Feeds

Python Linux users would have noticed that python is now an "externally managed environment" on newer releases. I suspect that it has caused many frustrations. It certainly did for me - at least initially. Marcos, a long term friend of TurnKey recently reached out to me to ask about the best way to work around this when developing on our Odoo appliance.

The issue

Before I go on, for those of you who are not sure what I'm talking about, try installing or updating a python package via pip. It will fail with an error message:

error: externally-managed-environment × This environment is externally managed ╰─> To install Python packages system-wide, try apt install python3-xyz, where xyz is the package you are trying to install. If you wish to install a non-Debian-packaged Python package, create a virtual environment using python3 -m venv path/to/venv. Then use path/to/venv/bin/python and path/to/venv/bin/pip. Make sure you have python3-full installed. If you wish to install a non-Debian packaged Python application, it may be easiest to use pipx install xyz, which will manage a virtual environment for you. Make sure you have pipx installed. See /usr/share/doc/python3.11/README.venv for more information. note: If you believe this is a mistake, please contact your Python installation or OS distribution provider. You can override this, at the risk of breaking your Python installation or OS, by passing --break-system-packages. hint: See PEP 668 for the detailed specification.

Whilst this does fix a legitmate issue, it's also a big PITA for developers. To read more about the rationale, please see PEP 668.

Resolution options

As per the message, installing Python packages via apt is preferable. But what about if you need a python library not available in Debian? Or a newer version that what Debian provides? As noted by the error message, using a Python venv is the next best option. But that means duplication of any apt packages you may already have installed therefore bloat. It also means that you miss out on the automated security updates that TurnKey provides for Debian packages. The only remaining option is to "break system packages". That doesn't sound good! It will revert your system to the behavior before the application of PEP 668 - thus making life more complicated in the future...

Pros and Cons of each approach.

Assuming that you want/need versions and/or packages not available in Debian, what is the best path? Obviously each option note has pros and cons, so which way should you go? In his message to me, Marcos nicely laid out the pros and cons of each of the 2 suggested approaches, so I'll share them here:

Virtual Environment Pros:

• Isolates application dependencies, avoiding conflicts with system packages.
• Allows for more flexible and up-to-date package management.

Cons:

• Adds complexity to the setup and maintenance process.
• Increases the overall footprint and resource requirements of the deployment.

System-Wide Installation Pros:

• Simpler setup and integration with the system.
• Utilizes the standard Turnkey Linux deployment model.

Cons:

• Potential conflicts with system-managed packages.
• Limited by the constraints imposed by Debian 12.

Another - perhaps better - option

Another option not noted in the pip error message is to create a virtual environment, with the system python passed through. Whilst it's still not perfect, in my option it is by far the best option - unless of course you can get by just using system packages alone. TBH, I'm a bit surprised that it's not noted in the error message. It's pretty easy to set up, just include adding the '--system-site-packages' switch when creating your virtual environment. I.e.:

python3 -m venv --system-site-packages /path/to/venv What you get with this approach

Let's have a look at what you get when using '--system-site-packages'. First let's create an example venv. Note that all of this is running as root from root's home (/root). Although for any AWS Marketplace users (or non TurnKey users) most of these commands should work fine as a "sudo" user (for apt installs).

root@core ~# mkdir ~/test_venv root@core ~# python3 -m venv --system-site-packages ~/test_venv root@core ~# source ~/test_venv/bin/activate (test_venv) root@core ~#

Now for a demonstration of what happens when you use it.

I'll use a couple of apt packages with my examples:

• python3-pygments (initially installed)
• python3-socks (initially not-installed)

Continuing on from creating the venv above, let's confirm the package versions and status:

(test_venv) root@core ~# apt list python3-pygments python3-socks Listing... Done python3-pygments/stable,now 2.14.0+dfsg-1 all [installed,automatic] python3-socks/stable 1.7.1+dfsg-1 all

So we have python3-pygments installed and it's version 2.14.0. python3-socks is not installed, but the available version is 1.7.1. Now let's check that the installed package (pygments) is available in the venv and that it's the system version. For those not familiar with grep, the grep command does a case-insensitive search for lines that include socks or pygments.

(test_venv) root@core ~# pip list | grep -i 'socks\|pygments' Pygments 2.14.0

Let's install python3-socks and check the status again:

(test_venv) root@core ~# apt install -y python3-socks [...] (test_venv) root@core ~# apt list python3-pygments python3-socks Listing... Done python3-pygments/stable,now 2.14.0+dfsg-1 all [installed,automatic] python3-socks/stable,now 1.7.1+dfsg-1 all [installed]

Ok so python3-socks is installed now. And it's instantly available in our venv:

(test_venv) root@core ~# pip list | grep -i 'socks\|pygments' Pygments 2.14.0 PySocks 1.7.1

Woohoo! :) And we can still install and/or update packages in our venv with pip?:

(test_venv2) root@core ~# pip install --upgrade pygments Requirement already satisfied: pygments in /usr/lib/python3/dist-packages (2.14.0) Collecting pygments Downloading pygments-2.18.0-py3-none-any.whl (1.2 MB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.2/1.2 MB 6.5 MB/s eta 0:00:00 Installing collected packages: pygments Attempting uninstall: pygments Found existing installation: Pygments 2.14.0 Not uninstalling pygments at /usr/lib/python3/dist-packages, outside environment /root/test_venv2 Can't uninstall 'Pygments'. No files were found to uninstall. Successfully installed pygments-2.18.0

Yes! When using pip install in our venv there are some extra lines related to the system package, but otherwise it's the same as using a standalone venv. Let's double check the new version:

(test_venv) root@core ~# pip list | grep -i 'socks\|pygments' Pygments 2.18.0 PySocks 1.7.1

So we've updated from the system version of Pygments to 2.18.0, but the system version still exists - and is still 2.14.0:

(test_venv) root@core ~# apt list python3-pygments Listing... Done python3-pygments/stable,now 2.14.0+dfsg-1 all [installed,automatic]

So what happens if we remove the pip installed version?:

(test_venv) root@core ~# pip uninstall pygments Found existing installation: Pygments 2.18.0 Uninstalling Pygments-2.18.0: Would remove: /root/test_venv2/bin/pygmentize /root/test_venv2/lib/python3.11/site-packages/pygments-2.18.0.dist-info/* /root/test_venv2/lib/python3.11/site-packages/pygments/* Proceed (Y/n)? y Successfully uninstalled Pygments-2.18.0

This time there is no mention of the system package. Let's double check the system and the venv:

(test_venv) root@core ~# apt list python3-pygments Listing... Done python3-pygments/stable,now 2.14.0+dfsg-1 all [installed,automatic] (test_venv) root@core ~# pip list | grep -i 'pygments' Pygments 2.14.0

Yep, the system package is still there and it's still in the venv!

The best of both worlds

So using '--system-site-packages' is essentially the best of both worlds. Where possible you can use system packages via apt, but you still have all the advantages of a virtual environment. In my opinion it's the best option by far! What do you think? Feel free to share your thoughts and feedback below.

Blog Tags: pythonvirtual environmentvenvaptpipdebianlinux

Drupal RAG Integration: Diving into the world of Large Language Models (LLMs) and their potential in the Drupal ecosystem, I've crafted a solution that combines a Drupal module with a RAG (Retrieve, Augment, Generate) backend, enabled by FastAPI. The result? A smart chatbot that knows your website content like the back of its hand, ready to answer visitor queries with updated site knowledge every time you publish new content.

