Feeds

Justin Mason: Links for 2017-08-17

Planet Apache - Thu, 2017-08-17 19:58
  • NASA’s Sound Suppression Water System

    If you’ve ever watched a rocket launch, you’ve probably noticed the billowing clouds around the launch pad during lift-off. What you’re seeing is not actually the rocket’s exhaust but the result of a launch pad and vehicle protection system known in NASA parlance as the Sound Suppression Water System. Exhaust gases from a rocket typically exit at a pressure higher than the ambient atmosphere, which generates shock waves and lots of turbulent mixing between the exhaust and the air. Put differently, launch ignition is incredibly loud, loud enough to cause structural damage to the launchpad and, via reflection, the vehicle and its contents. To mitigate this problem, launch operators use a massive water injection system that pours about 3.5 times as much water as rocket propellant per second. This significantly reduces the noise levels on the launchpad and vehicle and also helps protect the infrastructure from heat damage.

    (tags: water rockets launch nasa space sound-suppression sound science)

  • The White Lies of Craft Culture – Eater

    Besides field laborers, [Southern US] planter and urban communities both depended on proficient carpenters, blacksmiths, gardeners, stable hands, seamstresses, and cooks; the America of the 1700s and 1800s was literally crafted by people of color. Part of this hidden history includes the revelation that six slaves were critical to the operation of George Washington’s distillery, and that the eponymous Jack Daniel learned to make whiskey from an enslaved black man named Nathan “Nearest” Green. As Clay Risen reported for the New York Times last year, contrary to the predominant narrative that views whiskey as an ever “lily-white affair,” black men were the minds and hands behind American whiskey production. “In the same way that white cookbook authors often appropriated recipes from their black cooks, white distillery owners took credit for the whiskey,” he writes. Described as “the best whiskey maker that I know of” by his master, Dan Call, Green taught young Jack Daniel how to run a whiskey still. When Daniel later opened his own distillery, he hired two of Green’s sons. The popular image of moonshine is a product of the white cultural monopoly on all things ‘country’ Over time, that legacy was forgotten, creating a gap in knowledge about American distilling traditions — while English, German, Scottish, and Irish influences exist, that combination alone cannot explain the entirely of American distilling. As bourbon historian Michael Veach suggests, slave culture pieces together an otherwise puzzling intellectual history.

    (tags: history craft-beer craft-culture food drink whiskey distilling black-history jack-daniels nathan-nearest-green)

  • Meet the Espresso Tonic, Iced Coffee’s Bubbly New Cousin

    Bit late on this one but YUM

    To make the drink, Box Kite baristas simply load a glass with ice, fill it about three quarters of the way with chilled tonic, and then top it off with an espresso shot — typically from roasters like Madcap (MI) and Ritual (SF). Often, baristas pull the espresso shot directly on top of the tonic and ice mixture, forgoing the process of first pulling it into a cup and then pouring the espresso from cup to glass.

    (tags: tonic-water recipes espresso coffee drinks cocktails)

Categories: FLOSS Project Planets

Sean Whitton: DebCamp/DebConf17: reports on sprints and BoFs

Planet Debian - Thu, 2017-08-17 18:21

In addition to my personal reflections on DebCamp/DebConf17, here is a brief summary of the activities that I had a hand in co-ordinating.

I won’t discuss here many other small items of work and valuable conversations that I had during the two weeks; hopefully the fruits of these will show themselves in my uploads to the archive over the next year.

Debian Policy sprint & BoF
  • released version 4.0.1.0 of the Policy Manual

  • figured out documenting reproducibility in policy. Formulating the wording turned out to be easier than I had expected

  • approx. ten years after they were first published, incorporated marga’s maintscript flowcharts into policy proper

  • converted policy from docbook to rST built with the Sphinx toolchain. Many, many thanks to Hideki Yamane and David Bremner for helping Russ and I get this merged to our master branch

  • triage of every single bug against policy, and mass closure of inactive bugs, bringing the total down from more than 200 to around 125

  • conversations with Technical Committee members about how the two teams can help each other’s work (mainly us helping them to help us!)

  • conversations about how we handle disagreement and plans to streamline our overly complex BTS usertags (watch this space)

  • very useful input from policy consumers about how the upgrading checklist is formatted, and how we can recruit more people to get patches written

Debian Emacs Team meeting/sprint
  • plans to finally drop our emacsXY binary packages, and just have a single version of Emacs in the archive, so that we no longer have to deal with bugs due to someone still having emacs21 installed (David’s idea; Rob’s implementation; Sean’s mostly-helpful comments)

  • other plans to simplify and otherwise improve the Debian Emacsen policy

  • finally finished off the work needed to RM emacs24—nine months later—including a lot of NMUs

  • mentoring a junior team member

Unfortunately we didn’t make any significant progress towards converting all addons to use dh_elpa, as the work is not that much fun. Might be worth a more focused sprint next year.

Report on team website

Git for Debian packaging BoF & follow-up conversations

The BoF was far more about dgit than I had wanted; however, I think that this was mostly because people had questions about dgit, rather than any unintended lecturing by me.

I believe that several people came away from DebConf thinking that starting to use dgit would improve Debian for themselves and for users of their packages.

Categories: FLOSS Project Planets

Plasma 5.11 Wallpaper

Planet KDE - Thu, 2017-08-17 18:14

Well, it’s that time of the year again where I talk about wallpapers!

For those who watched the livestream of the beach wallpaper, you’ll notice this isn’t what I had been working on. Truth be told after the stream I hit a few artistic blocks which brought progress to a grinding halt. I plan to finish that wallpaper, but for this release I created something entirely different while I decide what to do with it. I enjoyed this “wireframe” effect, and will probably experiment with it again.

This wallpaper is named “Opal”, specifically after wood opal resulting from when water carrying mineral deposits will petrify wood it runs across. Wood opal is pretty special stuff, and often it can often look straight out of a fairy tale.

The Plasma 5.11 wallpaper “Opal” is available on the KDE Store.


Categories: FLOSS Project Planets

Sean Whitton: I went all the way to Montréal for DebConf17, and all I got was a new MUA

Planet Debian - Thu, 2017-08-17 17:50
This year’s group photo (by Aigars Mahinovs). I really like the tagline

On Sunday night I got back from Montréal, where I attended both DebCamp17 and DebConf17. It was a wonderful two weeks. All I really did was work on Debian for roughly eight hours per day, interspersed with getting to know both people I’ve been working with since I first began contributing to Debian in late 2015, and people I didn’t yet know. But this was all I really needed to be doing. There was no need to engage in distracting myself.

I enjoyed the first week more. There were sufficiently few people present that you could know at least all of their faces, and interesting-sounding talks didn’t interrupt making progress on one’s own work or unblocking other people’s work. In the second week it was great to meet people who were only present for the second week, but it felt more like regular Debian, in that I was often waiting on other people or they were waiting on me.

While I spent one morning actually writing fresh code, and I did a fair amount of pure packaging work, the majority of my time was poured into (i) Debian Policy; (ii) discussions within the Emacs team; and (iii) discussions about dgit. This was as I expected. During DebConf, it’s not that useful to seclude oneself and sufficiently reacquaint oneself with a codebase that one can start producing patches, because that can be done anywhere in the world, without everyone else around. It’s far more useful to bring different people together to get projects unblocked. I did some of that for my own work, and also tried to help other people’s, including those who weren’t able to attend the conference.

In my ordinary life, taking a step back from the methods by which I protect my PGP keys and other personal data, I can appear to myself as a paranoid extremist, or some kind of data hoarder. It was comforting to find at DebConf plenty of people who go way further than me: multiple user accounts on their laptop, with separate X servers, for tasks of different security levels; PGP keys on smartcards; refusal to sign my PGP key based on government-issued ID alone; use of Qubes OS. One thing that did surprise me was to find myself in a minority for using the GNOME desktop; I had previously assumed that most people deep in Debian development didn’t bother with tiling window managers. Turns out they are enthusiastic to talk about the trade-offs between window managers while riding the subway train back to our accommodation at midnight—who knew such people existed? I was pleased to find them. One evening, I received a tag-teamed live tutorial in using i3’s core keybindings, and the next morning GNOME seemed deeply inelegant. The insinuation began, but I was immediately embroiled in inner struggle over the fact that i3 is a very popular tiling window manager, so it wouldn’t be very cool if I were to start using it. This difficulty was compounded when I learned that the Haskell team lead still uses xmonad. The struggle continues.

I hope that I’ve been influenced by the highly non-judgemental and tolerant attitudes of the attendees of the conference. While most people at the conference were pretty ordinary—aside from wanting to talk about the details of Debian packaging and processes!—there were several people who rather visibly rejected social norms about how to present themselves. Around these people there was nothing of the usual tension. Further, in contrast with my environment as a graduate student, everyone was extremely relaxed about how everyone was spending their time. People drinking beer in the evenings were sitting at tables where other people were continuing to silently work on Debian. It is nice to have my experience in Montréal as a reference to check my own judgemental tendencies.

