the Turkish Cypriot legislature on Monday night which criminalised the naming of high-profile individuals who appear in court accused of crimes.

  Turkish Cypriot leader Tufan Erhurmane was the most high-profile figure to offer an intervention, saying that he is “closely following discussions” on the matter, and that his office will “consult with all relevant parties and evaluate all opinions”.

  “It is known that, in light of these evaluations, if deemed necessary, the presidency will not hesitate to exercise its constitutional powers, as it has done in previous instances,” he said, hinting at the possibility that he may veto the law or send it to the north’s judiciary to question its adherence to the ‘TRNC’s’ constitution.

  Meanwhile, former Turkish Cypriot leader Mustafa Akinci was less coy than his successor, saying that “one cannot remain neutral on issues such as democracy, human rights, and freedom of the press and expression”.

  “Not taking a stand on such matters draws the colour out of matters and fuels an appetite for deep darkness. A society where the press is silenced by fear cannot have a bright future,” he said.

  Former judge Tacan Reynar, who is now a high-ranking member of opposition party the TDP, asked of the north’s ruling coalition, “who are you to pass laws which run contrary to the universal ethics rules of reporting and writing?”

  “The day will come when we repeal all these laws one by one in parliament, with great pleasure. They will all become null and void, just like you,” he said.

  Former Turkish Cypriot chief negotiator for the Cyprus problem Kudret Ozersay, meanwhile, said that “in a period in which corruption, fraud, bribery, and decay have increased and been exposed to such an extent, this law change aims to prevent journalists from writing about these scandals and to prevent the public from knowing the full names or seeing the photographs of those accused”.

  “It is very clear that they want to both protect the politicians who will be tried in the near future and to intimidate and silence those who want to inform the public about it,” he said.

  Earlier in the day, the Turkish Cypriot media ethics board had warned that the stated reason for the new law’s creation – the protection of the presumption of innocence until proven guilty – has “become a tool which weakens public oversight”.

  The new law, it said, “creates a de facto environment of self-censorship by directly threatening journalists with criminal sanctions”.

  “Making the practice of news reporting criminally punishable violates not only the freedom of the press but also the public’s right to be informed,” it said, before calling on Erhurman to veto the law.

  However, not everyone was against the new law, with Cyprus Turkish bar association chairman Hasan Esendagli expressing his support for it during an appearance on public television channel BRT.

  “The courts were out of control. It constitutes a violation of rights to corner people who have been declared guilty before they face trial, exposed, and who have been put in personally difficult situations, in court corridors, and have their photos taken,” he said.

  He added that it is “not right to accuse someone who is already on trial”, with the bar association later announcing that it would hold a press conference on Wednesday to “explain” the new law to journalists.

  This announcement drew the ire of the Turkish Cypriot journalists’ association, which said it believed the bar association was being “insincere”.

  “A legislative initiative of this nature should have been shared transparently with all relevant stakeholders, especially professional press organisations, and their opinions should have been sought before the matter was before the parliamentary committee,” it said.

  It added that “the events of the last two days have unnecessarily dragged both journalists and the public into tension”, and that “this clearly demonstrates that the process has not been managed in a healthy or participatory manner”.

  As such, it said, its members will not attend the press conference.

  “We do not accept the subsequent explanation of processes conducted as faits accomplis … We call upon the Cyprus Turkish bar association to apologise to journalists and to the public and to reverse this erroneous decision,” it said.

  The law had been passed by the Turkish Cypriot legislature on Monday.

  Now, those who do take and publish photographs of suspects in and around courtrooms, or who publish the names of defendants, in the media or on social media, will now be subject to sentences of up to three months in prison or a fine amounting to four times the north’s monthly minimum wage.

  At present, the north’s monthly minimum wage is 60,618TL (€1,147), with the fine as such set, for now, at 243,272TL (€4,604).

  The law’s passage comes after multiple high-profile figures in the north have appeared in court and been charged with crimes in recent months, including former ‘education minister’ Kemal Durust, former Famagusta police chief Baris Sel, ‘prime minister’ Unal Ustel’s close personal associate Fatma Unal, Ustel’s now former undersecretary Huseyin Cahitoglu, the now former chief of the north’s tender commission Salih Cansec, the son of ruling coalition representative Hasan Tosunoglu, Ugur Tosunoglu, former chairman of the north’s higher education accreditation authority (Yodak) Turgay Avci, and board member Mehmet Hasguler, who is now the chief advisor of ruling coalition party the YDP.

• CHP’s Ozel demands Turkic states recognise north, laments Sharaa visit to Cyprus

  Turkish opposition party CHP leader Ozgur Ozel on Tuesday called on Turkic states to recognise northern Cyprus as an independent country, while also lamenting the fact that Syrian President Ahmed al-Sharaa visited Cyprus to attend last month’s informal European Council meeting in Nicosia.

  “Those who are following matters see how we are being excluded in the eastern Mediterranean. The United States, the United Kingdom, France, and Egypt are all against us,” he told his party’s MPs.

  He added that while the Turkish government had made “a move” in Libya with efforts to delimit maritime borders between the country, but that “Greece is working around the clock to thwart that as well”.

  Greece’s position is that Turkey does not share a maritime border with Libya, and has made efforts with the government of Egypt, and this week with the Libyan government of national unity, to pursue agreements which would render those efforts invalid.

  Turkey had signed an agreement with the Libyan government of national accord in 2019, but it was never ratified by Libya’s legislature. The government of national unity superseded the government of national accord in 2021 and is now the sole internationally recognised government of Libya.

  Ozel went on to say that “the United Arab Emirates, [Turkish President Recep Tayyip] Erdogan’s friend, is against us”, and that “Saudi Arabia, for which he declared mourning when its king died, is against us”, while “Qatar, which he trusts so much, is conducting drilling operations for Greeks in the eastern Mediterranean”.

  “Seeing this weakness, Greece is arming the [Aegean] islands, in violation of all agreements, continuing to arm the islands right before our eyes. All of Europe stands behind them,” he said.

  On Cyprus, he said that “the Turkish Republic of Northern Cyprus is our national cause” and that “our biggest goal in the medium term is to introduce the TRNC to the world, to ensure its recognition, so that we can then overcome this disadvantageous, asymmetrical situation with the Greek Cypriot administration and achieve gains through diplomacy”.

  “The Turkic states closest to us need to recognise it first. Not a single one recognises it. First, they went and recognised southern Cyprus. Now, they are sending ambassadors one by one, and that Greek Cypriot administration in southern Cyprus holds the rotating presidency of the [Council of] the European Union,” he said.

  On this matter, he then criticised the state of affairs which led to al-Sharaa attending the European Council summit in Nicosia.

  “Al-Sharaa. The al-Sharaa … whom our people recognise, the al-Sharaa whom they legitimised, goes at the invitation of the Greek Cypriot administration. Not only does he go, but he stands there, and in the city divided in two, he does not even cross over to the Turkish Cypriot side to have a cup of coffee with our president. Not even a cup of coffee,” he said.

  As such, he said, al-Sharaa “recognises the Greek Cypriot administration”.

  “Al-Sharaa, whom Turkey had applauded last December for ‘setting up big games’, is now going and endorsing the existence of the Greek Cypriot administration in southern Cyprus, and, like others, saying to the TRNC, ‘you do not exist, I do not recognise you,” he said.

  He then stressed that this amounts to a policy failure on the part of the Turkish government, saying, “they have brought Turkey to this point”.

  Ozel’s intervention comes after President Nikos Christodoulides had said that efforts were made to prevent al-Sharaa from participating in the informal European Council summit in Nicosia.

  “Although I had some information that some tried to prevent his participation in the European Council summit, he chose to be here, spoke publicly, and raised during the discussions how he sees the developments in the European Union’s relations in Syria,” he said.

• German film to be screened with subtitles

  A German-language film, screened with subtitles in English, lands on Nicosia’s big screen this week, as part of a year-long film series celebrating the diversity of European cinema. The Europe in Cinema programme, presented by the European Union National Institutes for Culture in Cyprus in collaboration with the Friends of Cinema Society, bring movie magic to screens around the island throughout the year.

  Within this framework, the Goethe-Institut Cyprus presents the film When Will It Be Again Like It Never Was Before on Wednesday at Pantheon Theatre in Nicosia.

  The series features a rich selection of European films spanning a wide range of genres and languages. From powerful dramas to light-hearted comedies, Europe in Cinema offers audiences a multifaceted cinematic journey that reflects Europe’s cultural and social diversity.

  The films explore themes that range from key historical moments to contemporary social realities, highlighting the unique perspectives of different European societies. The upcoming film is directed by the award-winning director Sonja Heiss, and is based the bestselling autobiographical novel by Joachim Meyerhoff.

  When Will It Be Again Like It Never Was Before is an incredibly funny and deeply moving film, that deals with growing up under unusual circumstances. Joachim is the youngest son of the director of one of Germany’s largest psychiatric hospitals. He spends his childhood and adolescence on the grounds of the hospital, as their family home is located on its premises. To Joachim, the patients are like family. This coming-of-age film is a celebration of life in all its absurdity and fleetingness.

  When Will It Be Again Like It Never Was Before

  Film screening part of Europe in Cinema. May 6. Pantheon Theatre, Nicosia. 8.30pm. Free admission. German dialogues with English subtitles. Tel: 22-674606. www.goethe.de/cyprus/events

• Disy remains bookies’ favourite to get most votes in upcoming elections

  Betting is permitted on the upcoming parliamentary elections until May 16, the National Betting Authority (NBA) said on Tuesday.

  The elections will be held on May 24. Candidacies for MP will be formally submitted on May 6.

  According to the NBA, betting on the elections must end by 11:59pm on Saturday, May 16. Beyond that cutoff point, any betting activity related to the elections will be illegal.

  The aim is to “prevent influencing the electorate or creating impressions,” the NBA said.

  It also appealed to the public to familiarise itself with the terms and conditions.

  Members of the public can report suspicious or irregular activity at: complaints@nba.gov.cy

  Meanwhile, betting company Stoiximan has the highest odds on the Disy party to win the most votes.

  Betting on Disy to ‘win’ earns €1.57, Akel €2.70, and Elam €12.

  The long shots are Direct Democracy, earning €15, Alma at €17; Diko €25; the Greens, Edek and Volt at €80; and Dipa at €150.

  Other betting options have to do with parties garnering over or above a certain percentage of the popular vote.

  For Akel to get either over or under 21.5 per cent of the vote, one euro earns €1.87.

  For Disy to get over 22.5 per cent of the vote, one euro earns €1.80; and for under 22.5 per cent of the vote, one euro earns €1.92.

  Odds are also available on one-on-one contests between parties. For example, betting on Akel gaining more votes than Disy earns €2.35, and vice versa would yield €1.55.

• Erhurman meets outgoing US ambassador Davis

  Turkish Cypriot leader Tufan Erhurman on Tuesday met outgoing United States ambassador in Nicosia Julie Davis, who resigned from the US state department last month.

  Erhurman’s office announced that the pair had “discussed recent developments”.

  Davis had been appointed as the US’ charge d’affaires in Ukraine last year, but resigned after less than a year in the job amid reports of differences of opinion with US President Donald Trump.

  The Financial Times and other outlets reported that Davis had become “frustrated” with her role, with Trump’s support for Ukraine openly less steadfast than that of his predecessor Joe Biden.

  Those reports were denied by the US’ state department, with its spokesman Tommy Piggot saying that Davis “has been a steadfast proponent of the Trump administration’s efforts to bring about a durable peace between Russia and Ukraine”.

  Davis had taken up her role in May last year, succeeding Bridget Brink, who had herself reportedly chosen to resign in part out of opposition to Trump’s stance on the war.

  At the time, government spokesman Konstantinos Letymbiotis had praised Davis’ work on the island, saying that relations between Cyprus and the US were “perhaps at their closest, their highest level since the founding of the Republic of Cyprus”.

