Russell Coker: Links February 2021

Planet Debian - Sat, 2021-02-27 15:15

Elestic Search gets a new license to deal with AWS not paying them [1]. Of course AWS will fork the products in question. We need some anti-trust action against Amazon.

Big Think has an interesting article about what appears to be ritualistic behaviour in chompanzees [2]. The next issue is that if they are developing a stone-age culture does that mean we should treat them differently from other less developed animals?

Last Week in AWS has an informative article about Parler’s new serverless architecture [3]. They explain why it’s not easy to move away from a cloud platform even for a service that’s designed to not be dependent on it. The moral of the story is that running a service so horrible that none of the major cloud providers will touch it doesn’t scale.

Patheos has an insightful article about people who spread the most easily disproved lies for their religion [4]. A lot of political commentary nowadays is like that.

Indi Samarajiva wrote an insightful article comparing terrorism in Sri Lanka with the right-wing terrorism in the US [5]. The conclusion is that it’s only just starting in the US.

Belling Cat has an interesting article about the FSB attempt to murder Russian presidential candidate Alexey Navalny [6].

Russ Allbery wrote an interesting review of Anti-Social, a book about the work of an anti-social behavior officer in the UK [7]. The book (and Russ’s review) has some good insights into how crime can be reduced. Of course a large part of that is allowing people who want to use drugs to do so in an affordable way.

Informative post from Electrical Engineering Materials about the difference between KVW and KW [8]. KVA is bigger than KW, sometimes a lot bigger.

Arstechnica has an interesting but not surprising article about a “supply chain” attack on software development [9]. Exploiting the way npm and similar tools resolve dependencies to make them download hostile code. There is no possibility of automatic downloads being OK for security unless they are from known good sites that don’t allow random people to upload. Any sort of system that allows automatic download from sites like the Node or Python repositories, Github, etc is ripe for abuse. I think the correct solution is to have dependencies installed manually or automatically from a distribution like Debian, Ubuntu, Fedora, etc where there have been checks on the source of the source.

Devon Price wrote an insightful Medium article “Laziness Does Not Exist” about the psychological factors which can lead to poor results that many people interpret as “laziness” [10]. Everyone who supervises other people’s work should read this.

Related posts:

  1. Links January 2021 Krebs on Security has an informative article about web notifications...
  2. Links February 2014 The Economist has an interesting and informative article about the...
  3. Links February 2020 Truthout has an interesting summary of the US “Wars Without...
Categories: FLOSS Project Planets

Dima Kogan: horizonator: terrain renderer based on SRTM DEMs

Planet Debian - Sat, 2021-02-27 15:14

Check this out:

I just resurrected and cleaned up an old tool I had lying around. It's now nice and usable by others. This tool loads terrain data, and renders it from the ground, simulating what a human or a camera would see. This is useful for armchair exploring or for identifying peaks. This was relatively novel when I wrote it >10 years ago, but there are a number of similar tools in existence now. This implementation is still useful in that it's freely licensed and contains APIs, so fancier processing can be performed on its output.

Sources and (barely-complete-enough) documentation live here:


Categories: FLOSS Project Planets

Colorfield: A minimal Drupal 9 local development environment

Planet Drupal - Sat, 2021-02-27 14:53
Get a fast Drupal 9 setup in 3 commands. It just relies on a PHP built-in server, so no Docker here, the only requirements are Composer and PHP. Then, we will do a recap of the available tools for developers.
Categories: FLOSS Project Planets

Petter Reinholdtsen: Updated Valutakrambod, now also with information from NBX

Planet Debian - Sat, 2021-02-27 07:30

I have neglected the Valutakrambod library for a while, but decided this weekend to give it a face lift. I fixed a few minor glitches in several of the service drivers, where the API had changed since I last looked at the code. I also added support for fetching the order book from the newcomer Norwegian Bitcoin Exchange.

I alsod decided to migrate the project from github to gitlab in the process. If you want a python library for talking to various currency exchanges, check out code for valutakrambod.

