Planet GNU

Aggregation of development blogs from the GNU Project

December 12, 2018

FSF Blogs

FSF Licensing and Compliance Lab: 2018 and the future

We are currently running a fundraising drive to launch free software to new frontiers. Would you consider supporting the work of the Free Software Foundation (FSF) and Licensing and Compliance team by becoming a member or making a donation today?

I am the current licensing and compliance manager for the FSF, though I've had several roles in my time here. The Lab handles all the free software licensing work for the FSF. Copyleft is the best legal tool we have for protecting the rights of users, and the Lab makes sure that tool is at full power by providing fundamental licensing education. From publishing articles and resources on free software licensing, to doing license compliance work for the GNU Project, to handling our certification programs like Respects Your Freedom, if there is a license involved, the Lab is on the case.

When I started working at the FSF part-time in 2008, the GNU General Public License version 3 (GPLv3) was only a year old. Our Respects Your Freedom certification program didn't yet exist. The Free Software Directory wasn't yet a wiki that could be updated by the community at large. Things have changed a lot over the years, as has our ability to help users to understand and share freely licensed works. I'd like to take just a moment as 2018 draws to a close to look back on some of the great work we accomplished.

While the GPLv3 celebrated its tenth anniversary last year, there still remains a lot to be done in helping developers understand how to best use it and other GNU licenses. The Licensing and Compliance Lab, along with a team of volunteers, has for many years answered questions from the community. This year, we were delighted for Jake Glass to join the team as an intern, and are grateful for his help in improving licensing materials as well as answering questions from the community. The world of free software has grown so much over the past decade that we want to help make it as easy as possible to use free software and track the licenses in projects. Many organizations are developing tools to help tackle this issue, such as the Software Package Data Exchange (SPDX). But these tools are only useful if they are accurate and support best practices. Looking to improve the situation, we worked together with SPDX to make sure that their identifiers correctly reflected the licensing choices of developers. In 2018, we were happy to announce that SPDX updated their identifiers to differentiate between choosing only a specific version of a GNU license versus that version or any later version (e.g. GPLv3-only or GPLv3-or-any-later-version). This is just one example of our ongoing work interfacing with other organizations and projects in order to improve the culture of free software licensing for everyone.

This year also saw more growth in our Respects Your Freedom certification program. This program helps users to find hardware devices they can trust to respect their freedom and privacy. We were excited to add another laptop/tablet hybrid with the Minifree Libreboot X200 Tablet. While we have previously certified many Librebooted laptops, 2018 was the year we finally certified a device to help you Libreboot your own device: the Zerocat Chipflasher Board Edition 1. While we celebrate reaching thirty total certified devices, we are looking forward to even more exciting additions in the future, with over fifty devices currently working their way through certification. Watching this important program grow so fast from the beginning has been incredibly rewarding.

2018 also saw the return of our Continuing Legal Education seminars. While executive director John Sullivan and I give many licensing talks at conferences throughout the year geared towards a more general audience, these seminars are sessions meant for legal professionals and interested licensing geeks to dive deeply into their understanding of the GPL and to help people understand how the Principles of Community Oriented GPL Enforcement work. It's an opportunity to teach the law and history of free software, as well as to connect with legal practitioners from around the world. The last seminar prior to this was over four years ago, so we were long overdue to run another. Looking to the future, we plan on making these seminars a more regular occurrence.

The Free Software Directory saw a major milestone in the past year, surpassing 16,000 listed packages. We were also aided by the tech team interns, David Hedlund and Sonali Singhal. David is a long-time Directory volunteer who exemplifies the way that program grew and developed over the past decade. David long ago took a leadership role in updating and improving the Directory, and we were grateful that he was able to take a role as an intern to extend that work even further. Sonali was an Outreachy intern who was able to upgrade the software running the Directory itself. This important work helps keep the Directory running while putting us in a great place for the future. However, while we celebrate the accomplishments of this year, there's clearly a lot more work to be done in order to ensure that the Free Software Directory truly lists every free software package in existence.

Even as 2018 demonstrates how much the size of our job grew in the past decade, the size of our team hasn't quite kept the same pace. When I started, there were just one and a half staff members dedicated to licensing at the FSF -- Brett Smith was the licensing and compliance manager at the time, and I was working with him part-time. I later moved to full time, and since then the team has stayed at just two staff members working with a team of paid and pro bono attorneys. Just think: we've expanded many programs, and created whole new ones, while still maintaining all the other programs of the Compliance Lab with just two staff. It's really a testament to what we can accomplish. Looking back over the past ten years fills me with pride, but also awe at the size of the job in front of us.

Reviewing past accomplishments always makes one think of challenges not yet met. We have to keep expanding and improving our work, if we want the next ten years to be as successful. But as always, that depends in large part on you. None of what we've done would have been possible without your support, and nothing that we hope for in the future will happen without your help. Will you build the foundation for the next great expansion?

The Licensing and Compliance team's work is fueled primarily by donors and associate members of the FSF. We are asking you to become an associate member or make a donation to the FSF to support our work expanding to new frontiers over the next year. Membership costs as little as $10 per month ($5 per month for students). Membership comes with benefits, and if you join by the end of 2018, you can choose to receive an enamel pin set, so you can wear your free software pride on your sleeve wherever you go.

Sincerely,
Donald Robertson, III
Licensing and Compliance Manager

12 December, 2018 08:52PM

December 11, 2018

GNU Guix

Bootstrapping Rust

Slowly, systems programming languages are getting better in the sense of giving more guarantees and automating what can be automated without downsides.

Rust is one of the more promising system programming languages. Its central advantage is that it enforces memory safety and thread safety at compile time, without incurring any runtime overhead.

The part that enforces memory safety is called "the borrow checker".

It has been a long-standing tradition to develop a language far enough to be able to write the language's compiler in the same language, and Rust does the same. Rust is nowadays written in Rust.

We've tracked down the earlier Rust versions, which were written in OCaml, and were planning to use these to bootstrap Rust. But in parallel, John Hudge (Mutabah) developed a Rust compiler, called "mrustc", written in C++.

mrustc is now good enough to compile Rust 1.19.0.

Using mrustc, we were able to build Rust entirely from source with a bootstrap chain like this:

rust@1.28.0
    ^
    |
rust@1.27.2
    ^
    |
rust@1.26.2
    ^
    |
rust@1.25.0
    ^
    |
rust@1.24.1
    ^
    |
rust@1.23.0
    ^
    |
rust@1.22.1
    ^
    |
rust@1.21.0
    ^
    |
rust@1.20.0
    ^
    |
rust@1.19.0
    ^
    |
mrustc@0.8.0
    ^
    |
   g++

Limitations

  • mrustc currently does no borrow checking -- so memory safety of our rust@1.19.0 is mostly guaranteed in the sense of "someone else built rust@1.19.0 using another Rust compiler and thus ran the borrow checker already".

  • The bootstrap chain is rather long. There are plans to extend mrustc to support newer Rust, but it turned out to be difficult.

  • Rust takes reproducible builds seriously, but there are some reproducibility problems left in earlier compilers that pop up very sporadically (mostly because of LLVM, and some because of Rust hashtable poisoning). Help wanted, especially from LLVM people!

  • Each target we want to support has to have support in LLVM, AND mrustc needs to have a specification of the alignment and sizes of the base types.

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686, x86_64, ARMv7, and AArch64 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

11 December, 2018 01:36PM by Danny Milosavljevic

December 10, 2018

Back from SeaGL 2018

SeaGL 2018 has concluded. Thank you to everyone in the local Seattle community who came to participate!

As previously announced, Chris Marusich gave a talk introducing GNU Guix to people of all experience levels. Some very Guixy swag was handed out, including printed copies of this handy Guix reference card. The room was packed, the audience asked great questions, and overall it was tons of fun!

If you weren't able to come to SeaGL this year, that's OK! You can watch a video of the talk below. Happy hacking!

Everyday Use of GNU Guix

10 December, 2018 08:00AM by Chris Marusich

December 09, 2018

unifont @ Savannah

Unifont 11.0.03 Released

8 December 2018

Unifont 11.0.03 is now available. Significant changes in this version include the Nushu script contributed by David Corbett, and the Kana Supplement and Kana Supplement-A scripts contributed by Johnnie Weaver.

Download this release at:

https://ftpmirror.gnu.org/unifont/unifont-11.0.03/

or if that fails,

ftp://ftp.gnu.org/gnu/unifont/unifont-11.0.03/

Enjoy!

Paul Hardy

09 December, 2018 12:53AM by Paul Hardy

December 06, 2018

FSF News

FSF adds Hyperbola GNU/Linux-libre to list of endorsed GNU/Linux distributions

hyperbola logo

The FSF's list showcases GNU/Linux operating system distributions whose developers have made a commitment to follow its Guidelines for Free System Distributions. Each one includes and endorses exclusively free "as in freedom" software.

After a thorough vetting process, the FSF concluded that Hyperbola, a long-term support simplicity-focused distribution based on Arch GNU/Linux, meets these criteria.

"In a world where proprietary operating systems continually up the ante in terms of the abuse they heap on their users, adding another distribution to the list of fully free systems is a welcome development. Hyperbola represents another safe home for users looking for complete control over their own computing," said John Sullivan, FSF's executive director.

"Hyperbola is a fully free distribution based on Arch snapshots and Debian development without nonfree software, documentation, or any type of support for the installation or execution of nonfree software. Unlike Arch, which is a rolling release distribution, Hyperbola is a long-term one focused on stability and security inspired from Debian and Devuan," said AndrĂŠ Silva, Hyperbola co-founder and developer.

FSF's licensing and compliance manager, Donald Robertson, added, "It was a pleasure working with the team behind Hyperbola throughout this process. They really go above and beyond in terms of looking out for the rights of their users. "

Hyperbola joins a growing list of distributions that users can trust. More information about Hyperbola, and how volunteers can get involved, is available at https://www.hyperbola.info/.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to run, edit, share, and contribute to computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

About the GNU Operating System and Linux

Richard Stallman announced in September 1983 the plan to develop a free software Unix-like operating system called GNU. GNU is the only operating system developed specifically for the sake of users' freedom. See https://www.gnu.org/gnu/the-gnu-project.html.

In 1992, the essential components of GNU were complete, except for one, the kernel. When in 1992 the kernel Linux was re-released under the GNU GPL, making it free software, the combination of GNU and Linux formed a complete free operating system, which made it possible for the first time to run a PC without nonfree software. This combination is the GNU/Linux system. For more explanation, see https://www.gnu.org/gnu/gnu-linux-faq.html.

Media Contacts

Donald Robertson, III
Licensing & Compliance Manager
Free Software Foundation
+1 (617) 542 5942
licensing@fsf.org

Hyperbola GNU/Linux-libre logo, Copyright 2017-2018 Hyperbola Project released under the CC-BY-SA 4.0 license.

06 December, 2018 09:15PM

GNU Guix

GNU Guix and GuixSD 0.16.0 released

We are pleased to announce the new release of GNU Guix and GuixSD, version 0.16.0! This release is (hopefully!) the last one before 1.0—we have been closing most key items for 1.0 over the last few months.

The release comes with GuixSD ISO-9660 installation images, a virtual machine image of GuixSD, and with tarballs to install the package manager on top of your GNU/Linux distro, either from source or from binaries. Guix users can update by running guix pull.

It’s been 5 months since the previous release, during which 95 people contributed code and packages. Here are the highlights.

  • The default substitute URL has been changed to https://ci.guix.info. This is backed by a more powerful build farm with terabytes of storage kindly donated by the Bioinformatics platform of the Berlin Institute of Medical Systems Biology (BIMSB) at the Max Delbrück Center (MDC). The build farm front-end runs Cuirass, our continuous integration tool that was partly developed during two GSoC internships.
  • guix pull now lists new and upgraded packages, and it has a --profile option that allows you to keep several Guix revisions in parallel. Related to that, the new guix describe command displays information about the Guix revision you are using.
  • guix pull now supports channels. In a nutshell, you can specify in ~/.config/guix/channels.scm the channels from which guix pull will fetch Guix as well as, optionally, third-party package repositories. Again guix describe displays all the channels in use and guix describe -f channels produces a “pinned channel” specification that can be used as the channels.scm file of guix pull.
  • Using the new inferior mechanism, you can now interact with a different revision of Guix and even compose packages coming from different revisions of Guix!
  • The output of the command-line tools has been noticeably improved: important events are colorized, guix package and guix system no longer display build logs, and guix build colorizes build logs (in a way that is similar to what Emacs-Guix does.)
  • There are new package transformation options: --with-branch and --with-commit allow you to obtain a package variant straight from its Git repository.
  • Guix had reproducible builds and now it has “reproducible source code downloads”: when a package refers to a Git repository that has disappeared (which is unfortunately not uncommon!), the checkout can be fetched from Software Heritage. That makes Guix one of the first distros to be backed by a long-term archive. See this issue for more info.
  • Our Rust packages are now fully bootstrapped from source, starting from mrustc, a Rust compiler written in C++. This is a victory on this instance of “yogurt software”, and Guix is probably the first distro to achieve this. More on that in a future post!
  • On GuixSD, guix system reconfigure will now always load replacements of system services. That way, when you deem appropriate, you can run herd restart SERVICE to start the upgraded service.
  • As usual, 985 packages were added and 1,945 were upgraded, notably the GNU C Library now at version 2.28 (which, incidentally, allowed us to get rid of our Hurd-specific glibc variant, at last!). Today Guix provides 8,715 packages.
  • The manual is now partially translated into German. The French translation is now 90% complete. You can help translate the manual into your native language by joining the Translation Project.

Pffew, quite a long list already! The release announcement lists additional noteworthy changes and bug fixes you may be interested in.

Enjoy!

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686, x86_64, ARMv7, and AArch64 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

06 December, 2018 05:00PM by Ludovic Courtès

libredwg @ Savannah

libredwg-0.7 released

See https://www.gnu.org/software/libredwg/ and
http://git.savannah.gnu.org/cgit/libredwg.git/tree/NEWS

new API:
* add dwg_get_OBJECT(dwg) API for all objects in a DWG.
analog to dwg_get_ENTITY, but including all objects, tables,
block headers, even if unowned.
Note that the dwg_api will be revamped from static to dynamic before 1.0.
field accessors will be by name argument and ... (va_args)
See the work/dynapi branch #59 (in progress).
dwg_get_OBJECT(dwg) will be renamed to dwg_getall_OBJECT(dwg),
dwg_get_ENTITY(blkhdr) to dwg_getall_ENTITY(blkhdr).

