Feeds

The PSF received an open letter asking us, amongst other things, to look into some of our recent grant decisions and make recommendations to the PSF Board for improving the Grants Program. We contracted Carol Willing, of Willing Consulting, to do this work in the form of a retrospective. Carol’s scope included reading through mailing lists, examining Board and Grants Working group norms, creating a comprehensive timeline, conducting interviews, documenting findings, and offering recommendations for the future.

In the retrospective Willing contextualizes the PSF Grants Program as part of the work of a non-profit with a charitable mission, incorporating research on best practices and effective governance. The full text of the DjangoCon Africa Grant Process Retrospective is now available.  We are eager to explore the suggestions made in the retrospective and respond to community feedback.
 

 

This retrospective is just one step in our process to ensure the PSF Grants Program is responsive, transparent, and more approachable. We also recently started hosting PSF Grants Program Office Hours. The office hours are a text-only chat-based session hosted on the Python Software Foundation Discord at 1-2PM UTC (9AM Eastern) on the third Tuesday of the month. (Check what time that is for you.)  We look forward to sharing more of our progress as we continue to enhance and improve the PSF Grants Program. 

 

Last week I attended this year’s FOSSGIS Konferenz in Hamburg, Germany, focusing especially on topics around indoor navigation and public transport.

Photo by FOSSGIS e.V., CC-BY-SA Indoor Navigation

Tobias Knerr and I hosted an Indoor OSM user meeting which was mainly intended for connecting people working on various aspects of that subject. We ended up overrunning our timeslot by 40 minutes until we were kicked out of the room, I count that as a success.

For continuing this, there’s the quarterly OSM indoor online meetup on June 5th at 18:00 CEST.

Particularly interesting topics for me:

• The multi-floor route visualization and routing profile configuration approaches from the OPENER next team. Their focus is also train stations, so there is a lot of inspiration for KDE Itinerary there.
• Getting the latest update from indoor localization research. Besides Wi-Fi, Bluetooth, UWP, Lidar and IMU-based approaches there’s now also a project using optical SLAM (which is interesting as it doesn’t need special hardware), but much of this isn’t available as FOSS (yet) unfortunately.
• Seeing the progress on the BIM to OSM conversion work and subsequent discussions with train station operators on what it would take to provide/publish (partial) BIM data.

And just because this is called “indoor” data doesn’t mean there is no field work involved. With Hamburg being by far not as flat as one might think, both the venue itself and the nearby city provided some nice examples for tricky to model and visualize vertical structures, which helps a lot with the otherwise often very abstract discussions on how to best represent this in OSM.

• The TUHH campus is built into a hillside, with ground-level entrance on one side being several floors below those on the other side, which makes visualizing the surroundings tricky.
• Hamburg Harburg station is seamlessly connected to a two-story outside pedestrian area, which challenges the current definition of OSM’s level tag.
• The southerns concourse of Hamburg central station is a slightly inclined area starting on the ground floor on the eastern side but connecting to an underground area on the western side. Both our visualization and our router get utterly confused by this at the moment, having seen this myself in person I now at least understand why.
• And if that wouldn’t be enough already, the Landungsbrücken subway/rapid transit station basically combines all of the above.

Public Transport

The other set of topics I was especially interested in was anything regarding public transport and routing, as that could be relevant for Transitous.

• Contact with the openrouteservice team, as we are still missing an OSM router for Transitous to enable full intermodal routing in MOTIS.
• Multiple talks and sessions about improving bike routing, covering OSM-based cycleway quality data analysis and ways on how such data could be used in routing. While we don’t have any (bike) routing in Transitous at all yet, this shows what future expectations for this might look like.
• Research on public transport connectivity, needing higher quality GTFS data as well.

There were also a few opportunities to promote the Open Transport Meetup, to connect more people working in that area as well.

Public administration and Open Data

There increasing regulation requiring public administration to publish data unless there’s a valid reason against that. That’s great of course, but it’s not enough. Data needs to be available in standardized formats and automatically discoverable as well.

A city publishing the location of their street lamps as a spreadsheet is just the first step. It’s of little help as such if for example your usecase is taking lighting into account when doing nighttime pedestrian routing. City- or region-specific apps are not the solution for this, that doesn’t scale and isn’t sustainable.

Instead such information would ideally be jointly maintained in globally unified database, such as OSM or Wikidata. That would also help with the data quality issues often found in official datasets, as lacking a way to upstream fixes also limits their value.

Public administration and Free Software

One of the ideas behind the eco-certifying KDE software was that eco-certification is an established procurement criteria in the public sector for many other products already. Therefore I was happy to see KDE’s Okular mentioned in a panel discussion on public procurement as the first Blue Angel certified application (without anyone from KDE being on that panel).

Another noteworthy aspect for me here was for the first time seeing someone from the public administration questioning the Github monopoly and the risks involved with that. For organisations like KDE and GNOME who run their own infrastructure for exactly that reason this isn’t news, but outside of that bubble this is rarely something people are even aware of.

Conference

And of course I can’t attend a conference without looking for ideas to “steal” for KDE’s Akademy:

• As part of signing up for the event attendees got two 20% discount vouchers for Deutsche Bahn for travel to/from the event (and unlike similar offers at other events those actually applied on top of all other discounts). I yet have to figure out how to obtain that as an event organizer, with Akademy in Germany this year that is of course particularly interesting.
• Lanyards and name badge holders were collected at the end for reuse at the next event.
• Talks were streamed and chat input was considered during the Q&A part as it’s common at many events by now. For BoFs/meetings there was new equipment though which seemed to fare much better in the typical university seminar rooms, “Meeting Owl”. Those seem significantly more expensive than the Jabra conference microphones we used previously though.

Cross-community collaboration

In a session about marketing/promotion of OSM Maik said something along the lines of “we are seen every day in Germany’s prime time news broadcast, yet hardly anyone knows who we are”, which is not much different from the situation for KDE. Our code is in the majority of web browsers, yet hardly anyone using those knows about us. Similarly, the discussion about sustainable funding and moving towards hiring people seemed very familiar.

