Planet GNU

Aggregation of development blogs from the GNU Project

January 16, 2019

FSF Events

John Sullivan - "" (Copyleftconf, Brussels, Belgium)

FSF executive director John Sullivan will be speaking at CopyleftConf (2019-02-04):

User freedom is being trampled by JavaScript. Can't copyleft help here as it has in other areas? Copyleft's traditional requirements have been seen as ill-suited. We'll talk about what's happened, what the future holds for copyleft here, and a little about how these challenges relate to the broader issue of copyleft's relevance to users' freedom while interacting with network services.

Even with no nonfree packages installed, most users are running nonfree software constantly, in the form of proprietary JavaScript executed on their local machines as they interact with the Web. Much of it doesn't have to be nonfree, because it is available elsewhere under a lax permissive license. But it is almost always distributed to users in minified, unreadable form, with no license notice or source code. Other JavaScript is intentionally unfree, and too often up to no good—invading privacy, enforcing Digital Restrictions Management (DRM), making Web sites defective by design.

Traditional requirements of copyleft licenses, like providing a copy of the license with the software, and including the source code or an offer of how to get it, have been seen as onerous or ill-suited in the context of JavaScript. The Free Software Foundation has proposed and implemented licensing metadata methods by which JavaScript that is intended to be free software can clearly say so, and therefore actually respect the freedom of its users. This is the first step in compliant and realistic distribution of copyleft-licensed JavaScript, as well as a step toward allowing free software users to run only free software inside the browser as they do outside the browser.

Since the guidelines were announced in 2012, the problem has gotten much worse. We'll talk about what's happened, what the future holds for copyleft in this space, and a little about how the challenges in this area relate to the broader issue of copyleft's relevance to users' freedom while interacting with network services.

Location: DigitYser, Boulevard d’Anvers 40, 1000 Bruxelles, Belgium

We hope you can attend the speech, or meet John at the conference.

Please fill out our contact form, so that we can contact you about future events in and around Brussels.

16 January, 2019 02:35PM

Parabola GNU/Linux-libre

caution regarding the 'libidn2' package with systemd

if you are using systemd (the default parabola system) and have the 'libidn2' package installed, upgrading it could break your system until the next version of systemd is in the repos

if this has already happened to you, here is a temporary work-around:

sudo ln -s /usr/lib/libidn2.so /usr/lib/libidn2.so.0

refer to this bug report for follow-ups: https://labs.parabola.nu/issues/2139

16 January, 2019 03:44AM by bill auger

January 15, 2019

FSF Blogs

The FSF is 5,000 members strong -- thanks to you

In the first week of January, we closed the Free Software Foundation's end of the year fundraiser and associate membership drive, and we'd like to thank you for your generosity and support. Because of you, we've raised $441,802 and had 488 new associate members join -- surpassing our goal of 400 new members. Thank you for donating, joining, and spreading the word.

Your support is just what we need to push the free software movement to new frontiers. Our ever-growing base of members, donors, and activists are the backbone of our work and free software. Without you, we wouldn't have been able to raise over $440,000 for software freedom. With the 488 new members, we now have more than 5,000 active FSF members. Thanks to you, we'll be able to expand the staff of the FSF, increasing our organizational capacity, ability to work on issues that matter, and build the community; certify more Respects Your Freedom products to ensure that your devices run free software out of the box, and continue enforcing the GNU General Public License and leading other copyleft efforts; build our technical infrastructure and provide greater support for the many projects that rely on the FSF; create new items for our catalog of cool new swag and engaging publications from the GNU Press Shop; ramp up the fight against DRM; and create a better future for free software.

We're excited to see what 2019 brings, which is only possible because of you. Thank you.

15 January, 2019 04:38PM

FSF Events

Richard Stallman - "A Free Digital Society" (Mandya, India)

There are many threats to freedom in the digital society. They include massive surveillance, censorship, digital handcuffs, nonfree software that controls users, and the War on Sharing. Other threats come from use of web services. Finally, we have no positive right to do anything in the Internet; every activity is precarious, and can continue only as long as companies are willing to cooperate with it.

Richard Stallman will be inaugurating FSMKCamps (2019-01-20–24), a workshop organized by Free Software Movement Karnataka. His speech will be nontechnical, admission to it is gratis, and the public is encouraged to attend.

Location: PES (People's Education Society College of Engineering) College of Engineering, Mandya, Karnataka

Please fill out our contact form, so that we can contact you about future events in and around Mandya.

15 January, 2019 12:18PM

January 09, 2019

John Sullivan - "JavaScript: If you love it, set it free" (FOSDEM, Brussels, Belgium)

FSF executive director John Sullivan will be giving his speech “JavaScript: If you love it, set it free” at (2019-02-02–03):

The vast majority of JavaScript carries no license or copyright notice at all, often because of concerns about optimizing bandwidth and speed, but also because of a lack of awareness. As JavaScript developers, you are well-positioned to help solve this problem -- by clearly licensing your code, by making improvements to the common tooling, and by providing important feedback on what licensing methods make the most sense.

The lack of clear licensing info, especially when combined with minification, makes most JavaScript proprietary for the users who receive and execute it in their browsers, even if the source code is available elsewhere on the Internet in some repository under a free license. The lack also means rampant license violations, for both permissively and reciprocally licensed code. The Free Software Foundation has proposed and implemented a couple of licensing metadata methods by which JavaScript which is intended to be free software can clearly say so, and therefore actually respect the freedom of its users. This is the first step in compliant and realistic distribution of copyleft-licensed JavaScript, as well as a step toward allowing free software users to run only free software inside the browser as they do outside the browser. Other approaches have been proposed as well. We will discuss these questions and seek input on the approaches so far, and hopefully leave with some momentum to make positive changes.

Location: Javascript devroom, H.1308 (Rolin), UniversitĂŠ Libre de Bruxelles, Brussels, Belgium

We hope you can attend the speech, or meet John at the conference.

Please fill out our contact form, so that we can contact you about future events in and around Brussels.

09 January, 2019 12:58PM

Molly de Blanc - "The margins of software freedom" (Brussels, Belgium)

FSF campaigns manager Molly de Blanc will be speaking at CopyleftConf (2019-02-04):

Everyone needs user freedom, but the ways through which it impacts our daily lives vary widely based on factors like gender, location, and race. At-risk communities, marginalized groups, and minorities need copyleft more than ever, as computing technologies find their ways into our homes, our bodies, and the most private parts of our lives.

Location: DigitYser, Boulevard d’Anvers 40, 1000 Bruxelles, Belgium

Please fill out our contact form, so that we can contact you about future events in and around Brussels.

09 January, 2019 12:40PM

January 08, 2019

mdk @ Savannah

GNU MDK 1.2.10 released

This new release fixes some long standing bugs and adds compatibility with Guile 2.2 and Flex 2.6.

08 January, 2019 07:44PM by Jose Antonio Ortega Ruiz

January 07, 2019

mit-scheme @ Savannah

MIT/GNU Scheme 10.1.4 released

See the release notes.

07 January, 2019 03:01AM by Chris Hanson

January 03, 2019

recutils @ Savannah

recutils 1.8 released

I am happy to announce a new release of the GNU recutils, version 1.8.

The changes in this release are:

  • Utilities:
    • Fix the build of readrec with recent bash headers.
  • librec:
    • Fix evaluation of sexes containing #NAME expressions.
    • Make numeric results from aggregated functions signed.
  • readred:
    • readrec --help now shows the help message and returns, instead of waiting for input.
  • Emacs mode:
    • rec-mode.el now supports case-insensitive searches.
    • rec-mode.el now defines it's own faces.
    • ob-rec.el was switched to lexical binding to satisfy later org-mode versions.
  • It is now possible to run the testsuite in parallel.
  • Other fixes:
    • gnulib updated.
    • GNU/Hurd build fixed.
    • Aggregate functions now work properly in Aarch64 and powerpc.
  • Internal cleanup and code factorization.
  • Other bug fixes.

The release can be found in the GNU ftp:
ftp://ftp.gnu.org/gnu/recutils/recutils-1.8.tar.gz

Alternatively, http://ftpmirror.gnu.org/recutils/ will automatically
redirect to a nearby mirror.

==About GNU recutils==

GNU recutils is a set of tools and libraries to access human-editable,
text-based databases called recfiles. The data is stored as a
sequence of records, each record containing an arbitrary number of
named fields. Advanced capabilities usually found in other data
storage systems are supported by GNU recutils: data types, data
integrity (keys, mandatory fields, etc) as well as the ability of
records to refer to other records (sort of foreign keys). Despite its
simplicity, recfiles can be used to store medium-sized databases.

Please see the GNU recutils homepage for more information:
http://www.gnu.org/software/recutils

03 January, 2019 10:20AM by Jose E. Marchesi

January 02, 2019

tar @ Savannah

Version 1.31

Version 1.31 is available for download. New in this release:

  • Fix heap-buffer-overrun with --one-top-level.
  • Support for zstd compression.
  • The -K option interacts properly with member names given in the command line.
  • Fix CVE-2018-20482

02 January, 2019 07:17PM by Sergey Poznyakoff

January 01, 2019

diffutils @ Savannah

diffutils-3.7 released [stable]

01 January, 2019 02:52AM by Jim Meyering

December 31, 2018

FSF Blogs

A message from Richard M. Stallman

The donation from the Pineapple Fund arrived in the form of Bitcoin and had gone down to around $860,000 by the time we could convert it all to dollars. Around half of the donation from Handshake is earmarked for specific software projects; some of that will go to improving Replicant, the free Android fork, but that half won't help fund the FSF's general operations.

We will need to add part of these donations to our reserves, which are meant to enable us to keep operating in the case of a possible downturn. That still leaves enough to expand our staff by two or three positions. We will be able to do some of the work that always needed doing but that we could not undertake.

We have added a position to the tech team so that they can upgrade the support platforms for GNU packages -- repositories, Web pages, translation, testing -- and publish about how we run the FSF without nonfree software.

We intend also to add another person to the Licensing and Compliance team, which certifies distributions and products and enforces the GNU General Public License. Because of the success of Respects Your Freedom, we have a long backlog of products to evaluate. Expanding the team will increase our ability to help people purchase hardware that runs entirely on free software.

We will also fund development of free JavaScript code to make certain Web sites function in the free world. Making sites depend on sending users nonfree JavaScript code has become fashionable, so that organizations and even governments do it without even thinking about it. The option to communicate with Web sites without running nonfree software is a crucial part of freedom for users of the World Wide Web. We will also continue improving the GNU LibreJS extension, and making GNU IceCat protect against JavaScript spyware techniques.

