🧰 Linux Infrastructure & unix News Tips and tricks useful information

USN-8344-1 introduced a regression in pip. This update provides a complete fix for this issue.. We apologize for the inconvenience. Original advisory details: It was discovered that pip's bundled urllib3 library improperly handled streaming decompression of highly compressed data. A remote attacker could possibly use this issue to cause pip to consume excessive resources, leading to a denial of service. (CVE-2025-66471)

USN-8363-1 fixed several vulnerabilities in MySQL. This update provides the corresponding fixes for MySQL on Ubuntu 20.04 LTS. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.46 in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Ubuntu 25.10 and Ubuntu 26.04 LTS have been updated to MySQL 8.4.9. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html https://www.oracle.com/security-alerts/cpuapr2026.html

It was discovered that the nginx ngx_mail_smtp_module module incorrectly handled certain memory operations when doing SMTP authentication. This could possibly result in sensitive information being sent to the authentication server. (CVE-2025-53859) It was discovered that nginx incorrectly handled proxying to upstream TLS servers. An attacker could possibly use this issue to insert plain text data into the response from an upstream proxied server. (CVE-2026-1642) It was discovered that the nginx ngx_mail_auth_http_module module incorrectly handled certain requests. An attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service. (CVE-2026-27651) It was discovered that the nginx ngx_http_dav_module module incorrectly handled certain destination URIs. An attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly modify source or destination names outside of the document root. (CVE-2026-27654) It was discovered that the nginx ngx_http_mp4_module module incorrectly handled certain MP4 files. An attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-27784, CVE-2026-32647) It was discovered that the nginx ngx_mail_smtp_module module incorrectly handled certain CRLF sequences. An attacker could possibly use this issue to inject arbitrary SMTP headers. (CVE-2026-28753) It was discovered that nginx contained a use-after-free vulnerability in the ngx_http_ssl_module module when client certificate verification and OCSP validation were enabled. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly modify data in memory. (CVE-2026-40701) It was discovered that nginx did not properly handle certain proxied responses in the ngx_http_charset_module module. A remote attacker could possibly use this issue to obtain sensitive information or cause nginx to crash, resulting in a denial of service. (CVE-2026-42934) It was discovered that the nginx ngx_http_rewrite_module component incorrectly handled certain rewrite directives. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-42945) It was discovered that nginx did not properly process certain SCGI and uWSGI responses. An attacker able to perform a machine-in-the-middle attack could possibly use this issue to obtain sensitive information or cause nginx to crash, resulting in a denial of service. (CVE-2026-42946) It was discovered that nginx incorrectly handled certain rewrite rules in the ngx_http_rewrite_module module. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-9256)

It was discovered that GoBGP incorrectly handled certain specially crafted BGP UPDATE messages. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. (CVE-2026-37461) Yanlei Wang discovered that GoBGP incorrectly handled certain malformed BGP UPDATE messages containing 4-byte AS attributes. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. (CVE-2026-41643) It was discovered that GoBGP incorrectly handled certain malformed BGP UPDATE messages containing SRv6 L3 Service attributes. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. (CVE-2026-7734) It was discovered that GoBGP incorrectly handled certain malformed BGP UPDATE messages containing Accumulated IGP (AIGP) attributes. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. (CVE-2026-7735) It was discovered that GoBGP incorrectly handled certain malformed Multi- threaded Routing Toolkit (MRT) routing information entries. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. (CVE-2026-7736) It was discovered that GoBGP incorrectly handled certain malformed Multi- threaded Routing Toolkit (MRT) headers. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. (CVE-2026-7737)

USN-8282-1 fixed vulnerabilities in Unbound. This update provides the corresponding updates for CVE-2026-41292 in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS and CVE-2026-42959, CVE-2026-42960 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. (CVE-2026-32792) Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation in certain situations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-33278) Qifan Zhang discovered that Unbound incorrectly handled certain ghost domain name records. