What happened last week

A crazy week behind and a crazy one in front of me.

Last week, I visited Florence because I was a speaker at the Open Source Day. To put it short - it was amazing. Everything there worked perfectly, the talks were amazing and it was a great chance to hug a lot of my friends. The only downside is that I must wait a year for another edition. In the links below you’ll find a longer article about it.

Next week is filled with a gazillion planning calls and podcast recordings. It will be intense and it will end with me speaking at WordUp Gdynia. Also, we’ll be publishing another website on Astro, which makes me happy.

In the middle of this craziness, I found some time for cycling. I needed this to clear my head.

Interesting links

I was at Open Source Day 2025 in Florence — Maciek Palmowski

It’s funny that until 2024, I never visited Italy. Now I looking for excuses to do so. And Open Source Day is a great excuse. Amazing conference, with great talks, and a lot of hugs. Learn more about why you should visit this conference next year.

FOSS infrastructure is under attack by AI companies — Niccolò Venerandi

One of the things I never liked about LLMs was how they gathered data. Very often it was stealing in a more or less legal way. Right now we’re in the middle of LLM scrapers putting down FOSS infrastructure.

I’m not a fan of the EU regulation-first approach, but looking at what is happening, maybe this should be a moment for some people to realize that a lack of them will hurt us even more in the upcoming years.

Cloudfest Hackathon 2025: SBOMinator to Secure the OSS Supply Chain — Mart Virkus

While I was eating Italian food in Florence, most of the Patchstack team was in Rust at Cloudfest. During the hackathon, we were working on an SBOMinatior for open-source software (including WP, Typo3, and Laravel). It’s an amazing and important project and I hope that it will grow over time.

Why Agencies Use Low-Code Tools — Mike Davey

This cool article by Mike explains why Low-Code tools are so popular. While they probably won’t always create the best possible solution, maybe we’ll have to bend our needs, but they get the job done. Good enough and on time.

Next.js Middleware Exploit: CVE-2025-29927 Authorization Bypass

As you can see, even the greatest make mistakes. On the other hand - two weeks from disclosure to patch is not a perfect result. Especially since I saw that Vercal didn’t share the info with other providers and while they blocked it on Vercel other hosting companies weren’t informed. That said - please update your Next.js apps.

My migration story from Hugo to Astro — Elio Struyf

Elio migrated his blog from Hugo to Astro. He took us step by step through what he had to do, and what were the biggest pain points of the process.

Powering Search With Astro Actions and Fuse.js — Bryan Robinson

Bryan wrote a great tutorial explaining how to use Astro Actions and Fuse.js to create a nice fuzzy search for your Astro website.

Starwind UI: shadcn/ui for Astro — Chris Pennington

Chris did a great intro for Starwind UI - a component set designed for Astro.

Organizing Content with Astro Content Schemas — Monica Powell

Monica wrote an amazing introduction to content schemas in Astro. If, for some reason, you’re not using them yet you should. Monica goes from basic examples to more fancy ones.

How we maintain enterprise Statamic sites — Lokman Musliu

Lokman explains how the maintenance of the Statamic website looks, especially for enterprise clients.

And how was your week? Did you learn something interesting? Don’t hesitate to press the reply button or share your thoughts in the comment section.

Cheers,

Maciek