Weeknotes 2026.19

Finally, this week brought some rain. It was very dry the last couple of months, and in some parts of Austria there was almost no rain the whole year. The parks and meadows looked already like they look at the end of the summer.

Although it would have been better if the rain happened a couple of hours later. It was during the business run in Graz with thousands of runners. But at least, finally some rain :-)

Content:

• Story of the week
• Postgres and the world of data
• Security and Privacy
• AI
• Around the world

Story of the week

Figma has written about their new connection pooler: PGKeeper. They used PgBouncer before that, but the outgrowth of the project has been so impressive that they decided to replace it. From the writeup, PGKeeper seems like a lot more than just a replacement for PgBouncer.

PGKeeper: Building the bouncer we needed for Postgres

Postgres and the world of data

pgBackRest

After the shutdown announcement last week, David Steele announced that he got enough funding to continue working on pgBackRest. Before that pgexperts announced that they created a fork that will be maintained for their customers. And Vibhor Kumar has written about some lessons learned from all the pgBackRest back and forth.

• pgBackRest
• pgxbackup: Continuity Support for pgBackRest
• When Open Source Becomes Infrastructure: The pgBackRest Lesson

Postgres 19

The first articles about new features in Postgres 19 are coming. Bytebase has written about some of the new features they are excited about. And Cybertec has written about stuff they contributed to Postgres 19.

• PostgreSQL 19 features I'm excited about
• CYBERTEC's contributions to PostgreSQL 19

Postgres Committers

Tomas Vondra has written about how committers are selected.

How are committers selected?

Postgres Release Monitor

• pg_sorted_heap 0.13.0 released

Security and Privacy

Linux Kernel vulnerabilities

The last weeks a couple of nasty Linux kernel vulnerabilities appeared. GrapheneOS published an article explaining why they are not vulnerable. Andrea Veri looked at how rootless containers could reduce the blast radius of the "Copy Fail" vulnerability.

• GrapheneOS isn't vulnerable to the 3 recent Linux memory logic vulnerabilities
• CVE-2026-31431: Copy Fail vs. rootless containers

Proton Pass

Emergency Access is not simple to implement. Although Proton is not agreeing about the fact that their flow is at least problematic.

Proton Pass: Second-Password Bypass Through Emergency Access

Data breach ticker

• Multiple universities forced to reschedule final exams after Canvas cyber incident
• Ransomware group claims breach of pro-Orbán Hungarian media firm

AI

DeepSeek V4

Simon Willison looked into DeepSeek V4. His pelican on a bike test is almost as good as with the top models, but way cheaper.

DeepSeek V4—almost on the frontier, a fraction of the price

Mythos

Still, a widely discussed topic is Anthropic Mythos. Niels Provos wrote about how he could find the bug discovered by Mythos with other models. And Davi Ottenheimer has some thoughts about Mozilla and Mythos.

• Finding Zero-Days with Any Model
• Could Mozilla Security Hot Air Fill Mythos Sails?

Chrome and AI everywhere

It appears that Chrome silently installs a 4 GB local LLM on your computer. Isn't that a beautiful world we are living in?

Chrome silently installs a 4 GB local LLM on your computer

Around the world

Flickr

Anil Dash has written about the fact that the Artemis II photos are on Flickr.

Why are the Artemis II photos on Flickr?