I'm pretty happy what we at robur achieved over the years in terms of deploying #MirageOS unikernels, take a look yourself http://webmshare.com/play/QG0jJ

What you see is the deployment of the unikernel "unipi" (https://github.com/robur-coop/unipi) named "website", with a remote to my blog repository.

Now, dnsvizor (https://github.com/robur-coop/dnsvizor) hands out IP address (DHCP) and registers the name "website.mirage". It also acts as DNS resolver.

What we see next is the website served by the just deployed unikernel (on http://website.mirage).

The last bit we see is the query log of the dnsvizor resolver (at 10.0.42.2 -- out of a habit, http://dnsvizor.mirage would work as well). Here we see that the website.mirage unikernel requested git.robur.coop (both A and AAAA records), and later firefox looked up website.mirage.

The initial web interface is mollymawk (https://github.com/robur-coop/mollymawk).

Running on albatross https://github.com/robur-coop/albatross

This has been achieved thanks to the brilliant robur team and NGI funding :) 🎉 🙌🏾

[Changelog] Release of OCaml 5.4.1 and 4.14.3: We have the pleasure of announcing the dual releases of OCaml 4.14.3 and OCaml 5.4.1, dedicated to the memory of Nicolaas Govert de Bruijn on the anniversary of his death.

Those releases are a collection of safe and valuable runtime bugfixes.
The OCaml 5.4.1 release also contains a fix for the -pack mode for macOs and various TSAN fixes.

More importantly, those new versions harden the Marshal module against malicious… https://ocaml.org/changelog/2026-02-17-ocaml-541-and-4143?utm_source=dlvr.it&utm_medium=mastodon

We (the #OCaml #security response team) https://ocaml.org/security published today an advisory for the OCaml runtime (Marshal decoding over-read) https://osv.dev/vulnerability/OSEC-2026-01

I'm happy we managed to coordinate this, turned out to be an excessive amount of work - fixing the runtime, fuzzing, performance testing, but also integrating into osv.dev -- any feedback is highly appreciated, esp. if we're missing out on best practices. Otherwise, please welcome OSEC to your vulnerability databases. We're here to stay. :)

If you like our work, please fund OCSF https://ocaml-sf.org or apply to our calls for proposals (or both ;) https://discuss.ocaml.org/t/ocaml-security-grants/

Have a nice evening 😍

I saw manyfold/AGENTS.md in the @manyfold repo and I was like "awww no not another good project" then looked in the file;

Legends.

https://github.com/manyfold3d/manyfold/blob/main/AGENTS.md

PSA: Did you know that it’s **unsafe** to put code diffs into your commit messages?

Like https://github.com/i3/i3/pull/6564 for example

Such diffs will be applied by patch(1) (also git-am(1)) as part of the code change!

This is how a sleep(1) made it into i3 4.25-2 in Debian unstable.

[Changelog] Grants Available for Improving Security Across the OCaml Ecosystem: Building a more secure OCaml ecosystem is a community-wide effort, and now there's a major opportunity to get funded for it.

The OCaml Security Team, in partnership with the OCSF, has just announced a new Security Grant program with up to €100.000 available for projects that strengthen the OCaml ecosystem's security.

Whether your expertise is in building robust tooling, writing in-depth… https://ocaml.org/changelog/2025-10-03-ocaml-security-grants?utm_source=dlvr.it&utm_medium=mastodon