Feeds
KPhotoAlbum 5.13.0 released(link is external)
After almost a year(link is external), we’re very pleased to announce a new release of KPhotoAlbum, the Linux/KDE photo management software!
There are two new features/changes:
- The “time ago”/birthday/age calculation has been reworked. Timespans should now be displayed in a nicer (more natural) way. Also, the age of people born on February 29 is now calculated correctly.
- The ‘--db’ command line argument now rejects any file name that is not either an existing directory or an index.xml file within an existing directory (cf. Bug #418647(link is external)).
Apart from that, quite a number of bugs have been fixed (cf. the ChangeLog(link is external) for more info): #477529(link is external), #477530(link is external), #477531(link is external), #477532(link is external), #478944(link is external), #479483(link is external), #481181(link is external), #483266(link is external), #444744(link is external) and #493849(link is external). And on top some bugs that weren’t reported as a bug in the first place :-)
One additional change that should be mostly interesting for the distributors is: The key used for signing the release has been updated. All PGP keys used to sign KDE software releases can be found in the sysadmin/release-keyring(link is external) repo. My currently used key that I used to sign the tarball can also be found there, cf. tleupold@key2.asc(link is external).
… and what about Qt 6?!
Fear not! Of course, there will be a Qt6/KF6 release of KPhotoAlbum. We currently have a working Qt6/KF6 branch, so most of the porting is already done. Last thing that’s missing is a Qt6/KF6 release of Marble(link is external), which we use to display maps for geographic coordinates in photos (preferrably stored there using KGeoTag(link is external) ;-). It seems like there will be such a release towards the end of the year. We will get KPhotoAlbum ready for Qt6/KF6 shortly afterwards. Stay tuned!
According to git log, the following individuals contributed commits since the last release:
- Boudhayan Bhattacharya
- Oliver Kellogg
- Tobias Leupold
- Randall Rude
- Johannes Zarl-Zierl
Have a lot of fun with KPhotoAlbum 5.13.0 :-)
Drupal Core News: Coding standards proposals for final discussion on 23 October 2024(link is external)
The Technical Working Group (TWG)(link is external) is announcing one coding standards change for final discussion. Feedback will be reviewed at the meeting scheduled for 23 October 2024 UTC.
Issues for discussionThe Coding Standards project page(link is external) outlines the process for changing Drupal coding standards.
Join the team working on Coding StandardsJoin #coding-standards in Drupal Slack(link is external) to meet and work with others on improving the Drupal coding standards. We work on improving our standards as well as implementing them in the core software.
Thorsten Alteholz: My Debian Activities in September 2024(link is external)
This month I accepted 441 and rejected 29 packages. The overall number of packages that got accepted was 448.
I couldn’t believe my eyes, but this month I really accepted the same number of packages as last month.
Debian LTSThis was my hundred-twenty-third month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian. During my allocated time I uploaded or worked on:
- [unstable] libcupsfilters security update to fix one CVE related to validation of IPP attributes obtained from remote printers
- [unstable] cups-filters security update to fix two CVEs related to validation of IPP attributes obtained from remote printers
- [unstable] cups security update to fix one CVE related to validation of IPP attributes obtained from remote printers
- [DSA 5778-1(link is external)] prepared package for cups-filters security update to fix two CVEs related to validation of IPP attributes obtained from remote printers
- [DSA 5779-1(link is external)] prepared package for cups security update to fix one CVE related to validation of IPP attributes obtained from remote printers
- [DLA 3905-1(link is external)] cups-filters security update to fix two CVEs related to validation of IPP attributes obtained from remote printers
- [DLA 3904-1(link is external)] cups security update to fix one CVE related to validation of IPP attributes obtained from remote printers
- [DLA 3905-1(link is external)] cups-filters security update to fix two CVEs related to validation of IPP attributes obtained from remote printers
Despite the announcement the package libppd in Debian is not affected by the CVEs related to CUPS. By pure chance there is an unrelated package with the same name in Debian. I also answered some question about the CUPS related uploads. Due to the CUPS issues, I postponed my work on other packages to October.
Last but not least I did a week of FD this month and attended the monthly LTS/ELTS meeting.
Debian ELTSThis month was the seventy-fourth ELTS month. During my allocated time I uploaded or worked on:
- [ELA-1186-1]cups-filters security update for two CVEs in Stretch and Buster to fix the IPP attribute related CVEs.
- [ELA-1187-1]cups-filters security update for one CVE in Jessie to fix the IPP attribute related CVEs (the version in Jessie was not affected by the other CVE).
I also started to work on updates for cups in Buster, Stretch and Jessie, but their uploads will happen only in October.
I also did a week of FD and attended the monthly LTS/ELTS meeting.
Debian PrintingThis month I uploaded …
- … libcupsfilters(link is external) to also fix a dependency and autopkgtest issue besides the security fix mentioned above.
- … splix(link is external) for a new upstream version. This package is managed now by OpenPrinting.
Last but not least I tried to prepare an update for hplip. Unfortunately this is a nerve-stretching task and I need some more time.
This work is generously funded by Freexian(link is external)!
Debian MatomoThis month I even found some time to upload packages that are dependencies of Matomo …
This work is generously funded by Freexian(link is external)!
Debian AstroThis month I uploaded a new upstream or bugfix version of:
- … openvlbi(link is external)
- … indi-playerone(link is external)
- … libsbig(link is external)
- … indi-pentax(link is external)
- … indi-sbig(link is external)
- … indi-fishcamp(link is external)
- … indi-inovaplx(link is external)
- … libfishcamp(link is external)
- … libsbig(link is external)
- … libplayeronecamera(link is external)
- … libplayerone(link is external)
- … libahp-gt(link is external)
- … libahp-xc(link is external)
Most of the uploads were related to package migration to testing. As some of them are in non-free or contrib, one has to build all binary versions. From my point of view handling packages in non-free or contrib could be very much improved, but well, they are not part of Debian …
Anyway, starting in December there is an Outreachy project that takes care of automatic updates of these packages. So hopefully it will be much easier to keep those package up to date. I will keep you informed.