  In her absence, Trump nominated John Breslow to the Nicosia post, though his nomination has not been voted upon by the Senate.

  Davis had served on the island since February 2023 and remained officially in post in Nicosia even after her appointment in Kyiv, appearing at the embassy’s July 4 celebrations last year and alongside President Nikos Christodoulides at football matches.

• Greek frigate undertakes training exercise with Cypriot National Guard

  The Greek frigate the Elli has taken part in a joint training exercise with the Cypriot National Guard off the coast of Cyprus, the National Guard said on Tuesday.

  The frigate was joined in the exercise by the Cypriot offshore patrol vessel the Ioannides, the Cypriot coastal patrol vessels the Tsomakis, the Ammochostos, and the Georgiou.

  The Greek special operations craft the Panagos and the Agathos and a Greek AW139 search and rescue helicopter also took part in the exercise.

  “During the joint training, communications, asymmetric threats, advanced manoeuvres, and helicopter training exercises were carried out,” the National Guard said, adding that “the joint training contributed to the promotion of the level of operational readiness and combat capability”.

  It added that the exercise also served to boost “the interoperability of the participants”.

  The Elli has been stationed in the waters off the coast of Cyprus, having been sent to replace the Kimon, which was sent to the island’s waters after the British Akrotiri air force base, near Limassol, was hit by an Iranian-made drone in March.

  Like the Kimon, the Elli Is armed with Greece’s Centauros anti-drone system, which works by jamming signals and thus disorientating drones.

  The Centauros system has the capacity to detect drones at a distance of up to 150 kilometres.

  Greek Prime Minister Kyriakos Mitsotakis had during a visit to Cyprus in March described the Kimon as the “pride of the Greek fleet”, with the ship having only entered service at the end of last year.

  The Elli is somewhat older, having been commissioned in 1982.

• Annita, Greek food minister discuss foot and mouth outbreaks

  Disy leader Annita Demetriou and Greek Food Minister Margaritis Schinas on Tuesday discussed the outbreaks of foot and mouth disease which she said have “plagued” both countries in recent months.

  Demetriou said she and Schinas had discussed the matter “at length” and “exchanged ways of managing the problem at the European Union level”.

  While more than 100 farms have been impacted by the disease in Cyprus, the outbreak in Greece has been centred on the Aegean island of Lesvos, where cases have been found at 76 farms in the last three weeks and 116 farms since the middle of March.

  As well as the issue of FMD, Demetriou said Schinas informed her “about the priorities of his portfolio” and the matter of planned reforms to the EU’s common agricultural policy.

  This comes with the European Commission reportedly planning to cut as much as €85 billion from the policy’s budget over the course of the next multiannual financial framework.

  The multiannual financial framework is the EU’s multi-year budget, with the current framework covering the years between 2021 and next year, and the next framework covering the years between 2028 and 2034. The current framework allocated €385bn for the common agricultural policy.

  Outside of the matter of food, Demetriou said that “Greece has been and remains our most enduring and strongest ally, with our brotherly relationship permeating the entire spectrum of cooperation between the two sides”.

• Casinos generated €34m tax for govt last year

  A steady rise in casino gambling proceeds was recorded over the last two years, according to a report handed over to the presidency’s office on Tuesday.

  The report, compiled by the Gaming & Casino Supervision Commission, was handed to under-secretary to the president Irini Piki. It covers the years 2024 and 2025.

  Established in 2017, the commission’s task is to regulate land-based (or physical) casinos.

  The data show a steady and significant increase in casino earnings during the two-year period.

  In 2025, gross gaming revenue (GGR) came to €227 million, the previous year it was €189 million; and in 2023 it clocked in at €130 million.

  GGR is different to turnover – it is the amount kept by the company after winnings have been paid out. It does not include taxes.

  There are five licensed casinos on the island: the integrated casino resort in Limassol, plus four ‘satellite’ casinos, one each in the districts of Nicosia, Larnaca, Paphos and Ayia Napa.

  The integrated casino resort in Limassol – the City of Dreams Mediterranean – officially opened in July 2023. Located in Zakaki, the €600 million project features a 14-story hotel with 500 rooms, an 8,000-square metre gaming area, and extensive entertainment facilities.

  According to the report, the flagship casino in Limassol makes the lion’s share of earnings: in 2025 it accounted for 86 per cent.

  In 2025, operating expenses for the five casinos came to €2.59 million – of which €2 million was on payroll.

  In 2024, the state earned €28.38 million from the casino tax, rising to €34 million in 2025.

  In addition, the state collects the annual licensing fee – €7 million.

  The report noted enhanced ‘risk-based’ checks against money-laundering and to protect players.

• Authorities deny improper disposal of culled sheep in Athienou

  The Veterinary Services on Tuesday rejected claims that animals culled due to foot and mouth disease (FMD) were improperly discarded in Athienou, following concerns raised in a recent Cyprus Mail report.

  “Under no circumstances” are animals from infected farms disposed of in an uncontrolled manner or outside designated and licensed burial sites, it said.

  The department stressed that the handling of carcasses is carried out strictly in line with biosecurity protocols and relevant EU and national regulations, under the supervision of competent authorities.

  The response comes after reports that dead sheep were seen left in skips in the Athienou industrial area.

  According to the Veterinary Services carcasses from livestock areas in Aradippou, Troulloi, Athienou and Ormidia are “temporarily gathered at designated points outside farming zones before being collected by a contractor”, under an existing contract for the collection and management of dead animals.

  This arrangement, it said, was introduced “at the request of organised groups of farmers in affected areas”, with the aim of reducing the risk of disease spread by avoiding the entry of collection vehicles into livestock units.

  They added that the selection of these collection points was made in consultation between farmers and local authorities, without direct involvement from Veterinary Services.

  Addressing visual material circulating publicly, the agriculture ministry said that “isolated images do not necessarily reflect the full process”.

  It said the management of carcasses, including collection, transport and final disposal, follows approved procedures, including sanitary burial in properly prepared sites, the use of approved disinfectants and strict access control measures.

  Earlier, head of the cattle farmers’ association, Giorgos Parpas had told the Cyprus Mail that “culled animals were placed in skips at designated points before being collected for incineration”, adding that under normal conditions “animals should remain in skips for no more than one to two hours” before collection but delays may extend into the following day, leaving the culled animals exposed.

  Meanwhile, sheep farmers’ association head Sotiris Kadis said the situation had improved compared to earlier stages of the outbreak, when carcasses were reportedly left outside farms, though he agreed that further improvements are needed in the process.

  The Veterinary Services said they remain in constant coordination with all stakeholders to ensure consistent implementation of measures and limit the spread of the disease.

  They also stressed that “strict adherence to biosecurity measures by all involved is essential to protecting livestock, public health and the agricultural economy”.

• Cigarette butts set to be recycled in Cyprus

  A collective system to manage tobacco products with filters, in a move aimed at reducing the environmental impact caused by discarded cigarette butts was granted to CPC Rethink Filters Ltd for six years, it announced on Tuesday.

  Green Dot Cyprus said the licence was issued on May 4 by Agriculture Minister Maria Panayiotou, under the 2024 regulations on the management of waste from tobacco products with filters.

  Under the licence, the company assumes the role of an approved body responsible for managing cigarette filters, with the aim of limiting the environmental damage caused by their uncontrolled disposal.

  Green Dot said cigarette butt litter is among the most widespread forms of pollution, affecting both urban and natural environments, including beaches and marine life.

  Within this framework, a key objective is to strengthen public environmental awareness through information campaigns and the promotion of responsible practices.

  At the same time, plans are underway to develop dedicated collection infrastructure in cooperation with local authorities, with a focus on outdoor spaces.

• Conscripts who have missed deadline given two more days to register

  The digital platform created for conscripts to register for military service will reopen at 7am on Thursday and remain open until midnight on Friday as many had not completed the procedure in time, defence ministry said on Tuesday.

  They had not been able to complete the form as no profile had been set up on the government platform.

  As such, the declarations this week can be made via the online government portal https://www.gov.cy in the section ‘conscription’.

  Those who have not submitted the selection information form and have received a call-up notice from the military recruitment offices must submit the declaration via the digital service.

  Further information is available on the defence ministry’s website via www.gov.cy/mod and national guard website www.gov.cy/army.

• Cyprus electricity prices fastest falling in the EU

  Cyprus has recorded the largest decrease in electricity prices in the European Union, with a drop of 14. 7 per cent, Eurostat data published on Tuesday show.

  Overall, electricity prices dropped sharply in Cyprus in the in the second half of 2025 compared to the second half of 2024, ranking the country first before France, which recorded a 12.5 per cent decrease and Denmark, where prices dropped by 11.9 per cent.

  Meanwhile electricity prices for households soared in Romania, increasing by 58.6 per cent,  followed by a 34.4 per cent increase in Austria and an increase of 32.7 per cent in Ireland.

  The prices in Cyprus are reflected in purchasing power parity (ppp) at €30.4 per 100 kWh in the second half of 2025, down from €32.1 in the first half of the year and €35.7 in the second half of 2024.

  Measured in ppp, electricity costs ranked highest in Romania, where consumers paid €49.5 per 100 kWh, followed by the Czech Republic at €38.7 per 100 kWh. Meanwhile, Malta, €14.1 per 100 kWh and Hungary €15.1 recorded the lowest electricity prices in the EU. 

  Prices remained stable on an EU-level, recording a slight increase to an average €28.9 per 100 kWh in the second half of 2025, having increased slightly from €28.8 in the first half of 2025.

  According to Eurostat, the respective increase is primarily caused by an increase in fees and taxes which have increased to 28.9 per cent, recording a one per cent increase to the first half of the year.

• Over 1,000 ‘classified’ documents handed to defence in central prison case

  Prosecutors involved in the missing files from the central prison case on Tuesday handed over 1,116 documents of the 2,900 total to the defence during proceedings at Nicosia criminal court.

  The documents had not been previously delivered as they were marked classified.

  The remaining documents will be reviewed through procedures set by the court.

  The next hearing will be held at 9am on June 9.

  On Tuesday, prosecution representative Anna Mattheou said the classified documents had been saved on three hard disks and included central prison maps and blueprints, as well as correspondence between lawyers and clients.

  Chris Triantafyllides, defence lawyer for former prison chief Anna Aristotelous, raised strong objections, saying the prosecution should prove that the documents were classified, as access to them could place lives or fundamental rights of individuals at risk, as well as national interest.

  He also said national security documents should be submitted to the court as hard copies and not in digital form.

  The defence, he added, believed it was “unlikely” that the documents were indeed covered by the exemptions for classified material and spoke of a “parody” and “unreasonable and illegal restrictions”.

  He furthermore questioned how reliable scanned documents could be, as it was possible to modify them.

  The prosecution assured the defence that the documents had not been modified during scanning and that submitting thousands of hard copies was not the best practice at this stage.

  The court decided that all documents to be submitted should be in printed form and gave the defence time to look over the original documents.

  The prosecution then said the originals were part of a bulk of documents – 48,432 to be precise – and that it would take time to separate them.

  In April 2025, a police search of the home of a prison warden revealed a large volume of official documents, some marked “confidential.”

  Subsequent to an exhaustive investigation, law enforcement officials apprehended five individuals, four prison guards and a police cadet, on suspicion of misconduct relating to the removal of said documentation.

  Police believe that the majority of the documents were removed between November and December 2022. Both Aristotelous and former deputy director Athina Demetriou have since given testimony.

  In November 2025, authorities officially registered a case against Aristotelous.

• Cypriot filmmaker heads to Cannes with bold new short

  There’s something quietly persistent about the way Alexandra Matheou makes films. She keeps returning to the private lives of women, not as isolated, intimate portraits, but as windows into the systems that shape them. It’s a perspective that has gradually set the Cypriot writer-director apart on the international short film circuit.

