We are happy to report that Secrets of a Successful Organizer has now been translated into seven languages: Spanish, Japanese, German, Chinese (simplified and traditional), Swedish, Danish, Quebecois French, and, most recently, Korean. (See below for details on how to get copies.) We’ve also heard from union activists in Brazil, Norway, and Poland who are interested in translating it.

How a group of rank-and-file retirees in Connecticut successfully organized to restore their right to traditional public Medicare

The post Rolling Back Medicare Advantage appeared first on The American Prospect.

LAVAL, QUEBEC — The crowd at Place Bell for Game 1 was wound tight, like a guitar string on the brink of snapping. Our Montreal Victoire, who had never won more than one game in a playoff series, let alone a series itself, were set to face the Minnesota Frost, the only team who has ever won the Walter Cup, in the PWHL semifinals. It felt like everybody in the arena was holding their breath, bracing for history to unfold before us, unchanged. 

It didn’t help that Minnesota scored twice before the first intermission. I could feel the crowd’s belief, or at least my own, ebbing. We needed the team to believe for us, to break open the glorious possibility of change. 

Less than three minutes into the second period, Shiann Darkangelo delivered, making the most of chaos in front of Minnesota’s crease. It wasn’t an equalizer, but it was proof that mountains can be climbed, so long as you go one step at a time. The crowd’s reaction felt as much like a sigh of relief as a celebration. 

to be fair here, this video is not complaining about Bookchin so much as offering a coherent, short explanation as to why there is no unbridgable chasm between individuals and groups in anarchy. i think Bookchin keeps coming up because...

Calling something “white socialism” actually weakens the left. It treats the multiracial working class as just a social problem, not as a group that can act politically. It focuses on moral identity rather than on working together. This leads to a kind of politics where the left cares more about staying pure than about winning. As a result, the left can’t respond to the current moment, because it has lost the tools it needs to understand what’s happening.

The post The Test That Cannot Be Passed appeared first on New Politics.

Big Pharma and industry-funded advocacy groups are promoting Alzheimer’s blood testing that could label millions of Americans as sick — despite dangerous treatments for early diagnoses of the disease.

Kansas City DSA has grown faster than similarly-sized DSA chapters during the post-election membership surge. A member of KC chapter leadership explains the strategy behind the surge.

The post Reflections on the “Missouri Miracle” appeared first on Democratic Left.

Jeff Bezos learns being good at YouTube is not so easy.

The Pentagon has released hundreds of declassified files, pictures and videos relating to UAPs—Unidentified Anomalous Phenomena—more popularly known as UFOs...

The post CovertAction Bulletin: Close Encounters of the Distraction Kind first appeared on CovertAction Magazine.

City Commissioner David Suarez is accused of hiring the trucks to single out members of the activist group Jewish Voice for Peace.

The post Miami Beach Official Hired Billboard Truck to Call Pro-Palestine Activists “Jew Hater,” Lawsuit Alleges appeared first on The Intercept.

HARRISBURG — On May 19, voters across Pennsylvania will head to the polls to cast their ballots in the primary election.

Every voter in every election is entitled to vote without intimidation, interference, or discrimination.

Voter intimidation is illegal under federal and state law — and according to the Pennsylvania Department of State, it’s also rare. However, several incidents of suspected intimidation in recent years have brought more attention to the issue and prompted action by the state.

During the 2020 election, Pennsylvania officials raised concerns several times that President Donald Trump’s campaign and its supporters might be intimidating voters. The campaign recorded voters in Philadelphia as they dropped off their mail ballots. Trump also urged his supporters to monitor polls in the city that year, following false claims that poll watchers had been removed from polling sites. Crowds — consisting of people for and against counting mail ballots — descended to the Philly site where votes were being tallied. Two Trump supporters also drove to the site with guns and several rounds of ammunition.

Since then, Pennsylvania has established a hotline to report cases of voter intimidation and other election-related crimes. It’s also created a task force that mitigates election threats and combats misinformation.

The Trump administration has given conflicting statements about deploying ICE agents to polling places during the midterms this November. In February, the Department of Homeland Security said that would not be the case, but just this week, Trump told PBS News that he supports “anything” to ensure “honest elections.”

Federal law prohibits federal troops, agents, or law enforcement from interfering with voting.

Here’s everything you need to know so that you can be prepared if you experience or witness voter intimidation:

What is voter intimidation?

