Feeds

This is to announce findutils-4.10.0, a stable release.
See the NEWS below for more details.

GNU findutils is a set of software tools for finding files that match
certain criteria and for performing various operations on them.
Findutils includes the programs "find", "xargs" and "locate".
More information about findutils is available at:
  https://www.gnu.org/software/findutils/

Please report bugs and problems with this release via the the
GNU Savannah bug tracker:
  https://savannah.gnu.org/bugs/?group=findutils

Please send general comments and feedback about the GNU findutils
package to the mailing list (<mailto:bug-findutils@gnu.org):
  https://lists.gnu.org/mailman/listinfo/bug-findutils

There have been 88 commits by 8 people in the - sigh - 121 weeks since 4.9.0:
  Antonio Diaz Diaz (2)       James Youngman (24)
  Bernhard Voelker (57)       John A. Leuenhagen (1)
  Bjarni Ingi Gislason (1)    Shuiqing Zhou (1)
  Helmut Grohne (1)           ribbon (1)

This release was bootstrapped with the following tools:
   Autoconf 2.72
   Automake 1.16.5
   M4 1.4.18
   Gnulib v1.0-187-g623bcc22f4

Please consider supporting the Free Software Foundation in its fund
raising appeal; see <https://www.fsf.org/appeal/>.

Thanks to everyone who has contributed!

Have a nice day,
Bernhard Voelker [on behalf of the GNU findutils maintainers]

================================================================================

Here are the compressed sources:
  https://ftp.gnu.org/pub/gnu/findutils/findutils-4.10.0.tar.xz
   
Here are the GPG detached signatures[*]:
  https://ftp.gnu.org/pub/gnu/findutils/findutils-4.10.0.tar.xz.sig

Use a mirror for higher download bandwidth:
  http://www.gnu.org/order/ftp.html

Here is the SHA256 checksum:
 
  1387e0b67ff247d2abde998f90dfbf70c1491391a59ddfecb8ae698789f0a4f5  findutils-4.10.0.tar.xz

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

gpg --verify findutils-4.10.0.tar.xz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys A5189DB69C1164D33002936646502EF796917195

and rerun the 'gpg --verify' command.

================================================================================

NEWS

• Noteworthy changes in release 4.10.0 (2024-06-01) [stable]

** Bug Fixes

  Find now defaults to optimization level 1 rather than 2 and the
  cost-based optimizer will only run at level 2 and above.  This
  should prevent changes of operation order which result in
  user-visible differences in behaviour. [#58427]

  If the -P option to xargs is not used, xargs will not change the way
  in which the SIGUSR1 and SIGUSR2 signals are handled.  This means
  that they will cause the program to terminate if the signals were
  not ignored in the process which started xargs.  This also means that
  xargs does not use parallel execution at all.
  If you start xargs with '-P 1', then xargs will not be killed by these
  signals, and they instead change the degree of parallelism.
  This change improves xargs' POSIX compliance.

  'xargs -P' now waits for all its child processes to complete before
  exiting, even if one of them exits with status 255. [#64451]

  If the -P option of xargs is in use, reads on standard input which are
  interrupted by a signal are re-started. [#64442]

  'find -name /' no longer outputs a warning, because that is a valid pattern
  to match the root directory "/".  Previously, a diagnostic falsely claimed
  that this pattern would not match anything. [#62227]

  'find -gid' (without the mandatory argument) now outputs a correct error
  diagnostic.  Previously it output: "find: invalid argument `-gid' to `-gid'".
  The error diagnostic for non-numeric arguments has been improved as well.
  Likewise for -inum, -links and -uid.

  'find -user' and 'find -group' now allow to specify larger UIDs/GIDs.
  Previously, that was limited to INT_MAX, although the types uid_t and gid_t
  are larger on many systems, including x86_64 GNU/Linux. [#64900]

  'find -xtype l' no longer fails on symbolic links that point to
  themselves.  These are treated similarly to broken links. [#51926]

** Improvements

  The find predicates -used, -amin, -cmin, -mmin, -atime, -ctime, and -mtime
  now properly diagnose a not-a-number argument.  Previously, find dumped
  core via an assertion.  [#64717]

** Changes to the build process

  findutils now builds again on systems with musl-libc.
  This requires gettext-0.19.8.

  findutils programs no longer fail for timestamps past the year 2038
  on obsolete configurations with 32-bit signed time_t, because the
  build procedure now rejects these configurations.
  On systems without any year2038 support configure with --disable-year2038.

** Documentation Changes

  When generating the Texinfo manual, `makeinfo` is invoked with the --no-split
  option for all output formats now; this avoids files like find.info-[12].

  The xargs documentation now describes the double dash "--" option delimiter.

  The xargs examples in the Texinfo manual now use the -L and --replace options
  instead of the deprecated -l and -i options.  [#64480]

  The TexInfo manual now uses upper-case 'B' as birthtime for the -newerXY
  comparison consistently.  [#65378]

** Translations

Updated the following translations: Belarusian, Brazilian Portuguese,
Bulgarian, Catalan, Chinese (simplified), Chinese (traditional),
Croatian, Czech, Danish, Dutch, Esperanto, Estonian, Finnish, French,
Galician, Georgian, German, Greek, Hungarian, Indonesian, Irish,
Italian, Japanese, Korean, Lithuanian, Luganda, Malay, Norwegian
Bokmaal, Polish, Portuguese, Romanian, Russian, Serbian, Slovak,
Slovenian, Spanish, Swedish, Turkish, Ukrainian, Vietnamese.

