FLOSS Project Planets
PyCoder’s Weekly: Issue #629 (May 14, 2024)
#629 – MAY 14, 2024
View in Browser »
In this video course, you’ll learn how to flatten a list of lists in Python. You’ll use different tools and techniques to accomplish this task. First, you’ll use a loop along with the .extend() method of list. Then you’ll explore other tools, including reduce(), sum(), itertools.chain(), and more.
REAL PYTHON course
Python 3.13 has gone into beta, which means the feature freeze is now in place. This is the official listing of the new features in 3.13. This release includes changes to the REPL, new typing features, experimental support for disabling the GIL, dead battery removal, and more.
PYTHON
Join us on May 30th: we’ll give a brief overview of Sagas, including challenges and benefits. Then we’ll introduce you to Temporal and demonstrate how easy it is to build, test, and run Sagas using our platform and coding in your preferred language. Prior knowledge of Temporal is not required →
TEMPORAL sponsor
A set is a built-in data type that provides fast lookup and insertion with characteristics similar to those of dictionary keys. This article explores the relationship between sets and dictionaries by implementing a set class.
RODRIGO GIRÃO SERRÃO
This is a deep, in the weeds analysis of how different packages can store the same kinds of data in a different order, and how row-based vs column-based storage order can affect NumPy’s speed to process the data. The not often examined “strides” value of a NumPy array specifies how things are stored and this article shows an interesting approach to getting around this value for speed-up.
YOSSI KREININ
Python 3.13 just hit feature freeze with the first beta release, and it includes a host of improvements to the REPL. Automatic indenting, block-level editing, and more make the built-in REPL more powerful and easier to use.
TREY HUNNER
Apache Parquet files are a popular columnar storage format used by data scientists and anyone using the Hadoop ecosystem. By using the pyarrow package, you can read and write Parquet files, this tutorial shows you how.
MIKE DRISCOLL
Writing good tests means having data to test with. The factory-boy library helps you create fake data that you can use with your tests. This article shows you how to use factory-boy with Django ORM models.
AIDAS BENDORAITIS
This tutorial dives into Python sequences, which is one of the main categories of data types. You’ll learn about the properties that make an object a sequence and how to create user-defined sequences.
REAL PYTHON
You’ve probably come across articles on Large Language Models (LLMs) and may have tried products like ChatGPT. This article explains how these tools work without resorting to advanced math.
MIGUEL GRINBERG
wxPython is a GUI toolkit for the Python programming language. This article introduces you to building GUIs by creating a personal calculator.
MIKE DRISCOLL
Ever wanted to add concurrency to your concurrency? You can run multiple asyncio event loops by using threading. This articles shows you how.
JASON BROWNLEE
This article explains how asyncio works by showing you how to re-create it using generators and the __await__ method.
JACOB PADILLA • Shared by Jacob Padilla
Nat responds to a presentation by C J Silverio on how software gets made at small to medium sized organizations.
NAT BENNETT
May 15, 2024
REALPYTHON.COM
May 15 to May 24, 2024
PYCON.ORG
May 16, 2024
MEETUP.COM
May 16, 2024
PYLADIES.COM
May 17 to May 18, 2024
FLASKCON.COM
May 17 to May 18, 2024
PYGRUNN.ORG
May 17, 2024
OPENLAB.EC
Happy Pythoning!
This was PyCoder’s Weekly Issue #629.
View in Browser »
[ Subscribe to 🐍 PyCoder’s Weekly 💌 – Get the best Python news, articles, and tutorials delivered to your inbox once a week >> Click here to learn more ]
Aten Design Group: Drupal API Development Simplified with APITools Module
One of Drupal’s most important features is its ability to integrate seamlessly with other systems (CRMs, eCommerce Platforms, Event Management Platforms, etc). Drupal can expose data using modules like JSON:API, which are integral parts of Drupal Core. Moreover, it can also consume data and make HTTP requests using standard HTTP methods. This post will focus primarily on the latter—highlighting how a module named APITools simplifies the process for Drupal developers.
BackgroundIn researching the history of HTTP request handling in Drupal, I discovered that drupal_http_request has been around since version 5.x. It was described as:
"A flexible and powerful HTTP client implementation that correctly handles GET, POST, PUT, or any other HTTP requests, including handling redirects."