API breaking changes:
* Changed BITCODE_RC from signed to unsigned char (#44)
* LEADER changes: rename hooklineonxdir to hookline_dir,
rename unknown_bit_4 to hookline_on,
endptproj only until r2007. (but still not 100% correct)
* MULTILEADER changes: rename num_vertex to numpts (analog to LEADER),
change vertex to points[] (PR #49 Denis Pryt)
* Fixed dwg_get_ENTITY(hdr): NULL-terminate the result (#60)

Important bugfixes:
* Fixed all memory leaks and double-free's (#43, #42, PR #58 Denis Pryt)
* Fixed EED sizes (PR #48, Denis Pryt)
* Fixed BLOCK_HEADER.num_inserts, esp. with xref's (#44).
For decode and encode.
* Fixed LTYPE.dash (#44)
* Fixup LEADER DXF values and path_type with annot_type mixup.
* Fixed TABLE.value.data_type with flags kGeneral (#54 Denis Pryt)
* Fixes VECTOR_CHKCOUNT segfault on unassigned obj->dxfname's
(esp. for <=R12), and fix overflows (#56)
* dwglayers: fix for DICTIONARY breaking the list output (#51)
* dxf: fix dxf_blocks_write for empty paper_space (#52)
* Fixed example/load_dwg.py allowing non-critical error codes

Other newsworthy changes:
* Check for RUNNING_ON_VALGRIND and call dwg_free then, even
if previously skipped.
* Renamed all remaining API "null malloc" error messages to
"Out of memory"
* Harmonized in_dxfb with in_dxf, but still WIP

Here are the compressed sources:
http://ftp.gnu.org/gnu/libredwg/libredwg-0.7.tar.gz (9.4MB)
http://ftp.gnu.org/gnu/libredwg/libredwg-0.7.tar.xz (3.5MB)

https://github.com/LibreDWG/libredwg/releases/tag/0.7 (also window binaries)

Here are the GPG detached signatures[*]:
http://ftp.gnu.org/gnu/libredwg/libredwg-0.7.tar.gz.sig
http://ftp.gnu.org/gnu/libredwg/libredwg-0.7.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

Here are the SHA256 checksums:

76f0329b5b175cb2a8d0a66854f91c21c31bdff6cb6ff04569c7fdd3ad4b069d libredwg-0.7.tar.gz
cbef6b9d48877ca26a54115b9ef9a7fd02d0279a94e79d2247f80277820b888d libredwg-0.7.tar.xz
6031e0c4fbc81eb84a8359fc9a282a7571dbfe2b5d345df15cc20490f707274c libredwg-0.7-win32.zip
69ee51bab4e0d9b406ab7fad3ffa18fb088a295ca59fb06b342994fc8ebdf7da libredwg-0.7-win64.zip

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify libredwg-0.7.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414

and rerun the 'gpg --verify' command.

06 December, 2018 12:07AM by Reini Urban

December 05, 2018

FSF Blogs

Support software freedom: Shop the GNU Press

This autumn is a great time to visit the GNU Press Shop, the online store that promotes software freedom with every T-shirt, every button, and every two socks. We are always busy improving and expanding our selection of documentation, cool stickers, and garments as attractive as they are useful. There can be little doubt that every hacker, coder, and software freedom enthusiast you know devoutly wishes for a gift from the GNU Press Shop to help them upgrade their skills and spread the word about software freedom far, wide, and often. In case you haven't visited since last year, here's what's brand new in 2018:

  • An updated 18th Edition of the perennially-popular GNU Emacs Manual: an invaluable reference to the many, many, many functions of the world's most useful text editor. Order it by itself, or as part of the "All Things Emacs" bundle!

  • For a lighter read, we have returned to availability Free As In Freedom 2.0,the biography of Free Software Foundation (FSF) founder and president Richard M. Stallman (RMS), written by Sam Williams and annotated by RMS himself. At the FSF we always encourage you to study the source directly, and biography is no exception. Autographed copies of this book are available for dedicated free software enthusiasts!

  • Looking for something with even more "aura" than an autographed book? New and improved glossy photos of RMS have been staged, shot, and printed by none other than FSF chief technology officer Ruben Rodriguez, and signed by RMS. I'll ship one to you carefully packed so it arrives pristine and ready to be framed.

  • This is also a banner year if you enjoy software freedom and beverages. We have made available a limited number of mugs originally issued by the League for Programming Freedom, a fellow software freedom advocacy organization, in the year 1991. If a less venerable drinking vessel suits your needs, check out the new Emacs "Auto-Fill Mode" mug -- another constituent of the "All Things Emacs" bundle!

  • Behold: A new gnu. We've printed one of our longest-running T-shirts in a new color: you can now wear the GNU Head shirt in Heather Mauve, a color we find flatters just about everyone. The remaining blue and grey shirts are the last of their kind -- get them before they're gone!

  • 2018 was the year of the sticker at the GNU Press Shop: you can now order several of our iconic sticker designs by the fistful. The Emacs logo and "There Is No Cloud" designs have been hot items in 2018 -- and the Bash logo and vintage Emacs icon stickers are brand new. Stickers get seen: there's no more efficient way to raise awareness of software freedom.

That's what's new and exciting this fall at the GNU Press Shop. If you read this blog all the way through you are of course very eager to order all the items in it -- and you can! By becoming an FSF member, you support the mission of the FSF, help push free software to new frontiers, help us reach our goal of 400 new members by the end of the year, and of course receive a 20% discount at the GNU Press Shop. This means, for instance, if you are starting a free software manual book club and tea drinking society, the fifth member of your club can be outfitted with books and mug gratis.

Last but not least: if you need your GNU Press Shop orders to arrive on time for Christmas gift-giving, please place your order no later than December 20! For all GNU Press shop inquiries, email me at sales@fsf.org. This includes, but is not limited to, inquiries about shipping, sizing, inventory, past and future products, and anything else that's on your mind. Stay tuned for more excellent GNU Press products to come!

05 December, 2018 09:05PM

Introducing Hrishikesh Barman, intern with the FSF tech team

Hello everyone! My name is Hrishikesh Barman, and I am a third-year computer science undergraduate student. Growing up, I had an inclination towards computer networks, and in my first year at college I got started with programming properly. Eventually, I got introduced to free software, and it always gave me immense pleasure to be a small part of a bigger project by contributing to it. I realized that tech is made for the people (the society) and not the other way around, and users should have software freedom.

I came to know about the FSF through a documentary about Aaron Swartz. I greatly appreciated the FSF's ideas and was intrigued to be a part of it, so when I got the mail that I've been selected as a fall tech intern it was truly a great moment for me. The interview process was very smooth and friendly. I am being mentored by Ian, Andrew, and Ruben from the tech team. I am really psyched about the campaigns and the tech things happening at the FSF.

As a remote tech intern, I will be researching monitoring systems, alerting systems, and LibreJS. The main way of communication with the team so far is through IRC and emails. In my first week of the internship, and as an initial task, I was asked to write this blog post and start learning related technologies so as to draft my work plan.

The monitoring and alerting system project is about making fewer alerts for issues that aren't important, and more alerts for issues that are more important. The FSF runs over 100 virtual machines and a dozen servers. It will be very interesting and informative to learn about the current setup of Nagios and Munin at the FSF, and explore Prometheus. This will enable the tech team to have better insights into the software they run and the hardware it runs on.

GNU LibreJS is a browser add-on that blocks nonfree nontrivial JavaScript, while allowing JavaScript that is free or trivial. The first thing that I did was to make my personal blog LibreJS compatible. I am looking for issues that I can work on.

I am still learning how the FSF uses Nagios, but so far it is going well. The best part about interning at the FSF in my opinion is that it helps both ways, I learn and improve my skills and at the same time help the FSF achieve its goals. I'm looking forward to an amazing time and learning experience.

Interested in interning for the Free Software Foundation? The application period for spring 2019 internships is open until December 23, 2018 -- see details here.

05 December, 2018 04:40PM

December 04, 2018

Register today for LibrePlanet 2019!

The free software community spans the entire world, with supporters in nearly every corner of the globe, busily coding, tinkering, and spreading the word about the growing importance of controlling our computing. The Internet provides us with many great tools to share the latest news and advances, but ultimately, there’s nothing quite like meeting in person at the LibrePlanet conference! At LibrePlanet, you can meet other developers, activists, policy experts, students, and more, to make connections and help us strategize the future of free software.

REGISTER FOR LIBREPLANET 2019 HERE

LibrePlanet 2019 is only four months away, on March 23-24, here in the Greater Boston area. We’re already in high gear here at the Free Software Foundation (FSF): we’ve secured four amazing keynote speakers, and we’re hard at work putting together an exciting schedule. Session topics will include:

  • Free software activism;

  • Practical and creative applications of free software;

  • Case studies;

  • Legal and compliance issues;

  • Fighting surveillance and defending our privacy; and much more!

LibrePlanet 2019's theme is "Trailblazing Free Software." In 1983, the free software movement was born with the announcement of the GNU Project. FSF founder Richard Stallman saw the dangers of proprietary code from the beginning: when code was kept secret from users, they would be controlled by the technology they used, instead of vice versa. In contrast, free software emphasized a community-oriented philosophy of sharing code freely, enabling people to understand how the programs they used worked, to build off of each other's code, to pay it forward by sharing their own code, and to create useful software that treated users fairly.

LibrePlanet boasts three days of free software activities, starting with a Friday night party at the FSF office in Boston. Saturday and Sunday are packed with conference sessions, lectures, workshops, lightning talks, and a party. To attend LibrePlanet, simply register online. Registration is gratis for FSF members, and $90 for both days or $60 for one day for non-members.

See you in March!

04 December, 2018 09:07PM

Introducing Lei Zhao, intern with the FSF tech team

My name is Lei Zhao, and I often stylize it as Leei Jaw. I am one of the fall interns for the FSF tech team.

I first became aware of free software in the sense of freedom at the age of 19. I encountered free software even earlier, but it took some time to appreciate the free/libre aspect of free software.

I'm working on making changes to GitLab to improve the license selection for new projects. As written in the article, For Clarity's Sake, Please Don't Say “Licensed under GNU GPL 2”!:

"When sites such as GitHub invite developers to choose “GPL 3” or “GPL 2” among other license options, and don't raise the issue of future versions, this leads thousands of developers to leave their code's licensing unclear. Asking those users to choose between “only” and “or later” would lead them to make their code's licensing clear. It also provides an opportunity to explain how the latter choice avoids future incompatibility."

GitLab has the same problem, but it is free software, so I'm working to change that. This is the first time I've participated in such a large project, and I am very excited.

I learned my first programming language, Pascal, in high school. Then Python, Java, C/C++, Scala, JavaScript, SQL, and Lisp. The language I've used most often is Python, since it is the language I used for my past jobs. My primary editor is Emacs.

In my spare time, I like listening to music, and playing the guitar. When I have spare money, I enjoy driving recreational go-karts.

Interested in interning for the Free Software Foundation? The application period for spring 2019 internships is open until December 23, 2018 -- see details here.

04 December, 2018 08:36PM

December 03, 2018

GNU Guix

GNU Guix receives donation from the Handshake project

Just a few days after it turned six, Guix received a great birthday present: the Handshake project, which works on the design and implementation of a decentralized naming protocol compatible with the Domain Name System (DNS), made a large donation to the GNU Project via the Free Software Foundation (FSF). Of this donation, 100,000 USD go to GNU Guix.

Handshake & Guix logos.

This donation will allow the project to guarantee its independence, invest in hardware for its build farm, and develop new features to benefit all our users.

We will be able to grow the performance and reliability of our existing infrastructure. We also envision better support for new and liberating architectures, and more resilient long-term storage of binaries and source code.

It will also allow us to continue our outreach efforts and attract new interns, for example through Outreachy, to further improve and promote the project.

The project funds are held by the FSF and spending is overseen by a committee currently consisting of Ricardo Wurmus, Tobias Geerinckx-Rice, and Ludovic Courtès, all core Guix developers. The FSF is the fiscal sponsor of free software efforts, including Guix, as part of its Working Together for Free Software fund. Other recipients include GNU Octave, the GNU Tool Chain, and Replicant. Congratulations to them as well!

Above all, a big thank you to Handshake for its support of free software and GNU! The least we could do to show our appreciation was to add a package definition for the Handshake resolver daemon, which we just did.

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on i686, x86_64, ARMv7, and AArch64 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

03 December, 2018 09:00PM by Ludovic Courtès, Tobias Geerinckx-Rice, Ricardo Wurmus

FSF News

Free Software Foundation receives $1 million from Handshake

BOSTON, Massachusetts, USA -- Monday, December 3rd, 2018 -- The Free Software Foundation (FSF) announced it has received several earmarked charitable donations from Handshake, an organization developing an experimental peer-to-peer root domain naming system, totaling $1 million. These gifts will support the FSF's organizational capacity, including its advocacy, education, and licensing initiatives, as well as specific projects fiscally sponsored by the FSF.

John Sullivan, FSF's executive director, said, "Building on the $1 million Bitcoin gift from the Pineapple Fund earlier this year, and our record high number of individual associate members, it is clear that software freedom is more important than ever to the world. We are now at a pivotal moment in our history, on the cusp of making free software the 'kitchen table issue' it must be. Thanks to Handshake and our members, the Free Software Foundation looks forward to scaling to the next level of free software activism, development, and community."

Rob Myers of Handshake said, "The FSF is a worldwide leader in the fight to protect the rights of all computer users through its support for the production of free software, including the GNU operating system and its campaigns to raise awareness such as Defective by Design. Handshake is proud to be able to support the FSF in its important work to secure our freedom."

These significant contributions from Handshake will fuel the FSF's efforts with activists, developers, and lawyers around the world. They include:

  • $400,000 for the FSF's organizational capacity, publications, licensing, and activist initiatives;

  • $200,000 for Replicant, the fully free mobile operating system based on Android;

  • $100,000 for GNU Guix and GuixSD, a package manager supporting transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and more, as well as a distribution of the GNU operating system using that package manager;

  • $100,000 for GNU Octave, a high-level language, primarily intended for numerical computations;

  • $100,000 to help the GNU Project address important threats like nonfree JavaScript; and

  • $100,000 for the GNU Toolchain, which provides the foundational software components of the GNU/Linux system and the Internet.

Replicant developer Denis "GNUtoo" Carikli said, "So far, Replicant development has been driven by very few individuals contributing to it in their free time. Donations have been used to enable Replicant developers to buy new devices to port Replicant on, and to enable new Replicant developers to work on already-supported devices. They were also used to enable developers to attend conferences to promote Replicant and try to find new contributors. The kind of amount we received will enable Replicant to fund development, first to fix the most critical bugs, and then to upstream most of its code, making it more sustainable, and also enabling other projects to reuse Replicant's work to improve users' freedom."

Guix developer and project committee member Ricardo Wurmus said, "This donation allows the GNU Guix project to guarantee its independence, invest in hardware, and develop new features to benefit all our users. We'll be able to grow the performance and reliability of our existing infrastructure. We also envision better support for new and liberating architectures, and more resilient long-term storage of binaries and source code. It will also allow us to continue our outreach efforts and attract new interns to further improve and promote the project."

John W. Eaton, original author and primary maintainer of GNU Octave, said, "We are grateful for such a generous donation. It is by far the single largest monetary contribution we have ever received, and we thank Handshake for including Octave in this select group. We have only begun to imagine how these funds might impact Octave, but given the size of the gift, we intend something transformational and previously impossible."

David Edelsohn, founding GCC Steering Committee member and GNU Toolchain Fund trustee, said "We are incredibly gratified by the confidence in and support for the GNU Toolchain demonstrated by this donation. This donation will allow the project to greatly expand its outreach to students and new developers. It allows us to move forward on a number of fronts with confidence that we have the resources to match our imagination."

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to run, change, share, and contribute to computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contact

John Sullivan
Executive Director
Free Software Foundation
+1 (617) 542 5942
campaigns@fsf.org

03 December, 2018 06:10PM

December 02, 2018

Sylvain Beucler

New Android SDK/NDK Rebuilds

As described in a previous post, Google is still click-wrapping all Android developer binaries with a non-free EULA.

