Language Selection

English French German Italian Portuguese Spanish

Debian

Syndicate content
Planet Debian - https://planet.debian.org/
Updated: 5 hours 29 min ago

Andrew Cater: Debian 10.5 media testing process started 202008011145 - post 1 of several.

Saturday 1st of August 2020 01:01:52 PM
The media testing process has started slightly late. There will be a _long_ testing process over much of the day: the final media image releases are likely to be at about 0200-0300UTC tomorrow.
Just settling in for a long day of testing: as ever, it's good to be chatting with my Debian colleagues in Cambridge and with Schweer in Germany. It's going to be a hot one - 30 Celsius (at least) and high humidity for all of us.
EDIT: Corrected for UTC :)

Andrew Cater: Debian 10.5 Buster point release 20200801 - all of the fixes :)

Saturday 1st of August 2020 11:13:56 AM
The point release is happening today for Debian Buster 10.5. This is an important release because it incorporates all the recent security fixes from the latest GRUB / Secure Boot "Boothole" security problems.
Behind the scenes, there has been a lot of work to get this right: a release subject to an embargo to allow all the Linux releases to co-ordinate this as far as possible, lots of consistent effort, lots of cooperation - the very best of Free/Libre/Open Source working together.
Secure Boot shims are signed with a different key to go to upstream this time around: in due course, when revocation of old, insecure code happens to plug the security hole, older media may be deny-listed. All the updates for all the affected packages (listed in https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/ ) are included in this release.

This has been a major wake-up call: the work behind the scenes has meant that each affected Linux distribution will be in a much better position going forward and working together is always good.

Utkarsh Gupta: FOSS Activites in July 2020

Saturday 1st of August 2020 09:00:00 AM

Here’s my (tenth) monthly update about the activities I’ve done in the F/L/OSS world.

Debian

This was my 17th month of contributing to Debian. I became a DM in late March last year and a DD last Christmas! \o/

Well, this month I didn’t do a lot of Debian stuff, like I usually do, however, I did a lot of things related to Debian (indirectly via GSoC)!

Anyway, here are the following things I did this month:

Uploads and bug fixes: Other $things:
  • Mentoring for newcomers.
  • FTP Trainee reviewing.
  • Moderation of -project mailing list.
  • Sponsored php-twig for William, ruby-growl, ruby-xmpp4r, and uby-uniform-notifier for Cocoa, sup-mail for Iain, and node-markdown-it for Sakshi.
GSoC Phase 2, Part 2!

In May, I got selected as a Google Summer of Code student for Debian again! \o/
I am working on the Upstream-Downstream Cooperation in Ruby project.

The first three blogs can be found here:

Also, I log daily updates at gsocwithutkarsh2102.tk.

Whilst the daily updates are available at the above site^, I’ll breakdown the important parts of the later half of the second month here:

  • Marc Andre, very kindly, helped in fixing the specs that were failing earlier this month. Well, the problem was with the specs, but I am still confused how so. Anyway..
  • Finished documentation of the second cop and marked the PR as ready to be reviewed.
  • David reviewed and suggested some really good changes and I fixed/tweaked that PR as per his suggestion to finally finish the last bits of the second cop, RelativeRequireToLib.
  • Merged the PR upon two approvals and released it as v0.2.0!

Paul Wise: FLOSS Activities July 2020

Saturday 1st of August 2020 12:58:13 AM
Focus

This month I didn't have any particular focus. I just worked on issues in my info bubble.

Changes Issues Review Administration
  • Debian wiki: unblock IP addresses, approve accounts, reset email addresses
Communication Sponsors

The purple-discord, ifenslave and psqlodbc work was sponsored by my employer. All other work was done on a volunteer basis.

Junichi Uekawa: August and feels like it finally.

Saturday 1st of August 2020 12:54:04 AM
August and feels like it finally. July didn't feel like July and felt like June because it rained so much. This is summer.

Ben Hutchings: Debian LTS work, July 2020

Friday 31st of July 2020 10:40:00 PM

I was assigned 20 hours of work by Freexian's Debian LTS initiative, but only worked 5 hours this month and returned the remainder to the pool.

Now that Debian 9 'stretch' has entered LTS, the stretch-backports suite will be closed and no longer updated. However, some stretch users rely on the newer kernel version provided there. I prepared to add Linux 4.19 to the stretch-security suite, alongside the standard package of Linux 4.9. I also prepared to update the firmware-nonfree package so that firmware needed by drivers in Linux 4.19 will also be available in stretch's non-free section. Both these updates will be based on the packages in stretch-backports, but needed some changes to avoid conflicts or regressions for users that continue using Linux 4.9 or older non-Debian kernel versions. I will upload these after the Debian 10 'buster' point release.

Chris Lamb: Free software activities in July 2020

Friday 31st of July 2020 09:55:07 PM

Here is my monthly update covering what I have been doing in the free and open source software world during July 2020 (previous month):

  • Opened a pull request to make the build reproducible in PyERFA, a set of Python bindings for various astronomy-related utilities (#45), as well as one for PeachPy assembler to make the output of codecode/x86_64.py reproducible (#108).

SPI is a non-profit corporation that acts as a fiscal sponsor for organisations that develop open source software and hardware.
  • As part of being on the board of directors of the Open Source Initiative and Software in the Public Interest I attended their respective monthly meetings and participated in various licensing and other discussions occurring on the internet, as well as the usual internal discussions regarding logistics and policy etc. This month, it was SPI's Annual General Meeting and the OSI has been running a number of remote strategy sessions for the board.

  • Fixed an issue in my tickle-me-email library that implements Getting Things Done (GTD)-like behaviours in IMAP inboxes to ensure that all messages have a unique Message-Id header. [...]