This is what the output from 'bin/btc-rates-curses -c' looked like a few minutes ago:

Name Pair Bid Ask Spread Ftcd Age Freq Bitfinex BTCEUR 39229.0000 39246.0000 0.0% 44 44 nan Bitmynt BTCEUR 39071.0000 41048.9000 4.8% 43 74 nan Bitpay BTCEUR 39326.7000 nan nan% 39 nan nan Bitstamp BTCEUR 39398.7900 39417.3200 0.0% 0 0 1 Bl3p BTCEUR 39158.7800 39581.9000 1.1% 0 nan 3 Coinbase BTCEUR 39197.3100 39621.9300 1.1% 38 nan nan Kraken+BTCEUR 39432.9000 39433.0000 0.0% 0 0 0 Paymium BTCEUR 39437.2100 39499.9300 0.2% 0 2264 nan Bitmynt BTCNOK 409750.9600 420516.8500 2.6% 43 74 nan Bitpay BTCNOK 410332.4000 nan nan% 39 nan nan Coinbase BTCNOK 408675.7300 412813.7900 1.0% 38 nan nan MiraiEx BTCNOK 412174.1800 418396.1500 1.5% 34 nan nan NBX BTCNOK 405835.9000 408921.4300 0.8% 33 nan nan Bitfinex BTCUSD 47341.0000 47355.0000 0.0% 44 53 nan Bitpay BTCUSD 47388.5100 nan nan% 39 nan nan Coinbase BTCUSD 47153.6500 47651.3700 1.0% 37 nan nan Gemini BTCUSD 47416.0900 47439.0500 0.0% 36 336 nan Hitbtc BTCUSD 47429.9900 47386.7400 -0.1% 0 0 0 Kraken+BTCUSD 47401.7000 47401.8000 0.0% 0 0 0 Exchangerates EURNOK 10.4012 10.4012 0.0% 38 76236 nan Norgesbank EURNOK 10.4012 10.4012 0.0% 31 76236 nan Bitstamp EURUSD 1.2030 1.2045 0.1% 2 2 1 Exchangerates EURUSD 1.2121 1.2121 0.0% 38 76236 nan Norgesbank USDNOK 8.5811 8.5811 0.0% 31 76236 nan

Yes, I notice the negative spread on Hitbtc. Either I fail to understand their Websocket API or they are sending bogus data. I've seen the same with Kraken, and suspect there is something wrong with the data they send.

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Categories: FLOSS Project Planets

Andre Roberge: Friendly-traceback: testing with Real Python

Planet Python - Sat, 2021-02-27 06:51

Real Python is an excellent learning resource for beginning and intermediate Python programmers that want to learn more about various Python related topics. Most of the resources of RealPython are behind a paywall, but there are many articles available for free. One of the free articles, Invalid Syntax in Python: Common Reasons for SyntaxError, is a good overview of possible causes of syntax errors when using Python. The Real Python article shows code raising exceptions due to syntax errors and provides some explanation for each case.

In this blog post, I reproduce the cases covered in the Real Python article and show the information provided by Friendly-traceback. Ideally, you should read this blog post side by side with the Real Python article, as I mostly focus on showing screen captures, with very little added explanation or background.

If you want to follow along using Friendly-traceback, make sure that you use version 0.2.34 or newer.

Missing comma: first example from the articleThe article starts off showing some code leading to this rather terse and uninformative traceback.

Since the code is found in a file, we use python -m friendly_traceback theofficefacts.py to run it and obtain the following.

Misusing the Assignment Operator (=)We only show one example here, as the others mentioned in the article would be redundant. We remind you for one last time that, if you are not doing so, you should really look at the Real Python article at the same time as you go through this rather terse blog post.

Friendly traceback provides a "hint" right after the traceback. We can get more information by asking why().

Misspelling, Missing, or Misusing Python KeywordsIdentifying misspelled keywords was actually inspired by that article from Real Python.

Note that Friendly-traceback identifies "for" as being the most likely misspelled keyword, but gives other possible valid choices.
Friendly-traceback can also identify when break (and return) are used outside a loop.

To the English reader, Friendly-traceback might seem to add very little useful information. However, keep in mind that all this additional information can be translated. If you read the following and do not understand what "boucle" means, then you might get an idea of the some of the challenges faced by non-English speakers when using Python.

In some other cases, like the example given in the Real Python article, Friendly-traceback can identify a missing keyword.

As long as there is only one instance of "in" missing, Friendly-traceback can identify it properly.

Finally, two more cases where a Python keyword is not used properly.

Missing Parentheses, Brackets, and QuotesFive examples taken from the Real Python article offered without additional comments.

Mistaking Dictionary Syntax
Using the Wrong IndentationReal Python gives many examples. They would all be handled correctly by Friendly-traceback in a similar way as the single example we decided to use for this post.