I recompiled SDK 9.0.0, NDK r18b and SDK Tools 26.1.1 from the free sources to get rid of it:

https://android-rebuilds.beuc.net/

with one-command, Docker-based builds:

https://gitlab.com/android-rebuilds/auto

This triggered an interesting thread about the current state of free dev tools to target the Android platform.

Hans-Christoph Steiner also called for joining efforts towards a repository hosted using the F-Droid architecture:

https://forum.f-droid.org/t/call-for-help-making-free-software-builds-of-the-android-sdk/4685

What do you think?

02 December, 2018 02:59PM

November 30, 2018

wget @ Savannah

GNU Wget 1.20 Released

Noteworthy Changes in this release:

  • Add new option `--retry-on-host-error` to treat local errors as transient and hence Wget will retry to download the file after a brief waiting period.
  • Fixed multiple potential resource leaks as found by static analysis
  • Wget will now not create an empty wget-log file when running with -q and -b switches together
  • When compiled using the GnuTLS >= 3.6.3, Wget now has support for TLSv1.3
  • Now there is support for using libpcre2 for regex pattern matching
  • When downloading over FTP recursively, one can now use the

--{accept,reject}-regex switches to fine-tune the downloaded files

  • Building Wget from the git sources now requires autoconf 2.63 or above. Building from the Tarballs works as it used to.

30 November, 2018 12:14AM by Darshit Shah

November 28, 2018

dejagnu @ Savannah

DejaGnu 1.6.2 released

DejaGnu 1.6.2 was released on 28 November 2018. A maintenance release.

28 November, 2018 06:03AM by Ben Elliston

November 27, 2018

www @ Savannah

health @ Savannah

Release of GNU Health 3.4

Dear community

We are proud to announce the release of GNU Health 3.4 series !

It's been over a year of hard work, integrating the latest in technology and Social Medicine into GNU Health.

This versions incorporates many cool features, some of them are :

  • The GNU Health Federation model
  • Thalamus message server
  • New Health Information System (on MongoDB)
  • Person Master Index
  • MongoDB support (on the HIS)
  • Updated UniprotKB database with over 30K protein natural variants
  • Contextualized information on genetics and social determinants
  • Genetic and family history and environmental factors integrated to the Page of Life and Federation
  • The GNU Health Book of Life
  • Tryton 4.6 integration on the HMIS node
  • All GNU Health packages are natively in Python 3
  • Enhanced support for Calendar and WebDAV system
  • GNU LIMS improvements in views
  • Pypi packages with our own name ("gnuhealth-<package>")
  • Native client has a command line interface
  • Over 30 new commands for the main daily tasks
  • Enhanced GNU Health camera plugin, including zoom
  • Activity Log window on the client
  • SYSINFO command to retrieve the information about client and server
  • Customize the banner on the client
  • Reports are generated now in PDF format

The GNU Health Federation

The GNU Health Federation (aka, The Federation) is here !
This is revolutionary and ground breaking. With the Federation, we will be able to integrate heterogeneous systems and build large regional and national health networks. No more data isolation. No more silos. The GNU Health Federation is a great tool for the people, health practitioners, research institutions and public health systems.

Relevant demographics and medical information will be up-to-date, no matter where the person and patient visits. It is great tool for early detection on epidemics, improving the health promotion and disease prevention campaigns.

I am also optimist about the role of the Federation in integrative anc precision medicine. It combines Nature and Nurture, and can shed light on the diagnostic and therapeutics of devastating and elusive genetic diseases, cancer and autoimmune disorders.

The GNU Health Federation components (eg, Thalamus), will have their own development process, so they can be integrated with each of the other GNU Health projects without blocking each other.

This journey is just starting, but I trust that, as a community, we'll be able to tackle today and future issues in health.

Derivative languages / translations

GNU Health takes the approach of derivative languages, which will simplify the localization effort. Basically, for languages who have many strings in common, will only have to work on those strings that differ from a main source.
Let's take the example of Spanish. The new approach will work in the following way:
- One source language "es"
- Many derivative / regional languages (es_ES, es_AR, es_PE, es_VE ... ).

Until now, each derivative language had, except the local terminology, the same strings as the source. That makes localization harder to maintain,and larger in size.
The new method allow the translators to focus on the main source language, greatly improving the quality of the translation, and without duplication.

Please make sure that you focus on the generic language first, and only add local terms in the derivative language.

Summary of Upgrade steps

  • Make a FULL BACKUP your kernel, database and attach directories !!!
  • Follow the instructions on the Wikibooks.
  • Apply the SQL script "upgrade_34.sql" found under scripts/upgrade/3.4 of the main source installation tarball.
  • Upgrade the instance

Last but not least....oo matter how hard we try to avoid them, there will be bugs, so please test the new system, upgrade process, languages, ... and please report them via health@gnu.org

Enjoy Freedom in Healthcare !

--
Dr. Luis Falcon, M.D., BSc
President, GNU Solidario
GNU Health: Freedom and Equity in Healthcare
http://health.gnu.org
GNUPG Fingerprint :ACBF C80F C891 631C 68AA 8DC8 C015 E1AE 0098 9199

27 November, 2018 03:26PM by Luis Falcon

November 22, 2018

parallel @ Savannah

GNU Parallel 20181122 ('Kilogram') released

GNU Parallel 20181122 ('Kilogram') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Quote of the month:

HOLY STUFF I LOVE GNU PARALLEL
-- Nick (but spookier) @NickInfoSec@twitter

New in this release:

  • Experimental simpler job flow control.
  • Bug fixes and man page updates.

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with: (wget -O - pi.dk/3 || curl pi.dk/3/) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your commandline will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 November, 2018 11:50PM by Ole Tange

November 21, 2018

bison @ Savannah

Bison 3.2.2 released [stable]

Bison 3.2.2 is a bug fix releases of Bison 3.2.

Bison 3.2 brought massive improvements to the deterministic C++ skeleton,
lalr1.cc. When variants are enabled and the compiler supports C++11 or
better, move-only types can now be used for semantic values. C++98 support
is not deprecated. Please see the NEWS below for more details.

Many thanks to Frank Heckenbach for paving the way for this release with his
implementation of a skeleton in C++17, and to Nelson H. F. Beebe for testing
exhaustively portability issues.

==================================================================

Bison is a general-purpose parser generator that converts an annotated
context-free grammar into a deterministic LR or generalized LR (GLR) parser
employing LALR(1) parser tables. Bison can also generate IELR(1) or
canonical LR(1) parser tables. Once you are proficient with Bison, you can
use it to develop a wide range of language parsers, from those used in
simple desk calculators to complex programming languages.

Bison is upward compatible with Yacc: all properly-written Yacc grammars
ought to work with Bison with no change. Anyone familiar with Yacc should be
able to use Bison with little trouble. You need to be fluent in C or C++
programming in order to use Bison. Java is also supported.

Here is the GNU Bison home page:
https://gnu.org/software/bison/

==================================================================

Here are the compressed sources:
https://ftp.gnu.org/gnu/bison/bison-3.2.2.tar.gz (4.1MB)
https://ftp.gnu.org/gnu/bison/bison-3.2.2.tar.xz (2.1MB)

Here are the GPG detached signatures[*]:
https://ftp.gnu.org/gnu/bison/bison-3.2.2.tar.gz.sig
https://ftp.gnu.org/gnu/bison/bison-3.2.2.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify bison-3.2.2.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys 0DDCAA3278D5264E

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
Autoconf 2.69
Automake 1.16.1
Flex 2.6.4
Gettext 0.19.8.1
Gnulib v0.1-2222-g48a6c46b0

NEWS

21 November, 2018 08:32PM by Akim Demaille

FSF Events

Richard Stallman - « Libertad del usuario, libertad del lector » (Valladolid, Spain)

Esta charla de Richard Stallman no será técnica y será abierta al público; todos están invitados a asistir.

Lugar: La Ciudad Imaginada, Escuela de Ingeniería Informática de Valladolid, Edificio de Tecnologías de la Información y las Telecomunicaciones, Campus Miguel Delibes, Paseo de Belén, número 15, 47011 Valladolid, Spain

Por favor, rellene este formulario para que podamos contactarle sobre futuros eventos en la región de Valladolid.

21 November, 2018 06:10PM

Richard Stallman - "El software libre y tu libertad" (Burjassot, Spain)

Richard Stallman hablará sobre las metas y la filosofía del movimiento del Software Libre, y el estado y la historia del sistema operativo GNU, el cual junto con el núcleo Linux, es actualmente utilizado por decenas de millones de personas en todo el mundo.

Esta charla de Richard Stallman no será técnica y será abierta al público; todos están invitados a asistir.

La puertas se abrirán a las 17:30.

Lugar: sala Charles Darwin, Aulari Interfacultatiu, Campus de Burjassot (Universitat de València), Av. Vicent Andrés Estellés, Burjassot 46100, provincia de Valencia, Spain

Por favor, rellene este formulario para que podamos contactarle sobre futuros eventos en la región de Valencia.

21 November, 2018 02:38PM

November 20, 2018

orgadoc @ Savannah

GNU OrgaDoc 1.0 Released

# Changes since v0.9 #

  • Removed orgadoc-add-docs script due to outdated use.
  • Rewritten to C89 standard from Eiffel.
  • Added -m/--merge option to orgadoc-init-readme.
  • Cleaned usages and modernised what orgadoc is used for.
  • Rewrote the configure approach.
  • Rewrote documentation.
  • Removed the TODO document.
  • Bumped version to 1.0.

C89 was chosen to ensure maximum portability for legacy as well as modern systems.

20 November, 2018 09:50AM by Adam Bilbrough

November 14, 2018

gxmessage @ Savannah

gxmessage has a new homepage

My old web host shuts down on November 30, 2018. Gxmessage has a new homepage at the following address:

https://trmusson.dreamhosters.com/programs.html#gxmessage

14 November, 2018 04:36AM by Timothy Musson

ignuit @ Savannah

iGNUit has a new homepage address

The host for iGNUit's homepage has changed. The new URL is:

https://trmusson.dreamhosters.com/programs.html#ignuit

14 November, 2018 04:29AM by Timothy Musson

November 10, 2018

bison @ Savannah

Bison 3.2.1 released [stable]

We would have been happy not to have to announce the release of Bison 3.2.1,
which fixes portability issues of Bison 3.2.

Bison 3.2 brought massive improvements to the deterministic C++ skeleton,
lalr1.cc. When variants are enabled and the compiler supports C++11 or
better, move-only types can now be used for semantic values. C++98 support
is not deprecated. Please see the NEWS below for more details.

Many thanks to Frank Heckenbach for paving the way for this release with his
implementation of a skeleton in C++17, and to Nelson H. F. Beebe for testing
exhaustively portability issues.

==================================================================

Bison is a general-purpose parser generator that converts an annotated
context-free grammar into a deterministic LR or generalized LR (GLR) parser
employing LALR(1) parser tables. Bison can also generate IELR(1) or
canonical LR(1) parser tables. Once you are proficient with Bison, you can
use it to develop a wide range of language parsers, from those used in
simple desk calculators to complex programming languages.

Bison is upward compatible with Yacc: all properly-written Yacc grammars
ought to work with Bison with no change. Anyone familiar with Yacc should be
able to use Bison with little trouble. You need to be fluent in C or C++
programming in order to use Bison. Java is also supported.

Here is the GNU Bison home page:
https://gnu.org/software/bison/

==================================================================

Here are the compressed sources:
https://ftp.gnu.org/gnu/bison/bison-3.2.1.tar.gz (4.1MB)
https://ftp.gnu.org/gnu/bison/bison-3.2.1.tar.xz (2.1MB)

Here are the GPG detached signatures[*]:
https://ftp.gnu.org/gnu/bison/bison-3.2.1.tar.gz.sig
https://ftp.gnu.org/gnu/bison/bison-3.2.1.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify bison-3.2.1.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys 0DDCAA3278D5264E

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
Autoconf 2.69
Automake 1.16.1
Flex 2.6.4
Gettext 0.19.8.1
Gnulib v0.1-2176-ga79f2a287

NEWS

10 November, 2018 06:56AM by Akim Demaille

November 09, 2018

FSF News

FSF job opportunity: web developer

This position, reporting to the executive director, works closely with our sysadmin team and chief technology officer to maintain and improve the FSF's Web presence. The FSF uses several different free software Web platforms in the course of our work, both internally and externally. These platforms are critical to work supporting the GNU Project, free software adoption, free media formats, and freedom on the Internet; and to opposing bulk surveillance, Digital Restrictions Management, software patents, and proprietary software.

We are looking for someone who is comfortable with keeping these systems up-to-date and working, as well as customizing them when necessary. While the main duties will relate to the backend systems, frontend experience with templates, HTML, CSS, JavaScript, and design tools will be a big plus. The web developer will help lead major projects, such as the relaunch of https://www.fsf.org and migration of https://audio-video.gnu.org to GNU MediaGoblin. They will also be part of the team running the annual LibrePlanet conference, and contribute to decisions about which new platforms to use or which existing ones to retire.

Examples of platforms maintained by the web developer include, but are not limited to:

  • CiviCRM
  • Drupal
  • MediaWiki
  • Plone / Zope
  • Ikiwiki
  • Request Tracker
  • Etherpad
  • CAS
  • GNU social
  • GNU MediaGoblin
  • Icecast

Because the FSF works globally and seeks to have our materials distributed in as many languages as possible, multilingual candidates will have an advantage. With our small staff of fourteen, each person makes a clear contribution. We work hard, but offer a humane and fun work environment at an office located in the heart of downtown Boston.

The FSF is a mature but growing organization that provides great potential for advancement; existing staff get the first chance at any new job openings. This position is also a good starting point for anyone who might be interested in other roles on our technical team in the future.

Benefits and salary

This job is a union position that must be worked on-site at the FSF's downtown Boston office. The salary is fixed at $53,269/year, and is non-negotiable. Benefits include:

  • fully subsidized individual or family health coverage through Blue Cross Blue Shield;
  • partially subsidized dental plan;
  • four weeks of paid vacation annually;
  • seventeen paid holidays annually;
  • weekly remote work allowance;
  • public transit commuting cost reimbursement;
  • 403(b) program with employer match;
  • yearly cost-of-living pay increases based on government guidelines;
  • health care expense reimbursement;
  • ergonomic budget;
  • relocation (to Boston area) expense reimbursement;
  • conference travel and professional development opportunities; and
  • potential for an annual performance bonus.

Application instructions

Applications must be submitted via email to hiring@fsf.org. The email must contain the subject line "web developer." A complete application should include:

  • resume;
  • cover letter; and
  • links to any previous work online.

All materials must be in a free format. Email submissions that do not follow these instructions will probably be overlooked. No phone calls or paper applications, please.

Applications will be reviewed on a rolling basis until the position is filled. To guarantee consideration, submit your application by Friday, November 30, 2018.

The FSF is an equal opportunity employer and will not discriminate against any employee or application for employment on the basis of race, color, marital status, religion, age, sex, sexual orientation, national origin, handicap, or any other legally protected status recognized by federal, state or local law. We value diversity in our workplace. Women, people of color and LGBTQ individuals are strongly encouraged to apply.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://www.fsf.org and https://www.gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. We are based in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

09 November, 2018 06:21PM

November 07, 2018

Riccardo Mottola

ArcticFox on 10.6

ArcticFox, currently in my own fork, succesfully compiles natively on MacOS 10.6 Snow Leopard and runs! 64 bit currently.
Great news for those who use older but still perfectly capable Macintoshes....