Voter intimidation can take many forms. It includes but is not limited to explicit physical or verbal threats and interrogation, as well as tactics like photographing or recording voters. This applies inside and outside of a polling place, as well as in county boards of election offices and at mail ballot drop boxes. A more comprehensive list of intimidation tactics covered under the law is on the state’s website.

In Pennsylvania, the law also specifies that it’s illegal to coerce someone to vote or to refrain from voting, to interfere with a person’s ability to vote, or to block the entrance or exit of any polling place.

Election workers can also be subjected to intimidation. In 2022, the FBI and Department of Justice identified Pennsylvania as one of the top states for threats to election workers, based on reports made to a special task force.

However, intimidation and misconduct can be performed by anyone, including nonpartisan election workers and partisan poll watchers. The Pennsylvania Department of State has rules on what poll watchers — who are picked by political parties and campaigns — can and cannot do, as well as guidance for poll workers, to ensure that no voter is inappropriately challenged as they cast their ballot or is subjected to any sort of discrimination, intimidation, or misconduct.

Voter intimidation doesn’t exclusively occur at polling places. It can also happen via door-to-door canvassing, and include flyers or calls that intentionally disseminate incorrect or false election information, including details about voting time or place, to interfere with people being able to properly cast their ballot.

What does the law say?

Federal and state protections against intimidation cover the entire voting process, from registration to casting a ballot to counting votes, and apply to both the voter and election workers.

At the federal level, the Voting Rights Act and the Civil Rights Act, in addition to various other laws, make it clear that actual or attempted “intimidation” or “threats” against a person trying to vote are illegal. Committing this sort of behavior during a national election is a federal crime, and a person who intimidates voters during any election can be prosecuted by the Department of Justice.

In Pennsylvania, it is a felony in the third degree to “use or practice any intimidation, threats, force or violence with design to influence unduly or overawe any elector, or to prevent him from voting or restrain his freedom of choice.” Intimidating a voter can result in imprisonment for up to two years.

In addition to that law, the Pennsylvania Department of State has guidance on voter intimidation and discriminatory conduct, as well as rules for polling places on Election Day “to help voters, elections officials, attorneys and watchers understand their respective roles, responsibilities, and rights.”

Where’s the line?

A lot can happen inside and outside of a polling place, and it can be hard to discern what is allowed and what is not. Below are answers to some common questions about behavior at the polls:

Are guns allowed in polling places?

It depends on the polling place. Firearms are not allowed in polling places if they are housed in any of the following locations: a private property that forbids firearms, a school, a courthouse, or any other location where Pennsylvania law prohibits the carrying of firearms. This applies even if you are the lawful owner of a firearm.

Can I wear clothing in support of the candidate I’m voting for?

Yes, you can wear clothing, buttons, stickers, and more to show support for the candidate you’re voting for. However, campaigning for the candidate inside the polling place is not allowed and is considered electioneering.

Election officials and poll watchers cannot wear any partisan apparel, including buttons.

Is law enforcement allowed in polling places?

Pennsylvania law generally prohibits law enforcement officers from being within 100 feet of a polling place during voting hours. However, some exceptions exist, including for officers who are there to vote or have been called to respond to a disturbance.

What should I do if I experience voter intimidation or witness it?

If you are a victim of intimidation, or witness it, you should report it to the district attorney and your county election office, either online or by finding the phone number for your county board of elections.

You can also report any instances of voter intimidation, election fraud, or other election crimes to the Pennsylvania Department of State's voter hotline at 1-877-VOTESPA (1-877-868-3772) or file an election complaint online.

Once complaints are received, the Office of Attorney General can investigate and prosecute voter intimidation.

If you have an immediate concern for your safety or the safety of others, you should call 911.

A eulogy recounting the visit that lifelong revolutionary Ben Morea made to Exarchia, the Athenian neighborhood famed as a hotbed of anarchism.

What comes after Asian American literature?

• What’s more surprising? That Barstool made deodorant or that it’s not spray deodorant?
• No aluminum
• You get 2 of each scent: Fresh Tracks & Golden Hour
• Fresh Tracks: Oakmoss & Pink Pepper
• Golden Hour: Smooth Brandy & Madagascar Vanilla
• Is it available in Georgia Red: If it turns your pits red, you might be allergic

Foil-Free

A 4-pack of aluminum-free deodorant? For 12 bucks? In other words, 3 dollars per? When a single stick of this stuff usually retails for over 15?

