Feeds

Join the FSF and friends on Friday, September 13 from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.

In this tutorial, you will learn how to use Google's Gemini AI model through its API in Python.

Steps to Access Gemini API

Follow the steps below to access the Gemini API and then use it in python.

1. Visit Google AI Studio website.
2. Sign in using your Google account.
3. Create an API key.
4. Install the Google AI Python library for the Gemini API using the command below :
   pip install google-generativeai.

To read this article in full, please click hereThis post appeared first on ListenData

One of the most common tasks that a computer program performs is to display data. The program often displays this information to the program’s user. However, a program also needs to show information to the programmer developing and maintaining it. The information a programmer needs about an object differs from how the program should display the same object for the user, and that’s where .__repr__() vs .__str__() comes in.

A Python object has several special methods that provide specific behavior. There are two similar special methods that describe the object using a string representation. These methods are .__repr__() and .__str__(). The .__repr__() method returns a detailed description for a programmer who needs to maintain and debug the code. The .__str__() method returns a simpler description with information for the user of the program.

The .__repr__() and .__str__() methods are two of the special methods that you can define for any class. They allow you to control how a program displays an object in several common forms of output, such as what you get from the print() function, formatted strings, and interactive environments.

In this video course, you’ll learn how to differentiate .__repr__() vs .__str__() and how to use these special methods in the classes you define. Defining these methods effectively makes the classes that you write more readable and easier to debug and maintain. So, when should you choose Python’s .__repr__() vs .__str__?

[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]

Python code to remove pages from PDF files. How to delete pages from PDF files. Trim a PDF file. Pull a few pages from the PDF file and make a new one. Reduce PDF file size.

Helen Keller said, “Alone we can do so little; together we can do so much.” Although she wouldn’t have understood this 2024 expression, we know “she nailed it.” It takes many of us working together to truly accomplish great things. That’s why the OSI staff is so excited to welcome Jordan Maris to our team.

As OSI’s European Policy Analyst, Jordan will work to build a bridge between European Union legislators, the OSI and the wider Open Source community. He will monitor upcoming EU policies and flag issues and opportunities, educate and inform EU lawmakers about Open Source and its benefits, represent the OSI at EU-level events and conferences, and provide analysis and support to the OSI’s board and members on EU policy issues. He will also work closely with other Open Source foundations and organizations to make sure the voice of the Open Source community is heard at an EU level.

Jordan comes well-equipped with the experience he needs to excel in this role. He worked for three years with members of the European Parliament. In his previous position as a senior parliamentary policy advisor, he fought for the Open Source community on laws such as the AI Act, European Digital Identity, Data Act, Product Liability Directive, and Cyber-Resilience Act. He is a strong advocate for the Public Money–Public Code principle and a long-time user of and occasional contributor to Open Source software. He speaks English, French and German.

When asked about his vision for the future of Open Source, Jordan replied, “A world where Open Source is the rule — not the exception, and where developers and communities are consistently supported, listened to and valued.” 

Jordan says, “I’m looking forward to being able to devote more time to raising awareness about Open Source among lawmakers and to bringing together the Open Source community and EU lawmakers so that new laws better reflect the needs of the Open Source community.”

Please join me in welcoming Jordan to the team.

Can Contact Forms Be Replaced by AI Chatbots on Drupal Websites? bhavinhjoshi Tue, 09/10/2024 - 17:52

Contact forms have been a staple on websites for years.

But, are they becoming outdated?

Say hello to AI chatbots.

Here’s why an AI chatbot might just be the better choice.

Real-time Engagement 

• Contact forms often mean waiting. Users type out their message, hit send, and then wait for a response. With AI chatbots, the response is instant, providing immediate support and answers.
• Example: A user needs information about your services. Instead of waiting hours (or days) for an email reply, the chatbot instantly provides the details they need.

Enhanced User Experience 

• Chatbots can guide users through their queries, step-by-step. This ensures visitors aren't left guessing, navigating through multiple pages to find answers.
• Example: Someone asks about your pricing. The chatbot not only shares the info but can also offer links to relevant pages, FAQs, and even schedule a meeting with a sales rep.