A short status update of what happened on my side last month. A broken gcovr in Debian triggered a bit of busy work but 0.39.0 came out nicely nevertheless. We also reduced build time quiet a bit in phosh and phoc.

• Phosh.mobi

  • Release Phosh 0.39.0
  • Blog post on wakeup keys
  • Start video section

• phosh

  • Split mocked and real wall clock: Merge request
  • Speed up build: Merge request
  • Update CI and fix some leaks: Merge request
  • Generate initial Rust bindings for libphosh: https://gitlab.gnome.org/guidog/libphosh-rs
    • Preps for that:
      • Split headers from sources: Merge request
      • Allow to install headers and shared object: Merge request
  • Wire up screenshot keybinding: Merge request
  • Expose OverviewActive property: Merge request
  • Further reduce build time: Merge request
  • Add mocks for ModemManager and NM data connections: Merge request

• phoc

  • Move udev rules and hwdb entries downstream: Merge request
  • Speed up build: Merge request
  • Update wlroots to 0.17.3: Merge request
  • Doc updates: Merge request

• gmobile

  • Add wakeup-key hwdb and udev rules: Merge request
  • Release 0.2.0: Merge request
  • Simplify testing panel information of different devices: Merge request
  • Add hwdb entries for more devices: Merge request

• calls

  • Update ci images so MRs using newer libadwaita can land: Merge request

• mobile-broadband-provider-info:

  • Release 20240407

• feedbackd

  • Initial libfeedback Rust bindings
    • Crate: https://crates.io/crates/libfeedback
  • Test led probing using umockdev: Merge request

• livi:

  • Update flatpak deps: Merge request (This includes a patch from Sebastian Dröge to optionally switch to gtk4paintable sink)
  • Add GSetting for auido visualizer: Merge request

• chatty / libcmatrix

  • Update libcmatrix. This pulls in our changes from last month.

• python-dbusmock

  • Add initial ModemManager mock: Merge request (Makes the ModemManager mock in Phosh mentioned above simpler)

• Linux kernel

  • Export wakeup keys: Merge request
  • Don't wake up on volume key press: Merge request

• libcall-ui

  • Release 0.1.2: Merge request

• Debian

  • Fix and upload gcovr: Merge request, Issue
  • Workarond gcovr breackage in phosh-osk-stub, gmobile, mobile settings and phosh
  • Update wlroots
    • Upload 0.17.2 to sid: Merge request
    • Upload 0.17.3 to exerimental: Merge request
  • Mobile tweaks:
    • Upload new version: Merge request
    • Cleanup a bit: Merge request
    • update Librem 5 power mgmt rules so we don't lose the modem: Merge request (allowed me to drop all PureOS packages on my cross graded device)
  • feedbackd: Install missing docs (Closes: #1050601): Merge request

If you want to support my work see donations.

tl;dr: Your vote really counts!

Each vote in a UK General Election is worth maybe £100,000 - to you and all your fellow citizens taken together. If you really care about the welfare of everyone affected by actions of the UK government, then it’s worth that to you too.

• Introduction
• A method for back of the envelope calculation
• UK Parliament
• European Parliament
• Only if you care about other people as much as yourself!
• This is a very rough analysis
• Conclusion

Introduction

It seems a common perception that one vote, in amongst all those millions, doesn’t really matter. So maybe it’s not worth voting. But, voting is (largely) what determines what the government does - and the government is big. It’s as big as all the people.

If you are the kind of person who cares about what happens to everyone in your polity and indeed everyone its actions affect, then even your one vote is very important indeed.

A method for back of the envelope calculation

It would be nice to give a quantitative estimate. Many things in our society are measured in money, so let’s try taking a stab at calculating the money value of your vote.

The argument I’m going to make is this: the government (by which I include the legislature), which is selected by our votes, decides how to spend the national budget.

So, basically, I’m going to divide the budget, by the electorate.

UK Parliament

UK Parliamentary elections decide not only the House of Commons, but, through that, the government. The upper house, the House of Lords, has very limited influence. So I think it’s fair to regard the Parliamentary election as, simply, controlling that budget.

Being lazy, I’m going to use Wikipedia data. We have the size of the electorate, for 2019, 47.6 million. But your influence isn’t shared with the whole electorate, only with the other people who also vote. Turnout in 2019 was 67.3%. The 2019 budget isn’t listed but I’ll just average the 2018 and March 2020 figures £842bn and £873bn, so £857 billion. (Strictly speaking I should add up the budgets for the period of the Parliament, but that seems like a lot of effort.)

There’s a discrepancy in the timescale we need to account for. Your vote influences the budgets for several years, depending how long it is until the next election. Taking Wikipedia’s list of elections this century there’ve been 7 in 24 years. So that’s an average of about 3.4y.

So, multiplying it through, we have (£857b * (24 / 7)) / (47.6M * 67.3%), giving a guess at the value of your UK General Election vote:

£92,000.

European Parliament

2022 budget for the European Union (Wikipedia again) was €170.6 bn.