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-40622) Qifan Zhang discovered that Unbound did not properly limit processing of long EDNS option lists. A remote attacker could possibly use this issue to cause Unbound to use excessive resources, leading to a denial of service. (CVE-2026-41292) Qifan Zhang discovered that Unbound incorrectly handled jostle logic under certain circumstances. A remote attacker could possibly use this issue to cause Unbound to use excessive resources, leading to a denial of service. (CVE-2026-42534) Qifan Zhang discovered that Unbound did not properly bound NSEC3 hash calculations. A remote attacker could possibly use this issue to cause Unbound to use excessive resources, leading to a denial of service. (CVE-2026-42923) Qifan Zhang discovered that Unbound incorrectly handled multiple EDNS options in certain situations. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-42944) Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation of malicious content. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. (CVE-2026-42959) TaoFei Guo, Yang Luo, and JianJun Chen discovered that Unbound incorrectly handled delegation processing in certain situations. A remote attacker could possibly use this issue to poison the DNS cache and obtain sensitive information. (CVE-2026-42960) Qifan Zhang discovered that Unbound did not properly bound name compression in certain cases. A remote attacker could possibly use this issue to cause Unbound to use excessive resources, leading to a denial of service. (CVE-2026-44390) Qifan Zhang discovered that Unbound had a use-after-free issue in RPZ handling. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-44608)

New developments at Opensource.com admin Tue, 06/06/2023 - 13:30 You may have noticed that it's been quiet here on Opensource.com lately. That's because there's a new project in the works, and while there aren't many specific details to announce yet, there's plenty to talk about. What better way to start than with the entire internet? The internet, and top-level domains You may know that the internet is a network. A network, by definition, is a group of connections. The term "internet" is in fact a portmanteau of "interconnected" and "network". The internet is a network of interconnected networks, and originally it consisted of two: The military network and the academic network. Once the internet got popular outside those two groups, it became apparent that different designations were needed to differentiate, say, a commercial entity from a charitable organization from a university or a governmental department. These designations are called top-level domains (TLD). There are many available today, but for a long time there were only a handful. The original TLDs remain popular, and you probably know that when you go to, for instance, a .com address, you're visiting a commercial site, but when you visit a .org address you're going to a non-profit website. Open source is a network Open source can be many things. It can be commercial, it can be non-profit, it can be academic, it can be cultural. No matter what form it takes, though, it's always a network. Sometimes (but not always) it's a network of computers, but most importantly it's a network of people. Whether people are gathering at a conference or a pub or in an online chat room, open source is a community of people. The website Opensource.com has been supported by a commercial entity for 12 years. But the people (that's you and me) that make up the Opensource.com community aren't commercial entities, we're people. In one month, Opensource.com is going to resolve that bug. Stay tuned! The community is hard at work on something new. Image by: Image by Camylla Battani What to read next This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License. 4 Comments These comments are closed. Bryan Behrenshausen | June 9, 2023 1 reader likes this. I, for one, continue to welcome our non-commercial overlords. All best to the team working on these new developments, and many thanks for your endless diligence and patience. We appreciate you. Don Watkins | June 9, 2023 1 reader likes this. I agree with Bryan! Glad for the opportunity to grow this community and appreciative of your efforts. Donna Benjamin | June 12, 2023 1 reader likes this. Colour me intrigued! Where might the curious learn more, or perhaps even contribute? Greg Pittman | June 12, 2023 No readers like this yet. It's a nice thought that maybe opensource.com might be able to paraphrase Mark Twain and say, "The reports of my death are greatly exaggerated."

Tips for running virtual, in-person, and hybrid events rpaik Wed, 05/03/2023 - 03:00 Over the past few years, virtual events have thrived. In-person events are back now, but it's important to keep in mind that virtual events didn't just come out of nowhere. Many of us were actually doing a lot of different online events even before they became popular. Many communities held hackathons, bug and issue triaging, webinars, and so on, as virtual events. They brought community members together for collaboration and education. Virtual events have improved since then, largely out of necessity, and I think we've all learned a lot. In this article, I consider how virtual and physical events can co-exist to render an improved event experience for everyone. Costs and crowds I don't think anyone wants to go back to the days when all events were happening on screens. But virtual events do have important advantages compared to in-person events. To begin with, it is relatively easy to start a virtual event as you often don't need much beyond meeting and streaming platforms. It can be as basic as live streaming from a video chat platform. This is especially useful for small communities that don't have a large events budget. In fact, a virtual event platform provides