24/7 Availability 

• Unlike human staff, chatbots never sleep. They're available around the clock, ensuring your site visitors always get the support they need, no matter the time zone.
• Example: A potential client from another continent visits your site at 3 AM. The chatbot assists them in real-time rather than making them wait until your business hours.

Personalisation 

• Modern AI chatbots can personalise interactions based on user data. This means more relevant responses and recommendations tailored to each visitor.
• Example: The chatbot recognises a returning user and picks up the conversation where it left off, making the interaction feel continuous and personal.

But is it all sunshine and rainbows? Not quite.

There are challenges.

Some users may prefer human touch over automation. And, implementing a sophisticated AI chatbot can be resource-intensive.

So, should you replace your contact form with a chatbot?

Maybe not completely. A hybrid approach might work best. Let the chatbot handle routine inquiries and simple tasks, while the contact form can serve for more detailed and specific requests.

What do you think? Can AI chatbots replace traditional contact forms on Drupal websites?

Drupal Drupal 10 AI Drupal Planet Add new comment

Noah’s Page Builder offers Drupal users an intuitive way to create front-end pages quickly, without needing extra modules like Paragraphs. Developed by Julian Chabrillon, this tool provides real-time design changes, a variety of widgets, and CSS configuration options. In this interview, Julian discusses the inspiration, challenges, and future plans for Noah’s, including its impact on the Drupal community with both free and paid versions available for flexible usage.

Non-code contributions in open source communities attract considerable interest. Join a panel discussion with diverse experts who are actively involved in non-code contributions within the Drupal community to bridge a gap between experienced contributors and those considering their first step!

Discover together with Norman Kaemper-Leymann and Yannick Leyendecker a selection of Drupal contrib modules tailored to specific use cases, including Config Patch GitLab API, Content Templates, Frontend Editing, and more!

AI tools like OpenAI's ChatGPT integrate well with Drupal, but identifying the right use cases can be challenging. Explore together with Christoph Breidert the opportunities and limitations of LLMs and learn how to create impactful AI solutions!

Learn together with Artem and Bruno how to simplify content management using the Drupal modules “Content Templates” and “Frontend Editing.” Discover best practices for managing content at scale and improving the editor experience!

Explore the digital transformation of one of Europe’s oldest pharmaceutical companies together with Baddy Breidert, CEO of 1xINTERNET, and Alexander Reisenauer, Director of Global Digital Marketing at Schwabe Group. Discover how strategic decisions led to Drupal becoming a key component of Schwabe's digital ecosystem!

tl;dr

On Thursday 5 September 2024 we performed some system maintenance. It appeared to have gone well, and was completed at the scheduled time (06:20 UTC), but unfortunately there were unexpected knock-on effects that caused issues later on in the day, and further problems on Saturday 7 September. This post gives the details of why we needed to perform the maintenance, what happened, and what we will do to prevent a recurrence.

In our recent newsletter, we incorrectly stated the dates for DrupalCon Europe 2024. The event will take place from September 24 to 27, 2024. We regret the oversight and appreciate your understanding.

While fiddling around, I found a (fairly serious) vulnerability in Zyxel's GS1900-10HP and related switches; today Zyxel released an advisory with updated firmware, so I can publish my side of it as well. (Unfortunately there's no Zyxel bounty program, but Zyxel PSIRT has been forthcoming all along, which I guess is all you can hope for.)

The CVE (CVE-2024-38270) is sparse on details, so I'll simply paste my original message to Zyxel below:

Hi, GS1900-10HP (probably also many other switches in the same series), firmware V2.80(AAZI.0) (also older ones) generate web authentication tokens in an unsafe way. This makes it possible for an attacker to guess them and hijack the session. web_util_randStr_generate() contains code that is functionally the same as this: char token[17]; struct timeval now; gettimeofday(&now, NULL); srandom(now.tv_sec + now.tv_usec); for (int i = 0; i < 16; ++i) { long r = random() % 62; char c; if (r < 10) { c = r + '0'; // 0..9 } else if (r < 36) { c = r + ('A' - 10); // A..Z } else { c = r + ('a' - 36); // a..z } token[i] = c; } token[16] = 0; (random() comes from uclibc, but it has the same generator as glibc, so the code runs just as well on desktop Linux) This token is generated on initial login, and stored in a cookie on the client. This has multiple problems: First, the clock is a known quantity; even if the switch is not on SNTP, it is trivial to get its idea of time-of-day by just doing a HTTP request and looking at the Date header. This means that if an attacker knows precisely when the administrator logged in (for instance, by observing a HTTPS login on the network), they will have a very limited range of possible tokens to check. Second, tv_sec and tv_usec are combined in an improper way, canceling out much of the intended entropy. As long as one assumes that the administrator logged in less than a day ago, the entire range of possible seeds it contained within the range [now - 86400, now + 999999], i.e. only about 1.1M possible cookies, which can simply be tried serially even if one did not observe the original login. There is no brute-force protection on the web interface. I have verified that this attack is practical, by simply generating all the tokens and asking for the status page repeatedly (it is trivial to see whether it returns an authentication success or failure). The switch can sustain about one try every 96 ms on average against an attacker on a local LAN (there is no keepalive or multithreading, so the most trivial code is seemingly also the best one), which means that an attack will succeed on average after about 15 hours; my test run succeeded after a bit under three hours. If there are multiple administrator sessions active, the expected time to success is of course lower, although the tries are also somewhat slower because the switch has to deal with the keepalive traffic from the admins. This is a straightforward case of CWE-330 (Use of Insufficiently Random Values), with subcategories CWE-331, CWE-334, CWE-335, CWE-337, CWE-339, CWE-340, CWE-341 and probably others. The suggested fix is simple: Read entropy from /dev/urandom or another good source, instead of using random(). (Make sure that you don't get bias issues due to the use of modulo; you can use e.g. rejection sampling.) Session timeout does help against this attack (by default, it is 3 minutes), but only as long as the administrator has not kept a tab open. If the tab is left open, that keeps on making background requests that refreshes the token every five seconds, guaranteeing a 100% success rate if given a day or two. There is also _tons_ of outdated software on the switch (kernel from 2008, OpenSSH from 2013, netkit-telnetd which is no longer maintained, a fork of a very old NET-SNMP, etc.), but I did not check whether there are any relevant security holes or whether you have actually backported patches.

I haven't verified what their fix looks like, but it's probably somewhere there in the GPL dump. :-)