Debian IoTThis month I uploaded new upstream or bugfix versions of:
Debian MobcomThis month I did source uploads of all the packages that were prepared last month by Nathan and started the transition. It went rather smooth except for a few packages where the new version did not propagate to the tracker and they got stuck in old failing autopkgtest. Anyway, in the end all packages migrated to testing.
I also uploaded new upstream releases or fixed bugs in:
miscThis month I uploaded new upstream or bugfix versions of:
- … dict-element(link is external)
- … libcds(link is external)
- … libctl(link is external)
- … tntnet(link is external)
- … gnucobol3(link is external)
- … gnucobol4(link is external)
- … meep-mpi-default(link is external)
- … nuspell(link is external)
- … c2go(link is external)
Most of those uploads were needed to help packages to migrate to testing.
PyCoder’s Weekly: Issue #650 (Oct. 8, 2024)(link is external)
#650 – OCTOBER 8, 2024
View in Browser »(link is external)
In this video course, you’ll learn how Python mutable and immutable data types work internally and how you can take advantage of mutability or immutability to power your code.
REAL PYTHON(link is external) course
Learn how to run DuckDB in an in-browser Python environment to enable simple querying on remote files, interactive documentation, and easy to use training materials.
ALEX MONAHAN(link is external)
Looking to add new functionality to your Django app? Learn how to integrate Speech-to-Text and build a working app that transcribes audio files—with 100+ free hours to get started →(link is external)
ASSEMBLY AI(link is external) sponsor
This post talks about combining the new experimental free threading feature of Python 3.13 with Asyncio.
CHANGS.CO.UK(link is external) • Shared by Jamie Chang
CPYTHON DEV BLOG(link is external)
Quiz: Python 3.13: Cool New Features for You to Try(link is external) Quiz: Syntactic Sugar: Why Python Is Sweet and Pythonic(link is external) Articles & Tutorials Switching From virtualenvwrapper to direnv(link is external) Earlier this week Trey considered whether to switch from virtualenvwrapper to using local .venv managed by direnv. He then also started experimenting with uv and Starship. This post explains why and his new configuration.
TREY HUNNER(link is external)
Some template blocks are meant to be overloaded and forgetting to do so results in rendering bugs. This post talks about creating a new tag that throws an exception which alerts your tests if you forget to overload.
TOM CARRICK(link is external)
Simplify workloads and elevate customer service. Build customized AI assistants that respond to voice prompts with powerful language and comprehension capabilities - all based on your unique needs with Intel’s OpenVINO toolkit.
INTEL CORPORATION(link is external) sponsor
Learn what the Arrange, Act, and Assert (AAA) pattern is, how it works, the benefits it offers, and its role in unit test automation. Note: sample code is not in Python, but the concepts apply to all unit testing.
ANTONELLO ZANINI(link is external)
This article outlines the system that Rodrigo uses to prepare his Python talks. Steal his ideas and suggestions so that you, too, can start giving talks at your local meetups and at PyCons all over the world.
MATHSPP.COM(link is external) • Shared by Rodrigo(link is external)
A singleton pattern is one where only one instance of an object type is allowed at a time. One way to implement this concept is through the use of a decorator. This post teaches you how.
PIETER CLAERHOUT(link is external)
This Python Enhancement Proposal specifies a mechanism by which projects hosted on pypi.org can safely host wheel artifacts on external sites other than PyPI.
PYTHON.ORG(link is external)
The use of containers can mean a lot of calls to PyPI. This post talks about caching properly to reduce the load on our shared community servers.
MICHAEL KENNEDY(link is external)
If you need to cycle through values, one way to do that is with deque. This post shows you through an example service for a game engine.
JUHA-MATTI SANTALA(link is external)
All you need to know about the latest Python release’s changes to the Global Interpreter Lock and Just-in-Time compilation.
DREW SILCOCK(link is external)
“Not a real dinosaur and not real poetry.” This post is about Paul changing how what tools he uses for his Python setup.
PAUL COCHRANE(link is external)
GITHUB.COM/TESORIO(link is external) • Shared by Caio Ariede
foc: A Collection of Python Functions for Somebody’s Sanity(link is external)GITHUB.COM/THYEEM(link is external)
spiderweb: A Small Web Framework(link is external)GITHUB.COM/ITSTHEJOKER(link is external)
pipefunc: DAGs for Scientific Workflows(link is external)GITHUB.COM/PIPEFUNC(link is external) • Shared by Bas Nijholt(link is external)
django-unique-user-email: Emial Logins With User Model(link is external)GITHUB.COM/CARLTONGIBSON(link is external)
Events Weekly Real Python Office Hours Q&A (Virtual)(link is external) October 9, 2024
REALPYTHON.COM(link is external)
October 9 to October 14, 2024
PYCON.ORG(link is external)
October 10 to October 11, 2024
PYCON.ORG(link is external)
October 10 to October 11, 2024
MEETUP.COM(link is external)
October 12, 2024
MEETUP.COM(link is external)
October 14 to October 16, 2024
GLOBALDEVSLAM.COM(link is external)
October 16 to October 21, 2024
PYTHONBRASIL.ORG.BR(link is external)
October 16 to October 19, 2024
PYCON.PA(link is external)
October 17 to October 19, 2024
PYTHON-SUMMIT.CH(link is external)
Happy Pythoning!
This was PyCoder’s Weekly Issue #650.
View in Browser »(link is external)
[ Subscribe to 🐍 PyCoder’s Weekly 💌 – Get the best Python news, articles, and tutorials delivered to your inbox once a week >> Click here to learn more(link is external) ]
Smartbees: How to Add Google Maps in Drupal (Best Modules)(link is external)
Maps on websites are a useful addition, allowing users to reach, for example, your company headquarters in a simple way. Depending on the requirements, you can implement them in many different ways. This article will show you how to embed Google Maps in a Drupal website.
Steinar H. Gunderson: Pimp my SV08(link is external)
The Sovol SV08(link is external) is a 3D printer which is a semi-assembled clone of Voron 2.4(link is external), an open-source design. It's not the cheapest of printers, but for what you get, it's extremely good value for money—as long as you can deal with certain, err, quality issues.
