Merge pull request #2279 from dfinity/dev-update-12-13

Developer Weekly Update - December 13 2023

blog/news-and-updates/2023-12-13-update.md

@@ -0,0 +1,61 @@
+---
+title: Developer weekly update December 13, 2023
+description: This week, we discuss the latest release of dfx, the EU subnet proposal status, and an important security advisory for the Candid Rust library.
+tags: [Devs]
+image: /img/blog/dev-update-blog-dec-13.jpg
+---
+
+# Developer weekly update December 13, 2023
+
+![December 13 2023](../../static/img/blog/dev-update-blog-dec-13.jpg)
+
+Hello ICP developers and welcome to this edition of developer weekly! This week, we discuss the latest release of dfx, the EU subnet proposal status, and an important security advisory for the Candid Rust library. Let's get into it!
+
+
+## dfx 0.15.2
+
+The latest version of dfx, `0.15.2` has been released! This new release introduces several new features, such as: 
+
+- Canister install arguments can now be read from a file using the `--argument-file` flag, such as `dfx canister install --argument-file ./my/argument/file.txt my_canister_name`.
+
+- The `list_permitted` and `list_authorized` methods can now be called as an update call. Calling these methods as a query call has been disabled. 
+
+- The `dfx cycles` command has been added, which is not yet supported on the mainnet, but will work locally after installing the [cycles ledger](https://github.com/dfinity/cycles-ledger) (which is still in development). Subcommands included in this new feature are:
+
+    - `dfx cycles balance`: Returns the current cycles balance of the cycles ledger.
+
+    - `dfx cycles transfer <to> <amount>`: Transfers cycles from one account to another account.
+
+    - `dfx cycles top-up <to> <amount>`: Sends cycles from an account to a canister.
+
+- Additional ways to specify cycle and e8s amounts have been added. Underscores can now be used to make large numbers readable, such as `dfx canister deposit-cycles 1_234_567 mycanister`.
+In addition to underscores, certain suffixes that replace a number of zeros are now supported:
+
+- `k` for 000, e.g. 500k.
+
+- `m` for 000_000, e.g. 5m.
+
+- `b` for 000_000_000, e.g. 50B.
+
+- `t` for 000_000_000_000, e.g. 0.3T.
+
+Alongside these new features are a handful of bug fixes and enhancements, including:
+
+- The `dfx canister delete <canister id>` command now removes the related entry from the canister ID store.
+
+- `dfx extension install` can no longer create a corrupt cache directory.
+
+- The `output_env_file` is now considered relative to the project's root.
+
+- `dfx ledger transfer` now logs to `stderr` messages about duplicates rather than printing them to `stdout`.
+
+You can read the full detailed release notes on the IC SDK repo [here](https://github.com/dfinity/sdk/releases/tag/0.15.2).
+
+
+## EU subnet
+
+In last week's [developer weekly update](/blog/2023/12/06/news-and-updates/update#eu-subnet-nns-proposal), we announced that the first proposals to create an EU subnet had been submitted to the NNS for voting. The first two proposals have passed, and the third is currently up for voting! You can vote on the NNS dapp [here](https://nns.ic0.app/proposal/?u=qoctq-giaaa-aaaaa-aaaea-cai&proposal=126391). 
+
+## Candid security advisory
+
+DFINITY has issued an important security advisory regarding Candid. An upgrade of the Candid Rust library is required due to a security vulnerability that revealed a possible denial of service exploitation. We've released a separate Dev Blog post that goes into further detail on this advisory, which can be found [here](/blog/news-and-updates/candid-security-advisory).