Hey, what a deal!

Sure, ‘Would’ is an interesting brand name. But at least it features totally normal, understated packaging. Just take a look!

Wait a minute, what’s that? Computer: enhance.

A little closer.

Ah, fucking hell.

So we’ve done the Logan Paul’s hydration powder? And now we’re doing deodorant from Barstool? The first media outlet founded by someone conceived in a tanning bed?

What’s next? Did Pat McAfee put his name on some ill-begotten ramen noodle concept? Are there any University-of-Austin-branded insulated tumblers we could help someone unload? How about that guy who was supposed to host Jeopardy? Does he have a line of cookware we could perhaps sell?

Anyway, we’re sure the forums will love this.

It’s cheap deodorant if you want it.

Administration deems anti-Trump right wingers terrorists

Approximately 1,000 Palestinian students remain trapped in Gaza despite having scholarships to attend universities abroad as Israel controls the borders and won't them out.

The post Palestinian Students Trapped in Gaza by Israeli Border Closures appeared first on UNICORN RIOT.

Today we speak to data scientist Tristan Lee. He tells us about his new project: Epstein.photos, a site that allows users to connect the Epstein cabal using facial recognition...

No ads and all exclusives: patreon.com/popularfront

Discounted 50% off the best internet privacy for all our listeners: proton.me/popularfront

INFO | MERCH | NEWS | JAKE | SUBSTACK

Matt and Sam answer listener questions about post-Trump politics, the meaning of Zohran Mamdani, the fate of liberalism, and more.

A series of misleading claims have gone viral this month, sowing fear and confusion about ICE targeting trans people, a transgender public registry, and an imminent gender-affirming healthcare ban.

Howdy folks,

I have some good news, which is that, after seven months, I’ve finally recovered from Long Covid. This is not something I particularly want to talk about in depth but it was the worst thing that ever happened to me! Anyway, sorry for the long period without posting that much, but I hope this amazing house (both laudatory/derogatory, that’s dialectics, baby) will make up for the three months I went AWOL.

BEHOLD:

Not to be over-exuberant, but I genuinely think this is the best McMansion exterior of all time. That includes all the messed up castles, the Mediterranean-style cult complexes, the Staten Island weirdness. Nothing, to me, epitomizes just how uniquely wacky these houses can be. The oversized broken pediment with the fat fake corinthian columns, the lawyer foyer transom window, the ultra-nub, the 45-degree angle, it is all there and it is all hellish, and none of it will ever happen ever again. Anyway this house is $2.5 million dollars and 10,000 square feet. Someone should buy it and give house tours to young people for whom this way of live will soon be unimaginable.

There is nothing so bold to me as the idea of a canted lawyer foyer flanked by two equally huge windows. The fact that the house is more populated by vases than people…something something a vessel for wealth, ah!

Someone on TikTok is going to find this house and set all the pictures to that terrible vaporwave nostalgia song. “tuscan kitchen [black heart emoji]” (as is their right, just like blogging is my right)

If you were a rich person muralist, please get in touch with me (patreon@mcmansionhell.com) I want to hear YOUR stories!!!!

I mean, if I had a giant mysterious wardrobe I, too, would be fernmaxxing (I am 32 years old and will not be talking like this. I am getting generationmogged and have to draw the line somewhere.)

If someone says to you “we should go to Venice in May” ABORT ABORT ABORT. you WILL pay 15 euros for gin and tonic. you WILL get pickpocketed or puked on by British people. you WILL be eaten by mosquitoes. Go in November when no one’s around and you can have a good cry about how everything dies, sinks into the ocean, one might say, and how futile it is to try keeping it alive on horrible wooden stilts. The gondolier will tell you wistfully about how the dolphins returned to the lagoons during the pandemic lockdown. Then he will look at you because their leaving again is your fault.

I hate putting the word “cuck” in this blog. Ten years ago, that would warrant an angry parent email. Now children say cuck to each other in elementary school because they learned it from a Charlie Kirk assassination fancam.

This is kind of like one of those 19th century galleries but for 400,000aires who mostly think of art as a piece of furniture.