Anyway, I have one, and one of the fun things about an open design is that you can switch out things to your liking. (If you just want a tool, buy something else. Bambu P1S, for instance, if you can live with a rather closed ecosystem. It's a bit like an iPhone in that aspect, really.) So I've put together a spreadsheet with some of the more common choices:
Pimp my SV08(link is external)
It doesn't contain any of the really difficult mods, and it also doesn't cover pure printables. And none of the dreaded macro stuff that people seem to be obsessing over (it's really like being in the 90s with people's mIRC scripts all over again sometimes :-/), except where needed to make hardware work.
Linux App Summit – A Review!(link is external)
I had the privilege of attending LAS this year. True to my role as a designer, I brought my camera and volunteered during the event to be a photographer. The venue and university of Monterrey were beautiful.
The main hall is a wall-to-wall glass building placed in the middle of campus. The pictures we got from there were so nice!
The day began with a review of OnlyOffice features and capabilities. We then reviewed the progress that Mexico has seen in advancing Open Source initiatives.
The sessions showcased a myriad of topics. They focused on how open source applications can make a difference in many areas. Other sessions focused on design guidelines, application-building logic, publication and efforts to promote Linux in education.
The work done by the organization was great. Internet access at the venue was strong, and allowed the team onsite to broadcast the sessions online. We were in a university setting. A team managed the broadcasting and sound for the venue and online audiences.
The city was beautiful and filled with great food.
During the conference I contributed with images that I will make available to the organizers soon.
Would love to come back!
(link is external)FSF Events: Free Software Directory meeting on IRC: Friday, October 11, starting at 12:00 EDT (16:00 UTC)(link is external)
Real Python: What's New in Python 3.13(link is external)
Python 3.13(link is external) was published on October 7, 2024(link is external). This new version is a major step forward for the language, although several of the biggest changes are happening under the hood and won’t be immediately visible to you.
In a sense, Python 3.13 is laying the groundwork for some future improvements, especially to the language’s performance. As you watch the course, you’ll learn more about the background for this and dive into some new features that are fully available now.
In this video course, you’ll learn about some of the improvements in the new version, including:
- Improvements made to the interactive interpreter (REPL)
- Clearer error messages that can help you fix common mistakes
- Advancements done in removing the global interpreter lock (GIL) and making Python free-threaded
- The implementation of an experimental Just-In-Time (JIT) compiler
- A host of minor upgrades to Python’s static type system
In this video course, you’ll explore these changes and see how this new version of Python can work for you.
If you want to try any of the examples in this video course, then you’ll need to use Python 3.13. The Python 3 Installation & Setup Guide(link is external) and How Can You Install a Pre-Release Version of Python?(link is external) walk you through several options for adding a new version of Python to your system.
[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples(link is external) ]
The Open Source Initiative Supports the Open Source Pledge(link is external)
As businesses rely more heavily on Open Source software (OSS), the strain on maintainers to provide timely updates and security patches continues to grow – often without fair compensation for their crucial work. Recent high-profile security incidents like XZ and Log4Shell have put a spotlight on the security challenges developers face against a backdrop of burnout that has reached an all-time high.
To help address this imbalance, the Open Source Initiative (OSI) supports the Open Source Pledge(link is external), launched today by Sentry and partners to support maintainers and inspire a shift toward a healthier work-life balance, and more robust software security practices. The Pledge is a commitment from member companies to pay Open Source maintainers and organizations meaningfully in support of a more sustainable maintainer ecosystem and a reduction of flare-ups of high-profile security incidents.
This Pledge is an attempt to address a problem that has long existed within the Open Source ecosystem. Many companies have built their businesses on top of Open Source software, benefiting from the contributions of maintainers taking them for granted. While they’ve reaped the rewards, the burden has been placed on unpaid or underpaid developers.
It is essential that companies recognize their role in sustaining the ecosystem that powers their innovations. By taking the Pledge, companies have one more instrument to commit to supporting an ecosystem of maintainers and organizations, ensuring the long-term health of the Open Source projects they rely on.
In order to qualify, the projects that companies pledge to should meet the Open Source Definition(link is external). You can join the Open Source Pledge by donating to the Open Source Initiative(link is external) or contacting us(link sends e-mail) to become a sponsor.
Real Python: Quiz: Python Closures: Common Use Cases and Examples(link is external)
In this quiz, you’ll test your understanding of Python closures. Closures are a common feature in functional programming languages and are particularly popular in Python because they allow you to create function-based decorators.
Take this quiz after reading our Python Closures: Common Use Cases and Examples(link is external) tutorial.
[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples(link is external) ]
Django Weblog: Django bugfix release issued: 5.1.2(link is external)
Today we've issued the 5.1.2(link is external) bugfix release.
The release package and checksums are available from our downloads page(link is external), as well as from the Python Package Index. The PGP key ID used for this release is Natalia Bidart: 2EE82A8D9470983E(link is external).
Python Software Foundation: Join the Python Developers Survey 2024: Share your experience!(link is external)
This year we are conducting the eighth iteration of the official Python Developers Survey. The goal is to capture the current state of the language and the ecosystem around it. By comparing the results with last year’s, we can identify and share with everyone the hottest trends in the Python community and the key insights into it.
We encourage you to contribute to our community’s knowledge by sharing your experience and perspective. Your participation is valued! The survey should only take you about 10-15 minutes to complete.
Contribute to the Python Developers Survey 2024! (link is external)
This year we aim to reach even more of our community and ensure accurate global representation by highlighting our localization efforts:
- The survey is translated into Spanish, Portuguese, Chinese, Korean, Japanese, German, French and Russian. It has been translated in years past, as well, but we plan to be louder about the translations available this year!
- To assist individuals in promoting the survey and encouraging their local communities and professional networks we have created a Promotion Kit(link is external) with images and social media posts translated into a variety of languages. We hope this promotion kit empowers folks to spread the invitation to respond to the survey within their local communities.
- We’d love it if you’d share one or more of the posts below to your social media or any community accounts you manage, as well as share the information in discords, mailing lists, or chats you participate in.
- If you would like to help out with translations you see are missing, please request edit access to the doc and share what language you will be translating to. Translation into languages the survey may not be translated to is also welcome.
- If you have ideas about what else we can do to get the word out and encourage a diversity of responses, please comment on the corresponding Discuss thread(link is external).