Defining and Calling Functions

Changing Python Versions

Friendly-traceback requires Python version 3.6 or newer. Not shown here is that it can recognize that the walrus operator, :=, is not valid before Python version 3.8 and give an appropriate message.

Last example: TypeError result of a syntax error.Let's look at the last example in the Real Python article.

The explanation given by Friendly-traceback might seem weird "the object (1, 2) was meant to be a function ...".  Often one might have assigned a name to that object, which leads to an explanation that should be seen as more reasonable.

The explanation of looking for a "missing comma" when this TypeError is raised was actually added following a suggestion by S. de Menten in the recent contest I held for Friendly-traceback.
There is more ...Friendly-traceback includes many more cases that those shown above and mentioned in the Real Python article. However, it is limited in that it can only identify the cause of syntax errors there is a single word or symbol used incorrectly or if the error message provided by Python is more informative than the dreaded SyntaxError: invalid syntax.
Categories: FLOSS Project Planets

Web Review, Week 2021-08

Planet KDE - Sat, 2021-02-27 04:12

Let’s go for my web review for the week 2021-08.

La CNIL avertit un club de foot : il ne faut pas faire n’importe quoi avec la reconnaissance faciale

Tags: tech, ai, facial-recognition

Article in French

Clearly the use of facial recognition will soon be out of control if even soccer clubs need to be reminded to drastically limit its use.


XSL Transformations (XSLT) Version 3.0

Tags: tech, xslt, json

This new version supports JSON. Looks like learning XSLT wasn’t completely a waste then. :-)


Patterns, Predictions, and Actions

Tags: tech, ai, machine-learning

Looks like an interesting book (didn’t read it yet, would love an epub version out of the box) about AI and machine learning.


Plus de 400.000 données de patients français vendus dans le blackmarket

Tags: leak

Article in French

Large leak of health data from french patients found on the blackmarket… The source of the leak is still being investigated.


faster isn’t better

Tags: tech, apple, vendor-lockin

Interesting analysis showing how the M1 SoC from Apple is really a good way for them to close and control their desktop ecosystem even more than before. In my opinion, if you care even one bit about your personal freedom you should likely stay away from this ecosystem.


How Popperian falsification enabled the rise of neoliberalism – Charlotte Sleigh | Aeon Essays

Tags: science, epistemology, popper, ethics, politics

This is an excellent reminder on how the Popperian falsification came to be and how weak it is. More surprising are the ethics and politics ramifications of it and how they got used.


La technopolice aux frontières – La Quadrature du Net

Tags: surveillance

Article in French

Or why our world is more and more looking like a bad dystopian sci-fi movie… EU now funding drone swarms for border control…


Martin Heinz - Advanced Git Features You Didn’t Know You Needed

Tags: tech, git

Very nice set of tip and tricks for git. Quite a few are probably known to the more advanced users but still there might be one or two for everyone’s taste.


Build smaller, faster, and more secure desktop applications with a web frontend | Tauri Studio

Tags: tech, rust, rich-client, npm, web

Still a young project but that looks like an interesting approach. At least it would make for much smaller bundles than Electron while still enabling the same type of uses. I still have slight concerns about the complexity involved because of all the layers or how much memory this can consume (akin to Electron). Let’s wait and see how it evolves.


How they SRE (Site Reliability Engineering)

Tags: tech, production, reliability, devops, monitoring, performance

Obviously didn’t read it all but this is a very large knowledge repository of practices from many companies one can get inspired by to work on Site Reliability Engineering. It is especially comprehensive since it’s not only about technical tips but also deals with hiring, team building and culture (which is almost as important if not more).


Four fours – Sentiers Media

Tags: productivity, sustainability

This is an interesting approach to ensure at sustainable productivity through the year. It covers different rhythms as it should: daily, weekly, yearly. If you read between the lines you can tell it tries quite hard at keeping stress at bay. I think I’ll even try to apply some of that with my own adaptations (it’s not strict rules more like guidelines, clearly needs to be adapted to your job, for instance “only” 4 hours of knowledge work per day would feel low in my context).


Perseverance Rover’s Descent and Touchdown on Mars (Official NASA Video) - YouTube

Tags: science, nasa, mars

I almost had tears in my eyes watching this. I think it’s amazing to have for the first time such beautiful footage of a rover descent and to see such nice videos of the Mars surface. It’s just a great feat from NASA.


