Valhalla's Things: PDF planners 2024

Planet Debian - Tue, 2023-11-21 19:00
Posted on November 22, 2023

A few years ago I wrote a bit of code to generate a custom printable planner, precisely to my taste. And then I showed the result to other people, and added a few variants for their own tastes.

And I’ve just generated the first 2024 file (yes, this year I’m late with the printing and binding), and realized that it may be worth posting all the variants on this blog, in case somebody else is interested in using them.

The files with -book in the name have been imposed on A4 paper for a 16 pages signature. All of the fonts have been converted to paths, for ease of printing (yes, this means that customizing the font requires running the script, sorry).

A few planners in English:

The same planners, in Italian:

And finally a monthly planner with ephemerids for the town of Como (I mean, everybody everywhere needs one of those, right?); here the --book files are impressed for a 3 sheet (12 pages) signature.

I hereby release all the PDFs linked in this blog post under the CC0 license.

I’ve just realized that the git repository linked above does not have licensing information, but I’m not sure what’s the right thing to do, since it’s mostly a dump of unsupported works-for-me code, but if you need it for something (that is compatible with its unsupported status) other than running it for personal use (for which afaik there is an implicit license) let me know and I’ll push “decide on a license” higher on the stack of things to do :D

Categories: FLOSS Project Planets

Kinoite Nightly images with Plasma 6

Planet KDE - Tue, 2023-11-21 18:00

Thanks to the packaging efforts of the members of the KDE SIG (especially Alessandro Astone, Justin Zobel and Steve Cossette), we now have enough updated packages in Fedora to create Fedora Kinoite nightly images with KDE Plasma 6.

Pre-release software notice

KDE Plasma 6 is currently in Alpha and those images are based on Fedora Rawhide, which is the development stream of Fedora and may include bugs or breaking changes at any time.

So this should be obvious but in case it needs to be said: This is pre-release software that may include major bugs. Only use this on systems where you are confident you will be able to rollback and have backups of your collection of favorite cat pictures. You’ve been warned!

If you find bugs, you are welcomed to report them to KDE developers on bugs.kde.org or to the KDE SIG tracker. See also the upstream known issues page.

How to try it out

We currently do not have installation ISOs or pre-installed images available. To try it, you can follow those steps:

 1. Install Fedora Kinoite 39.

 2. Update to the latest version and reboot:

$ sudo rpm-ostree update --reboot

 3. Pin your current deployment to make sure that you will be able to rollback if something fails:

$ sudo ostree admin pin 0

 4. Switch to the Fedora Kinoite Nightly Plasma 6 image:

$ sudo rpm-ostree rebase --reboot \ ostree-unverified-registry:quay.io/fedora-ostree-desktops/kinoite-nightly:rawhide

 5. Test and report bugs!

How do I test for regressions / bisect?

You can find all tags for those images at quay.io/fedora-ostree-desktops/kinoite-nightly.

Feel free to drop by the Fedora KDE Matrix room.

Categories: FLOSS Project Planets

What’s new for Silverblue, Kinoite, Sericea and Onyx in Fedora 39

Planet KDE - Tue, 2023-11-21 18:00

Fedora 39 has been released! 🎉 So let’s see what comes in this new release for the Fedora Silverblue, Kinoite, Sericea and Onyx variants. This post is a summary of the “What’s new in Fedora Silverblue, Kinoite, Sericea and Onyx?” talk I did with Joshua Strobl for the Fedora 39 Release Party (see the full slides).

What’s new? Welcome to Fedora Onyx!

Fedora Onyx is a new variant using the Budgie desktop, with a (nearly) stock experience. It follows up on the Fedora Budgie Spin which has been introduced in Fedora 38.

The experience is similar to other Fedora Atomic Desktops (what’s that? see below 🙂): ships toolbx out-of-the-box and access to Flatpaks.

We will hopefully re-brand it from “Onyx” to “Fedora Budgie Atomic” and later aspire at having the Atomic variant be the “Fedora Budgie” and have the “mutable” spin be re-branded.

Fedora Atomic Desktops

We have created a new Special Interest Group (SIG) focused on (rpm-)ostree based desktop variants of Fedora (Silverblue, Kinoite, Sericea and Onyx). The “Fedora Atomic Desktops” name will also serve as an umbrella to regroup all those variants under a common name.

Note that the new name is still pending approval by the Fedora Council. A Fedora Change Request has been opened to track that for Fedora 40.

We will progressively centralize the work for this SIG in the fedora/ostree GitLab namespace. We already have an issue tracker.

What’s new in Silverblue?

Silverblue comes with the latest GNOME 45 release. Loupe replaces Eye of GNOME (EOG). For now, the new Flatpaks are not automatically installed on updates so you will have to replace EOG by Loupe manually.

Fedora Flatpaks are now available ppc64le and included in the installer.

For more details about the changes that comes with GNOME 45, see the What’s new in Fedora Workstation 39 on the Fedora Magazine.

What’s new in Kinoite?

Kinoite stays on Plasma 5.27. Plasma 6 is coming for Fedora 40.

A subset of KDE Apps is now available as Flatpaks from Fedora. They are built from Fedora RPM source and build options and are also available for all releases (not just the latest) and even other distributions due to the nature of Flatpaks.

Thanks a lot to Yaakov Selkowitz and the Flatpak SIG for making this happen!

With the Flatpaks being available in the Fedora remote, we have removed some apps from the base image: Okular, Gwenview, Kcalc. The Flatpaks are not installed on updates but you can install them from the Fedora Flatpak remote or from Flathub.

Fedora Flatpaks will be installed by Anaconda by default for new installations in Fedora 40.

What’s new in Sericea?

No major changes this release.

rpm-ostree unified core

Ostree commits are now built via rpm-ostree unified core mode. The main benefits are cleanups and stricter build constraints (that sometimes surface bugs in RPMs). This is also how Fedora CoreOS is being built right now.

This change should be completely transparent to users.

This is needed to get bootupd support and a step towards moving to ostree native container images (discussed below).

What’s next? bootupd support

Adding bootupd support to Atomic Desktops will finally let users easily update their bootloader on their systems (issue#120). We needed the commits to be built using rpm-ostree unified core mode, which is a change that landed in Fedora 39.

We are now waiting on Anaconda installer fixes that are in progress. This should hopefully land in Fedora 40.

Ostree Native Containers

The idea behind Ostree Native Containers is to package ostree commits as OCI containers. The main benefits are:

  • OCI containers are easier to manage, deploy and mirror than ostree repos
  • It makes it possible to create derived images via a Containerfile/Dockerfile
  • As it is a regular container, you can inspect its content, scan it for vulnerabilities or run it like a container
  • Signing is made easier via support for cosign/sigstore

You can take a look at the following examples that take advantage of this functionality:

Work is currently in progress to add support to build those images via Pungi. Initially, they will be built alongside the current ostree commits. This is currently planned for Fedora 40 (the change page needs to be updated / rewritten).

We will be looking at fully transitioning to containers in a future release.

Universal Blue, Bluefin and Bazzite

Those projects build on the in-progress support for the Ostree Native Containers format and the Fedora Atomic Desktops images. All the changes that are included are made via Containerfiles/Dockerfiles.

They include lots of options, offer a wide choice of images, include additional fixes, enable more platform support, UX fixes, etc.

Universal Blue is the general project, Project Bluefin is the developer focused one and Bazzite is focused on gaming, including on the Steam Deck and other similar devices.

Check them out!

Support for Asahi Linux?

Help us make that happen! One notable missing part is support in Kiwi (issue#38) to build the images. See Fedora Asahi Remix for more details.

Where to reach us?

We are looking for contributors to help us make the Fedora Atomic Desktops the best experience for Fedora users.

Categories: FLOSS Project Planets

Mike Hommey: How I (kind of) killed Mercurial at Mozilla

Planet Debian - Tue, 2023-11-21 14:49

Did you hear the news? Firefox development is moving from Mercurial to Git. While the decision is far from being mine, and I was barely involved in the small incremental changes that ultimately led to this decision, I feel I have to take at least some responsibility. And if you are one of those who would rather use Mercurial than Git, you may direct all your ire at me.

But let's take a step back and review the past 25 years leading to this decision. You'll forgive me for skipping some details and any possible inaccuracies. This is already a long post, while I could have been more thorough, even I think that would have been too much. This is also not an official Mozilla position, only my personal perception and recollection as someone who was involved at times, but mostly an observer from a distance.

From CVS to DVCS

From its release in 1998, the Mozilla source code was kept in a CVS repository. If you're too young to know what CVS is, let's just say it's an old school version control system, with its set of problems. Back then, it was mostly ubiquitous in the Open Source world, as far as I remember.

In the early 2000s, the Subversion version control system gained some traction, solving some of the problems that came with CVS. Incidentally, Subversion was created by Jim Blandy, who now works at Mozilla on completely unrelated matters. In the same period, the Linux kernel development moved from CVS to Bitkeeper, which was more suitable to the distributed nature of the Linux community. BitKeeper had its own problem, though: it was the opposite of Open Source, but for most pragmatic people, it wasn't a real concern because free access was provided. Until it became a problem: someone at OSDL developed an alternative client to BitKeeper, and licenses of BitKeeper were rescinded for OSDL members, including Linus Torvalds (they were even prohibited from purchasing one).

Following this fiasco, in April 2005, two weeks from each other, both Git and Mercurial were born. The former was created by Linus Torvalds himself, while the latter was developed by Olivia Mackall, who was a Linux kernel developer back then. And because they both came out of the same community for the same needs, and the same shared experience with BitKeeper, they both were similar distributed version control systems.