The last election, in 2019, had a turnout of 198,352,638. Each EU Parliament lasts 5 years.

The Parliament, however, shares responsibility for the budget with the European Council, which is controlled, ultimately, by national governments. We have to pick a numerical value for the Parliament’s share of the influence. Over the past years the Parliament has gradually been more willing to exercise its powers in this area. I’m going to arbitrarily call its share 50%.

The calculation, then, is €170.6 bn * 5 * 50% / 198M, giving a guess at the value of your EU Parliamentary Election vote:

€2150.

This much smaller figure reflects simply that the EU doesn’t spend very much money, for a polity of its size. (Those stories in the British press giving the impression that the EU is massively wasteful are, simply, lies.)

The interaction of this calculation with the Council’s share of the influence, and with national budgets, is a bit of a question, but given the much smaller amounts involved, it doesn’t seem worth thinking about that too hard.

Only if you care about other people as much as yourself!

All of this is only true for you if you value and want to help everyone in your society. That includes immigrants, women, unemployed people, disabled people, people who are much poorer or richer than you, etc.

If you think about it in purely personal terms, your vote is hardly worth anything - because while the effect of your vote, overall, is very large, that effect is shared by everyone in your polity. So if you only care about yourself, voting is a total waste of time. The more selfish and xenophobic and racist and so on you are - caring only about people like yourself - the less your vote is worth.

This is why voting is rightly seen as a civic duty. I just spent £30 to courier my EP vote to Den Haag. That only makes sense because I’m very willing to spend that £30 to try to improve the spending of the €2000 or so that’s my share of the EU budget.

This is a very rough analysis

These calculations neglect a lot of very important things: politics isn’t just about the allocation of resources. It’s also about values, and bad politics can seriously harm people.

Arguably many of those effects of your vote, are much more important than just how the budget is set and spent.

It would be interesting to see an attempt at a similar analysis but for taking into account life and death questions like hate crime, traffic violence, healthcare, refugees’ welfare, and so on. I’m not sure how to approach that. Maybe some real social scientists have done so? References welcome.

Also, even on its own terms, this analysis is very rough and ready. We haven’t modelled the ability of the government to change its tax rates; perhaps we should be multiplying GDP (or some other better measure) by 90% percentile total tax rate amongst “countries like this one”. The amount of influence that can be wielded by one vote is probably nonlinear in the size of the political faction, but IDK in which direction. In unfair voting systems like the UK’s, some people’s votes are worth much more than others. In a very marginal constituency, which is a target seat, your vote might be worth tens of millions. In a safe seat, it might “only” be worth a few thousand. And in practical terms you don’t get to choose precisely the policies you want; you have to pick a party, which is sometimes very much a question of the lesser evil.

So, there is much I haven’t modelled. But the key point stands:

Conclusion

Although your vote is diluted by everyone else’s votes, together, we control the government, which affects us all. So if you care about the whole of society, the big numbers in the divisor, and the numerator, cancel out.

You can think of your vote as controlling one citizen’s worth of government activity.

edited 2024-06-01 09:40 Z to fix a grammar botch

comments

During the last month we focused on fixing bugs, improving the behaviour of things, speeding-up performance issues - building on the changes from our last release. We also added some new features which we would like to introduce to you in this newsletter.

For an in depth overview of the Tryton issues please take a look at our issue tracker or see the issues and merge requests filtered by label.

Changes for the User CRM, Sales, Purchases and Projects

We’ve moved the language field on the party form to the header.

Accounting, Invoicing and Payments

Tryton now ensures the payment amount is greater than zero.

Stock, Production and Shipments

We’ve added a code with a sequence to the production bill of materials (BOM) to clearly distinguish similarly named BOMs.

We’ve also added a shipped state to the customer shipments.
The shipped-state becomes handy when the delivery process takes a long time.
After being packed now the delivery can become shipped or done (similar to internal and drop-shipments). The transition packed → shipped will delete the staging outgoing moves.

As stock lots are not associated with a company, we now ensure that sequences used to generate their numbers are not be linked to a specific company to avoid access right errors.

User Interface

We updated the TinyMCE in Sao to version 7 (see external changelog).

In all of our Tryton clients the user can now close tabs by clicking on them using the middle mouse button.

To avoid accidentally changing configuration values for external services, we now raise a confirmation warning when changing the credential settings in the following modules:

• account_payment_braintree
• account_payment_stripe

more… (click for more details) System Data and Configuration

We’ve standardized the format of pictures used in Tryton. Product and avatar images are converted to RGB with a resolution of 300 DPI, so we can rely on a consistent printed size.

We added a description field to the product image which can be used as the alt property on websites.

Now reports in Tryton can be printed with a company logo in PNG-format (for transparency support).

New Documentation

We added section anchors to each option of the configuration documentation. To refer to the docs of an option, you can now use e.g. Email settings <config-email>.

New Releases

We released bug fixes for the currently maintained long term support series
7.0 and 6.0, and for the penultimate series 6.8.

Changes for the System Administrator

The logging messages generated by modules and the bus have been unified.

The CSV import now handles the :lang= suffix when it is appended to a translatable field name.

Changes for Implementers and Developers

We’ve added partial support for the Unique and Exclude constraints in the SQLite backend with UNIQUE INDEX as long as they do not use parameters.

A python-format flag is now added to the PO-files.