I came away with a lot more than a new MUA: a certainty that I want to try to get to next year’s conference; friends; a real life community behind what was hitherto mostly a hobby; a long list of tasks and the belief that I can accomplish them; a list of PGP fingerprints to sign; a new perspective on the arguments that occur on Debian mailing lists; an awareness of the risk of unconsciously manipulating other community members into getting work done.

With regard to the MUA, I should say that I did not waste a lot of DebConf time messing with its configuration. I had actually worked out a notmuch configuration some months ago, but couldn’t use it because I couldn’t figure out how to incorporate my old mail archives into its index. Fortunately notmuch’s maintainer is also on the Emacs team … he was able to confirm that the crazy solution I’d come up with was not likely to break notmuch’s operating assumptions, and so I was able to spend about half an hour copying and pasting the configuration and scripts I’d previously developed into my homedir, and then start using notmuch for the remainder of the conference. The main reason for wanting to use notmuch was to handle Debian mailing list volume more effectively than I’m able to with mutt, so I was very happy to have the opportunity to pester David with newbie questions.

Many, many thanks to all the volunteers whose efforts made DebCamp17 and DebConf17 possible.

Categories: FLOSS Project Planets

Reproducible builds folks: Reproducible Builds: Weekly report #120

Planet Debian - Thu, 2017-08-17 17:48

Here's what happened in the Reproducible Builds effort between Sunday 6th and Saturday 12th August 2017:

Notes about reviews of unreproducible packages

13 package reviews have been added, 7 have been updated and 34 have been removed in this week, adding to our knowledge about identified issues.

Packages reviewed and fixed, and reproducibility related bugs filed

Upstream packages:

Other bugs filed
  • During our reproducibility testing, Adrian Bunk filed 48 FTBFS bugs this week.
diffoscope development trydiffoscope development tests.reproducible-builds.org
  • Mattia:
    • Notify the#debian-reproducible-changes` IRC channel for unreproducible -> FTBFS transitions.
    • Update squid.conf for all nodes to 5.2.23 (and fixup some).
    • Enable the Munin Squid plugin on the Codethink arm64 nodes as well.
    • Force reconfiguration of Apache and Munin when update_jdn.sh is updated.
  • Holger worked on slides for his DebConf17 BoF about migrating to jenkins.debian.org, which affects tests.r-b.o as well.
Misc.

This week's edition was written by Chris Lamb & Holger Levsen & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Categories: FLOSS Project Planets

Promet Source: Configuration Split: Managing Drupal 8 Configuration for Different Environments

Planet Drupal - Thu, 2017-08-17 16:43
With the introduction of Drupal 8, the Drupal project introduced a bit of a paradigm shift for managing configuration for Drupal sites, moving toward encapsulating configuration separately from content, and providing a mechanism to manage configuration changes more effectively through Configuration Manager, which is a Drupal Core module.  Configuration Manager provides a mechanism for importing, exporting and synchronizing a site’s configuration components, which is great when you want to maintain a consistent configuration across different development environments.
Categories: FLOSS Project Planets

Julian Andres Klode: Why TUF does not shine (for APT repositories)

Planet Debian - Thu, 2017-08-17 15:49

In DebConf17 there was a talk about The Update Framework, short TUF. TUF claims to be a plug-in solution to software updates, but while it has the same practical level of security as apt, it also has the same shortcomings, including no way to effectively revoke keys.

TUF divides signing responsibilities into roles: A root role, a targets rule (signing stuff to download), a snapshots rule (signing meta data), and a time stamp rule (signing a time stamp file). There also is a mirror role for signing a list of mirrors, but we can ignore that for now. It strongly recommends that all keys except for timestamp and mirrors are kept offline, which is not applicable for APT repositories – Ubuntu updates the repository every 30 minutes, imagine doing that with offline keys. An insane proposal.

In APT repositories, we effectively only have a snapshots rule – the only thing we sign are Release files, and trust is then chained down by hashes (Release files hashes Packages index files, and they have hashes of individual packages). The keys used to sign repositories are online keys, after all, all the metadata files change every 30 minutes (Ubuntu) or 6 hours (Debian) – it’s impossible to sign them by hand. The timestamp role is replaced by a field in the Release file specifying until when the Release file is considered valid.

Let’s check the attacks TUF protects again:

  • Arbitrary installation attacks. – We protect against that with the outer signature and hashes
  • Endless data attacks. – Yes, we impose a limit on Release files (the sizes of other files are specified in there and this file is signed)
  • Extraneous dependencies attacks – That’s verified by the signed hashes of Packages files
  • Fast-forward attacks – same
  • Indefinite freeze attacks – APT has a Valid-Until field that can be used to specify a maximum life time of a release file
  • Malicious mirrors preventing updates. – Well, the user configures the mirror, so usually not applicable. if the user has multiple mirrors, APT deals with that fine
  • Mix-and-match attacks – Again, signed Release file and hashes of other files
  • Rollback attacks – We do not allow Date fields in Release files to go backwards
  • Slow retrieval attacks – TUF cannot protect against that either. APT has very high timeouts, and there is no reasonable answer to that.
  • Vulnerability to key compromises – For our purposes where we need all repository signing keys to be online, as we need to sign new releases and metadata fairly often, it does not make it less vulnerable to require a threshold of keys (APT allows repositories to specify concrete key ids they may be signed with though, that has the same effect)
  • Wrong software installation. – Does not happen, the .deb files are hashed in the Packages files which are signed by the release file

As we can see, APT addresses all attacks TUF addresses.

But both do not handle key revocation. So, if a key & mirror gets compromised (or just key and the mirror is MITMed), we cannot inform the user that the key has been compromised and block updates from the compromised repository.

I just wrote up a proposal to allow APT to query for revoked keys from a different host with a key revocation list (KRL) file that is signed by different keys than the repository. This would solve the problem of key revocation easily – even if the repository host is MITMed or compromised, we can still revoke the keys signing the repository from a different location.


Filed under: Debian, Ubuntu
Categories: FLOSS Project Planets

Anwesha Das: DreamHost fighting to protect the fundamental rights of its users

Planet Python - Thu, 2017-08-17 15:13

Habeas data, my data my right, is the ethos of the right to be a free and fulfilling individual. It offers the individual to be him/herself without being monitored.

In The United States, there are several salvos to protect and further the concept.

The First Amendment

The First Amendment (Amendment I) to the United States Constitution establishes the

  • Freedom of speech,
  • Freedom of the press,
  • Freedom exercise of religion,
  • Freedom to assemble peaceably
The Fourth Amendment

The Fourth Amendment(Amendment IV) to the United States Constitution

  • prohibits unreasonable searches and seizures;
  • establishes The right to privacy is protected by the US Constitution, though the exact word privacy has not been used. But if we have a close look to the Amendment to the Bill of Rights, it bars Government to issue a general warrant.
The Privacy Protection Act, 1980

The Act protects press, journalists, media house, newsroom from the search conducted by the government office bearers. It mandates that it shall be unlawful for a government employee to search for or seize “work product” or “documentary materials” that are possessed by a person “in connection with a purpose to disseminate to the public a newspaper, book, broadcast, or other similar form of public communication”, in connection with the investigation or prosecution of a criminal offense, [42 U.S.C. §§ 2000aa (a), (b) (1996)]. An order, a subpoena is necessary for accessing the information, documents.

But the Government for the time again have violated, disregarded these mandates and stepped outside their periphery in the name of security of the state.

The present situation with DreamHost

DreamHost is A Los Angeles based company(private). It provides the following services, Web hosting service, Cloud computing service, Cloud storage service, Domain name registrar. The company since past few months is fighting a legal battle to protect their and one of their customer’s, disruptj20.org fundamental right.

What is disruptj20.org?

The company hosts disruptj20.org in the web. It is a website which organized, encouraged willing individuals to participate against the present US Government. Wikipedia says - “DisruptJ20 (also Disrupt J20), a Washington, D.C.-based political organization founded in July 2016 and publicly launched on November 11 of the same year, stated its initial aim as protesting and disrupting events of the presidential inauguration of the 45th U.S.”

The Search Warrant

There was a Search Warrant issued against DreamHost. It requires them to
disclose, give away “the information associated with www.disruptj20.org that is stored at the premises owned, maintained, controlled, or operated by DreamHost,” [ATTACHMENT A].

The particular list of information to be disclosed and information to be seized by the government can be seen at ATTACHMENT B.

How it affects third parties (other than www.disruptj20.org)?