ArcticFox derives from PaleMoon 27 which in turn is FireFox derived.

I tried Facebook and even WebGL samples as this screenshot shows.



This Blog entry is written natively on my MacBook and ArcticFox.

07 November, 2018 10:52PM by Riccardo (noreply@blogger.com)

FSF Events

Richard Stallman - « El software libre y tu libertad » (Bilbao, Spain)

Richard Stallman hablará sobre las metas y la filosofía del movimiento del Software Libre, y el estado y la historia del sistema operativo GNU, el cual junto con el núcleo Linux, es actualmente utilizado por decenas de millones de personas en todo el mundo.

Esta charla de Richard Stallman formará parte de LibreCon (2018-11-21–22). Será posible registrarse en efectivo el día del evento.

Lugar: "Inspiration Space," Palacio Euskalduna, Avda. Abandoibarra, 4, 48011 Bilbao, España

Por favor, rellene este formulario para que podamos contactarle sobre futuros eventos en la región de Bilbao.

07 November, 2018 05:18PM

libredwg @ Savannah

libredwg-0.6.2 released

Important bugfixes:
* Fixed several out_dxf segfaults (#39)
* Enhanced the section size limit from 2032 to 2040.
There were several DWG files with a section size of 2035
in the wild. (PR #41, Denis Pryt)
* Fixed EED realloc on decoding when end - dat->byte == 1
(PR #41, Denis Pryt)

Here are the compressed sources:
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.2.tar.gz (9.8MB)
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.2.tar.xz (3.7MB)

Here are the GPG detached signatures[*]:
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.2.tar.gz.sig
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.2.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

Here are more binaries:
https://github.com/LibreDWG/libredwg/releases/tag/0.6.2

Here are the SHA256 checksums:

b886962feb1a03ebbed572fde7754334654fc16a91484eef13338faad5f40b74 libredwg-0.6.2.tar.gz
b17a5bc2a4f7cc13aa2c26c890cba9954ca768643884c8740c1a6b045c07591f libredwg-0.6.2.tar.xz

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify libredwg-0.6.2.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414

and rerun the 'gpg --verify' command.

07 November, 2018 10:51AM by Reini Urban

November 06, 2018

pspp @ Savannah

PSPP 1.2.0 has been released.

I'm very pleased to announce the release of a new version of GNU PSPP. PSPP is a program for statistical analysis of sampled data. It is a free replacement for the proprietary program SPSS.

Changes from 1.0.1 to 1.2.0:

  • New experimental command SAVE DATA COLLECTION to save MDD files.
  • MTIME and YMDHMS variable formats now supported.
  • Build changes:
    • zlib is now a required dependency. (Previously it was optional.)
    • Gtk+3.18.0 or later must now be used when building.
    • The code implementing the sheet rendering has been removed. Instead we use a third party library: spread-sheet-widget.
  • The "NOMISSING" keyword when generating syntax for piecharts in the

frequencies command was omitted. This has been corrected.

06 November, 2018 02:50PM by Ben Pfaff

guile-cv @ Savannah

Guile-CV version 0.2.1

Guile-CV version 0.2.1 is released! (November 2018)

For a list of changes since the previous version, visit the NEWS file. For a complete description, consult the git summary and git log

06 November, 2018 01:06AM by David Pirotte

November 05, 2018

libredwg @ Savannah

libredwg-0.6.1 released [alpha]

This is a minor bugfix release, fixing
mostly a decoding error with LWPOLYLINE points.

Here are the compressed sources:
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.1.tar.gz (9.8MB)
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.1.tar.xz (3.7MB)

Here are the GPG detached signatures[*]:
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.1.tar.gz.sig
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.1.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

Here are more binaries:
https://github.com/LibreDWG/libredwg/releases/tag/0.6.1

Here are the SHA256 checksums:

290e315f8215e18520587cdb70810b57b78ffe1f28a9d54117c30aa9d4d79403 libredwg-0.6.1.tar.gz
dc15dc0074415e2fe3f562a3dc2a826e85589074cd7d46f5edd04baf731e9f36 libredwg-0.6.1.tar.xz

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify libredwg-0.6.1.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414

and rerun the 'gpg --verify' command.

05 November, 2018 01:07PM by Reini Urban

November 04, 2018

health @ Savannah

GNU Health 3.4 RC1 ready to test !

Dear community

After over a year of hard work, we're getting close to the release of GNU Health 3.4 !

GH 3.4 comes with lots of new and exciting features, including the Federation, Thalamus, updated genetics, calendar server, native client and mongoDB integration, GH embedded (raspi) among others.

I just uploaded to pypi the Release Candidate 1 of the gnu health client (3.4rc1), thalamus (0.9.0), and the GNU Health HMIS component (3.4rc1)

In addition, you can download the HMIS component, with the plugins (Federation Resource Locator, GNU Health Camera and GNU Health Crypto) from our site:
http://health.gnu.org/downloads/development/unstable/gnuhealth-34rc1.tar.gz

This week I will also update the community server operating system, install Thalamus, the calendar server, the HMIS node, and MongoDB, so we can all test the federation features.

There is a lot to test, update localization / language strings and document. Please report any issues you may find, and enjoy testing the upcoming GNU Health ecosystem !

Best
Luis

04 November, 2018 11:30PM by Luis Falcon

October 31, 2018

Christopher Allan Webber

Announcing Goblins (the actor model foundation of Spritely)

In my last post I talked about launching the Spritely project in all its ambitiousness. As I said, I plan on releasing it as a series of "demos". What I mean by "demo" is fairly loose: things you can try and see, artifacts to indicate progress as I go. Convergence slowly towards a goal.

Over the last week I released the first version of the foundation of this work, which I'm calling Goblins. v0.1, a pre-pre-alpha release, is now out the door. Goblins is an actor model implementation for the Racket programming language. I think if you know some Racket, then the Goblins documentation should be fairly approachable, and I'd love to hear feedback. Not everything is documented, but it should give you a nice taste of what the core ideas are. (Astute readers may observe that Goblins' name shares striking resemblance to another project I have worked on; this is no coincidence and is indeed a hint as to what I think the future direction of that area of work is.)

Most live distributed systems are in some way a language-level actor model implementation, but knowing that you're an actor model implementation may change how you do things. (ActivityPub is itself an actor model protocol, though I think not all implementors realize that.) Goblins is the third generation of an actor model I've written, the previous ones being XUDD and 8sync. (Maybe if you count the big rewrite I did of 8sync to run it on top of fibers, it could be the fourth generation.)

If you read the Spritely blogpost you'll know that distributed games are part of the long con here. This isn't the first time I've written a game system on top of one of these actor model implementations; in fact if you scroll down on 8sync website you'll (currently) see a video of me presenting on Mudsync, a multi-user dungeon written in 8sync, where in the talk instead of slides I had rooms, and the audience was moving around in the world and I was changing it in response to their suggestions.

But the drive of the actor model connected to social distributed games goes back further for me. I initially got interested in an actor model the first time I tried to work on the whole multiplayer game front about a decade ago. A friend and I spent a couple hours experimenting with threads and locks and after the first demo it was obvious that was never going to work. I remembered I had been told by a former coworker that they had used a system that had an actor model + coroutines as its basis; I didn't know what either of those things were yet, but as I looked into them it became clear to me that this was the right route. But one piece since then until recently remained a mystery to me, which was how to manage the complex web of authorization between the objects.

Last year at TPAC, the World Wide Web consortium's conference, I was staying with some people who asked me what I would do if I had unlimited time to work on whatever I wanted. I sheepishly admitted to my dream of a federated social web as a distributed game, and expected to be laughed out of the room. I was surprised to find out that nearly everyone I was working with had some background in this same work and dream. This gave me some hope that I wasn't completely foolish, and the observation that even failure in persuing this ambitious dream would probably result in useful artifacts.

And last year at Rebooting Web of Trust, I hit a big breakthrough. I had the chance to meet Mark S. Miller in person, someone who's work I read but barely understood at the time, and this meeting in some ways changed the direction of my career. For one thing, it lead to us collaborating on the foundation for the ocap-ld specification, which came out of a paper we collaborated on from that event (also available in nicely formatted PDF form). But what I also discovered was that Mark Miller and company had actually built the distributed and secure social network dream in the late 1990s and called it Electric Communities (rare video of it being demonstrated, and a rare video of some of the out-there ideas). What I found out was that they had solved most of the remaining questions about authorization and security through object capabilities, and that was through a pile of object capability patterns built on top of the actor model. While Electric Communities did not survive, its foundation of the the "E" programming language lived on, pulling in many of its good ideas with it. I proceeded to read as much documentation about E and surrounding capability patterns as I could, and this has majorly influenced Goblins' design. (Don't underestimate the depth of ideas on erights.org just because it looks like an ancient Geocities page... it did come from that era after all...)

Another key insight came from discovering the Object-Capability Security in Virtual Environments paper. I won't go into details on this except to say that it's a must-read for this problem domain, with the caveat that it pulls in a lot of terminology baggage from the object capability (aka ocap) community. The ocap community is one of those groups that has so many of the right ideas but which unfortunately is also drowning in its own verbiage, despite true efforts to make the ideas more accessible. We (and I guess I'm part of this group now, so "we" is appropriate) need to do better, but it isn't easy.

Goblins is still in its very early days. Its api is unstable and it surely has bugs (this one in particular I need to deal with, and which even exposed an underlying bug in Racket, which did get fixed quickly because the Racket community is amazing). Please don't build anything production-oriented on top of it yet. That said, I'd love users to try things. Check out the docs, see if they're up your alley.

If you like this kind of work and want to see more of it, consider donating; I don't have a corporate sponsor, so progress is funded by people like you. And keep watching here; more Spritely demos/artifacts/releases on the horizon.

31 October, 2018 07:40PM by Christopher Lemmer Webber

October 29, 2018

bison @ Savannah

Bison 3.2 released [stable]

We are very happy to announce the release of Bison 3.2!

Massive improvements were brought to the deterministic C++ skeleton,
lalr1.cc. When variants are enabled and the compiler supports C++11 or
better, move-only types can now be used for semantic values. C++98 support
is not deprecated. Please see the NEWS below for more details.

Many thanks to Frank Heckenbach for paving the way for this release with his
implementation of a skeleton in C++17.

==================================================================

Bison is a general-purpose parser generator that converts an annotated
context-free grammar into a deterministic LR or generalized LR (GLR) parser
employing LALR(1) parser tables. Bison can also generate IELR(1) or
canonical LR(1) parser tables. Once you are proficient with Bison, you can
use it to develop a wide range of language parsers, from those used in
simple desk calculators to complex programming languages.

Bison is upward compatible with Yacc: all properly-written Yacc grammars
ought to work with Bison with no change. Anyone familiar with Yacc should be
able to use Bison with little trouble. You need to be fluent in C or C++
programming in order to use Bison. Java is also supported.

Here is the GNU Bison home page:
https://gnu.org/software/bison/

==================================================================

Here are the compressed sources:
https://ftp.gnu.org/gnu/bison/bison-3.2.tar.gz (4.1MB)
https://ftp.gnu.org/gnu/bison/bison-3.2.tar.xz (2.1MB)

Here are the GPG detached signatures[*]:
https://ftp.gnu.org/gnu/bison/bison-3.2.tar.gz.sig
https://ftp.gnu.org/gnu/bison/bison-3.2.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify bison-3.2.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys 0DDCAA3278D5264E

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
Autoconf 2.69
Automake 1.16.1
Flex 2.6.4
Gettext 0.19.8.1
Gnulib v0.1-2176-ga79f2a287

==================================================================

29 October, 2018 08:30PM by Akim Demaille

mit-scheme @ Savannah

MIT/GNU Scheme 10.1 released

See the release notes for the highlights.

29 October, 2018 06:16AM by Chris Hanson

October 27, 2018

mailutils @ Savannah

Version 3.5

Version 3.5 is available for download from main GNU ftp server. You can also use one of the mirrors for higher download bandwidth.

New in this release

Support for Guile version 2.2.0 and later

Support for prior versions has been withdrawn.

New scheme functions

  • mu-encoder-port port name . args

Create encoding port using Mailutils filter name with optional arguments args. The port argument must be a port opened either for writing
or for reading, but not both. The returned port will have the same mode as port.

If port is open for reading, data will be read from it, passed through the filter and returned. If it is open for writing, data written to the returned port will be passed through filter and its output will be written to port.

  • mu-decoder-port port name . args

Create decoding port using Mailutils filter name with optional arguments args. The port argument must be a port opened either for writing
or for reading, but not both. The returned port will have the same mode as port.

If port is open for reading, data will be read from it, passed through the filter and returned. If it is open for writing, data written to the returned port will be passed through filter and its output will be written to port.

  • mu-header-decode hdr [charset]

Decode the header value hdr, encoded as per RFC 2047.
Optional charset defaults to "utf-8".

  • mu-header-encode hdr [encoding [charset]]

Encode the string hdr as per RFC 2047.
Allowed values for encoding are "base64" and "quoted-printable".
Default is selected depending on number of printable characters in hdr.
Optional charset defaults to "utf-8".

Introduced support for Python 3.x

Define sieve variables from the command line

The sieve utility now allows you to supply initial values for RFC 5229 variables using the --variable command line option, e.g.

Support for Berkeley DB versions 5 and 6

headline variable in the mail utility

The new %D specifier has been implemented, which allows the user to supply arbitrary strftime(3) format string for outputting message
date/time. E.g.:

In simplified form, %D can be followed by a single time format specifier. E.g. %DH can be used instead of %D{%H}.

Bugfixes

  • Fix alignment specifiers in the headline variable (mail utility)
  • Fix eventual segmentation violation in imap4d
  • Fix endianness bug in string to IP conversion
  • Force terminating null character in the output of mh_format
  • Fix bug in base64 encoder - don't return immediately upon receiving eof
  • Fix command expansion in wordsplit

27 October, 2018 08:10AM by Sergey Poznyakoff

gdbm @ Savannah

Version 1.18.1

Version 1.18.1 is available for download (see also list of mirrors).

This is an intermediate release that restores backward compatibility with databases created by gdbm 1.8 (and some later versions, if built with mmapped I/O disabled). See Debian bug 910911 for details.

27 October, 2018 06:39AM by Sergey Poznyakoff

October 22, 2018

parallel @ Savannah

GNU Parallel 20181022 ('Khashoggi') released

GNU Parallel 20181022 ('Khashoggi') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Quote of the month:

What this country needs is a president with a strong understanding of GNU Parallel, Awk, Sed, Grep, and Diff
-- Gregg Housh @GreggHoush

New in this release:

  • env_parallel.fish: --session support (alpha quality)
  • GNU Parallel was cited in: High-throughput sequencing of murine immunoglobulin heavy chain repertoires using single side unique molecular identifiers on an Ion Torrent PGM https://doi.org/10.18632/oncotarget.25493
  • Bug fixes and man page updates.

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with: (wget -O - pi.dk/3 || curl pi.dk/3/) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your commandline will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 October, 2018 11:32PM by Ole Tange

FSF Events

Richard Stallman - « Soberania tecnológica, privacidad y democracia » (Madrid, Spain)

Esta charla de Richard Stallman formará parte de CONSULCon (2018-11-22–24). No será técnica y será abierta al público; todos están invitados a asistir.

Esta charla de Richard Stallman no será técnica y será abierta al público; todos están invitados a asistir.