  Now, she’s taking that voice to one of cinema’s biggest stages. Her latest short, Free Eliza (Notes on an Anatomical Imperfection), is set to premiere at the Quinzaine des Cinéastes at the Cannes Film Festival later this month marking a major milestone at a turning point in her career.

  “It means a lot to me,” she says. “This is my last short before moving into my first feature, and I really hoped the film would find its way somewhere like Quinzaine ahead of that next step. The fact that it has is very humbling.”

  There’s also a personal weight to the moment. “It means a great deal to be part of a festival I’ve spent years cherishing. It’s been a point of reference for me for a long time, so to arrive there with a film of my own feels very special.”

  Cannes is more than just a showcase. For many filmmakers, it opens the door to a global conversation. Quinzaine des Cinéastes, known for championing bold, director-driven work, feels like a natural fit for Matheou.

  Her films do not aim to be easy. They are precise, often a little unsettling, and deeply focused on identity, class, grief and the female body.

  Free Eliza continues along that path. While details of the film are being kept under wraps, its starting point is deceptively simple. “It began with the idea of someone who cannot smile in a world where smiling is expected all the time,” says Matheou. “From there, it became more about the pressure to perform happiness.”

  Set in a resort, a space built around curated ease and enjoyment, the film leans into that tension. “It’s a controlled environment where emotions are part of the job,” she explains. “That gap between what is felt and what is shown became the core of the film.”

  At its centre, the 20-minute film questions something most people rarely think about. “We’re so used to seeing happiness as something visible and immediate,” she says. “I wanted to shift that slightly. Maybe create a bit more room for people who don’t perform in expected ways.”

  She is not interested in offering neat conclusions. “I hope people can root for a heroine who is unapologetically herself, even if that makes things uncomfortable for others.”

  Discomfort is something her work often sits with rather than resolves.

  “Ambiguity feels closer to how we actually experience things. Emotions are often unclear, even contradictory, and I’m interested in staying with that rather than smoothing it out.”

  That same thinking shapes the characters in this and her previous films, people navigating systems they didn’t design but still have to move through every day. “A lot of that has to do with class, who is expected to serve, who gets to be seen, who is allowed complexity and who isn’t.

  “If you stay close enough to a character, to how they move, what they notice, what they hold back, the larger structure starts to reveal itself,” she explains. “You don’t need to point at it.”

  Her balance between control and feeling is perhaps shaped by her background. Before turning fully to filmmaking, she studied law at King’s College London, completing both an LLB and LLM, before moving into Film Studies at University College London.

  Since then, her films have been building momentum for years. Anorak (2015) introduced her voice, followed by Grief (A Place None of Us Know Until We Reach It) (2018) and Tragedies Come in the Hungry Hours (2020), each sharpening her focus on emotional and psychological landscapes.

  Then came A Summer Place (2021), which marked a shift. “Yes, it did,” she says when asked if the film changed things for her. “It was more a shift in confidence. Seeing it travel and connect with different audiences made me trust my instincts even more. It reassured me that something very specific can still reach people.”

  Her next phase will see Matheou alongside Free Eliza develop her aforementioned debut feature, already backed by major institutions, as well as a second project, Stringa, co-created with Athens-based film producer, writer, director Maria Hatzakou.

  Despite her growing international presence, she remains closely connected to Cyprus.

  In 2019, she founded her own production company, This Is the Girl Films, marking a commitment to build something locally.

  For Cyprus, still carving out its place on the global film map, her selection for Quinzaine des Cinéastes matters too. It is a reminder that stories rooted on the island can travel and resonate internationally.

• Ten weather stations in Cyprus to promote sustainable agriculture

  A network of ten meteorological stations to collect crucial data for the development of targeted services for the agricultural sector is being set up in Cyprus, part of a project to facilitate smart irrigation and resilient agriculture in Cyprus, Crete and the Aegean islands.

  Digital innovations for islands’ crop water efficiency and resilience, known as Dig.I.Water, aspires to promote the sustainable management of water resources and help agriculture adapt to the effects of climate change.

  On Tuesday, Dig.I.Water announced installations in Cyprus are at an advanced stage, strengthening cross-border cooperation between Greece and Cyprus.

  An open digital platform, utilising state-of-the-art technology, will provide reliable and specialised information to producers, local authorities and decision-making centres.

  Following the establishment of the first meteorological station in Cyprus, the network has entered a “more mature phase”, with ten new stations in key rural areas, namely Evrychou, Saittas, Athalassa, Vavatsina, Tochni, Xylotymbou, Achna, Kiti, Achelia and Argaka.

  These local stations will cover different microclimates and agronomical conditions, from coastal to mountainous areas and everything in between.

  Kiti is the lowest altitude at 10m and Saittas the highest at 636m.

  The data collected will be incorporated into the project’s digital platform, supporting the development of precision services for agriculture and providing accurate information on the weather, the need for irrigation, monitoring the microclimate and evaluating factors affecting the resilience of crops.

  In this way, the producers will be able to take educated decisions, limit the waste of water and improve the viability of their agricultural practices.

  Dig.I.Water aspires to support drafting policy and advising agriculture on the better management of crops on islands affected by climate changeability.

• School bus services in north halted over ‘missed payments’

  School bus services in the north will be halted from Wednesday, Turkish Cypriot bus operators’ association Kar-Is chairman Fuat Topaloglu announced on Tuesday, saying they have not been paid for four months.

  “We are suspending school bus services from tomorrow. The government is responsible for this,” he said, adding that the decision was made “out of necessity” due to the missed payments.

  He also addressed parents of schoolchildren directly, saying, “mothers and fathers; this government, which does not give labour its just desserts, is the one which is making victims out of your children”, before turning his attention to the north’s ruling coalition.

  “We are not going to deal with the lies of Finance Minister Ozdemir Berova in particular, nor those of the government in general,” he said.

  A day earlier, he had said that “for four months, they have not paid us a single kurus”, and that both the owners of the bus operating companies and the bus drivers themselves are “exhausted”.

  He had then accused Berova of “trying to deceive the sector with lies” and described the missed payments as “a clear failure of governance”.

  The kurus is the subunit of the Turkish Lira. One kurus is equal to around a fiftieth of a cent.

  The Cyprus Mail has contacted Ozdemir Berova and is awaiting a response.

• Cyprus ready to join Nato ‘when conditions allow’

  The EU can advance on defence and security without the United States, President Nikos Christodoulides said on Tuesday highlighting Europe’s relationship with Nato.

  A stronger and more strategically autonomous EU, he said, would be a more capable partner for Nato in addressing shared challenges.

  Cyprus, he added, is ready to become a member of Nato “when political conditions allow”.

  Addressing the DEFEA 2026 defence exhibition in Athens, he also called for the European Union’s mutual defence clause under Article 42.7 to become fully operational, stressing that it “cannot remain theoretical” but must evolve into a concrete and functional mechanism for member states.

  He added that work has already begun in Brussels to prepare a clear blueprint for its immediate and effective activation. Christodoulides had earlier met European Commissioner for Defence Andrius Kubilius.

  The president highlighted the Security Action for Europe (SAFE) instrument as one of the EU’s most ambitious initiatives, allowing for up to €150 billion in defence investments, with Cyprus expected to access approximately €1.2 billion.

  Planning for the utilisation of these funds is already underway, he added, stressing that enhancing defence, upgrading deterrence capabilities and supporting the Cypriot defence industry are top priorities for the government.

  Referring to the broader international environment, Christodoulides said the world is currently characterised by uncertainty and unpredictability, pointing to the war in Ukraine and conflicts in the wider Middle East as clear indications of how fragile peace remains.

  He underlined that security and stability are closely linked not only to defence but also to economic growth, investment and governance, adding that “Cyprus, as a country still under Turkish military occupation, has a direct understanding of what is at stake”.

  At the same time, he highlighted the growing range of modern threats, including hybrid threats, cyberattacks, competition in space and the rapid use of artificial intelligence in defence, stressing the need to make Europe more resilient, independent and competitive.

  He noted that the conference comes at a time when Cyprus holds the presidency of the EU council, adding that for the first time in years, Europe has moved beyond discussions to concrete decisions on defence and security.

  “A Europe that does not invest in its defence and security is a Europe that remains dependent,” he said, adding that dependency cannot be a strategic choice for a geopolitically strong union.

  Christodoulides also referred to efforts to promote military mobility within the EU, aiming to remove obstacles and accelerate the movement of forces, as well as to simplify procedures to enhance defence readiness.

  He also praised the progress of the Cypriot defence industry, noting that around 30 high-tech companies are active in the sector, developing and exporting products ranging from unmanned systems and counter-drone technologies to cybersecurity and electronic warfare solutions.

  Over the past five years, he said, 18 Cypriot companies have participated in 70 projects under the European Defence Fund and the European Defence Industrial Development Programme, with a total budget exceeding €600 million and securing approximately €65 million in direct funding.

  In the 2025 European Defence Fund, Cypriot small and medium-sized enterprises are involved in 16 out of 57 selected projects, with 10 entities securing around €14 million in funding.

  “These are not just numbers,” the president said, adding that they demonstrate the ability of Cypriot companies to innovate, collaborate and deliver results, while also creating well-paid jobs and showcasing the country’s skilled workforce.

• Farmers warned not culling infected livestock could risk halloumi exports

  Farmers were on Tuesday warned that failing to implement the European Union’s regulations and thereby culling animals infected with foot and mouth disease could see Cyprus run the risk of being unable to export halloumi to the rest of the bloc.

  Veterinary association chairman Demetris Epaminondas was asked about the prospect on CyBC radio, and said that “if EU legislation is not implemented, then there is a risk that the export of halloumi from Cyprus will be banned”.

  He also dismissed claims made by Stella Petrou, a representative of a newly established organisation named ‘the voice of livestock breeders’, who said that there may be “alternative European protocols” which could allow Cyprus to avoid culling infected animals.

  To this end, he said that “European legislation regarding the treatment of the disease is unified,” and made it clear that no such “alternative protocols” exist.

  “Europe has chosen the extreme strategy of eradicating the problem. This leaves no room for any differentiation in the measures taken in any of the member states,” he said.

  Asked whether some animals may test positive for foot and mouth disease if they possess antibodies as a result of having been vaccinated against the disease, he said that “it is possible to differentiate vaccine antibodies from antibodies which have developed due to natural infection”.

  Petrou, meanwhile, said that farmers remain dissatisfied with the government’s actions on the matter, and said that her organisation will make decisions on its “next steps” on Tuesday night before announcing its intentions on Wednesday.

  She added that farmers do not intend to block access to international airports, but instead plan to “focus” on the Presidential palace and “cities’ central arterial roads”.

  Her organisation was formed a week ago and said at the time that it aims to highlight “the serious issues which have arisen in the sector”.

  Among other things, it calls for alternatives to the culling of livestock in light of the outbreak, though European Union law stipulates that if an animal is found to have foot and mouth disease, every animal on the farm must be culled.

  More than 30,000 animals have already been culled, with Epaminondas having said previously that there is “no less painful alternative” to culling when attempting to stem the spread of the disease.

  He also stressed that vaccinations of animals cannot replace culling as a method of preventing the disease’s spread, as the vaccine’s aim is “to limit the transmissibility of the disease”.

  “Even a vaccinated animal, if it is found to test positive, must be culled,” he said, before going on to say that animals can remain infectious for four to six months.

  He added that allowing infected animals to live also entails the “risk that the virus will be transmitted further either by air, or by machinery, or in any other way which would affect other units”.

  “That is why these extreme measures are being taken,” he said.