My first few articles in this series have been focused on the messages we send to others – mostly our written messages. This time I am focusing on Listening as key skills when communicating with others.

Listening is a skill. In general in our lives we are expected to know how to listen, even though most teaching is informal.

If you aren’t listening to your colleagues and clients (friends, family, etc.), which can include reading carefully the materials they write, how can you communicate back to them clearly? And when they can tell you didn’t listen closely, why should they listen to you carefully?

The Importance of Listening

Listening when other people speak, or reading their words when they send you an email or chat message, is how we learn about other people’s needs. As developers and consultants we need to understand the needs of our users and clients. If we don’t understand what they need, we will provide the wrong thing.

Active Listening

Listening is not a passive activity. If you are simply allowing someone’s words to wash over you, but not engaged with their meaning you are missing critical details of what’s being communicated.

Active Listening is a skill you can teach yourself and improve on over time.

When we speak we communicate with more than words. Our body language, tone, pace of speaking, and a host of other details go into how we communicate our message. When we actively listen, we are absorbing all those details to make sure we’re getting the whole message.

Active Listening involves also reflecting back that you’re paying attention to the speaker. You can use your own body language to send none verbal cues that you’re paying attention. You can also make affirming noises, and other auditory markers that you’re following along. And when you start to speak you can paraphrase their comments to demonstrate you understood the previous person’s contributions.

Active Listening in an Age of Video Meetings

Most materials you’ll find on Active Listening focus on in-person discussions. That’s in part because people have been talking about Active Listening for decades and the technology is still playing catchup.

But you can bring Active Listening skills to video meetings — most easily if you have your camera on.

While affirming noises and other auditory responses can cause audio filters to struggle – clipping one speaker’s audio to provide your supportive sounds – there are still ways to make sure people know you’re listening. When you camera is on, looking at the screen closest to your camera, nodding or shaking your head, making (work place appropriate) hand gestures, and other visual cues can be helpful. Using the reactions features of most systems to give thumbs up, applause, and other indicators can also help send the message that you’re paying attention.

The hardest talk I ever had to give was an online conference early in the Covid Pandemic. I had no real-time feedback from the audience at all. I was not told how many people were listening; I could not see any chat messages: no input at all. It was just me, staring at my slides, trying to maintain good energy. Eventually I got questions read to me at the end that suggested at least someone was watching – but for most of my talk I felt like I was talking to an empty room.

Give people input whenever you can without being distracting. Helping them understand they are being heard will make it easier for them to communicate with you.

Listening as a Form of Respect

Truly listening to another person is a marker of respect. You are demonstrating that the other person is worth your time and energy. If that’s not obvious to you already, think about the difference between a friend who is looking at you while you’re talking vs that same friend looking at their phone; which makes it clear your friend cares about you?

At work the same is true with colleagues. If you are looking at your phone, reading email, looking at social media, or any number of other activities that pull your attention away you are communicating the person isn’t as important to you as all those distractions.

We all are guilty of this from time to time. I have been pushing myself recently to admit it to other people because it gets me to stop.

For example, the other day just as I as starting a call, I got a message from someone else that I found very frustrating – and was time sensitive. I started to reply while also starting the call. I wasn’t really respecting my colleague’s time. So I apologized to my colleague, asked for a moment to reply to the message explaining it was both time sensitive and distracting, and then I focused on our call. I was both more focused on our conversation two minutes later, and I avoided annoying her by constantly looking away at the other message. Because she listened to me, it also meant we could restart our conversation by commiserating about distracting messages that pull our attention away from meetings.

Communicating well requires full engagement in the work, but in the messages you send and in making sure you receive messages as well.

As I said in my first post on this topic, communications skills for developers and consultants is an enormous topic. The plan for this series is evolving as I go. If you have suggestions or requests feel free to leave me a message.

The post Writing for Developers and Consultants: Listening appeared first on Spinning Code.

This is a very exciting month if you’re waiting for more artist-oriented improvements in the Wayland session!

Plasma #

Feature Pen calibration is merged! If you have the time and supported hardware, try it out in Neon Unstable and see if the math needs tweaking. I also begun adding tests for this calibration tool. 6.2 NLnet

The finalized calibration screen.

Feature You can now bind mouse buttons (with modifier keys) to tablet pen or pad buttons, or disable them entirely! 6.2 NLnet

A long-awaited feature in the Wayland session!

Bugfix Fixed the pen tester ahead of it breaking in Qt 6.8 since tablet pens can drag the window. 6.2

Feature Mention that setting the orientation is not supported, on hardware where it isn’t. Some people have already commented we can do even better than this, so I plan on tackling that next month. 6.2

What the combo box looks like now, on unsupported hardware.

Bugfix Disable the tablet tester when no tablets are connected. This is because the tablet tester only responds to pen input, so it’s useless without any. 6.2

KWin #

Feature Support disabling buttons in the rebind filter. 6.2 NLnet

Feature Support pressing keyboard modifiers alongside mouse buttons. 6.2 NLnet

Feature Set the mouse cursor position when rebinding tablet buttons to mouse buttons. This is to fix odd situations where you have a tablet button bound to right-click, and context menus open in the wrong place. 6.2 NLnet

Testing Added more test coverage for the ButtonRebindFilter. NLnet

NeoChat #

Feature Add an option to block invites from users who you may not know, to help users being spammed by bad actors on Matrix. This is could also be useful if you’re only using your Matrix account to communicate with friends & family. 24.08

The option to toggle this new safety feature.

Bugfix Try not to display ghost notifications for invites. This is meant to be an addition to the above feature, to prevent users from being spammed. 24.08

Bugfix Don’t mark invite notifications as persistent. This is also meant to cut down on the possible notification spam. This is especially important on KDE Plasma Desktop which doesn’t handle notification spam well at all, at the moment. 24.08

Feature Made the ignored list look better when you have no one in it. 24.11

Feature Cleaned up the account editor page and also add some icons to break up how text-heavy it is here. 24.11

Feature Added a “Show QR code” button to the account menu so you don’t have to dig into the settings to find this. 24.11

Feature Suggest what to do on the empty welcome screen. 24.11

Tokodon #

Feature Added an option to open the pop-out status composer by default. 24.08

Feature Allow pasting images directly from the Internet and just make pasting images all-around better. 24.08

Bugfix Silently fail when servers don’t implement featured tags on profiles. This is common for lots of non-Mastodon servers. 24.08

PlasmaTube #

Feature Added basic support for SponsorBlock which is turned off by default, but you can enable under Settings. You can’t configure which server to use (it’s possible, just not through the UI) or what specific categories to block yet. You do have the option to have PlasmaTube inform you when you’re inside of a sponsored segment or have it auto-skip. 24.08

Feature Added a proper error page to the video player while my Invidious server is borked due to YouTube changes. It will display the error given by Invidious, and also a button to open the original webpage. 24.11

Note that there’s a link in there, but even on Invidious it’s unclickable.

That’s all for this month!

My work in KDE for June 2024

My Work in KDE

Home

Combining BGP confederations and AS override can potentially create a BGP routing loop, resulting in an indefinitely expanding AS path.

BGP confederation is a technique used to reduce the number of iBGP sessions and improve scalability in large autonomous systems (AS). It divides an AS into sub-ASes. Most eBGP rules apply between sub-ASes, except that next-hop, MED, and local preferences remain unchanged. The AS path length ignores contributions from confederation sub-ASes. BGP confederation is rarely used and BGP route reflection is typically preferred for scaling.