Authors: @dave @pokoli @udono

1 post - 1 participant

Read full topic

Review: I Shall Wear Midnight, by Terry Pratchett

Series: Discworld #38 Publisher: Harper Copyright: 2010 Printing: 2011 ISBN: 0-06-143306-3 Format: Trade paperback Pages: 355

I Shall Wear Midnight is the 38th Discworld novel and the 4th Tiffany Aching novel. This is not a good place to start reading.

Tiffany has finished her training and has returned to her home on the Chalk, taking up her duties as the local witch. There are a lot of those, because there's a lot that needs doing. In some cases, such as taking away the pain of the old Duke, they involve things that require magic and that only Tiffany can do. In many other cases, other people could pick up some of the work, but they lack Tiffany's sense of duty and willingness to pay attention.

The people of the Chalk have always been a bit suspicious of witches, in part because the job was done for so long by Tiffany's grandmother and no one thought she was a witch. (She was a witch.) Of late, however, that suspicion seems to be getting worse. It comes to a head when Tiffany is accused of theft and worse by the old Duke's maid, a woman with very fixed ideas about the evils of witches. Tiffany has to sort out what's going on and clear herself, all while navigating her now-awkward relationship with the Duke's son Roland, his unimpressive fiancee, and his spectacularly annoying aunt.

Ah, this is the stuff. This is exactly the Tiffany Aching novel that I have been hoping Pratchett would write. It's pure, snarky competence porn from start to finish.

"I'm a witch. It's what we do. When it's nobody else's business, it's my business."

One of the things that I adore about this series is how well Pratchett shows the different ways in which one can be a witch. Granny Weatherwax out-thinks everyone and nudges (or shoves) people in the right direction, but her natural tendency is to be icy and a bit frightening. Nanny Ogg is that person you can't help but talk to, who may seem happy-go-lucky and hedonistic but who can effortlessly change the mood of a room. And Tiffany is stubborn duty and blunt practicality, which fits the daughter of shepherds. In previous books, we've watched Tiffany as a student, learning the practicalities of being a witch. This is the book where she realizes how much she knows and how much easier the world is to navigate when she's in her own territory.

There is a wonderful scene, late in this book, where Pratchett shows Nanny Ogg at her best, doing the kinds of things that only Nanny Ogg can do. Both Tiffany and the reader are in awe.

I should have learned this, she thought. I wanted to learn fire, and pain, but I should have learned people.

And it's true that Nanny Ogg can do things that Tiffany can't. But what makes this book so great is that it shows how Tiffany's personality and her training come together with her knowledge of the Chalk. She may not know people, in general, but she knows her neighbors and how they think. She doesn't manage them the way that Nanny Ogg would; she's better at solving different kinds of problems, in different ways. But they're the right ways, and the right problems, for her home.

This is another Discworld novel with a forgettable villain that's more of a malevolent force of nature than a character in its own right. It's also another Discworld novel where Pratchett externalizes a human tendency into a malevolent force that can possess people. I have mixed feelings about this narrative approach. That externalization of evil into (in essence) demons has been repeatedly used to squirm out of responsibility and excuse atrocities, and it neatly avoids having to wrestle with the hard questions of prejudice and injustice and why apparently good people do awful things.

I think some of those weaknesses persist even in Pratchett's hands, but I think what he was attempting with that approach in this book is to show how almost no one is immune to nastier ideas that spread through society. Rather than using the externalization of evil as an excuse, he's using it as a warning. With enough exposure to those ideas, they start sounding tempting and partly credible even to people who would never have embraced them earlier. Pratchett also does a good job capturing the way prejudice can start from thoughtless actions that have more to do with the specific circumstances of someone's life than any coherent strategy.

Still, the one major complaint I have about this book is that the externalization of evil is an inaccurate portrayal of the world, and this catches up with Pratchett at the ending. Postulating an external malevolent force reduces evil to something that can be puzzled out and decisively defeated, thus resolving the problem. Sadly, this is not how humans actually work.

I'll forgive that structural flaw, though, because the rest of this book is so good. It's rare that a plot twist in a Discworld novel surprises me — twisty plots are not Pratchett's strength — but this one did. I will not spoil the surprise, but one of the characters is not quite who they seem to be, and Tiffany's reactions once she figures that out are one of my favorite parts of this book. Pratchett is making a point about assumptions, observation, and the importance of being willing to change one's mind about someone when you know more, and I thought it was very well done.

But, most of all, I enjoyed reading about Tiffany being calm, competent, determined, and capable. There's also a bit of an unexpected romance plot that's one of my favorite types: the person who notices that you're doing a lot of work and quietly steps in and starts helping while paying attention to what's needed and not taking over. And it's full of the sort of pithy moral wisdom that makes Discworld such a delight to read.

"There have been times, lately, when I dearly wished that I could change the past. Well, I can't, but I can change the present, so that when it becomes the past it will turn out to be a past worth having."

This was just what I wanted. Highly recommended.

Followed by Snuff in publication order. The next (and last, sadly) Tiffany Aching book is The Shepherd's Crown.

Rating: 9 out of 10

VoltageDivide has an interesting article on Unconventional Uses of FPGAs [1]. Tagline – Every sensor is a temperature sensor, nearly everything is a resistor or a conductor if you try hard enough and anything is an antenna. Datasheets are just a suggestion, and finally, often we pretend things are ideal, when they often are not.