It demands to reveal to the government of “all files” related to the website, which includes the HTTP logs for the visitors, - means

  • the time and date of the visit,
  • the IP address for the visitor,
  • the website pages viewed by the visitor (through their IP address),
  • the detailed description of the software running in the visitor’s computer.
  • details of emails by the third party to the www.disruptj20.org.

Responding to it the company challenged the Department of Justice (on the warrant). They made an attempt to quash the demand of seizure and disclosure of the information by due legal process and reason.

Motion to show cause

In a usual course of action, the DOJ would respond to the inquiries of DreamHost. But here instead of answering to their inquiries, DOJ chose to file a motion to show cause in the Washington, D.C. Superior Court. DOJ asked for an order to compel them to produce the records,

The Opposition

The Opposition for the denial of the above mentioned motion filed by DreamHost filed an Opposition for the denial of the above mentioned motion. The “Argument” part shows/claims/demonstrates

  • How the Search Warrant Violates the Fourth Amendment and the Privacy Protection Act.
  • The Search Warrant requires the details of the visitors to the website.This severely endangers their freedom of speech (The First Amendment). As described by DreamHost on their blog.

“This motion is our latest salvo in what has become a months-long battle to protect the identities of thousands of unwitting internet users.”

Electronic Frontier Foundation has led their support, help to DreamHost, though they are not representing them in the court. The matter will be heard on August 18 in Washington, D.C.

There are different kinds of securities. Security for state power is a kind that is constantly protected. In contrast to the security for the population which is constantly denied, negated, curbed and restrained. By looking at the series of events, the documentary records of this particular incident raises a doubt -

  • If the Government action is motivated by security or not?

The only security in this case is probably is being considered is security to stay in power, noticing the nature, subject of the website. Now it is the high time that people should stand to save individual’s, commoner’s right to have private space, opinion and protest. Kudous to DreamHost to protect the primary fundamental right of and individual - Privacy.

Categories: FLOSS Project Planets

Chiranjeeb Mahanta | Blog: GSoC’17 Coding period | Week #11 | Uc wishlist

Planet Drupal - Thu, 2017-08-17 15:01
GSoC’17 Coding period | Week #11 | Uc wishlist chiranjeeb2410 Thu, 08/17/2017 - 15:01
Categories: FLOSS Project Planets

Friday Free Software Directory IRC meetup: August 18th starting at 12:00 p.m. EDT/16:00 UTC

FSF Blogs - Thu, 2017-08-17 14:36

Participate in supporting the Directory by adding new entries and updating existing ones. We will be on IRC in the #fsf channel on irc.freenode.org.

Tens of thousands of people visit directory.fsf.org each month to discover free software. Each entry in the Directory contains a wealth of useful information, from basic category and descriptions, to providing detailed info about version control, IRC channels, documentation, and licensing info that has been carefully checked by FSF staff and trained volunteers.

While the Directory has been and continues to be a great resource to the world for over a decade now, it has the potential to be a resource of even greater value. But it needs your help!

This week we return to adding new entries to the Directory. We've been doing a great job all year getting things updated (over 4,000 entries reviewed), but we want to keep it growing as well. We'll also be discussing the Debian import project, which could add thousands of packages in the near future.

If you are eager to help, and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today! There are also weekly Directory Meeting pages that everyone is welcome to contribute to before, during, and after each meeting.

Categories: FLOSS Project Planets

Shirish Agarwal: Composers are not given due recognition

Planet Debian - Thu, 2017-08-17 14:17

Update – Some youtube links are not viewable or even seen on planet.debian.org. Seems p.d.o. tries its best to remove external links, sorry for the breakage.

Beware – some youtube-links would be shared in this entry, sorry couldn’t find a better/easier media platform to work with. If anyone knows any other platform or wants to suggest, feel free to either mail me or let me know in comments.

I want to start today’s sharing with a picture of Ganesha I saw today. It is and was public art hence sharing it without an issue.

This is starting of festivities time in India and Ganesha or Ganpati is looked up as a good omen in India.

The festival of Ganesh Chaturthi would be starting on the 25th of August and is a sight to behold. Just like Rio has its carnival, Ganesh Chaturthi is also a carnival. We also have parades where people come with Pandals (or temporary structures)

The mythology says he has a sweet tooth (hence lot of distribution of sweets, especially modak) and anything which might be troubling people, he creates solutions for them.

Here is one video of how people celebrate his immersion in India. This is from my home-town few years ago, every year the madness and the celebrations are becoming more and more. People from far off come to see how we celebrate and see how different people make their Pandals. While some are with music, others are with social messages. Usually people start going to see these structures after dusk and return home way after midnight or early morning. I hope to do this endeavour after many years. One is drunk from hearing all sorts of different kids of music, decoration, messages, a feast and a strain to all the senses.

Ganesha immersion celebrations – https://www.youtube.com/watch?v=hjWfpGUryho

If one is interested one can find more info. at https://en.wikipedia.org/wiki/Ganesh_Chaturthi

After quite a bit of time, I wrote an article about various foss internships which I knew besides GSOC over the years. I finally penned them down at https://itsfoss.com/best-open-source-internships/

Interestingly, I was amazed to see that all FOSS U.S. projects (outside of GSOC) are for students who are either living or studying in U.S. and have a student work visa (which from private discussions I came to know is lot harder to get nowadays than before). Except for the National Science Foundation (NSF) which probably has U.S. defence relations and hence they might be sensitive, I fail to understand other institutes preferences for only getting people from the U.S. and hence having a lesser talent pool of people. This also affects the growth of the projects themselves. Just think how limited Debian would have been if it had decided to only have people from only any one community develop it. Dunno if this is due to the present President Trump or these policies had been there before. It would be nice and interesting if people in the know can share.

What has also been interesting to watch is Mr. Trump blaming low-cost manufacturing centres like India and China when as far as I recall, lot of manufacturing, specifically auto-mobiles manufacturing was shifted out of the U.S. to Ireland and other places years before which are relatively high-cost places (at least compared to India). I *believe* the change was as early as in 1980’s itself where India was insulated and had a limited market for everything (similar to Russian communism as shown in popular media but not so bad.)

Interestingly, it took almost a month for the perl 2.56 to make the transition smoothly. It took quite a bit of time for all the components to work together and be installable.

Also saw this few days back http://fortune.com/2017/04/12/auto-industry-decline/

While Tesla is expensive even by American standards the idea of lesser parts, lesser complexity and hence lower costs to use, maintain is good. I do hope that he and his team or any of the competitors do overcome the significant challenges. Any significant improvement in battery technology is bound to have huge impact in almost everything that is used in 21st century.

Two recent articles tell me the future may become present very quickly.

https://www.purdue.edu/newsroom/releases/2017/Q2/instantly-rechargeable-battery-could-change-the-future-of-electric-and-hybrid-automobiles.html

Toyota could finally start mass producing electric cars thanks to China

I do hope to see EV being prevalent before the next decade is over otherwise we don’t have any hope due to climate change.

As for my health, I am much better than before. Just to share some stats, before my “illness” for lack of better word, I was 120 kgs. , when I was kept in the hospital for about 2-2.5 weeks I came down to 95 kgs. and now back upto 108 kgs. Do go for exercising every other day and trying to get back the strength, stamina and increasing a bit of both. Doctors have given me another 4-5 months after which a brain scan will reveal if there are any remaining blood clots in the brain or not.

Lastly, while it has become somewhat of a sensitive issue to love Muslims or to talk about their work in any field in the current political climate, there are 4-5 music pieces I listen whenever I can, especially before going to bed. While almost all the pieces have been sung and written by Muslims, sadly I don’t know who the composers of these beautiful songs are.

While it is much easier to get the names of the singer and the lyricist, one of the more important roles in my view is the composer or/and music arranger. Without them, the songs would not have the same haunting quality that the songs have. While I have been lucky to find the names of the composer/music arranger for the pieces below but this is not the case if and when the songs comes on television. I do remember in old times at least on Radio they used to mention about who has given the music as well, dunno in modern times.

I am sharing the songs, and hopefully will also share the translations if I find on the web, please see the lyrics. The numbering is for convenience only and am torn in these 4-5 songs which is the best. Just to share these are all sufi love songs except the last one which I am sharing.

1.

Lyrical song – https://www.youtube.com/watch?v=ehqN6oTpmb8

Translation with video of song – http://www.bollynook.com/en/lyrics/6443/aaj-din-chadheya/

While there probably are stories with each song, I was lucky to find the story about this one. The lyrics of the song are actually a love lost Punjabi poet who writes in the memory of his beloved to which he could not marry and he pens those when standing in line for his liquor. The story goes on that he marries a girl later in life who bears a resemblance to his beloved whom he couldn’t forget till his dying day.

2.

Lyrical song – https://www.youtube.com/watch?v=uTC_2c83qn0

The same song has been sung by different people and I love them all the more for it.

