GitHub Actions shipped a series of features designed to improve workflows when working with PRs from repository forks. 

Because all pull request workflows raised from repository forks have a read-only token and no access to secrets, common workflows like labeling or commenting have become difficult, according to GitHub. 

That’s why the company created a new ‘pull_request_target’ event, which behaves in an almost identical way to the ‘pull_request’ event with the same set of filters and payload.

Additional details are available here.

Django 3.1 released
The new release of the web framework includes asynchronous views, middleware support, and JSONField for all supported database backends.

Also, tokens, cookies, sessions, and signatures now use the SHA-256 hashing algorithm.

With the release of Django 3.1, Django 3.0 has reached the end of mainstream support. Additional details are available here.

Flutter’s web support
Flutter stated that its particular focus now is on integrating deeply and natively with the web platform.

“We target the web browser because it is the beating heart of the internet: the most pervasive, flexible, and extensive app model that has existed in computing history,” Flutter wrote in a post.

The team said it is also working in parallel on a CanvasKit-based backend that enables rendering Skia paint commands in the browser using WebAssembly and WebGL.

Racket 7.8 released
The new version of the general-purpose programming language supports AArch32 and AArch64, including places and futures, and supports an “incremental” garbage-collection mode that can eliminate long GC pauses for some applications, such as animations and interactive games. 

Also, Racket CS unboxes local floating-point arithmetic and DrRacket’s spell check features lower overhead and has fewer bugs. 

Web Server performance under high concurrency is better by up to an order of magnitude. The Web Server is also more resistant to clients attempting to use unconstrained resources.

Additional details are available here.

Two-step verification on Google Play console
The new Google Play Console beta offers customized, secure access to everyone on a team. 

“Granting your team members safe access to specific features in your developer account is one of the best ways to increase the value of our tools for your organization,” Android wrote in a blog post. “We want to make sure that your developer account is as safe as possible so you feel confident when granting access.”

Two-Step Verification uses both your password and a second way to identify you for added security. This could be a text message to a registered phone, an authenticator app, alerts on supported devices, or a hardware security key.