Throughout Drupal versions 6.x and 7.x, drupal_http_request continued to be a go-to option, seemingly simpler than using PHP's CURL function directly—a tool that many developers find intricate. With the release of Drupal 8, Drupal::httpClient replaced drupal_http_request, granting developers access to Guzzle—the de facto HTTP client in the PHP community.
While httpClient/Guzzle is typically the preferred choice for HTTP requests, it's rare that any request happens without some form of authentication. Although OAuth 2 has emerged as a standard for API authentication, the specifics can vary considerably between different APIs. This variability doesn’t mean the principles of OAuth 2 aren’t followed; rather, the implementations differ just enough that attempts to abstract this functionality into a universal module have faced challenges. As a result, developers frequently find themselves writing slightly different code for each API integration to accommodate these nuances. APITools attempts to be just helpful enough in these sorts of situations without making too many assumptions.
Leveraging APITools for the Drupal Zoom API ModuleI personally maintain the Drupal Zoom API module, and over the past year, Zoom has changed their authentication requirements. This challenge prompted me to explore the APITools module, maintained by my friend and colleague Alan Sherry. What attracted me most to APITools was its ability to offer configurable options for storing credentials and an extensible client plugin that routes all API requests through a specified authentication method. By using APITools, I significantly reduced the amount of code in the Zoom API module and quickly released a version 3.x, which is compatible with Zoom’s "Server-to-Server OAuth" authentication method. The configuration form and the majority of the API client are now provided by APITools, reducing the amount of code I’ll need to maintain in the Zoom API module.
If you, like me, maintain an API-focused contrib module or need a reliable HTTP client for one-off tasks, I highly encourage you to explore APITools. With a little setup time, you can configure your ApiToolsClient and start making requests effortlessly.
The fact is, there are numerous API client modules on Drupal.org, each tailored for different services. APITools offers an opportunity for a more consistent and efficient approach. I hope you'll check it out!
Getting Started / ExamplesWe've written some documentation on Drupal.org for you to reference. For a fairly complete example in the Drupal contrib space, checkout the client plugin that is part of the Zoom API module.
Additional ExamplesWe’ve created a repository with some various API clients that will hopefully help with getting started.
- Acalog - Simple api key implementation
- Auth0 - Access token request with audience and grant type
- Brandfolder - An example of using an sdk as a base with an apitools client wrapper around it
- Localist - Example of a static access token created by an administrator
- Sharepoint - Access token with audience / grant type, and “ext_expires_in” instead of “expires_in”
If you decide to use APITools, we’d love to hear about your experience in the blog comments below.
Joel SteidlFSF Blogs: We need your help to release the LibrePlanet 2024 videos
ADCI Solutions: How to quickly integrate Angular with a Drupal website
Programiz: Python List
Real Python: HTML and CSS Foundations for Python Developers
When you want to build websites as a Python programmer, there’s no way around HTML and CSS. Almost every website on the Internet is built with HTML markup to structure the page. To make a website look nice, you can style HTML with CSS.
If you’re interested in web development with Python, then knowing HTML and CSS will help you understand web frameworks like Django and Flask better. But even if you’re just getting started with Python, HTML and CSS can enable you to create small websites to impress your friends.
In this video course, you’ll learn how to:
- Structure a basic HTML file
- View and inspect HTML in your browser
- Insert images and page links
- Style a website with CSS
- Format HTML with accessibility in mind
- Use Python to write and parse HTML code
[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]
Matt Glaman: Starshot, recipe to cook up ambitious Drupal applications
This blog post was inspired by my time at DrupalCon Portland and the Driesnote, announcing Starshot.
There has also been a story about Drupal being a series of building blocks for building your own CMS (or other application). Often, it has been compared to building a LEGO® set. The idea is that you have Drupal core and contributed modules, acting as individual pieces, to build an application that meets your desired needs. Oftentimes, this could be done without writing any code. As someone who built with Drupal, this made so much sense. You take disparate components, build on a solid base, and have this magical software built with minimal code (if you choose) that meets your needs. That metaphor always stuck, but it was pretty flawed, and I never really understood why until DrupalCon Portland 2024, last week.
KDE e.V. is looking for a graphic designer for environmental sustainability project
KDE e.V., the non-profit organisation supporting the KDE community, is looking for a graphic designer to implement materials (print design, logo design, infographics, etc.) for a new environmental sustainability campaign within KDE Eco. Please see the job ad for more details about this employment opportunity.
We are looking forward to your application.