The survey is organized in partnership between the Python Software Foundation(link is external) and JetBrains(link is external). After the survey is over, we will publish the aggregated results and randomly choose 20 winners (among those who complete the survey in its entirety), who will each receive a $100 Amazon Gift Card or a local equivalent.
Debian Brasil: Testing feed in English(link is external)
Testing the feed in English and check If it's going to Debian Planet.
Sorry the noise :-)
Mariatta: Perks of Being a Python Core Developer(link is external)
I’ve been a Python core developer since January 27, 2017.
Being a Python core developer comes with perks, privileges, and also responsibilities.
Sometimes I can’t tell whether something is a perk, or a privilege, or a responsibility. I think depends on who you’re talking to, they might see it as an optional nice thing they could get/do, but the same thing might be seen as burden responsibility to others.
Plasma 6.2(link is external)
Plasma 6 has come into its own over the last two releases. The wrinkles that always come with a major migration have been ironed out, and it’s time to start delivering on the promises of the new Qt 6 and Wayland technology platforms that Plasma is built on top of.
One of the outstanding issues has been to make Plasma a more artist-friendly environment by providing full support for the hardware that creative people need to get their work done.
So let’s start there…
What’s New For Digital ArtistsPlasma 6.2 includes a smorgasbord of new features for users of drawing tablets. Open System Settings and look for Drawing Tablet to see various tools for configuring drawing tablets.
New in Plasma 6.2: a tablet calibration wizard and test mode; a feature to define the area of the screen that your tablet covers (the whole screen or a section); and the option to re-bind pen buttons to different kinds of mouse clicks.
All this is built into Plasma; there’s no need to install new drivers or software from device manufacturers.
And if your tablet is not yet supported, “We care about your Input”(link is external) is a community-wide project that aims to provide support for unusual input devices. Let us know about your device so we can add it to the list!
Color ManagementRelated to the above — and to ensure consistent colors across monitors — we’ve implemented more complete support for the Wayland color management protocol, and enabled it by default.
We have also improved brightness handling for HDR and ICC profiles, as well as HDR performance. This will improve your experience when designing graphics, playing games, and watching videos.
A new tone mapping feature built into Plasma’s KWin compositor will help improve the look of images with a brightness or set of colors greater than what the screen can display, thus reducing the “blown out” look such images can otherwise exhibit.
Before After Power ManagementManaging how much energy your system consumes and when are not only important for preserving its resources for when you need them, but also for using it in an environmentally responsible way.
You can now override misbehaving applications that block the system from going to sleep or locking the screen (and thus prevent saving power), and you can also adjust the brightness of each connected monitor machine separately.
As for the Power and Battery widget, it not only shows how much power is remaining, but also allows you to adjust power profiles for different scenarios. New in Plasma 6.2: hold down the Meta (Windows) key and press B to cycle through the different options one at a time. A little badge of a leaf will show up on the battery icon to indicate when the system is in power save mode, and a rocket for performance mode.
Discover and System UpdatingAnother thing we put you in complete control of is your software.
Plasma’s built-in app store and software management tool, Discover, now supports PostmarketOS packages for your mobile devices, helps you write better reviews of apps, and presents apps’ license information more accurately.
You can also now choose to shut down the system after applying an offline system update, in addition to the existing option to restart afterwards.
AccessibilitySince we made improving accessibility a community-wide project(link is external), we have increased the ways in which Plasma is easy to use for everyone.
In Plasma 6.2, we overhauled System Settings’ Accessibility page and added colorblindness filters. We also added support for the full “sticky keys” feature on Wayland.
UI/Visual DesignAnd of course, improving the look and feel of Plasma is always a high priority from one release to the next.
In Plasma 6.2, we tweaked accent colors and the System Tray, reworked the Widget Explorer, and unified the look of dialogs and pop-ups. Finally, we improved the Welcome Center, sound effects, and actions.
Many of these changes are subtle, but will provide a smoother and more enjoyable experience.
And All This Too…- The Weather Report widget now shows “feels like” temperatures, adds more information for BBC weather forecasts, and more.
- You can turn off window borders in the Pager widget.
- The Minimize All widget now minimizes only windows on the current virtual desktop and activity.
- You can now give custom names to your custom shortcuts.
- There's now an integrated cropping tool when setting a new user avatar.
- We’ve added a once-a-year donation request notification — please consider using it to show your love for Plasma by donating!
Plasma6 and FreeBSD 14(link is external)
I just installed a new FreeBSD desktop machine. For this one, I wanted to have KDE Plasma6, since that’s already running on my Linux laptop and gaming machine – and it’s time for me to dogfood on FreeBSD. Here’s some notes.
Base InstallFreeBSD has a Live ISO and a graphical installer. For licensing reasons, it isn’t Calamares (which is GPLv3). So I use the text-based installer. I downloaded the FreeBSD 14.1 memstick image(link is external). From boot to reboot into an installed system takes less than five minutes, but then you have an old-school UNIX system: a login: prompt.
From there:
- log in as root
- switch the package repository to latest
- pkg install pkg, to get the package manager
- pkg install git cmake, because you’re a developer
- pkg install plasma6-plasma, which is an 800MiB download
- pkg install sddm, because you’ll want a login-manager
- pkg install drm-kmod, because you need a graphics driver
I have an AMD RX550 video card (cheapest I could get this year) in the machine, so then to set that graphics driver:
- sysrc kld_list=amdgpu
Make sure DBus will run as a system service:
- sysrc dbus_enable=yes
Create a regular user and add them to the video group.
Then reboot.
KDE Plasma6 X11 by HandAt this point, the system has KDE Plasma6 installed, but it won’t come up (the login manager isn’t enabled, for instance) so we need some convenience things from The Before Times to do a little testing. (Installed as “automatic” so they are easy to remove later).
- pkg install -A xinit xterm
As a normal user, create ~/.xinitrc and put this in it:
#! /bin/sh exec /usr/local/bin/startplasma-x11Then make it executable and start X11 (like it’s 1994):
- chmod 755 .xinitrc
- startx
Voila. KDE Plasma6. Note that, in this state, there are no applications besides xterm and KInfoCenter (and a handful of other KDE Plasma internal things). There’s no configuration applied to the system. The window manager does not honor alt-tab or alt-F4. Use ctrl-Q to quit KInfoCenter.
But X11 is soooo passé. Let’s move on to the Future!