Drupal 11 has arrived! Okay, it’s been a month, but we were too busy exploring its new features to write the blog right away. With improved CKEditor integration, performance boosts, a redesigned Field UI, and updated taxonomy term revisions, this version builds on the success of Drupal 10. It introduces new tools and workflows designed to simplify development, improve performance, and streamline content management—making it easier than ever to create and maintain high-quality digital experiences. In this article we’ll talk about what makes Drupal 11 so exciting and even walk you through the upgrade from Drupal 10. Dive in! What’s introduced in Drupal 11 Drupal 11, the latest major release of the Drupal Content Management System, brings powerful new features that enhance the capabilities of developers, site builders, and content owners. This version focuses on modern technologies and best practices to make sites more efficient, scalable, and easier to maintain. Key improvements in Drupal 11 include enhancements to the developer experience, performance boosts, and advanced tools for content creators. With these updates, Drupal 11 empowers users to build and maintain optimized digital experiences with greater ease. Below are the major features and enhancements you can expect in Drupal 11 compared to Drupal 10: Faster real and perceived page performance including interface previews and lazy loading. New Experimental Recipes API. Single Directory Components (SDC) - used to create UI components. Symfony 7 under the hood (replacing Symfony 6). Decoupled menu support improved with Linkset support. Content editing is streamlined with automatic formatting. Menu, taxonomy, block and permission management made easier. What’s removed Several Drupal core modules and themes are deprecated in Drupal 10 and removed in Drupal 11. While they are no longer included in Drupal 11, you can still install and use them if needed: Actions UI Book Tracker Forum Statistics Tour How to Upgrade from Drupal 10 to Drupal 11 Platform requirements This version of Drupal 11 requires specific conditions to be met in your environment. Please ensure you check the following requirements: Update to PHP 8.3 Update to Drush 13 Database: It requires MySQL 8.0+ or MariaDB 10.6+. Otherwise, use the mysql57 module to use Drupal 11 on MySQL 5.7.8+ and MariaDB 10.3.7+. Symfony 7 jQuery 4 PHPUnit 10 Composer 2.7.7 Web server - As of Drupal 11.0.0, it does not support using Microsoft IIS. Other web server requirements remain unchanged.  Upgrade to the latest Drupal 10 Drupal sites running version 10.2.x or earlier must first upgrade to version 10.3.0 or later before updating to Drupal 11. This is necessary because all core updates introduced prior to version 10.3.0 have been removed. Upgrade Status + Drupal Rector Run a deprecation scan using the Upgrade Status module in conjunction with Drupal Rector to identify and address deprecated code before upgrading your Drupal site. The screenshot below shows the upgrade status report for Drupal Core version 10.1. Here is a snapshot of the upgrade status report after upgrading Drupal core to the latest version, 10.3. Update platform requirements as needed Drupal 11 requires PHP 8.3 and the MySQL database driver requires MySQL 8.0. While Drupal 11 does not currently use MySQL 8-specific syntax, future versions will. If you cannot upgrade to MySQL 8.0 immediately, you can use the MySQL 5.7 backport module as a temporary solution. Upgrade Contributed Packages Upgrade contributed modules & themes to the latest compatible version using Composer. For example: composer require drupal/package_name:^x.y --no-updateWhere, ^x.y is the latest available version of the package. For packages without Drupal 11 compatibility, use composer require with mglaman/composer-drupal-lenient and apply necessary patches using cweagans/composer-patches. Update Custom Code Use Upgrade Status and Drupal Rector to assess the readiness of your custom modules and themes for Drupal 11. Replace any code that was deprecated in Drupal 10 and removed in Drupal 11. Update Core to Drupal Core The following provides instructions for updating from Drupal 10.3.x to Drupal 11.x. Temporarily grant write access to protected files and directories: chmod 777 web/sites/default chmod 666 web/sites/default/*settings.php chmod 666 web/sites/default/*services.yml Update the required versions of the core-recommended packages. Use the --no-update option to prevent issues with mutual dependencies during the update process: composer require 'drupal/core-recommended:^11' 'drupal/core-composer-scaffold:^11' 'drupal/core-project-message:^11' --no-update Upgrade drush to version ^13: composer require 'drush/drush:^13' --no-update Perform upgrade to the core using: composer update After successfully running composer update without errors, verify that you can also run composer install. Update the database using drush:  drush updatedb Once complete, restore read-only access to the sites/default directory: chmod 755 web/sites/default chmod 644 web/sites/default/*settings.php chmod 644 web/sites/default/*services.yml For a detailed guide on upgrading, please visit https://www.drupal.org/docs/upgrading-drupal/upgrading-from-drupal-8-or-later/how-to-upgrade-from-drupal-10-to-drupal-11. Final thoughts No need to stress though! Drupal 10 isn’t going anywhere for a while. It will remain supported until Drupal 12 arrives, which is expected around mid to late 2026. But the fact that there are so many exciting updates and features in Drupal 11 means that moving from Drupal 10 to Drupal 11 is an opportunity you won’t want to miss. Transitioning now will set you up for future success and make the most of what Drupal 11 has to offer. Thinking about making the jump to Drupal 11? Our Drupal experts are just an email away!