Another video – https://www.youtube.com/watch?v=3G7Qg4LJ7WE

Another video – https://www.youtube.com/watch?v=kOsvNuR3m5Y

Translation – http://www.bollynook.com/en/lyrics/10703/o-re-piya/

3.

Lyrical song – https://www.youtube.com/watch?v=qG7Kms_YA5Q

The translation – http://www.filmyquotes.com/songs/885

The translation of the song is a bit crude but then translations are supposed to be crude

Categories: FLOSS Project Planets

Services Collaborating Openly at Akademy 2017

Planet KDE - Thu, 2017-08-17 14:03

At the recently concluded Akademy 2017 in the incredibly hot but lovely Almería, yours truly went and did something a little silly: Submitted both a talk (which got accepted) and hosted a BoF, both about Open Collaboration Services, and the software stack which KDE builds to support that API in the software we produce. The whole thing was amazing. A great deal of work, very tiring, but all 'round amazing. I even managed to find time to hack a little bit on Calligra Gemini, which was really nice.

This blog entry collects the results from the presentation and the BoF. I realise this is quite long, but i hope that you stick with it. In the BoF rundown, i have highlighted the specific results, so hopefully you'll be able to skim-and-detail-read your specific interest areas ;)
First, A Thank You In Big LettersBefore we get to that, though, i thought i'd quickly touch on something which i've seen brought up about what the social media presence of the attendees looks like during the event: If you didn't know better, you might imagine we did nothing but eat, party and go on tours. My personal take on that is, we post those pictures to say thank you to the amazing people who provide us with the possibility to get together and talk endlessly about all those things we do. We post those pictures, at least in part, because a hundred shots of a group of people in an auditorium get a bit samey, and while the discussions are amazing, and the talks are great, they don't often make for exciting still photography. Video, however, certainly does that, and those, i hear, are under way for the presentations, and the bof wrapups are here right now :)

Nothing will stop our hackers. And this is before registration and the first presentation!
Presenting PresentationsFirstly, it felt like the presentation went reasonably well, and while i am not able to show you the video, i'll give you a quick run-down of the main topic covered in it. Our very hard working media team is working on the videos at the moment, though, so keep your eyes on the KDE Community YouTube channel to catch those when they're released.

The intention of the presentation was to introduce the idea that just because we are making Free software, that does not mean we can survive without money. Consequently, we need some way to feed funds back to the wildly creative members of our community who produce the content you can find on the KDE Store. To help work out a way of doing this in a fashion that fits in with our ideals, described by the KDE Vision, i laid out what we want to attempt to achieve in five bullet points, tongue-in-cheek called Principia pene Premium, or the principles of almost accidental reward:

  • Financial support for creators
  • Not pay-for-content
  • Easy
  • Predictable
  • Almost (but not quite) accidental
The initial point is the problem itself, that we want the creators of the content on the store to be financially rewarded somehow. The rest are limiting factors on that:

Not pay-for-content alludes to the fact that we don't want to encourage paywalls. The same way we make our software available under Free licenses of various types, we want to encourage the creators of the content used in it to release their work in similarly free ways.

Easy means easy for our creators, as well as the consumers of the content they produce. We don't want either them to have to jump through hoops to receive the funds, or to send it.

Predictable means that we want it to be reasonably predictable for those who give funds out to the creators. If we can ensure that there are stable outgoings for them, say some set amount each month or year, then it makes it easier to budget, and not have to worry. Similarly, we want to try and make it reasonably predictable for our creators, and this is where the suggestion about Liberapay made by several audience members comes in, and i will return to this in the next section.

Finally, perhaps the most core concept here is that we want to make it possible to almost (but not quite) accidentally send one of the creators funds. Almost, because of course we don't want to actually do so accidentally. If that were the case, the point of being predictable would fly right out the window. We do, however, want to make it so easy that it is practically automatically done.

All of this put together brings us to the current state of the KDE Store's financial support system: Plings. These are an automatic repayment system, which the store handles for every creator who has added PayPal account information to their profile. It is paid out monthly, and the amount is based on the Pling Factor, which is (at the time of writing) a count of how many downloads the creator has accumulated over all content items over course of the month, and each of those is counted as $0.01 USD.

Space-age looking crazy things at the Almería Solar Platform. Amazing place. Wow. So science.Birds of a Feather Discuss TogetherOn Wednesday, a little while before lunch, it was time for me to attend my final BoF session of the week (as i would be leaving early Thursday). This one was slightly different, of course, because i was the host. The topic was listed as Open Collaboration Service 1.7 Preparation, but ended up being more of a discussion of what people wanted to be able to achieve with the store integration points we have available.
Most of the items which were identified were points about KNewStuff, our framework designed for easy integration of remote content using either OCS, or static sources (used by e.g. KStars for their star catalogues).
Content from alternate locations was the first item to be mentioned, which suggests a slight misunderstanding about the framework's abilities. The discussion revealed that what was needed was less a question of being able to replace existing sources in various applications, so much as needing the ability to control the access to KNewStuff more granularly. Specifically, being able to enable/disable specific sources was highlighted, perhaps through using Kiosk. It might still make sense to be able to overlay sources - one example given was the ability to overlay the wallpapers source (used in Plasma's Get New Wallpapers) with something pointing to a static archive of wallpapers (so users might be able to get a set of corporate-vetted backgrounds, rather than just one). This exact use case should already be possible, simply by providing a static XML source, and then replacing the wallpapers.knsrc file normally shipped by Plasma with another, pointing to that source.

A more complete set of Qt Quick components was requested, and certainly this would be very useful. As it stands, the components are very minimal and really only provide a way to list available items, and install/update/remove them. In particular two things were pointed out: There is no current equivalent of KNS3::Button in the components, and further no Kiosk support, both of which were mentioned as highly desired by the Limux project.

Signing and Security was highlighted as an issue. Currently, KNSCore::Security exists as a class, however it is marked as "Do not use, non-functional, internal and deprecated." However, it has no replacement that i am myself aware of, and needs attention by someone who, well, frankly knows anything of actual value about signing. OCS itself has the information and KNS does consume this and make it available, it simply seems to not be used by the framework. So, if you feel strongly about signing and security issues, and feel like getting into KNewStuff, this is a pretty good place to jump in.

Individual download item install/uninstall was mentioned as well, as something which would be distinctly useful for many things (as a simple example, you might want more than one variant of a wallpaper installed). Right now, Entries are marked as installed when one download item is installed, and uninstalling implicitly uninstalls that download item. There is a task on the KNewStuff workboard which has collected information about how to adapt the framework to support this.

But KNewStuff wasn't the only bit to get some attention. Our server-side software stack had a few comments along the way as well.

One was support for Liberapay which is a way to distribute monetary wealth between people pretty much automatically, which fits very nicely into the vision of creator support put forward in my presentation. In short, what it allows us to do

One topic which comes up regularly is adding support for the upload part of the OCS API to our server-side stack. Now, the reason for this lack is not that simply adding that is difficult at all, because it certainly isn't - quite the contrary, the functionality practically exists already. The problem here is much more a case of vetting: How do we ensure that this will not end up abused by spammers? The store already has spam entries to be handled every day, and we really want to avoid opening up a shiny, new vector for those (insert your own choice of colloquialism here) spammers to send us things we want to not have on the store. Really this deserves a write-up of its own, on account of the sheer scope of what might be done to alleviate the issues, but what we spoke about essentially came down the following:

  • Tight control of who can upload, so people have to manually be accepted by an administration/editors team as uploaders before they are given the right to do so through the API. In essence, this would be possible through establishing a network of trust, and through people using the web interface first. As we also want people to approach without necessarily knowing people who know people, a method for putting yourself up for API upload permission approval will also be needed. This might possibly be done through setting a requirement for people who have not yet contributed in other ways to do so (that is, upload some content through the web first, and then request api upload access). Finally, since we already have a process in place for KDE contributors, matching accounts with KDE commit access might also be another way to achieve a short-cut (you already have access to KDE's repositories, ability to publish things on the store would likely not be too far a stretch).
  • Quality control of the content itself. This is something which has been commented on before. Essentially, it has been discussed that having linting tools that people can use locally before uploading things would be useful (for example, to ensure that a kpackage for a Plasma applet is correct, or that a wallpaper is correctly packaged, or that there is correct data in a Krita brush resource bundle, or that an AppImage or Flatpak or Snap is what it says it is, just to mention a few). These tools might then also be used on the server-side, to ensure that uploaded content is correctly packaged. In the case of the API, what might be done is to return the result of such a process in the error message field of a potentially failed OCS content/add or content/edit call, which then in turn would be something useful to present to the user (in place of a basic "sorry, upload failed" message). 

For OCS itself, adding mimetype as an explicit way to search and filter entries and downloaditems was suggested. As it stands, it could arguably be implemented by clients and servers, however having it explicitly stated in the API would seem to make good sense.