Any Wayland by HandFirst, let’s install some convenience things that will help in debugging.
- pkg install -A river foot
Like I wrote 3 years ago about river(link is external), it just works. You’ll need the example configuration(link is external) file so that super-shift-E exits the compositor and window manager. super-shift-enter gets you a terminal window.
I started river as a regular user with
- ck-launch-session river
Yeah, right.
So there was a brief time in 2021(link is external) that it worked. Since then, not so much – certainly not for me, not from the regular ports tree. So this post is a start of “ok, let’s give it another shot”.
I know that Wayland can work on FreeBSD with hardware rendering – that’s why that river section is there.
Here is a very short script that can launch KDE Plasma6 with software rendering. The resulting desktop experience is rather slow.
#! /bin/sh export KWIN_COMPOSE=Q exec /usr/local/bin/ck-launch-session \ /usr/local/lib/libexec/plasma-dbus-run-session-if-needed \ /usr/local/bin/startplasma-waylandSo the TODO part of this post is: figure out why opening dri/card0 fails when kwin_wayland is not using the software renderer.
KDE Applications5 and KDE Plasma6Yeah, right.
Most (maybe even all) of the KDE Applications – for instance, konsole, or kmail – are still KDE Frameworks 5 based. Unfortunately, there are KDE Frameworks that have file-collisions between versions 5 and 6. As an example, package kf6-baloo and kf5-baloo both want to install a libbalooplugin.so. I mentioned the co-installability problem(link is external) a half-year ago, but we haven’t fixed it since.
Edit 2024-10-08: this is entirely a packaging problem, where we could install the things to separate prefixes. That hasn’t happened, because of a lack of person-time to actually do it (and test it).
On this front I think we’re at a chicken-and-egg place: we would like to switch wholesale to newer applications releases and just drop the existing KDE Applications 5, but are so bogged down with Other Stuff that it’s not happening. On the Linux side of things KDE Applications 6 are doing fine.
All that said, there’s the KDE-FreeBSD ports development fork(link is external) with a branch where newer KDE-FreeBSD packages are prepared. That already has a KF6-based KMail. So the TODO part of this section is: I need to double-check what’s holding that up.
Takeaways- for a nice KDE Plasma6 experience on a BSD, why not try OpenBSD(link is external)?
- KDE-FreeBSD has a nasty amount of hardware-testing to do.
- The future is here, just not in the ports tree.
Python and SysV shared memory(link is external)
At work-work the system uses, for historical reasons, a lot of SystemV shared memory. The SysV shared memory API has C functions like shmat(2)(link is external). There is also a different shared memory API, POSIX shared memory, which has functions like shm_open(3)(link is external). For reasons, on some work-work systems we’re constrained to Python 3.7 and no additional libraries. I wanted to mess with the shared memory on such a system, from Python for convenience, so I wrote some very simple wrappers. Here’s a recap.
As usual, corrections are welcome, or tips (by email). I write these notes as much for future me as anyone else.
Here is the core of the story (I have also added this to my personal GitHub repository, which I won’t link because it’s not future-proof storage).
import ctypes lib = ctypes.cdll.LoadLibrary(None) shmget = lib.shmget shmget.argtypes = [ctypes.c_int, ctypes.c_size_t, ctypes.c_int] shmget.restype = ctypes.c_int shmget.__doc__ = """See shmget(2)"""This works on FreeBSD, where SysV shmem is in the core libraries. On Linux, I think you need to call LoadLibrary("librt"). Anyway, wrapping the library-loading to be safe isn’t the point here.
Once ctypes has loaded a library, you can extract function pointers from the library. By adding annotations, you can give the Python function the same prototype as the C manpage for shmget(link is external).
Note that the manpage points to some special flag values. For those, you need to dig into the C headers. On FreeBSD, the special value IPC_PRIVATE is equal to 0, so that’s easy enough to write in Python. The following snippet is then sufficient to create a shared memory segment (one that is 1024 bytes large and world-readable) and print out its ID. The returned value is -1 on error.
print(shmget(0, 1024, 0o644))The ID can be cross-checked with command ipcs -m (it’s installed by default on FreeBSD and in my KDE Neon machine, so seems like a common tool). To get rid of the segment, ipcrm -m <id> does the trick.
Similar wrappers are there for shmat, shmdt and shmctl – but those wrangle void * in C, and how does that work with Python?
The void pointerCTypes has a c_void_p type, which can be created from None (a null pointer, seems reasonable) and returned from C functions. It can cast to-and-fro (in classic C style, the thing in memory is what I say is in memory) to other pointer types, and without a typed-pointer type at the machine level that just works (but don’t ask me how).
So the C function int shmctl(int shmid, int cmd, struct shmid_ds *buf) gets these types in Python: shmctl.argtypes = [ctypes.c_int, ctypes.c_int, ctypes.c_void_p], which presents the struct-pointer as a void-pointer.
The function void *shmat(int shmid, const void *addr, int flag) works similarly. When calling it, unless you have specific address needs, parameter addr can be nullptr (er .. ok, this is C, so NULL and in Python None). The pointer it returns is where the shared memory is attached.
Actually doing something with a void * takes work in C, it also takes work in Python with ctypes. You can cast to an int * for instance, with iaddr = ctypes.cast(addr, ctypes.POINTER(ctypes.c_int)) (a cast to char * is also readily available).
A special case is when you need to provide a void * to some C function. Where do they come from? In C you would just declare a (character) buffer of some size and pass it in. In Python, ctypes.create_string_buffer() does the job. Give it a size and get a memory-managed buffer.
Wrangling shared-memory segment destructionThere’s shmget() to create a segment, shmat() to attach (map it into memory of a process) to it, shmdt() to detach from a segment, but destroying a shared-memory segment does not have a simple C call to do it. There is shmctl() which does special-control-actions on a shared-memory segement, and destruction is one of them.
I ended up writing this little wrapper.
def shmrm(shmid : int) -> int: return shmctl(shmid, 0, None) Sending messagesAs an experiment, I wrote a program that can create, read, write and destroy a shared-memory segment. By writing (from one invocation) and then reading (from another invocation) I can “send” messages from the past! Or to the future! It is nearly as convenient as writing the messages to a file.