Interesting blog post about the way npm modules that depend on everything exposed flaws in the entire npm system [2]. The conclusion should have included “use a fake name for doing unusual tests”.

Krebs on Security has an interesting article about MFA bombing [3]. Looks like Apple has some flaws in their MFA system, other companies developing MFA should learn from this.

Joey wrote an informative blog post about the Vultr hosting company wanting to extract data from VMs run for clients to train ML [4]. If your email is stored on such a VM it could be “generated” by an AI system.

John Goerzen wrote an interesting post looking at the causes of the xz issue from a high level [5].

Interesting article about self proclaimed Autistic pro-natalists [6]. They seem somewhat abusive to their kids and are happy to associate with neo-Nazis. :(

Joey Hess wrote an interesting blog post about the possibility of further undiscovered attacks on xz [7]. Going back to an earlier version seems like a good idea.

The Guardian has an interesting article about Amazon’s 2 pizza rule and the way the company is structured [8]. It’s interesting how they did it, but we really need to have it broken up via anti-trust legislation.

John Goerzen wrote an informative post about Facebook censorship and why we should all move to Mastodon [9]. Facebook needs to be broken up under anti-trust laws.

Kobold Letters is an attack on HTML email that results in the visual representation of email changing when it is forwarded. [10]. You could have the original email hide some sections which are revealed with the recipient forwards it for a CEO impersonation attack.

• [1] https://tinyurl.com/yu2fk9gd
• [2] https://boehs.org/node/npm-everything
• [3] https://tinyurl.com/25oowm6n
• [4] https://joeyh.name/blog/entry/the_vulture_in_the_coal_mine/
• [5] https://tinyurl.com/2bp9ysrj
• [6] https://tinyurl.com/2bqoewzr
• [7] https://tinyurl.com/2yz3qrvu
• [8] https://tinyurl.com/y8gmut3n
• [9] https://tinyurl.com/27kn8a3y
• [10] https://lutrasecurity.com/en/articles/kobold-letters/

Related posts:

1. Links January 2024 Long Now has an insightful article about domestication that considers...
2. Links March 2024 Bruce Schneier wrote an interesting blog post about his workshop...
3. Links April 2024 Ron Garret wrote an insightful refutation to 2nd amendment arguments...

June already. Thinking about what to do in Debconf.

Here’s another minor git convenience which I’m blogging as a letter to my future self who needs to look it up again: git log with the filenames included, and git log with a bit of graphical annotation for the history structure.

These are just my brief notes. If you want a beautifully readable introduction to git, I suggest Julia Evans “How Git Works”.

Git commands have just so many options, so I can never remember what is what, but here are two alias entries from my ~/.gitconfig: They stand for file log and graph log, respectively.

[alias] flog = log --name-status glog = log --oneline --decorate --graph

With these aliases, git flog produces a log which lists the affected files and their status (added, modified, deleted, …) for each commit, which is nice for the “what files did I touch then?” question.

For a compact view, git glog only provides the one-line-summary message and tries to draw a history graph. In the case of linear history, that comes down to starting each line with a *, but git alligator history is a little more decorated – but still readable.

Armadillo is a powerful and expressive C++ template library for linear algebra and scientific computing. It aims towards a good balance between speed and ease of use, has a syntax deliberately close to Matlab, and is useful for algorithm development directly in C++, or quick conversion of research code into production environments. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 1151 other packages on CRAN, downloaded 34.6 million times (per the partial logs from the cloud mirrors of CRAN), and the CSDA paper (preprint / vignette) by Conrad and myself has been cited 584 times according to Google Scholar.

Conrad released a new upstream bugfix yesterday (to improve views of sparse matrices). We uploaded it yesterday too but it once agfain took a day for the hard-working CRAN maintainers to concur that the two NOTEs from reverse-dependency checking over 1100 packages were in a fact false positves. And so it appeared on CRAN earlier today. We also increased the versioned dependency on Rcpp to match the use of optional entry-point headers Rcpp/Light, Rcpp/Lighter and Rcpp/Lightest. No other changes were made.

The set of changes since the last CRAN release follows.

Changes in RcppArmadillo version 0.12.8.4.0 (2024-05-30)

• Upgraded to Armadillo release 12.8.4 (Cortisol Injector)

  • Faster handling of sparse submatrix views

• Update versioned Depends on Rcpp to 1.0.8 or later to match use of Light/Lighter/Lightest headers.

Courtesy of my CRANberries, there is a diffstat report relative to previous release. More detailed information is on the RcppArmadillo page. Questions, comments etc should go to the rcpp-devel mailing list off the Rcpp R-Forge page.

If you like this or other open-source work I do, you can sponsor me at GitHub.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

We’ll be back next week!

The following contributors got their Debian Developer accounts in the last two months:

• Patrick Winnertz (winnie)
• Fabian Gruenbichler (fabiang)

The following contributors were added as Debian Maintainers in the last two months:

• Juri Grabowski
• Tobias Heider
• Jean Charles Delépine
• Guilherme Puida Moreira
• Antoine Le Gonidec
• Arthur Barbosa Diniz

Congratulations!