The proposal to add tagging support to OCS currently awaiting responses on the OCS Webserver phabricator was brought up. In short, while there are review requests open for adding support for the proposal to Attica and KNewStuff respectively, the web server needs the support added as well, and further the proposal itself needs review by someone who is not me. No-one who attended the BoF felt safe in being able to review this in any sensible way, and so: If you feel like you are able to help with this, please do take part and make comments if you think something is wrong.

Finally, both at the BoF and outside of it, one idea that has been kicked around for a while and got some attention was the idea of being able to easily port and share settings between installations of our software. To be able to store some central settings remotely, such as wallpaper, Plasma theme and so on, and then apply those to a new installation of our software. OCS would be able to do this (using its key/value store), and what is needed here is integration into Plasma. However, as with many such things, this is less a technical issue (we have most of the technology in place already), and more a question of design and messaging. Those of you who have ever moved from one Windows 10 installation to another using a Microsoft account will recognise the slightly chilling feeling of the sudden, seemingly magical appearance of all your previous settings on the machine. As much as the functionality is very nifty, that feeling is certainly not.

Solar powered sun-shade platform outside the university building. With fancy steps. And KDE people on top ;)Another Thank You, and a WishAkademy is not the only event KDE hosts, and very soon there is going to be another one, in Randa in the Swiss alps, this year about accessibility. I will not delve into why this topic is so important, and can only suggest you read the article describing it. It has been my enormous privilege to be a part of that several years, and while i won't be there this year, i hope you will join in and add your support.

The word of the day is: Aircon. Because the first night at the Residencia Civitas the air conditioning unit in the room i shared with Scarlett Clark did not work, making us very, very happy when it was fixed for the second night ;)
Categories: FLOSS Project Planets

Acquia Lightning Blog: Using the Content API

Planet Drupal - Thu, 2017-08-17 13:41
Using the Content API Adam Balsam Thu, 08/17/2017 - 13:41

Lightning 2.1.7 includes a new top-level component: Content API. Its purpose is to provide a very basic server-side framework for building decoupled apps using Lightning as a backend. It has no strong opinions about how the "front-end" of such an application is implemented -- out of the box, it merely provides tools to deliver Drupal entities according to the JSON API specification.

Generally speaking, you can interact with API anonymously in the same way that an anonymous user can interact with a standard Drupal site. So you can do things like get a single piece of content, or a list of content without authenticating. For other actions -- the kind that would normally require you to be logged in to Drupal -- you will need to provide an OAuth access token in the header of your request. Tokens are related to a Drupal user and an OAuth client, which is associated with any number of Drupal user roles. You can obtain a token by making a specific HTTP request for it.

Let's go through some common, generic, use cases. I'll use cURL in my example so that you can easily test them out for yourself.

Getting a list of content

The API endpoints generally follow the following pattern: "/jsonapi/{entity-type}/{bundle}". So if we wanted to get a list of Basic Page content, we could send a GET request to "/jsonapi/node/page":

curl --request GET \ --url https://example.com/jsonapi/node/page

Which would return something like this:

{ "data": [ { "type": "node--page", "id": "api_test-unpublished-page-content", "attributes": { "nid": 1, "uuid": "api_test-unpublished-page-content", "vid": 1, "langcode": "en", "status": false, "title": "Unpublished Page", "created": 1502985175, "changed": 1502985175, "promote": false, "sticky": false, "revision_timestamp": 1502985175, "revision_log": null, "revision_translation_affected": true, "default_langcode": true, "path": null, "body": { "value": "--TESTING--", "format": null, "summary": null } }, "relationships": { "type": { "data": { "type": "node_type--node_type", "id": "8bae5c5c-697d-4b8a-ab22-b72e895a3b24" }, "links": { "self": "https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com/jsonapi/node/page/api_test-unpublished-page-content/relationships/type", "related": "https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com/jsonapi/node/page/api_test-unpublished-page-content/type" } }, "uid": { "data": { "type": "user--user", "id": "4d7eb3c7-db6d-4a01-8b3d-7d706d314f87" }, "links": { "self": "https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com/jsonapi/node/page/api_test-unpublished-page-content/relationships/uid", "related": "https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com/jsonapi/node/page/api_test-unpublished-page-content/uid" } }, "revision_uid": { "data": { "type": "user--user", "id": "4d7eb3c7-db6d-4a01-8b3d-7d706d314f87" }, "links": { "self": "https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com/jsonapi/node/page/api_test-unpublished-page-content/relationships/revision_uid", "related": "https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com/jsonapi/node/page/api_test-unpublished-page-content/revision_uid" } }, "moderation_state": { "data": { "type": "moderation_state--moderation_state", "id": "1a5f02e6-3f14-46a7-a40c-65590c8729a9" }, "links": { "self": "https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com/jsonapi/node/page/api_test-unpublished-page-content/relationships/moderation_state", "related": "https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com/jsonapi/node/page/api_test-unpublished-page-content/moderation_state" } }, "scheduled_update": { "data": [ ] } }, "links": { "self": "https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com/jsonapi/node/page/api_test-unpublished-page-content" } }, ...

That's pretty verbose. We could simplify the response by adding the "fields" parameter. In this example, we only want the "title" and "created" fields:

curl --request GET \  --url https://example.com/jsonapi/node/page\ ?fields[node--page]=title,created # Note that I'm using `[` and `]` here for clarity. These characters need to be # encoded with `%5B` and `%5D` respectively if you want to actually use these # examples.

Which would return something like this:

{ "data": [ { "type": "node--page", "id": "0bee8eb7-0f06-4986-9ca0-e340021a0af3", "attributes": { "title": "A Page", "created": 1502985175 }, "links": { "self": "https://{DOMAIN.COM}/jsonapi/node/page/0bee8eb7-0f06-4986-9ca0-e340021a0af3" } }, { "type": "node--page", "id": "4d7eb3c7-db6d-4a01-8b3d-7d706d314f87", "attributes": { "title": "Another Page", "created": 1502985175 }, ... Getting a specific piece of content

We can request a specific piece of content by specifying its UUID in the URL:

curl --request GET \  --url https://example.com/jsonapi/node/page/0bee8eb7-0f06-4986-9ca0-e340021a0af3

 Which would return something like this (but more verbose since we didn't use the "field" parameter):

{ "data": { "type": "node--page", "id": "0bee8eb7-0f06-4986-9ca0-e340021a0af3", "attributes": { "title": "A Page", "created": 1502985175 }, "links": { "self": "https://example.com/jsonapi/node/page/0bee8eb7-0f06-4986-9ca0-e340021a0af3" } }, "links": { "self": "https://example.com/jsonapi/node/page/0bee8eb7-0f06-4986-9ca0-e340021a0af3?fields%5Bnode--page%5D=title%2Ccreated" } } Getting a token

You will need to provide an access token for any request that anonymous users are not authorized to execute. Tokens are granted via the "/oauth/token" endpoint, and requests for a token must include a client_id, client_secret, username, and password. OAuth clients inherit the permissions of standard Drupal user roles by selecting one or more roles on the client's configuration form, under "Scopes". A typical setup would involve the following steps:

  1. Create a Drupal role ("/admin/access/roles") with the permissions you want the consuming app to be allowed to perform.
  2. Create a Drupal user ("/admin/people/create") that the API will use and assign that user the role you just created.
  3. Create an OAuth2 client ("/admin/config/people/simple_oauth/oauth2_client/add") and assign it the same role as the user you just created via the Scopes section.

Once that's done, you can use the following to obtain an access token, where:

  • CLIENT_ID = The OAuth2 client UUID, displayed after creation of the client in Step 3 at "/admin/access/clients"
  • SECRET = The "New Secret" you chose when creating the client  in Step 3
  • USERNAME = The Drupal username of the user you created in Step 2
  • PASSWORD = The password you gave the Drupal user in Step 2
curl -X POST -d \ "grant_type=password\ &client_id={CLIENT_ID}\ &client_secret={SECRET}\ &username={USERNAME} &password={PASSWORD}"\ https://example.com/oauth/token

Which should generate a response like this:

{ "token_type": "Bearer", "expires_in": 300, "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz...", "refresh_token": "def50200bdb9093a7a6cc837dhcd1..." }

If you want to give it a try without your own sandbox setup, Headless Lightning has a nightly build deployed to https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com with a client and user preconfigured. So you should be able to use the "/oauth/token" endpoint there to get a valid token to our sandbox if you're curious.