PyCharm: PyCharm at PyCon US 2024: Engage, Learn, and Celebrate!
We’re thrilled to announce that the PyCharm team will be part of the vibrant PyCon US 2024 conference in Pittsburgh, Pennsylvania, USA. Join us for a series of engaging activities, expert talks, live demonstrations, and fun quizzes throughout the event!
Here’s a sneak peek at what we have lined up for you. Unless otherwise specified, all activities mentioned will take place at the JetBrains PyCharm booth.
Engaging talks and live demonstrations1. Lies, damned lies, and large language models
Speaker: Jodie Burchell
Dive into the intricacies of large language models (LLMs) with Jodie Burchell’s talk. Discover the reasons behind LLM hallucinations and explore methods like retrieval augmented generation (RAG) to mitigate these issues.
📅 Date and time: May 18, 1:45 pm – 2:15 pm
📍 Location: Ballroom BC
Learn more about this talk
2. XGBoost demo and book signing with Matt Harrison
Get hands-on with XGBoost in this engaging demo, during which you can ask Matt Harrison any questions you have about the gradient boosting library.
📅 Date and time: May 17, 10:30 am
🎁 Giveaway: The first 20 attendees will get a free signed copy of Effective XGBoost.
3. Build a fully local RAG app for a variety of files in just 20 minutes
Presenter: Maria Khalusova
Watch a live demonstration on setting up a fully local RAG application in just 20 minutes. Gain insights from Maria Khalusova, an expert from Unstructured and former Hugging Face employee.
📅 Date and time: May 17, 4:10 pm
4. PyCharm on-demand demos
Discover how to boost your efficiency in data science and web development projects with PyCharm’s latest features. Have any questions or feedback? Our team lead, product manager, and developer advocates will be there to discuss everything PyCharm with you.
5. Qodana on-demand demos
Enhance your team’s code quality with our Qodana static code analysis tool. Drop by the PyCharm booth for on-demand demos and learn how to maintain high-quality, secure, and maintainable code.
1. Data science quizzes with Matt Harrison
Kick off the event with our exciting quiz session during the opening reception. Engage in challenging questions and stand a chance to win a copy of Effective Pandas 2.0.
📅 Date and time: May 16, 5:30 pm
2. More quizzes! More prizes!
Continue testing your knowledge on May 17 at 1:20 pm. Win a one-year subscription to PyCharm Professional or a voucher for JetBrains merch.
1. Share your Python story
Want to share your Python experiences with us? Get interviewed by Paul Everitt at our booth! Our video crew will be on-site throughout the conference to capture your stories and insights.
2. Talk Python To Me: Live podcast recording
Join Michael Kennedy for a live recording with guests Maria Jose Molina-Contreras, Jessica Greene, and Jodie Burchell.
📅 Date and time: May 18, 10:10 am
2. The Black Python Dev community’s first anniversary
Celebrate the Black Python Developers group’s milestone with Jay Miller.
📅 Date and time: May 18, 12:45 pm
3. Frontend testing office hours with Paul Everitt
Got questions about frontend testing? Paul Everitt has the answers! Visit our booth to engage directly with an expert.
📅 Date and time: May 18, 3:45 pm
Don’t miss out on these exciting opportunities to deepen your knowledge, network with peers, and celebrate achievements in the Python community. See you there!
PyCon: Get ready for PyCon US 2024! Tips and tricks from our community.
If you’re wondering about who else you will meet or what to do during your time at the conference, check out this video to hear advice from other experienced PyCon US attendees.
Thank you to our community members for helping us with the creation of the video, and for sharing their experiences and advice to the community:
- Carol Willing
- Ned Batchelder
- Ngazetungue Muheue
- Donghee Na
- Kojo Idrissa
- Abigail Afi Gbadago
- Velda Kiara
- Kattni Rembor
- Takanori Suzuki
- Denny Perez
- Maria Jose Molina
- Mario Munoz
- Tammy Do
- Jules/Juliana Barros Lima
In addition to all the talks, tutorials, Charlas, and keynotes, PyCon US offers additional activities and events, including Open Spaces, Sprints, Summits. Check out the full list on our conference website under the Events menu.
First time attendee at PyCon US are recommended to attend the Newcomer Orientation on Thursday at 4:30 PM.
Also new this year is the Hatchery Programs, which features four new tracks. While some of the Hatchery programs are now full, you will be delighted to know you don’t need to sign up in order to attend FlaskCon. Be sure to check them out.
