fedi.hi.ls

Not sure how I should feel about our new ice cream scoop containing AI. 🤔

mitmproxy 11.1.2 is out, everyone should upgrade! We fixed a rather nasty SSRF-style vulnerability affecting mitmweb (CVE-2025-23217). mitmproxy and mitmdump users are unaffected.

https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-wg33-5h85-7q5p

mitmproxy 11.1 is out! 🥳

We now support *Local Capture Mode* on Windows, macOS, and - new - Linux! This allows users to intercept local applications even if they don't have proxy settings.

On Linux, this is done using eBPF and https://aya-rs.dev/, more details are at https://mitmproxy.org/posts/local-capture/linux/. Super proud of this team effort. 😃

♫⋆｡♪ ₊˚♬ ﾟ... driving home for Christmas ... ♫⋆｡♪ ₊˚♬

🫠

mitmproxy 11 is out! We now fully support HTTP/3, including transparent mode. 🥳

Gaurav - my Google Summer of Code student - has all the details: https://mitmproxy.org/posts/releases/mitmproxy-11/. Awesome to have such a fantastic mitmproxy community. ☺️

mitmproxy 10.4 is out! 🚀 Lots of bugfixes, and a first preview of our new Capture Tab in mitmweb! Matteo Luppi is working on this as his Google Summer of Code project. Super excited for how this will look like at the end of the summer. 🤩

https://mitmproxy.org/posts/releases/mitmproxy-10.4/

Step 1: Roll your eyes at people using CDNs.
Step 2: Realize that you are one of them. 🫣

pdoc users who do `--math`, please upgrade to the latest release ASAP to fix a security vulnerability!

https://github.com/mitmproxy/pdoc/security/advisories/GHSA-5vgj-ggm4-fg62

Today's progress: Adding a note to https://github.com/sponsors/mhils that we won't put a sponsor's logo on mitmproxy.org if we feel that they don't align with our values. Apparently some not-so-great places have discovered it's great for SEO or something. Immensely grateful to be in a position that allows me to just say no.

Special day today: Celebrating my grandpa's 100th birthday! 🥳🎂🎈