AS override is a feature that allows a router to replace the ASN of a neighbor in the AS path of outgoing BGP routes with its own. It’s useful when two distinct autonomous systems share the same ASN. However, it interferes with BGP’s loop prevention mechanism and should be used cautiously. A safer alternative is the allowas-in directive.1

In the example below, we have four routers in a single confederation, each in its own sub-AS. R0 originates the 2001:db8::1/128 prefix. R1, R2, and R3 forward this prefix to the next router in the loop.

BGP routing loop using a confederation

The router configurations are available in a Git repository. They are running Cisco IOS XR. R2 uses the following configuration for BGP:

router bgp 64502 bgp confederation peers 64500 64501 64503 ! bgp confederation identifier 64496 bgp router-id 1.0.0.2 address-family ipv6 unicast ! neighbor 2001:db8::2:0 remote-as 64501 description R1 address-family ipv6 unicast ! ! neighbor 2001:db8::3:1 remote-as 64503 advertisement-interval 0 description R3 address-family ipv6 unicast next-hop-self as-override ! ! !

The session with R3 uses both as-override and next-hop-self directives. The latter is only necessary to make the announced prefix valid, as there is no IGP in this example.2

Here’s the sequence of events leading to an infinite AS path:

1. R0 sends the prefix to R1 with AS path (64500).3

2. R1 selects it as the best path, forwarding it to R2 with AS path (64501 64500).

3. R2 selects it as the best path, forwarding it to R3 with AS path (64500 64501 64502).

4. R3 selects it as the best path. It would forward it to R1 with AS path (64503 64502 64501 64500), but due to AS override, it substitutes R1’s ASN with its own, forwarding it with AS path (64503 64502 64503 64500).

5. R1 accepts the prefix, as its own ASN is not in the AS path. It compares this new prefix with the one from R0. Both (64500) and (64503 64502 64503 64500) have the same length because confederation sub-ASes don’t contribute to AS path length. The first tie-breaker is the router ID. R0’s router ID (1.0.0.4) is higher than R3’s (1.0.0.3). The new prefix becomes the best path and is forwarded to R2 with AS path (64501 64503 64501 64503 64500).

6. R2 receives the new prefix, replacing the old one. It selects it as the best path and forwards it to R3 with AS path (64502 64501 64502 64501 64502 64500).

7. R3 receives the new prefix, replacing the old one. It selects it as the best path and forwards it to R0 with AS path (64503 64502 64503 64502 64503 64502 64500).

8. R1 receives the new prefix, replacing the old one. Again, it competes with the prefix from R0, and again the new prefix wins due to the lower router ID. The prefix is forwarded to R2 with AS path (64501 64503 64501 64503 64501 64503 64501 64500).

A few iterations later, R1 views the looping prefix as follows:4

RP/0/RP0/CPU0:R1#show bgp ipv6 u 2001:db8::1/128 bestpath-compare BGP routing table entry for 2001:db8::1/128 Last Modified: Jul 28 10:23:05.560 for 00:00:00 Paths: (2 available, best #2) Path #1: Received by speaker 0 Not advertised to any peer (64500) 2001:db8::1:0 from 2001:db8::1:0 (1.0.0.4), if-handle 0x00000000 Origin IGP, metric 0, localpref 100, valid, confed-external Received Path ID 0, Local Path ID 0, version 0 Higher router ID than best path (path #2) Path #2: Received by speaker 0 Advertised IPv6 Unicast paths to peers (in unique update groups): 2001:db8::2:1 (64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64503 64502 64500) 2001:db8::4:0 from 2001:db8::4:0 (1.0.0.3), if-handle 0x00000000 Origin IGP, metric 0, localpref 100, valid, confed-external, best, group-best Received Path ID 0, Local Path ID 1, version 37 best of AS 64503, Overall best

There’s no upper bound for an AS path, but BGP messages have size limits (4096 bytes per RFC 4271 or 65535 bytes per RFC 8654). At some point, BGP updates can’t be generated. On Cisco IOS XR, the BGP process crashes well before reaching this limit. 😑

The main lessons from this tale are:

• never use BGP confederations under any circumstances, and
• be cautious of features that weaken BGP routing loop detection.

1. When using BGP confederations with Cisco IOS XR, use allowconfedas-in instead. It’s available since IOS XR 7.11. ↩︎

2. Using BGP confederations is already inadvisable. If you don’t use the same IGP for all sub-ASes, you’re inviting trouble! However, the scenario described here is also possible with an IGP. ↩︎

3. When an AS path segment is composed of ASNs from a confederation, it is displayed between parentheses. ↩︎

4. By default, IOS XR paces eBGP updates. This is controlled by the advertisement-interval directive. Its default value is 30 seconds for eBGP peers (even in the same confederation). R1 and R2 set this value to 0, while R3 sets it to 2 seconds. This gives some time to watch the AS path grow. ↩︎

We are happy to announce the release of GNU Taler v0.12.

This week our family suffered another loss with my brother in-law. We will miss him dearly. On our way down to Phoenix to console our nephew that just lost his dad our car blew up. Last week we were in a roll over accident that totaled our truck and left me with a broken arm. We are now in great need of a new vehicle. Please consider donating to this fund: https://gofund.me/033eb25d . Kubuntu is out of money and I am between work packages with the ‘project’. We are 50 miles away from the closest town for supplies, essentials such as water requires a vehicle.

I have had bad years before ( covid ) in which I lost my beloved job at Blue Systems. I made a vow to myself to never let my personal life affect my work again. I have so far kept that promise to myself and without further ado I present to you my work.

Kubuntu:

• Many SRUs awaiting verification stage including the massive apparmor policy bug.
• sddm fix for the black screen on second boot has passed verification and should make .1 release.
• See Debian for the qt6 Plasma / applications work.

Debian:

• qtmpv – in NEW
• arianna – in NEW
• kamera – uploading today
• kcharselect – Experimental
• Tokodon – Done, but needs qtmpv to pass NEW
• Gwenview – WIP needs kamera, kio-extras
• kio-extras – WIP

KDE Snaps:

Please note: for the most part the Qt6 snaps are in –edge except the few in the ‘project’ that are heavily tested. Please help test the –edge snaps so I can promote them.

• Elisa
• Okular
• Konsole ( please note this is a confined terminal for the ‘project’ and not very useful except to ssh to the host system )
• Kwrite
• Gwenview
• Kate ( –classic )
• Gcompris
• Alligator
• Ark
• Blinken
• Bomber
• Bovo
• Calindori
• Digikam
• Dragon
• Falkon
• Filelight

WIP Snaps or MR’s made

• KSpacedual
• Ksquares
• KSudoku
• KTuberling
• Kubrick
• lskat
• Palapeli
• Kajongg
• Kalzium
• Kanagram
• Kapman
• Katomic
• KBlackBox
• KBlocks
• KBounce
• KBreakOut
• KBruch

Please note that 95% of the snaps are free-time work. The project covers 5. I am going as fast as I can between Kubuntu/Debian and the project commitments. Not to mention I have only one arm! My GSOC student is also helping which you can read all about here: https://soumyadghosh.github.io/website/interns/gsoc-2024/gsoc-week-3-week-7/

There is still much work to do in Kubuntu to be Plasma 6 ready for Oracular and they are out of funds. I will still continue my work regardless, but please consider donating until we can procure a consistent flow of funding : https://kubuntu.org/donate/

Thank you for reading and have a blessed day!