And there’s likely even more subjects that affect OSM, KDE and any other FOSS/Open Data organisation of that scale, where all of us might benefit from more knowledge exchange and collaboration. Probably also something to discuss after congratulating our friends at GNOME for their new release at next week’s release event in Berlin :)

syncoid to TrueNAS In my homelab, I have 2 NAS systems: Linux (Debian) TrueNAS Core (based on FreeBSD) On my Linux box, I use Jim Salter’s sanoid to periodically take snapshots of my ZFS pool. I also want to have a proper backup of the whole pool, so I use syncoid to transfer those snapshots to another machine. Sanoid itself is responsible only for taking new snapshots and pruning old ones you no longer care about.

Marknote, KDE's WYSIWYG note-taking application, is finally ready for it's first release. Marknote lets you create rich text notes and easily organise them into notebooks. You can personalise your notebooks by choosing an icon and accent color for each one, making it easy to distinguish between them and keep your notes at your fingertips.

Security Developer-in-Residence Weekly Report #32 About • Blog • Newsletter • Links Security Developer-in-Residence Weekly Report #32

Published 2024-03-29 by Seth Larson
Reading time: minutes

This critical role would not be possible without funding from the Alpha-Omega project. Massive thank-you to Alpha-Omega for investing in the security of the Python ecosystem!

Returned from my vacation this week and have gotten things back in order heading into April. This report covers what's happened since the first week of March.

CISA Open Source Summit

I attended the Open Source Security summit hosted by CISA in early March. The event was attended by many other open source ecosystems. The summit focused on strengthening the security of open source infrastructure like package repositories.

The Principles for Package Repository Security document was a top point of discussion. This document provides a roadmap for other package repositories to prioritize security work into discrete projects and all examples have prior art that can be learned from other package repositories (such as Trusted Publishers for PyPI).

The summit also discussed the available resources and challenges between the public sector and open source software and a tabletop exercise between package repositories, the public sector, and open source maintainers and users.

Google Summer of Code 2024

Google Summer of Code is open now and there are many available ideas for Python including one that I submitted with Dustin Ingram on adopting the OpenSSF Hardened Compiler Options for C/C++ for CPython. The task description is:

• There's already a list of compiler option candidates to adopt, use that as the initial list.
• Do some performance evaluation for how each compiler option affects performance (using CPython's existing performance suite). Report back on the performance impact of enabling each option.
• Implement a small custom tool (proposed in the existing issue) that allows ignoring existing violations of compiler options while preventing future violations.
• At this point we've achieved a lot of value, all future CPython contributions will have these compiler options applied.
• After the tooling is integrated, fill the rest of the project time by remediating known issues.

Applications are due by April 2nd, 2024 so if you're interested in working on this idea act quickly to prepare your application. I've already received some interest and have been providing some guidance to potential applicants.

Speaking and Tabletop Exercise participant at SOSS Community Day NA

I'm speaking at the OpenSSF SOSS Community Day in Seattle on April 15th. I'm also a participant in the Tabletop Exercise that caps off SOSS Community Day.

Other items

• CPython source and documentation builds moved to GitHub Actions thanks to Developer-in-Residence Łukasz Langa for reviewing and dry-running the GitHub Action during the most recent CPython release.
• Security advisories for CVE-2023-6597 and CVE-2024-0450 were published while I was away by Ee Durbin.
• CPython 3.13.0a5 is released containing some changes to default certificate verification behavior. Please test the latest CPython alpha releases for 3.13!
• Reviewed Brett Cannon's lock file pre-PEP to ensure package URLs and SBOMs can be constructed reliably and for future changes to checksum algorithms.
• I'll be blogging for the Python Language Summit at PyCon US 2024.

That's all for this week! 👋 If you're interested in more you can read last week's report.

Thanks for reading! ♡ Did you find this article helpful and want more content like it? Get notified of new posts by subscribing to the RSS feed or the email newsletter.

This work is licensed under CC BY-SA 4.0

The diffoscope maintainers are pleased to announce the release of diffoscope version 262. This version includes the following changes:

[ Chris Lamb ] * Factor out Python version checking in test_zip.py. (Re: #362) * Also skip some zip tests under 3.10.14 as well; a potential regression may have been backported to the 3.10.x series. The underlying cause is still to be investigated. (Re: #362)

You find out more by visiting the project homepage.

Turns out that VPS provider Vultr's terms of service were quietly changed some time ago to give them a "perpetual, irrevocable" license to use content hosted there in any way, including modifying it and commercializing it "for purposes of providing the Services to you."

This is very similar to changes that Github made to their TOS in 2017. Since then, Github has been rebranded as "The world’s leading AI-powered developer platform". The language in their TOS now clearly lets them use content stored in Github for training AI. (Probably this is their second line of defense if the current attempt to legitimise copyright laundering via generative AI fails.)

Vultr is currently in damage control mode, accusing their concerned customers of spreading "conspiracy theories" (-- founder David Aninowsky) and updating the TOS to remove some of the problem language. Although it still allows them to "make derivative works", so could still allow their AI division to scrape VPS images for training data.

Vultr claims this was the legalese version of technical debt, that it only ever applied to posts in a forum (not supported by the actual TOS language) and basically that they and their lawyers are incompetant but not malicious.

Maybe they are indeed incompetant. But even if I give them the benefit of the doubt, I expect that many other VPS providers, especially ones targeting non-corporate customers, are watching this closely. If Vultr is not significantly harmed by customers jumping ship, if the latest TOS change is accepted as good enough, then other VPS providers will know that they can try this TOS trick too. If Vultr's AI division does well, others will wonder to what extent it is due to having all this juicy training data.

For small self-hosters, this seems like a good time to make sure you're using a VPS provider you can actually trust to not be eyeing your disk image and salivating at the thought of stripmining it for decades of emails. Probably also worth thinking about moving to bare metal hardware, perhaps hosted at home.

I wonder if this will finally make it worthwhile to mess around with VPS TPMs?

Personal:

As many of you know, I lost my beloved son March 9th. This has hit me really hard, but I am staying strong and holding on to all the wonderful memories I have. He grew up to be an amazing man, devoted christian and wonderful father. He was loved by everyone who knew him and will be truly missed by us all. I have had folks ask me how they can help. He left behind his 7 year old son Mason. Mason was Billy’s world and I would like to make sure Mason is taken care of. I have set up a gofundme for Mason and all proceeds will go to the future care of him.

https://gofund.me/25dbff0c

Work report

Kubuntu:

Bug bashing! I am triaging allthebugs for Plasma which can be seen here:

https://bugs.launchpad.net/plasma-5.27/+bug/2053125

I am happy to report many of the remaining bugs have been fixed in the latest bug fix release 5.27.11.