This year's surprise one-time donations make it possible for us to hire additional staff and do more work, but we can't coast very long on them alone; we will need to continue paying the staff to keep doing the work. Most of our income, these donations aside, comes from individual donors giving less than $200 a year. To carry on with this work, we need your support.

The increased operations, as we are planning them now, will still not do all that needs to be done to win freedom in computing. You can enable us to continue -- and to undertake the other work that we are still not doing -- by joining the Free Software Foundation or donating now. Even better, do both!

31 December, 2018 02:14AM

December 30, 2018

gzip @ Savannah

gzip-1.10 released [stable]

30 December, 2018 06:08AM by Jim Meyering

December 28, 2018

gnuastro @ Savannah

Gnuastro 0.8 released

The 8th release of GNU Astronomy Utilities (Gnuastro) is now available for download. Please see the announcement for details.

28 December, 2018 02:58PM by Mohammad Akhlaghi

FSF Events

Richard Stallman - "Should we have more surveillance than the USSR?" (Kozhikode, India)

Digital technology has enabled governments to impose surveillance that Stalin could only dream of, making it next to impossible to talk with a reporter undetected. This puts democracy in danger. Stallman will present the absolute limit on general surveillance in a democracy, and suggest ways to design systems not to collect dossiers on all citizens.

Richard Stallman will be speaking at the Kerala Literature Festival (2019-01-10–13). His speech will be nontechnical, admission is gratis, and the public is encouraged to attend.

Location: Kerala Literature festival, Kozhikode Beach, Port Grounds, Kozhikode, Kerala, India

Please fill out our contact form, so that we can contact you about future events in and around Kozhikode.

28 December, 2018 02:35PM

December 27, 2018

FSF Blogs

GNU Spotlight with Mike Gerwitz: 21 new GNU releases!

For announcements of most new GNU releases, subscribe to the info-gnu mailing list: https://lists.gnu.org/mailman/listinfo/info-gnu.

To download: nearly all GNU software is available from https://ftp.gnu.org/gnu/, or preferably one of its mirrors from https://www.gnu.org/prep/ftp.html. You can use the URL https://ftpmirror.gnu.org/ to be automatically redirected to a (hopefully) nearby and up-to-date mirror.

A number of GNU packages, as well as the GNU operating system as a whole, are looking for maintainers and other assistance: please see https://www.gnu.org/server/takeaction.html#unmaint if you'd like to help. The general page on how to help GNU is at https://www.gnu.org/help/help.html.

If you have a working or partly working program that you'd like to offer to the GNU project as a GNU package, see https://www.gnu.org/help/evaluation.html.

As always, please feel free to write to us at maintainers@gnu.org with any GNUish questions or suggestions for future installments.

27 December, 2018 05:19PM

December 26, 2018

New frontiers in freedom for a new year

The beginning of a new year invests us with new hope for the future: while the free software movement has been dealt some harsh blows in 2018, here at the Free Software Foundation (FSF) we have a lot of reasons for optimism as well.

The public is slowly becoming aware that Google, Facebook, Microsoft, Apple, and other purveyors of proprietary software don’t have their best interests at heart, that “smart home” appliances are an unwise buy, and that allowing bulk surveillance in the name of “security” isn’t worth the loss of freedom. The less people outside of the inner circle of tech trust the peddlers of nonfree software and related products, the more open they are to our message; the more the public fights back to defend net neutrality, smash the disastrous EU Copyright Directive Article 13, and demand answers about how social media giants are violating their privacy, the broader our potential audience grows.

In order to create the free world we need, free software must become a "kitchen table" issue. Making that happen is a large part of the FSF’s mission, and it takes the everyday advocacy and hard work of a huge community of supporters to make it possible. It also takes funds for campaigns, software development, and more -- freedom isn’t always gratis, unfortunately. So we’re making one last push to ask you to help us start 2019 in a position of strength.

Our members provide the most crucial building blocks for our movement, and member dues fuel the infrastructure of the FSF and the GNU Project, keep the GNU Press churning out important free software documentation and cool T-shirts, enables the enforcement of copyleft licenses, and so much more. We urge you to start off your new year by becoming a new member of the FSF. Benefits of FSF membership include a 20% discount on FSF merchandise, gratis entrance to the yearly LibrePlanet conference, and more -- plus, as a thank-you gift, we’re sending all new and renewing associate members a fun set of exclusive enamel pins! We're just shy of our goal of 400 new members in this fundraiser period, and with your help, we'll start off 2019 ready to launch software freedom to new frontiers.

In the meantime, the FSF is bigger and better than ever, and more equipped to do the work you count on us to do: standing up against companies, governments, and programs that abuse your computing freedom, and expanding your ability to replace nonfree programs with free software that meets all of your computing needs. Keep an eye on our blogs, our news page, and our GNU Social, Diaspora, and Twitter accounts for the latest news. With your help, we can make this the best year for free software yet.

26 December, 2018 05:20PM

December 24, 2018

Some losses from 2018

When I look back on 2018, of course I see successes for user freedom across the world: the appeal in Christoph Hellwig's GPL compliance case against VMWare is moving forward; Google employees are rallying against Dragonfly, the authoritarian search engine being built for the Chinese government; the Free Software Foundation's (FSF) home state of Massachusetts is taking steps for the Right to Repair; and people all over the world shared their tips and tricks to leading safer digital lives -- just to name a few! It's hard not to be impressed and inspired by everything the free software -- and greater digital rights -- community has done so much over the past year.

But the work we need to do for freedom is far from over. I want to highlight just a few of the (many) losses from 2018. I think these make it clear why the work of organizations like the FSF is so important. The FSF sets a hard line for freedom -- uncompromising in our ideology and bringing it to everything we do. I look at this list and am reminded why the FSF exists, why we need to keep fighting, and why we can only succeed by rallying as a community.

Project Dragonfly

Dragonfly, mentioned above, is a censored search engine Google is likely building for use in China. It is a travesty for the future of software freedom in China. It is explicitly designed to allow censorship of the Web and Web access.

Project Dragonfly was "effectively ended" in mid-December, after five months of hard efforts by Google staff, journalists, and activists around the world. This is a great success, and should be celebrated, but Dragonfly never should have existed in the first place. We have no doubt that someone will try this again, with or without Google.

What does this mean for free software? Projects like Dragonfly allow greater targeting of tools used to create, maintain, share, and use free software. We know from experience that the Chinese government will use this power to block access to important free software, especially in the categories of cryptography and security. It is possible that users would not even be able to learn about free software.

On the note of censorship...

The European Copyright Directive and Censorship Machines

Activists and activist organizations in the European Union use the term "Censorship Machines" for the upload filters the European Copyright Directive will require sites to install. These attempts to "prevent copyright infringement" only serve to stifle creativity and software freedom. You can read more at juliareda.eu.

While a first round of voting saw the proposed Copyright Directive rejected, it later passed onto next steps, bringing us closer to a more controlled, more dystopian Internet and Web.

What does this mean for free software? One of the themes from 2018 is greater government and corporate control over what we can access on the Web and how we interact with the Internet. According to the Free Software Foundation Europe, Article 13 "imposes preventive blocking of online code repositories."

Net neutrality, the FCC, and the ongoing battle for freedom on the Net

The Federal Communications Commission (FCC) voted to gut net neutrality protections in the United States. In the US, Title II is a provision that treated Internet Service Providers (ISPs) as "common carriers," or organizations that are required to provide "general service to the public without discrimination." This is the closest thing the US had to providing net neutrality.

In 2018, the US Congress created a discharge petition to overturn the FCC's ruling. As of writing this, the House of Representatives is waiting to vote on the petition.

What does this mean for free software? This is a twist on how Article 13 affects us, with the government allowing corporate control over what we see and do on the Internet. With net neutrality protections gone, ISPs can (and will) throttle access to Web sites and users that aren't able to pay extra fees. This will impact smaller Web sites, including code sharing sites and other tools we use to build and share free software. It will give major DRM-ed Web sites a privileged status, as they will be the ones able to pay extra fees, and they already have good relationships with the ISPs.

Oracle, Inc. v. Google, Inc.

In the words of Parker Higgins, "you wouldn't reimplement an API." The US Federal Circuit agrees.

The Oracle v. Google case concerning the copyright of Java APIs, originally from 2010, continues to this day. After years of back and forth, 2016 brought good news: a jury found Google’s reimplementation of Oracle’s Java APIs to be fair use and therefore acceptable. However, Oracle appealed, and this year the Federal Circuit ruled in favor of Oracle, finding Google’s use of the Java APIs to be copyright infringement.

Read the FSF's 2012 and 2014 statements on the matter.

What does this mean for free software? This ruling is a big loss for interoperability in software. With the recent results of this case, and the potential for large penalties due to copyright infringement, developing free software through API compatibility could become a legally risky activity. This ruling could fundamentally alter the standard software practice of interoperability through APIs.

Licensing and the Commons Clause

I'd be remiss to not mention one of the most contentious licensing debates in recent history: the Commons Clause.

The Commons Clause isn't a license per se, but something to add to a pre-existing license. Released towards the end of 2018 by Redis, the misleadingly named Commons Clause is a non-commercial use clause, and using it renders a previously free license nonfree.

What does this mean for free software? This is a risk to user freedom, as it makes a free license into a nonfree one. It does not guarantee the four freedoms of free software, and it does not respect user (or developer) rights. Not only does the Commons Clause set a precedent that a free license can be contorted into a nonfree one, it could potentially confuse people looking to use free software.

In summary...

These are just a few of the setbacks software freedom took in 2018. Each one reminds me why I do what I do at the FSF every day -- stand up for user rights by standing up for software freedom. I hope you'll look at this list and not feel despondent. Instead, I ask you to look at it as a to-do list for 2019 -- seeing where and how we can do better, what controversies are on the horizon, and how we can keep working together for a freer world. If you want to support the work of the FSF in 2019, please consider becoming a member.

I started this by mentioning a few of the successes we saw in 2018. These aren't the only ones! Read more about the small victories of 2018 here.

24 December, 2018 09:28PM

December 22, 2018

parallel @ Savannah

GNU Parallel 20181222 ('Jacob Sparre') released

GNU Parallel 20181222 ('Jacob Sparre') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Quote of the month:

GNU parallel is a seriously powerful flexible and tool.
-- Greg Hurrell @wincent

New in this release:

  • Better /proc/cpuinfo parser.
  • Simpler job scheduling flow.
  • Bug fixes and man page updates.