  • Reviewed and merged even more changes by Pavel Dolecek into my Strava Enhancement Suite, a Chrome extension to improve the user experience on the Strava athletic tracker.

  • Updated travis.debian.net, my hosted service for projects that host their Debian packaging on GitHub, to use the Travis CI continuous integration platform) to fix a compatibility issue with the latest version of mk-build-deps. [...][...]


Lintian analyses Debian packages and reports bugs and policy violations. It contains automated checks for many aspects of Debian policy as well as checks for common errors.

For Lintian, the static analysis tool for Debian packages:

  • Update the regular expression to search for all the released versions in a .changes file. [...]

  • Avoid false-positives when matching sensible-utils utilities such as i3-sensible-pager. (#966022)

  • Rename the send-patch tag to patch-not-forwarded-upstream. [...]

  • Drop reminders from 26 tags that false-positives should be reported to Lintian as this is implicit in all our tags. [...]


§


Reproducible Builds

One of the original promises of open source software is that distributed peer review and transparency of process results in enhanced end-user security. However, whilst anyone may inspect the source code of free and open source software for malicious flaws, almost all software today is distributed as pre-compiled binaries. This allows nefarious third-parties to compromise systems by injecting malicious code into ostensibly secure software during the various compilation and distribution processes.

The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.


Conservancy is not-for-profit 501(c)(3) charity focused on ethical technology and user freedom.

The project is proud to be a member project of the Software Freedom Conservancy. Conservancy acts as a corporate umbrella allowing projects to operate as non-profit initiatives without managing their own corporate structure. If you like the work of the Conservancy or the Reproducible Builds project, please consider becoming an official supporter.

This month, I:



§


diffoscope
diffoscope is our in-depth and content-aware diff utility that can locate and diagnose reproducibility issues.

Elsewhere in our tooling, I made the following changes to diffoscope, including preparing and uploading versions 150, 151, 152, 153 & 154 to Debian:

  • New features:

    • Add support for flash-optimised F2FS filesystems. (#207)
    • Don't require zipnote(1) to determine differences in a .zip file as we can use libarchive. [...]
    • Allow --profile as a synonym for --profile=-, ie. write profiling data to standard output. [...]
    • Increase the minimum length of the output of strings(1) to eight characters to avoid unnecessary diff noise. [...]
    • Drop some legacy argument styles: --exclude-directory-metadata and --no-exclude-directory-metadata have been replaced with --exclude-directory-metadata={yes,no}. [...]
  • Bug fixes:

    • Pass the absolute path when extracting members from SquashFS images as we run the command with working directory in a temporary directory. (#189)
    • Correct adding a comment when we cannot extract a filesystem due to missing libguestfs module. [...]
    • Don't crash when listing entries in archives if they don't have a listed size such as hardlinks in ISO images. (#188)
  • Output improvements:

    • Strip off the file offset prefix from xxd(1) and show bytes in groups of 4. [...]
    • Don't emit javap not found in path if it is available in the path but it did not result in an actual difference. [...]
    • Fix ... not available in path messages when looking for Java decompilers that used the Python class name instead of the command. [...]
  • Logging improvements:

    • Add a bit more debugging info when launching libguestfs. [...]
    • Reduce the --debug log noise by truncating the has_some_content messages. [...]
    • Fix the compare_files log message when the file does not have a literal name. [...]
  • Codebase improvements:

    • Rewrite and rename exit_if_paths_do_not_exist to not check files multiple times. [...][...]
    • Add an add_comment helper method; don't mess with our internal list directly. [...]
    • Replace some simple usages of str.format with Python 'f-strings' [...] and make it easier to navigate to the main.py entry point [...].
    • In the RData comparator, always explicitly return None in the failure case as we return a non-None value in the success one. [...]
    • Tidy some imports [...][...][...] and don't alias a variable when we don't end up using. [...]
    • Clarify the use of a separate NullChanges quasi-file to represent missing data in the Debian package comparator [...] and clarify use of a 'null' diff in order to remember an exit code. [...]
  • Misc:


§



Debian

In Debian, I made the following uploads this month:


§


Debian LTS

This month I have worked 18 hours on Debian Long Term Support (LTS) and 12 for the Extended LTS project. This included:

You can find out more about the project via the following video:

Jonathan Carter: Free Software Activities for 2020-07

Friday 31st of July 2020 05:01:03 PM

Here are my uploads for the month of July, which is just a part of my free software activities, I’ll try to catch up on the rest in upcoming posts. I haven’t indulged in online conferences much over the last few months, but this month I attended the virtual editions of Guadec 2020 and HOPE 2020. HOPE isn’t something I knew about before and I enjoyed it a lot, you can find their videos on archive.org.

Debian Uploads

2020-07-05: Sponsor backport gamemode-1.5.1-5 for Debian buster-backports.

2020-07-06: Sponsor package piper (0.5.1-1) for Debian unstable (mentors.debian.net request).

2020-07-14: Upload package speedtest-cli (2.0.2-1+deb10u1) to Debian buster (Closes: #940165, #965116).

2020-07-15: Upload package calamares (3.2.27-1) to Debian unstable.

2020-07-15: Merge MR#1 for gnome-shell-extension-dash-to-panel.

2020-07-15: Upload package gnome-shell-extension-dash-to-panel (38-1) to Debian unstable.

2020-07-15: Upload package gnome-shell-extension-disconnect-wifi (25-1) to Debian unstable.

2020-07-15: Upload package gnome-shell-extension-draw-on-your-screen (6.1-1) to Debian unstable.

2020-07-15: Upload package xabacus (8.2.8-1) to Debian unstable.

2020-07-15: Upload package s-tui (1.0.2-1) to Debian unstable.