I prepared https://kde.org/announcements/plasma/5/5.27.11/ and Rik uploaded to archive, thank you. Unfortunately, this and several other key fixes are stuck in transition do to the time_t64 transition, which you can read about here: https://wiki.debian.org/ReleaseGoals/64bit-time . It is the biggest transition in Debian/Ubuntu history and it couldn’t come at a worst time. We are aware our ISO installer is currently broken, calamares is one of those things stuck in this transition. There is a workaround in the comments of the bug report: https://bugs.launchpad.net/ubuntu/+source/calamares/+bug/2054795

Fixed an issue with plasma-welcome.

Found the fix for emojis and Aaron has kindly moved this forward with the fontconfig maintainer. Thanks!

I have received an https://kfocus.org/spec/spec-ir14.html laptop and it is truly a great machine and is now my daily driver. A big thank you to the Kfocus team! I can’t wait to show it off at https://linuxfestnorthwest.org/.

KDE Snaps:

You will see the activity in this ramp back up as the KDEneon Core project is finally a go! I will participate in the project with part time status and get everyone in the Enokia team up to speed with my snap knowledge, help prepare the qt6/kf6 transition, package plasma, and most importantly I will focus on documentation for future contributors.

I have created the ( now split ) qt6 with KDE patchset support and KDE frameworks 6 SDK and runtime snaps. I have made the kde-neon-6 extension and the PR is in: https://github.com/canonical/snapcraft/pull/4698 . Future work on the extension will include multiple versions track support and core24 support.

I have successfully created our first qt6/kf6 snap ark. They will show showing up in the store once all the required bits have been merged and published.

Thank you for stopping by.

~Scarlett

Personal:

As many of you know, I lost my beloved son March 9th. This has hit me really hard, but I am staying strong and holding on to all the wonderful memories I have. He grew up to be an amazing man, devoted christian and wonderful father. He was loved by everyone who knew him and will be truly missed by us all. I have had folks ask me how they can help. He left behind his 7 year old son Mason. Mason was Billy’s world and I would like to make sure Mason is taken care of. I have set up a gofundme for Mason and all proceeds will go to the future care of him.

https://gofund.me/25dbff0c

Work report

Kubuntu:

Bug bashing! I am triaging allthebugs for Plasma which can be seen here:

https://bugs.launchpad.net/plasma-5.27/+bug/2053125

I am happy to report many of the remaining bugs have been fixed in the latest bug fix release 5.27.11.

I prepared https://kde.org/announcements/plasma/5/5.27.11/ and Rik uploaded to archive, thank you. Unfortunately, this and several other key fixes are stuck in transition do to the time_t64 transition, which you can read about here: https://wiki.debian.org/ReleaseGoals/64bit-time . It is the biggest transition in Debian/Ubuntu history and it couldn’t come at a worst time. We are aware our ISO installer is currently broken, calamares is one of those things stuck in this transition. There is a workaround in the comments of the bug report: https://bugs.launchpad.net/ubuntu/+source/calamares/+bug/2054795

Fixed an issue with plasma-welcome.

Found the fix for emojis and Aaron has kindly moved this forward with the fontconfig maintainer. Thanks!

I have received an https://kfocus.org/spec/spec-ir14.html laptop and it is truly a great machine and is now my daily driver. A big thank you to the Kfocus team! I can’t wait to show it off at https://linuxfestnorthwest.org/.

KDE Snaps:

You will see the activity in this ramp back up as the KDEneon Core project is finally a go! I will participate in the project with part time status and get everyone in the Enokia team up to speed with my snap knowledge, help prepare the qt6/kf6 transition, package plasma, and most importantly I will focus on documentation for future contributors.

I have created the ( now split ) qt6 with KDE patchset support and KDE frameworks 6 SDK and runtime snaps. I have made the kde-neon-6 extension and the PR is in: https://github.com/canonical/snapcraft/pull/4698 . Future work on the extension will include multiple versions track support and core24 support.

I have successfully created our first qt6/kf6 snap ark. They will show showing up in the store once all the required bits have been merged and published.

Thank you for stopping by.

~Scarlett

This is to announce coreutils-9.5, a stable release.
See the NEWS below for a summary of changes.

There have been 187 commits by 18 people in the 30 weeks since 9.4.
Thanks to everyone who has contributed!
The following people contributed changes to this release:

  Aearil (1)                      Petr Malat (1)
  Bruno Haible (3)                Pádraig Brady (75)
  Christian Göttsche (1)          Samuel Tardieu (1)
  Collin Funk (4)                 Stephane Chazelas (1)
  Daan De Meyer (1)               Stephen Kitt (1)
  Greg Wooledge (1)               Sylvestre Ledru (3)
  Grisha Levit (2)                Ville Skyttä (1)
  Michel Lind (1)                 dann frazier (1)
  Paul Eggert (89)                lvgenggeng (1)

Pádraig [on behalf of the coreutils maintainers]
==================================================================

Here is the GNU coreutils home page:
    https://gnu.org/s/coreutils/

For a summary of changes and contributors, see:
  https://git.sv.gnu.org/gitweb/?p=coreutils.git;a=shortlog;h=v9.5
or run this command from a git-cloned coreutils directory:
  git shortlog v9.4..v9.5

Here are the compressed sources:
  https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.gz   (15MB)
  https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.xz   (5.8MB)

Here are the GPG detached signatures:
  https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.gz.sig
  https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.xz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

Here are the SHA1 and SHA256 checksums:

  3285114d93b39e5e4643b0846f570203a5e4c97b  coreutils-9.5.tar.gz
  dnrmoilQ7ELzul98Heed0ngA7o6bhkLaXe21l0oXQeU=  coreutils-9.5.tar.gz
  867fed7ce2ee15c5150a355a5f3a3b50578cf78d  coreutils-9.5.tar.xz
  zTKO3qyS9qZl3p8yPJO3Eq8YWLwuDYjz9xAEaUcKG4o=  coreutils-9.5.tar.xz

Verify the base64 SHA256 checksum with cksum -a sha256 --check
from coreutils-9.2 or OpenBSD's cksum since 2007.