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with:
(wget -O - pi.dk/3 || curl pi.dk/3/ || fetch -o - http://pi.dk/3) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your command line will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 December, 2018 03:47PM by Ole Tange

December 21, 2018

GNU Guix

Reproducible Builds Summit, 4th edition

As it has become tradition, a sizeable delegation of Guix developers attended this year's Reproducible Builds Summit in Paris a little over one week ago. In the Mozilla offices around 50 people representing dozens of free software projects (and also Microsoft) got ready to share ideas and work together on reproducibility problems for three days. As the agenda unfolded we would split up into small groups, each focusing on a different issue. This blog post is an attempt to share impressions from some of these group sessions.

Opam

Opam is the OCaml package manager, and a number of sessions were dedicated to addressing reproducibility problems that affect Opam, such as the lack of accounting for common system packages. One of the outcomes of the session is a script to catch common sources of non-determinism, which should improve the quality of OCaml packages in general, including those that are available through Guix.

Some very productive hack session resulted in a new Guix package importer for Opam packages and various fixes for the Opam package in Guix. The Opam website now also includes instructions on how to install Opam with Guix.

“User stories”

The “user stories” session focused on a couple of questions: How can we put reproducible builds into the hands of users? How do they benefit from it? This has been an on-going theme in Reproducible Builds Summits. We shared ideas about this before: users should be able to choose their provider of package binaries, it should be easy for them to (re)build packages locally, and it should be easy for them to challenge servers that publish binaries. Guix satisfies these requirements but could probably go further. These and other ideas were explored. In particular it was interesting to see several distros work on setting up rebuilders that would allow them to have more diversity and thus more confidence in the binaries that they ship.

Distributing packages over IPFS

Developers of IPFS offered a session on package distribution over IPFS. IPFS implements peer-to-peer unencrypted data storage; there are privacy and censorship-resistance issues that it leaves unaddressed, but its efficiency and convenience are appealing for the distribution of package binaries. An IPFS package landed in Guix right in time for the summit, which allowed us to play with it. Together with fellow Nix hackers, we sketched an incremental path towards IPFS integration in Guix and Nix. We hope to be able to deliver a first implementation of that in Guix soon—stay tuned!

Java and other JVM languages

The Java reproducibility working group discussed what was needed to reproduce builds of Java packages. We focused mainly on reproducing builds with Maven and realized that differences in vocabulary affect our goals. For instance, Maven developers don't consider plugins to be dependencies for the build, while in the context of Guix anything contributing to the build is declared as an input. Our interactions with other projects throughout the summit has led to similar revelations and contributed to improved mutual understanding.

In Guix we have packages for two more JVM languages other than Java itself: Groovy and Clojure. Other JVM languages, such as Scala and Kotlin (both dependencies of Gradle), however, come with additional challenges. The Scala compiler, for example, is written in Scala, and although there are other implementations of the compiler, they are also written in Scala. Julien started writing a bootstrap compiler for Scala in Java, which is already able to produce an AST for Scala files and produce JVM bytecode. In cases like this where it is not feasible to retrace historic steps to bootstrap a language, writing a new compiler implementation may surprisingly be the most reasonable thing to do.

Bootstrapping

We were excited to see increased interest in bootstrapping, which may have been sparked by recent major successes in the early Scheme/C bootstrap for GNU+Linux systems. While a few of us successfully hunted down a confusing miscompilation bug, parts of the early C bootstrap were ported to Nix, demonstrating that the bootstrapping work that started in the context of Guix can benefit other GNU+Linux distributions with minor adaptations.

With the addition of Gash as a Bash and GNU coreutils replacement on the horizon, we are looking forward to another dramatic reduction of the "binary seed" used to bootstrap the GNU system --- first via Guix and hopefully for other free software system distributions in the future.

Thanks!

We would like to thank the organizers who helped make the Reproducible Build Summit a productive, enjoyable and friendly workshop: Beatrice and Gunner of Aspiration, Holger, Nicolas, Vagrant, Chris and Mattia.

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686, x86_64, ARMv7, and AArch64 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

21 December, 2018 10:30AM by Julien Lepiller, Gábor Boskovits, Ludovic Courtès, Ricardo Wurmus

sed @ Savannah

sed-4.7 released [stable]

21 December, 2018 06:14AM by Jim Meyering

grep @ Savannah

grep-3.3 released [stable]

21 December, 2018 04:51AM by Jim Meyering

December 20, 2018

grep-3.2 released [stable]

20 December, 2018 03:58PM by Jim Meyering

sed @ Savannah

sed-4.6 released [stable]

20 December, 2018 07:34AM by Jim Meyering

December 14, 2018

Parabola GNU/Linux-libre

Parabola officially supports librebooted Asus Chromebook C201

Parabola now supports the Asus Chromebook C201 with the Linux-libre kernel. In the past, the furthest thing we achieved was to boot Parabola with the non-free CrOS kernel. However, that changed when a Parabola user reported at issue #1965 to successfully boot our beloved distro in this Librebooted ARM laptop. Users that wish to do this, just have to install the linux-libre-chromebook package, which has the signature to boot Linux-libre with Depthcharge in the C201.

14 December, 2018 06:00AM by David P.

December 11, 2018

GNU Guix

Bootstrapping Rust

Slowly, systems programming languages are getting better in the sense of giving more guarantees and automating what can be automated without downsides.

Rust is one of the more promising system programming languages. Its central advantage is that it enforces memory safety and thread safety at compile time, without incurring any runtime overhead.

The part that enforces memory safety is called "the borrow checker".

It has been a long-standing tradition to develop a language far enough to be able to write the language's compiler in the same language, and Rust does the same. Rust is nowadays written in Rust.

We've tracked down the earlier Rust versions, which were written in OCaml, and were planning to use these to bootstrap Rust. But in parallel, John Hodge (Mutabah) developed a Rust compiler, called "mrustc", written in C++.

mrustc is now good enough to compile Rust 1.19.0.

Using mrustc, we were able to build Rust entirely from source with a bootstrap chain like this:

rust@1.28.0
    ^
    |
rust@1.27.2
    ^
    |
rust@1.26.2
    ^
    |
rust@1.25.0
    ^
    |
rust@1.24.1
    ^
    |
rust@1.23.0
    ^
    |
rust@1.22.1
    ^
    |
rust@1.21.0
    ^
    |
rust@1.20.0
    ^
    |
rust@1.19.0
    ^
    |
mrustc@0.8.0
    ^
    |
   g++

Limitations

  • mrustc currently does no borrow checking -- so memory safety of our rust@1.19.0 is mostly guaranteed in the sense of "someone else built rust@1.19.0 using another Rust compiler and thus ran the borrow checker already".

  • The bootstrap chain is rather long. There are plans to extend mrustc to support newer Rust, but it turned out to be difficult.

  • Rust takes reproducible builds seriously, but there are some reproducibility problems left in earlier compilers that pop up very sporadically (mostly because of LLVM, and some because of Rust hashtable poisoning). Help wanted, especially from LLVM people!

  • Each target we want to support has to have support in LLVM, AND mrustc needs to have a specification of the alignment and sizes of the base types.

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686, x86_64, ARMv7, and AArch64 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

11 December, 2018 01:36PM by Danny Milosavljevic

December 10, 2018

Back from SeaGL 2018

SeaGL 2018 has concluded. Thank you to everyone in the local Seattle community who came to participate!

As previously announced, Chris Marusich gave a talk introducing GNU Guix to people of all experience levels. Some very Guixy swag was handed out, including printed copies of this handy Guix reference card. The room was packed, the audience asked great questions, and overall it was tons of fun!

If you weren't able to come to SeaGL this year, that's OK! You can watch a video of the talk below. Happy hacking!

Everyday Use of GNU Guix

10 December, 2018 08:00AM by Chris Marusich

December 09, 2018

unifont @ Savannah

Unifont 11.0.03 Released

8 December 2018

Unifont 11.0.03 is now available. Significant changes in this version include the Nushu script contributed by David Corbett, and the Kana Supplement and Kana Supplement-A scripts contributed by Johnnie Weaver.

Download this release at:

https://ftpmirror.gnu.org/unifont/unifont-11.0.03/

or if that fails,

ftp://ftp.gnu.org/gnu/unifont/unifont-11.0.03/

Enjoy!

Paul Hardy

09 December, 2018 12:53AM by Paul Hardy

December 06, 2018

FSF News

FSF adds Hyperbola GNU/Linux-libre to list of endorsed GNU/Linux distributions

hyperbola logo

The FSF's list showcases GNU/Linux operating system distributions whose developers have made a commitment to follow its Guidelines for Free System Distributions. Each one includes and endorses exclusively free "as in freedom" software.

After a thorough vetting process, the FSF concluded that Hyperbola, a long-term support simplicity-focused distribution based on Arch GNU/Linux, meets these criteria.

"In a world where proprietary operating systems continually up the ante in terms of the abuse they heap on their users, adding another distribution to the list of fully free systems is a welcome development. Hyperbola represents another safe home for users looking for complete control over their own computing," said John Sullivan, FSF's executive director.

"Hyperbola is a fully free distribution based on Arch snapshots and Debian development without nonfree software, documentation, or any type of support for the installation or execution of nonfree software. Unlike Arch, which is a rolling release distribution, Hyperbola is a long-term one focused on stability and security inspired from Debian and Devuan," said AndrĂŠ Silva, Hyperbola co-founder and developer.

FSF's licensing and compliance manager, Donald Robertson, added, "It was a pleasure working with the team behind Hyperbola throughout this process. They really go above and beyond in terms of looking out for the rights of their users. "

Hyperbola joins a growing list of distributions that users can trust. More information about Hyperbola, and how volunteers can get involved, is available at https://www.hyperbola.info/.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to run, edit, share, and contribute to computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

About the GNU Operating System and Linux

Richard Stallman announced in September 1983 the plan to develop a free software Unix-like operating system called GNU. GNU is the only operating system developed specifically for the sake of users' freedom. See https://www.gnu.org/gnu/the-gnu-project.html.

In 1992, the essential components of GNU were complete, except for one, the kernel. When in 1992 the kernel Linux was re-released under the GNU GPL, making it free software, the combination of GNU and Linux formed a complete free operating system, which made it possible for the first time to run a PC without nonfree software. This combination is the GNU/Linux system. For more explanation, see https://www.gnu.org/gnu/gnu-linux-faq.html.

Media Contacts

Donald Robertson, III
Licensing & Compliance Manager
Free Software Foundation
+1 (617) 542 5942
licensing@fsf.org

Hyperbola GNU/Linux-libre logo, Copyright 2017-2018 Hyperbola Project released under the CC-BY-SA 4.0 license.