I used to not believe in the mobbed up pizza place (no one likes an ethnic stereotype) but there was one I went to in Coastal New Jersey that was unmistakably mobbed up. Guys coming in and out of the back in suits, cash only, no GrubHub, no delivery. It wasn’t called Vito’s though. That would be stupid of me to disclose.

It’s so funny that for a month we collectively pretended that every man alive cared about the roman empire. Just the kind of cute thing we used to do online before cultural microphenomena became primarily driven by incel forums.

That’s right, folks, McMansion Hell is TEN YEARS OLD this year, and there WILL be a party in Chicago in July. (More details later.) Anyway, heinous back facade. What were they thinking.

If you like this post and want more like it, support McMansion Hell on Patreon for as little as $1/month for access to great bonus content including a discord server, extra posts, and livestreams. (Don’t worry! This doesn’t adjust for inflation! Now’s the perfect time to join!) By the way: new subscribers can buy a year of McMansion Hell for just $12!

Not into recurring payments? Try the tip jar! (I would seriously appreciate any and all tips because I am now, like, $3000 in medical debt from having Long Covid, a disease doctors and insurance companies famously believe in and cover. If you are the woman who hacked up a lung next to me on my flight to New Mexico, not even an N95 could beat your germs and I feel entitled to financial compensation.)

Anyway! See you next month!

This week's rendition, focusing on my experiences here in the Twin Cities.

About a year ago, we announced a hiatus on this project. Due to an outpouring of support, we pushed ourselves to continue, and over the last year, we’re proud of the interviews and roundups we’ve been able to produce. But as events in the United States have continued to escalate and conditions have grown more... Read Full Article

While driving near Branch, Newfoundland, three friends witnessed a towering, hairy, ape-like figure illuminated by headlights—its green-reflective eyes locking with theirs before it strode effortlessly into the woods. The chilling encounter, confirmed by all present, left no doubt in their minds: th...

  Out d’Coup | Bernie’s Out; Left Way Forward; COVID-19 Impacts; Religious Right is a Death Cult; Mensch Not a Mensch; K-12 Stays Closed; PA Budget Crisis; Netflix’s Space Force; Free Will, Sean’s Toys Bernie [...]

The post Out d’Coup for Friday, April 10, 2020 appeared first on Raging Chicken Media.

The Cut is named for the large open section that extends from open mezzanines on the second floor of the …

Continue reading →

Learn how Ravenloft’s nightmare realms work, from Darklords and Mists to twisted magic, trapped souls, and the rules that make every domain a prison.

It’s here! 150+ Colorful Pages of Flesh Pit material to create and run a visceral adventure for you and your fellow squad of Park Rangers. Build out your own custom characters, select from an arsenal of questionable Anodyne-provided equipment, and encounter a robust bestiary of antediluvian macrofauna and geobiological hazards.
Get it here: https://www.drivethrurpg.com/en/product/498633/mystery-flesh-pit-national-park-the-rpg?affiliate_id=4581853

Devolver promises "both familiar and all-new mechanics."

Outside the box.

Physical versus digital. With the rise of digital storefronts, the decline of brick-and-mortar stores, growing game sizes, and more-expensive consoles and storage, the lines in the sand get deeper, and the debates get louder.

It's the age-old question with all media, and with video games, things seem to have ramped up since the launch of the Switch 2. Reports of declining physical game sales have been rampant over the past few years. The cost of digital games is often a factor, too, with even Nintendo charging less for its first-party digital releases, starting with Yoshi and the Mysterious Book.

Read the full article on nintendolife.com

"NASA also is defining the concept of operations for the mission."

There are concerns that the company's code of ethics has been violated.

A push by Red Hat employees to create a Fedora "AI Developer Desktop" with support for out-of-tree kernel drivers and AI toolkits has been met with objections from some long-time members of the Fedora community. After more than a month of sometimes heated discussion, the Fedora Council had voted to approve the initiative; however, a last-minute change to vote against the proposal by council member Justin Wheeler has (at least temporarily) sent it back to the drawing board.

KDE has announced it’s getting a €1.28 million grant from the Sovereign Tech Fund (STF) to help improve the Plasma desktop, KDE Linux and the communication frameworks used by both. The German government-backed fund, which sees its work as “strategic investments in the digital infrastructure of our economy and society”, will disburse €1,285,200 ($1,512,680) to KDE across 2026 and 2027. Like all grants the fund provides, the money is earmarked for a specific set of pre-approved projects. KDE developers can’t redirect cash toward the latest feature request gathering upvotes on r/KDE. Work the money will fund includes improving the Plasma […]

You're reading KDE gets €1.2m funding from the Sovereign Tech Fund, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers -- including Apple, Google, Microsoft, Mozilla and Oracle -- fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases.