Lugar: Auditirio, Medialab Prado, Calle de la Alameda, 15, 28014 Madrid

Por favor, rellene este formulario para que podamos contactarle sobre futuros eventos en la región de Madrid.

22 October, 2018 05:30PM

October 21, 2018

GNUnet News

October 18, 2018

FSF News

Keynotes announced for LibrePlanet 2019 free software conference

BOSTON, Massachusetts, USA -- Thursday, October 18, 2018 -- The Free Software Foundation (FSF) today announced all four keynote speakers who will appear at the 11th annual LibrePlanet free software conference, which will take place in the Boston area, March 23-24, 2019.

Keynote speakers for the 10th annual LibrePlanet conference will include Debian Project contributor Bdale Garbee, free software activist Micky Metts, physician Tarek Loubani, and FSF founder and president Richard Stallman.

LibrePlanet is an annual conference for free software users and anyone who cares about the intersection of technology and social justice. For ten years, LibrePlanet has brought together thousands of diverse voices and knowledge bases, including free software developers, policy experts, activists, hackers, students, and people who have just begun to learn about free software.

Bdale Garbee

Bdale Garbee has contributed to the free software community since 1979. He was an early participant in the Debian Project, helped port Debian GNU/Linux to five architectures, served as the Debian Project Leader, then chairman of the Debian Technical Committee for nearly a decade, and remains active in the Debian community. For a decade, Bdale served as president of Software in the Public Interest. He also served on the board of directors of the Linux Foundation, representing individual affiliates and the developer community. Bdale currently serves on the boards of the Freedombox Foundation, the Linux Professional Institute, and Aleph Objects. He is also a member of the Evaluations Committee at the Software Freedom Conservancy. In 2008, Bdale became the first individual recipient of a Lutece d'Or award from the Federation Nationale de l'Industrie du Logiciel Libre in France.

Micky Metts

Micky Metts is an owner of Agaric, a worker-owned technology cooperative. She is an activist hacker, industry organizer, public speaker, connector, advisor, and visionary. Micky is a member of the MayFirst People Link Leadership Committee, and is a liaison between the Solidarity Economy Network (SEN) and the United States Federation of Worker Cooperatives (USFWC), with an intention to bring communities together. Micky is also a founding member of a cohort that is building a new Boston public high school based in cooperative learning: BoCoLab. She is a member of FSF.org and Drupal.org, a community based in free software. She is a published author contributing to the book Ours to Hack and to Own, one of the top technology books of 2017 in Wired magazine.

Tarek Loubani

Dr. Tarek Loubani is an emergency physician who works at the London Health Sciences Centre in Canada and at Al Shifa Hospital in the Gaza Strip. He is a fellow of the Shuttleworth Foundation, where he focuses on free software medical devices. His organization, the Glia Project, develops free/libre medical device designs for 3D printing, in an effort to help medical systems such as Gaza's gain self-sufficiency and local independence.

"This year's keynote speakers reflect the breadth of the free software community and its impact," said FSF executive director John Sullivan. "If you attend LibrePlanet or watch our free software-based livestream, you will have the opportunity to hear from dedicated contributors, activists, and people who saw an important need in our world and met it using free software."

Richard Stallman

As he does each year, FSF president Richard Stallman will present the Free Software Awards and discuss opportunities for, and threats to, the free software movement. In 1983, Stallman launched the free software movement, and he began developing the GNU operating system (see https://www.gnu.org) the following year. GNU is free software: anyone may copy it and redistribute it, with or without modifications. GNU/Linux (the GNU operating system used in combination with the kernel Linux) is used on tens of millions of computers today. Stallman has received the ACM Grace Hopper Award, a MacArthur Foundation fellowship, the Electronic Frontier Foundation's Pioneer Award, and the Takeda Award for Social/Economic Betterment, as well as several doctorates honoris causa, and has been inducted into the Internet Hall of Fame.

The call for proposals is open until October 26, 2018. General registration and exhibitor and sponsor registration are also open.

About LibrePlanet

LibrePlanet is the annual conference of the Free Software Foundation. Over the last decade, LibrePlanet has blossomed from a small gathering of FSF members into a vibrant multi-day event that attracts a broad audience of people who are interested in the values of software freedom. To sign up for announcements about LibrePlanet 2019, visit https://www.libreplanet.org/2019.

Each year at LibrePlanet, the FSF presents its annual Free Software Awards. Nominations for the awards are open through Sunday, November 4th, 2018 at 23:59 UTC.

For information on how your company can sponsor LibrePlanet or have a table in our exhibit hall, email campaigns@fsf.org.

LibrePlanet 2018 was held at MIT from March 24-25, 2018. Nearly 350 attendees came together from across the world for workshops and talks centered around the theme of "Freedom Embedded." You can watch videos from last year's conference, including the opening keynote, an exploration of the potential for the free software community to last forever by maintaining its ideals while also welcoming newcomers, by Deb Nicholson, who is now director of community operations for the Software Freedom Conservancy.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://www.fsf.org and https://www.gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contacts

Molly de Blanc
Campaigns Manager
Free Software Foundation
+1 (617) 542-5942
campaigns@fsf.org

Photo of Richard Stallman by by Adte.ca. This image is licensed under a CC BY-SA 4.0 license. Photo of Tarek Loubani by Tarek Loubani. This image is licensed under a CC BY-SA 4.0 license. Photo of Bdale Garbee by Karen Garbee. This image is licensed under a CC BY-SA 4.0 license. Photo of Micky Metts by Micky Metts. This image is licensed under a CC BY 4.0 license.

18 October, 2018 07:05PM

FSF Events

Richard Stallman - « ¿El software que usas deniega tu libertad? » (Madrid, Spain)

Richard Stallman hablará sobre las metas y la filosofía del movimiento del Software Libre, y el estado y la historia del sistema operativo GNU, el cual junto con el núcleo Linux, es actualmente utilizado por decenas de millones de personas en todo el mundo.

Esta charla de Richard Stallman formará parte del III Foro de la Cultura (2018-11-09–11). No será técnica y será abierta al público; todos están invitados a asistir. Será posible asistir a la charla de Stallman sin registrarse hasta completar el aforo del recinto.

Lugar: Espacio Fundación Telefónica, C/ Fuencarral, 3, Madrid, España

Por favor, rellene este formulario para que podamos contactarle sobre futuros eventos en la región de Madrid

18 October, 2018 03:55PM

October 14, 2018

Christopher Allan Webber

Spritely: towards secure social spaces as virtual worlds

If you follow me on the fediverse, maybe you already know. I've sent an announcement to my work that I am switching to doing a project named Spritely on my own full time. (Actually I'm still going to be doing some contracting with my old job, so I'll still have some income, but I'll be putting a full 40 hours a week into Spritely.)

tl;dr: I'm working on building the next generation of the fediverse as a distributed game. You can support this work if you so wish.

What on earth is Spritely?

"Well, vaporware currently", has been my joke since announcing it, but the plans, and even some core components, are starting to congeal, and I have decided it's time to throw myself fully into it.

But I still haven't answered the question, so I'll try to do so in bullet points. Spritely:

  • Aims to bring stronger user security, better anti-abuse tooling, stronger resistance against censorship, and more interesting interactions to users of the fediverse.
  • Is based on the massively popular ActivityPub standard (which I co-authored, so I do know a thing or two about this).
  • Aims to transform distributed social networks into distributed social games / virtual worlds. The dreams of the 90s are alive in Spritely.
  • Recognizes that ActivityPub is based on the actor model, and a pure version of the actor model is itself already a secure object capability system, so we don't have to break the spec to gain those powers... just change the discipline of how we use it.
  • Will be written in Racket.
  • Is an umbrella project for a number of modular tools necessary to get to this goal. The first, an object capability actor model system for Racket named Goblins, should see its first public release in the next week or two.
  • And of course it will be 100% free/libre/open source software.

That's a lot to unpack, and it also may sound overly ambitious. The game part in particular may sound strange, but I'll defend it on three fronts. First, not too many people run federated social web servers, but a lot of people run Minecraft servers... lots of teenagers run Minecraft servers... and it's not because Minecraft has the best graphics or the best fighting (it certainly doesn't), it's because Minecraft allows you to build a world together with your friends. Second, players of old MUDs, MOOs, MUSHes and etc from the 90s may recognize that modern social networks are structurally degenerate forms of the kinds of environments that existed then, but contemporary social networks lack the concept of a sense of place and interaction. Third, many interesting projects (Python's Twisted library, Flickr, much of object capability security patterns) have come out of trying to build such massively multiplayer world systems. Because of this last one in particular, I think that shooting for the stars means that if we don't make it we're likely to at least make the moon, so failure is okay if it means other things come out of it. (Also, four: it's a fun and motivating use case for me which I have explored before.)

To keep Spritely from being total vaporware, the way I will approach the project is by regularly releasing a series of "demos", some of which may be disjoint, but will hopefully increasingly converge on the vision. Consider Spritely a skunkworks-in-the-public-interest for the federated social web.

But why?

Standardizing ActivityPub was a much more difficult effort than anticipated, but equally or more so more successful than I expected (partly due to Mastodon's adoption launching it past the sound barrier). In that sense this is great news. We now have dozens of projects adopting it, and the network has (at last I looked) over 1.5 million registered users (which isn't the same as active users).

So, mission accomplished, right? Well, there are a few things that bother me.

  • The kind of rich interactions one can do are limited by a lack of authorization policy. Again, I believe object capabilities provide this, but it's not well explained to the public how to use it. (By contrast, Access Control Lists and friends are absolutely the wrong approach.)
  • Users are currently insufficiently protected from spam, abuse, and harassment while at the same time administrators are overwhelmed. This is leading a number of servers to move to a whitelisting of servers, which both re-centralizes the system and prioritizes big instances over smaller instances (it shouldn't matter what instance size you're on; arguably we should be encouraging smaller ones even). There are some paths forward, and I will hint at just one: what would happen if instead of one inbox, we had multiple inboxes? If I don't know you, you can access me via my public inbox, but maybe that's heavily moderated or you have to pay "postage". If I do know you, you might have an address with more direct access to me.
  • Relatedly, contemporary fediverse interfaces borrow from surveillance-capitalism based popular social networks by focusing on breadth of relationships rather than depth. Ever notice how the first thing Twitter shows you when you hover over a person's face is how many followers they have? I don't know about you, but I immediately compare that to my own follower count, and I don't even want to. This encourages high school popularity contest type bullshit, and it's by design. What if instead of focusing on how many people we can connect to we instead focused on the depth of our relationships? Much of the fediverse has imported "what works" directly from Facebook and Twitter, but I'd argue there's a lot we can do if we drop the assumption that this is the ideal starting base.
  • The contemporary view in the fediverse is that social scoping is like Python scoping: locals (instance) and globals (federation). Instance administrators are even encouraged to set up to run communities based on a specific niche, which is a nice reason to motivate administrators but it causes problems: even small differences between servers' expected policies often result in servers banning each other entirely. (Sometimes this is warranted, and I'm not opposed to moderation but rather looking for more effective forms of it.) Yet most of us are one person but part of many different communities with different needs. For instance, Alice may be a computer programmer, a tabletop game enthusiast, a fanfiction author, and a member of her family. In each of those settings she may present herself differently and also have different expectations of what is acceptable behavior. Alice should not need multiple accounts for this on different servers, so it would seem the right answer for community gathering is closer to something like mailing lists. What is acceptable at the gaming table may not be acceptable at work, and what happens on the fanfiction community perhaps does not need to be shared with one's family, and each community should be empowered to moderate appropriately.
  • I'd like to bridge the gap between peer to peer and federated systems. One hint as to how to do this: what happens when you run ActivityPub servers over Tor onion services or I2P? What if instead of our messages living at http addresses that could down, they could be securely addressed by their encrypted contents?
  • Finally, I will admit the most urgent reason for these concerns... I'm very concerned politically about the state of the world and what I see as increasing authoritarianism and flagrant violations of human rights. I have a lot of worry that if we don't normalize use of decentralized and secure private systems, we will lose the ability to host them, though we've never needed them more urgently.

There are a lot of opportunities, and a lot of things I am excited about, but I am also afraid of inaction and how many regrets I will have if I don't try. I have the knowledge, the privilege, and the experience to at least attempt to make a dent in some of these things. I might not succeed. But I should try.

Who's going to pay for all this?

I don't really have a funding plan, so I guess this is kind of a non-answer. However, I do have a Patreon account you could donate to.

But should you donate? Well, I dunno, I feel like that's your call. Certainly many people are in worse positions than I am; I have a buffer and I still am doing some contracting to keep myself going for a while. Maybe you know people who need the money more than I do, or maybe you need it yourself. If this is the case, don't hesitate: take care of yourself and your loved ones first.

That said, FOSS in general has the property of being a public good but tends to have a free rider problem. While we did some fundraising for some of this stuff a few years ago, I gave the majority of the money to other people. Since then I've been mostly funding work on the federated social web myself in one way or another, usually by contracting on unrelated or quasi-related things to keep myself above the burn rate. I have the privilege and ability to do it, and I believe it's critical work. But I'd love to be able to work on this with focus, and maybe get things to the point to pull in and pay other people to help again. Perhaps if we reach that point I'll look at putting this work under a nonprofit. I do know I'm unwilling to break my FOSS principles to make it happen.

Anyway... you may even still be skeptical after reading all this about whether or not I can do it. I don't blame you... even I'm skeptical. But I'll try to convince you the way I'm going to convince myself: by pushing out demos until we reach something real.

Onwards and upwards!

14 October, 2018 08:20PM by Christopher Lemmer Webber

October 11, 2018

Andy Wingo

heap object representation in spidermonkey

I was having a look through SpiderMonkey's source code today and found something interesting about how it represents heap objects and wanted to share.

I was first looking to see how to implement arbitrary-length integers ("bigints") by storing the digits inline in the allocated object. (I'll use the term "object" here, but from JS's perspective, bigints are rather values; they don't have identity. But I digress.) So you have a header indicating how many words it takes to store the digits, and the digits follow. This is how JavaScriptCore and V8 implementations of bigints work.

Incidentally, JSC's implementation was taken from V8. V8's was taken from Dart. Dart's was taken from Go. We might take SpiderMonkey's from Scheme48. Good times, right??

When seeing if SpiderMonkey could use this same strategy, I couldn't find how to make a variable-sized GC-managed allocation. It turns out that in SpiderMonkey you can't do that! SM's memory management system wants to work in terms of fixed-sized "cells". Even for objects that store properties inline in named slots, that's implemented in terms of standard cell sizes. So if an object has 6 slots, it might be implemented as instances of cells that hold 8 slots.

Truly variable-sized allocations seem to be managed off-heap, via malloc or other allocators. I am not quite sure how this works for GC-traced allocations like arrays, but let's assume that somehow it does.

Anyway, the point of this blog post. I was looking to see which part of SpiderMonkey reserves space for type information. For example, almost all objects in V8 start with a "map" word. This is the object's "hidden class". To know what kind of object you've got, you look at the map word. That word points to information corresponding to a class of objects; it's not available to store information that might vary between objects of that same class.

Interestingly, SpiderMonkey doesn't have a map word! Or at least, it doesn't have them on all allocations. Concretely, BigInt values don't need to reserve space for a map word. I can start storing data right from the beginning of the object.

But how can this work, you ask? How does the engine know what the type of some arbitrary object is?