Thank you everyone! Safe travels, and we look forward to meeting you soon!
Not yet registered for PyCon US? You still have time to register and join us either in-person or online.
Register here: https://us.pycon.org/2024/registration/register
Check our full schedule: https://us.pycon.org/2024/schedule/Julian Andres Klode: The new APT 3.0 solver
APT 2.9.3 introduces the first iteration of the new solver codenamed solver3, and now available with the –solver 3.0 option. The new solver works fundamentally different from the old one.
How does it work?Solver3 is a fully backtracking dependency solving algorithm that defers choices to as late as possible. It starts with an empty set of packages, then adds the manually installed packages, and then installs packages automatically as necessary to satisfy the dependencies.
Deferring the choices is implemented multiple ways:
First, all install requests recursively mark dependencies with a single solution for install, and any packages that are being rejected due to conflicts or user requests will cause their reverse dependencies to be transitively marked as rejected, provided their or group cannot be solved by a different package.
Second, any dependency with more than one choice is pushed to a priority queue that is ordered by the number of possible solutions, such that we resolve a|b before a|b|c.
Not just by the number of solutions, though. One important point to note is that optional dependencies, that is, Recommends, are always sorting after mandatory dependencies. Do note on that: Recommended packages do not “nest” in backtracking - dependencies of a Recommended package themselves are not optional, so they will have to be resolved before the next Recommended package is seen in the queue.
Another important step in deferring choices is extracting the common dependencies of a package across its version and then installing them before we even decide which of its versions we want to install - one of the dependencies might cycle back to a specific version after all.
Decisions about package levels are recorded at a certain decision level, if we reach a conflict we backtrack to the previous decision level, mark the decision we made (install X) in the inverse (DO NOT INSTALL X), reset all the state all decisions made at the higher level, and restore any dependencies that are no longer resolved to the work queue.
Comparison to SAT solver design.If you have studied SAT solver design, you’ll find that essentially this is a DPLL solver without pure literal elimination. A pure literal eliminitation phase would not work for a package manager: First negative pure literals (packages that everything conflicts with) do not exist, and positive pure literals (packages nothing conflicts with) we do not want to mark for install - we want to install as little as possible (well subject, to policy).
As part of the solving phase, we also construct an implication graph, albeit a partial one: The first package installing another package is marked as the reason (A -> B), the same thing for conflicts (not A -> not B).
Once we have added the ability to have multiple parents in the implication graph, it stands to reason that we can also implement the much more advanced method of conflict-driven clause learning; where we do not jump back to the previous decision level but exactly to the decision level that caused the conflict. This would massively speed up backtracking.
What changes can you expect in behavior?The most striking difference to the classic APT solver is that solver3 always keeps manually installed packages around, it never offers to remove them. We will relax that in a future iteration so that it can replace packages with new ones, that is, if your package is no longer available in the repository (obsolete), but there is one that Conflicts+Replaces+Provides it, solver3 will be allowed to install that and remove the other.
Implementing that policy is rather trivial: We just need to queue obsolete | replacement as a dependency to solve, rather than mark the obsolete package for install.
Another critical difference is the change in the autoremove behavior: The new solver currently only knows the strongest dependency chain to each package, and hence it will not keep around any packages that are only reachable via weaker chains. A common example is when gcc-<version> packages accumulate on your system over the years. They all have Provides: c-compiler and the libtool Depends: gcc | c-compiler is enough to keep them around.
New featuresThe new option --no-strict-pinning instructs the solver to consider all versions of a package and not just the candidate version. For example, you could use apt install foo=2.0 --no-strict-pinning to install version 2.0 of foo and upgrade - or downgrade - packages as needed to satisfy foo=2.0 dependencies. This mostly comes in handy in use cases involving Debian experimental or the Ubuntu proposed pockets, where you want to install a package from there, but try to satisfy from the normal release as much as possible.
The implication graph building allows us to implement an apt why command, that while not as nicely detailed as aptitude, at least tells you the exact reason why a package is installed. It will only show the strongest dependency chain at first of course, since that is what we record.
What is left to do?At the moment, error information is not stored across backtracking in any way, but we generally will want to show you the first conflict we reach as it is the most natural one; or all conflicts. Currently you get the last conflict which may not be particularly useful.
Likewise, errors currently are just rendered as implication graphs of the form [not] A -> [not] B -> ..., and we need to put in some work to present those nicely.