Github

• Secret scanning with GitHub MCP Server is now generally available

  GitHub secret scanning in the GitHub MCP (Model Context Protocol) server is now generally available. When you use an MCP-compatible AI coding agent or IDE (like GitHub Copilot CLI or Visual Studio Code), you can scan your code for exposed secrets before you commit or open a pull request, so leaked credentials don’t make it into your repository in the first place.

  It’s been in public preview since March 2026, and it’s available for repositories with GitHub Secret Protection enabled.

  What’s new

  Secret scanning tools in the MCP server now honor your existing push protection customization, so detections and bypass behavior stay consistent with what you’ve already set up at the repository or organization level.

  Get started

  1. Set up the GitHub MCP server in your developer environment.
  2. (Optional) Install the GitHub Advanced Security plugin for a more tailored secret scanning experience.
     • In GitHub Copilot CLI, run /plugin install advanced-security@copilot-plugins.
     • In Visual Studio Code, install the advanced-security agent plugin, then use /secret-scanning in Copilot Chat to start your prompt.
  3. Ask your agent to scan your current changes for exposed secrets before you commit. For example:

     > Scan my current changes for exposed secrets and show me the files and lines I should update before I commit.

  For the full set of setup options and configurations, see documentation for GitHub MCP server secret scanning setup options and configurations.

  Learn more

  Learn more about GitHub secret scanning and how to set up the GitHub MCP server.

  Join the discussion in the GitHub Community.

  The post Secret scanning with GitHub MCP Server is now generally available appeared first on The GitHub Blog.

• Dependency scanning with GitHub MCP Server is in public preview

  The GitHub MCP Server can now scan your code changes for vulnerable dependencies before you commit or open a pull request. You’ll catch known vulnerabilities while you write code with MCP-compatible IDEs and AI coding agents. It’s now in public preview for repositories with Dependabot alerts enabled.

  How it works

  The dependency vulnerability scanning tools ship as part of the GitHub MCP Server’s dependabot toolset. Once enabled, your AI coding agent can run dependency vulnerability scanning based on your prompts. When you ask the agent to check for vulnerable dependencies, it invokes the toolset, sends dependency information to the GitHub Advisory Database, and returns structured results with affected packages, severity, and recommended fixed versions. For more thorough post-commit checks, the toolset can also run the Dependabot CLI locally to diff dependency graphs before and after your changes.

  Get started

  1. Set up the GitHub MCP Server in your developer environment and enable the dependabot toolset:
     • In GitHub Copilot CLI, the GitHub MCP Server is preinstalled. Run copilot --add-github-mcp-toolset dependabot to enable the dependabot toolset for your session.
     • In Visual Studio Code, add "X-MCP-Toolsets": "dependabot" to your GitHub MCP Server headers, or pick Dependabot from the toolset selector in Copilot Chat.
  2. Install the advanced-security plugin for GitHub Copilot for a more tailored dependency vulnerability scanning experience. For example:
     • In GitHub Copilot CLI, run /plugin install advanced-security@copilot-plugins.
     • In Visual Studio Code, install the advanced-security agent plugin, then use /dependency-scanning in Copilot Chat to start your prompt.
  3. Ask your agent to scan your current changes for vulnerable dependencies before you commit.

  Here’s an example prompt you can use: Scan the dependencies I added on this branch for known vulnerabilities and tell me which versions to upgrade to before I commit.

  Learn more

  • Dependabot.
  • GitHub Advisory Database.
  • GitHub MCP Server.

  Join the discussion within GitHub Community.

  The post Dependency scanning with GitHub MCP Server is in public preview appeared first on The GitHub Blog.

• Code-to-cloud risk visibility with Microsoft Defender for Cloud is now generally available

  This integration is now generally available. Since entering public preview, we’ve heard valuable feedback from customers, and we’ve shipped follow-up improvements that bring artifact and runtime context closer to the GitHub Advanced Security alert experience.

  This integration connects code, build artifacts, and runtime context so you can track, prioritize, and remediate the security risks most relevant to your environment.

  Code-to-cloud correlation with Microsoft Defender for Cloud

  Defender for Cloud correlates what’s running in your cloud environments back to the source code that produced it. Defender maps container images deployed in your environments to the GitHub repositories that built them, using signals like GitHub artifact attestations alongside its own runtime intelligence.

  Once Defender for Cloud links an artifact to its source, you can evaluate security findings in the context of where and how the code runs.

  Runtime risk context from Microsoft Defender for Cloud

  Defender for Cloud also brings workload details into GitHub through the Deployment Record API, populating the linked artifacts view with runtime context for each deployed artifact—such as whether it’s internet-exposed or processes sensitive data. With this context on GitHub, your security and development teams share a single source of truth for how build artifacts run and the risks they pose.

  Runtime-aware filtering and campaign targeting

  GitHub Advanced Security supports runtime context filters across GitHub code scanning, Dependabot, and security campaigns. You’ll find these filter options in organization-level alert lists and campaign creation flows:

  • Filter by deployment status using has:deployment.
  • Focus on runtime risks with runtime-risk: (for example, runtime-risk:internet-exposed or runtime-risk:sensitive-data).

  Getting started

  • To enable the integration, follow the setup steps in the Microsoft Defender for Cloud documentation for GitHub Advanced Security. Once connected, Defender handles container deployments and runtime risk context automatically.
  • Use the new filter options in security views to focus triage and campaigns on what’s deployed and exposed.
  • Assign critical security issues or campaigns to the GitHub Copilot coding agent directly from the issue or campaign view.

  Join the discussion in the GitHub Community.

  The post Code-to-cloud risk visibility with Microsoft Defender for Cloud is now generally available appeared first on The GitHub Blog.

• Deprecation notice: code_scanning_upload field will be removed from rate_limit API endpoint

  On May 19, 2026, we’ll remove the code_scanning_upload field from the rate_limit REST API endpoint response.

  Why did we make this change?

  The code_scanning_upload field in the rate_limit response has been a source of confusion. While it appeared as a separate rate limit category, it shares the same limit pool as core. This led customers to incorrectly interpret their rate limit status.

  What you need to do

  If your code or scripts parse the /rate_limit endpoint and reference the code_scanning_upload field, update them before May 19, 2026 to avoid failures.

  Before:

  {
    "resources": {
      "core": { "limit": 5000, "used": 1, "remaining": 4999, "reset": 1372700873 },
      "code_scanning_upload": { "limit": 5000, "used": 1, "remaining": 4999, "reset": 1372700873 }
    }
  }
  

  After May 19, 2026:

  {
    "resources": {
      "core": { "limit": 5000, "used": 1, "remaining": 4999, "reset": 1372700873 }
    }
  }
  

  The standard core rate limit continues to govern GitHub code scanning uploads. No replacement field is needed.

  For more information about rate limits, see Rate limits for the REST API.

  The post Deprecation notice: code_scanning_upload field will be removed from rate_limit API endpoint appeared first on The GitHub Blog.

Reddit

r/gamedev

• I show how to make AAA Cinematics in Unreal Engine

  I teach UE5 cinematics for free. No courses, no Patreon, no gatekeeping.

  Daily streams. Real techniques. Three games in dev.

  We all eat, or none of us do.

  https://www.youtube.com/watch?v=ksDqSbt6fHA

  #UE5 #indiedev #gamedev #unrealengine

  submitted by /u/Alert-Laugh7722
  [link] [comments]
• Hiring a Marketing Lead for Asain Markets, where should I start?

  For those who have launched games across Asia, what worked, or failed, in your experience?

  I understand these are all very different markets culturally and commercially.

  I’m looking to hire a Head of Marketing to help capture the widest range of Asian markets possible.

  Would it be smarter to hire someone highly specialized in a specific market, or target someone in more of a regional hub like Singapore with broader cross-market experience?

  submitted by /u/CryvionOfficial
  [link] [comments]
• Learning Game Dev

  I've been trying to work on game development for months now but I haven't seen any progress. I have no prior programming experience before this. What would be the best way to learn and improve?

  submitted by /u/Busy-Candidate-6786
  [link] [comments]
• I finally released Dust3D 1.0 – Fast low-poly 3D modeling, auto-rigging, and animation for solo devs

  Hey r/gamedev,

  I’m the creator of Dust3D, and I just hit the 1.0 milestone. I built this for anyone who finds traditional 3D modeling (topology, UVs, weight painting) too time-consuming or complex.

  Dust3D is a free, open-source (MIT) "sketch-to-mesh" tool. You don't move vertices; you just draw a skeleton, and the software generates a manifold 3D mesh instantly.

  What’s in 1.0?

  • Instant Mesh: Draw 2D nodes, get 3D volumes.

  • Auto-Rigging: Label your parts (Arm, Leg, etc.) and it skins itself.

  • Procedural Animation: Generate walk/run cycles with sliders—no manual keyframing.

  • Game Ready: Auto-UVs and FBX/glb export for Unity, Godot, and Unreal.

  It’s perfect for game jams, rapid prototyping, or low-poly projects. It’s completely free, and you can grab it now.

  Website: https://dust3d.org

  Source: https://github.com/huxingyi/dust3d

  I’d love to hear your feedback!

  submitted by /u/huxingyi
  [link] [comments]
• Lessons from Oneiron Expanse: Market as early as possible, even before making a playable demo... or not?

  It is hard out there! We’re showing our game in the Steam Deckbuilders Fest this week. It is a card game, high in strategy very low RNG, with a roguelite core but with the main focus in deckbuilding, and featuring several mechanics to do so while you are battling. Our closed playlists look promising, so we committed fully. The thing is that we had all in motion to release an early demo in itch.io a month ago and find playtesters in parallel. When we learned the Deckbuilder Fest (our targeted niche) was coming, we decided to drop all plans and focus on it literally 100% output directed to not making the game but marketing it (we were a 2-ppl team). And it is helping to get us some visibility and we see a humble amount of wishlists coming in, hoping that it would be enough fuel to find those playtesters among the interested players even though we have ATM no demo to offer. But it really had a cost on us. Good thing is, we definitely expect to have a demo ready in itch.io a few weeks after the Fest concludes. Anyway, just sharing our experience. Here if this would be LinkedIn I could say "Focus early on marketing. Show it, even if you don't have a playable build. Even if it has you to stop the line." BUT the object of this discussion, because we would love to know about your expertise as well: Is that really the state of the matter and the learning 100%? Be there during a "promo window" even if no playable state can be delivered? Or would we have yielded better results (faster organic wishlist) to get a playable Demo out, AFTER the Deckbuilder Fest, during a non-Steam-Fest period? Thanks community! submitted by /u/wondervault-games [link] [comments]

• Why do you want to make a game?

  I'm just wondering, what made you decide "a game is what I want to do". Or maybe, "a game is the best way to tell this story, or bring this experience to life".

  Why are you going through all this trouble? (We are also making a game, of course, and yes, making games is hard!)

  submitted by /u/StayDeadGame
  [link] [comments]
• Should we switch our word puzzle game from Paid to Freemium?

  We've got a $1.99 puzzle word game on Apple/Google. It's sold ~2500 units for ~$4K gross in the last couple years. Haven't spent ads on it, and it got highlighted around release as an indie pick on Google (not a full feature though).

  At the time, we wanted to just release it quickly and not deal with freemium and IAP - did that for another word game and it was way more effort (and made less money). Granted, it was a different game though.

  I still wonder if it would be better as a free app where the first ~50 levels are unlocked plus 2 of the 3 daily puzzles, and custom puzzle maker. No ads. And then require a single IAP to unlock everything else.