an opportunity to build an audience before you start making significant investments in in-person events. The lower cost and logistical hurdles of virtual meetings don't just apply to the event organizer. It matters to attendees and community members too. A typical meetup is likely to last for 60 to 90 minutes. Is everyone always happy to commute 30 minutes each way to get to the meeting venue? A meetup in a virtual format can lower the participation barrier for attendees. I think this is one of the reasons that many meetups are continuing in virtual formats today. The cost of doing virtual events is much lower, so there's low-risk of experimenting with different content, format, target audiences, and so on. Even if a new event isn't a huge success, you won't have to invest a large budget on the venue, equipment, people, travel, and so on. And you're able to get some valuable learning from the event no matter what. Practical events In addition, there are some activities that are just well-suited for virtual events. Things like documentation and bug triaging are crucial in open source communities. Despite this most people see them more like chores that they'd rather avoid. Why not have a short one to two day window where community members come together online so they can work on these chores together while supporting each other? Hybrid events Many events are going hybrid now, with both in-person and virtual components. By hybrid, I don't mean just broadcasting in-person sessions from conference facilities. Many have separate tracks for in-person and virtual participants. FOSDEM 2023 is a great example of a hybrid event, with separate online rooms. Some utilize virtual tracks for "Day 0" events (orientation, project team meetings, meetups, and so on). This way, people who aren't able to travel to the in-person conference can still participate in the earliest events. By having a separate virtual track, you can potentially reduce the total length of the in-person conference. This means people don't have to be away from home as long as a 100% in-person event. The dos and don'ts Here are some tips based on my experience of attending and organizing virtual events. DON'T have the same structure as in-person events. When you have an event online, you wouldn't want to ask the audience to sit through a full day of presentations. It's difficult for most people to stare at their screens for a long period of time. If you have more than four hours of content, consider spreading the event over a few days so that attendees only need to sit through a maximum of a couple of hours of presentations each day. You also don't always need to add breaks between sessions in virtual events because people aren't moving to different rooms. As a matter of fact, by hot switching to the next session, you're less likely to lose attendees between presentations. DON'T put a wall around the content after the event. I recently registered and attended an event and was told that slides and recordings would be available a few weeks after the event. When I returned to the event page a few weeks later, it asked me to register with my email address to get access to the content! I understand people's desire to collect leads. But if people had to register for the event already, or the event was live-streamed, it's not appropriate to ask them to share their contact information. Instead, make the content accessible to anyone. DON'T force synchronous participation from attendees. One of the key benefits of virtual events is that it's easier for everyone to attend or participate. If a person cannot watch a presentation live, provide ways for them to interact with presenters and other attendees asynchronously. DO make content available prior to events. Online events make it easier for community members to participate asynchronously. Things like publishing slides or Q&A pages ahead of time allow attendees to review content and post questions that presenters can address during and after the session. Also, if you're doing a hands-on workshop, publishing a prep guide before the event allows attendees to set up their environment so that it's easier to follow along during the presentation and play around in their sandbox. DO have presenters available for asynchronous Q&A sessions. Some of the virtual events I enjoyed had dedicated Q&A channels (Mattermost or Discourse are great open source options) where you could interact with presenters well after their session ended. At an in-person conference, you're often limited to a 10 or 15 minute break after a session to talk to the presenter. Virtual events allow you to have a Q&A channel available for a few days after the event.  This let's both synchronous and asynchronous attendees communicate with presenters. Best of both worlds I'm definitely glad that in-person events are back and I'm able to see my open source friends again in real life. However, I don't think we need to completely put virtual events behind us. In particular, hybrid events with "virtual tracks" can make events accessible to more community members and help you reach a wider audience. I think society has learned some important lessons, so let's put them to good use. Create the perfect blend of virtual and in-person events. Image by: Opensource.com Conferences and events What to read next This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License. Comments are closed. These comments are closed.