The test suite is not passing yet, I haven’t really started working on it. A challenge is that most packages in the test suite are manually installed as they are mocked, and the solver now doesn’t remove those.
We plan to implement the replacement logic such that foo can be replaced by foo2 Conflicts/Replaces/Provides foo without needing to be automatically installed.
Improving the backtracking to be non-chronological conflict-driven clause learning would vastly enhance our backtracking performance. Not that it seems to be an issue right now in my limited testing (mostly noble 64-bit-time_t upgrades). A lot of that complexity you have normally is not there because the manually installed packages and resulting unit propagation (single-solution Depends/Reverse-Depends for Conflicts) already ground us fairly far in what changes we can actually make.
Once all the stuff has landed, we need to start rolling it out and gather feedback. On Ubuntu I’d like automated feedback on regressions (running solver3 in parallel, checking if result is worse and then submitting an error to the error tracker), on Debian this could just be a role email address to send solver dumps to.
At the same time, we can also incrementally start rolling this out. Like phased updates in Ubuntu, we can also roll out the new solver as the default to 10%, 20%, 50% of users before going to the full 100%. This will allow us to capture regressions early and fix them.
Specbee: Drupal Translation Modules: How to create Multilingual Drupal websites
Web Wash: Download and Install Drupal Starshot
Drupal Starshot is a new packaged and pre-configured version of Drupal that was announced at DrupalCon Portland. It is not a separate fork or rewrite of Drupal.
Drupal Starshot takes advantage of the new Recipes feature introduced in Drupal versions 10.3 and 11.
Recipes allow installing Drupal with a complete, ready-to-use website, going beyond the standard installation profile.
More details about the Drupal Starshot initiative are available on its official page.
EuroPython: Community Post: The Invisible Threads that sustained me in STEM/Tech
My name is Joana Owusu-Appiah, and I am currently pursuing an MSc degree in Medical Imaging and Applications. I am originally from Ghana, but as my colleague likes to put it, I am currently backpacking through Europe. So depending on when you see this, my location might have changed.
I hold a Bachelor of Science degree in Biomedical Engineering from Kwame Nkrumah University of Science and Technology, Ghana. Prior to commencing my graduate studies, I dabbled in data science and analytics, gaining experience in visualizing and manipulating data using various tools (Python, Power BI, Excel, SQL). My current research focuses on computer vision applications on medical images.
Do I consider myself a woman in tech? I guess if it means knowing how to use a computer (lol) and understanding that photo editing is based on image processing algorithms and deep learning, then I might be close.
Has it always been this way? No.
What changedI am a first-generation university student. In my country, or how it used to be, growing up, the smarter students were encouraged to pursue General Science in high school because it ultimately ensured job security. In high school, my primary ambition was to attend medical school. However, as a backup plan, I stumbled upon Biomedical Engineering (BME), which fascinated me with its potential. It quickly became my secondary option. Interestingly, everyone I spoke to knew nothing about it. Guess who would jump at any opportunity to give a lecture about this mystery degree? Me!
Side note: My high school biology teacher mentioned that neurons (nerve cells), once damaged, could never be repaired, but he also said that they functioned like wires. I thought to myself, if I merged this pathological accident and the BME I had read about, then I could replace damaged nerves with wires (some day). I ran with this new, uninformed career goal.Fun fact: I didn&apost get into medical school, but I did get into the BME program. I quickly realised that technical drawing (a requisite course for all engineering freshers) was definitely not going to equip me to fix Neurons, and that the only viable role for BM E graduates in my country was clinical engineering (maintenance and installation of medical equipment - or so I thought). Clinical engineering wasn’t something I wanted to try, so I needed an escape!
Programming looked interesting, but also difficult and meant for very smart people. However, I gave it a shot during covid. PyLadies Ghana was organising a data science boot camp, and I decided to try.
[Heads up: My undergraduate degree had programming courses like Introduction to C and Object-Oriented Programming with Java( I had collaborated with people on some projects then), but for some reason, I couldn&apost get my brain to enjoy it…]
The Real Reason you’re hereDuring the boot camp, some of the participants were absorbed into the national online community of Python Ghana because more resources and opportunities were being shared there. It turned out: I was looking for an escape without any destination. Members of the community seemed very vibrant; there was always a job opening up for grabs, a new free online course or banter on trendy tech topics. My main struggle was finding a niche to belong; what was in tech for me?