2020-07-15: Upload package calamares-settings-debian (10.0.2-1+deb10u2) to Debian buster (Closes: #934503, #934504).

2020-07-15: Upload package calamares-settings-debian (10.0.2-1+deb10u3) to Debian buster (Closes: #959541, #965117).

2020-07-15: Upload package calamares-settings-debian (11.0.2-1) to Debian unstable.

2020-07-19: Upload package bluefish (2.2.11+svn-r8872-1) to Debian unstable (Closes: #593413, #593427, #692284, #730543, #857330, #892502, #951143).

2020-07-19: Upload package bundlewrap (4.0.0-1) to Debian unstable.

2020-07-20: Upload package bluefish (2.2.11+svn-r8872-1) to Debian unstable (Closes: #965332).

2020-07-22: Upload package calamares (3.2.27-1~bpo10+1) to Debian buster-backports.

2020-07-24: Upload package bluefish (2.2.11_svn-r8872-3) to Debian unstable (Closes: #965944).

François Marier: Extending GPG key expiry

Friday 31st of July 2020 03:45:00 AM

Extending the expiry on a GPG key is not very hard, but it's easy to forget a step. Here's how I did my last expiry bump.

Update the expiry on the main key and the subkey:

gpg --edit-key KEYID > expire > key 1 > expire > save

Upload the updated key to the keyservers:

gpg --export KEYID | curl -T - https://keys.openpgp.org gpg --keyserver keyring.debian.org --send-keys KEYID

Reproducible Builds (diffoscope): diffoscope 154 released

Friday 31st of July 2020 12:00:00 AM

The diffoscope maintainers are pleased to announce the release of diffoscope version 154. This version includes the following changes:

[ Chris Lamb ] * Add support for F2FS filesystems. (Closes: reproducible-builds/diffoscope#207) * Allow "--profile" as a synonym for "--profile=-". * Add an add_comment helper method so don't mess with our _comments list directly. * Add missing bullet point in a previous changelog entry. * Use "human-readable" over unhyphenated version. * Add a bit more debugging around launching guestfs. * Profile the launch of guestfs filesystems. * Correct adding a comment when we cannot extract a filesystem due to missing guestfs module.

You find out more by visiting the project homepage.

Russell Coker: Links July 2020

Thursday 30th of July 2020 11:59:23 PM

iMore has an insightful article about Apple’s transition to the ARM instruction set for new Mac desktops and laptops [1]. I’d still like to see them do something for the server side.

Umair Haque wrote an insightful article about How the American Idiot Made America Unlivable [2]. We are witnessing the destruction of a once great nation.

Chris Lamb wrote an interesting blog post about comedy shows with the laugh tracks edited out [3]. He then compares that to social media with the like count hidden which is an interesting perspective. I’m not going to watch TV shows edited in that way (I’ve enjoyed BBT inspite of all the bad things about it) and I’m not going to try and hide like counts on social media. But it’s interesting to consider these things.

Cory Doctorow wrote an interesting Locus article suggesting that we could have full employment by a transition to renewable energy and methods for cleaning up the climate problems we are too late to prevent [4]. That seems plausible, but I think we should still get a Universal Basic Income.

The Thinking Shop has posters and decks of cards with logical fallacies and cognitive biases [5]. Every company should put some of these in meeting rooms. Also they have free PDFs to download and print your own posters.

gayhomophobe.com [6] is a site that lists powerful homophobic people who hurt GLBT people but then turned out to be gay. It’s presented in an amusing manner, people who hurt others deserve to be mocked.

Wired has an insightful article about the shutdown of Backpage [7]. The owners of Backpage weren’t nice people and they did some stupid things which seem bad (like editing posts to remove terms like “lolita”). But they also worked well with police to find criminals. The opposition to what Backpage were doing conflates sex trafficing, child prostitution, and legal consenting adult sex work. Taking down Backpage seems to be a bad thing for the victims of sex trafficing, for consenting adult sex workers, and for society in general.

Cloudflare has an interesting blog post about short lived certificates for ssh access [8]. Instead of having user’s ssh keys stored on servers each user has to connect to a SSO server to obtain a temporary key before connecting, so revoking an account is easy.

Related posts:

  1. Links January 2020 C is Not a Low Level Language [1] is an...
  2. Links March 2020 Rolling Stone has an insightful article about why the Christian...
  3. Links June 2020 Bruce Schneier wrote an informative post about Zoom security problems...

Norbert Preining: KDE/Plasma Status Update 2020-07-30

Wednesday 29th of July 2020 11:03:25 PM

Only a short update on the current status of my KDE/Plasma package for Debian sid and testing:

  • Frameworks 5.72
  • Plasma 5.19.4
  • Apps 20.04.3
  • Digikam 7.0.0
  • Ark CVE-2020-16116 fixed in version 20.04.3-1~np2

Hope that helps a few people. See this post for how to setup archives.

Enjoy.

Dima Kogan: An awk corner case?

Wednesday 29th of July 2020 10:45:00 PM

So even after years and years of experience, core tools still find ways to surprise me. Today I tried to do some timestamp comparisons with mawk (vnl-filter, to be more precise), and ran into a detail of the language that made it not work. Not a bug, I guess, since both mawk and gawk are affected. I'll claim "language design flaw", however.

Let's say I'm processing data with unix timestamps in it (seconds since the epoch). gawk and recent versions of mawk have strftime() for that:

$ date Wed Jul 29 15:31:13 PDT 2020 $ date +"%s" 1596061880 $ date +"%s" | mawk '{print strftime("%H",$1)}' 15

And let's say I want to do something conditional on them. I want only data after 9:00 each day:

$ date +"%s" | mawk 'strftime("%H",$1) >= 9 {print "Yep. After 9:00"}'

That's right. No output. But it is 15:31 now, and I confirmed above that strftime() reports the right time, so it should know that it's after 9:00, but it doesn't. What gives?