This week our family suffered another loss with my brother in-law. We will miss him dearly. On our way down to Phoenix to console our nephew that just lost his dad our car blew up. Last week we were in a roll over accident that totaled our truck and left me with a broken arm. We are now in great need of a new vehicle. Please consider donating to this fund: https://gofund.me/033eb25d . Kubuntu is out of money and I am between work packages with the ‘project’. We are 50 miles away from the closest town for supplies, essentials such as water requires a vehicle.

I have had bad years before ( covid ) in which I lost my beloved job at Blue Systems. I made a vow to myself to never let my personal life affect my work again. I have so far kept that promise to myself and without further ado I present to you my work.

Kubuntu:

• Many SRUs awaiting verification stage including the massive apparmor policy bug.
• sddm fix for the black screen on second boot has passed verification and should make .1 release.
• See Debian for the qt6 Plasma / applications work.

Debian:

• qtmpv – in NEW
• arianna – in NEW
• kamera – uploading today
• kcharselect – Experimental
• Tokodon – Done, but needs qtmpv to pass NEW
• Gwenview – WIP needs kamera, kio-extras
• kio-extras – WIP

KDE Snaps:

Please note: for the most part the Qt6 snaps are in –edge except the few in the ‘project’ that are heavily tested. Please help test the –edge snaps so I can promote them.

• Elisa
• Okular
• Konsole ( please note this is a confined terminal for the ‘project’ and not very useful except to ssh to the host system )
• Kwrite
• Gwenview
• Kate ( –classic )
• Gcompris
• Alligator
• Ark
• Blinken
• Bomber
• Bovo
• Calindori
• Digikam
• Dragon
• Falkon
• Filelight

WIP Snaps or MR’s made

• KSpacedual
• Ksquares
• KSudoku
• KTuberling
• Kubrick
• lskat
• Palapeli
• Kajongg
• Kalzium
• Kanagram
• Kapman
• Katomic
• KBlackBox
• KBlocks
• KBounce
• KBreakOut
• KBruch

Please note that 95% of the snaps are free-time work. The project covers 5. I am going as fast as I can between Kubuntu/Debian and the project commitments. Not to mention I have only one arm! My GSOC student is also helping which you can read all about here: https://soumyadghosh.github.io/website/interns/gsoc-2024/gsoc-week-3-week-7/

There is still much work to do in Kubuntu to be Plasma 6 ready for Oracular and they are out of funds. I will still continue my work regardless, but please consider donating until we can procure a consistent flow of funding : https://kubuntu.org/donate/

Thank you for reading and have a blessed day!

Pain (The Soft Moon Remix) by Boy Harsher

1

In mid-June I picked up an unknown infection in my left ankle which turned out to be antibiotic resistant. The infection caused cellulitis. After five weeks of trial and error and treatment, the infection is beaten but I am still recovering from the cellulitis. I don’t know how long it will take to be fully recovered, nor how long before I can be “useful” again: I’m currently off work (and thus off my open source and other commitments too). Hopefully soon! That’s why I’ve been quiet.

1. RIP Jose Luis Vasquez↩

More than two years after I last uploaded the purity-off Debian package, its autopkgtest (the Debian distribution-wide continuous integration system) started failing on arm64, and only on this architecture.

The failing test is very simple: it prints a long stream of "y" or "n" characters to purity(6)'s standard input and then checks the output for the expected result.

While investigating the live autopkgtest system, I figured out that:

• The paging function of purity(6) became enabled, but only on arm64!
• Paging consumed more "y" characters from standard input than the 5000 provided by the test script.
• The paging code does not consider EOF a valid input, so at that point it would start asking again and printing "--- more ---" forever in a tight loop.
• And this output, being redirected to a file, would fill the file system where the autopkgtest is running.

I did not have time to verify this, but I have noticed that the 25 years old purity(6) program calls TIOCGWINSZ to determine the screen length, and then uses the results in the answer buffer without checking if the ioctl(2) call returned an error. Which it obviously does in this case, because standard input is not a console but a pipe. So my theory is that paging is enabled because the undefined result of the ioctl has changed, and only on this architecture.

Since I do not want to fix purity(6) right now, I have implemented the workaround of printing many more "y" characters as input.

updating old chroot in sbuild that predates usrmerge. I have been lazy and haven't been updating the chroot; but I no longer could, so had to resolve this issue about usrmerge. There was a file /etc/unsupported-skip-usrmerge-conversion that usrmerge package errored out on; it seemed like it means a mark of not doing usrmerge conversion, because sbuild is a system for autobuilding and staying in split /usr for the duration of the release might be better. I don't fully understand the rationale of the file and effects, but I just deleted it and jumped into merged usr.

Hey everyone! Finally a video update after 3 months of work. Here is what we have on the new icons for Plasma.

I went over the changes a little fast but if you have any questions, let us know. You can find us in the Visual Design channel on Matrix and also on Telegram.

If you would like to join this effort and have some good Figma/PenPot skills, let us know as well! We need more designers in our group!

Visual Design Matrix Visual Design Telegram

Miscellaneous improvements

After my gargantuan post around the overhauled navigation gestures (and a still-in-progress one about KWin corner touch gesture support I'll hopefully have ready soon:tm:) let's tackle a few more smaller things. I'll try to make these somewhat regular (dare I say maybe even monthly?), but let's see how that shakes out, probably more like every 2-3 months if at all.

As an exciting update, near the end of June (the 25th to be exact) I got accepted to the KDE dev team. This means I now have the ability to properly manage submitted issues on GitLab and, only slightly terrifyingly, I'm now allowed to push code changes to the main repositories and review MRs. Let's see when, if ever, this feeling of trepidation over having to make quadruple sure I don't accidentally do stupid stuff subsides. Should it even subside or is being very extra super duper careful a good thing. I'll keep you posted whenever I find an answer to that :D

Anyways, let's get to code changes:

Merged Changes

Task Switcher/Gesture Navigation

• I sat down and overhauled some of the animations around the navigation gestures of the mobile task switcher: The diagonal quick switch should now look smoother and not be nearly-instantaneous and the flick to homescreen is now a tad smoother and actually makes the task preview smaller while animating instead of looking like it's opening the selected task before suddenly vanishing.
• Fixed minor logic bug around task switcher quick switch gesture. It should now correctly open the task switcher when you're trying to quick switch towards the end of a list - if there's nothing to quick switch to, it's better to open the full task switcher instead of just returning to the app you were in before.
• I added a task icon list to the task scrub gesture in the switcher to make it visually more distinct to the "normal" task switcher and provide more useful info about the open apps you can switch to. In case you didn't know: In gesture-only mode w (I'll admit this one is a bit older, but this is the first installment of this kind of post so I'm not tooooo strict on the "in July" part): I'm still tracking an issue with this where when the task list becomes too long it's not properly centered anymore, but that should be a fairly simple fix once I get to it.
• The main task switcher opening gesture now stops tracking the finger 1:1 in the vertical direction once it's moved a bit past its "fully activated" point. This is a bit awkward to explain, but basically it makes it "more reluctant" to follow the finger infinitely far up. If that still doesn't make sense, here's a video: Video tag unsupported!
• The task switcher gestures now have a haptic feedback in some places: When the conditions are met for the task switcher to open (eg: gesture progress is far enough and finger movement speed is slow enough) and when the task scrub mode starts there'll now be a bit of haptic feedback.