My interest in health never waned, so you would usually see me reposting information on female health, breast cancer, etc. The PyLadies Ghana Lead, at that time, Abigail Mesrenyame Dogbe noticed it and in October (Breast Cancer Awareness month) she tasked me to help organise a session for the members of PyLadies Ghana. I moderated the session and it was very successful. My very first visible interaction with the community!
Abigail asked if I wanted to keep contributing to the Communications team( the comms team is the main organising force of PyLadies Ghana ) or default to being just a member. I opted for the former. In my eyes, this was a big deal; being asked to stay on the team meant a ton, It was a validation of a certain value I had to offer. I made mistakes, I created terrible designs, and I missed deadlines, but I also learned a lot. I learned how to use tools like Canva, schedule virtual calls, MS Office tools (Excel, Docs), write official emails, organise events, etc. I was helping with social media engagements, and I didn&apost even have a vibrant social media presence. I was recommended to help with Public Relations (PR) and social media for a connected tech community(Ghana Data Science Summit-IndabaX Ghana) that organises annual data science conferences.
Two years later, I got the opportunity to mentor ladies in the very bootcamp that led me into the community. The ripple effects of my involvement with PyLadies Ghana are diverse, ranging from giving a lightning talk to speaking to young girls about STEM, to helping organise Django Girls at PyCon Ghana 2022, and more…
STEM outreach for teenage girls on International Women&aposs Day 2023Unknown to everyone, I had contemplated brushing the study of data science under the carpet as a ‘failed project’ and moving on to something else. Staying committed to the community, watching the members, and participating in events encouraged me to keep trying. I attended conferences, met and saw women who had achieved great things in data science and machine learning, which meant that I could also, through their stories, find a plan to help me get close to what they had done.
I was always fascinated by their work conversations because wow, these women work in tech?! Some community members had secured scholarships and were pursuing higher STEM degrees abroad while others worked for top tech companies.
After covid, my plan for life after school was to either hone my programming skills and get a good job in a Ghanaian tech company and/or find graduate programs that would enable me to work on my Neurons(of course I had developed other interests). I got into a specialised data science and analytics fellowship with Blossom Academy (more about the training here), landed my first tech role through it, and later began my master’s degree.
The Intro slide of the Data science bootcamp I mentored at!The threads that sustained me in tech were the people, the conversations, and the inclusive atmosphere the Ghanaian community created for people with different personalities to thrive. My journey in STEM can be traced back to that pivotal moment in 2020 when I was offered the opportunity to belong and I seized it!
Doug Hellmann: sphinxcontrib-sqltable 2.1.1 - db cursor fix
Python Bytes: #383 Why aren’t devs shipping faster?
Taavi Väänänen: Wikimedia Hackathon Tallinn 2024
This year's Wikimedia Hackathon was held in early May in Tallinn, Estonia. Like last year, it was a great opportunity to both see people I work with regularly, including people in my own team that I had not seen in person before, and to work with and help people that I have had very limited interactions with before.
Image by Olari Pilnik is licensed under CC BY-SA 4.0.
I presented a session about Puppet (slides), the configuration management tool used on Wikimedia infrastructure (and some other projects I've been involved on) which I think went quite well. I also organized (read: picked a spot for in the schedule) the cuteness meetup.
In addition to the sessions, the main focus of the event was, of course, hacking. As usual, I didn't make any major plans beforehand, and instead ended up working on several smaller projects as they popped up.
Here is a list of things I can remember working on:
- I fixed several small issues in LibUp that makes it pass on more MediaWiki repositories (including core.git). James and I also migrated the LibUp configuration to GitLab.
- I finished up an MR to grunt-banana-checker to add support for automatically fixing some common issues that were causing LibUp failures and to fix some minor bugs.
- I worked with Piotr to get some of my patches to the OATHAuth and WebAuthn MediaWiki extensions merged. This is a part of my project to add support for more than one two-factor authentication device at a time that I was also working on during the Wikimania 2023 hackathon. Next up on this project is writing some UI code.
- I fixed Wikimedia Gerrit twice after it had some issues that needed SRE intervention.
- I sent a patch to Wikimedia's Phabricator/Phorge fork to add a new fox token. This ended up being deployed on Sunday and I got to showcase this during the hackathon showcase.