• For the Debian firmware-nonfree package:
  • I opened the MR:
    • !104: Update to linux-support-6.10.6
  • I reviewed the MRs:
    • !102: Backport firmware-nonfree 20240709-2~bpo12+1 to Bookworm
  • I responded to a query about backporting.
• For the Debian linux package:
  • I opened or updated the MRs:
    • !741: Draft: Fix some reproducibility issues
    • !1153: Update to 6.11
    • !1161: Fix and clean up Build-Depends
    • !1164: d/config: Fix broken configs that were being resolved differently by kconfig
    • !1175: Fix perf build failure on many architectures
  • I reviewed the MRs:
    • !964: tools/arch/x86/intel_sdsi: Add sdsi package for Intel SDSi provisioning tool (merged)
    • !1136: Compile with gcc-14 on all architectures (merged)
    • !1148: [arm64] drivers/phy/marvell: Enable PHY_MVEBU_CP110_UTMI as module (merged)
    • !1149: [arm64] Include modules for Lenovo Yoga C630 and Lenovo Miix 630 (merged)
    • !1150: Draft: debian/lib/python/debian_linux/debian.py: allow more liberal revision suffixes than just \+b\d+
    • !1155: [ia64] Purge ia64 from installer (merged)
    • !1156: [x86] enable mfd components for BXT pmic (merged)
    • !1157: [x86] Enable IPU6 and related camera options (merged)
    • !1163: riscv64 kernel config update for 6.11 (merged)
    • !1173: Update to 6.11-rc5 (merged)
    • !1165: [amd64] Enable DRM_ACCEL_HABANALABS and DRM_ACCEL_IVPU (merged)
    • !1176: [riscv64] fix conflict between kernel-image and mtd-core-modules (merged)
  • I merged my own MRs:
    • !1161: Fix and clean up Build-Depends
    • !1164: d/config: Fix broken configs that were being resolved differently by kconfig
    • !1175: Fix perf build failure on many architectures
  • I uploaded:
    • linux version 6.11~rc4-1~exp1 to experimental.
    • linux version 6.11~rc5-1~exp1 to experimental.
    • linux version 6.10.6-1~bpo12+1 to bookworm-backports.
  • Upstream, I commented on additional backports required to address CVE-2024-26621 and CVE-2024-42258.
  • I responded to bug reports:
    • #1072004: linux: regression in the 9p protocol in 6.8 breaks autopkgtest qemu jobs (affecting debci)
  • Upstream, I submitted the patch aacraid: Fix double-free on probe failure which should fix part of bug #1075855.
  • Upstream, I pointed out that the fix in !1175 is needed in Linux 6.11.
  • I updated the bullseye-security branch to upstream version 5.10.224, but didn’t make a new upload.
  • I updated the bullseye-security-6.1 branch, merging changes from version 6.1.106-3.
• For initramfs-tools:
  • I opened and later merged the MRs:
    • !129: hook_functions: Fix copy_file with source including a directory symlink
    • !130: Fix autopkgtest failures on armhf and ppc64el
    • !131: hook-functions: copy_file: Canonicalise target filename
    • !132: autopkgtest: Run tests as root
    • !133: Backport fixes for bookworm
  • I reviewed the MRs:
    • !128: Put compressed kernel modules and firmware in an uncompressed cpio
  • I uploaded:
    • version 0.144 to Debian unstable.
    • version 0.145 to Debian unstable.
    • version 0.142+deb12u1 to Debian bookworm.
  • I responded to Debian bug reports:
    • #984584: initramfs-tools: autopkgtest amd64-separate-usr fails if TMPDIR is a tmpfs
    • #1079333: initramfs-tools: upgrading causes dpkg(1) to fail
    • #1079150: cryptsetop: Waiting for encrypted source device
    • #1080203: initramfs-tools: USB keyboard stopped working on LUKS prompt
• For the Debian iproute package, I reverted the recent removal of the /usr/sbin/ip symlink and uploaded version 6.10.0-2.
• For kernel-wedge:
  • I fixed a bug in duplicate detection that linux !1176 had revealed.
  • I added support for packages installing modules under /usr/lib/modules, and a test case for this.
  • I uploaded version 2.106 to Debian unstable, including the above and some other bug fixes.
• For the Debian sgt-puzzles package, I responded to and wrote a patch for bug #1079717: sgt-puzzles: [Mozaic] crashes when copying the game.

Today, Beyond Blocks - the podcast I started last year and has 20 published episodes - passed 1,000 total downloads.

I've had some great guests on the show and discussed some interesting topics so far and I have others recorded and guests lined up for future episodes.

This week's episode will be with Eirik Morland again - the first returning guest - where we discuss the improvements and changes that have been made to Violinist.io since we spoke in January.