  Is there a way to know or be better informed without just doing it? Going to free can't be reversed is the risk. The simplicity of paid is awesome but maybe it's easier to grow as freemium.

  submitted by /u/n1caboose
  [link] [comments]
• Slope movement issue

  Okay so I don't know what to do anymore. I tried basically adjusting the movement vector of the player to project on the slope normal. I have ground detection and custom gravity. I'm not using rigidbody. I can jump on a slope and stand on it but as soon as I try to move up I fall through, moving down works but it feels like I'm actually just falling instead of going down. also my collision system sort of doesn't work for smaller obsticles (lower) even though the code detects a collision, it doesn't do anything and I just clip through, I tried putting that when I collide my movement vector becomes zero vector and then it works. I also tried disabling the collision to test the slope movement in case that was maybe the issue, it didn't work.

   isGrounded = Physics.Raycast(transform.position, Vector3.down, groundDistance, groundMask); if (Physics.Linecast(previousPosition, currentPosition, out RaycastHit hit, groundMask)) { isGrounded = true; Debug.DrawLine(previousPosition, currentPosition, Color.green, 0.1f); transform.position = hit.point; } // Get input direction, rotate character if(Input.GetKey(KeyCode.W) && Input.GetMouseButton(1)) { inputVector = cameraForward; } else if(Input.GetKey(KeyCode.W)) { inputVector += transform.forward; } if(Input.GetKey(KeyCode.S) && Input.GetMouseButton(1)) { inputVector = -cameraForward; } else if(Input.GetKey(KeyCode.S)) { inputVector -= transform.forward; } if(Input.GetKey(KeyCode.E)) { inputVector += transform.right; } if(Input.GetKey(KeyCode.Q)) { inputVector -= transform.right; } if(Input.GetKey(KeyCode.D)) { transform.Rotate(0, cameraRotationSpeed * Time.deltaTime, 0); } if(Input.GetKey(KeyCode.A)) { transform.Rotate(0, -cameraRotationSpeed * Time.deltaTime, 0); } //slope movement RaycastHit hit2; if (Physics.Raycast(transform.position, Vector3.down, out hit2, 2f, groundMask)) { Vector3 slopeMove = Vector3.ProjectOnPlane(inputVector.normalized, hit2.normal); finalMoveVector = slopeMove * Time.deltaTime * currentSpeed; } else { finalMoveVector = inputVector.normalized * Time.deltaTime * currentSpeed; } Vector3 capsuleBottom = transform.position + Vector3.up * radius; Vector3 capsuleTop = transform.position + Vector3.up * (height-radius); // collision detection if (Physics.CapsuleCast( capsuleBottom, capsuleTop, radius, finalMoveVector.normalized, out RaycastHit hit3, finalMoveVector.magnitude) ) { if (Vector3.Angle(hit3.normal, Vector3.up) > 45f) { float safeDistance = hit3.distance - 0.02f; Vector3 moveToWall = finalMoveVector.normalized * safeDistance; Vector3 slide = Vector3.ProjectOnPlane(finalMoveVector - moveToWall, hit3.normal); finalMoveVector = moveToWall + slide; } //finalMoveVector = Vector3.zero; } // Jump logic if (Input.GetKeyDown(KeyCode.Space) && isGrounded) { velocity = initialVelocity; isGrounded = false; } else if (!isGrounded) { velocity += gravity * Time.deltaTime; } else { velocity = 0; } inputVector.y = velocity*Time.deltaTime; finalMoveVector.y = velocity * Time.deltaTime; Debug.Log("Hit: " + hit3.collider.name); } // Rotate character Quaternion cameraRotation = cameraTransform.rotation; cameraRotation.x =0; cameraRotation.z = 0; if(Input.GetMouseButton(1) || isInCombat) { // transform.forward = Vector3.Slerp(transform.forward, -normCameraDirection, Time.deltaTime*rotationSpeed); transform.rotation = cameraRotation; } transform.position += finalMoveVector; 

  this isn't the entire code I have a bit that adjusts the speed but that's not that really important. this is all btw in the update function. Any tips on what could be the issue?

  submitted by /u/aphroditelady13V
  [link] [comments]
• Our trailer just got posted by IGN - and this is the mail we sent...

  Hi fellow gamedevs- our Trailer of Ophelia´s Paradise was just posted by IGN and I wanted to share with you the mail we sent, so you can adapt it to help you out in the future. This approach was recommended in this post from another dev here - and I want to thank you for that!!! Key takeaway: Short and simple mails work well and reduce friction. We only sent one mail and the trailer was posted three days later.

  ____

  Hi IGN Team,

  We just released the announcement trailer for Ophelia´s Paradise, and we would love for you to host it!

  Assets:
  Trailer download
  Thumbnail image
  Presskit
  Steam Page

  Happy to provide any additional materials you need.

  Thank you for your time and consideration.

  Best regards,
  XXX

  ____

  Best of luck to all of you - I am still shaking and so happy!

  submitted by /u/ChestFirm6086
  [link] [comments]
• A Lost Man — Latest Trailer and Updates

  Hello! Here’s the latest trailer for our debut title, A Lost Man. Some of you may have caught the earlier one already. A few updates to share: - Chapter I serves as the beginning of a broader story. It delivers a full narrative experience on its own, while still setting up what follows. Based on playtests, it runs for around 4 hours. Our current plan is to develop a total of five chapters, with future ones released as DLC. - We’re working on a demo that should be available sometime in May. - We’ll also be participating in the next Steam Next Fest in June. We’re very grateful for all the support so far, and for any support to come ;) See you next time for the demo release! submitted by /u/kinterosgaming [link] [comments]

• what specifically makes a video game plot different than other mediums in it's structure?

  My chief talent is writing and brainstorming. something I've always loved that is unique to video games is their ability to immerse the player within a narrative because it allows you to connect with characters and a story in a way that non-interactive media doesn't.

  Games have to interweave story components and gameplay though. There has to be a plot reason for the gameplay loop to exist. I'm struggling to translate my ideas into a format where this makes sense. For example, Joe everyman stumbles on a chance at fortune and embarks on a journey across the galaxy to deliver a mysterious macguffin, pursued against all odds by all manner of thugs and villains, and making strange alliances along the way. Fairly typical sci-fi adventure right? If I want this to be an RPG, how does this translate into constant battles with oversize space rats and helping random shmucks out with their sidequests?

  I've been able to find countless rubrics and templates for films, comic books, novels, ect and as many for the design stages of video games. I have not be able to find any resources on specifically telling a video game story.

  submitted by /u/AfraidSuccotash1257
  [link] [comments]
• Serverless Battleship Game

  I’ve been experimenting with how far you can push serverless architectures in the browser, and recently built a small multiplayer Battleship game using WebRTC (DataChannels only, no backend).

  While building it, I ran into a few interesting challenges:

  • NAT traversal inconsistencies (different behavior across networks)
  • Handling reconnects without a signaling server
  • Keeping game state in sync in a pure P2P setup
  • Dealing with relayed vs direct connections (latency differences)

  One thing that surprised me was how fragile reconnection logic can be without a persistent signaling layer — I ended up using a lightweight external channel just for the initial handshake.

  Curious if others here have tried similar approaches:

  • How do you handle reconnects in P2P apps?
  • Any good patterns for state synchronization without a server?

  If anyone’s interested, https://github.com/allanbarcelos/battleship-game

  submitted by /u/allanbarcelos
  [link] [comments]
• Software engineer wanting to shift into game dev (specifically environment & world design). Where do I start?

  Hey everyone,

  I'm 26, software engineer with a degree in the field. I've been coding for years but lately I realized I don't want to just build apps, I want to make worlds.

  I recently watched some early footage of Arc Raiders and something clicked. That feeling of stepping into an environment and just... exploring it, that's what I want to create. The atmosphere, the details, the way a world tells a story before anyone says a word.

  I'm not drawn to the backend side of game dev (even though I know it matters). My passion is clearly on the visual side, environment design, world building, the feel of a space.

  I know I can't do everything alone, and I'm not trying to. I just want to find my lane and go deep.

  A few things I'd love your input on:

  • What's the right path for someone focused on environment/world design?
  • What skills should I learn first?
  • What tools are actually used in the industry?
  • How do I build a portfolio from zero?

  Any advice from people who've been through this would mean a lot. Thanks.

  submitted by /u/BulkyBad7880
  [link] [comments]
• Steam Next Fest Dilemma: Launch Slightly Less-Polished Demo Now or Wait for a More Polished One? (400 Wishlists)

  Hey buddies,
  I’m currently facing a real dilemma. I’m developing a game and plan to participate in the next Steam Next Fest in June. I launched my game page three weeks ago and have already gathered 400+ wishlists. That’s not explosive, but it’s not a complete failure either.
  Everyone says that to get any real traction, you need to enter the Next Fest with a bare minimum of 2,000 wishlists. I don’t have much time left. I can either launch a demo earlier with slightly less polishing (the difference isn’t dramatic) or release a more polished version almost tied to the Next Fest — but with way less time to build up the required wishlists.
  The decision is really hard for me. On one hand, I feel like the time has come to start getting feedback from players. On the other hand, I know that first impressions are the most important. So, what would you do?

  submitted by /u/Automatic_Sir_2404
  [link] [comments]
• is game dev usually this frustrating?

  hey everyone, i think its my first post. im not here to promote / showcase my work but i do wanna ask: is game dev usually frustrating, and if so how do you work around that?

  about two weeks ago, i have started working on this project. was excited, felt energetic, etc etc. i now have grew uninterested because i genuinely have no idea what im doing. i do have a vision on what i want, but not the technical skills (especially coding) to really achieve it. i have been watching and rewatching a lot of videos, reading documents, etc. and im getting nowhere.

  am i the only one having a hard time just doing something, or am i doing something wrong?

  submitted by /u/thissmay
  [link] [comments]
• So, festivals are actually amazing for forcing you to finish

  I know a lot of y'all are already internally motivated and such, but I unfortunately struggle to get myself to keep working on stuff even if I enjoy it because ... reasons? You'd think that you wouldn't need to push yourself to do a hobby?

  Look, I know that's dumb. But my dumb problem was fixed with a dumb solution. Festivals. (And other deadlines too.)

  Festivals have strict deadlines and strict requirements. I'd set a semi-ambitious goal of getting a demo out for Steam Next Fest in June for a new game I'd started in March, and while it's been going mostly well, having those festivals have deadlines in the middle of it forced me to get a Steam page up, get a half working demo, gather assets, etc.

  Odds are, I probably won't be accepted into the festivals I've applied to. Even though I've applied to four. Sad face. But even so, they forced me to have things ready, and now I have this entire month left to lock down my demo, fix the bugs, run a few more playtests, and add the final polish.

  It was all work I was gonna have to do anyway, and now it's done.

  So, uh, that's all I got. Thanks for coming to my TED talk.

  Steam page for anyone who cares:

  https://store.steampowered.com/app/4681710/Now_With_More_Plunk/?utm_source=reddit_1

  submitted by /u/Ufomi
  [link] [comments]
• Indie dev reality check: 1371 games applied to our tiny Steam event

  We are putting together a small Steam event for “Out of the Box” games, and I was shocked when we received 1371 applications. This really hit me. The fight for visibility is just insane out there.

  For context: I’m Celine, the co-founder of a small indie studio in France (COVEN). Like many of you, we regularly apply to Steam events. Sometimes we get in (rarely!), often we don’t. A few months ago, we participated in a small but lovely event organized by another indie dev. We loved the experience and thought: why not organize one ourselves, for the kind of games we love? We’re a very small team (3 people, one part-time), but we figured it would be manageable alongside development.

  The idea was simple: “Out of the Box Games”, an event that spotlight projects that challenge conventions (art, gameplay, narration, weird hybrids, etc.). We announced it on our socials (very low traction), and added it to Chris Zukowski’s How To Market A Game calendar. A week ago, we had about 350 submissions. We were already like: “ok… that’s a lot. 100 each, we can do this.” The plan was to select around 30–50 games (so about 10% of applicants).
  Then last Friday, I logged in to close the application… 1371 entries.