- Reedy and I implemented support for foxes in WikiLove. I also wrote a bot to spam foxes to Sammy's talk pages on the beta cluster.1 (This also involved a fun side quest to get a working thumbnail for the fox image we used to show up on Beta since the thumbnailing there is broken.)
- I removed some deprecated code from core to earn the MediaWiki track T-shirt. I also reviewed a bunch of patches by others trying to earn that T-shirt.2
- I found and reported some bugs relating to Parsoid read views on Commons.
- I processed some Toolforge account approval requests and Cloud VPS project requests. I also helped some people debug some Cloud VPS issues.
- I helped Bryan debug and fix an issue with HTTP/1.1 streams through the Toolforge front proxy.
- I made some queries on the Wiki Replicas accidentally very slow and then fixed them to be fast again on the next day.
- Got a 100% helpful, harmless, useful, etc. patch merged to something. I will provide no more details on this one.
Finally, a conversation I had at the hackathon resulted in me nominating Novem Linguae for mediawiki/* +2 access a few days after the hackathon.
I had a great time, and the ferry trip to Tallinn was much nicer than the very early flight I had last year. I can't wait to see you all again :-)
Disclosure: I am currently a Wikimedia Foundation contractor, and the Foundation did pay for my travel to Tallinn. This is my personal blog and these are my own opinions.
-
Since backporting this change felt too risky to do on the weekend, and also I have a feeling I'd get in troble if I ran an unapproved bot that edited on random wikis on our production wiki farm. ↩︎
-
Anyone who got 5 or more patches to core.git merged during the Hackathon got a cool MediaWiki T-shirt. ↩︎
Freexian Collaborators: Monthly report about Debian Long Term Support, April 2024 (by Roberto C. Sánchez)
Like each month, have a look at the work funded by Freexian’s Debian LTS offering.
Debian LTS contributorsIn April, 19 contributors have been paid to work on Debian LTS, their reports are available:
- Abhijith PA did 0.5h (out of 0.0h assigned and 14.0h from previous period), thus carrying over 13.5h to the next month.
- Adrian Bunk did 35.75h (out of 17.25h assigned and 40.5h from previous period), thus carrying over 22.0h to the next month.
- Bastien Roucariès did 25.0h (out of 25.0h assigned).
- Ben Hutchings did 24.0h (out of 9.0h assigned and 15.0h from previous period).
- Chris Lamb did 18.0h (out of 18.0h assigned).
- Daniel Leidert did 10.0h (out of 10.0h assigned).
- Emilio Pozuelo Monfort did 46.0h (out of 12.0h assigned and 34.0h from previous period).
- Guilhem Moulin did 14.75h (out of 20.0h assigned), thus carrying over 5.25h to the next month.
- Lee Garrett did 51.25h (out of 0.0h assigned and 60.0h from previous period), thus carrying over 8.75h to the next month.
- Markus Koschany did 40.0h (out of 40.0h assigned).
- Ola Lundqvist did 22.5h (out of 19.5h assigned and 4.5h from previous period), thus carrying over 1.5h to the next month.
- Roberto C. Sánchez did 11.0h (out of 9.25h assigned and 2.75h from previous period), thus carrying over 1.0h to the next month.
- Santiago Ruano Rincón did 20.0h (out of 20.0h assigned).
- Sean Whitton did 9.5h (out of 4.5h assigned and 5.5h from previous period), thus carrying over 0.5h to the next month.
- Stefano Rivera did 1.5h (out of 0.0h assigned and 10.0h from previous period), thus carrying over 8.5h to the next month.
- Sylvain Beucler did 12.5h (out of 22.75h assigned and 35.0h from previous period), thus carrying over 45.25h to the next month.
- Thorsten Alteholz did 14.0h (out of 14.0h assigned).
- Tobias Frost did 10.0h (out of 12.0h assigned), thus carrying over 2.0h to the next month.
- Utkarsh Gupta did 3.25h (out of 28.5h assigned and 29.25h from previous period), thus carrying over 54.5h to the next month.
In April, we have released 28 DLAs.
During the month of April, there was one particularly notable security update made in LTS. Guilhem Moulin prepared DLA-3782-1 for util-linux (part of the set of base packages and containing a number of important system utilities) in order to address a possible information disclosure vulnerability.