Misc

I've done some bug triaging and reproduction here and there, as well as tried to keep up to date on merge requests in the Plasma Mobile world. I still haven't really done a proper review and merge, but I'm trying to look through all of the other ones to hopefully learn how good reviews look like so at some point I'll be able to do them.

Unfinished

• I tried my hand at fixing the task switcher navigation gestures being always active instead of just when the gesture navigation mode is actually turned on. To do this properly we probably need to refactor the mobileshellsettings plugin to be accessible via C++ (it's just a QML plugin currently), so let's see how that goes.
• I started work on more mobile friendly notification popups. The new design uses a swipe-to-dismiss interaction instead of having a close button. While technically "working" from a functionality perspective, the visuals are kind of broken still. I hope to have this complete by 6.2, but there's still some open questions. I'll probably have to get in touch with more experienced Plasma devs to brainstorm why this is going wrong so badly, but I've not quite given up at bashing my head against this myself. Oh and before I forget: this also affects Plasma Desktop when in Touch/Tablet Mode. Video tag unsupported!This was my first try, which was smooth but left behind the window shadow Video tag unsupported!And this my second try which is more technically correct and properly moves the window, but... I mean, you can see it yourself

Upcoming

For the next month I wanna try and finish up my work on KWin touch corner gestures (and get another oversized blog post out about those) and then implement them into Plasma Mobile. Once that is done I want to do more bug fixing, triaging and looking at knocking out some tickets for planned bigger picture improvements for 6.2. Let's see next month if a) I get any of this done or b) I even manage to make a blog post since I'll not be home for a while

DebConf24, the 25th annual Debian Developer Conference, is taking place in Busan, Republic of Korea from July 28th to August 4th, 2024. Debian contributors from all over the world have come together at Pukyong National University, Busan, to participate and work in a conference exclusively ran by volunteers.

Today the main conference starts with around 340 expected attendants and over 100 scheduled activities, including 45-minute and 20-minute talks, Bird of a Feather ("BoF") team meetings, workshops, a job fair, as well as a variety of other events. The full schedule is updated each day, including activities planned ad-hoc by attendees over the course of the conference.

If you would like to engage remotely, you can follow the video streams available from the DebConf24 website for the events happening in the three talk rooms: Bada, Somin and Pado. Or you can join the conversations happening inside the talk rooms via the OFTC IRC network in the #debconf-bada, #debconf-somin, and #debconf-pado channels. Please also join us in the #debconf channel for common discussions related to DebConf.

You can also follow the live coverage of news about DebConf24 provided by our micronews service or the @debian profile on your favorite social network.

DebConf is committed to a safe and welcoming environment for all participants. Please see our Code of Conduct page for more information on this.

Debian thanks the commitment of numerous sponsors to support DebConf24, particularly our Platinum Sponsors: Proxmox, Infomaniak and Wind River.

DebConf24, the 25th edition of the Debian conference is taking place in Pukyong National University at Busan, Republic of Korea. Thanks to the hard work of its organizers, it again will be an interesting and fruitful event for attendees.

We would like to warmly welcome the sponsors of DebConf24, and introduce them to you.

We have three Platinum sponsors.

• Proxmox is the first Platinum sponsor. Proxmox provides powerful and user-friendly Open Source server software. Enterprises of all sizes and industries use Proxmox solutions to deploy efficient and simplified IT infrastructures, minimize total cost of ownership, and avoid vendor lock-in. Proxmox also offers commercial support, training services, and an extensive partner ecosystem to ensure business continuity for its customers. Proxmox Server Solutions GmbH was established in 2005 and is headquartered in Vienna, Austria. Proxmox builds its product offerings on top of the Debian operating system.

• Our second Platinum sponsor is Infomaniak. Infomaniak is an independent cloud service provider recognised throughout Europe for its commitment to privacy, the local economy and the environment. Recording growth of 18% in 2023, the company is developing a suite of online collaborative tools and cloud hosting, streaming, marketing and events solutions. Infomaniak uses exclusively renewable energy, builds its own data centers and develops its solutions in Switzerland, without relocating. The company powers the website of the Belgian radio and TV service (RTBF) and provides streaming for more than 3,000 TV and radio stations in Europe.

• Wind River is our third Platinum sponsor. For nearly 20 years, Wind River has led in commercial Open Source Linux solutions for mission-critical enterprise edge computing. With expertise across aerospace, automotive, industrial, telecom, and more, the company is committed to Open Source through initiatives like eLxr, Yocto, Zephyr, and StarlingX.

Our Gold sponsors are:

• Ubuntu, the Operating System delivered by Canonical.

• Freexian, a services company specialized in Free Software and in particular Debian GNU/Linux, covering consulting, custom developments, support and training. Freexian has a recognized Debian expertise thanks to the participation of Debian developers.

• Lenovo, a global technology leader manufacturing a wide portfolio of connected products including smartphones, tablets, PCs and workstations as well as AR/VR devices, smart home/office and data center solutions.

• Korea Tourism Organization, which purpose is to advance tourism as a key driver for national economic growth and enhancement of national welfare and intends to be a public organization that makes the Korean people happier; it promotes national wealth through tourism.

• Busan IT Industry Promotion Agency, an industry promotion organization that contributes to the innovation of the digital economy with the power of IT and CT and supports the ecosystem for innovative local startups and companies to grow.

• Microsoft, who enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more.

• doubleO, a company that specializes in consulting and developing empirical services using big data analysis and artificial intelligence. doubleO provides a variety of data-centered services together with small and medium-sized businesses in Busan/Gyeongnam.

Our Silver sponsors are:

• Roche, a major international pharmaceutical provider and research company dedicated to personalized healthcare.
• Two Sigma, rigorous inquiry, technology data science, and invention to bring science to finance and help solve the toughest challenges across financial services.
• Arm: leading technology provider of processor IP, Arm powered solutions have been supporting innovation for more than 30 years and are deployed in over 280 billion chips to date.
• The Bern University of Applied Sciences with around 7,800 students enrolled, located in the Swiss capital.
• Google, one of the largest technology companies in the world, providing a wide range of Internet-related services and products such as online advertising technologies, search, cloud computing, software, and hardware.
• FSIJ, the Free Software Initiative of Japan, a non-profit organization dedicated to supporting Free Software growth and development.
• Busan Tourism Organisation: leading public corporation that generates social and economic values in Busan tourism industry, developing tourism resources in accordance with government policies and invigorate tourism industry.
• Civil Infrastructure Platform, a collaborative project hosted by the Linux Foundation, establishing an open source “base layer” of industrial grade software.
• Collabora, a global consultancy delivering Open Source software solutions to the commercial world.
• Matanel Foundation, which operates in Israel, as its first concern is to preserve the cohesion of a society and a nation plagued by divisions.

Bronze sponsors:

• Altus Metrum,
• Loongson,
• NIPA,
• IPA,

And finally, our Supporter level sponsors:

• evolix,
• ISG,
• Linux Professional Institute.

A special thanks to the Pukyong National University, our Venue Partner and our Network Partners KOREN and KREONET!

Thanks to all our sponsors for their support! Their contributions make it possible for a large number of Debian contributors from all over the globe to work together, help and learn from each other in DebConf24.