As we know, awk (and perl after it) treat numbers and strings containing numbers similarly: 5+5 and ="5"+5= both work the same, which is really convenient. This can only work if it can be inferred from context whether we want a number or a string; it knows that addition takes two numbers, so it knows to convert ="5"= into a number in the example above.

But what if an operator is ambiguous? Then it picks a meaning based on some internal logic that I don't want to be familiar with. And apparently awk implements string comparisons with the same < and > operators, as numerical comparisons, creating the ambiguity I hit today. strftime returns strings, and you get silent, incorrect behavior that then demands debugging. How to fix? By telling awk to treat the output of strftime() as a number:

$ date +"%s" | mawk '0+strftime("%H",$1) >= 9 {print "Yep. After 9:00"}' Yep. After 9:00

With the benefit of hindsight, they really should not have reused any operators for both number and string operations. Then these ambiguities wouldn't occur, and people wouldn't be grumbling into their blogs decades after these decisions were made.

Enrico Zini: Building and packaging a sysroot

Wednesday 29th of July 2020 08:15:15 AM

This is part of a series of posts on compiling a custom version of Qt5 in order to develop for both amd64 and a Raspberry Pi.

After having had some success with a sysroot in having a Qt5 cross-build environment that includes QtWebEngine, the next step is packaging the sysroot so it can be available both to build the cross-build environment, and to do cross-development with it.

The result is this Debian source package which takes a Raspberry Pi OS disk image, provisions it in-place, extracts its contents, and packages them.

Yes. You may want to reread the last paragraph.

It works directly in the disk image to avoid a nasty filesystem issue on emulated 32bit Linux over a 64bit mounted filesystem.

This feels like the most surreal Debian package I've ever created, and this saga looks like one of the hairiest yaks I've ever shaved.

Integrating this monster codebase, full of bundled code and hacks, into a streamlined production and deployment system has been for me a full stack nightmare, and I have a renewed and growing respect for the people in the Qt/KDE team in Debian, who manage to stay on top of this mess, so that it all just works when we need it.

Dirk Eddelbuettel: Installing and Running Ubuntu on a 2015-ish MacBook Air

Wednesday 29th of July 2020 01:52:00 AM

So a few months ago kiddo one dropped an apparently fairly large cup of coffee onto her one and only trusted computer. With a few months (then) to graduation (which by now happened), and with the apparent “genuis bar” verdict of “it’s a goner” a new one was ordered. As it turns out this supposedly dead one coped well enough with the coffee so that after a few weeks of drying it booted again. But give the newer one, its apparent age and whatnot, it was deemed surplus. So I poked around a little on the interwebs and conclude that yes, this could work.

Fast forward a few months and I finally got hold of it, and had some time to play with it. First, a bootable usbstick was prepared, and the machine’s content was really (really, and check again: really) no longer needed, I got hold of it for good.

tl;dr It works just fine. It is a little heavier than I thought (and isn’t “air” supposed to be weightless?) The ergonomics seem quite nice. The keyboard is decent. Screen-resolution on this pre-retina simple Air is so-so at 1440 pixels. But battery live seems ok and e.g. the camera is way better than what I have in my trusted Lenovo X1 or at my desktop. So just as a zoom client it may make a lot of sense; otherwise just walking around with it as a quick portable machine seems perfect (especially as my Lenovo X1 still (ahem) suffers from one broken key I really need to fix…).

Below are some lightly edited notes from the installation. Initial steps were quick: maybe an hour or less? Customizing a machine takes longer than I remembered, this took a few minutes here and there quite a few times, but always incremental.

Initial Steps
  • Download of Ubuntu 20.04 LTS image: took a few moments, even on broadband, feels slower than normal (fast!) Ubuntu package updates, maybe lesser CDN or bad luck

  • Startup Disk Creator using a so-far unused 8gb usb drive

  • Plug into USB, recycle power, press “Option” on macOS keyboard: voila

  • After a quick hunch… no to ‘live/test only’ and yes to install, whole disk

  • install easy, very few questions, somehow skips wifi

  • so activate wifi manually — and everythings pretty much works

Customization
  • First deal with ‘fn’ and ‘ctrl’ key swap. Install git and followed this github repo which worked just fine. Yay. First (manual) Linux kernel module build needed need in … half a decade? Longer?

  • Fire up firefox, go to ‘download chrome’, install chrome. Sign in. Turn on syncing. Sign into Pushbullet and Momentum.

  • syncthing which is excellent. Initially via apt, later from their PPA. Spend some time remembering how to set up the mutual handshakes between devices. Now syncing desktop/server, lenovo x1 laptop, android phone and this new laptop

  • keepassx via apt and set up using Sync/ folder. Now all (encrypted) passwords synced.

  • Discovered synergy now longer really free, so after a quick search found and installed barrier (via apt) to have one keyboard/mouse from desktop reach laptop.

  • Added emacs via apt, so far ‘empty’, so config files yet

  • Added ssh via apt, need to propagate keys to github and gitlab

  • Added R via add-apt-repository --yes "ppa:marutter/rrutter4.0" and add-apt-repository --yes "ppa:c2d4u.team/c2d4u4.0+". Added littler and then RStudio

  • Added wajig (apt frontend) and byobu, both via apt

  • Created ssh key, shipped it to server and github + gitlab

  • Cloned (not-public) ‘dotfiles’ repo and linked some dotfiles in

  • Cloned git repo for nord-theme for gnome terminal and installed it; also added it to RStudio via this repo

  • Emacs installed, activated dotfiles, then incrementally install a few elpa-* packages and a few M-x package-install including nord-theme, of course

  • Installed JetBrains Mono font from my own local package; activated for Gnome Terminal and Emacs

  • Install gnome-tweak-tool via apt, adjusted a few settings

  • Ran gsettings set org.gnome.desktop.wm.preferences focus-mode 'sloppy'

  • Set up camera following this useful GH repo

  • At some point also added slack and zoom, because, well, it is 2020

  • STILL TODO:

    • docker
    • bother with email setup?,
    • maybe atom/code/…?