06 December, 2018 09:15PM

GNU Guix

GNU Guix and GuixSD 0.16.0 released

We are pleased to announce the new release of GNU Guix and GuixSD, version 0.16.0! This release is (hopefully!) the last one before 1.0—we have been closing most key items for 1.0 over the last few months.

The release comes with GuixSD ISO-9660 installation images, a virtual machine image of GuixSD, and with tarballs to install the package manager on top of your GNU/Linux distro, either from source or from binaries. Guix users can update by running guix pull.

It’s been 5 months since the previous release, during which 95 people contributed code and packages. Here are the highlights.

  • The default substitute URL has been changed to https://ci.guix.info. This is backed by a more powerful build farm with terabytes of storage kindly donated by the Bioinformatics platform of the Berlin Institute of Medical Systems Biology (BIMSB) at the Max Delbrück Center (MDC). The build farm front-end runs Cuirass, our continuous integration tool that was partly developed during two GSoC internships.
  • guix pull now lists new and upgraded packages, and it has a --profile option that allows you to keep several Guix revisions in parallel. Related to that, the new guix describe command displays information about the Guix revision you are using.
  • guix pull now supports channels. In a nutshell, you can specify in ~/.config/guix/channels.scm the channels from which guix pull will fetch Guix as well as, optionally, third-party package repositories. Again guix describe displays all the channels in use and guix describe -f channels produces a “pinned channel” specification that can be used as the channels.scm file of guix pull.
  • Using the new inferior mechanism, you can now interact with a different revision of Guix and even compose packages coming from different revisions of Guix!
  • The output of the command-line tools has been noticeably improved: important events are colorized, guix package and guix system no longer display build logs, and guix build colorizes build logs (in a way that is similar to what Emacs-Guix does.)
  • There are new package transformation options: --with-branch and --with-commit allow you to obtain a package variant straight from its Git repository.
  • Guix had reproducible builds and now it has “reproducible source code downloads”: when a package refers to a Git repository that has disappeared (which is unfortunately not uncommon!), the checkout can be fetched from Software Heritage. That makes Guix one of the first distros to be backed by a long-term archive. See this issue for more info.
  • Our Rust packages are now fully bootstrapped from source, starting from mrustc, a Rust compiler written in C++. This is a victory on this instance of “yogurt software”, and Guix is probably the first distro to achieve this. More on that in a future post!
  • On GuixSD, guix system reconfigure will now always load replacements of system services. That way, when you deem appropriate, you can run herd restart SERVICE to start the upgraded service.
  • As usual, 985 packages were added and 1,945 were upgraded, notably the GNU C Library now at version 2.28 (which, incidentally, allowed us to get rid of our Hurd-specific glibc variant, at last!). Today Guix provides 8,715 packages.
  • The manual is now partially translated into German. The French translation is now 90% complete. You can help translate the manual into your native language by joining the Translation Project.

Pffew, quite a long list already! The release announcement lists additional noteworthy changes and bug fixes you may be interested in.

Enjoy!

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686, x86_64, ARMv7, and AArch64 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

06 December, 2018 05:00PM by Ludovic Courtès

libredwg @ Savannah

libredwg-0.7 released

See https://www.gnu.org/software/libredwg/ and
http://git.savannah.gnu.org/cgit/libredwg.git/tree/NEWS

new API:
* add dwg_get_OBJECT(dwg) API for all objects in a DWG.
analog to dwg_get_ENTITY, but including all objects, tables,
block headers, even if unowned.
Note that the dwg_api will be revamped from static to dynamic before 1.0.
field accessors will be by name argument and ... (va_args)
See the work/dynapi branch #59 (in progress).
dwg_get_OBJECT(dwg) will be renamed to dwg_getall_OBJECT(dwg),
dwg_get_ENTITY(blkhdr) to dwg_getall_ENTITY(blkhdr).

API breaking changes:
* Changed BITCODE_RC from signed to unsigned char (#44)
* LEADER changes: rename hooklineonxdir to hookline_dir,
rename unknown_bit_4 to hookline_on,
endptproj only until r2007. (but still not 100% correct)
* MULTILEADER changes: rename num_vertex to numpts (analog to LEADER),
change vertex to points[] (PR #49 Denis Pryt)
* Fixed dwg_get_ENTITY(hdr): NULL-terminate the result (#60)

Important bugfixes:
* Fixed all memory leaks and double-free's (#43, #42, PR #58 Denis Pryt)
* Fixed EED sizes (PR #48, Denis Pryt)
* Fixed BLOCK_HEADER.num_inserts, esp. with xref's (#44).
For decode and encode.
* Fixed LTYPE.dash (#44)
* Fixup LEADER DXF values and path_type with annot_type mixup.
* Fixed TABLE.value.data_type with flags kGeneral (#54 Denis Pryt)
* Fixes VECTOR_CHKCOUNT segfault on unassigned obj->dxfname's
(esp. for <=R12), and fix overflows (#56)
* dwglayers: fix for DICTIONARY breaking the list output (#51)
* dxf: fix dxf_blocks_write for empty paper_space (#52)
* Fixed example/load_dwg.py allowing non-critical error codes

Other newsworthy changes:
* Check for RUNNING_ON_VALGRIND and call dwg_free then, even
if previously skipped.
* Renamed all remaining API "null malloc" error messages to
"Out of memory"
* Harmonized in_dxfb with in_dxf, but still WIP

Here are the compressed sources:
http://ftp.gnu.org/gnu/libredwg/libredwg-0.7.tar.gz (9.4MB)
http://ftp.gnu.org/gnu/libredwg/libredwg-0.7.tar.xz (3.5MB)

https://github.com/LibreDWG/libredwg/releases/tag/0.7 (also window binaries)

Here are the GPG detached signatures[*]:
http://ftp.gnu.org/gnu/libredwg/libredwg-0.7.tar.gz.sig
http://ftp.gnu.org/gnu/libredwg/libredwg-0.7.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

Here are the SHA256 checksums:

76f0329b5b175cb2a8d0a66854f91c21c31bdff6cb6ff04569c7fdd3ad4b069d libredwg-0.7.tar.gz
cbef6b9d48877ca26a54115b9ef9a7fd02d0279a94e79d2247f80277820b888d libredwg-0.7.tar.xz
6031e0c4fbc81eb84a8359fc9a282a7571dbfe2b5d345df15cc20490f707274c libredwg-0.7-win32.zip
69ee51bab4e0d9b406ab7fad3ffa18fb088a295ca59fb06b342994fc8ebdf7da libredwg-0.7-win64.zip

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify libredwg-0.7.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414

and rerun the 'gpg --verify' command.

06 December, 2018 12:07AM by Reini Urban

December 03, 2018

GNU Guix

GNU Guix receives donation from the Handshake project

Just a few days after it turned six, Guix received a great birthday present: the Handshake project, which works on the design and implementation of a decentralized naming protocol compatible with the Domain Name System (DNS), made a large donation to the GNU Project via the Free Software Foundation (FSF). Of this donation, 100,000 USD go to GNU Guix.

Handshake & Guix logos.

This donation will allow the project to guarantee its independence, invest in hardware for its build farm, and develop new features to benefit all our users.

We will be able to grow the performance and reliability of our existing infrastructure. We also envision better support for new and liberating architectures, and more resilient long-term storage of binaries and source code.

It will also allow us to continue our outreach efforts and attract new interns, for example through Outreachy, to further improve and promote the project.

The project funds are held by the FSF and spending is overseen by a committee currently consisting of Ricardo Wurmus, Tobias Geerinckx-Rice, and Ludovic Courtès, all core Guix developers. The FSF is the fiscal sponsor of free software efforts, including Guix, as part of its Working Together for Free Software fund. Other recipients include GNU Octave, the GNU Tool Chain, and Replicant. Congratulations to them as well!

Above all, a big thank you to Handshake for its support of free software and GNU! The least we could do to show our appreciation was to add a package definition for the Handshake resolver daemon, which we just did.

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on i686, x86_64, ARMv7, and AArch64 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

03 December, 2018 09:00PM by Ludovic Courtès, Tobias Geerinckx-Rice, Ricardo Wurmus

FSF News

Free Software Foundation receives $1 million from Handshake

BOSTON, Massachusetts, USA -- Monday, December 3rd, 2018 -- The Free Software Foundation (FSF) announced it has received several earmarked charitable donations from Handshake, an organization developing an experimental peer-to-peer root domain naming system, totaling $1 million. These gifts will support the FSF's organizational capacity, including its advocacy, education, and licensing initiatives, as well as specific projects fiscally sponsored by the FSF.

John Sullivan, FSF's executive director, said, "Building on the $1 million Bitcoin gift from the Pineapple Fund earlier this year, and our record high number of individual associate members, it is clear that software freedom is more important than ever to the world. We are now at a pivotal moment in our history, on the cusp of making free software the 'kitchen table issue' it must be. Thanks to Handshake and our members, the Free Software Foundation looks forward to scaling to the next level of free software activism, development, and community."

Rob Myers of Handshake said, "The FSF is a worldwide leader in the fight to protect the rights of all computer users through its support for the production of free software, including the GNU operating system and its campaigns to raise awareness such as Defective by Design. Handshake is proud to be able to support the FSF in its important work to secure our freedom."

These significant contributions from Handshake will fuel the FSF's efforts with activists, developers, and lawyers around the world. They include:

  • $400,000 for the FSF's organizational capacity, publications, licensing, and activist initiatives;

  • $200,000 for Replicant, the fully free mobile operating system based on Android;

  • $100,000 for GNU Guix and GuixSD, a package manager supporting transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and more, as well as a distribution of the GNU operating system using that package manager;

  • $100,000 for GNU Octave, a high-level language, primarily intended for numerical computations;

  • $100,000 to help the GNU Project address important threats like nonfree JavaScript; and

  • $100,000 for the GNU Toolchain, which provides the foundational software components of the GNU/Linux system and the Internet.

Replicant developer Denis "GNUtoo" Carikli said, "So far, Replicant development has been driven by very few individuals contributing to it in their free time. Donations have been used to enable Replicant developers to buy new devices to port Replicant on, and to enable new Replicant developers to work on already-supported devices. They were also used to enable developers to attend conferences to promote Replicant and try to find new contributors. The kind of amount we received will enable Replicant to fund development, first to fix the most critical bugs, and then to upstream most of its code, making it more sustainable, and also enabling other projects to reuse Replicant's work to improve users' freedom."

Guix developer and project committee member Ricardo Wurmus said, "This donation allows the GNU Guix project to guarantee its independence, invest in hardware, and develop new features to benefit all our users. We'll be able to grow the performance and reliability of our existing infrastructure. We also envision better support for new and liberating architectures, and more resilient long-term storage of binaries and source code. It will also allow us to continue our outreach efforts and attract new interns to further improve and promote the project."