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify coreutils-9.5.tar.gz.sig

The signature should match the fingerprint of the following key:

  pub   rsa4096/0xDF6FD971306037D9 2011-09-23 [SC]
        Key fingerprint = 6C37 DC12 121A 5006 BC1D  B804 DF6F D971 3060 37D9
  uid                   [ultimate] Pádraig Brady <P@draigBrady.com>
  uid                   [ultimate] Pádraig Brady <pixelbeat@gnu.org>

If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the 'gpg --verify' command.

  gpg --locate-external-key P@draigBrady.com

  gpg --recv-keys DF6FD971306037D9

  wget -q -O- 'https://savannah.gnu.org/project/release-gpgkeys.php?group=coreutils&download=1' | gpg --import -

As a last resort to find the key, you can try the official GNU
keyring:

  wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
  gpg --keyring gnu-keyring.gpg --verify coreutils-9.5.tar.gz.sig

This release was bootstrapped with the following tools:
  Autoconf 2.72c.32-cb6fb
  Automake 1.16.5
  Gnulib v0.1-7293-g259829e78b
  Bison 3.8.2

NEWS

* Noteworthy changes in release 9.5 (2024-03-28) [stable]

** Bug fixes

  chmod -R now avoids a race where an attacker may replace a traversed file
  with a symlink, causing chmod to operate on an unintended file.
  [This bug was present in "the beginning".]

  cp, mv, and install no longer issue spurious diagnostics like "failed
  to preserve ownership" when copying to GNU/Linux CIFS file systems.
  They do this by working around some Linux CIFS bugs.

  cp --no-preserve=mode will correctly maintain set-group-ID bits
  for created directories.  Previously on systems that didn't support ACLs,
  cp would have reset the set-group-ID bit on created directories.
  [bug introduced in coreutils-8.20]

  join and uniq now support multi-byte characters better.
  For example, 'join -tX' now works even if X is a multi-byte character,
  and both programs now treat multi-byte characters like U+3000
  IDEOGRAPHIC SPACE as blanks if the current locale treats them so.

  numfmt options like --suffix no longer have an arbitrary 127-byte limit.
  [bug introduced with numfmt in coreutils-8.21]

  mktemp with --suffix now better diagnoses templates with too few X's.
  Previously it conflated the insignificant --suffix in the error.
  [bug introduced in coreutils-8.1]

  sort again handles thousands grouping characters in single-byte locales
  where the grouping character is greater than CHAR_MAX.  For e.g. signed
  character platforms with a 0xA0 (aka &nbsp) grouping character.
  [bug introduced in coreutils-9.1]

  split --line-bytes with a mixture of very long and short lines
  no longer overwrites the heap (CVE-2024-0684).
  [bug introduced in coreutils-9.2]

  tail no longer mishandles input from files in /proc and /sys file systems,
  on systems with a page size larger than the stdio BUFSIZ.
  [This bug was present in "the beginning".]

  timeout avoids a narrow race condition, where it might kill arbitrary
  processes after a failed process fork.
  [bug introduced with timeout in coreutils-7.0]

  timeout avoids a narrow race condition, where it might fail to
  kill monitored processes immediately after forking them.
  [bug introduced with timeout in coreutils-7.0]

  wc no longer fails to count unprintable characters as parts of words.
  [bug introduced in textutils-2.1]

** Changes in behavior

  base32 and base64 no longer require padding when decoding.
  Previously an error was given for non padded encoded data.

  base32 and base64 have improved detection of corrupted encodings.
  Previously encodings with non zero padding bits were accepted.

  basenc --base16 -d now supports lower case hexadecimal characters.
  Previously an error was given for lower case hex digits.

  cp --no-clobber, and mv -n no longer exit with failure status if
  existing files are encountered in the destination.  Instead they revert
  to the behavior from before v9.2, silently skipping existing files.

  ls --dired now implies long format output without hyperlinks enabled,
  and will take precedence over previously specified formats or hyperlink mode.

  numfmt will accept lowercase 'k' to indicate Kilo or Kibi units on input,
  and uses lowercase 'k' when outputting such units in '--to=si' mode.

  pinky no longer tries to canonicalize the user's login location by default,
  rather requiring the new --lookup option to enable this often slow feature.

  wc no longer ignores encoding errors when counting words.
  Instead, it treats them as non white space.

** New features

  chgrp now accepts the --from=OWNER:GROUP option to restrict changes to files
  with matching current OWNER and/or GROUP, as already supported by chown(1).

  chmod adds support for -h, -H,-L,-P, and --dereference options, providing
  more control over symlink handling.  This supports more secure handling of
  CLI arguments, and is more consistent with chown, and chmod on other systems.

  cp now accepts the --keep-directory-symlink option (like tar), to preserve
  and follow existing symlinks to directories in the destination.

  cp and mv now accept the --update=none-fail option, which is similar
  to the --no-clobber option, except that existing files are diagnosed,
  and the command exits with failure status if existing files.
  The -n,--no-clobber option is best avoided due to platform differences.

  env now accepts the -a,--argv0 option to override the zeroth argument
  of the command being executed.

  mv now accepts an --exchange option, which causes the source and
  destination to be exchanged.  It should be combined with
  --no-target-directory (-T) if the destination is a directory.
  The exchange is atomic if source and destination are on a single
  file system that supports atomic exchange; --exchange is not yet
  supported in other situations.

  od now supports printing IEEE half precision floating point with -t fH,
  or brain 16 bit floating point with -t fB, where supported by the compiler.

  tail now supports following multiple processes, with repeated --pid options.

** Improvements

  cp,mv,install,cat,split now read and write a minimum of 256KiB at a time.
  This was previously 128KiB and increasing to 256KiB was seen to increase
  throughput by 10-20% when reading cached files on modern systems.

  env,kill,timeout now support unnamed signals. kill(1) for example now
  supports sending such signals, and env(1) will list them appropriately.