Chris Lamb: Pop culture matters

Tuesday 28th of July 2020 11:02:36 PM

Many people labour under the assumption that pop culture is trivial and useless while only 'high' art can grant us genuine and eternal knowledge about the world. Given that we have a finite time on this planet, we are all permitted to enjoy pop culture up to a certain point, but we should always minimise our interaction with it, and consume more moral and intellectual instruction wherever possible.

Or so the theory goes. What these people do not realise is that pop and mass culture can often provide more information about the world, humanity in general and — what is even more important — ourselves.

This is not quite the debate around whether high art is artistically better, simply that pop culture can be equally informative. Jeremy Bentham argued in the 1820s that "prejudice apart, the game of push-pin is of equal value with the arts and sciences of music and poetry", that it didn't matter where our pleasures come from. (John Stuart Mill, Bentham's intellectual rival, disagreed.) This fundamental question of philosophical utilitarianism will not be resolved here.

However, what might begin to be resolved is our instinctive push-back against pop culture. We all share an automatic impulse to disregard things we do not like and to pretend they do not exist, but this wishful thinking does not mean that these cultural products do not continue to exist when we aren't thinking about them and, more to our point, continue to influence others and even ourselves.


"There's a direct tie between millennial fondness for the markers of childhood nostalgia and their restricted access to the markers of 'adulthood'."

Take, for example, the recent trend for 'millennial pink'. With its empty consumerism, faux nostalgia, reductive generational stereotyping, objectively ugly æsthetics and tedious misogyny (photographed with Rose Gold iPhones), the very combination appears to have been deliberately designed to annoy me, curiously providing circumstantial evidence in favour of intelligent design. But if I were to immediately dismiss millennial pink and any of the other countless cultural trends I dislike simply because I find them disagreeable, I would be willingly keeping myself blind to their underlying ideology, their significance and their effect on society at large. If I had any ethical or political reservations I might choose not to engage with them economically or to avoid advertising them to others, but that is a different question altogether.

Even if we can't notice this pattern within ourselves we can first observe it in others. We can all recall moments where someone has brushed off a casual reference to pop culture, be it Tiger King, TikTok, team sports or Taylor Swift; if you can't, simply look for the abrupt change of tone and the slightly-too-quick dismissal. I am not suggesting you attempt to dissuade others or even to point out this mental tic, but merely seeing it in action can be highly illustrative in its own way.

In summary, we can simultaneously say that pop culture is not worthy of our time relative to other pursuits while consuming however much of it we want, but deliberately dismissing pop culture doesn't mean that a lot of other people are not interacting with it and is therefore undeserving of any inquiry. And if that doesn't convince you, just like the once-unavoidable millennial pink, simply sticking our collective heads in the sand will not mean that wider societal-level ugliness is going to disappear anytime soon.

Anyway, that's a very long way of justifying why I plan to re-watch TNG.

Dirk Eddelbuettel: ttdo 0.0.6: Bugfix

Tuesday 28th of July 2020 10:36:00 PM

A bugfix release of our (still small) ttdo package arrived on CRAN overnight. As introduced last fall, the ttdo package extends the most excellent (and very minimal / zero depends) unit testing package tinytest by Mark van der Loo with the very clever and well-done diffobj package by Brodie Gaslam to give us test results with visual diffs:

This release corrects a minor editing error spotted by the ever-vigilant John Blischak.

The NEWS entry follow.

Changes in ttdo version 0.0.6 (2020-07-27)
  • Correct a minor editing mistake spotted by John Blischak.

CRANberries provides the usual summary of changes to the previous version. Please use the GitHub repo and its issues for any questions.

If you like this or other open-source work I do, you can now sponsor me at GitHub. For the first year, GitHub will match your contributions.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Jonathan Carter: Free Software Activities for 2020-06

Tuesday 28th of July 2020 06:15:46 PM

Hmm, this is the latest I’ve posted my monthly updates yet (nearly by a month!). June was both crazy on the incoming side, and at the same time I just wasn’t that productive (at least since then I caught up a lot). In theory, lockdown means that I spend less time in traffic, in shops or with friends and have more time to do stuff, in practice I go to bed later and later and waste more time watching tv shows and playing mobile games. A cycle that I have at least broken free from since June.

Debian Package Uploads

2020-06-04: Upload package btfs (2.21-1) to Debian unstable.

2020-06-04: Upload package gnome-shell-extension-disconnect-wifi (24-1) to Debian unstable.

2020-06-18: Sponsor package gamemode (1.5.1-5) for Debian unstable (Games team request).

2020-06-21: Upload package calamares (3.2.26-1) to Debian unstable.

2020-06-21: Upload package s-tui (1.0.1-1) to Debian unstable.

2020-06-29: Sponsor package libinih (48-1~bpo10+1) for Debian buster-backports.

2020-06-30: Upload packge calamares (3.2.26-1~bpo10+1) to Debian buster-backports.

2020-06-30: Upload package toot (0.27.0-1) to Debian unstable.

2020-06-30: Upload package calamares (3.2.26.1-1) to Debian unstable.

Steve Kemp: I'm a bit of a git (hacker?)