Generate web pages from Markdown with Docsify-This paulhibbitts Tue, 05/02/2023 - 03:00 Are you interested in leveraging Markdown for online content without any website setup or build process? How about seamlessly embedding constraint-free Markdown or HTML into multiple platforms (such as a content management system or learning management system)? The open source project Docsify-This, built with Docsify.js, provides an easy way to publish, share, and reuse Markdown content. [ Get the Markdown cheat sheet ] What is Docsify-This? With Docsify-This, you can instantly turn any publicly available Markdown file into a responsive standalone web page. You can also link multiple Markdown files to create a simple website. Designers can alter the visual appearance of displayed pages with the point-and-click Web Page Builder interface or URL parameters. You can also use a set of provided Markdown CSS classes when creating your own Markdown content. In addition, if you use Codeberg or GitHub to store your Markdown files, an Edit this Page link can be automatically provided for each page to support collaborative authoring. It's open source, so you can host a Docsify-This instance using your own custom domain without the risk of platform lock-in. Use the Docsify-This Web Page Builder To use the Web Page Builder, open a browser and navigate to the Docsify-This website or your local instance. In the Web Page Builder section, enter the URL of a Markdown file in a public repo of Codeberg or GitHub (other Git hosts can also be used via Docsify-This URL parameters but not in the Web Page Builder), and then click the Publish as Standalone Web Page button. Image by: (Paul Hibbitts, CC BY-A 4.0) The Markdown file is rendered as a standalone web page with a URL you can copy and share. Here's an example URL: https://docsify-this.net/?basePath=https://raw.githubusercontent.com/hibbitts-design/docsify-this-one-page-article/main&homepage=home.mdDocsify-This rendered web pages are perfect for embedding, with the ability to visually style Docsify-This pages to the destination platform. Image by: (Paul Hibbitts, CC BY-A 4.0) Render other files in the same repository You can render other Markdown files in the same repository by directly editing the Docsify-This URL parameter homepage. For example: https://docsify-this.net/?basePath=https://raw.githubusercontent.com/hibbitts-design/docsify-this-one-page-article/main&homepage=anotherfile.mdModify the web page's appearance You can change the appearance of any Markdown file displayed in Docsify-This by using URL parameters. For example, font-family, font-size, link-color, and line-height are all common CSS attributes and are valid parameters for Docsify-This: https://docsify-this.net/?basePath=https://raw.githubusercontent.com/hibbitts-design/docsify-this-one-page-article/main&homepage=home.md&font-family=Open%20Sans,sans-serifYou can also alter the visual appearance using a set of special Markdown CSS classes. For example, you can add the button class to a link: [Required Reading Quiz due Jun 4th](https://canvas.sfu.ca/courses/44038/quizzes/166553 ':class=button') This produces a button image instead of just a text link: Image by: (Paul Hibbitts, CC BY-A 4.0) In addition to the Markdown CSS classes supported by Docsify-This, you can define your own custom classes within your displayed Markdown files. For example: <style> .markdown-section .mybutton, .markdown-section .mybutton:hover { cursor: pointer; color: #CC0000; height: auto; display: inline-block; border: 2px solid #CC0000; border-radius: 4rem; margin: 2px 0px 2px 0px; padding: 8px 18px 8px 18px; line-height: 1.2rem; background-color: white; font-family: -apple-system, "Segoe UI", "Helvetica Neue", sans-serif; font-weight: bold; text-decoration: none; } </style> [Custom CSS Class Button](# ':class=mybutton')Produces this: Image by: (Paul Hibbitts, CC BY-A 4.0) Include HTML snippets As supported by standard Markdown, you can include HTML snippets. This allows you to add layout elements to your HTML render. For example: <div class="row"> <div class="column"> Lorem ipsum dolor sit amet, consectetur adipiscing elit. </div> <div class="column"> Lorem ipsum dolor sit amet, consectetur adipiscing elit. </div> </div>Embed Docsify-This as an iFrame You can embed Docsify-This web pages using an iFrame in almost any platform. You can also use URL parameters to ensure your embedded content matches your destination platform: <p><iframe style="overflow: hidden; border: 0px #ffffff none; margin-top: -26px; background: #ffffff;" src="https://docsify-this.net/?basePath=https://raw.githubusercontent.com/paulhibbitts/cmpt-363-222-pages/main&homepage=home.md&font-family=Lato%20Extended,Lato,Helvetica%20Neue,Helvetica,Arial,sans-serif&font-size=1&hide-credits=true" width="800px" height="950px" allowfullscreen="allowfullscreen"></iframe></p> Image by: (Paul Hibbitts, CC BY-A 4.0) Embed Docsify-This with an external URL In certain learning management systems (LMS), including the open source Moodle and even the proprietary Canvas, you can link external web pages to a course navigation menu and sometimes more. For example, you can use the Redirect Tool in Canvas to display Docsify-This web pages. url=https://docsify-this.net/?basePath=https://raw.githubusercontent.com/paulhibbitts/cmpt-363-222-pages/main&homepage=resources.md&edit-link=https://github.com/paulhibbitts/cmpt-363-222-pages/blob/main/resources.md&font-family=Lato%20Extended,Lato,Helvetica%20Neue, Helvetica,Arial,sans-serif&font-size=1&hide-credits=true Skip to bottom of list Our favorite resources about open source Git cheat sheet Advanced Linux commands cheat sheet Open source alternatives Free online course: RHEL technical overview Register for your free Red Hat account Check out more cheat sheets Integrate Docsify-This and Git To fully leverage the benefits of version control and potentially collaboration using an optional Edit this Page link, store your Docsify-This Markdown pages in a Git repository on either Codeberg or GitHub. Several open source tools provide a graphical interface for Git, including GitHub Desktop (recently released as open source), Git-Cola, and SparkleShare. The text editors VSCode and Pulsar Edit (formerly Atom.io) both feature Git integration, too. [ Get the Git tips and tricks eBook ] Markdown publishing made easy The benefits of Markdown-based publishing are available to everyone, thanks to Docsify. And thanks to Docsify-This, it's easier than ever. Try it out at the Docsify-This website. This open source tool makes it easier than ever to convert Markdown to web pages. Web development What to read next 5 best practices for PatternFly, an open source design system How I learned the hard way to keep my website updated This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License. Comments are closed. These comments are closed.