  I mean, yeah of course, I should have expected a surge of applications on the last day – we’re kinda experts in applying to stuff at the last possible minute – but still! My first reaction was, well, sheer panic. How are we going to review all these games? Then another realization hit me: Every single one of these games is someone’s baby. Just like ours. Every single one is trying to get visibility. And we’re going to select… about 3.6% of them. And remember: We’re a humble studio putting together a small event with NO guaranty of success and close to zero chance of getting featured by Steam – not exactly the holy grail of discoverability. I can't imagine the numbers of applicant for bigger events (4000+ for Steam Next Fest)...

  Now when I look back at our own experience: for our atmospheric, hand-drawn game MICROMEGA, we applied to 34 events. Our acceptance rate? 6 accepted – 19 refusals – 9 pending. I used to be so frustrated by this, but now I understand. There’s just… so many games out there.

  What I learned so far (I’ll share more after the event is done):

  • We’re not alone. A lot of people are working incredibly hard to get visibility.
  It doesn’t always come down to “working harder” or “making a better game”. There’s just a huge volume.

  • We simply can’t review everything deeply. We’ll have to filter aggressively to get to about 200 games before even looking properly. It’s not fair, but it’s the only way.

  • Short pitches matter. A lot. We don’t have time to read long explanations. Put your strongest argument in the first sentence.

  • Fit with the theme is critical. If your game doesn’t really fit… please don’t apply. In a perfect world, events would receive mostly relevant submissions, and everyone’s chances would be higher.

  • If your game isn’t selected, it doesn’t mean much. Events need a balance (released/unreleased, genres, etc.) A “no” now doesn’t mean “no forever”. Try again next year if you fit the theme!

  I used to see other indie games as competition when applying to events, now I mostly see a huge number of people, all trying to be seen. And honestly… it’s a bit overwhelming.

  I’ll share a more detailed breakdown after we run the event, I’d love to hear what people have to say about applying, participating, or organizing steam events.

  submitted by /u/Wecoven
  [link] [comments]
• What kind of art is best suited to start working in the games industry?

  I'm an artist and I'm currently trying to join the games industry.

  Started making my own game and participated on two Game Jams. I made a page on itch.io and now I'm creating random assets.

  I'd like to know what kind of assets are the most looked for.

  I'm not able to create any kind of 3D because of my potato notebook, but I'm good at anime style and I'm starting to do pixel art as well.

  Is it better if I make them top-down, isometric, side-view for platform... I'm a bit lost.

  Here's my itch.io page:

  https://fertomassart.itch.io/

  submitted by /u/Far_Poem_4939
  [link] [comments]
• How do you evaluate an indie game idea's potential before starting development?

  How do you evaluate an indie game idea for Steam, specifically regarding its fun factor and marketability?

  ​Before diving headfirst into a project and spending months or even years on development, is it actually possible to gauge whether a concept has the potential to be a fun game and most importantly can be marketed on a low budget?

  ​I’m trying to figure out if there's a reliable way to determine if a project is worth the time before the actual work starts. What are your methods for testing a concept's potential early on?

  submitted by /u/SweetText778
  [link] [comments]
• Hi. Looking for feedback on my game store page and tips how to gain wishlists

  Hello there. Not looking for promotion here but for help regarding my store page and how to get more wishlists. I've seen people claiming like having 50k wishlists on their games while my game is stuck on 111 after more than two months. Is something I have to improve? The trailer shows how is the gameplay - it's only a prerecorded video made by me so is not a professional trailer. Is the trailer bad or what? Is worth to pay a professional person for a trailer? Cheers

  submitted by /u/NoAloneMidnight
  [link] [comments]
• I keep working on my game but somehow nothing actually gets done

  Every time I sit down to work on my game, I feel like I’m doing something.

  I tweak a system, reorganize stuff, maybe rewrite something to make it cleaner, watch a couple devlogs, get a new idea halfway through and start thinking about that instead.

  A few hours pass and it feels like I’ve been productive.

  Then I look at it and… nothing really changed. No real progress. Just a bunch of small movements that don’t add up to anything.

  I think I keep avoiding the parts that are actually uncomfortable, like committing to something messy or finishing something that isn’t perfect.

  So I just stay in this loop of working on it without actually moving forward.

  It’s kind of frustrating when you notice it happening in real time and still don’t stop.

  submitted by /u/AryaN_91
  [link] [comments]
• Imo, Steam allowing reviews with disabled comments is a big miss

  (to preface, I'm not here to complain about negative reviews or anything like that, I'll get to the point at the bottom)

  Going through reviews in our games or any other games, I see most negative reviews having disabled comments and their posters having their profiles closed/private, and with time, it made me realize how bad of a decision it is on the side of steam.

  I understand the reasoning - it's to prevent holywars and harassment and everything packaged with the modern internet culture. But this must have a better solution - just allows the user to unsubscribe from their own review's comments, and that's it. It's not like the reviews are anonymous, anyway.

  Disabled comments lead to many issues. There are small (relatively) and unavoidable problems of tons of bullshit reviews, on top of misleading reviews. This is, of course, very unfair and damaging to the game, but it's whatever, I'm not here to complain about this.

  The main issue (of this post) is that closed reviews don't help improve the game and/or solve issues, because you can't reach the player and ask them "what happened? do you have any details? can we help you?" Here are some examples:

  • "can you fix the game already?"

  • "please stop crashing my pc"

  • "the game has no content" (the reviewer is still in the tutorial)

  • "some sounds are just jarring"

  And so on. In most cases, while the first reaction is of course "wtf fuck you pos" it would have been really helpful to get the player's savefiles, their specs (some reviews do have specs), and other information to use it to improve the game.

  Of course I do understand that it's the user's right to shit on your porch leave a review and just not be bothered at all, but before they allowed to disable comments, at least there was a chance we could reach the users and ask them questions or help them solve their issues. Now, most reviews have comments disabled and it's just... nothing can be done.

  What do you guys think?

  submitted by /u/OmiNya
  [link] [comments]

r/rust

• std::HashMap with the Small Size Optimization?

  I am a huge fan of the Abseil C++ hashmaps and I'm so glad Rust as a community embraced them in spirit. And the fact that we got multiple implementations out of it is just the cherry on the cake!

  I'm considering mapping types from Rust into my C++ codebase. I don't have the time to maintain libraries myself at this stage in my career. But I do want to continue to deliver on my goals as a software engineer. Where I can use good implementations from Rust, I intend to.

  But is there any interest in adding an SBO/SSO compile time configuration nob to std::HashMap?

  We can start with just making it a global switch to experiment with. And then maybe promote it to a defaulted generic parameter to allow fine grained control at the spellings of the type in the codebase.

  Or if the global switch is a bad idea, is there any reason we couldn't just jump to updating the type such that it includes a param for controlling an SBO/SSO buffer size?

  API wise I prefer passing in the element count. But I can see an argument for passing on byte count. Either way, some such mechanism would be awesome!

  submitted by /u/javascript
  [link] [comments]
• Core Audio Taps deliver zero-filled buffers for unsigned binaries — workaround without a paid Developer ID?

  Building a local-first speech translator in Rust. It needs to capture whatever the user is hearing (system audio) so the model can translate it on-device — no cloud round-trip, no bot joining the call.

  macOS 14.2+ Core Audio Taps look like the right primitive. CATapDescription::initStereoGlobalTapButExcludeProcesses(@[]) paired with an aggregate device + IOProc gives me a healthy IO callback at ~94 Hz on a stereo 48 kHz tap. But every buffer is zero-filled. Frame count is correct, samples are exactly 0.0. Classic TCC csreq-failure signature: the tap is "permitted" in System Settings but the OS silently zero-fills delivery.

  Tried so far: - Granted Audio Capture in System Settings → nothing changes - codesign --force --sign - (ad-hoc) → still zero-filled - tccutil reset SystemAudioRecording → "Failed to reset" on macOS 15+ (the service name doesn't exist there) - Reinstalled to a stable PATH so TCC had something durable to bind to → no change

  No Apple Developer membership — $99/yr is a steep entry fee for an open-source side project that may never ship a release.

  Three questions: 1. Is a paid Developer ID actually mandatory for Core Audio Taps to deliver real samples, or does a self-signed Keychain cert + manual trust work durably across rebuilds? 2. What's the right tccutil reset service name for system-audio capture on macOS 15/16? Or is the only durable reset path through the Privacy & Security UI now? 3. The long-term plan is to ship on Linux (PipeWire/Pulse) and Windows (WASAPI loopback) as well, so the cross-platform shape matters from the start. Do those paths have equivalent unsigned-binary gating headaches, or does system-audio capture "just work" there for an open-source dev build?

  Curious how others who've shipped similar local-audio tools handled the cross-platform story.

  submitted by /u/Enthu-Cutlet-1337
  [link] [comments]
• Axum with NGINX proxy

  How do I setup nginx to reach my axum rust server with a sub domain.

  I get errors with "conflicting server name "ssl" on 0.0.0.0:443, ignored"

   server { if ($host = example.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; listen [::]:80; server_name example.com; return 301 https://$host$request_uri; } server { listen 443 ssl; listen [::]:443 ssl; server_name example.com ssl; root /srv/zem-nuxt/public; # Let's Encrypt SSL ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot # Basic SSL config ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass http://0.0.0.0:3000; proxy_redirect off; } # Webroot } server { listen 443 ssl; listen [::]:443 ssl; server_name foo.example.com ssl; # Let's Encrypt SSL ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot # Basic SSL config ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; location / { proxy_pass http://0.0.0.0:7878; } } server { listen 443 ssl; listen [::]:443 ssl; server_name bar.example.com ssl; # Let's Encrypt SSL ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot # Basic SSL config ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; location / { proxy_pass http://0.0.0.0:7700; } } } 

  submitted by /u/TheMadnessofMadara
  [link] [comments]
• The Legion Trading FinApp - Technical Summary for External Review
  submitted by /u/Turbulent-Ask-3302
  [link] [comments]
• Building a Chess Engine in Rust: Looking for contributors to help ByteSlayer grow!
  submitted by /u/Candid-Blood-7059
  [link] [comments]
• Portable Async Rust: abstraction as a complement to standardization

  I consult R&D teams on tech strategy. For them the biggest pain point seems to be vendor lock-in, they don't want to put serious money into something they don't own as a whole. And their common answer to that problem is abstraction.

  This is the point where I used to heavily disagree, because I think we live in a world of over-abstraction at scale. Engineers build wrappers of wrappers of wrappers, and very soon we end up wrapped.

  That doesn't correlate with my understanding of efficiency. From an efficiency standpoint there's only one real answer to vendor lock-in: standardization.

  So I built a proof of concept around the question: can abstraction be a complement to standardization, instead of a substitute for it?

  The bet: don't stack abstractions on top of other abstractions. Abstract on top of a standard. In async Rust, that standard is the Future trait. Tokio, Embassy and WASM all implement it. A thin trait layer over that one shared standard should be enough to make a single codebase portable across all three, with zero runtime cost.

  Proof of Concept

  Four traits, no platform dependencies: RuntimeAdapter (identity), Spawn (task creation), TimeOps (clocks and sleep), Logger (structured output). A generic Runtime trait glues them together and is monomorphized away at compile time.

  Portable code never imports a concrete adapter. It receives a RuntimeContext<R> and uses accessors:

  /// This async fn compiles unchanged for Tokio, Embassy and WASM. /// `R: Runtime` is the only bound. No platform imports. async fn heartbeat<R: Runtime>(ctx: RuntimeContext<R>) { let time = ctx.time(); let log = ctx.log(); let start = time.now(); loop { time.sleep(time.secs(5)).await; let uptime = time.duration_since(time.now(), start); log.info(&format!("alive — uptime: {:?}", uptime)); } } 

  ctx.time().sleep(...) resolves at compile time to tokio::time::sleep or embassy_time::Timer::after — no dynamic dispatch, no vtable. The abstraction disappears in the binary.