Unspash : des photos haute résolution qui pèsent lourd - Green IT

Tags: tech, design, green-it, ecology

Article in French

Interesting example (Unsplash as case study) on how simple design changes can greatly impact the ecological footprint of a service.


Marie-Cécile Godwin :« les usages prévalent sur tout » – Framablog

Tags: tech, design, free-software

Article in French

Great interview from one of the designers very involved with Framasoft. She’s doing an excellent job at framing what UX design really is and highlighting some of the problems in the Free Software community.


Anxious feelings about optimisation through complexity

Tags: tech, complexity, optimization, emergence

Interesting take on optimisation and complexity… Indeed it’s probably best to not use the latter to achieve the former otherwise that complexity can never be removed anymore.


Bye for now!

Categories: FLOSS Project Planets

Fabio Zadrozny: PyDev 8.2.0 released (external linters, Flake8, path mappings, ...)

Planet Python - Sat, 2021-02-27 00:44

 PyDev 8.2.0 is now available for download.

This release has many improvements for dealing with external linters.

The main ones are the inclusion of support for the Flake8 linter as well as using a single linter call for analyzing a directory, so, that should be much faster now (previously it called external linters once for each file) .

Note: to request code analysis for all the contents below a folder, right-click it and choose PyDev > Code analysis:

Another change is that comments are now added to the line indentation... 

This means that some code as:

def method():
if True:

Will become:

def method():
# if True:
# pass

p.s.: it's possible to revert to the old behavior by changing the preferences at PyDev > Editor > Code Style > Comments. 

Also note that after some feedback, on the next release an option to format such as the code below will also be added (and will probably be made the default):

def method():
# if True:
# pass

Interpreter configuration also got a revamp:

So, it's possible to set a given interpreter to be the default one and if you work with conda, select Choose from Conda to select one of your conda environments and configure it in PyDev.

Path mappings for remote debugging can now (finally) be configured from within PyDev itself, so, changing environment variables is no longer needed for that:


Note that Add path mappings template entry may be clicked multiple times to add multiple entries.

That's it... More details may be found at: http://pydev.org.

Hope you enjoy the release ?

Categories: FLOSS Project Planets

This week in KDE: a little bit of everything

Planet KDE - Sat, 2021-02-27 00:14

Fixing up Plasma 5.21 continues, and we also did a lot of UI polishing this week:

New Features

A Task manager can now be configured to not cause its hidden panel to become visible when one of its apps or tasks receives a “needs attention” status (Michael Moon, Plasma 5.22)

You can now apply global themes, color schemes, cursor themes, plasma themes, and wallpapers from the command-line, using some fancy new CLI tools with names like plasma-apply-colorscheme (Dan Leinir Turthra Jensen, Plasma 5.22)

KDE apps now support the HEIF and HEIC image formats (Daniel Novomeský, Frameworks 5.80)

Bugfixes & Performance Improvements

Spectacle’s compression quality setting can now be set to 100% (Natsumi Higa, Spectacle 20.12.3)

Having kio-fuse installed no longer breaks KRunner’s ability to display man: and info: URLs in your web browser (Fabian Vogt, kio-fuse 5.0.1)

The KWin window manager no longer sometimes crashes in the Plasma Wayland session when you copy something in an XWayland app and immediately paste it in a native Wayland app (Jan Blackquill, Plasma 5.21.1)

Plasma no longer sometimes crashes when closing the Audio Volume applet (David Edmundson, Plasma 5.21.1)

The new Plasma System Monitor app no longer crashes on close when a custom page was open (David Redondo, Plasma 5.21.1)

System Settings no longer crashes when you open and close the new Firewall page twice (Tomaz Canabrava, Plasma 5.21.1)

KRunner can once again execute executable script files (Alexander Lohnau, Plasma 5.21.1)

You can once again delete or disable unwanted fonts from the System Settings Font Management page (David Edmundson, Plasma 5.21.1)

The Network Speed widget finally finally finally works again! (David Redondo, Plasma 5.21.1)

The screen selection OSD once again works with keyboard navigation (Nicolas Fella, Plasma 5.21.1)

The Lock/Logout applet can once again be configured to not show the “Shut Down” action (David Edmundson, Plasma 5.21.1)

The headers on System Settings pages are now horizontally aligned with the header over the sidebar (Ismael Asensio, Plasma 5.21.1)