How I used guilt as a motivator for good its-surya Fri, 04/28/2023 - 03:00 Recently, I was asked by a friend and colleague if I were interested in speaking together at a conference. I was pleasantly surprised because I hadn't contributed much to the project they were presenting, but I expressed interest. We met to discuss the presentation, and that's when I learned the real reason I was asked to participate: The conference's diversity, equity, and inclusion (DEI) initiatives required there to be at least one speaker that does not identify as a man. I was offended; it felt like I was approached only because of my gender, not based on merit. My friend assured me that wasn't the only reason I'd been asked. They needed new contributors to the project because there was a lot of work to be done, and they were hoping I could help fill that gap. [ Want to create your own event? Read the 10-step guide for a successful hackathon ] I gave it some thought and tried to understand why the DEI initiatives were in place.  I also thought about the other side of the coin, where the people who wanted to present couldn't, unless they found someone from a minority group to present alongside them. As I thought about the bigger picture and the benefits this opportunity would bring to me, I decided to forego my ego being hurt. Once I let go of feeling offended, I realized that I was also feeling very uncomfortable presenting something that I hadn't contributed directly to. My ethics didn't agree with that. How could I possibly step onto a stage and act as the face of something I hadn't worked on? Resolving to help more I did some research on the project. The technology was not totally alien to me, and I had a good grasp of the fundamentals it was trying to achieve. In fact, its overall goal made me feel excited to contribute. If done well, it would be super useful to users. I made a resolution that I would go ahead with this speaking opportunity only if I got the opportunity to give back to the community tenfold and become a key contributor. My friend was more than willing to help me on that journey. With that resolve, we submitted our talk. My co-presenters were supportive and made me feel welcome. They said that as long as I was interested and had a passion for the project, nothing else mattered. [ Also read How I returned to open source after facing grief ] Participating in the conference was a huge opportunity, and it had such a positive impact on me. I met a lot of experienced people across the open source community and I felt inspired! I learned a lot of new things from the people and the various panels, sessions, and discussions at the conference. Our presentation went well, and I consider giving a talk at such a big conference quite an achievement. However, once the conference was over the guilt started kicking in. Skip to bottom of list More open source career advice Open source cheat sheets Linux starter kit for developers 7 questions sysadmins should ask a potential employer before taking a job Resources for IT architects Cheat sheet: IT job interviews Register for your free Red Hat account Guilt as a motivator I felt like I owed the community and the people who had given me this chance. I wanted to focus on the promise I'd made, but it was hard with other higher-priority things getting in the way. Whenever I deviated from my plan, the guilt kept me on track. It reminded me that I had to give back to the community that had given me such a good opportunity. After a few months of struggling and juggling, I can proudly say that I didn't give up. Today, I'm an active contributor to that project. I love the challenges it presents, and I enjoy solving some of the key issues in the project's area. I also have been able to take the lead in implementing this upstream project in our downstream ecosystem. As icing on the cake, I was again invited to present with the team and give the community updates for the project. This time, it was not because of a DEI initiative, as the ratio was already balanced. Feeling guilt isn't so bad after all! I'm glad that I took the opportunity, and I'm glad it turned out to be a win-win situation for everyone involved. If I hadn't been approached about being a co-presenter, I probably would have never gotten involved in this project, and that would have been such a miss! I'm grateful to the people who gave me this chance and supported me. I'm probably not the only woman who has faced this. I want to tell all the women out there if such an opportunity presents itself, there's no need to feel guilt, or that you "owe" anyone or any kind of pressure. If you feel such pressure, turn that emotion into a weapon and do good with it! I encourage you to take the opportunity if it will benefit you and make the most out of it. Later on, if you can do the same for another person and uplift them, that’s how you can really pay back to the community. After all, this is what open source community is all about. It's as much about the people as is about the technology being built! [ Ready to level up your communication skills? Get advice from IT leaders. Download 10 resources to make you a better communicator. ] Guilt is usually considered a negative emotion, but by steering it well, you can achieve surprising success. Image by: Pixabay. CC0 1.0 Careers Diversity and inclusion What to read next Create a more diverse and equitable open source project with open standards 13 tips for getting your talk accepted at a tech conference This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License. Comments are closed. These comments are closed.