  Two trade-offs I'm not yet happy with:

  1. Send + Sync bounds leak into single-threaded targets. The traits are designed for the most demanding target (multi-threaded Tokio), so Embassy and WASM need scoped unsafe impl Send/Sync in their adapter crates, justified by the single-threaded executor contract.
  2. Dynamic spawning on a static executor. Embassy is statically declared by design (#[embassy_executor::task], fixed pool size). To accept arbitrary boxed futures we use a generic task runner with Pin::new_unchecked — sound because the boxed future is owned and never moved after pinning, but it does push against Embassy's idiom.

  The cleaner long-term fix for both is upstream: a Spawn abstraction in the futures ecosystem and Embassy gaining a dynamic task variant. Until then, the adapter layer carries the weight.

  The PoC is open source. Happy to share the repo and the running setup — DM me.

  Edit: repo for those asking, the Embassy adapter is the most interesting one (where the static-pool trade-off shows up): https://github.com/aimdb-dev/aimdb/tree/main/aimdb-embassy-adapter/src

  What's your take on abstraction as a complement to standardization?

  submitted by /u/PrudentImpression60
  [link] [comments]
• I want to learn Rust and get better at programming but I feel completely lost and left out of every conversation

  I know JavaScript and React and I have been trying to figure out what direction to take my programming journey. I started looking into Rust because people keep saying it is the future and it is not yet saturated with developers, so I thought maybe I could get in early and actually become one of the best at it. But the problem is I have no idea what to even build with it. With web dev at least I understood the goal, build websites, get a job, get out of poverty. But now AI is doing most of the work and companies are not hiring junior devs anymore so even that plan feels like it is falling apart.

  I follow people like ThePrimeagen and I am in Discord servers where programmers talk and I just sit there completely lost. They throw around technical terms and speak with so much confidence and it feels like everyone is in on something I am not. I genuinely want to join those conversations and add something meaningful but I do not even know where to start.

  The deeper issue is I do not feel passionate about any of this. I know passion is supposed to drive you but I cannot find mine. I do not have some cool project I am dying to build. I am not solving a problem that keeps me up at night. I am just coding blindly and hoping something clicks. And it is frustrating because I see other people who are so fired up about what they are building and I want that feeling so badly.

  How did you find your passion for programming? Was it always there or did something trigger it? And for people who learned Rust specifically, how did you figure out what to actually build with it? I feel like I am missing something fundamental and I really need some direction.

  submitted by /u/vanilla_83
  [link] [comments]
• Netbump, a new Linux bandwidth limiter

  Netbump is a new Rust tool (no AI involved) using Aya to work with EBPF.

  It is intended to be used by end-user to limit a group of targets which can be a started program or an already running program, a socket or a cgroup (v2). User can add/delete/update/list his own rules.

  netbump is the client, buiding request to be sent over a Unix socket to the server. netbumpd is the server handling client request and some events from internal EBPF programs and netlink connections.

  Netbump EBPF programs are used to track targets and to mark network packets. Bandwidth limitation is done by the kernel itself.

  submitted by /u/gonbalf
  [link] [comments]
• hi_sparse_bitset v0.7.5 release - Hierarchical Sparse Bitset. Now with in-place operations.

  hi_sparse_bitset reached v0.7.5.

  hi_sparse_bitset is a bitset that stores only non-empty bitblocks. It has hierarchical structure that speed ups intersection, merge, etc. by order of magnitude. Additionally all inter-bitset operations are lazy. And local iterators have cursor concept - you can get iterator's cursor and you can move iterator to cursor. (cursor serves as index, so you can apply it to any iterator).

  This release introduce in-place operations, and also improve "materialization" performance.

  submitted by /u/tower120
  [link] [comments]
• tracing-systemd 0.2.1

  Hey everyone!

  I made tracing-systemd a while back, because tracing-journald was missing some things that I needed, like formatting, proper level filtering, etc. It got 2300 downloads!

  It's been a while, so I decided to update it. Hope someone out there finds a good use for it!

  docs: docs.rs/tracing-systemd/0.2.1

  github: https://github.com/ziidonato/tracing-systemd

  submitted by /u/Word-Word-3Numbers
  [link] [comments]
• Boxing AsyncFn

  I am trying to box AsyncFn to dyn type in this way:

  fn box_it( f: impl AsyncFn() -> usize + 'static, ) -> Box<dyn Fn() -> Pin<Box<dyn Future<Output = usize>>> + 'static> { // let res = Box<dyn Fn() -> Pin<Box<dyn Future<Output = usize>>> + 'static>; Box::new(|| { let fut = f(); Box::pin(async { fut.await }) }) }

  However, there's a problem. Future in AsyncFn might have non 'static lifetime. Is there any way to write a type constraint which limits this?

  submitted by /u/ArtisticHamster
  [link] [comments]
• I built a Unix shell from scratch in Rust, here's what I learned

  Started this because a friend told me he was building a shell in C. I used shells every day but never really thought about what was happening underneath, so before writing a single line I spent a few weeks reading. The GNU bash source, a lot of blog posts about Unix process groups, the man pages for fork, exec, waitpid, tcsetpgrp. Once I had a rough mental model of how it all fits together I started.

  The project ended up as a Cargo workspace with 3 crates:

  • shell-core : parser, AST, execution engine, job control, env
  • shell-cli : interactive REPL + script execution
  • orbisbox : ~40 reimplemented Unix utilities

  The hard parts weren't what I expected. Getting fork/exec/dup2 working in Rust is honestly not that bad once you understand the model. What actually took time was job control. Getting tcsetpgrp, WNOHANG and signal propagation right so background jobs don't destroy your terminal state was painful. FD leaks too, fixed with pipe2(O_CLOEXEC) so child processes don't inherit file descriptors they have no business touching. Tilde and $VAR expansion look simple until you realize order of operations matters a lot. Globbing I implemented without a library which was fun.

  I also added a small set of cybersecurity oriented builtins: hexview, strx, hashx, finfo. Tools I kept reaching for externally and wanted directly inside the shell.

  Scope is intentionally limited to an MVP. Anything the parser can't handle (&&, ||, subshells) gets delegated to bash rather than crashing. Being honest about limitations feels better than pretending they don't exist.

  One thing I didn't expect is how much this taught me about Unix in general. Process groups, controlling terminals, signal masks, stuff I knew existed but never had to actually deal with. Now I do.

  If I had to redo it I'd add CI from the start, record a demo GIF way earlier, and split my commits more instead of pushing big chunks all at once.

  Repo: https://github.com/Jonathan-p-z/Orbis

  Happy to answer questions about the internals, especially job control and pipe handling.

  submitted by /u/Affectionate_News_57
  [link] [comments]
• Testing framework for Axum and Postgres

  I've been fortunate enough to become a CTO of a startup building all the backend servers in rust with WebGPU and WASM for the frontend 3D CAD viewer. I'm also very grateful for the CEO to let me start open sourcing some of the stuff I've been building. I've released a framework that enables you to perform tests with an isolated postgres DB with the #[db_test] macro. You can also define your own DB handlers and DB pools and slot them into Axum API endpoints. It also handles config vars were you can hardcode them for unit tests and then slot in an environment variable handler for deployment. Background tasks and scheduled tasks are also supported with a worker pool using a non-public postgres schema for persistence of the queued tasks. Auth cookie sessions with cookie rotation and auth metadata also comes out of the box with user role checks you can define. The user role checks reject automatically in the middleware once you defined them and declare what user role check you want for the specific api endpoint. This implementation isn't going to be a serious contender for things like NATs or Kakfa etc, but with just a few macros you've got some functionality that can all be tested and will get you shipping that MVP quickly. Because they can all be slotted in and out, you can start ejecting these systems for others by just implementing a handler with a specific trait from the framework and slotting it into the Axum api endpoint. Your frontend can also be embedded into the Rust binary for the Axum server to serve alongside the backend API endpoints with the `mount_frontend!` macro meaning you only have to ship one rust binary for your rust backend and JavaScript React/Svelte etc app. I hope it helps some people get MVPs off the ground quickly:

  https://crates.io/crates/saps

  submitted by /u/maxwell__flitton
  [link] [comments]
• Brainfuck interpreter in 336 bytes of Rust - stuck golfing it

  Hey, I feel like I stuck a little with this xd

  rust fn main(){for x in std::env::args().skip(1){let(mut t,mut p,mut i,b)=([0u8;999],0,0,x.as_bytes()); while i<b.len(){match b[i]{62=>p+=1,60=>p-=1,43=>t[p]+=1,45=>t[p]-=1,46=>print!("{}",t[p]as char), 91|93 if(b[i]<92)^(t[p]>0)=>{let(f,mut d)=(b[i]as i32-92,1);while d>0{i=(i as i32-f)as usize; d+=match b[i]{91=>-f,93=>f,_=>0}}}_=>()}i+=1}}}

  more readable version here:

  fn main() { for x in std::env::args().skip(1) { let (mut t, mut p, mut i, b) = ([0u8; 999], 0, 0, x.as_bytes()); while i < b.len() { match b[i] { 62 => p += 1, 60 => p -= 1, 43 => t[p] += 1, 45 => t[p] -= 1, 46 => print!("{}", t[p] as char), 91 | 93 if (b[i] < 92) ^ (t[p] > 0) => { let (f, mut d) = (b[i] as i32 - 92, 1); while d > 0 { i = (i as i32 - f) as usize; d += f * ((b[i] | 2) == 93) as i32 } } _ => (), } i += 1 } } } 

  Kinda proud about this trick in that arm

  91|93 if(b[i]<92)^(t[p]>0) 

  xor here let me handle both [ and ] in a single match arm

  I got an inspiration for doing this today by seeing once again a legendary C 160 bytes version, so I decided to try Rust's best to do something similar

  Funny thing I've noticed: LLMs are surprisingly bad at it this, when I asked them to minimize code, every suggestion they gave was actually longer than what I originally gave them

  Ok nevermind, actually, a couple of things, first is:

  std::env::args().skip(1) 

  is pretty long, i'm actually unsure if there other way to read it smaller

  second:

  print!("{}",t[p]as char) 

  and this fancy arm here:

   91 | 93 if (b[i] < 92) ^ (t[p] > 0) => { let (f, mut d) = (b[i] as i32 - 92, 1); while d > 0 { i = (i as i32 - f) as usize; d += f * ((b[i] | 2) == 93) as i32 } } 

  i believe this match here could be written without match, but I can't prove it

  upd1: u/AhoyISki now is 333 bytes!

  submitted by /u/Kivooeo1
  [link] [comments]
• Sqlitex 0.3.0, a sqlite library with compile time guarantees and excellent DX

  Hi, I posted about this project a few months ago here. It was originally called Lazysql and I changed the name to Sqlitex

  Alot has improved and changed since, and i hope this library will help you. Leave a star if you find this project useful!

  Also, previously many people were asking about the difference between this and sqlx, and i creted a comparison page here

  Here's the github repo and crates.io page

  From the readme page on github

  Sqlitex is a sqlite library for rust which aims to be simple and powerful. It offers

  • Compile time guarantees
  • Ergonomic with excellent IDE support
  • Very Fast
    • Automatically caches and reuses prepared statements for you
    • Automatically applies optimal PRAGMA settings for performance and reliability

  Feel free to ask me any questions!

  submitted by /u/Routine_Command_4512
  [link] [comments]
• Hyerix — Tauri v2 + async-nats desktop app for NATS clusters; some notes on the stack

  Sharing this because I learned things building it and the r/rust crowd usually has sharp takes on Tauri-vs-alternatives.

  Hyerix is a desktop GUI for NATS / JetStream — streams, consumers, KV, Object Store, cluster topology. Tauri v2 frontend (React/TS), Rust backend, talking to clusters via async-nats. Site. Paid app, $19/mo after a trial — flagging up front because rules.