Here’s the write function. It attaches the shared-memory segment and then writes a Pascal-style string to that memory (Pascal-style in the sense of “starts with a length, followed by the actual data, no NUL-termination”). For bloggy purposes I have removed error-handling.
def write(shmid : int, v : str): addr = shmat(shmid, ctypes.c_void_p(None), 0) iaddr = ctypes.cast(addr, ctypes.POINTER(ctypes.c_int)) caddr = ctypes.cast(addr, ctypes.POINTER(ctypes.c_char)) ustring = v.encode("utf-8") iaddr[0] = len(ustring) for i in range(len(ustring)): caddr[4+i] = ustring[i] return shmdt(addr)Here, shmat() returns a void * and I cast that to two typed pointers to the segment. I haven’t figured out how to do pointer arithmetic, so on the assumption there are 32-bit integers, the integer goes first and then the message goes starting at byte (char) number 4.
TakeawaysCTypes is really cool! It makes wrangling C APIs in Python .. well, let’s call it “acceptable”.
Starting with Python 3.8, everything I’ve written above is unnecessary because there is a good shared-memory abstraction in the standard Python library, but for my work-work purposes in a very restricted environment, this particular tool has turned out to be really useful.
Reproducible Builds: Reproducible Builds in September 2024(link is external)
Welcome to the September 2024 report from the Reproducible Builds(link is external) project!
Our reports attempt to outline what we’ve been up to over the past month, highlighting news items from elsewhere in tech where they are related. As ever, if you are interested in contributing to the project, please visit our Contribute(link is external) page on our website.
Table of contents:
- New binsider tool to analyse ELF binaries(link is external)
- Unreproducibility of GHC Haskell compiler “95% fixed”(link is external)
- Mailing list summary(link is external)
- Towards a 100% bit-for-bit reproducible OS…(link is external)
- Two new reproducibility-related academic papers(link is external)
- Distribution work(link is external)
- diffoscope(link is external)
- Other software development(link is external)
- Android toolchain core count issue reported(link is external)
- New Gradle plugin for reproducibility(link is external)
- Website updates(link is external)
- Upstream patches(link is external)
- Reproducibility testing framework(link is external)
Reproducible Builds developer Orhun Parmaksız(link is external) has announced a fantastic new tool to analyse the contents of ELF binaries(link is external). According to the project’s README page(link is external):
Binsider can perform static and dynamic analysis, inspect strings, examine linked libraries, and perform hexdumps, all within a user-friendly terminal user interface!
More information about Binsider’s features and how it works can be found within Binsider’s documentation pages(link is external).
A seven-year-old bug(link is external) about the nondeterminism of object code generated by the Glasgow Haskell Compiler(link is external) (GHC) received a recent update(link is external), consisting of Rodrigo Mesquita(link is external) noting that the issue is:
95% fixed by [merge request] !12680(link is external) when -fobject-determinism is enabled. […(link is external)]
The linked merge request(link is external) has since been merged, and Rodrigo goes on to say that:
After that patch is merged, there are some rarer bugs in both interface file determinism (eg. #25170(link is external)) and in object determinism (eg. #25269(link is external)) that need to be taken care of, but the great majority of the work needed to get there should have been merged already. When merged, I think we should close this one in favour of the more specific determinism issues like the two linked above.
On our mailing list(link is external) this month:
-
Fay Stegerman let everyone know(link is external) that she started a thread on the Fediverse(link is external) about the problems caused by unreproducible zlib/deflate compression in .zip and .apk files and later followed up(link is external) with the results of her subsequent investigation.
-
Long-time developer kpcyrd wrote that “there has been a recent public discussion(link is external) on the Arch Linux(link is external) GitLab [instance] about the challenges and possible opportunities for making the Linux kernel package reproducible”, all relating to the CONFIG_MODULE_SIG flag. […(link is external)]
-
Bernhard M. Wiedemann followed-up to an in-person conversation at our recent Hamburg 2024 summit(link is external) on the potential presence for Reproducible Builds in recognised standards. […(link is external)]
-
Fay Stegerman also wrote about her worry about the “possible repercussions for RB tooling of Debian migrating from zlib to zlib-ng” as reproducibility requires identical compressed data streams. […(link is external)]
-
Martin Monperrus(link is external) wrote the list announcing the latest release of maven-lockfile(link is external) that is designed aid “building Maven projects with integrity”. […(link is external)]
-
Lastly, Bernhard M. Wiedemann wrote about potential role of reproducible builds in combatting silent data corruption, as detailed in a recent Tweet(link is external) and scholarly paper(link is external) on faulty CPU cores. […(link is external)]
Bernhard M. Wiedemann began writing on journey towards a 100% bit-for-bit reproducible operating system(link is external) on the openSUSE(link is external) wiki:
This is a report of Part 1 of my journey: building 100% bit-reproducible packages for every package that makes up [openSUSE’s] minimalVM image. This target was chosen as the smallest useful result/artifact. The larger package-sets get, the more disk-space and build-power is required to build/verify all of them.
This work was sponsored by NLnet(link is external)’s NGI Zero(link is external) fund.
Marvin Strangfeld(link is external) published his bachelor thesis, “Reproducibility of Computational Environments for Software Development(link is external)” from RWTH Aachen University(link is external). The author offers a more precise theoretical definition of computational environments compared to previous definitions, which can be applied to describe real-world computational environments. Additionally, Marvin provide a definition of reproducibility in computational environments, enabling discussions about the extent to which an environment can be made reproducible. The thesis is available to browse or download in PDF format(link is external).
In addition, Shenyu Zheng, Bram Adams and Ahmed E. Hassan of Queen’s University, ON, Canada(link is external) have published an article(link is external) on “hermeticity” in Bazel(link is external)-based build systems:
A hermetic build system manages its own build dependencies, isolated from the host file system, thereby securing the build process. Although, in recent years, new artifact-based build technologies like Bazel(link is external) offer build hermeticity as a core functionality, no empirical study has evaluated how effectively these new build technologies achieve build hermeticity. This paper studies 2,439 non-hermetic build dependency packages of 70 Bazel-using open-source projects by analyzing 150 million Linux system file calls collected in their build processes. We found that none of the studied projects has a completely hermetic build process, largely due to the use of non-hermetic top-level toolchains. […(link is external)]
In Debian this month, 14 reviews of Debian packages were added, 12 were updated and 20 were removed, all adding to our knowledge about identified issues(link is external). A number of issue types were updated as well. […(link is external)][…(link is external)]
In addition, Holger opened 4 bugs against the debrebuild component of the devscripts(link is external) suite of tools. In particular:
- #1081047(link is external): Fails to download .dsc file.