Give it a try! Copy and paste the following into a terminal window:

curl --request POST \ --data "grant_type=password\ &client_id=api_test-oauth2-client\ &client_secret=oursecret\ &username=api-test-user\ &password=admin"\ https://headlessnightlytfrimmmkug.devcloud.acquia-sites.com/oauth/token Using a token

Once you have a token, it's easy to get data that anonymous users aren't authorized to access. Just add an Authorize header to your request, like so (replacing {ACCESS_TOKEN} with the access_token value in the /oauth/token response):

--header 'authorization: Bearer {ACCESS_TOKEN}'

So let's say we wanted to get a specific piece of content just like the "Get a specific piece of content" example above. But in this case, the content is unpublished and therefore anonymous users won't be able to access it. Given that the token was acquired:

  1. For an OAuth client that has a scope with the "View unpublished content" permission
  2. For user account that has a role with the same permission

We can successfully make the same request for an unpublished piece of content if we include the token in an authorization header like this:

curl --request GET \ --header 'authorization: Bearer {ACCESS_TOKEN}'\ --url https://example.com/jsonapi/node/page/api_test-unpublished-page-content # Where `api_test-unpublished-page-content` is the UUID of some piece of # unpublished content

Note how this request is identical to the anonymous request above except that it:

  1. Requests a resource that requires authorization
  2. Includes an "authorization" header

Given the authorization header, Content API will authenticate the request and then authorize it (or not) based on the permissions of the associated client and user.

Creating content

You can create new content by sending a POST request to "jsonapi/{entity-type}/{bundle}". You'll need to include a specific Content-Type header, and most configurations will require Authorization as well since anonymous users usually can't create content. For example:

curl --request POST \ --data '{"data": {"type": "node--page","attributes": {"title": "Created via JSON API"}}}'\ --header 'Content-Type: application/vnd.api+json'\ --header 'authorization: Bearer {ACCESS_TOKEN}'\ --url https://example.com/jsonapi/node/page Content vs Configuration Entities

Drupal makes a distinction between Content and Configuration entities. Sometimes content entities are further distinguished as being renderable and/or bundle-able. Content API makes no such distinctions. If your API client/user have permission to interact with an entity, it can do so through the API. That means you can do things like add fields to a content type via the API, or edit a moderation state transition.

Headless Lightning

Everything described here can be done with Lightning. But if you're building a decoupled application, you might want to check out Headless Lightning, which has a few additional features (and a few features removed) which make it more suitable for decoupled applications.

Categories: FLOSS Project Planets

KStars 2.8.1 "Hipster" Release is out!

Planet KDE - Thu, 2017-08-17 13:22
It finally landed! KStars 2.8.1 aka Hipster release is out for Windows & MacOS!
The highlight for this release is experimental support for HiPS: Hierarchical Progressive Surveys. HiPS provides multi-resolution progressive surveys to be overlayed directly in client applications, such as KStars. It provides an immersive experience as you can explore the night sky dynamically.
With over 200+ surveys across the whole electromagnetic spectrum from radio, infrared, visual, to even gamma rays, the user can pan and zoom progressively deeper into the data visually.

HiPS Support in KStars
HiPS support in KStars has been made possible with collaboration with the excellent open source planetarium software SkyTechX. This truely demonstrates the power of open source to accelerate development and access to more users.
Another feature, also imported from SkyTechX, is the Polaris Hour Angle, which is useful for users looking to polar align their mount.
Polar Hour Angle
GSoC 2017 student Csaba Kertész continued to merge many code improvements. Moreover, many bugs fixes landed in this release. The following are some of the notable fixes and improvements:
  • BUGS:382721 Just use less than and greater than keys for time.
  • BUGS:357671 Patch by Robert Barlow to support custom catalogs in WUT.
  • Improved comet and asteroid position accuracy.
  • Ekos shall fallback to user defined scopes if INDI driver does not provide scope metadata.
  • Fixed command line parsing.
  • Fixed many PHD2 external guider issues.
  • Fixed selection of external guiders in Ekos Equipment Profile.
  • Fixed rotator device infinite loop.
  • Fixed scheduler shutdown behavior.
  • Fixed Ekos Mosaic Position Angle.
  • Fixed issue with resetting Polar Alignment Assistant Tool rotation state.
  • Fixed issue with Ekos Focus star selection timeout behavior.
  • Ekos always switches to CLIENT mode when taking previews.
  • Handle proper removal of devices in case of Multiple-Devices-Per-Driver drivers
  • Display INDI universal messages for proper error reporting.
  • Better logging with QLoggingCategory.

Ekos Mosaic Tool with HiPS
Categories: FLOSS Project Planets

Kdenlive 17.08 released

Planet KDE - Thu, 2017-08-17 12:49

Kdenlive 17.08 is released bringing minor fixes and improvements. Some of the highlights include fixing the Freeze effect and resolving inconsistent checkbox displays in the effects pannel. Downloaded transition Lumas now appear in the interface. Now it is possible to assign a keyboard shortcut for the Extract Frame feature also a name is now suggested based on the frame number. Navigation of clip markers in the timeline behave as expected upon opening the project. Audio clicks issues are resolved although this requires building MLT from git or wait for a release. In this cycle we’ve also bumped the Windows version from Alpha to Beta.

We continue steadfastly making progress in the refactoring branch due for the 17.12 release. We will soon make available a package for testing purposes. Stay tuned for the many exciting features coming soon.

Full list of changes

  • Fix audio mix clicks when using recent MLT. Commit. Fixes bug #371849
  • Fix some checkbox displaying inconsistent info. Commit.
  • Fix downloaded lumas do not appear in interface (uninstall/reinstall existing lumas will be required for previously downloaded). Commit. Fixes bug #382451
  • Make it possible to assign shortcut to extract frame feature,. Commit. Fixes bug #381325
  • Gardening: fix GCC warnings (7). Commit.
  • Gardening: fix GCC warnings (6). Commit.
  • Gardening: fix GCC warnings (5). Commit.
  • Gardening: fix GCC warnings (4). Commit.
  • Gardening: fix GCC warnings (3). Commit.
  • Gardening: fix GCC warnings (2). Commit.
  • Gardening: fix GCC warnings (1). Commit.
  • Fix clip markers behavior broken on project opening. Commit. Fixes bug #382403
  • Fix freeze effect broken (cannot change frozen frame). Commit.
  • Use QString directly. Commit.
  • Use isEmpty. Commit.
  • Use isEmpty(). Commit.
  • Remove qt module in include. Commit.
  • Use constFirst. Commit.
  • Make it compile. Commit.
  • Use Q_DECL_OVERRIDE. Commit.
  • Use nullptr. Commit.
  • Avoid using #elifdef. Commit.
  • Try harder to set KUrlRequester save mode in the renderwidget. Commit.
  • Make sure that text is not empty. Commit.
  • Use QLatin1Char(…). Commit.
  • Cmake: remove unused FindQJSON.cmake. Commit.
  • Port some foreach to c++ for(…:…). Commit.
  • Fix compiler settings for Clang. Commit.
Categories: FLOSS Project Planets

Summer internship wrapup: Ethan Dorta, FSF sysadmin intern

FSF Blogs - Thu, 2017-08-17 11:57

I came here to work on LibreJS, and made a demo for the new version that uses WebExtensions instead of the now deprecated XUL extensions. I also worked for a short time on the linting program JSHint to help remove proprietary code. I hope I will be able to continue helping out with this in the future.

I have learned a lot while working with FSF. I am enthusiastic about software freedom, so being able to work with the leading example of this movement was an honor. I learned new technologies and met new people. While my internship was remote, I actually visited the office while I was visiting Rhode Island. I am thrilled I got this opportunity, and would love to come back after high school or college to do more with the FSF.

Categories: FLOSS Project Planets

Mediacurrent: Webinar Recap: Estimating Web Projects

Planet Drupal - Thu, 2017-08-17 11:33

Everyone knows that process is important, but we have all gotten lost in the rush of daily tasks.

In our latest webinar, Project Management expert Rob McBryde and Vice President of Client Services James Rutherford shared how building and following a process for estimating web projects has driven success for their clients.

Categories: FLOSS Project Planets

Ben's SEO Blog: Headless Drupal and SEO: What Marketers Need to Know

Planet Drupal - Thu, 2017-08-17 11:12

Decoupled—or “headless”—content management systems have been trending in the last few years. This web development strategy, in its most basic form, is a “write once, publish anywhere” technology that separates the content from the presentation layer. Well, um...what the heck does that mean? It means that you can publish a piece of content and then use different systems to display that blog post on a computer, a mobile device, a voice-based system like Amazon’s Alexa, or even a smart watch. Basically, it allows developers to write to many different platforms without having to tediously recreate the wheel each time. (I think…)

It is a hot topic in the Drupal community. In fact, Acquia is holding Decoupled Developer Days this weekend (August 19-20 in NYC). Much of the conversation... Read the full article: Headless Drupal and SEO: What Marketers Need to Know

Categories: FLOSS Project Planets

Akademy 2017

Planet KDE - Thu, 2017-08-17 10:30

Last month, I attended KDE's annual conference, Akademy 2017. This year, it was held in Almeria, a small Andalusian city on the south-east coast of Spain.