The answer has a few interesting wrinkles. Firstly I should say that for objects that need hidden classes -- e.g. generic JavaScript objects -- there is indeed a map word. SpiderMonkey calls it a "Shape" instead of a "map" or a "hidden class" or a "structure" (as in JSC), but it's there, for that subset of objects.

But not all heap objects need to have these words. Strings, for example, are values rather than objects, and in SpiderMonkey they just have a small type code rather than a map word. But you know it's a string rather than something else in two ways: one, for "newborn" objects (those in the nursery), the GC reserves a bit to indicate whether the object is a string or not. (Really: it's specific to strings.)

For objects promoted out to the heap ("tenured" objects), objects of similar kinds are allocated in the same memory region (in kind-specific "arenas"). There are about a dozen trace kinds, corresponding to arena kinds. To get the kind of object, you find its arena by rounding the object's address down to the arena size, then look at the arena to see what kind of objects it has.

There's another cell bit reserved to indicate that an object has been moved, and that the rest of the bits have been overwritten with a forwarding pointer. These two reserved bits mostly don't conflict with any use a derived class might want to make from the first word of an object; if the derived class uses the first word for integer data, it's easy to just reserve the bits. If the first word is a pointer, then it's probably always aligned to a 4- or 8-byte boundary, so the low bits are zero anyway.

The upshot is that while we won't be able to allocate digits inline to BigInt objects in SpiderMonkey in the general case, we won't have a per-object map word overhead; and we can optimize the common case of digits requiring only a word or two of storage to have the digit pointer point to inline storage. GC is about compromise, and it seems this can be a good one.

Well, that's all I wanted to say. Looking forward to getting BigInt turned on upstream in Firefox!

11 October, 2018 02:33PM by Andy Wingo

FSF News

FSF statement on Microsoft joining the Open Invention Network

Microsoft's announcements on October 4th and 10th, that it has joined both LOT and the Open Invention Network (OIN), are significant steps in the right direction, potentially providing respite from Microsoft's well-known extortion of billions of dollars from free software redistributors.

These steps, though, do not by themselves fully address the problem of computational idea patents, or even Microsoft's specific infringement claims. They do not mean that Microsoft has dismantled or freely licensed its entire patent portfolio. The agreements for both LOT and OIN have substantial limitations and exclusions. LOT only deals with the problem of patent trolling by non-practicing entities. OIN's nonaggression agreement only covers a defined list of free software packages, and any OIN member, including Microsoft, can withdraw completely with thirty days notice.

With these limitations in mind, FSF welcomes the announcements, and calls on Microsoft to take additional steps to continue the momentum toward a complete resolution:

1) Make a clear, unambiguous statement that it has ceased all patent infringement claims on the use of Linux in Android.

2) Work within OIN to expand the definition of what it calls the "Linux System" so that the list of packages protected from patents actually includes everything found in a GNU/Linux system. This means, for example, removing the current arbitrary and very intentional exclusions for packages in the area of multimedia -- one of the primary patent minefields for free software. We suggest that this definition include every package in Debian's default public package repository.

3) Use the past patent royalties extorted from free software to fund the effective abolition of all patents covering ideas in software. This can be done by supporting grassroots efforts like the FSF's End Software Patents campaign, or by Microsoft directly urging the US Congress to pass legislation excluding software from the effects of patents, or both. Without this, the threats can come back with a future leadership change at Microsoft, or with changes in OIN's own corporate structure and licensing arrangements. This is also the best way for Microsoft to show that it does not intend to use patents as a weapon against any free software, beyond just that free software which is part of OIN's specific list.

The FSF appreciates what Microsoft joining OIN seems to signal about its changing attitude toward computational idea patents. Taking these three additional steps would remove all doubt and any potential for backsliding. We look forward to future collaboration on fully addressing the threat of patents to free software development and computer user freedom.

The FSF will also continue to monitor the situation, for any signs that Microsoft intends to still continue patent aggression, in ways permitted by the terms of LOT and OIN. We encourage anyone who is a target of such patent aggression by Microsoft to contact us at campaigns@fsf.org.

Media Contact

John Sullivan
Executive Director
+1 (617) 542-5942
campaigns@fsf.org

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

11 October, 2018 01:13AM

October 10, 2018

GNU Guix

A packaging tutorial for Guix

Introduction

GNU Guix stands out as the hackable package manager, mostly because it uses GNU Guile, a powerful high-level programming language, one of the Scheme dialects from the Lisp family.

Package definitions are also written in Scheme, which empowers Guix in some very unique ways, unlike most other package managers that use shell scripts or simple languages.

  • Use functions, structures, macros and all of Scheme expressiveness for your package definitions.

  • Inheritance makes it easy to customize a package by inheriting from it and modifying only what is needed.

  • Batch processing: the whole package collection can be parsed, filtered and processed. Building a headless server with all graphical interfaces stripped out? It's possible. Want to rebuild everything from source using specific compiler optimization flags? Pass the #:make-flags "..." argument to the list of packages. It wouldn't be a stretch to think Gentoo USE flags here, but this goes even further: the changes don't have to be thought out beforehand by the packager, they can be programmed by the user!

The following tutorial covers all the basics around package creation with Guix. It does not assume much knowledge of the Guix system nor of the Lisp language. The reader is only expected to be familiar with the command line and to have some basic programming knowledge.

A "Hello World" package

The “Defining Packages” section of the manual introduces the basics of Guix packaging. In the following section, we will partly go over those basics again.

GNU hello is a dummy project that serves as an idiomatic example for packaging. It uses the GNU build system (./configure && make && make install). Guix already provides a package definition which is a perfect example to start with. You can look up its declaration with guix edit hello from the command line. Let's see how it looks:

(define-public hello
  (package
    (name "hello")
    (version "2.10")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnu/hello/hello-" version
                                  ".tar.gz"))
              (sha256
               (base32
                "0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i"))))
    (build-system gnu-build-system)
    (synopsis "Hello, GNU world: An example GNU package")
    (description
     "GNU Hello prints the message \"Hello, world!\" and then exits.  It
serves as an example of standard GNU coding practices.  As such, it supports
command-line arguments, multiple languages, and so on.")
    (home-page "https://www.gnu.org/software/hello/")
    (license gpl3+)))

As you can see, most of it is rather straightforward. But let's review the fields together:

  • name: The project name. Using Scheme conventions, we prefer to keep it lower case, without underscore and using dash-separated words.
  • source: This field contains a description of the source code origin. The origin record contains these fields:

    1. The method, here url-fetch to download via HTTP/FTP, but other methods exist, such as git-fetch for Git repositories.
    2. The URI, which is typically some https:// location for url-fetch. Here the special mirror://gnu refers to a set of well known locations, all of which can be used by Guix to fetch the source, should some of them fail.
    3. The sha256 checksum of the requested file. This is essential to ensure the source is not corrupted. Note that Guix works with base32 strings, hence the call to the base32 function.
  • build-system: This is where the power of abstraction provided by the Scheme language really shines: in this case, the gnu-build-system abstracts away the famous ./configure && make && make install shell invocations. Other build systems include the trivial-build-system which does not do anything and requires from the packager to program all the build steps, the python-build-system, the emacs-build-system, and many more.
  • synopsis: It should be a concise summary of what the package does. For many packages a tagline from the project's home page can be used as the synopsis.
  • description: Same as for the synopsis, it's fine to re-use the project description from the homepage. Note that Guix uses Texinfo syntax.
  • home-page: Use HTTPS if available.
  • license: See guix/licenses.scm in the project source for a full list.

Time to build our first package! Nothing fancy here for now: we will stick to a dummy "my-hello", a copy of the above declaration.

As with the ritualistic "Hello World" taught with most programming languages, this will possibly be the most "manual" approach. We will work out an ideal setup later; for now we will go the simplest route.

Save the following to a file my-hello.scm.

(use-modules (guix packages)
             (guix download)
             (guix build-system gnu)
             (guix licenses))

(package
  (name "my-hello")
  (version "2.10")
  (source (origin
            (method url-fetch)
            (uri (string-append "mirror://gnu/hello/hello-" version
                                ".tar.gz"))
            (sha256
             (base32
              "0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i"))))
  (build-system gnu-build-system)
  (synopsis "Hello, Guix world: An example custom Guix package")
  (description
   "GNU Hello prints the message \"Hello, world!\" and then exits.  It
serves as an example of standard GNU coding practices.  As such, it supports
command-line arguments, multiple languages, and so on.")
  (home-page "https://www.gnu.org/software/hello/")
  (license gpl3+))

We will explain the extra code in a moment.

Feel free to play with the different values of the various fields. If you change the source, you'll need to update the checksum. Indeed, Guix refuses to build anything if the given checksum does not match the computed checksum of the source code. To obtain the correct checksum of the package declaration, we need to download the source, compute the sha256 checksum and convert it to base32.

Thankfully, Guix can automate this task for us; all we need is to provide the URI:

$ guix download mirror://gnu/hello/hello-2.10.tar.gz

Starting download of /tmp/guix-file.JLYgL7
From https://ftpmirror.gnu.org/gnu/hello/hello-2.10.tar.gz...
following redirection to `https://mirror.ibcp.fr/pub/gnu/hello/hello-2.10.tar.gz'...
 …10.tar.gz  709KiB                                 2.5MiB/s 00:00 [##################] 100.0%
/gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz
0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i

In this specific case the output tells us which mirror was chosen. If the result of the above command is not the same as in the above snippet, update your my-hello declaration accordingly.

Note that GNU package tarballs come with an OpenPGP signature, so you should definitely check the signature of this tarball with gpg to authenticate it before going further:

$ guix download mirror://gnu/hello/hello-2.10.tar.gz.sig

Starting download of /tmp/guix-file.03tFfb
From https://ftpmirror.gnu.org/gnu/hello/hello-2.10.tar.gz.sig...
following redirection to `https://ftp.igh.cnrs.fr/pub/gnu/hello/hello-2.10.tar.gz.sig'...
 ….tar.gz.sig  819B                                                                                                                       1.2MiB/s 00:00 [##################] 100.0%
/gnu/store/rzs8wba9ka7grrmgcpfyxvs58mly0sx6-hello-2.10.tar.gz.sig
0q0v86n3y38z17rl146gdakw9xc4mcscpk8dscs412j22glrv9jf
$ gpg --verify /gnu/store/rzs8wba9ka7grrmgcpfyxvs58mly0sx6-hello-2.10.tar.gz.sig /gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz
gpg: Signature made Sun 16 Nov 2014 01:08:37 PM CET
gpg:                using RSA key A9553245FDE9B739
gpg: Good signature from "Sami Kerola <kerolasa@iki.fi>" [unknown]
gpg:                 aka "Sami Kerola (http://www.iki.fi/kerolasa/) <kerolasa@iki.fi>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 8ED3 96E3 7E38 D471 A005  30D3 A955 3245 FDE9 B739

You can then happily run

$ guix package --install-from-file=my-hello.scm

You should now have my-hello in your profile!

$ guix package --list-installed=my-hello
my-hello    2.10    out
/gnu/store/f1db2mfm8syb8qvc357c53slbvf1g9m9-my-hello-2.10

We've gone as far as we could without any knowledge of Scheme. Now is the right time to introduce the minimum we need from the language before we can proceed.

A Scheme crash-course

As we've seen above, basic packages don't require much Scheme knowledge, if at all. But as you progress and your desire to write more and more complex packages grows, it will become both necessary and empowering to hone your Lisper skills.

Since an extensive Lisp course is very much out of the scope of this tutorial, we will only cover some basics here.

Guix uses the Guile implementation of Scheme. To start playing with the language, install it with guix package --install guile and start a REPL by running guile from the command line.

Alternatively you can also run guix environment --ad-hoc guile -- guile if you'd rather not have Guile installed in your user profile.

In the following examples we use the > symbol to denote the REPL prompt, that is, the line reserved for user input. See the Guile manual for more details on the REPL.

  • Scheme syntax boils down to a tree of expressions (or s-expression in Lisp lingo). An expression can be a literal such as numbers and strings, or a compound which is a parenthesized list of compounds and literals. #t and #f stand for the booleans "true" and "false", respectively.

    Examples of valid expressions:

    > "Hello World!"
    "Hello World!"
    > 17
    17
    > (display (string-append "Hello " "Guix" "\n"))
    "Hello Guix!"
  • This last example is a function call embedded in another function call. When a parenthesized expression is evaluated, the first term is the function and the rest are the arguments passed to the function. Every function returns the last evaluated expression as value.

  • Anonymous functions are declared with the lambda term:

    > (lambda (x) (* x x))
    #<procedure 120e348 at <unknown port>:24:0 (x)>

    The above lambda returns the square of its argument. Since everything is an expression, the lambda expression returns an anonymous function, which can in turn be applied to an argument:

    > ((lambda (x) (* x x)) 3)
    9
  • Anything can be assigned a global name with define:

    > (define a 3)
    > (define square (lambda (x) (* x x)))
    > (square a)
    9
  • Procedures can be defined more concisely with the following syntax:

    (define (square x) (* x x))
  • A list structure can be created with the list procedure:

    > (list 2 a 5 7)
    (2 3 5 7)
  • The quote disables evaluation of a parenthesized expression: the first term is not called over the other terms. Thus it effectively returns a list of terms.

    > '(display (string-append "Hello " "Guix" "\n"))
    (display (string-append "Hello " "Guix" "\n"))
    > '(2 a 5 7)
    (2 a 5 7)
  • The quasiquote disables evaluation of a parenthesized expression until a comma re-enables it. Thus it provides us with fine-grained control over what is evaluated and what is not.

    > `(2 a 5 7 (2 ,a 5 ,(+ a 4)))
    (2 a 5 7 (2 3 5 7))

    Note that the above result is a list of mixed elements: numbers, symbols (here a) and the last element is a list itself.

  • Multiple variables can be named locally with let:

    > (define x 10)
    > (let ((x 2)
            (y 3))
        (list x y))
    (2 3)
    > x
    10
    > y
    ERROR: In procedure module-lookup: Unbound variable: y

    Use let* to allow later variable declarations to refer to earlier definitions.

    > (let* ((x 2)
             (y (* x 3)))
        (list x y))
    (2 6)
  • The keyword syntax is #:, it is used to create unique identifiers. See also the Keywords section in the Guile manual.

  • The percentage % is typically used for read-only global variables in the build stage. Note that it is merely a convention, like _ in C. Scheme Lisp treats % exactly the same as any other letter.

  • Modules are created with define-module. For instance

    (define-module (guix build-system ruby)
      #:use-module (guix store)
      #:export (ruby-build
                ruby-build-system))

    defines the module ruby which must be located in guix/build-system/ruby.scm somewhere in GUILE_LOAD_PATH. It depends on the (guix store) module and it exports two symbols, ruby-build and ruby-build-system.

For a more detailed introduction, check out Scheme at a Glance, by Steve Litt.

One of the reference Scheme books is the seminal Structure and Interpretation of Computer Programs, by Harold Abelson and Gerald Jay Sussman, with Julie Sussman. You'll find a free copy online, together with videos of the lectures by the authors. The book is available in Texinfo format as the sicp Guix package. Go ahead, run guix package --install sicp and start reading with info sicp (or with the Emacs Info reader). An unofficial ebook is also available.

You'll find more books, tutorials and other resources at https://schemers.org/.

Setup

Now that we know some Scheme basics we can detail the different possible setups for working on Guix packages.