Tuesday 28th of July 2020 05:45:29 PM

Sometimes I enjoy reading the source code to projects I like, use, or am about to install for the first time. This was something I used to do on a very regular basis, looking for security issues to report. Nowadays I don't have so much free time, but I still like to inspect the source code to new applications I install, and every now and again I'll find the time to look at the source to random projects.

Reading code is good. Reading code is educational.

One application I've looked at multiple times is redis, which is a great example of clean and well-written code. That said when reading the redis codebase I couldn't help noticing that there were a reasonably large number of typos/spelling mistakes in the comments, so I submitted a pull-request:

Sadly that particular pull-request didn't receive too much attention, although a previous one updating the configuration file was accepted. I was recently reminded of these pull-requests when I was when I was doing some other work. So I figured I'd have a quick scan of a couple of other utilities.

In the past I'd just note spelling mistakes when I came across them, usually I'd be opening each file in a project one by one and reading them from top to bottom. (Sometimes I'd just open files in emacs and run "M-x ispell-comments-and-strings", but more often I'd just notice them with my eyes). It did strike me that if I were to do this in a more serious fashion it would be good to automate it.

So this time round I hacked up a simple "dump comments" utility, which would scan named files and output the contents of any comments (be they single-line, or multi-line). Once I'd done that I could spell-check easily:

$ go run dump-comments.go *.c > comments $ aspell -c comments

Anyway the upshot of that was a pull-request against git:

We'll see if that makes its way live sometime. In case I get interested in doing this again I've updated my sysbox-utility collection to have a comments sub-command. That's a little more robust and reliable than my previous hack:

$ sysbox comments -pretty=true $(find . -name '*.c') .. ..

The comments sub-command has support for:

  • Single-line comments, for C, as prefixed with //.
  • Multi-line comments, for C++, as between /* and */.
  • Single-line comments, for shell, as prefixed with #.
  • Lua comments, both single-line (prefixed with --) and multiline between --[[ and --]].

Adding new support would be trivial, I just need a start and end pattern to search against. Pull-requests welcome:

Russ Allbery: Review: The City in the Middle of the Night

Tuesday 28th of July 2020 03:49:00 AM

Review: The City in the Middle of the Night, by Charlie Jane Anders

Publisher: Tor Copyright: February 2019 Printing: February 2020 ISBN: 1-4668-7113-X Format: Kindle Pages: 366

January is a tidally-locked planet divided between permanent night and permanent day, an unfortunate destination for a colony starship. Now, humans cling to a precarious existence along the terminator, huddling in two wildly different cities and a handful of smaller settlements, connected by a road through the treacherous cold.

The novel opens with Sophie, a shy university student from the dark side of the city of Xiosphant. She has an overwhelming crush on Bianca, her high-class, self-confident roommate and one of the few people in her life to have ever treated her with compassion and attention. That crush, and her almost non-existent self-esteem, lead her to take the blame for Bianca's petty theft, resulting in what should have been a death sentence. Sophie survives only because she makes first contact with a native intelligent species of January, one that the humans have been hunting for food and sport.

Sadly, I think this is enough Anders for me. I've now bounced off two of her novels, both for structural reasons that I think go deeper than execution and indicate a fundamental mismatch between what Anders wants to do as an author and what I'm looking for as a reader.

I'll talk more about what this book is doing in a moment, but I have to start with Bianca and Sophie. It's difficult for me to express how much I loathed this relationship and how little I wanted to read about it. It took me about five pages to peg Bianca as a malignant narcissist and Sophie's all-consuming crush as dangerous codependency. It took the entire book for Sophie to figure out how awful Bianca is to her, during which Bianca goes through the entire abusive partner playbook of gaslighting, trivializing, contingent affection, jealous rage, and controlling behavior. And meanwhile Sophie goes back to her again, and again, and again, and again. If I hadn't been reading this book on a Kindle, I think it would have physically hit a wall after their conversation in the junkyard.

This is truly a matter of personal taste and preference. This is not an unrealistic relationship; this dynamic happens in life all too often. I'm sure there is someone for whom reading about Sophie's spectacularly poor choices is affirming or cathartic. I've not personally experienced this sort of relationship, which doubtless matters.

But having empathy for someone who is making awful and self-destructive life decisions and trusting someone they should not be trusting and who is awful to them in every way is difficult work. Sophie is the victim of Bianca's abuse, but she does so many stupid and ill-conceived things in support of this twisted relationship that I found it very difficult to not get angry at her. Meanwhile, Anders writes Sophie as so clearly fragile and uncertain and devoid of a support network that getting angry at her is like kicking a puppy. The result for me was spending nearly an entire book in a deeply unpleasant state of emotional dissonance. I may be willing to go through that for a close friend, but in a work of fiction it's draining and awful and entirely not fun.

The other viewpoint character had the opposite problem for me. Mouth starts the book as a traveling smuggler, the sole survivor of a group of religious travelers called the Citizens. She's practical, tough, and guarded. Beneath that, I think the intent was to show her as struggling to come to terms with the loss of her family and faith community. Her first goal in the book is to recover a recording of Citizen sacred scripture to preserve it and to reconnect with her past.

This sounds interesting on the surface, but none of it gelled. Mouth never felt to me like someone from a faith community. She doesn't act on Citizen beliefs to any meaningful extent, she rarely talks about them, and when she does, her attitude is nostalgia without spirituality. When Mouth isn't pursuing goals that turn out to be meaningless, she aimlessly meanders through the story. Sophie at least has agency and makes some important and meaningful decisions. Mouth is just there, even when Anders does shattering things to her understanding of her past.

Between Sophie and Bianca putting my shoulders up around my ears within the first few pages of the first chapter and failing to muster any enthusiasm for Mouth, I said the eight deadly words ("I don't care what happens to these people") about a hundred pages in and the book never recovered.