The name of the conference is no misspelling, it's part of KDE's age old tradition of naming everything to do with KDE with a 'k'.

It was a collection of amazing, life-changing experiences. It was my first solo trip abroad and it taught me so much about travel, KDE, and getting around a city with only a handful of broken phrases in the local language.

Travel

My trip began from the recently renamed Kempegowda International Airport, Bangalore. Though the airport is small for an international airport, the small size of the airport works to its advantage as it is very easy to get around. Check-in and immigration was a breeze and I had a couple of hours to check out the loyalty card lounge, where I sipped soda water thinking about what the next seven days had in store.

The first leg of my trip was on a Etihad A320 to Abu Dhabi, a four hour flight departing at 2210 on 20 July. The A320 isn't particularly unique equipment, but then again, it was a rather short leg. The crew onboard that flight seemed to be a mix of Asian and European staff.

Economy class in Etihad was much better than any other Economy class product I'd seen before. Ample legroom, very clean and comfortable seats, and an excellent IFE system. I was content looking at the HUD-style map visualisation which showed the AoA, vertical speed, and airspeed of the airplane.

On the way, I scribbled a quick diary entry and started reading part 1 of Sanderson's Stormlight Archive - 'The Way of Kings'.

Descent to Abu Dhabi airport started about 3:30 into the flight. Amber city lights illuminated the desert night sky. Even though it was past midnight, the plane's IFE reported an outside temperature of 35C. Disembarking from the plane, the muggy atmosphere hit me after spending four hours in an air-conditioned composite tube.

The airport was dominated by Etihad aircraft - mainly Airbus A330s, Boeing 787-8s, and Boeing 777-300ERs. There were also a number of other airlines part of the Etihad Airways Partners Alliance such as Alitalia, Jet Airways, and some Air Berlin equipment. As it was a relatively tight connection, I didn't stop to admire the birds for too long. I traversed a long terminal to reach the boarding gate for the connecting flight to Madrid.

The flight to Madrid was another Etihad operated flight, only this time on the A320's larger brethren - the A330-200. This plane was markedly older than the A320 I had been on the first leg of the trip. Fortunately, I got the port side window seat in a 2-5-2 configuration. The plane had a long take-off roll and took off a few minutes after 2am. Once we reached cruising altitude, I opened the window shade. The clear night sky was full of stars and I must have spent at least five minutes with my face glued to the window.

I tried to sleep, preparing myself for the long day ahead. Soon after waking up, the plane landed at Madrid Barajas Airport and taxied for nearly half-an-hour to reach the terminal. After clearing immigration, I picked up my suitcase and waited for a bus which would take me to my next stop - the Madrid Atocha Railway Station. Located in the heart of city, the Atocha station is one of Madrid's largest train stations and connects it to the rest of Spain. My train to Almeria was later that day - at 3:15 in the afternoon.

On reaching Atocha, I got my first good look at Madrid.

My facial expression was quite similar

I was struck by how orderly everything was, starting with the traffic. Cars gave the right of way to pedestrians. People walked on zebra crossings and cyclists stuck to the defined cycling lanes. A trivial detail, but it was a world apart from Bangalore. Shining examples of Baroque and Gothic architecture were scattered among newer establishments.

Having a few hours to kill before I had to catch my train, I roamed around Buen Retiro Park, one of Spain's largest public parks. It was a beautiful day, bright and sunny with the warmth balanced out by a light breeze.

My heavy suitcase compelled me to walk slowly which let me take in as much as I could. Retiro Park is a popular stomping ground for joggers, skaters, and cyclists alike. Despite it being 11am on a weekday, I saw plenty of people jogging though the park. After this, I trudged through some quaint cobbled neighbourhoods with narrow roads and old apartment buildings dotted with small shops on the ground floor.

Maybe it was the sleep-deprivation or dehydration after a long flight, but everything felt so surreal! I had to pinch myself a few times - to believe that I had come thousands of miles from home and was actually travelling on my own in a foreign land.

I returned to Atocha and waited for my train. By this time, I came to realise that language was going to be a problem for this trip as very few people spoke English and my Spanish was limited to a few basic phrases - notably 'No hables Espanol' and 'Buenos Dias' :P Nevertheless, the kind folks at the station helped me find the train platform.

Trains in Spain are operated by state-owned train companies. In my case, I would be travelling on a Renfe train going till Almeria. The coaches are arranged in a 2-2 seating configuration, quite similar to those in airplanes, albeit with more legroom and charging ports. The speed of these trains is comparable to fast trains in India, with a top speed of about 160km/hr. The 700km journey was scheduled to take about 7 hours. There was plenty of scenery on the way with sloping mountain ranges and deserted valleys.

Big windows encouraged sightseeing

After seven hours, I reached the Almeria railway station at 10pm. According to Google Maps, the hostel which KDE had booked for all the attendees was only 800m away - well within walking distance. However, unbeknownst to me, I started walking in the opposite direction (my phone doesn't have a compass!). This kept increasing the Google Maps ETA and only when I was 2km off track I realised something was very wrong. Fortunately, I managed to get a taxi to take me to Residencia Civitas - a university hostel where all the Akademy attendees would be staying for the week.

After checking in to Civitas, I made my way to the double room. Judging from the baggage and the shoes in the corner, someone had moved in here before I did. About half an hour later, I found out who - Rahul Yadav, a fourth year student at DTU, Delhi. Exhausted after an eventful day of travel, I switched off the lights and went to sleep.

The Conference

The next day, I got to see other the Akademy attendees over breakfast at Civitas. In all, there were about 60-70 attendees, which I was told was slightly smaller than previous years.

The conference was held at University of Almería, located a few kilometres from the hostel. KDE had hired a public bus for transport to and from the hostel for all the days of the conference. The University was a stone's throw from the Andalusian coastline. After being seated in one of the larger lecture halls, Akademy 2017 was underway.

Konqi! And KDE Neon!

The keynote talk was by Robert Kayne of Metabrainz, about the story of how MusicBrainz was formed out of the ashes of CDDB. The talk set the tone for the first day of Akademy.

The coffee break after the first two talks was much needed. I was grappling with sleep deprivation and jet lag from the last two days and needed all the caffeine and sugar I could get to keep myself going for the rest of the day. Over coffee, I caught up with some KDE developers I met at QtCon.

Throughout the day, there were a lot of good talks, notably 'A bit on functional programming', and five quick lightning talks on a variety of topics. Soon after this, it was time for my very own talk - 'An Introduction to the KIO Library'.

The audience for my talk consisted of developers with several times my experience. Much to my delight, the maintainer of the KIO Library, David Faure was in the audience as well!

Here's where I learned another thing about giving presentations - they never quite go as well as it seems to go when rehearsed alone. I ended up speaking faster than I planned to, leaving more than enough time for a QA round. Just as I was wary about, I was asked some questions about the low-level implementation of KIO which thankfully David fielded for me. I was perspiring after the presentation, and it wasn't the temperature which was the problem �� A thumbs up from David afterwards gave me some confidence that I had done alright.

Following this, I enjoyed David Edmundson's talk about Binding properties in QML. The next presentation I attended after this is where things ended up getting heated. Paul Brown went into detail about everything wrong with Kirigami's TechBase page. This drew some, for lack of a better word, passionate people to retaliate. Though it was it was only supposed to be a 10 minute lightning talk, the debate raged on among the two schools of thought of how TechBase documentation should be written. All in good taste. The only thing which brought the discussion to an end was the bus for returning to Civitas leaving sharp at 8pm.

Still having a bit of energy left after the conference, I was ready to explore this Andalusian city. One thing which worked out nicely on this trip is the late sunset in Spain around this time of the year. It is as bright as day even at around 9pm and the light only starts waning at around 930pm. This gave Rahul and me plenty of time to head to the beach, which was about a 20 minute walk from the hostel.

Here, it struck me how much I loved the way of life here.

Unlike Madrid, Almeria is not a known as a tourist destination so most of the people living there were locals. In a span of about half an hour I watched how an evening unfolds in this city. As the sun started dipping below the horizon, families with kids, college couples, and high-school friends trickled from the beach to the boardwalk for dinner. A typical evening looked delightfully simple and laid-back in this peaceful city.

The boardwalk had plenty of variety on offer - from seafood to Italian cuisine. One place caught my eye, a small cafe with Doner Kebab called 'Taj Mahal'. After a couple of days of eating nothing but bland sandwiches, Rahul and I were game for anything with a hint of spice of it. As I had done in Madrid, I tried ordering Doner Kebab using a mixture of broken Spanish and improvised sign language, only to receive a reply from the owner in Hindi! It turned out that the owner of the restaurant was Pakistani and had migrated to Spain seven years ago. Rahul made a point to ask for more chilli - and the Doner kebabs we got were not lacking in spice. I had more chilli in one kebab than I would normally would have had in a week. At least it was a change from Spanish food, which I wasn't all that fond of.