The first episode with Erik is here if you want to listen to it beforehand.

Thanks to all the guests and listeners of the podcast, and if you'd like to be a guest or suggest a topic, reply and let me know.

Debian Contributions: 2024-08

Contributing to Debian is part of Freexian’s mission. This article covers the latest achievements of Freexian and their collaborators. All of this is made possible by organizations subscribing to our Long Term Support contracts and consulting services.

Debian Python 3 patch review, by Stefano Rivera

Last month, at DebConf, Stefano reviewed the current patch set of Debian’s cPython packages with Matthias Klose, the primary maintainer until now. As a result of that review, Stefano re-reviewed the patchset, updating descriptions, etc. A few patches were able to be dropped, and a few others were forwarded upstream.

One finds all sorts of skeletons doing reviews like this. One of the patches had been inactive (fortunately, because it was buggy) since the day it was applied, 13 years ago. One is a cleanup that probably only fixes a bug on HPUX, and is a result of copying code from xfree86 into Python 25 years ago. It was fixed in xfree86 a year later. Others support just Debian-specific functionality and probably never seemed worth forwarding. Or good cleanup that only really applies to Debian.

A trivial new patch would allow Debian to multiarch co-install Python stable ABI dynamic extensions (like we can with regular dynamic extensions). Performance concerns are stalling it in review, at the moment.

DebConf 24 Organization, by Stefano Rivera

Stefano helped organize DebConf 24, which concluded in early August. The event is run by a large entirely volunteer team. The work involved in making this happen is far too varied to describe here. While Freexian provides funding for 20% of collaborator time to spend on Debian-related work, it only covers a small fraction of contributions to time-intensive tasks like this.

Since the end of the event, Stefano has been doing some work on the conference finances, and initiated the reimbursement process for travel bursaries.

Archive rebuilds on Debusine, by Stefano Rivera

The recent setuptools 73 upload to Debian unstable removed the test subcommand, breaking many packages that were using python3 setup.py test in their Debian packaging. Stefano did a partial archive-rebuild using debusine.debian.net to find the regressions and file bugs.

Debusine will be a powerful tool to do QA work like this for Debian in the future, but it doesn’t have all the features needed to coordinate rebuild-testing, yet. They are planned to be fleshed out in the next year. In the meantime, Debusine has the building blocks to work through a queue of package building tasks and store the results, it just needs to be driven from outside the system.

So, Stefano started working on a set of tools using the Debusine client API to perform archive rebuilds, found and tagged existing bugs, and filed many more.

OpenSSH GSS-API split, by Colin Watson

Colin landed the first stage of the planned split of GSS-API authentication and key exchange support in Debian’s OpenSSH packaging. In order to allow for smooth upgrades, the second stage will have to wait until after the Debian 13 (trixie) release; but once that’s done, as upstream puts it, “this substantially reduces the amount of pre-authentication attack surface exposed on your users’ sshd by default”.

OpenSSL vs. cryptography, by Colin Watson

Colin facilitated a discussion between Debian’s OpenSSL team and the upstream maintainers of Python cryptography about a new incompatibility between Debian’s OpenSSL packaging and cryptography’s handling of OpenSSL’s legacy provider, which was causing a number of build and test failures. While the issue remains open, the Debian OpenSSL maintainers have effectively reverted the change now, so it’s no longer a pressing problem.

/usr-move, by Helmut Grohne

There are less than 40 source packages left to move files to /usr, so what we’re left with is the long tail of the transition. Rather than fix all of them, Helmut started a discussion on removing packages from unstable and filed a first batch. As libvirt is being restructured in experimental, we’re handling the fallout in collaboration with its maintainer Andrea Bolognani. Since base-files validates the aliasing symlinks before upgrading, it was discovered that systemd has its own ideas with no solution as of yet. Helmut also proposed that dash checks for ineffective diversions of /bin/sh and that lintian warns about aliased files.

rebootstrap by Helmut Grohne

Bootstrapping Debian for a new or existing CPU architecture still is a quite manual process. The rebootstrap project attempts to automate part of the early stage, but it still is very sensitive to changes in unstable. We had a number of fairly intrusive changes this year already. August included a little more fallout from the earlier gcc-for-host work where the C++ include search path would end up being wrong in the generated cross toolchain. A number of packages such as util-linux (twice), libxml2, libcap-ng or systemd had their stage profiles broken. e2fsprogs gained a cycle with libarchive-dev due to having gained support for creating an ext4 filesystem from a tar archive. The restructuring of glib2.0 remains an unsolved problem for now, but libxt and cdebconf should be buildable without glib2.0.