Scrolling all the way to the bottom of any app list in Discover no longer causes a spurious “Loading more stuff…” indicator to appear at the bottom (Aleix Pol Gonzalez, Plasma 5.21.1)

Key repeat is really actually finally re-enabled by default again now. Sorry about this. (Jan Blackquill and David Edmundson, Plasma 5.21.2)

System Settings no longer crashes when clearing the history from the Activities page (David Edmundson, Plasma 5.21.2)

Screens in the System Settings Display Configuration page are once again draggable (Marco Martin, Plasma 5.21.2)

In the System Settings Icons page, the bottom row of buttons now moves buttons that can’t fit into the available space into an overflow menu, which is useful on Plasma Mobile in particular (Dan Leinir Turthra Jensen, Plasma 5.21.2):


Kickoff’s section headers which consist of more than just a single letter are no longer all caps (sorry for causing this regression) (Mikel Johnson, Plasma 5.21.2)

System Tray icons in very very thin panels should no longer be slightly blurry (Niccolò Venerandi, Plasma 5.21.2)

Virtual keyboards no longer cover Plasma panels when they’re visible (Aleix Pol Gonzalez, Plasma 5.22)

Renaming an image file to have the same name that another also-renamed file used to have no longer causes the newly-renamed file to display the wrong thumbnail (Méven Car, Frameworks 5.80)

The Baloo file indexer no longer tries to index Ninja build files (Peter Eszalri, Frameworks 5.80)

Closing a “Get new [thing]” window no longer causes the view in the window that created it to scroll up to the top, if it was scrolled to a different position (Dan Leinir Turthra Jensen, Frameworks 5.80)

In the “Get new [thing]” dialogs, the icon in the top-left corner of each item indicating its status (installed, updatable, etc) no longer gets slightly cut off on the left side (Dan Leinir Turthra Jensen, Frameworks 5.80)

User Interface Improvements

NeoChat 1.1 is out with tons and tone of improvements! Sorry I haven’t been keeping up with them here. You can see it all over at Carl’s blog.

Konsole’s text reflow feature now works better for users of the zsh shell (Carlos Alves, Konsole 21.04)

Dolphin is now a bit faster to display thumbnail previews (Méven Car, Dolphin 21.04)

When using a color scheme without Header colors (e.g. the old Breeze color scheme), a line is no longer drawn between an app’s toolbar and the main content area (Various people, Plasma 5.21.1)

GTK headerbar apps now display minimize/maximize/etc buttons that match the rest of your apps even when you’re using an Aurorae window decoration theme (Alois Wohlschlager, Plasma 5.21.2)

Discover’s search for Flatpak apps now more heavily weights title matches and higher user ratings (Aleix Pol Gonzales, Plasma 5.22):

Discover now makes it clearer in the search and browse lists when an app comes from a non-default backend (Aleix Pol Gonzalez and me: Nate Graham, Plasma 5.22):

Discover’s compact/mobile view now makes it clear on the home page when there are updates available (Dan Leinir Turthra Jensen, Plasma 5.22):

When there is only one audio device available, you can hover your cursor over its generic name in the Plasma Audio Volume applet to see its full name, just in case you forgot which device was connected (me: Nate Graham, Plasma 5.22):


Notifications that inform you of some kind of file operation with a known destination URL now always display an “Open containing folder” button (Kai Uwe Broulik, Plasma 5.22)

Spinboxes in QML-based software will now send newly-changed values to the app immediately rather than requiring that you hit the return/enter key or de-focus the control (David Redondo, Frameworks 5.80)

When a sidebar is collapsed in a Kirigami app, that app’s toolbar content now moves with buttery smoothness (Marco Martin, Frameworks 5.80)

Web presence

Carl Schwan overhauled api.kde.org and online Kirigami documentation: https://carlschwan.eu/2021/02/26/documentation-improvements-in-kde/

Niccolò Venerandi published video number three in his video series about how to make a Plasma theme:

How You Can Help

Have a look at https://community.kde.org/Get_Involved to discover ways to be part of a project that really matters. Each contributor makes a huge difference in KDE; you are not a number or a cog in a machine! You don’t have to already be a programmer, either. I wasn’t when I got started. Try it, you’ll like it! We don’t bite!

Finally, consider making a tax-deductible donation to the KDE e.V. foundation.

Categories: FLOSS Project Planets