View from the boardwalk

The next day was similar to the first, only a lot more fun. I spent a lot amount of time interacting with the people from KDE India. I also got to know my GSoC mentor, Boudhayan Gupta (@BaloneyGeek). The talks for this day were as good as the ones yesterday and I got to learn about Neon Docker images, the story behind KDE's Slimbook laptop, and things to look forward to in C++17/20.

The talks were wrapped up with the Akademy Awards 2017.

David Faure and Kevin Ottens

There were still 3 hours of sunlight left after the conference and not being ones to waste it, we headed straight for the beach. Boudhayan and I made a treacherous excursion out to a rocky pier covered with moss and glistening with seawater. My well-worn sandels were the only thing keeping me from slipping onto a bunch of sharply angled stones jutting out from the waves. Against my better judgement, I managed to reach the end of the pier only to see a couple of crabs take interest in us. With the tide rising and the sun falling, we couldn't afford to stay much longer so we headed back to the beach just as we came. Not long after, I couldn't help myself and I headed into the water with enthusiasm I had only knew as a child. Probably more so for BaloneyGeek though, who headed in headfirst with his three-week-old Moto G5+ in his pocket (Spoiler: the phone was irrevocably damaged from half a minute of being immersed in saltwater). In the midst of this, we found a bunch of KDE folks hanging out on the beach with several boxes of pizza and bottles of beer. Free food!

Exhausted but exhilarated, we headed back to Civitas to end another very memorable day in Almeria.

Estacion Intermodal, a hub for public transport in Almeria

With the talks completed, Akademy 2017 moved on to its second leg, which consisted more of BoFs (Birds of a Feather) and workshops.

The QML workshop organised by Anu was timely as my relationship with QML has been hot and cold. I would always go in circles with the QML Getting Started tutorials as there aren't as many examples of how to use QtQuick 2.x as there are with say, Qt Widgets. I understood how to integrate JavaScript with the QML GUI and I will probably get around to making a project with the toolkit when I get the time. Paul Brown held a BoF about writing good user documentation and deconstructed some more pretentious descriptions of software with suggestions on how to avoid falling into the same pitfalls. I sat on a few more BoFs after this, but most of the things went over my head as I wasn't contributing to the projects discussed there.

Feeling a bit weary of the beach, Rahul and I decided to explore the inner parts of the city instead. We planned to go to the Alcazaba of Almeria, a thousand-year-old fortress in the city. On the way, we found a small froyo shop and ordered a scoop with chocolate sauce and lemon sauce. Best couple of euros spent ever! I loved the tart flavour of the froyo and how it complemented the toppings with its texture.

This gastronomic digression aside, we scaled a part of the fort only to find it locked off with a massive iron door. I got the impression that the fort was rarely ever open to begin with. With darkness fast approaching, we found ourselves in a dodgy neighbourhood and we tried to get out as fast as we could without drawing too much attention to ourselves. This brought an end to my fourth night in Almeria.

View from Alcazaba

The BoFs continued throughout the 25th, the last full day of Akademy 2017. I participated in the GSoC BoF where KDE's plans for future GSoCs, SoKs, and GCIs were discussed (isn't that a lot of acronyms!). Finally, this was one topic where I could contribute to the discussion. If there was any takeaway from the discussion for GSoC aspirants, it is to start as early as you can!

I sat on some other BoFs as well, but most of the discussed topics were out of my scope. The Mycroft and VDG BoF did have some interesting exchange of ideas for future projects that I might consider working on if I get free time in the future.

Rahul was out in the city that day, so I had the evening to explore Almeria all by myself.

I fired up Google Maps to see anything of interest nearby. To the west of the hostel was a canal I hadn't seen previously so I thought it would be worth a trip. Unfortunately, because of my poor navigation skills and phone's lack of compass, I ended up circling a flyover for a while before ditching the plan. I decided to go to the beach as a reference point and explore from there.

What was supposed to be a reference point ended up becoming the destination. There was still plenty of sunlight and the water wasn't too cold. I put one toe in the water, and then a foot.

And then, I ran.

Running barefoot alone the coastline was one of the best memories I have of the trip. For once, I didn't think twice about what I was doing. It was pure liberation. I didn't feel the exertion or the pebbles pounding my feet.

Almeria's Beaches

The end of the coastline had a small fort and a dirt trail which I would've very much wanted to cycle on. After watching the sun sink into the sea, I ran till the other end of the boardwalk to find an Italian restaurant with vegetarian spinach spaghetti. Served with a piece of freshly baked bread, dinner was delicious and capped off yet another amazing day in Almeria.

Dinner time!

Day Trip

The 26th was the final day of the conference. Unlike the other days, the conference was only for half a day with the rest of the day kept aside for a day trip. I cannot comment on how the conference went on this day as I had to rush back to the hostel to retrieve my passport, which was necessary to attend the day trip.

Right around 2 in the afternoon we boarded the bus for the day trip. Our first stop was the Plataforma Solar de Almería, a solar energy research plant in Almeria. It houses some large heliostats for focussing sunlight at a point on a tower. This can be used for heating water and producing electricity.

There was another facility used for testing the tolerance of spacecraft heat shields by subjecting them to temperatures in excess of 2000C.

Heliostats focus at the top of the tower

The next stop was at the San José village. Though not too far from Almeria, the village is frequented by tourists much more than Almeria is and has a very different vibe. The village is known for its beaches, pristine clear waters, and white buildings. I was told that the village was used in the shooting of some films such as The Good, The Bad, and The Ugly.

Our final stop for the day was at the Rodalquilar Gold Mine. Lost to time, the mine had been shut down in 1966 due to the environmental hazards of using cyanide in the process to sediment gold. The mine wouldn't have looked out of place in a video-game or an action movie, and indeed, it was used in the filming of Indiana Jones and the Last Crusade. There was a short trek from the base of the mine to a trail which wrapped around a hill. After descending from the top we headed back to the hostel.

This concluded my stay in Almeria.

Madrid

After checking out of the hostel early the next morning, I caught a train to Madrid. I had a day in the city before my flight to Bangalore the next day.

I reached Atocha at about 2 in the afternoon and checked in to a hotel. I spent the entire evening exploring Madrid on foot and an electric bicycle through the BiciMAD rental service.

Photo Dump

The Return

My flight back home was on the following morning, on the 28 July. The first leg of the return was yet again, on an Etihad aircraft bound for Abu Dhabi. This time it was an A330-300. It was an emotional 8 hour long flight - with the memories of Akademy still fresh in my mind. To top it off, I finished EarthBound (excellent game!) during the flight.

Descent into Abu Dhabi started about half an hour before landing. This time though, I got to see the bizarre Terminal 1 dome of the Abu Dhabi airport. The Middle East has always been a mystical place for me. The prices of food and drink in the terminal were hard to stomach - 500mL of water was an outrageous 8 UAE Dirhams (₹140)! Thankfully it wasn't a very long layover, so I didn't have to spend too much.

Note to self: may cause tripping if stared at for too long

The next leg was a direct flight to Bangalore, on another Etihad A330. Compared to all the travel I had done in the last two days, the four hour flight almost felt too short. I managed to finish 'Your Lie in April' on this leg.

It was a mix of emotions to land in Bangalore - I was glad to have reached home, but bitter that I had to return to college in only two days.

Akademy 2017 was an amazing trip and I am very grateful to KDE for letting me present at Akademy and for giving me the means of reaching there. I hope I can make more trips like these in the future!

Categories: FLOSS Project Planets

Bryan Pendleton: That Vice News Tonight mini-documentary is extremely powerful.

Planet Apache - Thu, 2017-08-17 10:15

Wow.

Have you already watched the Vice News Tonight mini-documentary on the events in Charlottesville?

It's really powerful, really disturbing, really hard to watch. I don't know a lot about Vice News Tonight, but apparently it's an independent journalism effort receiving funding (and air time) from HBO. This is the first and only Vice News Tonight documentary I've ever watched.

I was really moved by the Vice News Tonight reportage, and by the work of correspondent Elle Reeve, about whom I knew nothing before seeing that report. She did some very fine reporting, I think.

I'm paying particular attention to this issue all of a sudden because my daughter now (since 1 month ago) lives in Richmond, Virginia, just one mile from Monument Avenue, the probable next locus of confrontation.

I haven't ever visited Richmond, but hope to do so one day, now that my daughter lives there.

In the meantime, I'm paying a lot more attention to events in Virginia that I did before.

As are we all.

Categories: FLOSS Project Planets
Syndicate content