Here's what I've been working on for my LocalGov Drupal contributions this week. Thanks to Big Blue Door for sponsoring the time to work on these.

A bit like Nate’s “5 minutes bugs” initiative, I’m announcing a new initiative to improve our applications ecosystem. The goal is to improve the quality and quantity of KDE applications and the number of application contributors. For anybody who knows me, it is not that surprising. Inside KDE, I have been mainly involved in apps for many years. I worked on all areas, from development (maintaining or co-maintaining many apps like NeoChat, Kontrast, MarkNote, Tokodon, and Arianna, and contributing to numerous other apps, but also design, promotion, websites (e.g., apps.kde.org) and even a bit of packaging (Flatpak and to a lesser extent Windows). Hopefully, making this a bit more public and making this an initiative with a bit more coordination will encourage more people to help :)

The good thing is that we don’t start from zero. In almost 30 years, KDE developers have developed over 200 applications, covering many use cases, from high-quality applications for artists (Krita, Kdenlive, Glaxnimate) to educational and office apps. We also have:

• tons of shared libraries that make developing new apps more straightforward and consistent
• an increasing amount of technical documentation on develop.kde.org/docs (Thanks to Thiago, Claudio, and everyone else who contributed to it)
• a nice auto-generated website that lists all of these apps (apps.kde.org)
• a whole CI/CD system that makes it easy to test and deploy our apps to Flatpak, Windows, macOS, Android and FreeBSD
• tooling for the user documentation and the translations of apps
• an opt-in service to ensure that apps are regularly released (KDE Gear)
• tools like Clazy and Heaptrack to improve the code quality and performance of KDE apps
• and a lot more

However there are prominent areas where we should improve our story; otherwise, we would already have a desktop and mobile market share of 90% and archived world domination.

More concrete here is a non-exclusive list of high-level tasks to achieve this goal.

Closing the Feature Gap

We need to identify missing apps compared to other app ecosystems (Windows, macOS, Android, iOS, and GNOME) and see where we could, with little effort, improve our app offering. While creating a KDE 3D editor like Blender is unrealistic, we could already go quite far by creating small apps that wrap up existing CLI tools or KDE libraries. To give some examples, I saw a few days ago that GNOME has a new document converter app called Morphosis. It’s a simple wrapper around Pandoc, and we could either do the same and wrap Pandoc or use Calligra’s rich collection of filters. Another example is a translation application; we already have a library in KTextAddons that does translations with many backends (offline and online), and the library even provides a ready-to-use widget. We could create a simple wrapper around KTextAddons, and boom; we get a new high-quality application with minimal maintenance effort.

Improving our Existing Applications

Aside from creating new applications, improving and reviving some of our applications is also highly valued. A lot of work has already been put into these applications, and by cleaning up their UI and bringing them up to our latest standard, we could go quite far. Some examples: Calligra (a complete office suite including presentation tool, spreadsheet, presentation, and vector editor), KTechLab (an IDE for microcontrollers and electronics), KWave (a sound editor), Parley (a vocabulary trainer).

Usually for every release, I try to have one or two apps, where I focus some time on it. In the past, I worked for example on KWordQuiz, KAlgebra, Koko. I recently ported Calligra to Qt6, so now one of my side quests is to figure out a way to have a modern QtQuick UI while using the current QPainter-based renderer using the new Window embedding in Qt 6.7

Better Marketting for our Applications

We need not only more apps but also better promotion. The apps.kde.org website has already helped a lot by listing all KDE apps, and more recently, we also created a lot of kde.org/for websites that list some KDE apps for some niches that might be interested in some of our apps. Further ideas on improving the marketing effort would be to promote new and lesser-known applications on social media regularly. But also publish a “This week in KDE apps” blog post that would cover all the news relating to first and third-party apps (e.g., new apps, updates, new app relevant APIs), and this would be community maintained with a process similar to this week in Matrix/GNOME/… where people write in a Matrix channel and a bot compile the relevant posts togethers. We need to make the progress on our apps more visible.

In addition to promoting first-party apps, we must figure out how to better promote third-party apps and extensions that use KDE Frameworks and integrate well with Plasma. Here, we could get some inspiration from the GNOME Circle initiative.

Make it More Accessible to Start a New Project

Documentation is essential in making it easy for newcomers to start projects. In the past few years, we have invested a lot of effort into that. I started develop.kde.org/docs, moved and updated a lot of old documentation from techbase.kde.org, and mentored a Season of KDE project to write a Kirigami tutorial. Nowadays, Thiago is fabulously leading the documentation effort. It is going in the right direction.

Aside from pure documentation, I’m impressed by the quality of the GNOME Workbench app and the number of examples it contains. I started a simple prototype of the same idea with Kirigami a while ago, which I need to finish (help is welcome 🤗). In the same vein, KAppTemplate and our default templates need some love.

Aside from documentation, we should create a support channel where people can ask for help with their applications. We could also make it more evident that developers are encouraged to ask on kde-devel and the VDG channel for help with their apps, even if their apps are not first-party KDE applications.

Making it More Attractive to Write KDE Applications

Writing applications using KDE Frameworks is already quite attractive, but we should communicate more on the advantage of starting an application using the KDE Frameworks more.