  SELinux operations in file copy operations are now more efficient,
  avoiding unneeded MCS/MLS label translation.

  sort no longer dynamically links to libcrypto unless -R is used.
  This decreases startup overhead in the typical case.

  wc is now much faster in single-byte locales and somewhat faster in
  multi-byte locales.

Universities and colleges are faced with unique goals, challenges, and opportunities around digital transformation. We often hear from folks who want to reorient their higher education websites around attracting and nurturing potential new students. I recently shared insights on how to accomplish this at the 2023 HighEdWeb Conference in Buffalo, New York, where I co-presented with Winna Tse and Vibeke Silverthorne from OCAD University.

We showcased our collaboration on OCAD U’s Admissions sites—two visually bold, accessible, interactive microsites that we designed to captivate a creative audience and streamline the application process. OCAD U saw a 21% increase in website visits and a 15% increase in applicants within a few weeks of the launch.

In this article, I’ve shared some of our best lessons and findings from the project. Read on to explore six proven ways to reach, engage, and win over prospective students.

 

1. Consider Building a Separate Microsite

According to usability research, students often select a program first before they choose which school to attend. That means it’s really important to show prospective students what programs are available and make program pages easily accessible. Many websites successfully use a program finder on their main website to funnel prospective students to their program of choice. 

But because OCAD U had information architecture issues on its main site, we recommended replacing the old admissions section with two stand-alone microsites targeted at prospective students (one for graduates, one for undergraduates). This solution brought several advantages for OCAD U’s admissions team and the wider university, which we’ll explore below.  

Targeted user experience

By capturing prospective undergraduates on a self-contained microsite, OCAD U can deliver a highly tailored digital experience. Everything from the menu navigation to the visuals are geared towards users who’re considering studying at the university. OCAD U was so happy with this approach that they commissioned a second microsite aimed at prospective postgraduates.

Streamlined updates process

Originally, the admissions team had to ask the marketing team to make content changes. Every department did this, meaning it could take 2-3 weeks for requests to reach the top of the queue. This wasn’t practical for the fast-paced nature of admissions and recruitment.

A stand-alone microsite gives the admissions team greater ownership over their content. They can make changes in a single day, enabling them to publish time-sensitive content such as deadlines reminders.

Because the microsites are built using Drupal, the admissions team has access to a powerful user roles feature for managing editing permissions. This is one of many reasons to use Drupal for higher education websites.

Possibilities for experimentation

OCAD U’s admissions website created an opportunity to experiment with the visual brand and user experience. It offers more freedom and breathing room than the main website due to its size and age. What’s more, the university can learn from the admissions website and apply lessons from its successes to the main website. 

Alternative: Program Finder

A separate microsite was the right choice for OCAD U, but another strategy is using a program finder on both the main and recruitment site to funnel users towards detailed program pages. This approach is particularly effective for institutions with multiple campus websites, as it offers a versatile starting point for program exploration. For OCAD U, the decision to go with a microsite stemmed from a lack of flexibility with the information architecture on their main site, making a microsite the obvious choice. For other institutions, the program finder funnel solution might make more sense.

2. Create Straightforward User Journeys

Because you’re competing for the time and attention of prospective students, it’s all the more important that your website serves up the information they’re looking for quickly and effortlessly. The best way to achieve this is by mapping user journeys and working out how to streamline your site architecture, search experience, and calls to action.

User Journey Mapping

We ran a user journey mapping exercise with OCAD U where we developed user personas and explored the types of interactions they had with the university. This included everything from Googling the institution, to attending an open day, to completing an application form. The process helped us uncover new opportunities to improve their journey, and allowed us to start developing wireframes and mockups.

User Mindsets

Using a less traditional approach, we also explored user mindsets. Our team identified three mindsets that any prospective student might have—whether they’re a high schooler, undergraduate, mature student, or coming from abroad: 

1. “I don’t know what I want to study.”
2. “I want to study art and design, but I don’t know where yet.”
3. “I already know that I want to attend OCAD University.”

Looking into these mindsets with OCAD U helped us shape their site navigation and provide relevant, consistent CTAs. Their Discover section is aimed at the first mindset, the Afford and Visit sections at the second mindset, and the Apply section at the third mindset.

 

We helped OCAD U refine its program selectors and calls to action for a simpler user experience.

 

Want to learn more about the discovery and UX design in higher education projects? Read about our collaboration with York University’s School of the Arts, Media, Performance and Design in 5 Surprising Findings That’ll Change How You See Discovery.

3. Integrate Storytelling Throughout Your Content

Storytelling creates an emotional connection between users and your brand. The most powerful stories are authentic and value-based, showing target audiences that you care about what they care about. Storytelling isn’t just for your homepage either. Program pages are a common entry point for prospective students, so they need to promote your brand as well as the course details.

As an art, design, and media institution, OCAD U has incredible opportunities to use visual storytelling. We infused a range of student-created art throughout the university’s website. Not only does this elevate the design, it also showcases talent that reflects OCAD U’s reputation, and invites prospective students to imagine their own creative possibilities.

 

“We felt that [Evolving Web’s] aesthetic was very strong, that they could really adapt to our brand. Also, most importantly, was their thoughtful approach to storytelling.”

- Winna Tse, Communications & Projects Specialist, OCAD University 

 

Having worked with dozens of higher education institutions, our team has interviewed many prospective students about what matters to them. We’ve heard repeatedly about the importance of connecting with current students and alumni. Prospective students value hearing about real-life experiences at your university—in fact, it’s often a tipping point in their decision making process. So, don’t isolate student stories and testimonials in a corner of your website. Integrate them on every page to ensure exposure to your most persuasive content. 

 

We reimagined the application of OCAD U’s visual brand to create a striking website design. 
4. Fine-Tune Your Visual Brand

An eye-catching, memorable visual identity sets your university apart from competitors. Above all, it needs to resonate with your target audience. Building a new website is often a good opportunity to refresh your brand—but it’s possible to refine what you already have in a way that targets prospective students. 

Identify where your brand allows for flexibility, and experiment with different flavours of existing design elements. OCAD U wanted a bolder look and feel that reflects their reputation and meets the expectations of discerning young creatives. So we found ways to use their visual identity in new ways, bringing out more daring and fun aspects of the brand.