John W. Eaton, original author and primary maintainer of GNU Octave, said, "We are grateful for such a generous donation. It is by far the single largest monetary contribution we have ever received, and we thank Handshake for including Octave in this select group. We have only begun to imagine how these funds might impact Octave, but given the size of the gift, we intend something transformational and previously impossible."

David Edelsohn, founding GCC Steering Committee member and GNU Toolchain Fund trustee, said "We are incredibly gratified by the confidence in and support for the GNU Toolchain demonstrated by this donation. This donation will allow the project to greatly expand its outreach to students and new developers. It allows us to move forward on a number of fronts with confidence that we have the resources to match our imagination."

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to run, change, share, and contribute to computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contact

John Sullivan
Executive Director
Free Software Foundation
+1 (617) 542 5942
campaigns@fsf.org

03 December, 2018 06:10PM

December 02, 2018

Sylvain Beucler

New Android SDK/NDK Rebuilds

As described in a previous post, Google is still click-wrapping all Android developer binaries with a non-free EULA.

I recompiled SDK 9.0.0, NDK r18b and SDK Tools 26.1.1 from the free sources to get rid of it:

https://android-rebuilds.beuc.net/

with one-command, Docker-based builds:

https://gitlab.com/android-rebuilds/auto

This triggered an interesting thread about the current state of free dev tools to target the Android platform.

Hans-Christoph Steiner also called for joining efforts towards a repository hosted using the F-Droid architecture:

https://forum.f-droid.org/t/call-for-help-making-free-software-builds-of-the-android-sdk/4685

What do you think?

02 December, 2018 02:59PM

November 30, 2018

wget @ Savannah

GNU Wget 1.20 Released

Noteworthy Changes in this release:

  • Add new option `--retry-on-host-error` to treat local errors as transient and hence Wget will retry to download the file after a brief waiting period.
  • Fixed multiple potential resource leaks as found by static analysis
  • Wget will now not create an empty wget-log file when running with -q and -b switches together
  • When compiled using the GnuTLS >= 3.6.3, Wget now has support for TLSv1.3
  • Now there is support for using libpcre2 for regex pattern matching
  • When downloading over FTP recursively, one can now use the

--{accept,reject}-regex switches to fine-tune the downloaded files

  • Building Wget from the git sources now requires autoconf 2.63 or above. Building from the Tarballs works as it used to.

30 November, 2018 12:14AM by Darshit Shah

November 28, 2018

dejagnu @ Savannah

DejaGnu 1.6.2 released

DejaGnu 1.6.2 was released on 28 November 2018. A maintenance release.

28 November, 2018 06:03AM by Ben Elliston

November 27, 2018

health @ Savannah

Release of GNU Health 3.4

Dear community

We are proud to announce the release of GNU Health 3.4 series !

It's been over a year of hard work, integrating the latest in technology and Social Medicine into GNU Health.

This versions incorporates many cool features, some of them are :

  • The GNU Health Federation model
  • Thalamus message server
  • New Health Information System (on MongoDB)
  • Person Master Index
  • MongoDB support (on the HIS)
  • Updated UniprotKB database with over 30K protein natural variants
  • Contextualized information on genetics and social determinants
  • Genetic and family history and environmental factors integrated to the Page of Life and Federation
  • The GNU Health Book of Life
  • Tryton 4.6 integration on the HMIS node
  • All GNU Health packages are natively in Python 3
  • Enhanced support for Calendar and WebDAV system
  • GNU LIMS improvements in views
  • Pypi packages with our own name ("gnuhealth-<package>")
  • Native client has a command line interface
  • Over 30 new commands for the main daily tasks
  • Enhanced GNU Health camera plugin, including zoom
  • Activity Log window on the client
  • SYSINFO command to retrieve the information about client and server
  • Customize the banner on the client
  • Reports are generated now in PDF format

The GNU Health Federation

The GNU Health Federation (aka, The Federation) is here !
This is revolutionary and ground breaking. With the Federation, we will be able to integrate heterogeneous systems and build large regional and national health networks. No more data isolation. No more silos. The GNU Health Federation is a great tool for the people, health practitioners, research institutions and public health systems.

Relevant demographics and medical information will be up-to-date, no matter where the person and patient visits. It is great tool for early detection on epidemics, improving the health promotion and disease prevention campaigns.

I am also optimist about the role of the Federation in integrative anc precision medicine. It combines Nature and Nurture, and can shed light on the diagnostic and therapeutics of devastating and elusive genetic diseases, cancer and autoimmune disorders.

The GNU Health Federation components (eg, Thalamus), will have their own development process, so they can be integrated with each of the other GNU Health projects without blocking each other.

This journey is just starting, but I trust that, as a community, we'll be able to tackle today and future issues in health.

Derivative languages / translations

GNU Health takes the approach of derivative languages, which will simplify the localization effort. Basically, for languages who have many strings in common, will only have to work on those strings that differ from a main source.
Let's take the example of Spanish. The new approach will work in the following way:
- One source language "es"
- Many derivative / regional languages (es_ES, es_AR, es_PE, es_VE ... ).

Until now, each derivative language had, except the local terminology, the same strings as the source. That makes localization harder to maintain,and larger in size.
The new method allow the translators to focus on the main source language, greatly improving the quality of the translation, and without duplication.

Please make sure that you focus on the generic language first, and only add local terms in the derivative language.

Summary of Upgrade steps

  • Make a FULL BACKUP your kernel, database and attach directories !!!
  • Follow the instructions on the Wikibooks.
  • Apply the SQL script "upgrade_34.sql" found under scripts/upgrade/3.4 of the main source installation tarball.
  • Upgrade the instance

Last but not least....oo matter how hard we try to avoid them, there will be bugs, so please test the new system, upgrade process, languages, ... and please report them via health@gnu.org

Enjoy Freedom in Healthcare !

--
Dr. Luis Falcon, M.D., BSc
President, GNU Solidario
GNU Health: Freedom and Equity in Healthcare
http://health.gnu.org
GNUPG Fingerprint :ACBF C80F C891 631C 68AA 8DC8 C015 E1AE 0098 9199

27 November, 2018 03:26PM by Luis Falcon

November 22, 2018

parallel @ Savannah

GNU Parallel 20181122 ('Kilogram') released

GNU Parallel 20181122 ('Kilogram') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Quote of the month:

HOLY STUFF I LOVE GNU PARALLEL
-- Nick (but spookier) @NickInfoSec@twitter

New in this release:

  • Experimental simpler job flow control.
  • Bug fixes and man page updates.

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with: (wget -O - pi.dk/3 || curl pi.dk/3/) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your commandline will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 November, 2018 11:50PM by Ole Tange

November 21, 2018

bison @ Savannah

Bison 3.2.2 released [stable]

Bison 3.2.2 is a bug fix releases of Bison 3.2.

Bison 3.2 brought massive improvements to the deterministic C++ skeleton,
lalr1.cc. When variants are enabled and the compiler supports C++11 or
better, move-only types can now be used for semantic values. C++98 support
is not deprecated. Please see the NEWS below for more details.

Many thanks to Frank Heckenbach for paving the way for this release with his
implementation of a skeleton in C++17, and to Nelson H. F. Beebe for testing
exhaustively portability issues.

==================================================================

Bison is a general-purpose parser generator that converts an annotated
context-free grammar into a deterministic LR or generalized LR (GLR) parser
employing LALR(1) parser tables. Bison can also generate IELR(1) or
canonical LR(1) parser tables. Once you are proficient with Bison, you can
use it to develop a wide range of language parsers, from those used in
simple desk calculators to complex programming languages.

Bison is upward compatible with Yacc: all properly-written Yacc grammars
ought to work with Bison with no change. Anyone familiar with Yacc should be
able to use Bison with little trouble. You need to be fluent in C or C++
programming in order to use Bison. Java is also supported.

Here is the GNU Bison home page:
https://gnu.org/software/bison/

==================================================================

Here are the compressed sources:
https://ftp.gnu.org/gnu/bison/bison-3.2.2.tar.gz (4.1MB)
https://ftp.gnu.org/gnu/bison/bison-3.2.2.tar.xz (2.1MB)

Here are the GPG detached signatures[*]:
https://ftp.gnu.org/gnu/bison/bison-3.2.2.tar.gz.sig
https://ftp.gnu.org/gnu/bison/bison-3.2.2.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify bison-3.2.2.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys 0DDCAA3278D5264E

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
Autoconf 2.69
Automake 1.16.1
Flex 2.6.4
Gettext 0.19.8.1
Gnulib v0.1-2222-g48a6c46b0

NEWS

21 November, 2018 08:32PM by Akim Demaille

November 20, 2018

orgadoc @ Savannah

GNU OrgaDoc 1.0 Released

# Changes since v0.9 #

  • Removed orgadoc-add-docs script due to outdated use.
  • Rewritten to C89 standard from Eiffel.
  • Added -m/--merge option to orgadoc-init-readme.
  • Cleaned usages and modernised what orgadoc is used for.
  • Rewrote the configure approach.
  • Rewrote documentation.
  • Removed the TODO document.
  • Bumped version to 1.0.

C89 was chosen to ensure maximum portability for legacy as well as modern systems.

20 November, 2018 09:50AM by Adam Bilbrough

November 14, 2018

gxmessage @ Savannah

gxmessage has a new homepage

My old web host shuts down on November 30, 2018. Gxmessage has a new homepage at the following address:

https://trmusson.dreamhosters.com/programs.html#gxmessage

14 November, 2018 04:36AM by Timothy Musson

ignuit @ Savannah

iGNUit has a new homepage address

The host for iGNUit's homepage has changed. The new URL is:

https://trmusson.dreamhosters.com/programs.html#ignuit

14 November, 2018 04:29AM by Timothy Musson

November 10, 2018

bison @ Savannah

Bison 3.2.1 released [stable]

We would have been happy not to have to announce the release of Bison 3.2.1,
which fixes portability issues of Bison 3.2.

Bison 3.2 brought massive improvements to the deterministic C++ skeleton,
lalr1.cc. When variants are enabled and the compiler supports C++11 or
better, move-only types can now be used for semantic values. C++98 support
is not deprecated. Please see the NEWS below for more details.

Many thanks to Frank Heckenbach for paving the way for this release with his
implementation of a skeleton in C++17, and to Nelson H. F. Beebe for testing
exhaustively portability issues.

==================================================================

Bison is a general-purpose parser generator that converts an annotated
context-free grammar into a deterministic LR or generalized LR (GLR) parser
employing LALR(1) parser tables. Bison can also generate IELR(1) or
canonical LR(1) parser tables. Once you are proficient with Bison, you can
use it to develop a wide range of language parsers, from those used in
simple desk calculators to complex programming languages.