  Stack notes that might be useful:

  - async-nats: solid. The JetStream API surface is well-typed and the streaming consumer iterators map cleanly to Tokio. The thing that bit me was reconnect semantics — pull subscriptions need explicit re-creation on certain disconnect classes, the docs are thin on this.

  - Tauri v2 IPC: the new event/channel API is much better than v1's emit/listen for streaming live data (consumer lag samples, message rate windows) from Rust to React. Backpressure still has to be handled by hand though — I ended up with a small ring buffer per subscription on the Rust side.

  - Build size: Tauri's reputation for tiny binaries holds — release build is ~12MB on macOS. Most of that is the WebKit shim + the bundled async-nats deps.

  - Cross-platform pain: Linux had the most paper cuts (webkit2gtk versions, AppImage signing). macOS notarization is solved-but-slow. Windows code signing is the usual nightmare; ended up with Azure Trusted Signing.

  - What I'd do differently: started with tokio::sync::broadcast for fanning cluster updates to UI subscribers, switched to tokio::sync::watch for "latest state" channels — way fewer footguns.

  Open to questions on any of the above. Especially curious if anyone's solved the JetStream pull-consumer reconnect dance more elegantly than I have.

  https://preview.redd.it/cdb3w8my8azg1.png?width=3200&format=png&auto=webp&s=86295a0b4fb44d1092803141f6d6ea835fd85ea3

  submitted by /u/0xd3g3n
  [link] [comments]
• pegainfer: A Native Rust Inference Engine from Scratch

  https://susun-blog.com/blog/pegainfer-1-from-scratch/

  https://susun-blog.com/blog/pegainfer-2-sampler/

  https://susun-blog.com/blog/pegainfer-3-cuda-graph/

  https://susun-blog.com/blog/pegainfer-4-cuda-graph-part2/
  https://susun-blog.com/blog/pegainfer-5-one-size-cant-fit-all/

  submitted by /u/Independent_Worry848
  [link] [comments]
• Backend Axum

  Hey,
  I got quite a bit bored with Python, read The Rust programming language. My current job is Python backend dev. My question is how much is Axum used for backend? Have been writting a mini side project with it. Its quite fun to use. Is it a niche market for it or are there jobs with it?

  submitted by /u/Vlajkojjj96
  [link] [comments]
• Rewriting a production Node.js backend in Rust (Axum + Tokio) — good idea for learning?

  Hi all,

  I’m currently learning Rust and want to go beyond exercises and toy problems by working on something real.

  I’ve already built a Medium-style blogging platform with a Node.js/Express backend. It includes things like Redis caching, background jobs (for syncing view counts), OAuth 2.0 authentication, and media handling via Cloudinary. The system is live and working well.

  Instead of starting a fresh Rust project, I’m considering rebuilding the backend using Axum + Tokio as a way to deeply understand async Rust in a real-world scenario.

  My goal isn’t to fix performance issues — it’s to learn how Rust handles:

  • async execution and concurrency
  • state management in a web server
  • error handling compared to Node.js
  • structuring a production-style backend

  A few things I’m unsure about:

  • Is rewriting an existing, working project a good way to learn Rust, or would starting from scratch be more effective?
  • For those who’ve used Axum, are there any gotchas when coming from an Express/Node.js background?
  • How different (or difficult) is async Rust compared to async/await in JavaScript in practice?
  • Would you recommend rethinking the architecture entirely, or trying a closer “translation” first and iterating?

  For reference:

  • Live project: https://dev-blog-post.vercel.app
  • Repo: https://github.com/Halloloid/Dev-Blog-Post

  Would really appreciate honest feedback — even if the answer is this approach isn’t worth it.

  Thanks!

  submitted by /u/CompleteNetwork9168
  [link] [comments]

r/golang

• Is there demand for a type-safe Go SQL builder with no codegen? I built one (gsql) and want a reality check.

  What it is

  A small Go SQL query builder. It tries to fit between sqlc and GORM by giving you compile-time type checking on columns without a codegen step, and explicit Set/Unset semantics for partial UPDATE so zero values don't silently get dropped.

  Built on database/sql, zero dependencies, works with *sql.DB and *sql.Tx.

  Repo: https://github.com/gsql-dev/gsql

  Why I'm asking

  I started this as a learning project, not as a serious attempt to displace sqlc or bun. It's now at a point where I have to decide whether to keep growing it (subqueries, CTEs, aggregates) or just leave it as-is and move on to the next thing. Before spending another month or two on features, I'd rather hear from people actually shipping Go in production whether this fills a real gap, or whether the existing landscape already covers it.

  What I want to know

  • Is "type-safe but no codegen" something you'd actually use, or does sqlc cover it well enough for you?
  • Does the Set / Unset thing solve a real problem in your code, or is it overkill?
  • Happy to hear "you're solving a problem I don't have" too. That's also useful.

  Honest weaknesses

  NewTable() uses reflect once at startup per table to read the db:"..." tags. It's microseconds and the query path itself is reflection-free, but if your project has a hard "no reflect anywhere" rule, this isn't the right library for you.

  Column names in tags are strings that the Go compiler can't verify against the real DB schema. Same trade-off every string-based builder has.

  Not implemented yet: subqueries, CTEs, window functions, aggregates (COUNT / SUM / GROUP BY / HAVING), raw SQL escape hatch. On the list, not shipped.

  Code sample

  Define a table:

  type UserColumns struct { ID qb.Col[int64] `db:"id"` Name qb.Col[string] `db:"name"` Email qb.Col[string] `db:"email"` Age qb.Col[int] `db:"age"` } var Users = qb.NewTable[UserColumns]("users") 

  Query (column types are checked at compile time, so Gt("18") won't build):

  u := Users.Cols q := qb.Select(u.ID, u.Name, u.Age). From(Users). Where(u.Age.Gt(18)). OrderBy(u.Age.Desc()). Limit(10) sql, args := q.Build() rows, err := db.QueryContext(ctx, sql, args...) 

  Partial update where empty string and zero are not the same as "don't touch":

  qb.Update(Users). Set(qb.ValIf(u.Name, qb.Set("Alice"))). // updated Set(qb.ValIf(u.Email, qb.Set(""))). // updated to empty string on purpose Set(qb.ValIf(u.Age, qb.Unset[int]())). // not in the SET clause Where(u.ID.Eq(int64(1))). Exec(ctx, db) 

  submitted by /u/Foreign-Writing-1828
  [link] [comments]
• Hello community!

  I love Go,
  Only just discovered Reddit haha

  Not a socials guy

  Just wanted to say hello people!

  submitted by /u/ZielonaDylikta
  [link] [comments]
• mshark - simple packet capture tool written from scratch in pure Go

  mShark - a mini Wireshark with no CGO and libpcap dependency, implemented from scratch in pure Go

  Features:

  • mpcap and mpcapng packages - custom implementations of PCAP and PCAP Next Generation file formats, written from spec. Captures can be opened directly in Wireshark

  • oui package - OUI lookup to resolve MAC addresses to hardware vendor names (e.g. dc:a6:32 -> Raspberry Pi Foundation)

  • layers package - parses Ethernet, IPv4/IPv6, ARP, ICMP/ICMPv6, TCP, UDP, DNS, HTTP, TLS, SSH, FTP, SNMP

  • network package - utility functions for extracting network metadata

  • BPF filter support - same filter syntax as tcpdump/Wireshark ("port 53", "ip proto tcp", etc.)

  • Multi-output - write to stdout + txt + pcap + pcapng all at once with single command

  The layers package does both parsing and construction - you can build raw packets from scratch and inject them.

  Packet construction:

  NewEthernetFrame - build Ethernet frames with src/dst MAC and payload

  NewARPPacket - craft ARP requests/replies (useful for spoofing tools)

  NewIPv4Packet / NewIPv6Packet - build IP packets with checksum calculation

  NewUDPSegment - UDP with proper checksum via pseudo-header

  NewDNSMessage - construct DNS queries and responses from scratch, including full RData types (A, AAAA, CNAME, MX, NS, SOA, TXT, HTTPS, OPT)

  ICMPv6 NDP messages - Router Solicitation, Router Advertisement, Neighbor Solicitation/Advertisement with all options (prefix info, RDNSS, MTU, link-layer address) IPv6 extension headers` - HopByHop, Routing (type 0 and 2), Fragment, Destination, Mobility

  Links:

  https://github.com/shadowy-pycoder/mshark

  https://codeberg.org/shadowy-pycoder/mshark

  submitted by /u/wit4er
  [link] [comments]
• I built a Go vulnerability scanner that checks if your code actually reaches the vulnerable function

  I got tired of govulncheck and other scanners flagging CVEs for packages I import but never actually use the affected symbols from. So I built GVS.

  It takes a Git repo URL and a CVE ID, builds a call graph using algorithms like VTA/RTA, and traces whether the vulnerable symbols are reachable from your entry points. If your code never calls the bad function, it tells you that — instead of just "you have this package in go.mod, good luck."

  It also generates SVG call graph visualizations so you can see the exact path (or lack thereof), and supports scanning specific branches or commits.

  It's a REST API you can self-host or CLI, nothing fancy. MIT licensed.

  Would love feedback — especially from anyone dealing with CVE triage fatigue on large Go codebases.

  https://github.com/k37y/gvs

  submitted by /u/kevy_vinu
  [link] [comments]
• GoHPTS (go-http-proxy-to-socks) v1.13.0 - New update with DNS spoofing and filtering

  GoHPTS (go-http-proxy-to-socks) - simple CLI tool to transform SOCKS proxy into HTTP proxy with IPv4/IPv6 support for TCP/UDP Transparent Proxy (Redirect and TProxy), Proxychains, ARP/NDP/RA/RDNSS spoofing, RA Guard evasion, DNS spoofing, DNS filtering and Traffic Sniffing.

  It started as a simple HTTP-to-SOCKS5 bridge (like ssh -D 1080 + easy HTTP access), but over time has become a useful tool for pentesters and cybersecurity experts.

  Some features:

  • Transparent proxy - intercept traffic at the OS level with no client config needed (redirect and tproxy modes, TCP and UDP)

  • Built-in ARP/NDP spoofing - convert your host machine into gateway for your entire LAN subnet and proxy everyone's traffic automatically

  • Traffic sniffing - parse HTTP headers, TLS handshakes, DNS messages, and capture credentials/tokens

  • DNS spoofing and filtering - redirect clients to arbitrary domains, block ads and malware for all LAN devices at once, supports big blocklists via URLs and file paths

  • Proxy chaining - strict, dynamic, random, and round-robin SOCKS5 chains (can act as a Proxychains replacement)

  • IPv6 support - perform NDP spoofing and create Router Advertisements to proxy IPv6 local networks

  • Android support - run on rooted Android (arm64) via Termux, turn your phone into a LAN proxy router

  • RA Guard evasion and RDNSS injection for IPv6 networks

  • The ARP/NDP spoofing + transparent UDP proxy + DNS filtering combo lets one machine silently proxy an entire local network including phones and IoT devices with no config on those devices.

  • It can useful for pentesting, network analysis, routing your whole LAN through a VPS with one command.

  • It is written in Go, cross-platform, single binary, AUR package available.

  Links:

  https://github.com/shadowy-pycoder/go-http-proxy-to-socks

  https://codeberg.org/shadowy-pycoder/go-http-proxy-to-socks

  submitted by /u/wit4er
  [link] [comments]

r/rust_gamedev

• Months of work, custom game engine, HAPPY BIRTHDAY TO ME AND RAVIOLI

  I've been working on this for months with a custom game engine using wgpu I thought I'd share the early-alpha trailer that released today ITS ALSO MY BIRTHDAY?? HELLO??? i'm so proud submitted by /u/Commission-Either [link] [comments]

Movie Trailers

• Evil Dead Burn Movie Trailer
• The Odyssey Movie Trailer