Interestingly enough, several other DVCSes existed:

  • SVK, a DVCS built on top of Subversion, allowing users to create local (offline) branches of remote Subversion repositories. It was also known for its powerful merging capabilities. I picked it at some point for my Debian work, mainly because I needed to interact with Subversion repositories.
  • Arch (tla), later known as GNU arch. From what I remember, it was awful to use. You think Git is complex or confusing? Arch was way worse. It was forked as "Bazaar", but the fork was abandoned in favor of "Bazaar-NG", now known as "Bazaar" or "bzr", a much more user-friendly DVCS. The first release of Bzr actually precedes Git's by two weeks. I guess it was too new to be considered by Linus Torvalds for the Linux kernel needs.
  • Monotone, which I don't know much about, but it was mentioned by Linus Torvalds two days before the initial Git commit of Git. As far as I know, it was too slow for the Linux kernel's needs. I'll note in passing that Monotone is the creation of Graydon Hoare, who also created Rust.
  • Darcs, with its patch-based model, rather than the common snapshot-based model, allowed more flexible management of changes. This approach came, however, at the expense of performance.

In this landscape, the major difference Git was making at the time was that it was blazing fast. Almost incredibly so, at least on Linux systems. That was less true on other platforms (especially Windows). It was a game-changer for handling large codebases in a smooth manner.

Anyways, two years later, in 2007, Mozilla decided to move its source code not to Bzr, not to Git, not to Subversion (which, yes, was a contender), but to Mercurial. The decision "process" was laid down in two rather colorful blog posts. My memory is a bit fuzzy, but I don't recall that it was a particularly controversial choice. All of those DVCSes were still young, and there was no definite "winner" yet (GitHub hadn't even been founded). It made the most sense for Mozilla back then, mainly because the Git experience on Windows still wasn't there, and that mattered a lot for Mozilla, with its diverse platform support. As a contributor, I didn't think much of it, although to be fair, at the time, I was mostly consuming the source tarballs.

Personal preferences

Digging through my archives, I've unearthed a forgotten chapter: I did end up setting up both a Mercurial and a Git mirror of the Firefox source repository on alioth.debian.org. Alioth.debian.org was a FusionForge-based collaboration system for Debian developers, similar to SourceForge. It was the ancestor of salsa.debian.org. I used those mirrors for the Debian packaging of Firefox (cough cough Iceweasel). The Git mirror was created with hg-fast-export, and the Mercurial mirror was only a necessary step in the process. By that time, I had converted my Subversion repositories to Git, and switched off SVK. Incidentally, I started contributing to Git around that time as well.

I apparently did this not too long after Mozilla switched to Mercurial. As a Linux user, I think I just wanted the speed that Mercurial was not providing. Not that Mercurial was that slow, but the difference between a couple seconds and a couple hundred milliseconds was a significant enough difference in user experience for me to prefer Git (and Firefox was not the only thing I was using version control for)

Other people had also similarly created their own mirror, or with other tools. But none of them were "compatible": their commit hashes were different. Hg-git, used by the latter, was putting extra information in commit messages that would make the conversion differ, and hg-fast-export would just not be consistent with itself! My mirror is long gone, and those have not been updated in more than a decade.

I did end up using Mercurial, when I got commit access to the Firefox source repository in April 2010. I still kept using Git for my Debian activities, but I now was also using Mercurial to push to the Mozilla servers. I joined Mozilla as a contractor a few months after that, and kept using Mercurial for a while, but as a, by then, long time Git user, it never really clicked for me. It turns out, the sentiment was shared by several at Mozilla.

Git incursion

In the early 2010s, GitHub was becoming ubiquitous, and the Git mindshare was getting large. Multiple projects at Mozilla were already entirely hosted on GitHub. As for the Firefox source code base, Mozilla back then was kind of a Wild West, and engineers being engineers, multiple people had been using Git, with their own inconvenient workflows involving a local Mercurial clone. The most popular set of scripts was moz-git-tools, to incorporate changes in a local Git repository into the local Mercurial copy, to then send to Mozilla servers. In terms of the number of people doing that, though, I don't think it was a lot of people, probably a few handfuls. On my end, I was still keeping up with Mercurial.

I think at that time several engineers had their own unofficial Git mirrors on GitHub, and later on Ehsan Akhgari provided another mirror, with a twist: it also contained the full CVS history, which the canonical Mercurial repository didn't have. This was particularly interesting for engineers who needed to do some code archeology and couldn't get past the 2007 cutoff of the Mercurial repository. I think that mirror ultimately became the official-looking, but really unofficial, mozilla-central repository on GitHub. On a side note, a Mercurial repository containing the CVS history was also later set up, but that didn't lead to something officially supported on the Mercurial side.

Some time around 2011~2012, I started to more seriously consider using Git for work myself, but wasn't satisfied with the workflows others had set up for themselves. I really didn't like the idea of wasting extra disk space keeping a Mercurial clone around while using a Git mirror. I wrote a Python script that would use Mercurial as a library to access a remote repository and produce a git-fast-import stream. That would allow the creation of a git repository without a local Mercurial clone. It worked quite well, but it was not able to incrementally update. Other, more complete tools existed already, some of which I mentioned above. But as time was passing and the size and depth of the Mercurial repository was growing, these tools were showing their limits and were too slow for my taste, especially for the initial clone.

Boot to Git

In the same time frame, Mozilla ventured in the Mobile OS sphere with Boot to Gecko, later known as Firefox OS. What does that have to do with version control? The needs of third party collaborators in the mobile space led to the creation of what is now the gecko-dev repository on GitHub. As I remember it, it was challenging to create, but once it was there, Git users could just clone it and have a working, up-to-date local copy of the Firefox source code and its history... which they could already have, but this was the first officially supported way of doing so. Coincidentally, Ehsan's unofficial mirror was having trouble (to the point of GitHub closing the repository) and was ultimately shut down in December 2013.

You'll often find comments on the interwebs about how GitHub has become unreliable since the Microsoft acquisition. I can't really comment on that, but if you think GitHub is unreliable now, rest assured that it was worse in its beginning. And its sustainability as a platform also wasn't a given, being a rather new player. So on top of having this official mirror on GitHub, Mozilla also ventured in setting up its own Git server for greater control and reliability.

But the canonical repository was still the Mercurial one, and while Git users now had a supported mirror to pull from, they still had to somehow interact with Mercurial repositories, most notably for the Try server.

Git slowly creeping in Firefox build tooling

Still in the same time frame, tooling around building Firefox was improving drastically. For obvious reasons, when version control integration was needed in the tooling, Mercurial support was always a no-brainer.

The first explicit acknowledgement of a Git repository for the Firefox source code, other than the addition of the .gitignore file, was bug 774109. It added a script to install the prerequisites to build Firefox on macOS (still called OSX back then), and that would print a message inviting people to obtain a copy of the source code with either Mercurial or Git. That was a precursor to current bootstrap.py, from September 2012.

Following that, as far as I can tell, the first real incursion of Git in the Firefox source tree tooling happened in bug 965120. A few days earlier, bug 952379 had added a mach clang-format command that would apply clang-format-diff to the output from hg diff. Obviously, running hg diff on a Git working tree didn't work, and bug 965120 was filed, and support for Git was added there. That was in January 2014.

A year later, when the initial implementation of mach artifact was added (which ultimately led to artifact builds), Git users were an immediate thought. But while they were considered, it was not to support them, but to avoid actively breaking their workflows. Git support for mach artifact was eventually added 14 months later, in March 2016.

From gecko-dev to git-cinnabar

Let's step back a little here, back to the end of 2014. My user experience with Mercurial had reached a level of dissatisfaction that was enough for me to decide to take that script from a couple years prior and make it work for incremental updates. That meant finding a way to store enough information locally to be able to reconstruct whatever the incremental updates would be relying on (guess why other tools hid a local Mercurial clone under hood). I got something working rather quickly, and after talking to a few people about this side project at the Mozilla Portland All Hands and seeing their excitement, I published a git-remote-hg initial prototype on the last day of the All Hands.

Within weeks, the prototype gained the ability to directly push to Mercurial repositories, and a couple months later, was renamed to git-cinnabar. At that point, as a Git user, instead of cloning the gecko-dev repository from GitHub and switching to a local Mercurial repository whenever you needed to push to a Mercurial repository (i.e. the aforementioned Try server, or, at the time, for reviews), you could just clone and push directly from/to Mercurial, all within Git. And it was fast too. You could get a full clone of mozilla-central in less than half an hour, when at the time, other similar tools would take more than 10 hours (needless to say, it's even worse now).

Another couple months later (we're now at the end of April 2015), git-cinnabar became able to start off a local clone of the gecko-dev repository, rather than clone from scratch, which could be time consuming. But because git-cinnabar and the tool that was updating gecko-dev weren't producing the same commits, this setup was cumbersome and not really recommended. For instance, if you pushed something to mozilla-central with git-cinnabar from a gecko-dev clone, it would come back with a different commit hash in gecko-dev, and you'd have to deal with the divergence.

Eventually, in April 2020, the scripts updating gecko-dev were switched to git-cinnabar, making the use of gecko-dev alongside git-cinnabar a more viable option. Ironically(?), the switch occurred to ease collaboration with KaiOS (you know, the mobile OS born from the ashes of Firefox OS). Well, okay, in all honesty, when the need of syncing in both directions between Git and Mercurial (we only had ever synced from Mercurial to Git) came up, I nudged Mozilla in the direction of git-cinnabar, which, in my (biased but still honest) opinion, was the more reliable option for two-way synchronization (we did have regular conversion problems with hg-git, nothing of the sort has happened since the switch).

One Firefox repository to rule them all

For reasons I don't know, Mozilla decided to use separate Mercurial repositories as "branches". With the switch to the rapid release process in 2011, that meant one repository for nightly (mozilla-central), one for aurora, one for beta, and one for release. And with the addition of Extended Support Releases in 2012, we now add a new ESR repository every year. Boot to Gecko also had its own branches, and so did Fennec (Firefox for Mobile, before Android). There are a lot of them.