There are several ways to set up a Guix packaging environment.

We recommend you work directly on the Guix source checkout since it makes it easier for everyone to contribute to the project.

But first, let's look at other possibilities.

Local file

This is what we previously did with my-hello. With the Scheme basics we've covered, we are now able to explain the leading chunks. As stated in guix package --help:

-f, --install-from-file=FILE
                       install the package that the code within FILE
                       evaluates to

Thus the last expression must return a package, which is the case in our earlier example.

The use-modules expression tells which of the modules we need in the file. Modules are a collection of values and procedures. They are commonly called "libraries" or "packages" in other programming languages.

GUIX_PACKAGE_PATH

Note: Starting from Guix 0.16, the more flexible Guix "channels" are the preferred way and supersede GUIX_PACKAGE_PATH. See below.

It can be tedious to specify the file from the command line instead of simply calling guix package --install my-hello as you would do with the official packages.

Guix makes it possible to streamline the process by adding as many "package declaration paths" as you want.

Create a directory, say ~./guix-packages and add it to the GUIX_PACKAGE_PATH environment variable:

$ mkdir ~/guix-packages
$ export GUIX_PACKAGE_PATH=~/guix-packages

To add several directories, separate them with a colon (:).

Our previous my-hello needs some adjustments though:

(define-module (my-hello)
  #:use-module (guix licenses)
  #:use-module (guix packages)
  #:use-module (guix build-system gnu)
  #:use-module (guix download))

(define-public my-hello
  (package
    (name "my-hello")
    (version "2.10")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnu/hello/hello-" version
                                  ".tar.gz"))
              (sha256
               (base32
                "0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i"))))
    (build-system gnu-build-system)
    (synopsis "Hello, Guix world: An example custom Guix package")
    (description
     "GNU Hello prints the message \"Hello, world!\" and then exits.  It
serves as an example of standard GNU coding practices.  As such, it supports
command-line arguments, multiple languages, and so on.")
    (home-page "https://www.gnu.org/software/hello/")
    (license gpl3+)))

Note that we have assigned the package value to an exported variable name with define-public. This is effectively assigning the package to the my-hello variable so that it can be referenced, among other as dependency of other packages.

If you use guix package --install-from-file=my-hello.scm on the above file, it will fail because the last expression, define-public, does not return a package. If you want to use define-public in this use-case nonetheless, make sure the file ends with an evaluation of my-hello:

; ...
(define-public my-hello
  ; ...
  )

my-hello

This last example is not very typical.

Now my-hello should be part of the package collection like all other official packages. You can verify this with:

$ guix package --show=my-hello

Guix channels

Guix 0.16 features channels, which is very similar to GUIX_PACKAGE_PATH but provides better integration and provenance tracking. Channels are not necessarily local, they can be maintained as a public Git repository for instance. Of course, several channels can be used at the same time.

See the “Channels” section in the manual for setup details.

Direct checkout hacking

Working directly on the Guix project is recommended: it reduces the friction when the time comes to submit your changes upstream to let the community benefit from your hard work!

Unlike most software distributions, the Guix repository holds in one place both the tooling (including the package manager) and the package definitions. This choice was made so that it would give developers the flexibility to modify the API without breakage by updating all packages at the same time. This reduces development inertia.

Check out the official Git repository:

$ git clone https://git.savannah.gnu.org/git/guix.git

In the rest of this article, we use $GUIX_CHECKOUT to refer to the location of the checkout.

Follow the instruction from the "Contributing" chapter in the manual to set up the repository environment.

Once ready, you should be able to use the package definitions from the repository environment.

Feel free to edit package definitions found in $GUIX_CHECKOUT/gnu/packages.

The $GUIX_CHECKOUT/pre-inst-env script lets you use guix over the package collection of the repository.

  • Search packages, such as Ruby:

    $ cd $GUIX_CHECKOUT
    $ ./pre-inst-env guix package --list-available=ruby
        ruby    1.8.7-p374      out     gnu/packages/ruby.scm:119:2
        ruby    2.1.6   out     gnu/packages/ruby.scm:91:2
        ruby    2.2.2   out     gnu/packages/ruby.scm:39:2
  • Build a package, here Ruby version 2.1:

    $ ./pre-inst-env guix build --keep-failed ruby@2.1
    /gnu/store/c13v73jxmj2nir2xjqaz5259zywsa9zi-ruby-2.1.6
  • Install it to your user profile:

    $ ./pre-inst-env guix package --install ruby@2.1
  • Check for common mistakes:

    $ ./pre-inst-env guix lint ruby@2.1

Guix strives at maintaining a high packaging standard; when contributing to the Guix project, remember to

Once you are happy with the result, you are welcome to send your contribution to make it part of Guix. This process is also detailed in the manual.

It's a community effort so the more join in, the better Guix becomes!

Extended example

The above "Hello World" example is as simple as it goes. Packages can be more complex than that and Guix can handle more advanced scenarios. Let's look at another, more sophisticated package (slightly modified from the source):

(define-module (gnu packages version-control)
  #:use-module ((guix licenses) #:prefix license:)
  #:use-module (guix utils)
  #:use-module (guix packages)
  #:use-module (guix git-download)
  #:use-module (guix build-system cmake)
  #:use-module (gnu packages ssh)
  #:use-module (gnu packages web)
  #:use-module (gnu packages pkg-config)
  #:use-module (gnu packages python)
  #:use-module (gnu packages compression)
  #:use-module (gnu packages tls))

(define-public my-libgit2
  (let ((commit "e98d0a37c93574d2c6107bf7f31140b548c6a7bf")
        (revision "1"))
    (package
      (name "my-libgit2")
      (version (git-version "0.26.6" revision commit))
      (source (origin
                (method git-fetch)
                (uri (git-reference
                      (url "https://github.com/libgit2/libgit2/")
                      (commit commit)))
                (file-name (git-file-name name version))
                (sha256
                 (base32
                  "17pjvprmdrx4h6bb1hhc98w9qi6ki7yl57f090n9kbhswxqfs7s3"))
                (patches (search-patches "libgit2-mtime-0.patch"))
                (modules '((guix build utils)))
                (snippet '(begin
                            ;; Remove bundled software.
                            (delete-file-recursively "deps")
                            #t))))
      (build-system cmake-build-system)
      (outputs '("out" "debug"))
      (arguments
       `(#:tests? #t                            ; Run the test suite (this is the default)
         #:configure-flags '("-DUSE_SHA1DC=ON") ; SHA-1 collision detection
         #:phases
         (modify-phases %standard-phases
           (add-after 'unpack 'fix-hardcoded-paths
             (lambda _
               (substitute* "tests/repo/init.c"
                 (("#!/bin/sh") (string-append "#!" (which "sh"))))
               (substitute* "tests/clar/fs.h"
                 (("/bin/cp") (which "cp"))
                 (("/bin/rm") (which "rm")))
               #t))
           ;; Run checks more verbosely.
           (replace 'check
             (lambda _ (invoke "./libgit2_clar" "-v" "-Q")))
           (add-after 'unpack 'make-files-writable-for-tests
               (lambda _ (for-each make-file-writable (find-files "." ".*")))))))
      (inputs
       `(("libssh2" ,libssh2)
         ("http-parser" ,http-parser)
         ("python" ,python-wrapper)))
      (native-inputs
       `(("pkg-config" ,pkg-config)))
      (propagated-inputs
       ;; These two libraries are in 'Requires.private' in libgit2.pc.
       `(("openssl" ,openssl)
         ("zlib" ,zlib)))
      (home-page "https://libgit2.github.com/")
      (synopsis "Library providing Git core methods")
      (description
       "Libgit2 is a portable, pure C implementation of the Git core methods
provided as a re-entrant linkable library with a solid API, allowing you to
write native speed custom Git applications in any language with bindings.")
      ;; GPLv2 with linking exception
      (license license:gpl2))))

(In those cases were you only want to tweak a few fields from a package definition, you should rely on inheritance instead of copy-pasting everything. See below.)

Let's discuss those fields in depth.

git-fetch method

Unlike the url-fetch method, git-fetch expects a git-reference which takes a Git repository and a commit. The commit can be any Git reference such as tags, so if the version is tagged, then it can be used directly. Sometimes the tag is prefixed with a v, in which case you'd use (commit (string-append "v" version)).

To ensure that the source code from the Git repository is stored in a unique directory with a readable name we use (file-name (git-file-name name version)).

Note that there is also a git-version procedure that can be used to derive the version when packaging programs for a specific commit.

Snippets

Snippets are quoted (i.e. non-evaluated) Scheme code that are a means of patching the source. They are a Guix-y alternative to the traditional .patch files. Because of the quote, the code in only evaluated when passed to the Guix daemon for building.

There can be as many snippet as needed.

Snippets might need additional Guile modules which can be imported from the modules field.

Inputs

First, a syntactic comment: See the quasi-quote / comma syntax?

(native-inputs
 `(("pkg-config" ,pkg-config)))

is equivalent to

(native-inputs
 (list (list "pkg-config" pkg-config)))

You'll mostly see the former because it's shorter.

There are 3 different input types. In short:

  • native-inputs: Required for building but not runtime – installing a package through a substitute won't install these inputs.
  • inputs: Installed in the store but not in the profile, as well as being present at build time.
  • propagated-inputs: Installed in the store and in the profile, as well as being present at build time.

See the package reference in the manual for more details.

The distinction between the various inputs is important: if a dependency can be handled as an input instead of a propagated input, it should be done so, or else it "pollutes" the user profile for no good reason.

For instance, a user installing a graphical program that depends on a command line tool might only be interested in the graphical part, so there is no need to force the command line tool into the user profile. The dependency is a concern to the package, not to the user. Inputs make it possible to handle dependencies without bugging the user by adding undesired executable files (or libraries) to their profile.

Same goes for native-inputs: once the program is installed, build-time dependencies can be safely garbage-collected. It also matters when a substitute is available, in which case only the inputs and propagated inputs will be fetched: the native inputs are not required to install a package from a substitute.

Outputs

Just like how a package can have multiple inputs, it can also produce multiple outputs.

Each output corresponds to a separate directory in the store.

The user can choose which output to install; this is useful to save space or to avoid polluting the user profile with unwanted executables or libraries.

Output separation is optional. When the outputs field is left out, the default and only output (the complete package) is referred to as "out".

Typical separate output names include debug and doc.

It's advised to separate outputs only when you've shown it's worth it: if the output size is significant (compare with guix size) or in case the package is modular.

Build system arguments

The arguments is a keyword-value list used to configure the build process.

The simplest argument #:tests? can be used to disable the test suite when building the package. This is mostly useful when the package does not feature any test suite. It's strongly recommended to keep the test suite on if there is one.

Another common argument is :make-flags, which specifies a list of flags to append when running make, as you would from the command line. For instance, the following flags

#:make-flags (list (string-append "prefix=" (assoc-ref %outputs "out"))
                   "CC=gcc")

translate into

$ make CC=gcc prefix=/gnu/store/...-<out>

This sets the C compiler to gcc and the prefix variable (the installation directory in Make parlance) to (assoc-ref %outputs "out"), which is a build-stage global variable pointing to the destination directory in the store (something like /gnu/store/...-my-libgit2-20180408).

Similarly, it's possible to set the "configure" flags.

#:configure-flags '("-DUSE_SHA1DC=ON")

The %build-inputs variable is also generated in scope. It's an association table that maps the input names to their store directories.

The phases keyword lists the sequential steps of the build system. Typically phases include unpack, configure, build, install and check. To know more about those phases, you need to work out the appropriate build system definition in $GUIX_CHECKOUT/guix/build/gnu-build-system.scm:

(define %standard-phases
  ;; Standard build phases, as a list of symbol/procedure pairs.
  (let-syntax ((phases (syntax-rules ()
                         ((_ p ...) `((p . ,p) ...)))))
    (phases set-SOURCE-DATE-EPOCH set-paths install-locale unpack
            bootstrap
            patch-usr-bin-file
            patch-source-shebangs configure patch-generated-file-shebangs
            build check install
            patch-shebangs strip
            validate-runpath
            validate-documentation-location
            delete-info-dir-file
            patch-dot-desktop-files
            install-license-files
            reset-gzip-timestamps
            compress-documentation)))

Or from the REPL:

> (add-to-load-path "/path/to/guix/checkout")
> ,module (guix build gnu-build-system)
> (map first %standard-phases)
(set-SOURCE-DATE-EPOCH set-paths install-locale unpack bootstrap
patch-usr-bin-file patch-source-shebangs configure
patch-generated-file-shebangs build check install patch-shebangs strip
validate-runpath validate-documentation-location delete-info-dir-file
patch-dot-desktop-files install-license-files reset-gzip-timestamps
compress-documentation)

If you want to know more about what happens during those phases, consult the associated procedures.

For instance, as of this writing the definition of unpack for the GNU build system is

(define* (unpack #:key source #:allow-other-keys)
  "Unpack SOURCE in the working directory, and change directory within the
source.  When SOURCE is a directory, copy it in a sub-directory of the current
working directory."
  (if (file-is-directory? source)
      (begin
        (mkdir "source")
        (chdir "source")

        ;; Preserve timestamps (set to the Epoch) on the copied tree so that
        ;; things work deterministically.
        (copy-recursively source "."
                          #:keep-mtime? #t))
      (begin
        (if (string-suffix? ".zip" source)
            (invoke "unzip" source)
            (invoke "tar" "xvf" source))
        (chdir (first-subdirectory "."))))
  #t)

Note the chdir call: it changes the working directory to where the source was unpacked. Thus every phase following the unpack will use the source as a working directory, which is why we can directly work on the source files. That is to say, unless a later phase changes the working directory to something else.

We modify the list of %standard-phases of the build system with the modify-phases macro as per the list of specified modifications, which may have the following forms:

  • (add-before PHASE NEW-PHASE PROCEDURE): Run PROCEDURE named NEW-PHASE before PHASE.
  • (add-after PHASE NEW-PHASE PROCEDURE): Same, but afterwards.
  • (replace PHASE PROCEDURE).
  • (delete PHASE).

The PROCEDURE supports the keyword arguments inputs and outputs. Each input (whether native, propagated or not) and output directory is referenced by their name in those variables. Thus (assoc-ref outputs "out") is the store directory of the main output of the package. A phase procedure may look like this:

(lambda* (#:key inputs outputs #:allow-other-keys)
  (let (((bash-directory (assoc-ref inputs "bash"))
         (output-directory (assoc-ref outputs "out"))
         (doc-directory (assoc-ref outputs "doc"))
  ; ...
  #t)

The procedure must return #t on success. It's brittle to rely on the return value of the last expression used to tweak the phase because there is no guarantee it would be a #t. Hence the trailing #t to ensure the right value is returned on success.

Code staging

The astute reader may have noticed the quasi-quote and comma syntax in the argument field. Indeed, the build code in the package declaration should not be evaluated on the client side, but only when passed to the Guix daemon. This mechanism of passing code around two running processes is called code staging.

"Utils" functions

When customizing phases, we often need to write code that mimics the equivalent system invocations (make, mkdir, cp, etc.) commonly used during regular "Unix-style" installations.

Some like chmod are native to Guile. See the Guile reference manual for a complete list.

Guix provides additional helper functions which prove especially handy in the context of package management.