Second verse, same as the first!

By John Burns and Emily Yuan

Introduction

At Netflix, we operate using a polyrepo strategy with tens of thousands of Java repositories. This means that we need to have ways of sharing common build logic across these repositories. On the JVM Ecosystem team within Java Platform, we build tooling such as the Nebula suite of Gradle plugins to provide standard ways to build projects, keep dependencies up-to-date, and publish artifacts reliably across the Java ecosystem. Our mission also entails providing build-time feedback to the developer when they deviate from the paved road, or when their code base contains technical debt.

Case Study

After a Netflix incident relating to a library releasing a backwards-incompatible change, our team was asked to provide some tooling and practices to improve the Java library lifecycle management. This was not a simple case of a library making a reckless breaking change. The code removed had been deprecated for years. Library authors often struggle to know when it is safe to remove deprecated code, or refactor code that is not meant to be used by downstream applications. Fleet-wide migrations, such as upgrading major Spring Boot versions, also involve deprecated code removal. To help with this, we established a suite of API lifecycle annotations:

• @Deprecated from the Java standard library
• @Public A custom annotation to use on APIs meant to be used downstream
• @Experimental A custom annotation for new APIs which may not yet be stable
• All other APIs are assumed to be “internal”

Library authors can annotate their APIs with these annotations. However, how will they know which downstream projects are using their API incorrectly, based on these?

As we sought to improve the paved road for JVM-based libraries at Netflix, we needed a good way of identifying this kind of technical debt, not only for the benefit of the Java Platform-provided libraries, but any team delivering shared libraries to the organization. For this, we looked at ArchUnit.

ArchUnit is a popular OSS library (3.5k stars, 84 contributors) used to enforce “architectural” code rules as part of a JUnit suite. It is used internally by Gradle, Spring, and is provided as part of the Spring Modulith platform. The rules engine, which is built directly on top of ASM, can be used for a wide variety of use cases. It is powerful enough to be a general purpose static analysis tool with the following distinctive features:

1. Works cross-language (JVM), because it uses ASM/bytecode, not AST parsing.

2. Exposes a builder API pattern that makes it easy to write rules

3. Also has a lower level API ideal for writing more complex custom rules.

The limitation of ArchUnit is that it is designed to be used as part of a JUnit suite in a single repository. The Nebula ArchRules plugins give organizations the ability to share and apply rules across any number of repositories. Rules can be sourced from OSS libraries or private internal libraries. This makes the plugin generally useful for any JVM+Gradle engineering organization.

Why ArchUnit?

Before we go into how ArchRules works, it is good to understand why we would want to use ArchUnit in this way instead of other static analysis tools.

AST vs Bytecode

Some tools, such as PMD, process rules against an AST (abstract syntax tree). An AST is a structured representation of source code. This kind of tool will have rules that are syntax dependent. Rules that need to support multiple JVM languages, such as Kotlin or Scala, often need to be rewritten for each language. It also allows code which should be found to be hidden under syntactic sugar not anticipated by the rule author. ArchUnit uses ASM to analyze actual compiled bytecode, which means it doesn’t matter how that code was produced. What is analyzed is the actual code that will be run.

Rule Authorship

Tools like PMD and Spotbugs are not optimized for custom rule authorships. Most usage of these tools run built-in provided rules, or add in pre-made third party plugins. Take a look at what a custom rule for PMD might look like:

<![CDATA[
 //AllocationExpression/ClassOrInterfaceType[
   @Image='DateTime' and (
       (count(..//Name[@Image='DateTimeZone.UTC'])<=0)
       and
       (count(..//Name[@Image='DateTimeZone.forID'])<=0)
    ) or (
       (
           (count(..//Name[@Image='DateTimeZone.UTC'])>0)
             or
           (count(..//Name[@Image='DateTimeZone.forID'])>0)
       ) and (../Arguments/ArgumentList and count(../Arguments/ArgumentList/Expression) = 1)
   )
 ]
]]>