Firstly, by leveraging an almost 30-year-old ecosystem, app developers can reuse many libraries for their apps and find examples of how to implement the most common workflow in existing code. KDE Frameworks are also extremely cross-platform, and creating a KDE application doesn’t restrict you to only Plasma. Krita and Kleopatra have famously had millions of Windows installations. We also have Craft, which helps develop and deploy Qt applications on Windows, macOS and Android.

For first-party applications, our self-hosted Gitlab allows app developers to have full CI/CD pipelines for many platforms and even automatically publish them to the Windows Store. We also have infrastructure for translations, user documentation, wikis, code search, file sharing (Nextcloud), chat (Matrix), OSM hosting, and more. There is also a human factor; by making an app a first-party KDE app, the app received a lot of help from experimented KDE developers as part of the KDE review process and also during the entire life of the app. And we have a promo team that helps promote your app as much as possible.

For third-party applications, by being LGPL, we give users of KDE Frameworks a lot of freedom in licensing and monetizing their applications as long as they contribute their changes back to the library they use.

Not Limiting Us to C++

In terms of cross-language support, there are also two independent efforts to make KDE Frameworks accessible to more programming languages: one for Python by alcarazzam, which is part of a GSoC project I am mentoring, and another one for Rust by mystchonky. These efforts should make it easier for app developers to write KDE applications even if they are unfamiliar with C++ or prefer not to use it.

Streamline the Publishing of our Apps for Other Platforms

We now reached a state where most of our applications are automatically published on Flathub. This is not the case yet for Windows, Apple and Android. Recently we gained the ability to publish directly from the gitlab CI to the Microsoft Store, but we don’t make use of that yet in most of our apps. So let’s change that!

Getting Involved

I started creating a board of issues on gitlab and filled it with various applications ideas from a discourse thread. Feel free to take one of the open task or suggests a new app.

Additionally I also created a Matrix room to have a room for conversation.

I am happy to announce a new release of GNU poke, version 4.1.

This is a bugfix release in the 4.x series.

See the file NEWS in the distribution tarball for a list of issues
fixed in this release.

The tarball poke-4.1.tar.gz is now available at
https://ftp.gnu.org/gnu/poke/poke-4.1.tar.gz.

> GNU poke (http://www.jemarch.net/poke) is an interactive, extensible
> editor for binary data.  Not limited to editing basic entities such
> as bits and bytes, it provides a full-fledged procedural,
> interactive programming language designed to describe data
> structures and to operate on them.

Thanks to the people who contributed with code and/or documentation to
this release.

Happy poking!

Mohammad-Reza Nabipoor

Prepare for DrupalJam 2024! Set to take place on June 12th at the Fabrique in Utrecht, this event marks its 20th edition, promising a day of exploration and learning. Attendees will have the opportunity to gain valuable insights from keynote speaker Dries Buytaert, the program lead of Drupal. Organized by a dedicated team of volunteers, including Bart Vreugdenhil, Carole Grootenboer, Mario Gerssen, Rolf van de Krol, and Jean-Paul Vosmeer, DrupalJam embodies the collaborative spirit of the Drupal community. Kazima Abbas, sub-editor at The Drop Times, brings you exclusive insights from the organizers into the event's schedule, speakers, and engagement opportunities.

This blog has become a bit quiet since I joined the Lean FRO. One reasons is of course that I can now improve things about Lean, rather than blog about what I think should be done (which, by contraposition, means I shouldn’t blog about what can be improved…). A better reason is that some of the things I’d otherwise write here are now published on the official Lean blog, in particular two lengthy technical posts explaining aspects of Lean that I worked on:

• Recursive definitions in Lean
• Functional Induction theorems

It would not be useful to re-publish them here because the technology verso behind the Lean blog, created by my colleage David Thrane Christansen, enables such fancy features like type-checked code snippets, including output and lots of information on hover. So I’ll be content with just cross-linking my posts from here.

We are glad to announce the publication of a new research paper entitled Source Code Archiving to the Rescue of Reproducible Deployment for the ACM Conference on Reproducibility and Replicability. The paper presents work that has been done since we started connecting Guix with the Software Heritage (SWH) archive five years ago:

The ability to verify research results and to experiment with methodologies are core tenets of science. As research results are increasingly the outcome of computational processes, software plays a central role. GNU Guix is a software deployment tool that supports reproducible software deployment, making it a foundation for computational research workflows. To achieve reproducibility, we must first ensure the source code of software packages Guix deploys remains available.

We describe our work connecting Guix with Software Heritage, the universal source code archive, making Guix the first free software distribution and tool backed by a stable archive. Our contribution is twofold: we explain the rationale and present the design and implementation we came up with; second, we report on the archival coverage for package source code with data collected over five years and discuss remaining challenges.

The ability to retrieve package source code is important for researchers who need to be able to replay scientific workflows, but it’s just as important for engineers and developers alike, who may also have good reasons to redeploy or to audit past package sets.

Support for source code archiving and recovery in Guix has improved a lot over the past five years, in particular with:

• Support for recovering source code tarballs (tar.gz and similar files): this is made possible by Disarchive, written by Timothy Sample.

• The ability to look up data by nar hash in the SWH archive (“nar” is the normalized archive format used by Nix and Guix), thanks to fellow SWH hackers. This, in turn, allows Guix to look up any version control checkout by content hash—Git, Subversion, Mercurial, you name it!
• The monitoring of archival coverage with Timothy’s Preservation of Guix reports has allowed us to identify discrepancies in Guix, Disarchive, and/or SWH and to increase archival coverage.