Bison is upward compatible with Yacc: all properly-written Yacc grammars
ought to work with Bison with no change. Anyone familiar with Yacc should be
able to use Bison with little trouble. You need to be fluent in C or C++
programming in order to use Bison. Java is also supported.

Here is the GNU Bison home page:
https://gnu.org/software/bison/

==================================================================

Here are the compressed sources:
https://ftp.gnu.org/gnu/bison/bison-3.2.1.tar.gz (4.1MB)
https://ftp.gnu.org/gnu/bison/bison-3.2.1.tar.xz (2.1MB)

Here are the GPG detached signatures[*]:
https://ftp.gnu.org/gnu/bison/bison-3.2.1.tar.gz.sig
https://ftp.gnu.org/gnu/bison/bison-3.2.1.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify bison-3.2.1.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys 0DDCAA3278D5264E

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
Autoconf 2.69
Automake 1.16.1
Flex 2.6.4
Gettext 0.19.8.1
Gnulib v0.1-2176-ga79f2a287

NEWS

10 November, 2018 06:56AM by Akim Demaille

November 09, 2018

FSF News

FSF job opportunity: web developer

The Free Software Foundation (FSF), a Massachusetts 501(c)(3) charity with a worldwide mission to protect computer user freedom, seeks a motivated and talented Boston-based individual to be our full-time web developer.

This position, reporting to the executive director, works closely with our sysadmin team and chief technology officer to maintain and improve the FSF's Web presence. The FSF uses several different free software Web platforms in the course of our work, both internally and externally. These platforms are critical to work supporting the GNU Project, free software adoption, free media formats, and freedom on the Internet; and to opposing bulk surveillance, Digital Restrictions Management, software patents, and proprietary software.

We are looking for someone who is comfortable with keeping these systems up-to-date and working, as well as customizing them when necessary. While the main duties will relate to the backend systems, frontend experience with templates, HTML, CSS, JavaScript, and design tools will be a big plus. The web developer will help lead major projects, such as the relaunch of https://www.fsf.org and migration of https://audio-video.gnu.org to GNU MediaGoblin. They will also be part of the team running the annual LibrePlanet conference, and contribute to decisions about which new platforms to use or which existing ones to retire.

Examples of platforms maintained by the web developer include, but are not limited to:

  • CiviCRM
  • Drupal
  • MediaWiki
  • Plone / Zope
  • Ikiwiki
  • Request Tracker
  • Etherpad
  • CAS
  • GNU social
  • GNU MediaGoblin
  • Icecast

Because the FSF works globally and seeks to have our materials distributed in as many languages as possible, multilingual candidates will have an advantage. With our small staff of fourteen, each person makes a clear contribution. We work hard, but offer a humane and fun work environment at an office located in the heart of downtown Boston.

The FSF is a mature but growing organization that provides great potential for advancement; existing staff get the first chance at any new job openings. This position is also a good starting point for anyone who might be interested in other roles on our technical team in the future.

Benefits and salary

This job is a union position that must be worked on-site at the FSF's downtown Boston office. The salary is fixed at $53,269/year, and is non-negotiable. Benefits include:

  • fully subsidized individual or family health coverage through Blue Cross Blue Shield;
  • partially subsidized dental plan;
  • four weeks of paid vacation annually;
  • seventeen paid holidays annually;
  • weekly remote work allowance;
  • public transit commuting cost reimbursement;
  • 403(b) program with employer match;
  • yearly cost-of-living pay increases based on government guidelines;
  • health care expense reimbursement;
  • ergonomic budget;
  • relocation (to Boston area) expense reimbursement;
  • conference travel and professional development opportunities; and
  • potential for an annual performance bonus.

Application instructions

Applications must be submitted via email to hiring@fsf.org. The email must contain the subject line "web developer." A complete application should include:

  • resume;
  • cover letter; and
  • links to any previous work online.

All materials must be in a free format. Email submissions that do not follow these instructions will probably be overlooked. No phone calls or paper applications, please.

Applications will be reviewed on a rolling basis until the position is filled. To guarantee consideration, submit your application by Friday, November 30, 2018.

The FSF is an equal opportunity employer and will not discriminate against any employee or application for employment on the basis of race, color, marital status, religion, age, sex, sexual orientation, national origin, handicap, or any other legally protected status recognized by federal, state or local law. We value diversity in our workplace. Women, people of color and LGBTQ individuals are strongly encouraged to apply.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://www.fsf.org and https://www.gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. We are based in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

09 November, 2018 06:25PM

November 07, 2018

Riccardo Mottola

ArcticFox on 10.6

ArcticFox, currently in my own fork, succesfully compiles natively on MacOS 10.6 Snow Leopard and runs! 64 bit currently.
Great news for those who use older but still perfectly capable Macintoshes....

ArcticFox derives from PaleMoon 27 which in turn is FireFox derived.

I tried Facebook and even WebGL samples as this screenshot shows.



This Blog entry is written natively on my MacBook and ArcticFox.

07 November, 2018 10:52PM by Riccardo (noreply@blogger.com)

libredwg @ Savannah

libredwg-0.6.2 released

Important bugfixes:
* Fixed several out_dxf segfaults (#39)
* Enhanced the section size limit from 2032 to 2040.
There were several DWG files with a section size of 2035
in the wild. (PR #41, Denis Pryt)
* Fixed EED realloc on decoding when end - dat->byte == 1
(PR #41, Denis Pryt)

Here are the compressed sources:
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.2.tar.gz (9.8MB)
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.2.tar.xz (3.7MB)

Here are the GPG detached signatures[*]:
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.2.tar.gz.sig
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.2.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

Here are more binaries:
https://github.com/LibreDWG/libredwg/releases/tag/0.6.2

Here are the SHA256 checksums:

b886962feb1a03ebbed572fde7754334654fc16a91484eef13338faad5f40b74 libredwg-0.6.2.tar.gz
b17a5bc2a4f7cc13aa2c26c890cba9954ca768643884c8740c1a6b045c07591f libredwg-0.6.2.tar.xz

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify libredwg-0.6.2.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414

and rerun the 'gpg --verify' command.

07 November, 2018 10:51AM by Reini Urban

November 06, 2018

pspp @ Savannah

PSPP 1.2.0 has been released.

I'm very pleased to announce the release of a new version of GNU PSPP. PSPP is a program for statistical analysis of sampled data. It is a free replacement for the proprietary program SPSS.

Changes from 1.0.1 to 1.2.0:

  • New experimental command SAVE DATA COLLECTION to save MDD files.
  • MTIME and YMDHMS variable formats now supported.
  • Build changes:
    • zlib is now a required dependency. (Previously it was optional.)
    • Gtk+3.18.0 or later must now be used when building.
    • The code implementing the sheet rendering has been removed. Instead we use a third party library: spread-sheet-widget.
  • The "NOMISSING" keyword when generating syntax for piecharts in the

frequencies command was omitted. This has been corrected.

06 November, 2018 02:50PM by Ben Pfaff

guile-cv @ Savannah

Guile-CV version 0.2.1

Guile-CV version 0.2.1 is released! (November 2018)

For a list of changes since the previous version, visit the NEWS file. For a complete description, consult the git summary and git log

06 November, 2018 01:06AM by David Pirotte

November 05, 2018

libredwg @ Savannah

libredwg-0.6.1 released [alpha]

This is a minor bugfix release, fixing
mostly a decoding error with LWPOLYLINE points.

Here are the compressed sources:
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.1.tar.gz (9.8MB)
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.1.tar.xz (3.7MB)

Here are the GPG detached signatures[*]:
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.1.tar.gz.sig
http://ftp.gnu.org/gnu/libredwg//libredwg-0.6.1.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

Here are more binaries:
https://github.com/LibreDWG/libredwg/releases/tag/0.6.1

Here are the SHA256 checksums:

290e315f8215e18520587cdb70810b57b78ffe1f28a9d54117c30aa9d4d79403 libredwg-0.6.1.tar.gz
dc15dc0074415e2fe3f562a3dc2a826e85589074cd7d46f5edd04baf731e9f36 libredwg-0.6.1.tar.xz

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify libredwg-0.6.1.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414

and rerun the 'gpg --verify' command.

05 November, 2018 01:07PM by Reini Urban

November 04, 2018

health @ Savannah

GNU Health 3.4 RC1 ready to test !

Dear community

After over a year of hard work, we're getting close to the release of GNU Health 3.4 !

GH 3.4 comes with lots of new and exciting features, including the Federation, Thalamus, updated genetics, calendar server, native client and mongoDB integration, GH embedded (raspi) among others.

I just uploaded to pypi the Release Candidate 1 of the gnu health client (3.4rc1), thalamus (0.9.0), and the GNU Health HMIS component (3.4rc1)

In addition, you can download the HMIS component, with the plugins (Federation Resource Locator, GNU Health Camera and GNU Health Crypto) from our site:
http://health.gnu.org/downloads/development/unstable/gnuhealth-34rc1.tar.gz

This week I will also update the community server operating system, install Thalamus, the calendar server, the HMIS node, and MongoDB, so we can all test the federation features.

There is a lot to test, update localization / language strings and document. Please report any issues you may find, and enjoy testing the upcoming GNU Health ecosystem !

Best
Luis

04 November, 2018 11:30PM by Luis Falcon

October 31, 2018

Christopher Allan Webber

Announcing Goblins (the actor model foundation of Spritely)

In my last post I talked about launching the Spritely project in all its ambitiousness. As I said, I plan on releasing it as a series of "demos". What I mean by "demo" is fairly loose: things you can try and see, artifacts to indicate progress as I go. Convergence slowly towards a goal.

Over the last week I released the first version of the foundation of this work, which I'm calling Goblins. v0.1, a pre-pre-alpha release, is now out the door. Goblins is an actor model implementation for the Racket programming language. I think if you know some Racket, then the Goblins documentation should be fairly approachable, and I'd love to hear feedback. Not everything is documented, but it should give you a nice taste of what the core ideas are. (Astute readers may observe that Goblins' name shares striking resemblance to another project I have worked on; this is no coincidence and is indeed a hint as to what I think the future direction of that area of work is.)

Most live distributed systems are in some way a language-level actor model implementation, but knowing that you're an actor model implementation may change how you do things. (ActivityPub is itself an actor model protocol, though I think not all implementors realize that.) Goblins is the third generation of an actor model I've written, the previous ones being XUDD and 8sync. (Maybe if you count the big rewrite I did of 8sync to run it on top of fibers, it could be the fourth generation.)