There are parts of the world-building I did enjoy. The alien species that Sophie bonds with is not stunningly original, but it's a good (and detailed) take on one of the alternate cognitive and social models that science fiction has dreamed up. I was comparing the strangeness and dislocation unfavorably to China Miéville's Embassytown while I was reading it, but in retrospect Anders's treatment is more decolonialized. Xiosphant's turn to Circadianism as their manifestation of order is a nicely understated touch, a believable political overreaction to the lack of a day/night cycle. That touch is significantly enhanced by Sophie's time working in a salon whose business model is to help Xiosphant residents temporarily forget about time. And what glimmers we got of politics on the colony ship and their echoing influence on social and political structures were intriguing.

Even with the world-building, though, I want the author to be interested in and willing to expand the same bits of world-building that I'm engaged with. Anders didn't seem to be. The reader gets two contrasting cities along a road, one authoritarian and one libertine, which makes concrete a metaphor for single-axis political classification. But then Anders does almost nothing with that setup; it's just the backdrop of petty warlord politics, and none of the political activism of Bianca's student group seems to have relevance or theoretical depth. It's a similar shallowness as the religion of Mouth's Citizens: We get a few fragments of culture and religion, but without narrative exploration and without engagement from any of the characters. The way the crew of the Mothership was assembled seems to have led to a factional and racial caste system based on city of origin and technical expertise, but I couldn't tell you more than that because few of the characters seem to care. And so on.

In short, the world-building that I wanted to add up to a coherent universe that was meaningful to the characters and to the plot seemed to be little more than window-dressing. Anders tosses in neat ideas, but they don't add up to anything. They're just background scenery for Bianca and Sophie's drama.

The one thing that The City in the Middle of the Night does well is Sophie's nervous but excited embrace of the unknown. It was delightful to see the places where a typical protagonist would have to overcome a horror reaction or talk themselves through tradeoffs and where Sophie's reaction was instead "yes, of course, let's try." It provided an emotional strength to an extended first-contact exploration scene that made it liberating and heart-warming without losing the alienness. During that part of the book (in which, not coincidentally, Bianca does not appear), I was able to let my guard down and like Sophie for the first time, and I suspect that was intentional on Anders's part.

But, overall, I think the conflict between Anders's story-telling approach and my preferences as a reader are mostly irreconcilable. She likes to write about people who make bad decisions and compound their own problems. In one of the chapters of her non-fiction book about writing that's being serialized on Tor.com she says "when we watch someone do something unforgivable, we're primed to root for them as they search desperately for an impossible forgiveness." This is absolutely not true for me; when I watch a character do something unforgivable, I want to see repudiation from the protagonists and ideally some clear consequences. When that doesn't happen, I want to stop reading about them and find something more enjoyable to do with my time. I certainly don't want to watch a viewpoint character insist that the person who is doing unforgivable things is the center of her life.

If your preferences on character and story arc are closer to Anders's than mine, you may like this book. Certainly lots of people did; it was nominated for multiple awards and won the Locus Award for Best Science Fiction Novel. But despite the things it did well, I had a truly miserable time reading it and am not anxious to repeat the experience.

Rating: 4 out of 10

More in Tux Machines

today's howtos

IBM/Red Hat/Fedora Leftovers

  • The modern developer experience

    We hear from many clients that developer productivity and efficiency continue to be pain points. Cloud adoption can help normalize developer experiences across application stacks and runtimes. The path and steps for your developers to push code should be clear, simple, and easy to implement, even on Day 1. The modern developer experience provides a unified and normalized practice with modern tools. Developers thrive in the inner loop where unit tests and code come together, and in a penalty-free runtime execution environment where no one gets hurt, no processes take down precious workloads, and no one knows that it took 20 minutes to resolve that pesky runtime error. The inner loop occurs in a developer workspace that is easy to set up, manage, prepare, maintain, and, more importantly, easy to allocate. If a new developer is added to your squad, they can have all of the mechanical things they need to push code changes into the pipeline on their first day. An important part of the modern developer experience is expressed as Red Hat CodeReady Workspaces, which provides a set of constructs to provision a developer workspace in the cloud where they can perform their inner loop. A save action to a workspace file initiates an inner loop build in their local workspace, and an endpoint for the developer to see their changes quickly.

  • Call for Code Daily: Grillo, and how your code can help

    The power of Call for Code® is in the global community that we have built around this major #TechforGood initiative. Whether it is the deployments that are underway across pivotal projects, developers leveraging the starter kits in the cloud, or ecosystem partners joining the fight, everyone has a story to tell. Call for Code Daily highlights all the amazing #TechforGood stories taking place around the world. Every day, you can count on us to share these stories with you. Check out the stories from the week of August 10th:

  • Culture of Innovation and Collaboration: Hybrid Cloud, Privacy in AI and Data Caching

    Red Hat is continually innovating and part of that innovation includes researching and striving to solve the problems our customers face. That innovation is driven through the Office of the CTO and includes OpenShift, OpenShift Container Storage and use cases such as the hybrid cloud, privacy concerns in AI, and data caching. We recently interviewed Hugh Brock, research director for the office of the CTO, here at Red Hat about these very topics.

  • Fedora program update: 2020-33

    Here’s your report of what has happened in Fedora this week. Fedora 33 has branched from Rawhide. Please update the Release Readiness page with your team’s status. I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

  • Fedora Magazine: Come test a new release of pipenv, the Python development tool

    Pipenv is a tool that helps Python developers maintain isolated virtual environments with specifacally defined set of dependencies to achieve reproducible development and deployment environments. It is similar to tools for different programming languages, such as bundler, composer, npm, cargo, yarn, etc. A new version of pipenv, 2020.6.2, has been recently released. It is now available in Fedora 33 and rawhide. For older Fedoras, the maintainers decided to package it in COPR to be tested first. So come try it out, before they push it into stable Fedora versions. The new version doesn’t bring any fancy new features, but after two years of development it fixes a lot of problems and does many things differently under the hood. What worked for you previously should continue to work, but might behave slightly differently.