This rule ensures that DateTimes are not instantiated without an explicit zone. This is a raw string meant to be used within PMD’s xpath parser. There is no IDE guidance on crafting it. To test it, a whole separate PMD process needs to be wired up to interpret the rule and evaluate it against a source file. Let’s see how a similar rule would look with ArchUnit:

ArchRuleDefinition.priority(Priority.MEDIUM)
.noClasses()
.should()
.callConstructorWhere(
    // constructor does not have a zone arguement
    target(doesNot(have(rawParameterTypes(DateTimeZone.class))))
   // constructor is for DateTime
        .and(targetOwner(assignableTo(DateTime.class)))
)

This is type-safe Java code with a fluent API. It is also simple to unit test, as ArchUnit has a method to pass a rule object and class references to evaluate the rule against those classes.

Class Relations

Because ArchUnit processes the entire classpath with ASM, it retains a graph of the class data, allowing rules to easily traverse class relationships and call sites. This allows rules to have much more context about the code it is evaluating.

Rules Libraries

The first step was to build the ability to write ArchUnit rules which can be shared and published. In order to do this, we have the ArchRules Library Plugin. This plugin adds an additional source set to your Gradle project called archRules. In this source set, you can create a class which implements the ArchRulesService interface. This interface has a single abstract method which returns a Map<String, ArchRule>. The keys of this map are the names of your rules, and the ArchRule is the rule you would like to define using the standard ArchUnit API. Here is an example:

public class GuavaRules implements ArchRulesService {
  static final ArchRule OPTIONAL = ArchRuleDefinition.priority(Priority.MEDIUM)
        .noClasses()
        .should()
        .dependOnClassesThat()
        .haveFullyQualifiedName("com.google.common.base.Optional")
        .because("Java Optional is preferred over Guava Optional");

    @Override
    public Map<String, ArchRule> getRules() {
        Map<String, ArchRule> rules = new HashMap<>();
        rules.put("guava optional", OPTIONAL);
        return rules;
    }
}

This code and its dependencies will not be bundled with your main code. It is bundled into a separate Jar with the arch-rules classifier. When publishing, your library will publish this jar as a separate variant with the usage attribute set to arch-rules. This means that in order for downstream projects to use these rules, they must use Gradle Module Metadata for dependency resolution. There are 2 flavors of rules Libraries: Standalone rules libraries, bundled rule libraries.

Standalone Rule Libraries

A Standalone Rule library contains no main code: only archRules. These are useful for defining rules for code you don’t own, such as Core Java APIs or OSS libraries. They are also useful for generic rules that can apply to any code, such as “don’t use code marked as @Deprecated”. We maintain a collection of OSS Standalone rule libraries which anyone is free to use, and serve as examples of the types of rules you may want to write yourself. However, the real power of ArchRules is in “bundled rule libraries”.

Bundled Rule Libraries

A bundled rule library is a library with both main and archRules sources. The main source set will contain useful library code, whatever it may be. The archRules will contain rules specific to the usage of that library. For example, rules scoped to that library’s package, or referencing that library’s specific API. Whenever possible, we recommend writing rules in this bundled way. That is because the ArchRules Runner Plugin will be able to automatically detect these rules and run them in only the source sets that use this library as a dependency. An example of this can be seen in our Nebula Test library.

In any case, the library plugin will automatically generate a service loader registration entry for your ArchRulesService so that the runner can discover your rules.

Running Rules

The ArchRules Runner Plugin allows rules to be evaluated against your code. Standalone rule libraries can be evaluated against all source sets by adding them to the archRules configuration in your build. For example:

dependencies {
    archRules("your:rules:1.0.0")
}

As mentioned before, bundled rules will be evaluated automatically. To do this, the runner plugin creates a separate configuration for each of your source sets. In each of these configurations, the archRules classpath is combined with the runtimeClasspath with the arch-rules variant selected. This configuration is the classpath used when the ServiceLoader discovers implementations of ArchRulesService. In the following example, we have a Project which uses a test helper library as a testImplementation dependency, and also adds a standalone rules library to the archRules configuration. The test runtime classpath will only contain the implementation jar for the helper library, but the arch rules runtime will contain the archrules jar for the bundled rules and standalone rules. This all happens automatically.

Once the rules classpath is determined, the runner plugin will create a Gradle work action to evaluate rules against that specific source set. This action runs with classpath isolation using the *archRuleRuntime configuration. Within this action, a ServiceLoader is used to discover rule definitions. The action ends by writing a binary serialization of rule violations to a file for reporting.