3 reasons to host a docathon for your open source project lmalivert Fri, 04/28/2023 - 03:00 Your open source project's documentation is essential to your customers. Your target audience must understand the purpose of your project and how to use it, and documentation is what bridges that gap. A project is rarely ever truly done, so it's equally important for resources to be maintained and updated with your project's continuous improvement. But what happens when you have lots of documentation to maintain but lack the resources to keep it current? The answer is pretty simple: Host a docathon! What is a docathon? A docathon is like a hackathon. A hackathon is an event where engineers and community leaders gather to improve or add new features to an existing application. In a docathon, the same kind of collaboration focuses on improving documentation. [ Learn about writing Docs as Code. ] A docathon can fill gaps within content, restructure large documentation sets, fix broken links, or just correct typos. The intent behind hosting a docathon is to improve a large amount of documentation in a relatively brief timeframe. Some examples of product documentation include: Training manuals User manuals Installation guides Troubleshooting guides Quickstart guides API documentation Tutorials At my organization, our documentation team hosted a docathon and successfully revamped a 102-page installation guide. The docathon enabled us to focus on the project's scope, which was reorganizing for simplicity, removing duplicate content, and following the customer journey. Hosting a docathon left a lasting impression on my team and improved customer success. [ Read Write documentation that actually works for your community ] 3 things you can achieve with a docathon Here are my top three reasons to host a docathon: 1. No more backlog Most documentation must evolve along with the product it supports. As the product changes or updates, so must the documentation. In some cases, documentation teams release new versions of their documentation alongside the engineering team's release cycle. As priorities within a team change and GA releases continue, documentation teams face the challenge of keeping up with new features, bug fixes, and tasks to complete. The changes that get left behind become part of a backlog—an accumulation of work that needs to be completed at a later time. Docathon tip: During a docathon, participants can triage backlog items and complete them as they progress through the list. Non-technical participants can work on fixes related to typos, broken links, and other text-related issues. Skip to bottom of list Our favorite resources about open source Git cheat sheet Advanced Linux commands cheat sheet Open source alternatives Free online course: RHEL technical overview Register for your free Red Hat account Check out more cheat sheets 2. Revamp large-scale guides By the time your documentation team realizes it's time to revamp a guide, it's probably several chapters in and hundreds of pages deep. Once the content plan has been developed, the complexity of restructuring begins. Restructuring a large amount of documentation is not for the faint of heart. Docathon tip: Assemble a team to lead the docathon and provide incentives for organization-wide participation from different teams or departments. Depending on the scope of work and time constraints, your team can successfully restructure an entire guide in less time than you probably expect. 3. Collaboration between cross-functional teams It is common for different groups within an organization to work in isolation. Engineering, product, customer support, marketing, and documentation teams may not collaborate on projects as often as they should. Imagine hosting an event where each team member can use their expertise to improve product documentation. Docathons foster subject matter expert (SME) diversity, real-time collaboration, and communication. They also allow for an inclusive environment where individuals residing in different geographical locations can participate in person or remotely. Your documentation receives the undivided attention of experts with different viewpoints and specializations, minimizing isolated siloes, unconscious bias, and burnout. Docathon tip: Enable cross-functional teams to come together for a common cause. [ Learn what it takes to build a resilient IT culture ] Documentation marathon The next time your team has a seemingly insurmountable backlog or is tasked with restructuring a huge documentation project, consider hosting a docathon. It's easy, and its productivity may surprise you. For more information on hosting an event like this, read Tiffany Long's excellent 10-step guide to hosting a hackathon. A marathon for documentation is a great way to produce or improve the docs for your open source project. Documentation Conferences and events What to read next Writing project documentation in HTML Improve your documentation with JavaScript Our favorite markup languages for documentation This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License. Comments are closed. These comments are closed.