If you read the Spritely blogpost you'll know that distributed games are part of the long con here. This isn't the first time I've written a game system on top of one of these actor model implementations; in fact if you scroll down on 8sync website you'll (currently) see a video of me presenting on Mudsync, a multi-user dungeon written in 8sync, where in the talk instead of slides I had rooms, and the audience was moving around in the world and I was changing it in response to their suggestions.

But the drive of the actor model connected to social distributed games goes back further for me. I initially got interested in an actor model the first time I tried to work on the whole multiplayer game front about a decade ago. A friend and I spent a couple hours experimenting with threads and locks and after the first demo it was obvious that was never going to work. I remembered I had been told by a former coworker that they had used a system that had an actor model + coroutines as its basis; I didn't know what either of those things were yet, but as I looked into them it became clear to me that this was the right route. But one piece since then until recently remained a mystery to me, which was how to manage the complex web of authorization between the objects.

Last year at TPAC, the World Wide Web consortium's conference, I was staying with some people who asked me what I would do if I had unlimited time to work on whatever I wanted. I sheepishly admitted to my dream of a federated social web as a distributed game, and expected to be laughed out of the room. I was surprised to find out that nearly everyone I was working with had some background in this same work and dream. This gave me some hope that I wasn't completely foolish, and the observation that even failure in persuing this ambitious dream would probably result in useful artifacts.

And last year at Rebooting Web of Trust, I hit a big breakthrough. I had the chance to meet Mark S. Miller in person, someone who's work I read but barely understood at the time, and this meeting in some ways changed the direction of my career. For one thing, it lead to us collaborating on the foundation for the ocap-ld specification, which came out of a paper we collaborated on from that event (also available in nicely formatted PDF form). But what I also discovered was that Mark Miller and company had actually built the distributed and secure social network dream in the late 1990s and called it Electric Communities (rare video of it being demonstrated, and a rare video of some of the out-there ideas). What I found out was that they had solved most of the remaining questions about authorization and security through object capabilities, and that was through a pile of object capability patterns built on top of the actor model. While Electric Communities did not survive, its foundation of the the "E" programming language lived on, pulling in many of its good ideas with it. I proceeded to read as much documentation about E and surrounding capability patterns as I could, and this has majorly influenced Goblins' design. (Don't underestimate the depth of ideas on erights.org just because it looks like an ancient Geocities page... it did come from that era after all...)

Another key insight came from discovering the Object-Capability Security in Virtual Environments paper. I won't go into details on this except to say that it's a must-read for this problem domain, with the caveat that it pulls in a lot of terminology baggage from the object capability (aka ocap) community. The ocap community is one of those groups that has so many of the right ideas but which unfortunately is also drowning in its own verbiage, despite true efforts to make the ideas more accessible. We (and I guess I'm part of this group now, so "we" is appropriate) need to do better, but it isn't easy.

Goblins is still in its very early days. Its api is unstable and it surely has bugs (this one in particular I need to deal with, and which even exposed an underlying bug in Racket, which did get fixed quickly because the Racket community is amazing). Please don't build anything production-oriented on top of it yet. That said, I'd love users to try things. Check out the docs, see if they're up your alley.

If you like this kind of work and want to see more of it, consider donating; I don't have a corporate sponsor, so progress is funded by people like you. And keep watching here; more Spritely demos/artifacts/releases on the horizon.

31 October, 2018 07:40PM by Christopher Lemmer Webber

October 29, 2018

bison @ Savannah

Bison 3.2 released [stable]

We are very happy to announce the release of Bison 3.2!

Massive improvements were brought to the deterministic C++ skeleton,
lalr1.cc. When variants are enabled and the compiler supports C++11 or
better, move-only types can now be used for semantic values. C++98 support
is not deprecated. Please see the NEWS below for more details.

Many thanks to Frank Heckenbach for paving the way for this release with his
implementation of a skeleton in C++17.

==================================================================

Bison is a general-purpose parser generator that converts an annotated
context-free grammar into a deterministic LR or generalized LR (GLR) parser
employing LALR(1) parser tables. Bison can also generate IELR(1) or
canonical LR(1) parser tables. Once you are proficient with Bison, you can
use it to develop a wide range of language parsers, from those used in
simple desk calculators to complex programming languages.

Bison is upward compatible with Yacc: all properly-written Yacc grammars
ought to work with Bison with no change. Anyone familiar with Yacc should be
able to use Bison with little trouble. You need to be fluent in C or C++
programming in order to use Bison. Java is also supported.

Here is the GNU Bison home page:
https://gnu.org/software/bison/

==================================================================

Here are the compressed sources:
https://ftp.gnu.org/gnu/bison/bison-3.2.tar.gz (4.1MB)
https://ftp.gnu.org/gnu/bison/bison-3.2.tar.xz (2.1MB)

Here are the GPG detached signatures[*]:
https://ftp.gnu.org/gnu/bison/bison-3.2.tar.gz.sig
https://ftp.gnu.org/gnu/bison/bison-3.2.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify bison-3.2.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys 0DDCAA3278D5264E

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
Autoconf 2.69
Automake 1.16.1
Flex 2.6.4
Gettext 0.19.8.1
Gnulib v0.1-2176-ga79f2a287

==================================================================

29 October, 2018 08:30PM by Akim Demaille

mit-scheme @ Savannah

MIT/GNU Scheme 10.1 released

See the release notes for the highlights.

29 October, 2018 06:16AM by Chris Hanson

October 27, 2018

mailutils @ Savannah

Version 3.5

Version 3.5 is available for download from main GNU ftp server. You can also use one of the mirrors for higher download bandwidth.

New in this release

Support for Guile version 2.2.0 and later

Support for prior versions has been withdrawn.

New scheme functions

  • mu-encoder-port port name . args

Create encoding port using Mailutils filter name with optional arguments args. The port argument must be a port opened either for writing
or for reading, but not both. The returned port will have the same mode as port.

If port is open for reading, data will be read from it, passed through the filter and returned. If it is open for writing, data written to the returned port will be passed through filter and its output will be written to port.

  • mu-decoder-port port name . args

Create decoding port using Mailutils filter name with optional arguments args. The port argument must be a port opened either for writing
or for reading, but not both. The returned port will have the same mode as port.

If port is open for reading, data will be read from it, passed through the filter and returned. If it is open for writing, data written to the returned port will be passed through filter and its output will be written to port.

  • mu-header-decode hdr [charset]

Decode the header value hdr, encoded as per RFC 2047.
Optional charset defaults to "utf-8".

  • mu-header-encode hdr [encoding [charset]]

Encode the string hdr as per RFC 2047.
Allowed values for encoding are "base64" and "quoted-printable".
Default is selected depending on number of printable characters in hdr.
Optional charset defaults to "utf-8".

Introduced support for Python 3.x

Define sieve variables from the command line

The sieve utility now allows you to supply initial values for RFC 5229 variables using the --variable command line option, e.g.

Support for Berkeley DB versions 5 and 6

headline variable in the mail utility

The new %D specifier has been implemented, which allows the user to supply arbitrary strftime(3) format string for outputting message
date/time. E.g.:

In simplified form, %D can be followed by a single time format specifier. E.g. %DH can be used instead of %D{%H}.

Bugfixes

  • Fix alignment specifiers in the headline variable (mail utility)
  • Fix eventual segmentation violation in imap4d
  • Fix endianness bug in string to IP conversion
  • Force terminating null character in the output of mh_format
  • Fix bug in base64 encoder - don't return immediately upon receiving eof
  • Fix command expansion in wordsplit

27 October, 2018 08:10AM by Sergey Poznyakoff

gdbm @ Savannah

Version 1.18.1

Version 1.18.1 is available for download (see also list of mirrors).

This is an intermediate release that restores backward compatibility with databases created by gdbm 1.8 (and some later versions, if built with mmapped I/O disabled). See Debian bug 910911 for details.

27 October, 2018 06:39AM by Sergey Poznyakoff

October 22, 2018

parallel @ Savannah

GNU Parallel 20181022 ('Khashoggi') released

GNU Parallel 20181022 ('Khashoggi') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Quote of the month:

What this country needs is a president with a strong understanding of GNU Parallel, Awk, Sed, Grep, and Diff
-- Gregg Housh @GreggHoush

New in this release:

  • env_parallel.fish: --session support (alpha quality)
  • GNU Parallel was cited in: High-throughput sequencing of murine immunoglobulin heavy chain repertoires using single side unique molecular identifiers on an Ion Torrent PGM https://doi.org/10.18632/oncotarget.25493
  • Bug fixes and man page updates.

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with: (wget -O - pi.dk/3 || curl pi.dk/3/) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your commandline will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 October, 2018 11:32PM by Ole Tange

October 21, 2018

GNUnet News

October 18, 2018

FSF News

Keynotes announced for LibrePlanet 2019 free software conference

BOSTON, Massachusetts, USA -- Thursday, October 18, 2018 -- The Free Software Foundation (FSF) today announced all four keynote speakers who will appear at the 11th annual LibrePlanet free software conference, which will take place in the Boston area, March 23-24, 2019.

Keynote speakers for the 10th annual LibrePlanet conference will include Debian Project contributor Bdale Garbee, free software activist Micky Metts, physician Tarek Loubani, and FSF founder and president Richard Stallman.

LibrePlanet is an annual conference for free software users and anyone who cares about the intersection of technology and social justice. For ten years, LibrePlanet has brought together thousands of diverse voices and knowledge bases, including free software developers, policy experts, activists, hackers, students, and people who have just begun to learn about free software.

Bdale Garbee

Bdale Garbee has contributed to the free software community since 1979. He was an early participant in the Debian Project, helped port Debian GNU/Linux to five architectures, served as the Debian Project Leader, then chairman of the Debian Technical Committee for nearly a decade, and remains active in the Debian community. For a decade, Bdale served as president of Software in the Public Interest. He also served on the board of directors of the Linux Foundation, representing individual affiliates and the developer community. Bdale currently serves on the boards of the Freedombox Foundation, the Linux Professional Institute, and Aleph Objects. He is also a member of the Evaluations Committee at the Software Freedom Conservancy. In 2008, Bdale became the first individual recipient of a Lutece d'Or award from the Federation Nationale de l'Industrie du Logiciel Libre in France.

Micky Metts

Micky Metts is an owner of Agaric, a worker-owned technology cooperative. She is an activist hacker, industry organizer, public speaker, connector, advisor, and visionary. Micky is a member of the MayFirst People Link Leadership Committee, and is a liaison between the Solidarity Economy Network (SEN) and the United States Federation of Worker Cooperatives (USFWC), with an intention to bring communities together. Micky is also a founding member of a cohort that is building a new Boston public high school based in cooperative learning: BoCoLab. She is a member of FSF.org and Drupal.org, a community based in free software. She is a published author contributing to the book Ours to Hack and to Own, one of the top technology books of 2017 in Wired magazine.