94% of the packages in a January 2024 snapshot of Guix are known to have their source code archived!

Check out the paper to learn more about the machinery at play and the current status.

How do you start adding unit tests to your Python code? Can the built-in unittest framework cover most or all of your needs? Christopher Trudeau is back on the show this week, bringing another batch of PyCoder's Weekly articles and projects.

[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]

We know that Drupal 7 reaching the end of life on January 5, 2023. It means it will no longer receive security updates or support from the Drupal community. So organizations or individuals that use Drupal 7 should upgrade to the latest version of Drupal 10.

What are Drupal migrations?

In Drupal migrations content, data, and configurations are transferred from one Drupal site to another. Migrations are commonly used when we upgrade from Older versions of Drupal to newer versions of Drupal.

Steps Taken Before Starting The Migration

Here's a concise list of steps to take before starting a migration

Step 1: Drupal 7 Database

First, back up the database of the Drupal 7 site. This ensures that if any issues are encountered during the migration, you can restore the site and re-run the process.

Using below command

Export: mysqldump -u root -p database name > filename.sql

Let’s go for my web review for the week 2024-22.

The next decade of the web | James’ Coffee Blog

Tags: tech, web, social-media, democracy

Very nice piece. Hopefully it’ll push people to remember that the big social media enclosures are not really the Web. We can have more democracy on the Web again if we collectively want to.

https://jamesg.blog/2024/05/19/next-web-decade/

How does AI impact my job as a programmer? – Chelsea Troy

Tags: tech, programming, debugging, teaching, gpt, copilot

Definitely this. In a world where LLM would actually be accurate and would never spit outright crappy code, programmers would still be needed. It’d mean spending less time writing but more time investigating and debugging the produced code.

https://chelseatroy.com/2024/05/26/how-does-ai-impact-my-job-as-a-programmer/

When privacy expires: how I got access to tons of sensitive citizen data after buying cheap domains

Tags: tech, dns, privacy, security

Or why you should let domain simply expire, there’s plenty of work to do before that.

https://inti.io/p/when-privacy-expires-how-i-got-access

Instead of “auth”, we should say “permissions” and “login” | nicole@web

Tags: tech, security, communication

The words we use indeed matter. This is definitely a domain where we should avoid ambiguities…

https://ntietz.com/blog/lets-say-instead-of-auth/

arighi’s blog: Extend your battery life with scx_rustland

Tags: tech, linux, system, processes

Interesting results. It’s especially nice to see how sched-ext allows to easily iterate and experiment with process scheduling strategies.

https://arighi.blogspot.com/2024/05/extend-your-battery-life-with.html?m=1

Evolution of the ELF object file format | MaskRay

Tags: tech, system, unix, elf, history

Definitely a complicated history… this doesn’t make the evolution or documentation of it easy.

https://maskray.me/blog/2024-05-26-evolution-of-elf-object-file-format

Never reason from the results of a sampling profiler – Daniel Lemire’s blog

Tags: tech, performance, optimization, profiling

Definitely to keep in mind when using sampling profilers indeed. They’re useful, they help to get a starting point in the analysis but they’re far from enough to find the root cause of a performance issue.

https://lemire.me/blog/2024/05/30/never-reason-from-the-results-of-a-sampling-profiler/

PyPy has been quietly working for me for several years now

Tags: tech, python

This definitely shows PyPy as a successful runtime.

https://utcc.utoronto.ca/~cks/space/blog/python/PyPyQuietlyWorking

Let’s optimize! Running 15× faster with a situation-specific algorithm

Tags: tech, python, performance, optimization

Another good example of how to speed up some Python code with nice gains.

https://pythonspeed.com/articles/lets-optimize-median-local-threshold/

What is a collision? — On Error Resume Next

Tags: tech, 2d, collision, physics, simulation

Good introduction to collision resolution inside of physics engines.

https://www.sassnow.ski/rigid-body-collisions/1

matcha.css | Drop-in semantic styling library in pure CSS

Tags: tech, web, frontend, css

Looks like a nice CSS library for the semantic styling of web content.

https://matcha.mizu.sh/

Why, after 6 years, I’m over GraphQL

Tags: tech, graphql, complexity

Shows well why you likely don’t want to use GraphQL. The chances you need the extra complexity and caveats are very slim.

https://bessey.dev/blog/2024/05/24/why-im-over-graphql/

Don’t Microservice, Do Module

Tags: tech, architecture, microservices, complexity

Since this particular fad apparently doesn’t want to die… this is a good reminder about why you want to do something simpler.

https://yekta.dev/posts/dont-microservice-do-module/

My BDFL guiding principles | daniel.haxx.se

Tags: tech, foss, governance

Not necessarily my favorite governance model, but if you’re on that scheme… those are good guiding principles.

https://daniel.haxx.se/blog/2024/05/27/my-bdfl-guiding-principles/

To the brain, reading computer code is not the same as reading language | MIT News

Tags: tech, programming, cognition, neuroscience

Interesting research! Is reading code a math and logic task? Is it a language task? Well… it might be its own thing.

https://news.mit.edu/2020/brain-reading-computer-code-1215

Bye for now!