In a project running rules, you also have the ability to customize rule configurations using the archRules extension. For example, you can override a rule’s priority level:

archRules {
    ruleClass("com.netflix.nebula.archrules.deprecation") {
        priority("HIGH")
    }
}

Other customizations include disabling running rules on certain source sets and configuring the failure threshold (i.e., high priority failures will cause the build to fail).

Reporting

The ArchRules runner plugin has two built-in reports: JSON and console. The json report will collect the output from all source sets within a project and create a single json file with all of the data. The console report also collects the output from all source sets within a project, but it prints to the console an easy to read report, for example:

Note that failure details feature a detailed plain English description, along with a pointer to the exact line of code in violation.

For custom reporting, you can either use the JSON file, or create your own task that reads the binary files. Take a look at the source code for the ArchRules runner plugin’s report tasks for an example of how to do this.

Case Study Solution

Going back to our original problem, using ArchRules, we were able to deliver a platform for library authors to track the usage of their APIs. They write ArchRules to detect usage of the annotations, scoped to their library’s package, such as:

ArchRuleDefinition.priority(Priority.MEDIUM)
    .noClasses().that(resideOutsideOfPackage(packageName + ".."))
    .should()
    .dependOnClassesThat(resideInAPackage(packageName + "..").and(are(deprecated())))
    .orShould().accessTargetWhere(targetOwner(resideInAPackage(packageName + ".."))
        .and(target(is(deprecated())).or(targetOwner(is(deprecated())))))
    .allowEmptyShould(true)
    .because("Deprecated APIs are subject to removal");

NB: the deprecated() predicate comes from nebula-archrules.

Our internal Nebula standard Gradle wrapper and plugin suite automatically enable the ArchRules runner on every project, and provides a custom reporter which sends the report data to our Internal Developer Portal on every main-branch CI build. This way, library authors can easily see a report of all downstream consumers using their experimental, deprecated, or non-public APIs, giving them confidence to make “breaking” changes, knowing that it will not actually break downstream consumers. If their changes are currently blocked by downstream usage, they can easily see exactly which projects are reporting those usages.

OSS Rule Libraries

While the most powerful way to use ArchRules is for you to write your own rules, we have built some OSS rule libraries that anyone is free to use, or reference as examples.

Nullability

These rules enforce proper nullability annotation in Java, for example, that every public class is marked with JSpecify’s @NullMarked. It is smart enough to exclude Kotlin code, as Kotlin has built-in nullability.

Gradle Plugin Best Practices

Writing Gradle plugins can be hard, especially since there are many APIs and patterns that should not be used anymore. These rules help enforce current best practices when writing Gradle plugins.

Joda / Guava Rules

These rule libraries discourage the use of Joda Time and Guava classes (respectively) as these have been superseded by java.time and standard library enhancements.

Security Rules

These rules help mitigate CVEs by detecting usage of known vulnerable APIs. Ideally, we keep dependencies up to date to mitigate CVEs. But sometimes that is not immediately feasible, and in those cases, a compile time check to ensure the specific vulnerable API is not used is often good enough.

Conclusion

We are now running 358 (and counting) rules across over 5,000 repositories detecting over nearly 1 million issues. About 1,000 of these issues are for “High” priority rules. Being able to run these rules on this scale allows us to quickly gain insight into our large fleet of microservices, and identify the areas carrying the most critical technical debt. This makes it easier to focus and prioritize our efforts.

Going forward, we will be exploring how to tie auto-remediation solutions into the ArchRules findings. ArchUnit currently provides very specific and detailed information about failures in reports, which makes a very strong input signal to an auto remediation tool. We will explore deterministic solutions such as OpenRewrite and non-deterministic solutions such as LLMs. Pairing the easy rule authorship and deterministic results of ArchUnit with an auto-remediation tool that can correctly interpret the results to solve the issue at hand will be a very powerful combination.

We also will investigate how to get ArchRule failure information surfaced in the IDE as inspections.

If you have questions or feedback about Nebula ArchRules, reach out to us by posting in the #nebula channel on the Gradle Community Slack.

Scaling ArchUnit with Nebula ArchRules was originally published in Netflix TechBlog on Medium, where people are continuing the conversation by highlighting and responding to this story.