And then there are also integration branches, where developer's work lands before being merged in mozilla-central (or backed out if it breaks things), always leaving mozilla-central in a (hopefully) good state. Only one of them remains in use today, though.

I can only suppose that the way Mercurial branches work was not deemed practical. It is worth noting, though, that Mercurial branches are used in some cases, to branch off a dot-release when the next major release process has already started, so it's not a matter of not knowing the feature exists or some such.

In 2016, Gregory Szorc set up a new repository that would contain them all (or at least most of them), which eventually became what is now the mozilla-unified repository. This would e.g. simplify switching between branches when necessary.

7 years later, for some reason, the other "branches" still exist, but most developers are expected to be using mozilla-unified. Mozilla's CI also switched to using mozilla-unified as base repository.

Honestly, I'm not sure why the separate repositories are still the main entry point for pushes, rather than going directly to mozilla-unified, but it probably comes down to switching being work, and not being a top priority. Also, it probably doesn't help that working with multiple heads in Mercurial, even (especially?) with bookmarks, can be a source of confusion. To give an example, if you aren't careful, and do a plain clone of the mozilla-unified repository, you may not end up on the latest mozilla-central changeset, but rather, e.g. one from beta, or some other branch, depending which one was last updated.

Hosting is simple, right?

Put your repository on a server, install hgweb or gitweb, and that's it? Maybe that works for... Mercurial itself, but that repository "only" has slightly over 50k changesets and less than 4k files. Mozilla-central has more than an order of magnitude more changesets (close to 700k) and two orders of magnitude more files (more than 700k if you count the deleted or moved files, 350k if you count the currently existing ones).

And remember, there are a lot of "duplicates" of this repository. And I didn't even mention user repositories and project branches.

Sure, it's a self-inflicted pain, and you'd think it could probably(?) be mitigated with shared repositories. But consider the simple case of two repositories: mozilla-central and autoland. You make autoland use mozilla-central as a shared repository. Now, you push something new to autoland, it's stored in the autoland datastore. Eventually, you merge to mozilla-central. Congratulations, it's now in both datastores, and you'd need to clean-up autoland if you wanted to avoid the duplication.

Now, you'd think mozilla-unified would solve these issues, and it would... to some extent. Because that wouldn't cover user repositories and project branches briefly mentioned above, which in GitHub parlance would be considered as Forks. So you'd want a mega global datastore shared by all repositories, and repositories would need to only expose what they really contain. Does Mercurial support that? I don't think so (okay, I'll give you that: even if it doesn't, it could, but that's extra work). And since we're talking about a transition to Git, does Git support that? You may have read about how you can link to a commit from a fork and make-pretend that it comes from the main repository on GitHub? At least, it shows a warning, now. That's essentially the architectural reason why. So the actual answer is that Git doesn't support it out of the box, but GitHub has some backend magic to handle it somehow (and hopefully, other things like Gitea, Girocco, Gitlab, etc. have something similar).

Now, to come back to the size of the repository. A repository is not a static file. It's a server with which you negotiate what you have against what it has that you want. Then the server bundles what you asked for based on what you said you have. Or in the opposite direction, you negotiate what you have that it doesn't, you send it, and the server incorporates what you sent it. Fortunately the latter is less frequent and requires authentication. But the former is more frequent and CPU intensive. Especially when pulling a large number of changesets, which, incidentally, cloning is.

"But there is a solution for clones" you might say, which is true. That's clonebundles, which offload the CPU intensive part of cloning to a single job scheduled regularly. Guess who implemented it? Mozilla. But that only covers the cloning part. We actually had laid the ground to support offloading large incremental updates and split clones, but that never materialized. Even with all that, that still leaves you with a server that can display file contents, diffs, blames, provide zip archives of a revision, and more, all of which are CPU intensive in their own way.

And these endpoints are regularly abused, and cause extra load to your servers, yes plural, because of course a single server won't handle the load for the number of users of your big repositories. And because your endpoints are abused, you have to close some of them. And I'm not mentioning the Try repository with its tens of thousands of heads, which brings its own sets of problems (and it would have even more heads if we didn't fake-merge them once in a while).

Of course, all the above applies to Git (and it only gained support for something akin to clonebundles last year). So, when the Firefox OS project was stopped, there wasn't much motivation to continue supporting our own Git server, Mercurial still being the official point of entry, and git.mozilla.org was shut down in 2016.

The growing difficulty of maintaining the status quo

Slowly, but steadily in more recent years, as new tooling was added that needed some input from the source code manager, support for Git was more and more consistently added. But at the same time, as people left for other endeavors and weren't necessarily replaced, or more recently with layoffs, resources allocated to such tooling have been spread thin.

Meanwhile, the repository growth didn't take a break, and the Try repository was becoming an increasing pain, with push times quite often exceeding 10 minutes. The ongoing work to move Try pushes to Lando will hide the problem under the rug, but the underlying problem will still exist (although the last version of Mercurial seems to have improved things).

On the flip side, more and more people have been relying on Git for Firefox development, to my own surprise, as I didn't really push for that to happen. It just happened organically, by ways of git-cinnabar existing, providing a compelling experience to those who prefer Git, and, I guess, word of mouth. I was genuinely surprised when I recently heard the use of Git among moz-phab users had surpassed a third. I did, however, occasionally orient people who struggled with Mercurial and said they were more familiar with Git, towards git-cinnabar. I suspect there's a somewhat large number of people who never realized Git was a viable option.

But that, on its own, can come with its own challenges: if you use git-cinnabar without being backed by gecko-dev, you'll have a hard time sharing your branches on GitHub, because you can't push to a fork of gecko-dev without pushing your entire local repository, as they have different commit histories. And switching to gecko-dev when you weren't already using it requires some extra work to rebase all your local branches from the old commit history to the new one.

Clone times with git-cinnabar have also started to go a little out of hand in the past few years, but this was mitigated in a similar manner as with the Mercurial cloning problem: with static files that are refreshed regularly. Ironically, that made cloning with git-cinnabar faster than cloning with Mercurial. But generating those static files is increasingly time-consuming. As of writing, generating those for mozilla-unified takes close to 7 hours. I was predicting clone times over 10 hours "in 5 years" in a post from 4 years ago, I wasn't too far off. With exponential growth, it could still happen, although to be fair, CPUs have improved since. I will explore the performance aspect in a subsequent blog post, alongside the upcoming release of git-cinnabar 0.7.0.beta.1. I don't even want to check how long it now takes with hg-git or git-remote-hg (they were already taking more than a day when git-cinnabar was taking a couple hours).

I suppose it's about time that I clarify that git-cinnabar has always been a side-project. It hasn't been part of my duties at Mozilla, and the extent to which Mozilla supports git-cinnabar is in the form of taskcluster workers on the community instance for both git-cinnabar CI and generating those clone bundles. Consequently, that makes the above git-cinnabar specific issues a Me problem, rather than a Mozilla problem.

Taking the leap

I can't talk for the people who made the proposal to move to Git, nor for the people who put a green light on it. But I can at least give my perspective.

Developers have regularly asked why Mozilla was still using Mercurial, but I think it was the first time that a formal proposal was laid out. And it came from the Engineering Workflow team, responsible for issue tracking, code reviews, source control, build and more.

It's easy to say "Mozilla should have chosen Git in the first place", but back in 2007, GitHub wasn't there, Bitbucket wasn't there, and all the available options were rather new (especially compared to the then 21 years-old CVS). I think Mozilla made the right choice, all things considered. Had they waited a couple years, the story might have been different.

You might say that Mozilla stayed with Mercurial for so long because of the sunk cost fallacy. I don't think that's true either. But after the biggest Mercurial repository hosting service turned off Mercurial support, and the main contributor to Mercurial going their own way, it's hard to ignore that the landscape has evolved.

And the problems that we regularly encounter with the Mercurial servers are not going to get any better as the repository continues to grow. As far as I know, all the Mercurial repositories bigger than Mozilla's are... not using Mercurial. Google has its own closed-source server, and Facebook has another of its own, and it's not really public either. With resources spread thin, I don't expect Mozilla to be able to continue supporting a Mercurial server indefinitely (although I guess Octobus could be contracted to give a hand, but is that sustainable?).

Mozilla, being a champion of Open Source, also doesn't live in a silo. At some point, you have to meet your contributors where they are. And the Open Source world is now majoritarily using Git. I'm sure the vast majority of new hires at Mozilla in the past, say, 5 years, know Git and have had to learn Mercurial (although they arguably didn't need to). Even within Mozilla, with thousands(!) of repositories on GitHub, Firefox is now actually the exception rather than the norm. I should even actually say Desktop Firefox, because even Mobile Firefox lives on GitHub (although Fenix is moving back in together with Desktop Firefox, and the timing is such that that will probably happen before Firefox moves to Git).

Heck, even Microsoft moved to Git!

With a significant developer base already using Git thanks to git-cinnabar, and all the constraints and problems I mentioned previously, it actually seems natural that a transition (finally) happens. However, had git-cinnabar or something similarly viable not existed, I don't think Mozilla would be in a position to take this decision. On one hand, it probably wouldn't be in the current situation of having to support both Git and Mercurial in the tooling around Firefox, nor the resource constraints related to that. But on the other hand, it would be farther from supporting Git and being able to make the switch in order to address all the other problems.

But... GitHub?

I hope I made a compelling case that hosting is not as simple as it can seem, at the scale of the Firefox repository. It's also not Mozilla's main focus. Mozilla has enough on its plate with the migration of existing infrastructure that does rely on Mercurial to understandably not want to figure out the hosting part, especially with limited resources, and with the mixed experience hosting both Mercurial and git has been so far.