  • Introduction to cloud-native CI/CD with Tekton (KubeCon Europe 2020)

    If you’re interested in cloud-native CI/CD and Tekton but haven’t had a chance to get hands-on with the technology yet, the KubeCon Europe Virtual event provides an opportunity to do that. Tekton is a powerful and flexible open source framework for creating cloud-native CI/CD pipelines. It integrates with Kubernetes and allows developers to build, test, and deploy across multiple cloud providers and on-premises clusters as shown in Figure 1.

  • Introduction to Strimzi: Apache Kafka on Kubernetes (KubeCon Europe 2020)

    Apache Kafka has emerged as the leading platform for building real-time data pipelines. Born as a messaging system, mainly for the publish/subscribe pattern, Kafka has established itself as a data-streaming platform for processing data in real-time. Today, Kafka is also heavily used for developing event-driven applications, enabling the services in your infrastructure to communicate with each other through events using Apache Kafka as the backbone. Meanwhile, cloud-native application development is gathering more traction thanks to Kubernetes. Thanks to the abstraction layer provided by this platform, it’s easy to move your applications from running on bare metal to any cloud provider (AWS, Azure, GCP, IBM, and so on) enabling hybrid-cloud scenarios as well. But how do you move your Apache Kafka workloads to the cloud? It’s possible, but it’s not simple. You could learn all of the Apache Kafka tools for handling a cluster well enough to move your Kafka workloads to Kubernetes, or you could leverage the Kubernetes knowledge you already have using Strimzi.

  • OpenShift for Kubernetes developers: Getting started

    If you are familiar with containers and Kubernetes, you have likely heard of the enterprise features that Red Hat OpenShift brings to this platform. In this article, I introduce developers familiar with Kubernetes to OpenShift’s command-line features and native extension API resources, including build configurations, deployment configurations, and image streams.

  • Man-DB Brings Documentation to IBM i

    IBM i developers who have a question about how a particular command or feature works in open source packages now have an easy way to look up documentations, thanks to the addition of support for the Man-DB utility in IBM i, which IBM unveiled in late July. Man-DB is an open source implementation of the standard Unix documentation system. It provides a mechanism for easily accessing the documentation that exists for open source packages, such as the Node.js language, or even for commands, like Curl. The software, which can be installed via YUM, only works with open source software on IBM i at the moment; it doesn’t support native programs or commands.

  • Making open decisions in five steps

    The group's leader made a decision, and everyone else accepted it. The leader may have been a manager, a team lead, or the alpha in a social group. Was that decision the best one for the group? Did it take all relevant factors into account? It didn’t really matter, because people didn’t want to buck authority and face the ramifications. But this behavior was typical of life in hierarchical systems.

  • 7 tips for giving and receiving better feedback

Wine 5.15 and Beyond

  • Wine Announcement
    The Wine development release 5.15 is now available.
    
    
    
    
    What's new in this release (see below for details):
      - Initial implementation of the XACT Engine libraries.
      - Beginnings of a math library in MSVCRT based on Musl.
      - Still more restructuration of the console support.
      - Direct Input performance improvements.
      - Exception handling fixes on x86-64.
      - Various bug fixes.
    
    
    
    
    The source is available from the following locations:
    
    
    
    
      https://dl.winehq.org/wine/source/5.x/wine-5.15.tar.xz
      http://mirrors.ibiblio.org/wine/source/5.x/wine-5.15.tar.xz
    
    
    
    
    Binary packages for various distributions will be available from:
    
    
    
    
      https://www.winehq.org/download
    
    
    
    
    You will find documentation on https://www.winehq.org/documentation
    
    
    
    
    You can also get the current source directly from the git
    repository. Check https://www.winehq.org/git for details.
    
    
    
    
    Wine is available thanks to the work of many people. See the file
    AUTHORS in the distribution for the complete list.
    
  • Wine 5.15 Release Brings Initial Work On XACT Engine Libraries

    Wine 5.15 is out as the latest bi-weekly development snapshot for this program allowing Windows games/applications to generally run quite gracefully on Linux and other platforms. 

  •        
  • Wine Developer Begins Experimenting With macOS ARM64 Support

    Over the months ahead with Apple preparing future desktops/laptops with their in-house Apple silicon built on the ARM 64-bit architecture, Wine developers are beginning to eye how to support these future 64-bit ARM systems with macOS Big Sur.  Wine developer Martin Storsjo has been experimenting with the macOS + ARM64 support and has got the code along far enough that "small test executables" can run on the patched copy of Wine. 

Wandboard IMX8M-Plus SBC debuts AI-enabled i.MX8M Plus

echNexion’s “Wandboard IMX8M-Plus” SBC runs Linux or Android on NXP’s new i.MX8M Plus with 2.3-TOPS NPU. Pre-orders go for $134 with 2GB RAM or $159 with 4GB and WiFi/BT, both with 32GB and M.2 with NVMe. In January, NXP announced its i.MX8M Plus — its first i.MX8 SoC with an NPU for AI acceleration — but so far the only product we’ve seen based on it is a briefly teased Verdin iMX8M Plus module from Toradex. Now, TechNexion has opened pre-orders for a Wandboard IMX8M-Plus SBC based on a SODIMM-style “EDM SOM” module equipped with the i.MX8M Plus. Read more