- #1081048(link is external): Does not work with a proxy.
- #1081050(link is external): Fails to create a debrebuild.tar.
- #1081839(link is external): Fails with E: mmdebstrap failed to run error.
Last month, an issue was filed(link is external) to update the Salsa CI pipeline(link is external) (used by 1,000s of Debian packages) to no longer test for reproducibility with reprotest’s build_path variation. Holger Levsen provided a rationale(link is external) for this change in the issue, which has already been made to the tests being performed by tests.reproducible-builds.org(link is external). This month, this issue was closed by Santiago R. R.(link is external), nicely explaining that build path variation is no longer the default, and, if desired, how developers may enable it again.
In openSUSE news, Bernhard M. Wiedemann published another report(link is external) for that distribution.
diffoscope(link is external) is our in-depth and content-aware diff utility that can locate and diagnose reproducibility issues. This month, Chris Lamb made the following changes, including preparing and uploading version 278 to Debian:
-
New features:
- Add a helpful contextual message to the output if comparing Debian .orig tarballs within .dsc files without the ability to “fuzzy-match” away the leading directory. […(link is external)]
-
Bug fixes:
- Drop removal of calculated os.path.basename from GNU readelf output. […(link is external)]
- Correctly invert “X% similar” value and do not emit “100% similar”. […(link is external)]
-
Misc:
- Temporarily remove procyon-decompiler from Build-Depends as it was removed from testing (via #1057532(link is external)). (#1082636(link is external))
- Update copyright years. […(link is external)]
For trydiffoscope(link is external), the command-line client for the web-based version of diffoscope, Chris Lamb also:
- Added an explicit python3-setuptools dependency. (#1080825(link is external))
- Bumped the Standards-Version to 4.7.0. […(link is external)]
disorderfs(link is external) is our FUSE(link is external)-based filesystem that deliberately introduces non-determinism into system calls to reliably flush out reproducibility issues. This month, version 0.5.11-4 was uploaded to Debian unstable(link is external) by Holger Levsen making the following changes:
- Replace build-dependency on the obsolete pkg-config package with one on pkgconf, following a Lintian(link is external) check. […(link is external)]
- Bump Standards-Version field to 4.7.0, with no related changes needed. […(link is external)]
In addition, reprotest(link is external) is our tool for building the same source code twice in different environments and then checking the binaries produced by each build for any differences. This month, version 0.7.28 was uploaded to Debian unstable(link is external) by Holger Levsen including a change by Jelle van der Waa to move away from the pipes Python module to shlex, as the former will be removed in Python version 3.13 […(link is external)].
Fay Stegerman reported an issue with the Android toolchain(link is external) where a part of the build system generates a different classes.dex file (and thus a different .apk) depending on the number of cores available during the build, thereby breaking Reproducible Builds:
We’ve rebuilt [tag v3.6.1](link is external) multiple times (each time in a fresh container): with 2, 4, 6, 8, and 16 cores available, respectively:
- With 2 and 4 cores we always get an unsigned APK with SHA-256 14763d682c9286ef….
- With 6, 8, and 16 cores we get an unsigned APK with SHA-256 35324ba4c492760… instead.
A new plugin for the Gradle(link is external) build tool for Java has been released. This easily-enabled plugin(link is external) results in:
reproducibility settings [being] applied to some of Gradle’s built-in tasks that should really be the default. Compatible with Java 8 and Gradle 8.3 or later.
There were a rather substantial number of improvements made to our website this month, including:
-
Chris Lamb:
- Attempt to use GitLab CI to ‘artifact’ the website; hopefully useful for testing branches. […(link is external)]
- Correct the linting rule whilst building the website. […(link is external)]
- Make a number of small changes to Kees’ post written by Vagrant. […(link is external)][…(link is external)][…(link is external)]
- Add the Civil Infrastructure Platform(link is external) to the Projects(link is external) page. […(link is external)]
- Miscellaneous administration of misfiled images. […(link is external)][…(link is external)]
-
Evangelos Tzaras made a huge number of changes related to the recent Hamburg 2024 summit(link is external) […(link is external)][…(link is external)][…(link is external)][…(link is external)][…(link is external)] as well as proposed an infographic about which question Reproducible Builds is trying to answer(link is external).
-
Holger Levsen added his two presentations (Reproducible Builds: The First Eleven Years(link is external) and Preserving *other* build artifacts(link is external)) to the website. […(link is external)]
-
Jelle van der Waa completely modernised the System Images(link is external) documentation, noting that “a lot has changed since 2017(!); ext4, erofs and FAT filesystems can now be made reproducible”. […(link is external)]
-
Developer RyanSquared replaced the continuous integration test link for Arch Linux(link is external) on our Projects(link is external) page with an external instance(link is external) […(link is external)][…(link is external)] as well as updated the documentation to reflect the dependencies required to build the website […(link is external)].