After all, GitHub couldn't even display things like the contributors' graph on gecko-dev until recently, and hosting is literally their job! They still drop the ball on large blames (thankfully we have searchfox for those).

Where does that leave us? Gitlab? For those criticizing GitHub for being proprietary, that's probably not open enough. Cloud Source Repositories? "But GitHub is Microsoft" is a complaint I've read a lot after the announcement. Do you think Google hosting would have appealed to these people? Bitbucket? I'm kind of surprised it wasn't in the list of providers that were considered, but I'm also kind of glad it wasn't (and I'll leave it at that).

I think the only relatively big hosting provider that could have made the people criticizing the choice of GitHub happy is Codeberg, but I hadn't even heard of it before it was mentioned in response to Mozilla's announcement. But really, with literal thousands of Mozilla repositories already on GitHub, with literal tens of millions repositories on the platform overall, the pragmatic in me can't deny that it's an attractive option (and I can't stress enough that I wasn't remotely close to the room where the discussion about what choice to make happened).

"But it's a slippery slope". I can see that being a real concern. LLVM also moved its repository to GitHub (from a (I think) self-hosted Subversion server), and ended up moving off Bugzilla and Phabricator to GitHub issues and PRs four years later. As an occasional contributor to LLVM, I hate this move. I hate the GitHub review UI with a passion.

At least, right now, GitHub PRs are not a viable option for Mozilla, for their lack of support for security related PRs, and the more general shortcomings in the review UI. That doesn't mean things won't change in the future, but let's not get too far ahead of ourselves. The move to Git has just been announced, and the migration has not even begun yet. Just because Mozilla is moving the Firefox repository to GitHub doesn't mean it's locked in forever or that all the eggs are going to be thrown into one basket. If bridges need to be crossed in the future, we'll see then.

So, what's next?

The official announcement said we're not expecting the migration to really begin until six months from now. I'll swim against the current here, and say this: the earlier you can switch to git, the earlier you'll find out what works and what doesn't work for you, whether you already know Git or not.

While there is not one unique workflow, here's what I would recommend anyone who wants to take the leap off Mercurial right now:

  • Make sure git is installed. Chances are you already have it.

  • Install git-cinnabar where mach bootstrap would install it.

    $ mkdir -p ~/.mozbuild/git-cinnabar $ cd ~/.mozbuild/git-cinnabar $ curl -sOL https://raw.githubusercontent.com/glandium/git-cinnabar/master/download.py $ python3 download.py && rm download.py
  • Add git-cinnabar to your PATH. Make sure to also set that wherever you keep your PATH up-to-date (.bashrc or wherever else).

    $ PATH=$PATH:$HOME/.mozbuild/git-cinnabar
  • Enter your mozilla-central or mozilla-unified Mercurial working copy, we'll do an in-place conversion, so that you don't need to move your mozconfigs, objdirs and what not.

  • Initialize the git repository from GitHub.

    $ git init $ git remote add origin https://github.com/mozilla/gecko-dev $ git remote update origin
  • Switch to a Mercurial remote.

    $ git remote set-url origin hg::https://hg.mozilla.org/mozilla-unified $ git config --local remote.origin.cinnabar-refs bookmarks $ git remote update origin --prune
  • Fetch your local Mercurial heads.

    $ git -c cinnabar.refs=heads fetch hg::$PWD refs/heads/default/*:refs/heads/hg/*

    This will create a bunch of hg/<sha1> local branches, not all relevant to you (some come from old branches on mozilla-central). Note that if you're using Mercurial MQ, this will not pull your queues, as they don't exist as heads in the Mercurial repo. You'd need to apply your queues one by one and run the command above for each of them.
    Or, if you have bookmarks for your local Mercurial work, you can use this instead:

    $ git -c cinnabar.refs=bookmarks fetch hg::$PWD refs/heads/*:refs/heads/hg/*

    This will create hg/<bookmark_name> branches.

  • Now, make git know what commit your working tree is on.

    $ git reset $(git cinnabar hg2git $(hg log -r . -T '{node}'))

    This will take a little moment because Git is going to scan all the files in the tree for the first time. On the other hand, it won't touch their content or timestamps, so if you had a build around, it will still be valid, and mach build won't rebuild anything it doesn't have to.

As there is no one-size-fits-all workflow, I won't tell you how to organize yourself from there. I'll just say this: if you know the Mercurial sha1s of your previous local work, you can create branches for them with:

$ git branch <branch_name> $(git cinnabar hg2git <hg_sha1>)

At this point, you should have everything available on the Git side, and you can remove the .hg directory. Or move it into some empty directory somewhere else, just in case. But don't leave it here, it will only confuse the tooling. Artifact builds WILL be confused, though, and you'll have to ./mach configure before being able to do anything. You may also hit bug 1865299 if your working tree is older than this post.

If you have any problem or question, you can ping me on #git-cinnabar or #git on Matrix. I'll put the instructions above somewhere on wiki.mozilla.org, and we can collaboratively iterate on them.

Now, what the announcement didn't say is that the Git repository WILL NOT be gecko-dev, doesn't exist yet, and WON'T BE COMPATIBLE (trust me, it'll be for the better). Why did I make you do all the above, you ask? Because that won't be a problem. I'll have you covered, I promise. The upcoming release of git-cinnabar 0.7.0.beta.1 will have a way to smoothly switch between gecko-dev and the future repository (incidentally, that will also allow to switch from a pure git-cinnabar clone to a gecko-dev one, for the git-cinnabar users who have kept reading this far).

What about git-cinnabar?

With Mercurial going the way of the dodo at Mozilla, my own need for git-cinnabar will vanish. Legitimately, this begs the question whether it will still be maintained.

I can't answer for sure. I don't have a crystal ball. However, the needs of the transition itself will motivate me to finish some long-standing things (like finalizing the support for pushing merges, which is currently behind an experimental flag) or implement some missing features (support for creating Mercurial branches).

Git-cinnabar started as a Python script, it grew a sidekick implemented in C, which then incorporated some Rust, which then cannibalized the Python script and took its place. It is now close to 90% Rust, and 10% C (if you don't count the code from Git that is statically linked to it), and has sort of become my Rust playground (it's also, I must admit, a mess, because of its history, but it's getting better). So the day to day use with Mercurial is not my sole motivation to keep developing it. If it were, it would stay stagnant, because all the features I need are there, and the speed is not all that bad, although I know it could be better. Arguably, though, git-cinnabar has been relatively stagnant feature-wise, because all the features I need are there.

So, no, I don't expect git-cinnabar to die along Mercurial use at Mozilla, but I can't really promise anything either.

Final words

That was a long post. But there was a lot of ground to cover. And I still skipped over a bunch of things. I hope I didn't bore you to death. If I did and you're still reading... what's wrong with you? ;)

So this is the end of Mercurial at Mozilla. So long, and thanks for all the fish. But this is also the beginning of a transition that is not easy, and that will not be without hiccups, I'm sure. So fasten your seatbelts (plural), and welcome the change.

To circle back to the clickbait title, did I really kill Mercurial at Mozilla? Of course not. But it's like I stumbled upon a few sparks and tossed a can of gasoline on them. I didn't start the fire, but I sure made it into a proper bonfire... and now it has turned into a wildfire.

And who knows? 15 years from now, someone else might be looking back at how Mozilla picked Git at the wrong time, and that, had we waited a little longer, we would have picked some yet to come new horse. But hey, that's the tech cycle for you.

Categories: FLOSS Project Planets

CodersLegacy: How to Deploy your Python Code with Inno Setup

Planet Python - Tue, 2023-11-21 14:45

Deploying your Python application is a crucial step in making it accessible to users. One popular tool for creating installers on Windows is Inno Setup. In this blog post, we’ll guide you through the process of how to deploy your Python code using Inno Setup, making it easy for users to install and run your application on their Windows machines.

What is Inno Setup?

Inno Setup is a free, script-driven installation system created in Delphi. It simplifies the process of creating professional Windows installers for your software. With Inno Setup, you can package your Python application into a standalone executable installer that handles the installation and configuration of your software on the user’s system.

Despite being introduced almost 30 years ago, back in 1997, it is still one of the most popular and widely used options.

Step 1: Install Inno Setup

Before we start, make sure you have Inno Setup installed on your development machine. You can download it from the official Inno Setup website. Install the software with the default settings.

After a successful installation, you should see the following window:

Click on finish, and proceed with the article.

Step 2: Organize Your Project

Ensure that your Python project is well-organized with all the necessary files, including your Python scripts, images, configuration files, and any dependencies.

Here is a the file structure of a sample project:

YourProject/ │-- main.py │-- images/ │ └-- logo.png │-- requirements.txt

Run any final tests, and make sure everything is working before you proceed any further. The last thing you want is trying to figure out what went wrong with the setup and compilation process, when the actual problem was within your code.

Step 3: Freeze Your Python Code

Use a tool like PyInstaller or cx_Freeze to freeze your Python code into an executable.

For example, if you are using PyInstaller, run the following commands:

>> pip install pyinstaller >> pyinstaller --onefile main.py

This will create an output file which stores your exe. In case of any issues with Pyinstaller, refer to the following troubleshooting guide.

Step 4: Open Inno Setup

Open up your installed Inno setup window, and begin following these steps:

1. When you open the software, you will be greeted by a welcome window. Click on the “create a new script file using the Script Wizard” option, and click Ok.

2. On the next window, leave the checkbox blank, and continue by clicking “next”.

3. Fill in the required information in the next window, and then proceed.

4. You can leave this window’s settings on default, unless you have a good reason for changing them. Application destination folder determines where your application will be installed (on your user’s PC). Keeping the tick-box on, allows the user to change this destination (recommended).