I’ve been beating the bug triage drum for a number of years, from the perspective of asking for more dedicated bug triagers. And at this point we have some! Which is amazing, and I’d like to thank them. So this time let’s talk about something different: developers triaging their own projects’ new Bugzilla tickets.

When you’re the developer, you know the internals of your software, but Bugzilla tickets are your connection to its users. If you’re not paying attention to them, you’re flying blind. It’s important to know how people use your software and what they’re having trouble with. Bug triage is a part of being a maintainer.

Fortunately, developers are often the fastest bug triagers of all. With your understanding of how the software works, you’ll know instantly which tickets are upstream or downstream issues, duplicates of existing tickets, already fixed in unreleased code or a released version the reporter doesn’t have, and — for valid reports — where the problem might be. For most, you should be able to handle them really quickly.

Even super popular projects like Plasma, Krita, and Dolphin only get a handful of Bugzilla tickets per day, so looking over all of them doesn’t take much time. Even one developer spending 5 minutes a day triaging their project’s new Bugzilla tickets makes a huge difference. Two are even better!

How do I know? With the power of graphs!

Here’s a graph of the number of Bugzilla tickets over time for an unnamed KDE project that’s had developers actively triaging tickets for the past few years. I bet you can guess when they started!

Note that the numbers include feature requests, which are also Bugzilla tickets. They need triaging too!

See how the number of CONFIRMED reports rises gradually over time, and the number of UNCONFIRMED reports falls in a choppy fashion — indicating new reports being opened and then closed within a few days. But sometimes the number of UNCONFIRMED reports go up for a few weeks, corresponding to times when the developers who do bug triage were too busy or on vacation — highlighting the impact just one or two people can have.

And now for comparison, here’s the graph for a different unnamed KDE project without developers actively triaging Bugzilla tickets:

Eek. How demoralizing.

So now let’s address some anticipated reactions!

If I did this, I’d spend all my time resolving Bugzilla tickets instead of adding new features!

I suspect otherwise, but let’s say you’re right: it would be a sign that the project is actually really buggy and could benefit from you spending more time to fix those bugs! It’s not sustainable to build features on top of a buggy foundation. It’ll catch up with you eventually: the software will become even buggier, the flood of valid yet un-reproducible bug reports will accelerate over time, and you’ll get discouraged by the situation and burn out.

No that’s not what I meant; it’s that all the Bugzilla tickets are really low quality and handling them takes forever!

Ah, this is a better problem to have. It means the software’s foundations are mostly good, but users are getting confused while using it. If you put some time into improving the project’s UI, this type of bug report will fall over time. Clarify complex or confusing features, blame-shift failures caused by 3rd-party services and plugins, improve bad error messages, etc. The KDE Human Interface Guidelines can help!

This could also mean that the tools available for collecting debugging information or reporting bugs are too crude, difficult to use, or hard to find. Spend some time improving these, and the quality of the bug reports will increase.

Finally, it could just mean that your project is just super popular and attracts a lot of attention from normal people not familiar with bug reporting. In this case, in addition to the above, enlist the help of KDE’s bug triagers! Ask us in the kde-bugs:kde.org Matrix room to focus on your project. We can filter out a lot of the obvious junk so you can focus on the real issues.

No no, still not right; it’s that I’m responsible for like 20 projects so I can’t pay attention to such a large number of new Bugzilla tickets every day!

Maybe… but have you verified whether that assumption is accurate? You might be surprised. For example, here’s a list of the Bugzilla tickets opened over the past 24 hours for all KDE Frameworks plus Dolphin, Gwenview, Okular, Filelight, and Elisa. As of the time of writing, there is exactly one Bugzilla ticket. Even broadening it to the past week shows only 16 as of the time of writing! That’s like two per day. How about all of Plasma? As of the time of writing, 6 new tickets in the last 24 hours. Most individual apps get between zero and 2 new tickets per day. These are not overwhelming numbers of Bugzilla tickets to triage. Doing it every day should take only a few minutes.

Ugh, Bugzilla sucks! It’s so clunky and you can’t edit comments or paste images inline! I hate interacting with it!

I definitely won’t deny that Bugzilla is kind of old and clunky-feeling. And not being able to edit comments or paste images inline are indeed pain points. But the grass isn’t greener on the Gitlab side, which would be our alternative. Over the years I’ve compiled a list of showstopper bugs for using Gitlab Issues, including:

• Moving issues clones them with new comments and history; they can get out of sync and it’s impossible to track issues with persistent URLs!
• No sub-components, making organization messy unless you apply a soup of tags to every issue. Even then, tags can’t fully replace actual categorization. Finding anything becomes extremely difficult!
• Only people with developer accounts can add tags, increasing the burden on developers to triage their own issues.
• Very poor/no support for issue organization with large projects that span multiple git repos.
• No way to track number of duplicates, making important issues harder to notice and prioritize.
• Bulk update feature is so limited as to be useless.
• No fancy graphs like the ones I showed earlier.

It’s not a better product, in my opinion. So yeah, maybe Bugzilla sucks, but so does our available alternative — as well as most of the rest of the competition out there, frankly. Bug trackers are just not sexy projects that attract a lot of money and developer attention. The upstream Bugzilla project itself is struggling hit $200 a month in donations.

Bug triage just isn’t fun. I’m a volunteer, and I want this to be a fun hobby, not work. I don’t wanna do it, sorry.

I totally get it! But let’s take a step back: if you’re volunteering for KDE, you’ve already got a hobby that looks like work to normal people. Don’t deny it, you know it’s true. You perform professional-quality software development for free that the average bear demands six figures with benefits for.

And if the volunteer activities you engage in consist of anything other than writing cool new features, then it really starts to look like work! Porting to new APIs? Refactoring old code? Fixing bugs that you don’t personally experience for the good of the project? If you do these tasks out of a sense of responsibility, obligation, or personal pride regarding the state of the project, then bug triage is no different: an under-appreciated task that’s important for project’s long-term health.

OK Mr. Fancypants, how do I do it?

We have extensive documentation on how to do bug triage. But honestly, you’ve been around the block, you probably already know what to do.

The other topic is how to see daily Bugzilla tickets. If you’ve got good email hygiene, having them emailed right to you is best. Let ’em go to your inbox (don’t filter them into a folder!) and handle them immediately! You can subscribe yourself to the mailing list that new Bugzilla tickets for the project get sent to, or else ask me or a sysadmin to add you personally to the CC list for new tickets (this way is less overwhelming).

The other method is to set aside some time at the beginning of the day for bug triage. Click here and modify the Bugzilla search to include the products and components you care about. Hit “Search”, bookmark the final link, and just visit it once per day.

It’s that easy. And your project and its users will thank you! So go out there and triage your project’s bugs!

Experience Builder (XB) allows crafting an experience using components. A tree of components. Except that until now, the XB field type does not yet support storing a tree — we had to start somewhere! Ted “tedbow” Bowman landed #3455728: FieldType: Support storing component trees instead of lists. Next up on this front: before we start actually storing trees, we need thorough validation — Ted’s tackling that next. This will allow us to confidently store trees of components (by putting components in other components’ slots), and then finally put to good use the oldest MR the XB project currently has: Kyle “ctrlADel” Einecker’s MR that adds representative set of Single-Directory Components.

An important XB config management piece landed this week: #3452397: Allow specifying default props values when opting an SDC in for XB, started by Feliksas “f.mazeikis” Mazeikis, finished by me because it blocked next steps and Felix was temporarily reallocated to work on something other than XB — #3460232: Support props defaults that have content dependencies: avoid File content entity dependencies is the next step and is the first thing Felix will work on upon his return.