TrustedVolumes, a resolver and market maker used by 1inch and other defi platforms, suffered a $6.7 million exploit after an attacker was able to steal funds without proper validation. The thief then swapped the stolen wETH, USDT, wBTC, and USDC through ChangeNow and converted them to ETH to evade freezes.

Blockchain research firm Blockaid has linked the attacker to a similar exploit in March 2025 that saw $5 million drained from 1inch. This time, 1inch has asserted that although they use TrustedVolumes as a resolver, the exploit did not involve any of their systems.

• "DeFi Platform TrustedVolumes Hit by $6.7M Exploit" , Decrypt

The Rust Project has been building up a good history of participating in various open-source mentorship programs, including Google Summer of Code for three years (including this year) and previously OSPP. We're happy to announce that this year we are also participating in Outreachy starting in the May 2026 cohort.

Each of these mentorship programs has different criteria for eligibility depending on who they target and the motivations of the program. Outreachy provides internships in open source, to people from any background who face underrepresentation, systemic bias, or discrimination in the technical industry where they are living. You can learn more about the Outreachy program on their website.

What is Outreachy and how is it different than Google Summer of Code

Outreachy is similar to Google Summer of Code (GSoC) in some aspects, but different in others. First off, unlike GSoC, Outreachy interns first apply to the overall program and only then can apply to specific communities. Second, while oftentimes GSoC applicants submit various contributions prior to their application, Outreachy has a dedicated period where contributions are not just optional, but required. Finally, Outreachy applicants submit an application similar to GSoC applications and communities pick interns based on those applications and the interns' contributions. Outreachy has two internship periods per year, one running from May to August (in which we are currently participating) and one from December to March.

The other major difference between Google Summer of Code and Outreachy is the source of intern stipends. For GSoC, Google graciously covers contributor stipends and overhead. For Outreachy, communities instead cover the interns' stipends and overhead.

We are mentoring 4 interns for the May 2026 cohort

Because of limited funding availability and mentoring capacity, the Rust Project decided to select four interns for mentorship. We'll briefly share these projects below.

Calling overloaded C++ functions from Rust

Ajay Singh has been selected, mentored by teor, Taylor Cramer, and Ethan Smith.

This project aims to implement an experimental feature for calling overloaded C++ functions from Rust, and to begin testing that feature in a few representative use cases.

Code coverage of the Rust compiler at scale

Akintewe Oluwasola has been selected, mentored by Jack Huey.

This project aims to develop the workflows to run and analyze code coverage of the compiler at the scale of the entire compiler test suite and on ecosystem crates detected by crater. The hope is to be able to detect when the compiler is inadequately tested, both within the compiler and in the ecosystem, and to build tools to do continuous analysis on this.

Fuzzing the a-mir-formality type system implementation

Tunde-Ajayi Olamiposi has been selected, mentored by Niko Matsakis, Rémy Rakic, and tiif.

This project aims to implement fuzzing for a-mir-formality, an in-progress model for Rust's type and trait system. The goal is to generate programs in order to identify rules with underspecified semantics in a-mir-formality.

Improve the security of GitHub Actions of the Rust Project

oghenerukevwe Sandra Idjighere has been selected, mentored by Marco Ieni and Ubiratan Soares.

This project aims to improve the security of GitHub Actions workflows of the repositories owned by the Rust Project. It will develop tools and workflows, integrating with existing software, to analyze Github repositories and detect if they follow the best security practices, fix existing issues, and ensure that good security practices are followed in the future.

What's next

Over the next 3 months, the interns will work closely with their mentors to make progress on their projects. When the internship period is over, we'll write another blog post to share the results! See you then!

We also want to thank all the people that submitted applications and made contributions. It was quite tough to decide which applicants to select. Hopefully we will participate in Outreachy again in the future and there are other opportunities to participate. We also very much welcome you to stick around and continue being involved - there is a ton of places in the Rust Project with opportunities to be involved.

AI and its terrible, horrible, no good, very bad week

Only import what you need from space by reading the contents of your logistics network from a Roboport

LÖVE 11.5 - out now!

Siemens Industrial communication with Industrial Ethernet/ PROFINET supports simple sensor connecting to plant-wide quality and productions data acquisition and allow efficient integration of all company areas into one coherent system. This integration with products and systems from Siemens ensure greater company-wide efficiency with comprehensive industrial communications solutions. Image by