5. Click the browse option to locate the exe produced in Step3 (with pyinstaller or any other equivalent library). If you have a single executable, and no other supporting files, images, or assets, you can proceed to the next window. Otherwise (as is usually the case) you might have images, supporting DLL’s, or other files produced during the freezing (compiling) process. Add these files (not including the .exe) using the Add file(s) and Add folder option.

Step 6: Continue ahead until you reach the following window, where you will include any EULA agreements, licenses, or other essential information (if any).

Step 7: Continue ahead, changing options and settings as required (most of it is non-essential, or only for very specific cases, or advanced users). If you don’t know what to do, leave it at the default settings.

Step 8: Click the finish button, after which your setup will begin compiling. It will also present you with an option for saving the “script”, which allows you to avoid this entire hassle of going through the setup wizard for a recompilations. You can compile using the script using the option presented to you in step 1 of this process.

Step 9: View your output file, and distribute it to your users.

Now what?

Now you can try installing this software on your own PC to try it out. Ideally, you should find some beta-users (or use another device of yours) to test out the software. Make sure the device/user does not have Python installed to ensure it works for those who do not have Python installed.

Good luck!

This marks the end of the “How to Deploy your Python Code with Inno Setup” Tutorial. Any suggestions or contributions for CodersLegacy are more than welcome. Questions regarding the tutorial content can be asked in the comments section below.

The post How to Deploy your Python Code with Inno Setup appeared first on CodersLegacy.

Categories: FLOSS Project Planets

PyCoder’s Weekly: Issue #604 (Nov. 21, 2023)

Planet Python - Tue, 2023-11-21 14:30

#604 – NOVEMBER 21, 2023
View in Browser »

Learning Python During an AI Revolution

Has the current growth of artificial intelligence (AI) systems made you wonder what the future holds for Python developers? What are the hidden benefits of learning to program in Python and practicing computational thinking? This week on the show, we speak with author Lawrence Gray about his upcoming book “Mastering Python: A Problem Solving Approach.”

How Many Python Core Devs Use Typing?

“How many old-school Python developers use type annotations?” This article dives into projects written by past and present core Python developers to see how often they use annotations in the wild.

10 Best Practices for Securely Developing with AI

Whether you’re diving into AI-assisted applications or enhancing your AI-assisted development skills, this comprehensive cheat by Snyk is for you. Walk through some crucial tips to securely embrace AI technology and to protect against AI-generated code risks such as prompt injection and data access →
SNYK.IO sponsor

Let’s Create a Python Debugger Together

Ever wondered how a debugger works? Implementing a simple one requires less code than you might think. Read on to find out how.

PyPI Has Completed Its First Security Audit


Python Jobs Software Engineer - Intern (Summer 2024) (Dallas, TX, USA)

Causeway Capital Management

More Python Jobs >>>

Articles & Tutorials Habits of Great Software Engineers

This opinion piece by Vadim highlights some of the key habits of great software builders. Some items are separate from coding, like doing a tech detox and focusing beyond the code, while others are deep in the tech, like the love for tinkering. Associated HN discussion.

Embeddings and Vector Databases With ChromaDB

Vector databases are a crucial component of many NLP applications. This tutorial will give you hands-on experience with ChromaDB, an open-source vector database that’s quickly gaining traction. Along the way, you’ll learn what’s needed to understand vector databases with practical examples.

Type-Hinting Dataframes

This article demonstrates complete DataFrame type-hinting in Python, now available with generically defined containers in StaticFrame 2. In addition to usage in static analysis (with Pyright and Mypy), these type hints can be validated at runtime with an included decorator.
CHRISTOPHER ARIZA • Shared by Christopher Ariza

JupyterLab for an Enhanced Notebook Experience

In this tutorial, you’ll learn how to use the JupyterLab authoring environment and what it brings to the popular computational notebook Jupyter Notebook. You’ll learn about its different tools and discover how they can work together to enhance your notebook experience.

Four Kinds of Optimisation

“Premature optimisation might be the root of all evil, but overdue optimisation is the root of all frustration. No matter how fast hardware becomes, we find it easy to write programs which run too slow.” Read on to learn what to do about it.

Python Basics: Modules and Packages

In this Python Basics video course, you’ll learn how to build an application by putting related code into separate files called modules. You’ll also use the import statement to use modules in another file.

Querying Every File in Every Release on PyPI

Lots of information can be found by delving into the Python Package Index and examining the libraries hosted there. This article shows you what is involved in querying all that data.

Guide to Queues in Python

A queue is a mechanism for storing information in a system, and is a particularly helpful data structure when dealing with multi-processing. Learn all about queues in Python.

Deobfuscating World of Warships’ Python Scripts

An in-depth analysis of how World of Warships obfuscates its game scripts and how to mostly deobfuscate them automatically.

How to (And How Not To) Design REST APIs

Read about common mistakes in REST API design and how best to structure your URLs and use those HTTP verbs.

Database Generated Columns With Django & SQLite

An introduction to database generated columns, using SQLite and the new GeneratedField added in Django 5.0.

Projects & Code Regex Crossword: Learn Regexes With This Game


cluestar: Gain Clues From Clustering!


marcel: A Modern Shell


de4py: Toolkit for Python Reverse Engineering


markdown-crawler: Multithreaded Web Crawler

GITHUB.COM/PAULPIERRE • Shared by Paul Pierre

Events Weekly Real Python Office Hours Q&A (Virtual)

November 22, 2023

PyCon Chile 2023

November 24 to November 27, 2023

Django Girls Medellín

November 25 to November 26, 2023

PythOnRio Meetup

November 25, 2023

Python Sheffield

November 28, 2023

PyLadiesCon 2023

December 2 to December 4, 2023

Happy Pythoning!
This was PyCoder’s Weekly Issue #604.
View in Browser »

[ Subscribe to 🐍 PyCoder’s Weekly 💌 – Get the best Python news, articles, and tutorials delivered to your inbox once a week >> Click here to learn more ]

Categories: FLOSS Project Planets

FSF Events: Free Software Directory meeting on IRC: Friday, November 24, starting at 12:00 EST (17:00 UTC)

GNU Planet! - Tue, 2023-11-21 14:02
Join the FSF and friends on Friday, November 24, from 12:00 to 15:00 EST (17:00 to 20:00 UTC) to help improve the Free Software Directory.
Categories: FLOSS Project Planets

ImageX: A Step-by-Step Guide to Using the OpenAI Module on Your Drupal 10 Website

Planet Drupal - Tue, 2023-11-21 12:52

Supercharging your workflows with artificial intelligence is one of the hottest trends of content editing on a Drupal website in 2023. Earlier this year, we published an article that explored the prospects of utilizing generative AI with CMSs like Drupal, along with an overview of some exciting Drupal modules for OpenAI/ChatGPT integration.

Categories: FLOSS Project Planets

Acquia Developer Portal Blog: Getting Started with Acquia Cloud IDE: A Code Editor as a Service

Planet Drupal - Tue, 2023-11-21 12:14

There are two main challenges developers face when setting up and managing their local environments: 

  1. Lack of local resources (You need a powerful machine to run Docker.)
  2. Lots of time spent configuring environments, especially if you want to build something more sophisticated

While it may be fun experimenting with Linux and everything related to DevOps, sometimes you just don’t have the time. Sound familiar?

Don’t take my word for it. Check out this Twitter poll conducted by a former colleague:

The results could not be more clear. Developers want simplicity. Fair, right? You have enough stress and problems to solve as you work to meet tight deadlines.

Categories: FLOSS Project Planets

The Three of Wands: The Categories of Bugs in Python Apps

Planet Python - Tue, 2023-11-21 12:00

Say you&aposre writing a Python program, of any kind but maybe a network service. You&aposre likely to err (you&aposre human, after all) and produce errors (bugs, defects) during this process. We can&apost control whether we make mistakes or not but there are steps we can take to control what kinds of errors we write.

For this article let&aposs invent a really simple model for the categories of errors we might write, from best to worst. Then, let&aposs look at how by being mindful of the tools we use and how we use them we can lower some of our defect categories to create better software.

Category 1: Type-checking and Linting Errors

Simple: you call a function and instead of passing in an integer, you pass in a string. You save the file and your editor runs Mypy, or maybe you switch to your terminal and run make lint which then runs Mypy, Mypy yells at you, you fix it, you move on.

These are the best defects because:

  • they are surfaced immediately, the time to discovery is measured in seconds.
  • they are fairly well-localized; it&aposs generally obvious where the issue is exactly.
  • if you have typechecking or linting already set up, they are very low-cost: you just need to run the checkers instead of, for example, writing a test.
  • assuming your CI is set up correctly and refuses to deploy on linting failures, they are stopped early so they&aposre safe; your users (and your SLA, including any folks on-call) will not be affected by them.

A small sidenote: type errors are cheap only if you&aposre actually in a position to use typing. If you have experience with typing and you&aposre starting a greenfield project (so you can choose your libraries), the cost of setting up typing initially is practically zero. If you have little-to-no typing experience and work with an existing codebase using frameworks without robust typing support (Django being somewhat in this category), the cost may be prohibitive. In that case let the existence of cat 0 errors be a motivator to learn and put yourself in the position to use typing in the future.

Category 2: Import-time Explosions

Your service starts up, the start-up procedure runs some setup code, this code raises an exception thus aborting the start-up procedure and crashing your service.

These defects are second-best you can have. To make full use of them you need to either have a test suite that executes the start-up procedure or have your deployment platform require your service handle a readiness check before the service is put in commission.