Our design team developed ‘Windows into OCAD U’, a concept that invites students to explore creative possibilities, escape the boring, and reimagine a more fantastical reality. We also used the distinctive architecture of OCAD U’s buildings as inspiration for textures and shapes, including tiled patterns, concentric squares, and boldly coloured buttons.

We communicated our vision to the client using stylescapes, a valuable tool for enhancing collaboration on art direction.

 

Stylescapes helped us communicate design ideas and get early alignment on the visual direction of the project. 
5. Help Prospective Students Apply with Confidence

If you want to increase applications from prospective students, it’s essential to make the admissions process as straightforward and welcoming as possible. A useful exercise is to identify major touchpoints in the user’s journey and find ways to provide better support and value around it. 

For OCAD U, this touchpoint was when prospective students prepared and submitted their portfolio. For other universities, it might be something like attending an open day or having an interview with faculty.

We helped OCAD U develop a dedicated page for portfolio preparation. It offers step-by-step guidance, information about requirements, creative prompts and tips, answers to common questions, and access to portfolio clinics. By providing these valuable resources, OCAD U saw an increase not only in the number of applications but also in their quality.

 

Portfolio submission is a unique aspect of OCAD U’s admissions process that required special attention.
6. Prioritize Accessibility and Inclusion 

Prospective students come from a wide range of cultures and backgrounds, and include people with disabilities and support needs. Higher education institutions need to prioritize accessibility and inclusion when building a website, ensuring that everyone has equal access to content and feels welcomed and represented.

Everything our team builds complies with WCAG 2.0 AA and relevant federal, provincial, state, or local requirements. But we encourage and guide clients to go beyond these standards with a human-centric, personalized approach to web accessibility. This can empower your organization to reach even more people and offer ever-better experiences.

It’s also important to represent your institution’s diversity into your site’s content strategy. Select website imagery that represents people of various cultures, races, ethnicities, religions, and so on that represent that diversity you would find on campus. Diversity can also mean highlighting different paths to success, such as showcasing someone who is a mature student that went to OCAD to start a second career. Prioritize plain language to help non-native speakers and users with cognitive disabilities to find the right information. Consider whether you need a multilingual website to cater to audiences such as international students.

Finally, explore ways to support prospective students from historically underserved communities. As a North American university, OCAD U has a dedicated section for indigenous applicants that provides tailored information about relevant resources, contacts, programs, scholarships and bursaries.

Meet Evolving Web, Your Digital Agency Partner

Evolving Web works with higher education organizations across North America—including Princeton University, McGill University, Georgia Tech, the University of Washington, OCAD University, Queen’s University, York University, and the University of California Berkeley.

Our experience has allowed us to develop best practices and tried-and-tested solutions that help us deliver exceptional value to our higher education clients. We create dynamic, user-centric websites to help you connect with target audiences and cultivate valuable relationships. Our team prioritizes your digital independence, giving you the tools you need to grow and evolve your digital presence.

Learn about our work with higher education clients and see what we can do for you. 

+ more awesome articles by Evolving Web

The presentation   Below is our summary of Dries' presentation. Drupal’s past Dries started Drupal when he was about 20 years old and studying at university. He built the system for himself and then open sourced it.  One key turning point early on was in 2002, when Dries reached out to Jeremy Andrews, the person behind KernelTrap, a kernel development blog. At the time, many websites fell victim to something called the Slashdot effect. Slashdot was so popular at the time that if your site was mentioned on Slashdot you’d get a massive spike of traffic and websites would often crash. Dries wrote to Jeremy and said that if he migrated his site Drupal it would never crash. He even offered Jeremy root access via email.

Efficient Token Usage in Drupal: Practical Tips and Examples Editor Thu, 03/28/2024 - 12:54

If you want hassle-free and efficient content generation and management, Drupal is the right choice. With several modules and tokens, it will help you create a dynamic and versatile data environment to cater to your audience’s needs and search engine guidelines. Lamborghini, Doctors Without Borders, and Nokia illustrate how applicable and productive this system is.
You must discover the solution’s features in more detail to get started and advance your content generation strategy. It will come in handy to lead your Drupal scenario from scratch to scratch without difficulty. Stay tuned to find out more about token implementation scenarios at your disposal. Mind the gap!

In this episode, we attacked the issue list. JourneyInbox is live and serving user and now it’s time to start polishing and building the full set of features. There are so many easy targets to fix that we focused on a few clear improvements to user experience and the user interface.

KEcoLab

Sustainability has been one of three goals at KDE over the past 2 years. One aspect of this goal is to measure the energy consumption of KDE software. To do this, it is necessary to access the lab in KDAB, Berlin, which can now be done remotely using KEcoLab.

Figure : Testing and debugging Okular scripts on a Virtual Machine host (image from Aakarsh MJ published under a CC-BY-4.0 license).

KEcoLab (remote-eco-lab) is a KDE Eco project aimed at enabling remote energy consumption measurements for your software using Gitlab's CI/CD pipeline. By automating the measurement process and integrating with the OSCAR statistics tool, developers can make informed decisions about improving code efficiency and obtain software eco-certification with the Blue Angel. This project came to being as part of GSoC 2023 under the mentorship of Volker Krause, Benson Muite, Nicolas Fella and Joseph P. De Veaugh-Geiss. Karanjot Singh is its original developer.

One of the main aims of Season of KDE 2024 is to integrate KEcoLab into Okular's pipeline. Okular is KDE's popular multi-platform PDF reader and universal document viewer. In 2022, Okular was awarded the Blue Angel ecolabel, the first ever eco-certified computer program. You can learn more about KDE Eco here and the process of measuring energy consumption in the KDE Eco handbook.

Deliverables Of The SoK24 Project

1. Integrate KEcoLab into Okular's pipeline.
2. Integrate KEcoLab's pipeline with E2E tests or integration tests.
3. Usage scenario scripts with KdeEcoTest.
4. Bug squashing.

I have been working together with Sarthak Negi for this Season of KDE.

Integrating KEcoLab Into Okular's Pipeline

As mentioned, the main aim for this mentorship is to integrate KEcoLab into Okular's pipeline. Okular, being a Blue Angel certified project, will benefit from having its energy consumption measured either for every release automatically or for specific merge requests via a manual trigger. In this way it is possible to track Okular's energy consumption and make necessary changes to adhere to Blue Angel specifications.