Thanks to Lee “larowlan” Rowlands finding the time to review #3453152: Centralize & standardize logic for constructing PropSource objects + kernel test coverage, now that landed at last, which doesn’t set everything straight, but is a massive improvement compared to the PoC-y origins of PropSource. In the short term, the most urgent next step is #3461490: Document the current JSON-based data model, and describe in an ADR.

On the front end side, Jesse “jessebaker” Baker contributed a diagram to visualize how he envisions the UI will work:

Initial version of a diagram of the UI’s architecture as envisioned by Jesse Baker. We’ll update this along the way.

And Harumi “hooroomoo” Jang landed the initial implementation of the top bar, a week after the design was available:

The top bar’s mid-fidelity design. Going forward, every issue changing the UI will have to include a screenshot of the updated UI — that will make it easier for anybody to follow along!

To make UI work like Harumi’s go faster, I made CI faster for people working only on the UI: no need to run PHP-related CI jobs then, and after Ben “bnjmnm” Mullins pointed it out, I added an explicit CI job to flag when npm run build fails — because until now only the Cypress CI job would fail, which seemed to suggest that is where the problem was — oops!

In progress

That was all that landed this week, but there’s a lot of things in progress. Here are the most notable ones:

• Superficially boring, but very important for velocity: Lee filed #3452585: CI: Cypress test infrastructure clean-up: split in cypress E2E + cypress unit CI jobs waaaaay back, on June 5! I started pushing that forward to help the people focused on the front end (Jesse, Ben & Harumi) go faster — didn’t land yet, but was getting close. It’s now tantalizingly close.
• @fazilitehreem started working on #3459249: Allow opening the contextual menu by right clicking a component!
• Ben is making good progress on a truly mind-blowing MR — where he’s using a subset of the JSX theme engine 1 to render existing Field Widgets using the existing Twig templates … but using JSX equivalents for a select subset of those templates, to achieve native integration with React for existing Field Widgets, which in turn will enable real-time updates of the preview.
  This approach allows mixing of JSX and Twig templates, and functionality such as vanilla Drupal JS behaviors and form alters continue to work for both Twig- and JSX- rendered markup.
  If that tickled your brain or blew your mind, there’s more to come! There’s a lot of moving parts, but the intent of XB is to bring the entire existing ecosystem along for the superior ride, and this is an important part of that.

Missed a prior week? See all posts tagged Experience Builder.

Goal: make it possible to follow high-level progress by reading ~5 minutes/week. I hope this empowers more people to contribute when their unique skills can best be put to use!

For more detail, join the #experience-builder Slack channel. Check out the pinned items at the top!

Finally, the design locomotive is now going full steam ahead:

• #3460783: Implement component states
• #3461035: Component drag handle
• #3460955: Component name badge above component preview
• #3460958: Allow users to name components for the specific context
• #3460952: Implement add section and add element buttons
• #3460042: Implement search functionality to the primary menu

In closing, catch asked a few very good fundamental questions — these are the kinds of questions that we all need to try to articulate: not about implementation details, but about potential gaps/oversights in the product requirements.

Thanks to Ben and Lauri for reviewing this!

1. This theme engine was built by Ben, Harumi and Alex “effulgentsia” Bronstein long before XB even was in the picture! ↩︎

• Drupal
• Acquia
• Experience Builder

• XB top bar mid-fi design.
• Initial version of a diagram of the UI's architecture.

In the past two month since the previous update on KDE Itinerary, there is a new seat information display in the timeline, Träwelling integration, more use of Wikidata/Wikimedia online content as well as more work towards explicit control over trip grouping, among many other things.

New Features Seat information in the timeline

One of the changes you’d probably notice first is the timeline now prominently featuring seat reservation information where applicable, thanks to Mathis Brüchert.

Seat reservation information for a train trip. Träwelling integration

Tobias Fella implemented support for checking in on Träwelling, a Free Software and community-run service where you can log your public transit journeys. You can now connect your Träwelling account to Itinerary and directly share your train trips there.

Träwelling check-in action. Wikimedia online content

There’s now a new switch in the settings of Itinerary to enable the use of Wikimedia online content e.g. via Wikidata references in OSM data. Enabling this gives you photos and logos in the information dialog of the indoor map for example.

Wikimedia Commons images in the map info dialog. Infrastructure Work Explicit trip group management

The bulk of the work however went into more explicit control of trip grouping:

• Renaming of trips.
• Merging of two adjacent trips.
• Splitting of a trip into two parts.
• Ensuring that automatic grouping and naming doesn’t interfere with manual changes.

Dialog for manually naming trips.

Most of this is not active by default in the app yet, but are prerequisites for enabling trip grouping for everything and moving away from the single combined timeline to a list of trips and per-trip timelines in the UI.

OSM raw data tile server

We identified and resolved a problem in the OSM raw data tile server powering Itinerary’s train station maps where continuous data updates got stuck due to a too small mmap memory size limit in the database (1TB ought to be enough for anybody…). With that fixed OSM data changes are now applied daily again.

This also impacts Marble and now also Kongress.

Matrix trip syncing

Following the discussion during GPN22 refining the concept for syncing trips via Matrix, the basic infrastructure for this was implemented. This is also not something active in the app by default yet, and it is so far only able to synchronize trip names across devices, but that’s enough to validate the approach.

Fixes & Improvements Travel document extractor

• New or improved extractors for 12go, Air Asia, Amadeus Cytric, direct-book.com, Eurowings, Flixbus, Georgian Railway (საქართველოს რკინიგზა), hotels.com, Iberia, Italo, RegioJet, Scandlines, Snälltåget, TCDD Taşımacılık (Turkish Railways), tobilet.pl and Trenitalia.
• Support for Max Actif SNCF cards and ERA FCB discount program cards.
• Fixed “Turkey” being mis-detected as Italy due to a too aggressive substring matching on the Vietnamese translations (MR).
• Improved merging of bus reservations.
• Fixed comparison of address data with different level of details.
• Fixed company capital notes in the fine print of French reservations confusing the automatic price detection.

All of this has been made possible thanks to your travel document donations!

Public transport data

• Fixed dark mode recoloring of several icons.
• Support more Hafas vehicle feature codes.
• Updated line icon data from Wikidata and expanded line icon coverage including e.g. the Stuttgart subway now.

Indoor map

• Improved keyboard navigation in amenity search dialog and elevator floor level selector.
• Improved error handling on corrupt cached map tile files (bug 488664).
• Fixed display of payment information for OSM elements.
• Also show toilet gender segregation information in the amenity search dialog.
• Support vending machines in the element info dialog and amenity search dialog.

Itinerary app

• Fixed several cases of misplaced or duplicated transfer elements in the timeline.
• Improved and more robust automatic transfer selection.
• Also allow creating event entries from OSM tourism attraction and office elements.
• Only do live data queries if we have a chance to pick a suitable backend. This fixes querying all backends in some cases.
• Fixed reading/writing of all-day events to/from the Android system calendar. This fixes exporting hotel reservations to the calendar.
• Fixed exporting to the Android calendar when not having previously imported from there.
• Improved keyboard navigation in the Matrix room selection dialog.
• Fixed importing generic Applet Wallet passes, and rendering passes without a barcode or without an icon.
• Fixed storing the arrival time when editing a ferry reservation (bug 487885).
• Fixed notifications on Android not being shown.
• Improved timeline sorting when dealing with elements without an end time.