Salsa CI, by Santiago Ruano Rincón

Santiago completed the initial RISC-V support (!523) in the Salsa CI’s pipeline. The main work started in July, but it was required to take into account some comments in the review (thanks to Ahmed!) and some final details in [!534]. riscv64 is the most recently supported port in Debian, which will be part of trixie. As its name suggests, the new build-riscv64 job makes it possible to test that a package successfully builds in the riscv64 architecture. The RISC-V runner (salsaci riscv64 runner 01) runs in a couple of machines generously provided by lab.rvperf.org. Debian Developers interested in running this job in their projects should enable the runner (salsaci riscv64 runner 01) in Settings / CI / Runners, and follow the instructions available at https://salsa.debian.org/salsa-ci-team/pipeline/#build-job-on-risc-v.

Santiago also took part in discussions about how to optimize the build jobs and reviewed !537 to make the build-source job to only satisfy the Build-Depends and Build-Conflicts fields by Andrea Pappacoda. Thanks a lot to him!

Miscellaneous contributions

• Stefano submitted patches for BeautifulSoup to support the latest soupsieve and lxml.
• Stefano uploaded pypy3 7.3.17, upgrading the cPython compatibility from 3.9 to 3.10. Then ran into a GCC-14-related regression, which had to be ignored for now as it’s proving hard to fix.
• Colin released libpipeline 1.5.8 and man-db 2.13.0; the latter included foundations allowing adding an autopkgtest for man-db.
• Colin upgraded 19 Python packages to new upstream versions (fixing 5 CVEs), fixed several other build failures, fixed a Python 3.12 compatibility issue in zope.security, and made python-nacl build reproducibly.
• Colin tracked down test failures in python-asyncssh and Ruby resulting from certain odd /etc/hosts configurations.
• Carles upgraded the packages python-ring-doorbell and simplemonitor to new upstream versions.
• Carles started discussions and implementation of a tool (still in early days) named “po-debconf-manager”: a way for translators and reviewers to collaborate using git as a backend instead of mailing list; and submit the translations using salsa MR. More information next month.
• Carles (dog-fooding “po-debconf-manager”) reviewed debconf templates translated by a collaborator.
• Carles reviewed and submitted the translation of “apt”.
• Helmut sent 19 patches for improving cross building.
• Helmut implemented the cross-exe-wrapper proposed by Simon McVittie for use with glib2.0.
• Helmut detailed what it takes to make Perl’s ExtUtils::PkgConfig suitable for cross building.
• Helmut made the deletion of the root password work in debvm in all situations and implemented a test case using expect.
• Anupa attended Debian Publicity team meeting and is moderating and posting on Debian Administrators LinkedIn group.
• Thorsten uploaded package gutenprint to fix a FTBFS with gcc14 and package ipp-usb to fix a /usr-merge issue.
• Santiago updated bzip2 to fix a long-standing bug that requested to include a pkg-config file. An important impact of this change is that it makes it possible to use Rust bindings for libbz2 by Sequoia, an implementation of OpenPGP.

Tuesday, 10 September 2024. Today KDE releases a bugfix update to KDE Plasma 6, versioned 6.1.5.

Plasma 6.1 was released in June 2024 with many feature refinements and new modules to complete the desktop experience.

This release adds a month's worth of new translations and fixes from KDE's contributors. The bugfixes are typically small but important and include:

• Screenedge: allow activating clients in drag and drop. Commit. Fixes bug #450579
• Applets/kickoff: Fix keyboard navigation getting stuck inside gridviews. Commit. Fixes bug #489867
• Klipper: fix copying cells when images are ignored. Commit. Fixes bug #491488

View full changelog