I have had discussions with the Okular team regarding the integration of KEcoLab into their pipeline. This was necessary to make sure that the new addition won't change their existing workflow rules, i.e., there would be no manual work required on their end to trigger the pipeline on every release. At the same time, we wanted to make sure it is possible to manually trigger the measurement process on a case-by-case basis. I'll go into further details below. The email exchange can be accessed here.

I have been testing the pipeline on a test-repo for the past few weeks, which can be accessed here.

The pipeline was tested for the following contexts:

1. Triggering KEcoLab's pipeline for energy measurement:

   a) using Web UI.

   b) pushing the tag through Git.

2. Pipeline runs on triggering it manually through the Web UI.

3. Pipeline does not run on merge request.

4. Prevent pipeline from running on every commit push.

The above was achieved by making use of a combination of GitLab's workflow: rules and GitLab's predefined CI/CD variables. There were several difficulties I faced during this time, notably preventing the pipeline from running on every release and rather restricting it to only major releases. During one of the monthly meetings, however, Volker thought this would not be necessary since there is only one release per month, i.e, for the time being it is not important to cherry pick the release candidates. As it is now, the measurement process will therefore be triggered on every release of Okular. This may change at a later date, and so I will document here some thoughts I had on how to this.

I initially thought about making use of a global variable which would be updated in the .pre stage depending on a comparison between the last and second-to-last tag to determine whether it's a major or minor release. This would be achieved by making use of a regex rule to identify the difference. The way this would work is by adding a rule under every job to check for the value of the variable. However, since the value wasn't persistent, I took a different approach by making use of artefacts which would contain the value required to determine if it's a major or a minor release version. When a measurement should be triggered, and when not, looks something like this:

• v1.8.3 -> v2.0.8 # Pipeline should run

• v2.2.3 -> v2.6.8 # Pipeline should not run

The code looked something like this:

check-major-version: stage: .pre image: alpine tags: - EcoLabWorker before_script: - echo "Checking for major version" script: - export PREV_COMMIT_TAG=$(git tag --sort=-v:refname | grep -A1 '$COMMIT_TAG' | tail -n 1) - export MAJOR_VERSION_CURRENT=$(echo $COMMIT_TAG | sed 's/v\([0-9]*\).*/\1/') - export MAJOR_VERSION_PREVIOUS=$(echo $PREV_COMMIT_TAG | sed 's/v\([0-9]*\).*/\1/') - if [ "$MAJOR_VERSION_CURRENT" == "$MAJOR_VERSION_PREVIOUS" ]; then IS_MAJOR_RELEASE="false" > release_info.env; fi artifacts: reports: dotenv: release_info.env

Once I started testing it, I realised that the value of the updated global variable did not persist across jobs. Therefore, using the variable to determine whether the job should run or not was not viable. Additionally, I realized that this approach would still cause the pipeline to run and in any case it would result in a failed pipeline if all the jobs did not run. Since we decided the measurement process can run on every release, I abandoned trying to implement this.

Currently the pipeline is being tested on my fork of Okular here. It's almost ready, we just need to add the test scripts under 'remote-eco-lab/scripts/test-scripts/org.kde.okular' for which this patch has been made.

Figure : Testing Okular in KEcolab (image from Aakarsh MJ published under a CC-BY-4.0 license). Bug Squashing

This includes the following:

Updating The Test Script To Comply With The Latest Kate Version (Issue !23)

Kate was one of the first application that KEcoLab had test scripts for. Even though we made use of as many shortcuts as possible, we were still using tabs to navigate around the user interface. This caused a problem: the previous script was made on Kate v21, and with Kate v24 being released the script needed to be updated accordingly. Also, testing the script across different distros highlighted a shortcoming of a bash-script approach: on Ubuntu the file was not being saved as intended, whereas on Fedora the file was being saved. In other words, small differences had potentially significant impacts which could make the script fail. In fact, it is one of the more fragile aspects of this approach to usage scenario scripting, which a semantics-based tool like Selenium doesn't have.

Figure : Testing Kate scripts on a Virtual Machine host (image from Aakarsh MJ published under a CC-BY-4.0 license). Helping Debug A Test Script On The Remote Lab PC (Issue !29)

There is a usage scenario script that is failing on the System Under Test. Worse yet, we do not know why and currently have no way to visually monitor the issue. This is a real pain point, mainly because we are unsure what may be the underlying problem. The script simulating user behavior doesn't seem to exit after completion, resulting in the lab being stuck in an endless loop. It is only exited when the GitLab runner times out. Since we don't yet have visual output of what is happening on the System Under Test, we are setting up a VNC to monitor what is happening. If anyone is interested in helping debug this, take a look at the remote eco lab job here. Also, check out the discussion at this issue regarding the visual monitoring of what is happening on the remote lab PC.

Figure : Testing scripts running remotely on the System Under Test in the measurement lab at KDAB, Berlin (image from Aakarsh MJ published under a CC-BY-4.0 license). Test Out And Update The SUS Scripts For Okular In The FEEP Repository (Issue !52)

This mainly involved testing the script and cross-checking everything works. In this case, the shortcuts defined at the very top weren't consistent with the shortcuts used by the script.

Looking To The Future Of KEcoLab

1. Usage scenario scripts with KdeEcoTest. Since KdeEcoTest now supports Wayland thanks to Athul Raj and runs on Windows thanks to Amartya Chakraborty, we can utilize this tool to further enhance the remote lab. The current bash scripts are based on xdotool, which only supports X11 and not Wayland and does not run on Windows. With Plasma 6 now supporting Wayland by default, and many KDE apps being available on Windows, including Okular, this seems to be the right next step for KEcoLab tooling.

2. Setting up a VNC to monitor scripts visually. The problems faced by us have put further emphasis on the need to be able to monitor what is or is not happening on the remote System Under Test. This was also previously considered. From Joseph's notes, based on work done by Nicolas Fella during one of the lab setup sprints, the following approach can be utilized:

# VNC/remote desktop access ## Server Install - apt install tigervnc-standalone-server - echo "kwin_x11 &" >> .vnc/xstartup - echo "konsole" >> .vnc/xstartup ## Start Server - tigervncserver -geometry 1920x1080 ## Client create SSH tunnel: - ssh -N -L 5900:localhost:5901 kde@INSERT_IP_HERE In VNC client, e.g. KRDC: - connect to localhost:5900 It will start a single Konsole window. Use this to start other stuff

If this doesn't work, we may want to reference x11vnc. If anyone has successfully setup VNC before, feel free to reach out as we would appreciate your help!