How you can help

Feedback and travel document samples are very much welcome, as are all other forms of contributions. Feel free to join us in the KDE Itinerary Matrix channel.

After last week’s bug-squash-a-thon, this week there was more focus on features and user interface improvements — some of them HIG-driven, as I wrote about yesterday. But we kept the bugs down too! Everything is proceeding nicely, I think.

Notable New Features

Konsole has gained a feature to automatically save all output in a terminal view to a file in real-time (Theodore Wang, Konsole 24.12.0. Link):

Distros can now customize the default set of favorite apps shared across Kickoff, Kicker, and Application Dashboard (Harald Sitter, Plasma 6.2.0. Link)

Info Center has a new page showing technical memory information (Thomas Duckworth, Plasma 6.2.0. Link):

Notable UI Improvements

When KWin is asked to open a window whose minimum height is still taller than the screen, it no longer places it with the titlebar cut off on top, which would make it impossible to move without knowing about the Meta+drag feature. Instead, KWin will ensure the titlebar is visible and instead position the window so only content at the bottom is cut off (Xaver Hugl, Plasma 6.1.4. Link)

Refined how KRunner matches text to System Settings pages, so it will be less aggressive about showing them to you for search text with a very weak match (Fabian Vogt, Plasma 6.1.4. Link)

Plasma’s Digital Clock now requests “tabular numerals” just in case the active font has this feature as an optional but off-by-default thing. This ensures that all number characters are fixed-width so that the time display doesn’t jump around throughout the day (Calum Smith, Plasma 6.2.0. Link)

System Settings’ Drawing Tablet page now tells you when your tablet doesn’t support changing its orientation, so you don’t think it’s our fault (Joshua Goins, Plasma 6.2.0. Link)

Did a round of UI polishing for System Settings’ KWin Rules page, which also fixed a bug related to weird scrolling behavior (Ismael Asensio, Plasma 6.2.0. Link)

The animation speed of the Plasma logout screen’s fade-to-black effect now instantly reacts to changes in the global animation speed, and the technical change to make this happen also happened to fix a performance issue with the animation as well (David Edmundson, Plasma 6.2.0. Link 1 and link 2)

Improved the accessibility of the ContextualHelpButton and KeySequenceItem library components, as well as multiple controls on System Settings’ Shortcuts page (Christoph Wolk, Frameworks 6.5 and Plasma 6.2.0. Link 1, link 2, and link 3)

In the the Places panels visible in Dolphin, the open/save dialogs, and many other places, items now show tooltips with relevant information when hovered. This feature is enabled only when built with Qt 6.8, as 6.7 and earlier suffer from a bug that makes it not work properly (Kai Uwe Broulik, Frameworks 6.5. Link)

Notable Bug Fixes

Discover no longer crashes on distros built with asserts turned on (such as Neon) when run using a language where the categories have been mis-translated and overlap one another (Harald Sitter, Plasma 6.1.4. Link)

After changing the current systemwide time zone in System Settings and quitting the app, it now quits properly, no longer staying secretly open in the background as a zombie and preventing you from opening it again (Nicolas Fella, Plasma 6.1.4. Link)

Dragging screenshots and other files from Plasma notifications into Chromium-based apps (Chrome, Discord, etc) now works as expected (David Edmundson, Plasma 6.1.4. Link)

Fixed a bug in the free space notifier that would cause it to flag nearly-full partitions that are read-only, such as on immutable OS style distros like Fedora Kinoite (Timothée Ravier, Plasma 6.1.4. Link)

Found and fixed the source of the issue that made KWin’s new triple buffering feature sometimes cause stuttering instead of the expected butter-smooth animations (Xaver Hugl, Plasma 6.1.4. Link)

Fixed a recent regression that caused multi-row Task Manager widgets to take up too much space on Plasma panels using the “Fit to content” size mode (Ismael Asensio, Plasma 6.1.4. Link)

Fixed an issue in KWin that caused native Wayland apps to receive incorrect information about the order in which modifier keys were pressed (David Edmundson, Plasma 6.2.0. Link)

The “Click in track to scroll by one page at a time” feature — which broke in Frameworks 6.0 due to changes in Qt — now works again (Ivan Tkachenko, Frameworks 6.5. Link)

Other bug information of note:

• 2 Very high priority Plasma bugs (same as last week). Current list of bugs
• 31 15-minute Plasma bugs (same as last week). Current list of bugs
• 103 KDE bugs of all kinds fixed over the last two weeks. Full list of bugs

Notable in Performance & Technical

The “Disable when two keys are held down” sticky keys feature now works on Wayland (Nicolas Fella, Plasma 6.2.0. Link)

Discover now natively supports package installation and updating for PostmarketOS (Alexey Min and Davin Lin, Plasma 6.2.0. Link)

Prompted by a review from the SUSE security team, we implemented some security hardening that allows KAuth to use file descriptors rather than file paths, and implemented support for this on System Settings’ Login Screen page (Athul Raj Kollareth, Frameworks 6.5 and Plasma 6.2.0. Link 1 and link 2)

Fixed the source of the findInCache with a lastModified timestamp of 0 is deprecated log spam, especially on immutable OS style distros like Fedora Kinoite (Timothée Ravier, Frameworks 6.5. Link)

Notable in Automation & Systematization

In Elisa, added a test for restarting the file indexer, fixed a perpetually broken test, and turned on the “tests must pass” feature to ensure that tests don’t break again in the future (Jack Hill, link)

…And Everything Else

This blog only covers the tip of the iceberg! If you’re hungry for more, check out https://planet.kde.org, where you can find more news from other KDE contributors.

How You Can Help

If you use have multiple systems or an adventurous personality, you can really help us out by installing beta versions of Plasma using your distro’s available repos and reporting bugs. Arch, Fedora, and openSUSE Tumbleweed are examples of great distros for this purpose. So please please do try out Plasma beta versions. It truly does help us! Heck, if you’re very adventurous, live on the nightly repos. I’ve been doing this full-time for 5 years with my sole computer and it’s surprisingly stable.

Does that sound too scary? Consider donating today instead! That helps too.

Otherwise, visit https://community.kde.org/Get_Involved to discover other ways to be part of a project that really matters. Each contributor makes a huge difference in KDE; you are not a number or a cog in a machine! You don’t have to already be a programmer, either. I wasn’t when I got started. Try it, you’ll like it! We don’t bite!

Multi-factor authentication is a must have feature in any modern web application. Specially providing support for both TOTP (think applications on phone) and FIDO2 (say Yubikeys) usage. I created a small Django demo mfaforgood which shows how to enable both.

I am using django-mfa3 for all the hard work, but specially from a PR branch from my friend Giuseppe De Marco.

I also fetched the cbor-js package in the repository so that hardware tokens for FIDO2 to work. I hope this example will help you add the MFA support to your Django application.

Major points of the code

• Adding example templates from MFA project, with admin theme and adding cbor-js to the required templates.
• Adding mfa to INSTALLED_APPS.
• Adding mfa.middleware.MfaSessionMiddleware to MIDDLEWARE.
• Adding MFA_DOMAIN and MFA_SITE_TITLE to settings.py.
• Also adding STATICFILES_DIRS.
• Adding mfa.views.MFAListView as the Index view of the application.
• Also adding mfa URLs.

After login for the first time one can enable MFA in the following screen.