-
Vagrant Cascadian pushed a lengthy interview with Linux developer Kees Cook(link is external). […(link is external)][…(link is external)][…(link is external)][…(link is external)]
The Reproducible Builds project detects, dissects and attempts to fix as many currently-unreproducible packages as possible. We endeavour to send all of our patches upstream where appropriate. This month, we wrote a large number of such patches, including:
-
Bernhard M. Wiedemann:
- agama-integration-tests(link is external) (random)
- contrast(link is external) (FTBFS-nocheck)
- cpython(link is external) (FTBFS-2038)
- crash(link is external) (parallelism, race)
- ghostscript(link is external) (toolchain date)
- glycin-loaders(link is external) (FTBFS -j1)
- gstreamer-plugins-rs(link is external) (date, other)
- kernel-doc/Sphinx(link is external) (toolchain bug, parallelism/race)
- kernel(link is external) (parallelism in BTF)
- libcamera(link is external) (random key)
- libgtop(link is external) (uname -r)
- libsamplerate(link is external) (random temporary directory)
- lua-luarepl(link is external) (FTBFS)
- meson(link is external) (toolchain)
- netty(link is external) (modification time in .a)
- nvidia-persistenced(link is external) (date)
- nvidia-xconfig(link is external) (date-related issue)
- obs-build(link is external) (build-tooling corruption)
- perl(link is external) (Perl records kernel version)
- pinentry(link is external) (make efl(link is external) droppable)
- python-PyGithub(link is external) (FTBFS 2024-11-25)
- python-Sphinx(link is external) (parallelism/race)
- python-chroma-hnswlib(link is external) (CPU)
- python-libcst(link is external)
- python-pygraphviz(link is external) (random timing)
- python312(link is external) (.pyc embeds modification time)
- python312(link is external) (drop .pyc from documentation time)
- scap-security-guide(link is external) (date)
- seahorse(link is external) (parallelism)
- subversion(link is external) (minor Java .jar modification times)
- xen/acpica(link is external) (date-related issue in toolchain)
- xmvn(link is external) (random)
- Fridrich Strba:
- ant(link is external) (jar mtime)
- xmvn(link is external) (various fixes)
-
Chris Lamb:
- #1082702(link is external) filed against magic-wormhole-transit-relay(link is external).
- #1082706(link is external) filed against python-sphobjinv(link is external).
- #1082707(link is external) filed against lomiri-content-hub(link is external).
- #1082796(link is external) filed against python-mt-940(link is external).
- #1082806(link is external) filed against tree-puzzle(link is external).
- #1083053(link is external) filed against muon-meson(link is external).
-
James Addison:
- guake(link is external) (fix a parallelism/timing-race build bug)
- sphobjinv(link is external) (duplicates fix from Debian bug #1082706)
The Reproducible Builds project operates a comprehensive testing framework running primarily at tests.reproducible-builds.org(link is external) in order to check packages and other artifacts for reproducibility. In September, a number of changes were made by Holger Levsen, including:
-
Debian(link is external)-related changes:
- Upgrade the osuosl4 node to Debian trixie in anticipation of running debrebuild and rebuilderd there. […(link is external)][…(link is external)][…(link is external)]
- Temporarily mark the osuosl4 node as offline due to ongoing xfs_repair filesystem maintenance. […(link is external)][…(link is external)]
- Do not warn about (very old) broken nodes. […(link is external)]
- Add the risc64 architecture to the multiarch version skew tests for Debian trixie and sid. […(link is external)][…(link is external)][…(link is external)]
- Mark the virt{32,64}b nodes as down. […(link is external)]
-
Misc changes:
- Add support for powercycling OpenStack instances. […(link is external)]
- Update the fail2ban(link is external) to ban hosts for 4 weeks in total […(link is external)][…(link is external)] and take care to never ban our own Jenkins(link is external) instance. […(link is external)]
In addition, Vagrant Cascadian recorded a disk failure for the virt32b and virt64b nodes […(link is external)], performed some maintenance of the cbxi4a node […(link is external)][…(link is external)] and marked most armhf architecture systems as being back online.
Finally, If you are interested in contributing to the Reproducible Builds project, please visit our Contribute(link is external) page on our website. However, you can get in touch with us via:
-
IRC: #reproducible-builds on irc.oftc.net.
-
Mastodon: @reproducible_builds@fosstodon.org(link is external)
-
Mailing list: rb-general@lists.reproducible-builds.org(link is external)
-
Twitter: @ReproBuilds(link is external)
Talking Drupal: Talking Drupal #470 - Creating Recipes(link is external)
Today we are talking about Creating Recipes, What Recipes already exist, and helpful tips and tricks with guest Jim Birch. We’ll also cover Features as our module of the week.
For show notes visit: https://www.talkingDrupal.com/470(link is external)
Topics- What are recipes
- How do you recommend someone get started writing recipes
- Where can people find recipes
- Can you include sub recipes
- How should you test recipes
- Any tools that make writing recipes easier
- What recipes are needed that do not exist
- How can people move recipes forward
- Recipe Author Guide(link is external)
- Drupal Core Recipes(link is external)
- Preconditions for recipes(link is external)
- Drupal Recipes Cookbook(link is external)
- Recipes Packagist(link is external)
- Recipe type(link is external)
- Phase 2 roadmap(link is external)
- Umami profile recipes(link is external)
- Minimal profile recipes(link is external)
Jim Birch - linkedin.com/in/jimbirch(link is external) thejimbirch(link is external)
HostsNic Laflin - nLighteneddevelopment.com(link is external) nicxvan(link is external) John Picozzi - epam.com(link is external) johnpicozzi(link is external) Aubrey Sambor - star-shaped.org(link is external) starshaped(link is external)
MOTW CorrespondentMartin Anderson-Clutz - mandclu.com(link is external) mandclu(link is external)
- Brief description:
- Have you ever wanted an admin UI to manage sets of configuration, to version and share across Drupal sites? There’s a module for that.
- Module name/project name:
- Brief history
- How old: created in Mar 2009 by yhahn, though recent releases are by Dave Reid
- Versions available: 7.x-2.15 and 8.x-3.14, the latter of which works with Drupal 9.4 and 10
- Maintainership
- Minimally maintained
- Security coverage
- Test coverage
- Documentation: Has a documentation guide and probably hundreds if not thousands of of tutorials available
- Number of open issues: 610 open issues, 54 of which are bugs against the 8.x branch
- Usage stats:
- Almost 117,000 sites, though the majority are using the D7 version
- Module features and usage
- Many listeners will remember Features as the de facto solution for configuration management in Drupal 7 and earlier
- As the name implies, it was really intended to share common capabilities across different Drupal sites
- Unlike recipes, Features can have version numbers, because there is a path to sync configuration updates across sites using a Feature, though this is where a lot of teams found Features could be complex to use
- We did previously cover Features as MOTW all the way back in episode #147, but I thought it was relevant to today’s discussion because of the way it provides a UI for organizing and exporting specific sets of configuration
- There is an open issue for Features to directly export recipes, because it already does a lot of the time-consuming work of collecting together necessary config files, including dependencies
- Even its current state, it could be a time saver for anyone wanting to start creating their own recipes