Interested in Contributing?

If you are interested in contributing to KEcoLab, you can join the matrix channels Energy Measurement Lab and KDE Energy Efficiency and introduce yourself. KEcoLab is hosted here. Thank you to Karan and Joseph as well as the whole KDE e.V. and the wonderful KDE community for helping out with this project. You can also reach out to me via email or on Matrix

We’re delighted to announce the first maintenance release of the 24.02 series, tackling regressions, bugs, and crashes. A big thank you to everyone who reported issues during this transition – keep up the great work!

Changelog

• Fix crash on group cut. Commit.
• Fix possible startup crash. Commit.
• Fix typo. Commit.
• Fix appstream release notes formatting. Commit.
• Add release notes to AppData. Commit.
• Fix: some sequence properties incorrectly saved, like subtitles list, timeline zone. Commit. Fixes bug #483516.
• Fix: Windows crash clicking fullscreen button. Commit. Fixes bug #483441.
• Fix: cannot revert letter spacing to 0 in title clips. Commit. Fixes bug #483710.
• Fix: font corruption on Qt6/Wayland. Commit.
• Fix: Fix pan timeline with middle mouse button. Commit. Fixes bug #483244.
• Minor cleanup. Commit.
• When file fails to open, display MLT’s warning to help debugging. Commit.
• Fix crash trying to recover a backup after opening a corrupted file. Commit.
• Fix multiple subtitles issues: several tracks not correctly saved, sequence copy not suplicating subs, crash on adding new subtitle track. Commit. Fixes bug #482434.
• Update file org.kde.kdenlive.appdata.xml. Commit.
• Update file org.kde.kdenlive.appdata.xml. Commit.
• Add .desktop file. Commit.
• Updated icons and appdata info for Flathub. Commit.
• Org.kde.kdenlive.appdata: Add developer_name. Commit.
• Org.kde.kdenlive.appdata.xml use https://bugs.kde.org/enter_bug.cgi?product=kdenlive. Commit.
• Fix bin thumbnails for missing clips have an incorrect aspect ratio. Commit.
• On sequence change, recursively update each sequence that embedded it. Commit. Fixes bug #482949.
• When using multiple timeline sequences, fix change in a sequence resulting in effect loss if the tab was not changed. Commit.
• Fix crash on spacer tool with grouped subtitle. Commit. Fixes bug #482510.
• Fix crash moving single item in a group. Commit.
• Block Qt5 MLT plugins in thumbnailer when building with Qt6. Commit. Fixes bug #482335.
• [CD] Disable Qt5 jobs. Commit.
• Don’t allow autosave when the document is closing. Commit.
• Fix deleting single item in a group not working. Commit.
• Fix moving a single item in a group with alt not always working and breaks on undo. Commit.
• Fix another case of clips with mixes allowed to resize over another clip, add tests. Commit.
• Fix adding a mix to an AV clit that already had a mix on one of its components moving existing mix. Commit.
• Fix typo. Commit.
• Fix for Qt6’s behavior change in QVariant::isNull() (fixes speech to text). Commit.
• Fix crash on invalid gradient data. Commit. Fixes bug #482134.
• Enforce proper styling for Qml dialogs. Commit.
• Fix incorrect Bin clip video usage count and initialization, spotted by Ondrej Popp. Commit.

The post Kdenlive 24.02.1 released appeared first on Kdenlive.

And That’s a Wrap

MidCamp has been and gone for 2024, and we couldn't have done it without our volunteers, organizers, contributors, venue hosts, sponsors, speakers, and of course, attendees for making this year's camp a success.

Replay the Fun

Find all of the sessions you missed, share your session around, and spread the word. Videos can be watched on the MidCamp YouTube channel (🔀 jump to the playlist) or on Drupal.tv.  Captions will follow within a couple of weeks.

Share Your Feedback

For those who joined us this year, please fill out our quick survey. We really value your feedback on any part of your camp experience, and our organizer team works hard to take as much of it as possible into account for next year.

Also, don’t forget to rate any sessions you attended (these can be found on each session node).

🥁…announcing... MidCamp 2025!

Mark your calendars now! We’ll be back at DePaul University for MidCamp 2025, March 20-21.

Explore other Upcoming Drupal Events

Need more Drupal Events to tide you over to next year? Head over to the Drupal Community Events page to check out what’s coming up in 2024.

One Last Thanks

MidCamp really wouldn't be possible without our amazing sponsors.

Consider adding your organization to the list next year. (2025 prospectus coming soon!)

Keep the madness going all year by joining in the MidCamp Slack We look forward to seeing you at MidCamp 2025. We’re also on Twitter and Mastodon.

Thanks!

The MidCamp Team

In celebration of International Women's Day, The DropTimes dedicates March to highlighting the influential women of the Drupal community. The second part of the "Women in Drupal" series, featuring insights from April Sides of Red Hat, Stephanie Bridges of Digital Polygon, Laura Johnson of Four Kitchens, Mary Blabaum of Acquia, Tiffany Farriss of Palantir, Jill Moraca of Princeton University, and Surabhi Gokte of Axelerant, emphasizes the importance of diversity, equity, and inclusion within technology and specifically within Drupal. Their stories cover overcoming imposter syndrome, the significance of representation, mentoring junior developers, and advocating for women's visibility and leadership roles. These leaders share their commitment to fostering a welcoming, supportive, and inclusive environment, reflecting Drupal's ongoing initiatives to inspire inclusion and celebrate the diverse contributions that women make to the community and the tech industry at large.

Authored by: Nadiia Nykolaichuk 

The administrative navigation toolbar is an essential piece in the puzzle of your website’s overall capability to boost website management tasks. It serves as the guiding compass for your team, leading them across the administrative sections quickly and confidently. To achieve this, the toolbar needs to be intuitive, visually clear, straightforward, logically organized, and well-positioned.

Small teaser:

Probably won't show up in aggregators (try this link instead).