Some of those functions can be found in $GUIX_CHECKOUT/guix/guix/build/utils.scm. Most of them mirror the behaviour of the traditional Unix system commands:

  • which: Like the which system command.
  • find-files: Akin to the find system command.
  • mkdir-p: Like mkdir -p, which creates all parents as needed.
  • install-file: Similar to install when installing a file to a (possibly non-existing) directory. Guile has copy-file which works like cp.
  • copy-recursively: Like cp -r.
  • delete-file-recursively: Like rm -rf.
  • invoke: Run an executable. This should be used instead of system*.
  • with-directory-excursion: Run the body in a different working directory, then restore the previous working directory.
  • substitute*: A "sed-like" function.

Module prefix

The license in our last example needs a prefix: this is because of how the license module was imported in the package, as #:use-module ((guix licenses) #:prefix license:). The Guile module import mechanism gives the user full control over namespacing: this is needed to avoid clashes between, say, the zlib variable from licenses.scm (a license value) and the zlib variable from compression.scm (a package value).

Other build systems

What we've seen so far covers the majority of packages using a build system other than the trivial-build-system. The latter does not automate anything and leaves you to build everything manually. This can be more demanding and we won't cover it here for now, but thankfully it is rarely necessary to fall back on this system.

For the other build systems, such as ASDF, Emacs, Perl, Ruby and many more, the process is very similar to the GNU build system except for a few specialized arguments.

Learn more about build systems in

Programmable and automated package definition

We can't repeat it enough: having a full-fledged programming language at hand empowers us in ways that reach far beyond traditional package management.

Let's illustrate this with some awesome features of Guix!

Recursive importers

You might find some build systems good enough that there is little to do at all to write a package, to the point that it becomes repetitive and tedious after a while. A raison d'être of computers is to replace human beings at those boring tasks. So let's tell Guix to do this for us and create the package definition of an R package from CRAN (the output is trimmed for conciseness):

$ guix import cran --recursive walrus

(define-public r-mc2d
    ; ...
    (license gpl2+)))

(define-public r-jmvcore
    ; ...
    (license gpl2+)))

(define-public r-wrs2
    ; ...
    (license gpl3)))

(define-public r-walrus
  (package
    (name "r-walrus")
    (version "1.0.3")
    (source
      (origin
        (method url-fetch)
        (uri (cran-uri "walrus" version))
        (sha256
          (base32
            "1nk2glcvy4hyksl5ipq2mz8jy4fss90hx6cq98m3w96kzjni6jjj"))))
    (build-system r-build-system)
    (propagated-inputs
      `(("r-ggplot2" ,r-ggplot2)
        ("r-jmvcore" ,r-jmvcore)
        ("r-r6" ,r-r6)
        ("r-wrs2" ,r-wrs2)))
    (home-page "https://github.com/jamovi/walrus")
    (synopsis "Robust Statistical Methods")
    (description
      "This package provides a toolbox of common robust statistical tests, including robust descriptives, robust t-tests, and robust ANOVA.  It is also available as a module for 'jamovi' (see <https://www.jamovi.org> for more information).  Walrus is based on the WRS2 package by Patrick Mair, which is in turn based on the scripts and work of Rand Wilcox.  These analyses are described in depth in the book 'Introduction to Robust Estimation & Hypothesis Testing'.")
    (license gpl3)))

The recursive importer won't import packages for which Guix already has package definitions, except for the very first.

Not all applications can be packaged this way, only those relying on a select number of supported systems. Read about the full list of importers in the guix import section of the manual.

Automatic update

Guix can be smart enough to check for updates on systems it knows. It can report outdated package definitions with

$ guix refresh hello

In most cases, updating a package to a newer version requires little more than changing the version number and the checksum. Guix can do that automatically as well:

$ guix refresh hello --update

Inheritance

If you've started browsing the existing package definitions, you might have noticed that a significant number of them have a inherit field:

(define-public adwaita-icon-theme
  (package (inherit gnome-icon-theme)
    (name "adwaita-icon-theme")
    (version "3.26.1")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnome/sources/" name "/"
                                  (version-major+minor version) "/"
                                  name "-" version ".tar.xz"))
              (sha256
               (base32
                "17fpahgh5dyckgz7rwqvzgnhx53cx9kr2xw0szprc6bnqy977fi8"))))
    (native-inputs
     `(("gtk-encode-symbolic-svg" ,gtk+ "bin")))))

All unspecified fields are inherited from the parent package. This is very convenient to create alternative packages, for instance with different source, version or compilation options.

Getting help

Sadly, some applications can be tough to package. Sometimes they need a patch to work with the non-standard filesystem hierarchy enforced by the store. Sometimes the tests won't run properly. (They can be skipped but this is not recommended.) Other times the resulting package won't be reproducible.

Should you be stuck, unable to figure out how to fix any sort of packaging issue, don't hesitate to ask the community for help.

See the Guix homepage for information on the mailing lists, IRC, etc.

Conclusion

This tutorial was a showcase of the sophisticated package management that Guix boasts. At this point we have mostly restricted this introduction to the gnu-build-system which is a core abstraction layer on which more advanced abstractions are based.

Where do we go from here? Next we ought to dissect the innards of the build system by removing all abstractions, using the trivial-build-system: this should give us a thorough understanding of the process before investigating some more advanced packaging techniques and edge cases.

Other features worth exploring are the interactive editing and debugging capabilities of Guix provided by the Guile REPL.

Those fancy features are completely optional and can wait; now is a good time to take a well-deserved break. With what we've introduced here you should be well armed to package lots of programs. You can get started right away and hopefully we will see your contributions soon!

References

Notices

CC-BY-SA

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686, x86_64, ARMv7, and AArch64 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

10 October, 2018 02:00PM by Pierre Neidhardt

GNU Guile

GNU Guile 2.9.1 (beta) released

We are delighted to announce GNU Guile 2.9.1, the first beta release in preparation for the upcoming 3.0 stable series.

This release adds support for just-in-time (JIT) native code generation, speeding up all Guile programs. Currently support is limited to x86-64 platforms, but will expand to all architectures supported by GNU Lightning.

GNU Guile 2.9.1 is a beta release, and as such offers no API or ABI stability guarantees. Users needing a stable Guile are advised to stay on the stable 2.2 series.

See the release announcement for full details and a download link. Happy hacking, and please do any bugs you might find to bug-guile@gnu.org.

10 October, 2018 09:23AM by Andy Wingo (guile-devel@gnu.org)

October 09, 2018

Parabola GNU/Linux-libre

Important notice for OpenRC users on i686

The newest version of PAM has an unspecified dependency on the 'audit' package. Upgrading that package today causes su and sudo to fail and makes logins impossible.

To avoid any trouble, you should explicitly install the 'audit' package before attempting to upgrade the system. If you upgrade without first installing the 'audit' package, then you will need to chroot into the system and install it.

09 October, 2018 11:30PM by bill auger

September 29, 2018

Riccardo Mottola

first release of StepSync!

I'm proud to announce the first release of StepSync, a file sync tool for GNUstep and MacOS (even for venerable PowerPC).

StepSync allows synchronization of folders, optionally recursively descending in sub-folders. It allows thus various options of performing backups: pure insertion, updates and including full synchronization by importing changes from target to source.

After months of development and testing, I consider it stable enough, I tested it with thousands of files and folders.

You can find it at the GNUstep Application Project. I already have plans for new features!

29 September, 2018 11:04AM by Riccardo (noreply@blogger.com)

September 25, 2018

dico @ Savannah

Version 2.7

Version 2.7 of GNU dico is available for download.

Important changes in this version:

1. Support for virtual databases
2. The dictorg module improved
3. Support for building with WordNet on Debian-based systems
4. Default m4 quoting characters changed to [ ]
5. Dicoweb: graceful handling of unsupported content types.

25 September, 2018 04:27PM by Sergey Poznyakoff

September 22, 2018

parallel @ Savannah

GNU Parallel 20180922 ('Danske') released [stable]

GNU Parallel 20180922 ('Danske') [stable] has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

No new functionality was introduced so this is a good candidate for a stable release.

Quote of the month:

I know I'm late to the party but GNU Parallel is truly amazing!
-- Sam Diaz-Munoz @sociovirology

New in this release:

  • Minix is supported again.
  • Bug fixes and man page updates.

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with: (wget -O - pi.dk/3 || curl pi.dk/3/) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your commandline will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 September, 2018 09:15PM by Ole Tange

September 20, 2018

Parabola GNU/Linux-libre

Server loss

The rather long outage (2018-08-27 through 2018-09-18; 22 days) of the proton.parabola.nu server has been resolved, with all services being migrated to winston.parabola.nu. Please notify us if you encounter any lingering issues.

We'd like to specifically thank Jonathan "n1md4" Gower for graciously hosting us at Positive Internet all these years--since before most of us were even Parabola users, let alone contributors.

However, that sponsorship has come to an end. We are alright for now; the server that 1984 Hosting is sponsoring us with is capable of covering our immediate needs. We are looking for a replacement server and are favoring a proprietor that is a "friend of freedom," if anyone in the community has a suggestion.

20 September, 2018 03:45PM by Luke Shumaker

September 19, 2018

Boot problems with Linux-libre 4.18 on older CPUs

Due to a known bug in upstream Linux 4.18, users with older multi-core x86 CPUs (Core 2 Duo and earlier?) may not correctly boot up with linux-libre 4.18 when using the default clocksource.

If you are affected, and the CPU is new enough to support HPET, you may work around this by adding clocksource=hpet to the kernel command line. GRUB users can accomplish this by inserting GRUB_CMDLINE_LINUX_DEFAULT+=" clocksource=hpet" in to /etc/default/grub and re-running grub-mkconfig.

If your CPU is too old to support HPET, you may work around this by using the linux-libre-lts (4.14) kernel instead of linux-libre (4.18).

As this is fixed in 4.18.9, you may also want to wait for a package update.

19 September, 2018 09:33PM by Luke Shumaker

September 14, 2018

gnuzilla @ Savannah

IceCat 60.2.0 Pre-release

GNUzilla is the GNU version of the Mozilla suite, and GNU IceCat is the GNU version of the Firefox browser. Its main advantage is an ethical one: it is entirely free software. While the Firefox source code from the Mozilla project is free software, they distribute and recommend non-free software as plug-ins and addons. Also their trademark license restricts distribution in ways that hinder freedom 0.

GNU IceCat has multiple practical advantages as well, such as better privacy and security settings, extensive blocking of sites that may track the user's browsing habits, or the inclusion of LibreJS and other extensions that help browse without running non-free javascript.

https://www.gnu.org/software/gnuzilla/

GPG key ID:D7E04784 GNU IceCat releases
Fingerprint: A573 69A8 BABC 2542 B5A0 368C 3C76 EED7 D7E0 4784
https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=gnuzilla

======

This is a pre-release for version 60.2.0 of GNU IceCat, available at http://alpha.gnu.org/gnu/gnuzilla/60.2.0/

This release contains substantial design and usability changes from the previous major version (v52.x ESR) so I'm publishing it at alpha.gnu.org to request testing and comments before moving it to ftp.gnu.org. Source Code plus binaries for GNU/Linux x86 and x86_64 are available.

The main differences (other than those provided from upstream changes from v52.x to v60.x) are:

  • LibreJS 7.x, now based in the WebExtensions API. It currently provides a very similar set of features compared with the version shipped with IceCat 52.x but testing, comments and advice are welcome.
  • A set of companion extensions for LibreJS by Nathan Nichols (https://addons.mozilla.org/en-US/firefox/user/NateN1222/) are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonald's, goteo.org and Google Docs without using nonfree JavaScript.
  • A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup.
  • A new homepage shows the most important privacy and freedom options available, with explanations for the user to tune IceCat's behavior to their specific needs.
  • We no longer include SpyBlock, which was IceCat's fork of AdBlockPlus that allowed to block all third-party requests during "Private Browsing" mode. Now, we include an extension that blocks all third party requests by default, and provides a simple interface that allows to whitelist specific third-party resources on a per-site basis. This change is the most significant usability change from IceCat 52.x and I'd like to get testers to provide an opinion on it. One of the reasons for its inclusion is that unlike other blockers it doesn't need to download any files to do its job, thus avoiding the previously mentioned unrequested network connections.

Thanks to Giorgio Maone, Nathan Nichols, Nyk Nyby and Zach Wick for their contribution to LibreJS and IceCat, and happy testing!

14 September, 2018 01:55AM by Ruben Rodriguez

September 13, 2018

librejs @ Savannah

LibreJS 7.17 released

GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article The JavaScript Trap*. LibreJS is a free add-on for GNU IceCat and other Mozilla-based browsers. It blocks nonfree nontrivial JavaScript while allowing JavaScript that is free and/or trivial. * https://www.gnu.org/philosophy/javascript-trap.en.html

The source tarball for this release can be found at:
http://ftp.gnu.org/gnu/librejs/librejs-7.17.0.tar.gz
http://ftp.gnu.org/gnu/librejs/librejs-7.17.0.tar.gz.sig

The installable extension file (compatible with Mozilla-based browsers version >= v60) is available here:
http://ftp.gnu.org/gnu/librejs/librejs-7.17.0.xpi
http://ftp.gnu.org/gnu/librejs/librejs-7.17.0.xpi.sig

GPG key:05EF 1D2F FE61 747D 1FC8 27C3 7FAC 7D26 472F 4409
https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=librejs

This release introduces a new interface for management of the whitelist/blacklist, along with several bug fixes:

  • Temporary hiding complain to owner feature until ready for prime time.
  • Adjust directory layout and packaging to allow Storage.js to be shared with the settings page in the xpi release.
  • Refactored panel visual styles to be reused by the settings page.
  • Support for batch async list operations.
  • Fix navigating the same url with # erases activity report information.

All contributions thanks to Giorgio Maone.

13 September, 2018 09:45PM by Ruben Rodriguez

September 12, 2018

German Arias

New release of FisicaLab for Windows

Due to some problems reported by Windows users, I decide to release a new Windows installer of FisicaLab with the alternative interface using IUP. This version is the number 0.3.5.1 and you can download it here. I will add some new features before release the version 0.4.0. If you have some problem with this new installer please write me.

12 September, 2018 05:26AM by Germán Arias

September 11, 2018

Luca Saiu

Thanks for fighting against the European copyright directive

As I am writing this, the European Parliament is debating the disastrously liberticide copyright Directive. After out previous mailing campaign (The European Parliament has rejected the copyright directive, for now ()) organized along with a group of GNU friends, we again contacted the Members of the European Parliament before the forthcoming vote. I wish to name all the people who helped by translating the text into several languages and improve it, working tirelessly and with very little time: Christopher Dimech, Yavor Doganov, Rafael Fontenelle, Alexandre Garreau, Bruno Haible, José Marchesi, Tom Uijldert. Thank you all, friends. — Luca Saiu, 2018-09-11 21:50 ... [Read more]

11 September, 2018 07:50PM by Luca Saiu (positron@gnu.org)

September 09, 2018

guile-cv @ Savannah

Guile-CV version 0.2.0

Guile-CV version 0.2.0 is released! (September 2018)

Changes since the previous version

This is a 'milestone' release, which introduces image texture measures. In addition (a) the default installation locations have changed; (b) there is a new configure option; (c) some new interfaces; (d) matrix multiplication performances have been greatly improved; (d) a few interface (name) have changed.

For a list of changes since the previous version, visit the NEWS file. For a complete description, consult the git summary and git log

09 September, 2018 02:47AM by David Pirotte