  • they are also fairly well-localized; by looking at your service logs you should be able to see where exactly the error is thrown, and why.
  • having your CI run a test suite that runs this logic or having your deployment platform run a readiness check are also fairly low-cost, not that difficult to set up in terms of time and complexity. The cost is still higher than just running a lint pass.
  • they are also stopped early and somewhat safe; your production shouldn&apost be affected. You will need some sort of alerting that your deployment cannot successfully start so someone can figure out what&aposs happening. For example, if a pod from a new version of deployment won&apost start up, Kubernetes will not proceed with the rollout, thus saving you from a non-functional service. This is not a panacea though, if left unchecked for too long the pods from the old deployment might get removed anyway, maybe from your cluster autoscaler starting and stopping the underlying machines.
  • they aren&apost surfaced immediately; at best when you run the test suite, and at worst when the service gets deployed and fails to start.

Certain kinds of defects cannot be handled by the Python type system (or maybe any type system) so this is the best that can be done.

This approach has the downside in that it requires logic to run during start-up, and the more logic the better. This can make your start-up slow, and this can make for a worse development experience. If your application is a CLI thing, the start-up time can be a very important feature by itself.

Now you get to choose between conflicting constraints. If only these were typechecking errors, huh?

Category 3: Runtime Explosions

Your service deploys correctly, but whenever a user hits a particular endpoint an exception is raised and the user gets an error response.

We&aposre getting into pretty bad territory now.

  • while it may be easy to see what the problem is when the defect finally triggers, it may not be obvious when the defect will actually get triggered. It may be right after the deploy, and it may be on a Saturday at 3 AM when a user finally hits that particular if branch of that particular endpoint. If the endpoint doesn&apost get much traffic, you&aposll require pretty good alerting and observability to actually learn you have a problem.
  • the only way to guard against this is a thorough test suite for all your endpoints. This is pretty expensive in terms of developer time and codebase complexity.
  • these defects are caught late, so your users will see them and maybe be frustrated with your product or lose trust. Your SLA may be affected.

One good thing about runtime explosions is that it&aposs much better to raise an error than do the wrong thing silently. At least your database state won&apost get inconsistent (you&aposre doing stuff transactionally, right?) and, if someone looks at your error logging, they will actually see the defect and hopefully a stack trace.

Even so, wouldn&apost it be so much better if these were import-time errors?

Category 4: Doing the Wrong Thing Silently

Your endpoint handles the request without an error, but instead of subtracting N dollars from a user, it adds N dollars to the user&aposs account. No one is any wiser except maybe the user.

Have you ever received an email that begins with the literal string "Hello ${firstName}"? That&aposs someone getting a category 4 into production.

These are terrible. We&aposre getting to defects that could existentially threaten your project or employer.

  • the defect doesn&apost generate an actual error, so it&aposs extremely difficult to detect. You&aposll probably hear about it from support or the company leadership at the worst possible time, and it&aposll need handling immediatelly. Hope you didn&apost have plans this weekend.
  • apart from the aforementioned thorough test suite, if this is a core thing you will likely need a tracking system to do clawbacks. The tracking system can just be normal logs, as long as your logging system is reliable and has good retention. You might want a periodical auditing job running. This gets into really expensive territory; the kind that might require a team of its own.
  • because there are no actual errors, good luck figuring out where exactly the issue is.

Ooph, these sure do suck. I&aposd trade these for a runtime explosion defect anytime.

Now, this model isn&apost perfect. The fact of the matter is, even sophisticated type-checking cannot guard again certain types of category 4&aposs so you will probably want a test suite in any case. This means the cost of a test suite is amortized somewhat, which can change the calculus a little. There are other factors in play, such as how much development velocity means versus correctness; a gaming backend will have different constraints than a financial services one.

That said, I&aposve found this model to still be very useful.

Let&aposs Talk Strategy

The conclusion is simple: if you want to make your software more robust, you need to lower the categories of as many possible defects you can.

Turn your silent manglings into runtime explosions. Turn your runtime explosions into start-up explosions, and turn your start-up errors into typechecking errors. Turning a category 4 into a category 1 would be amazing win in my book; I&aposd be willing to compromise a lot to get a PR like that merged into something I&aposm responsible for. Then test what&aposs left; the more defects you demote in category, the less testing you&aposll need.

The conclusion has a corollary though: we (the Python open-source community) need to keep working on tools that let users lower their defect categories. And users should carefully consider which categories of errors a given tool will make them handle.

This is why I get excited for new libraries that expose their stuff in a type-safe way. A type-safe templating library turns the ${firstName} email from a category 4 into a category 1. The type-safer your new ORM, the more I&aposm interested in learning about it.

A Case Study: cattrs

Here&aposs a real-life example of a change I plan on making in cattrs to help this situation.

Let&aposs assume you&aposre using cattrs for deserialization and you&aposd like to use Glyph&aposs DateType thing for dates. You want to convert some JSON into a DateType in an endpoint.

from datetype import AwareDateTime from cattrs import Converter c = Converter() def handler(payload: str) -> None: print(c.structure(payload), AwareDateTime)

Now, cattrs doesn&apost know how to convert a string into an AwareDateTime since they are completely independent libraries, so this will explode at runtime; a category 3.

With how cattrs is designed I don&apost think the structure method can be made type-safe, so turning this into a cat 1 isn&apost feasible. Could we turn it into a cat 2 at least?

We can fetch the actual structure hook at import time. This is currently possible with an internal API, so in the next version of cattrs this API will be public.

from datetype import AwareDateTime from cattrs import Converter c = Converter() hook = c.get_structure_hook(AwareDateTime) def handler(payload: str) -> None: print(hook(payload, AwareDateTime))

(Note: ideally you wouldn&apost be doing this yourself like this but delegate this to your web framework of choice.)

We have an additional problem though. At hook generation time, cattrs knows it can&apost handle the given type but instead of raising an error it will return a function that raises an error. So in the next version of cattrs, I will rework this API to actually raise errors during hook generation time, instead of hook execution time.

This is an example how we, as library authors, can make sure our users are enabled to make more robust software.

(If you&aposre curious here&aposs the actual fix for the example snippet:)

from datetime import datetime from datetype import AwareDateTime, aware c.register_structure_hook( AwareDateTime, lambda v, _: aware(datetime.fromisoformat(v)) )
Categories: FLOSS Project Planets

Joey Hess: attribution armored code

Planet Debian - Tue, 2023-11-21 11:23

Attribution of source code has been limited to comments, but a deeper embedding of attribution into code is possible. When an embedded attribution is removed or is incorrect, the code should no longer work. I've developed a way to do this in Haskell that is lightweight to add, but requires more work to remove than seems worthwhile for someone who is training an LLM on my code. And when it's not removed, it invites LLM hallucinations of broken code.

I'm embedding attribution by defining a function like this in a module, which uses an author function I wrote:

import Author copyright = author JoeyHess 2023

One way to use is it this:

shellEscape f = copyright ([q] ++ escaped ++ [q])

It's easy to mechanically remove that use of copyright, but less so ones like these, where various changes have to be made to the code after removing it to keep the code working.

| c == ' ' && copyright = (w, cs) | isAbsolute b' = not copyright b <- copyright =<< S.hGetSome h 80 (word, rest) = findword "" s & copyright

This function which can be used in such different ways is clearly polymorphic. That makes it easy to extend it to be used in more situations. And hard to mechanically remove it, since type inference is needed to know how to remove a given occurance of it. And in some cases, biographical information as well..

| otherwise = False || author JoeyHess 1492

Rather than removing it, someone could preprocess my code to rename the function, modify it to not take the JoeyHess parameter, and have their LLM generate code that includes the source of the renamed function. If it wasn't clear before that they intended their LLM to violate the license of my code, manually erasing my name from it would certainly clarify matters! One way to prevent against such a renaming is to use different names for the copyright function in different places.

The author function takes a copyright year, and if the copyright year is not in a particular range, it will misbehave in various ways (wrong values, in some cases spinning and crashing). I define it in each module, and have been putting a little bit of math in there.

copyright = author JoeyHess (40*50+10) copyright = author JoeyHess (101*20-3) copyright = author JoeyHess (2024-12) copyright = author JoeyHess (1996+14) copyright = author JoeyHess (2000+30-20)

The goal of that is to encourage LLMs trained on my code to hallucinate other numbers, that are outside the allowed range.

I don't know how well all this will work, but it feels like a start, and easy to elaborate on. I'll probably just spend a few minutes adding more to this every time I see another too many fingered image or read another breathless account of pair programming with AI that's much longer and less interesting than my daily conversations with the Haskell type checker.

The code clutter of scattering copyright around in useful functions is mildly annoying, but it feels worth it. As a programmer of as niche a language as Haskell, I'm keenly aware that there's a high probability that code I write to do a particular thing will be one of the few implementations in Haskell of that thing. Which means that likely someone asking an LLM to do that in Haskell will get at best a lightly modified version of my code.

For a real life example of this happening (not to me), see this blog post where they asked ChatGPT for a HTTP server. This stackoverflow question is very similar to ChatGPT's response. Where did the person posting that question come up with that? Well, they were reading intro to WAI documentation like this example and tried to extend the example to do something useful. If ChatGPT did anything at all transformative to that code, it involved splicing in the "Hello world" and port number from the example code into the stackoverflow question.

(Also notice that the blog poster didn't bother to track down this provenance, although it's not hard to find. Good example of the level of critical thinking and hype around "AI".)

By the way, back in 2021 I developed another way to armor code against appropriation by LLMs. See a bitter pill for Microsoft Copilot. That method is considerably harder to implement, and clutters the code more, but is also considerably stealthier. Perhaps it is best used sparingly, and this new method used more broadly. This new method should also be much easier to transfer to languages other than Haskell.

If you'd like to do this with your own code, I'd encourage you to take a look at my implementation in Author.hs, and then sit down and write your own from scratch, which should be easy enough. Of course, you could copy it, if its license is to your liking and my attribution is preserved.