Additionally, several contributors prepared updates for oldstable (bullseye), stable (bookworm), and unstable (sid), including:
- ruby-rack: prepared for oldstable, stable, and unstable by Adrian Bunk
- wpa: prepared for oldstable, stable, and unstable by Bastien Roucariès
- zookeeper: prepared for stable by Bastien Roucariès
- libjson-smart: prepared for unstable by Bastien Roucariès
- ansible: prepared for stable and unstable, including autopkgtest fixes to increase future supportability, by Lee Garrett
- wordpress: prepared for oldstable and stable by Markus Koschany
- emacs and org-mode: prepared for oldstable and stable by Sean Whitton
- qtbase-opensource-src: prepared for oldstable and stable by Thorsten Alteholz
- libjwt: prepared for oldstable by Thorsten Alteholz
- libmicrohttpd: prepared for oldstable by Thorsten Alteholz
These fixes were in addition to corresponding updates in LTS.
Another item to highlight in this month’s report is an update to the distro-info-data database by Stefano Rivera. This update ensures that Debian buster systems have the latest available information concerning the end-of-life dates and other related information for all releases of Debian and Ubuntu.
As announced on the debian-lts-announce mailing list, it is worth to point out that we are getting close to the end of support of Debian 10 as LTS. After June 30th, no new security updates will be made available on security.debian.org.
However, Freexian and its team of paid Debian contributors will continue to maintain Debian 10 going forward for the customers of the Extended LTS offer. If you still have Debian 10 servers to keep secure, it’s time to subscribe!
Thanks to our sponsorsSponsors that joined recently are in bold.
- Platinum sponsors:
- TOSHIBA (for 104 months)
- Civil Infrastructure Platform (CIP) (for 72 months)
- Gold sponsors:
- Roche Diagnostics International AG (for 115 months)
- Linode (for 109 months)
- Babiel GmbH (for 98 months)
- Plat’Home (for 98 months)
- CINECA (for 72 months)
- University of Oxford (for 54 months)
- Deveryware (for 41 months)
- VyOS Inc (for 36 months)
- EDF SA (for 25 months)
- Silver sponsors:
- Domeneshop AS (for 119 months)
- Nantes Métropole (for 114 months)
- Univention GmbH (for 105 months)
- Université Jean Monnet de St Etienne (for 105 months)
- Ribbon Communications, Inc. (for 99 months)
- Exonet B.V. (for 89 months)
- Leibniz Rechenzentrum (for 83 months)
- Ministère de l’Europe et des Affaires Étrangères (for 67 months)
- Cloudways by DigitalOcean (for 56 months)
- Dinahosting SL (for 54 months)
- Bauer Xcel Media Deutschland KG (for 48 months)
- Platform.sh SAS (for 48 months)
- Moxa Inc. (for 42 months)
- sipgate GmbH (for 39 months)
- OVH US LLC (for 37 months)
- Tilburg University (for 37 months)
- GSI Helmholtzzentrum für Schwerionenforschung GmbH (for 29 months)
- Soliton Systems K.K. (for 26 months)
- THINline s.r.o.
- Bronze sponsors:
- Evolix (for 120 months)
- Seznam.cz, a.s. (for 120 months)
- Intevation GmbH (for 117 months)
- Linuxhotel GmbH (for 117 months)
- Daevel SARL (for 115 months)
- Bitfolk LTD (for 114 months)
- Megaspace Internet Services GmbH (for 114 months)
- NUMLOG (for 114 months)
- Greenbone AG (for 113 months)
- WinGo AG (for 113 months)
- Ecole Centrale de Nantes - LHEEA (for 109 months)
- Entr’ouvert (for 104 months)
- Adfinis AG (for 102 months)
- GNI MEDIA (for 96 months)
- Laboratoire LEGI - UMR 5519 / CNRS (for 96 months)
- Tesorion (for 96 months)
- Bearstech (for 87 months)
- LiHAS (for 87 months)
- Catalyst IT Ltd (for 82 months)
- Supagro (for 77 months)
- Demarcq SAS (for 76 months)
- Université Grenoble Alpes (for 62 months)
- TouchWeb SAS (for 54 months)
- SPiN AG (for 51 months)
- CoreFiling (for 46 months)
- Institut des sciences cognitives Marc Jeannerod (for 41 months)
- Observatoire des Sciences de l’Univers de Grenoble (for 38 months)
- Tem Innovations GmbH (for 33 months)
- WordFinder.pro (for 32 months)
- CNRS DT INSU Résif (for 31 months)
- Alter Way (for 24 months)
- Institut Camille Jordan (for 13 months)