This was sponsored by Mark Reidenbach, unqueued, Lawrence Brogan, and Graham Spencer on Patreon.

Categories: FLOSS Project Planets

Real Python: Python Basics Exercises: Modules and Packages

Planet Python - Tue, 2023-11-21 09:00

In Python Basics: Modules and Packages, you learned how to build an application by putting related code into separate files called modules. You also used the import statement to use modules in another file.

In this video course, you’ll practice:

  • Creating your own modules
  • Using modules in another file through the import statement
  • Organizing several modules into a package with __init__.py

Along the way, you’ll also get some insight into how to tackle coding challenges in general, which can be a great way to level up as a developer.

This video course is part of the Python Basics series, which accompanies Python Basics: A Practical Introduction to Python 3. You can also check out the other Python Basics courses.

Note that you’ll be using IDLE to interact with Python throughout this course. If you’re just getting started, then you might want to check out Python Basics: Setting Up Python before diving into this course.

[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]

Categories: FLOSS Project Planets

Drupal Core News: Claro contribution day on December 15th, 2023

Planet Drupal - Tue, 2023-11-21 08:47

Claro has been the default administration theme for Drupal for more than one year now. The list of issues and new features that we want to introduce has been growing and we’d like to bring the community together to join forces and finish initiatives needed for the new improvements (like CSS modernization) or review each other's work and get it committed.

We’ll prepare and organize efforts in advance with issues for all levels and profiles, and we’ll work on several time zones.

Join this community effort on the #admin-ui Drupal Slack channel on December 15th, 2023 and we’ll have work ready for you.

Categories: FLOSS Project Planets

Python Bytes: #361 Proper way to comment your code!

Planet Python - Tue, 2023-11-21 03:00
<strong>Topics covered in this episode:</strong><br> <ul> <li><a href="https://snarky.ca/the-many-shapes-and-sizes-of-keyboards/">The many shapes and sizes of keyboards</a></li> <li><a href="https://github.com/larryhastings/appeal"><strong>appeal - a CLI framework from Larry Hastings</strong></a></li> <li><a href="https://erivlis.github.io/graphinate/">Graphinate: Data to Graphs</a></li> <li><a href="https://davidism.com/maintainer-notes/"><strong>A Disorganized List of Maintainer Tasks</strong></a></li> <li><strong>Extras</strong></li> <li><strong>Joke</strong></li> </ul><a href='https://www.youtube.com/watch?v=k01G0b0Y0Jg' style='font-weight: bold;'>Watch on YouTube</a><br> <p><strong>About the show</strong></p> <p>Sponsored by <a href="https://pythonbytes.fm/scout"><strong>Scout APM</strong></a></p> <p><strong>Connect with the hosts</strong></p> <ul> <li>Michael: <a href="https://fosstodon.org/@mkennedy"><strong>@mkennedy@fosstodon.org</strong></a></li> <li>Brian: <a href="https://fosstodon.org/@brianokken"><strong>@brianokken@fosstodon.org</strong></a></li> <li>Show: <a href="https://fosstodon.org/@pythonbytes"><strong>@pythonbytes@fosstodon.org</strong></a></li> </ul> <p>Join us on YouTube at <a href="https://pythonbytes.fm/stream/live"><strong>pythonbytes.fm/live</strong></a> to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too.</p> <p><strong>Michael #1:</strong> <a href="https://snarky.ca/the-many-shapes-and-sizes-of-keyboards/">The many shapes and sizes of keyboards</a></p> <ul> <li>Many keyboards discussed </li> <li>Focus on health and safety (as it should!)</li> <li>I swear by <a href="https://www.microsoft.com/en/accessories/products/keyboards/sculpt-ergonomic-desktop?activetab=pivot:overviewtab">Microsoft Sculpt Ergonomic</a> (which wasn’t mentioned)</li> <li>More options still <a href="https://www.nytimes.com/wirecutter/reviews/comfortable-ergo-keyboard/">over at Wire Cutter</a></li> </ul> <p><strong>Brian #2:</strong> <a href="https://github.com/larryhastings/appeal"><strong>appeal - a CLI framework from Larry Hastings</strong></a></p> <ul> <li>“Give your program APPEAL!”</li> <li>Appeal is a command-line argument processing library for Python, like <code>argparse</code>, <code>optparse</code>, <code>getopt</code>, <code>docopt</code>, <code>Typer</code>, and <code>click</code>. But Appeal takes a refreshing new approach.</li> <li><p>Hello World example:</p> <pre><code>import appeal app = appeal.Appeal() @app.command() def hello(name): print(f"Hello, {name}!") app.main() </code></pre></li> <li><p>looks fun, no idea how to test with it “yet”. </p> <ul> <li>But I plan on looking into that.</li> </ul></li> </ul> <p><strong>Michael #3:</strong> <a href="https://erivlis.github.io/graphinate/">Graphinate: Data to Graphs</a></p> <ul> <li>via Eran Rivlis</li> <li>Graphinate is a python library that aims to simplify the generation of Graph Data Structures from Data Sources.</li> <li>Write a function to definite the edges as a generator, call materialize</li> <li>Based on <a href="https://networkx.org">NetworkX</a></li> <li>See the github page for visual examples</li> </ul> <p><strong>Brian #4:</strong> <a href="https://davidism.com/maintainer-notes/"><strong>A Disorganized List of Maintainer Tasks</strong></a></p> <ul> <li>David Lord <ul> <li>Plus, David Lord, lead maintainer of Flask, Jinja, Click, … on Pallets, also PSF Fellow, has a blog. Neat.</li> </ul></li> <li>TLDR; Next time you want to ask "When's the next release?", instead look at the project and see where you can start getting involved. The more help maintainers have, the more they can get done.</li> <li>Long list of stuff David thinks about when maintaining a project. <ul> <li>My list is shorter, but it’s still long, and my projects are tiny in comparison to his</li> </ul></li> </ul> <p><strong>Extras</strong> </p> <p>Brian:</p> <ul> <li><a href="https://www.youtube.com/watch?v=i-7EMhvxYKs">Do you do enough testing? pytest to the Rescue!</a> webinar from this morning</li> <li><a href="https://courses.pythontest.com/p/the-complete-pytest-course">The Complete pytest Course</a> will be 16 chapters, 11 are released, the 12th is recorded and almost released, and the 13th should be next week, … I should be done with all 16 by the end of the year. </li> <li>Testing argparse Applications <ul> <li><a href="https://testandcode.com/episodes/209-testing-argparse-applications">Python Test Podcast episode 109: Testing argparse Applications</a></li> <li><a href="https://pythontest.com/testing-argparse-apps/">Blog post on pythontest.com: Testing argparse Applications</a></li> </ul></li> <li>Black Friday sale on <a href="https://courses.pythontest.com/p/the-complete-pytest-course">The Complete pytest Course</a> <ul> <li>Use code BLACKFRIDAY for 50% off of</li> <li><a href="https://courses.pythontest.com/p/the-complete-pytest-course">The Complete pytest Course, Full Course + Full Access</a></li> </ul></li> </ul> <p>Michael:</p> <ul> <li>It’s <a href="https://talkpython.fm/black-friday">Black Friday at Talk Python</a></li> <li><a href="https://pythoninsider.blogspot.com/2023/10/python-3130-alpha-1-is-now-available.html">Python 3.13.0 alpha 1</a> is now available</li> <li><a href="https://survey.alchemer.com/s3/7554174/python-developers-survey-2023">Python Developers Survey 2023</a></li> </ul> <p><strong>Joke:</strong> <a href="https://www.reddit.com/r/programminghumor/comments/1798vi7/the_proper_way_to_comment_your_code/">The proper way to comment your code!</a></p>
Categories: FLOSS Project Planets

TechBeamers Python: How to Check Python Version Using Code

Planet Python - Mon, 2023-11-20 23:14

Do you know how to check the Python version you are using? This tutorial provides you with 10 different ways to check the Python version. Now, you may ask why use code and 10 different methods. It is because we are programmers and we like our code to do the tasks. It is not only [...]

The post How to Check Python Version Using Code appeared first on TechBeamers.

Categories: FLOSS Project Planets

Russ Allbery: Review: Thud!

Planet Debian - Mon, 2023-11-20 22:46

Review: Thud!, by Terry Pratchett

Series: Discworld #34 Publisher: Harper Copyright: October 2005 Printing: November 2014 ISBN: 0-06-233498-0 Format: Mass market Pages: 434

Thud! is the 34th Discworld novel and the seventh Watch novel. It is partly a sequel to The Fifth Elephant, partly a sequel to Night Watch, and references many of the previous Watch novels. This is not a good place to start.

Dwarfs and trolls have a long history of conflict, as one might expect between a race of creatures who specialize in mining and a race of creatures whose vital organs are sometimes the targets of that mining. The first battle of Koom Valley was the place where that enmity was made concrete and given a symbol. Now that there are large dwarf and troll populations in Ankh-Morpork, the upcoming anniversary of that battle is the excuse for rising tensions. Worse, Grag Hamcrusher, a revered deep-down dwarf and a dwarf supremacist, is giving incendiary speeches about killing all trolls and appears to be tunneling under the city.

Then whispers run through the city's dwarfs that Hamcrusher has been murdered by a troll.

Vimes has no patience for racial tensions, or for the inspection of the Watch by one of Vetinari's excessively competent clerks, or the political pressure to add a vampire to the Watch over his prejudiced objections. He was already grumpy before the murder and is in absolutely no mood to be told by deep-down dwarfs who barely believe that humans exist that the murder of a dwarf underground is no affair of his.

Meanwhile, The Battle of Koom Valley by Methodia Rascal has been stolen from the Ankh-Morpork Royal Art Museum, an impressive feat given that the painting is ten feet high and fifty feet long. It was painted in impressive detail by a madman who thought he was a chicken, and has been the spark for endless theories about clues to some great treasure or hidden knowledge, culminating in the conspiratorial book Koom Valley Codex. But the museum prides itself on allowing people to inspect and photograph the painting to their heart's content and was working on a new room to display it. It's not clear why someone would want to steal it, but Colon and Nobby are on the case.

This was a good time to read this novel. Sadly, the same could be said of pretty much every year since it was written.

"Thud" in the title is a reference to Hamcrusher's murder, which was supposedly done by a troll club that was found nearby, but it's also a reference to a board game that we first saw in passing in Going Postal. We find out a lot more about Thud in this book. It's an asymmetric two-player board game that simulates a stylized battle between dwarf and troll forces, with one player playing the trolls and the other playing the dwarfs. The obvious comparison is to chess, but a better comparison would be to the old Steve Jackson Games board game Ogre, which also featured asymmetric combat mechanics. (I'm sure there are many others.) This board game will become quite central to the plot of Thud! in ways that I thought were ingenious.

I thought this was one of Pratchett's best-plotted books to date. There are a lot of things happening, involving essentially every member of the Watch that we've met in previous books, and they all matter and I was never confused by how they fit together. This book is full of little callbacks and apparently small things that become important later in a way that I found delightful to read, down to the children's book that Vimes reads to his son and that turns into the best scene of the book. At this point in my Discworld read-through, I can see why the Watch books are considered the best sub-series. It feels like Pratchett kicks the quality of writing up a notch when he has Vimes as a protagonist.

In several books now, Pratchett has created a villain by taking some human characteristic and turning it into an external force that acts on humans. (See, for instance the Gonne in Men at Arms, or the hiver in A Hat Full of Sky.) I normally do not like this plot technique, both because I think it lets humans off the hook in a way that cheapens the story and because this type of belief has a long and bad reputation in religions where it is used to dodge personal responsibility and dehumanize one's enemies. When another of those villains turned up in this book, I was dubious. But I think Pratchett pulls off this type of villain as well here as I've seen it done. He lifts up a facet of humanity to let the reader get a better view, but somehow makes it explicit that this is concretized metaphor. This force is something people create and feed and choose and therefore are responsible for.

The one sour note that I do have to complain about is that Pratchett resorts to some cheap and annoying "men are from Mars, women are from Venus" nonsense, mostly around Nobby's subplot but in a few other places (Sybil, some of Angua's internal monologue) as well. It's relatively minor, and I might let it pass without grumbling in other books, but usually Pratchett is better on gender than this. I expected better and it got under my skin.

Otherwise, though, this was a quietly excellent book. It doesn't have the emotional gut punch of Night Watch, but the plotting is superb and the pacing is a significant improvement over The Fifth Elephant. The parody is of The Da Vinci Code, which is both more interesting than Pratchett's typical movie parodies and delightfully subtle. We get more of Sybil being a bad-ass, which I am always here for. There's even some lovely world-building in the form of dwarven Devices.

I love how Pratchett has built Vimes up into one of the most deceptively heroic figures on Discworld, but also shows all of the support infrastructure that ensures Vimes maintain his principles. On the surface, Thud! has a lot in common with Vimes's insistently moral stance in Jingo, but here it is more obvious how Vimes's morality happens in part because his wife, his friends, and his boss create the conditions for it to thrive.

Highly recommended to anyone who has gotten this far.

Rating: 9 out of 10

Categories: FLOSS Project Planets

Python⇒Speed: Two kinds of threads pools, and why you need both

Planet Python - Mon, 2023-11-20 19:00

When you’re doing large scale data processing with Python, threads are a good way to achieve parallelism. This is especially true if you’re doing numeric processing, where the global interpreter lock (GIL) is typically not an issue. And if you’re using threading, thread pools are a good way to make sure you don’t use too many resources.

But how many threads should your thread pool have? And do you need just one thread pool, or more than one?

In this article we’ll see that for data processing batch jobs:

  1. There are two kinds of thread pools, each for different use cases.
  2. Each kind requires a different configuration.
  3. You might need both.
Categories: FLOSS Project Planets

C++ Guidelines

Planet KDE - Mon, 2023-11-20 18:00

C++ is definitely a language that has Lots of Ways to do It – kind of like Perl’s TIMTOWTSAC. A consequence is that when writing code, you need to think about which way to do things. When context-switching between projects, employers, or what-have-you, you may have to context-switch preferences for which way is preferred. Guidelines can help, and I love them.

Automated Guidelines

I do love clang-format and clang-tidy (and before that, astyle), because they help apply automated guidelines that make a choice as to which way to do things like

  • place braces {}
  • leave spaces in template arguments <>
  • order includes
  • write names of types
  • avoid bug-prone constructs

Way back in the days of the English Breakfast Network (like, 2009) we wrote some tools to flag bug-prone constructs in KDE code, and encouraged people to clean those up. Nowadays other tools do a much better job.

I’m a big fan of auto-format-on-save within an IDE. That way I can type, copy-paste, futz around and have things cleaned up automatically. At $WORK, I use vscode and it does a good job of running tools in a remote container for formatting – as long as the file isn’t some 50000-line monstrosity, that is. I don’t know if KDevelop can do it, but my muscle memory on a Free Software platform switches to Konsole regularly to run formatting scripts, so I have never really investigated KDevelop’s capabilities there.

Toot me at kdedude on fosstodon.org if you know about KDevelop.

For Calamares I’ve been following the coding style laid down for that project for seven years. I still don’t like it, but it is automated (ci/calamaresstyle does the job) and reasonably well-described, so it is an automated guideline.

For $WORK, we have a fairly short .clang-format file – short because it doesn’t do anything weird, it’s basically “this other style, but put braces on lines on their own and move * to the other side”. Again, automated guidelines.

I think the most important part of this kind of automated guidelines is that reading code doesn’t take additional effort: the style is fixed, so there are zero surprises when reading code from Jane, Jim, or Joan.

Non-Automated Guidelines

Outside of what tools can apply automatically, there are still a lot of guidelines – rules-of-thumb, things-to-keep-in-mind – that can apply to any codebase. Not a week goes by that I don’t cite Kate Gregory’s Naming is Hard, but even when writing down the name of a Turdus migratorius, maybe there are variations to consider.

  • cock_robin
  • cockRobin
  • CockRobin

There are other cursed naming schemes possible, for sure. Let’s not go there.

When to use struct and when to use class in C++? That’s another thing you could argue about (in the language, the only differences is the default access specifier, but using one or the other can convey meaning to other developers).

For Free Software examples, consider Qt and KDE, which use a distinctive letter as the start of most class names (probably due to the lack of namespace support in the pre-standardization C++ era), which use camelCase for function names, etc .. If you spot setText you know it’s a function, and QLabel is a class, obviously. There’s no Label accessor, no get_text function either, and this consistency makes reading code easier.

At $WORK there’s a team of developers, and we task-switch a bit. One of the things we actively do is discuss coding style, so that reading other people’s code is as unsurprising as possible. We try to pack some extra meaning into names if we can.

The consequence of having these non-automated guidelines is that we regularly pick them up to discuss readability (e.g. when doing a review of new code) and we discuss and adapt the guidelines with some regularity – usually when some new and unexpected construct shows up. Recently we ended up with a long discussion about unmoveable objects and piecewise-construction, for instance.

The guidelines we use are now published by colleague Jan Wilmans, in a guidelines repository. I might not like all of the guidelines, but they save me thinking about which way to do things all the time, and that simplifies my life and improves the effectiveness of communication with my colleagues.


Write guidelines. Automate what you can. Document what you can’t. Make communication through code consistent, unsurprising, and readable. Collaborate. Follow existing style when possible.

The guidelines that Calamares uses, or my $WORK, might not be for you – write down your own. Fight for improvements. Write the simplest, most elegant, most readable and understandable code you can.

Categories: FLOSS Project Planets

GNUnet News: RFC 9498: The GNU Name System

GNU Planet! - Mon, 2023-11-20 18:00
RFC 9498: The GNU Name System

We are happy to announce that our The GNU Name System (GNS) specification is now published as RFC 9498 .

GNS addresses long-standing security and privacy issues in the ubiquitous Domain Name System (DNS) . Previous attempts to secure DNS ( DNSSEC ) fail to address critical security issues such as end-to-end security, query privacy, censorship, and centralization of root zone governance. After 40 years of patching, it is time for a new beginning.

The GNU Name System is our contribution towards a decentralized and censorship-resistant domain name resolution system that provides a privacy-enhancing alternative to the Domain Name System (DNS).

As part of our work on RFC 9498, we have also contributed to the specification of the .alt top-level domain to be used by alternative name resolution systems and have established the GANA registry for ".alt" .

GNS is implemented according to RFC 9598 in GNUnet 0.20.0. It is also implemented as part of GNUnet-Go .

We thank all reviewers for their comments. In particular, we thank D. J. Bernstein, S. Bortzmeyer, A. Farrel, E. Lear, and R. Salz for their insightful and detailed technical reviews. We thank J. Yao and J. Klensin for the internationalization reviews. We thank Dr. J. Appelbaum for suggesting the name "GNU Name System" and Dr. Richard Stallman for approving its use. We thank T. Lange and M. Wachs for their earlier contributions to the design and implementation of GNS. We thank J. Yao and J. Klensin for the internationalization reviews. We thank NLnet and NGI DISCOVERY for funding work on the GNU Name System.

The work does not stop here: We encourage further implementations of RFC 9498 to learn more both in terms of technical documentation and actual deployment experiences. Further, we are currently working on the specification of the R 5 N DHT and BFT Set Reconciliation which are underlying building blocks of GNS in GNUnet and not covered by RFC 9498.

Categories: FLOSS Project Planets