Tarek Loubani

Dr. Tarek Loubani is an emergency physician who works at the London Health Sciences Centre in Canada and at Al Shifa Hospital in the Gaza Strip. He is a fellow of the Shuttleworth Foundation, where he focuses on free software medical devices. His organization, the Glia Project, develops free/libre medical device designs for 3D printing, in an effort to help medical systems such as Gaza's gain self-sufficiency and local independence.

"This year's keynote speakers reflect the breadth of the free software community and its impact," said FSF executive director John Sullivan. "If you attend LibrePlanet or watch our free software-based livestream, you will have the opportunity to hear from dedicated contributors, activists, and people who saw an important need in our world and met it using free software."

Richard Stallman

As he does each year, FSF president Richard Stallman will present the Free Software Awards and discuss opportunities for, and threats to, the free software movement. In 1983, Stallman launched the free software movement, and he began developing the GNU operating system (see https://www.gnu.org) the following year. GNU is free software: anyone may copy it and redistribute it, with or without modifications. GNU/Linux (the GNU operating system used in combination with the kernel Linux) is used on tens of millions of computers today. Stallman has received the ACM Grace Hopper Award, a MacArthur Foundation fellowship, the Electronic Frontier Foundation's Pioneer Award, and the Takeda Award for Social/Economic Betterment, as well as several doctorates honoris causa, and has been inducted into the Internet Hall of Fame.

The call for proposals is open until October 26, 2018. General registration and exhibitor and sponsor registration are also open.

About LibrePlanet

LibrePlanet is the annual conference of the Free Software Foundation. Over the last decade, LibrePlanet has blossomed from a small gathering of FSF members into a vibrant multi-day event that attracts a broad audience of people who are interested in the values of software freedom. To sign up for announcements about LibrePlanet 2019, visit https://www.libreplanet.org/2019.

Each year at LibrePlanet, the FSF presents its annual Free Software Awards. Nominations for the awards are open through Sunday, November 4th, 2018 at 23:59 UTC.

For information on how your company can sponsor LibrePlanet or have a table in our exhibit hall, email campaigns@fsf.org.

LibrePlanet 2018 was held at MIT from March 24-25, 2018. Nearly 350 attendees came together from across the world for workshops and talks centered around the theme of "Freedom Embedded." You can watch videos from last year's conference, including the opening keynote, an exploration of the potential for the free software community to last forever by maintaining its ideals while also welcoming newcomers, by Deb Nicholson, who is now director of community operations for the Software Freedom Conservancy.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://www.fsf.org and https://www.gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contacts

Molly de Blanc
Campaigns Manager
Free Software Foundation
+1 (617) 542-5942
campaigns@fsf.org

Photo of Richard Stallman by by Adte.ca. This image is licensed under a CC BY-SA 4.0 license. Photo of Tarek Loubani by Tarek Loubani. This image is licensed under a CC BY-SA 4.0 license. Photo of Bdale Garbee by Karen Garbee. This image is licensed under a CC BY-SA 4.0 license. Photo of Micky Metts by Micky Metts. This image is licensed under a CC BY 4.0 license.

18 October, 2018 07:05PM

October 14, 2018

Christopher Allan Webber

Spritely: towards secure social spaces as virtual worlds

If you follow me on the fediverse, maybe you already know. I've sent an announcement to my work that I am switching to doing a project named Spritely on my own full time. (Actually I'm still going to be doing some contracting with my old job, so I'll still have some income, but I'll be putting a full 40 hours a week into Spritely.)

tl;dr: I'm working on building the next generation of the fediverse as a distributed game. You can support this work if you so wish.

What on earth is Spritely?

"Well, vaporware currently", has been my joke since announcing it, but the plans, and even some core components, are starting to congeal, and I have decided it's time to throw myself fully into it.

But I still haven't answered the question, so I'll try to do so in bullet points. Spritely:

  • Aims to bring stronger user security, better anti-abuse tooling, stronger resistance against censorship, and more interesting interactions to users of the fediverse.
  • Is based on the massively popular ActivityPub standard (which I co-authored, so I do know a thing or two about this).
  • Aims to transform distributed social networks into distributed social games / virtual worlds. The dreams of the 90s are alive in Spritely.
  • Recognizes that ActivityPub is based on the actor model, and a pure version of the actor model is itself already a secure object capability system, so we don't have to break the spec to gain those powers... just change the discipline of how we use it.
  • Will be written in Racket.
  • Is an umbrella project for a number of modular tools necessary to get to this goal. The first, an object capability actor model system for Racket named Goblins, should see its first public release in the next week or two.
  • And of course it will be 100% free/libre/open source software.

That's a lot to unpack, and it also may sound overly ambitious. The game part in particular may sound strange, but I'll defend it on three fronts. First, not too many people run federated social web servers, but a lot of people run Minecraft servers... lots of teenagers run Minecraft servers... and it's not because Minecraft has the best graphics or the best fighting (it certainly doesn't), it's because Minecraft allows you to build a world together with your friends. Second, players of old MUDs, MOOs, MUSHes and etc from the 90s may recognize that modern social networks are structurally degenerate forms of the kinds of environments that existed then, but contemporary social networks lack the concept of a sense of place and interaction. Third, many interesting projects (Python's Twisted library, Flickr, much of object capability security patterns) have come out of trying to build such massively multiplayer world systems. Because of this last one in particular, I think that shooting for the stars means that if we don't make it we're likely to at least make the moon, so failure is okay if it means other things come out of it. (Also, four: it's a fun and motivating use case for me which I have explored before.)

To keep Spritely from being total vaporware, the way I will approach the project is by regularly releasing a series of "demos", some of which may be disjoint, but will hopefully increasingly converge on the vision. Consider Spritely a skunkworks-in-the-public-interest for the federated social web.

But why?

Standardizing ActivityPub was a much more difficult effort than anticipated, but equally or more so more successful than I expected (partly due to Mastodon's adoption launching it past the sound barrier). In that sense this is great news. We now have dozens of projects adopting it, and the network has (at last I looked) over 1.5 million registered users (which isn't the same as active users).

So, mission accomplished, right? Well, there are a few things that bother me.

  • The kind of rich interactions one can do are limited by a lack of authorization policy. Again, I believe object capabilities provide this, but it's not well explained to the public how to use it. (By contrast, Access Control Lists and friends are absolutely the wrong approach.)
  • Users are currently insufficiently protected from spam, abuse, and harassment while at the same time administrators are overwhelmed. This is leading a number of servers to move to a whitelisting of servers, which both re-centralizes the system and prioritizes big instances over smaller instances (it shouldn't matter what instance size you're on; arguably we should be encouraging smaller ones even). There are some paths forward, and I will hint at just one: what would happen if instead of one inbox, we had multiple inboxes? If I don't know you, you can access me via my public inbox, but maybe that's heavily moderated or you have to pay "postage". If I do know you, you might have an address with more direct access to me.
  • Relatedly, contemporary fediverse interfaces borrow from surveillance-capitalism based popular social networks by focusing on breadth of relationships rather than depth. Ever notice how the first thing Twitter shows you when you hover over a person's face is how many followers they have? I don't know about you, but I immediately compare that to my own follower count, and I don't even want to. This encourages high school popularity contest type bullshit, and it's by design. What if instead of focusing on how many people we can connect to we instead focused on the depth of our relationships? Much of the fediverse has imported "what works" directly from Facebook and Twitter, but I'd argue there's a lot we can do if we drop the assumption that this is the ideal starting base.
  • The contemporary view in the fediverse is that social scoping is like Python scoping: locals (instance) and globals (federation). Instance administrators are even encouraged to set up to run communities based on a specific niche, which is a nice reason to motivate administrators but it causes problems: even small differences between servers' expected policies often result in servers banning each other entirely. (Sometimes this is warranted, and I'm not opposed to moderation but rather looking for more effective forms of it.) Yet most of us are one person but part of many different communities with different needs. For instance, Alice may be a computer programmer, a tabletop game enthusiast, a fanfiction author, and a member of her family. In each of those settings she may present herself differently and also have different expectations of what is acceptable behavior. Alice should not need multiple accounts for this on different servers, so it would seem the right answer for community gathering is closer to something like mailing lists. What is acceptable at the gaming table may not be acceptable at work, and what happens on the fanfiction community perhaps does not need to be shared with one's family, and each community should be empowered to moderate appropriately.
  • I'd like to bridge the gap between peer to peer and federated systems. One hint as to how to do this: what happens when you run ActivityPub servers over Tor onion services or I2P? What if instead of our messages living at http addresses that could down, they could be securely addressed by their encrypted contents?
  • Finally, I will admit the most urgent reason for these concerns... I'm very concerned politically about the state of the world and what I see as increasing authoritarianism and flagrant violations of human rights. I have a lot of worry that if we don't normalize use of decentralized and secure private systems, we will lose the ability to host them, though we've never needed them more urgently.

There are a lot of opportunities, and a lot of things I am excited about, but I am also afraid of inaction and how many regrets I will have if I don't try. I have the knowledge, the privilege, and the experience to at least attempt to make a dent in some of these things. I might not succeed. But I should try.

Who's going to pay for all this?

I don't really have a funding plan, so I guess this is kind of a non-answer. However, I do have a Patreon account you could donate to.

But should you donate? Well, I dunno, I feel like that's your call. Certainly many people are in worse positions than I am; I have a buffer and I still am doing some contracting to keep myself going for a while. Maybe you know people who need the money more than I do, or maybe you need it yourself. If this is the case, don't hesitate: take care of yourself and your loved ones first.

That said, FOSS in general has the property of being a public good but tends to have a free rider problem. While we did some fundraising for some of this stuff a few years ago, I gave the majority of the money to other people. Since then I've been mostly funding work on the federated social web myself in one way or another, usually by contracting on unrelated or quasi-related things to keep myself above the burn rate. I have the privilege and ability to do it, and I believe it's critical work. But I'd love to be able to work on this with focus, and maybe get things to the point to pull in and pay other people to help again. Perhaps if we reach that point I'll look at putting this work under a nonprofit. I do know I'm unwilling to break my FOSS principles to make it happen.

Anyway... you may even still be skeptical after reading all this about whether or not I can do it. I don't blame you... even I'm skeptical. But I'll try to convince you the way I'm going to convince myself: by pushing out demos until we reach something real.

Onwards and upwards!

14 October, 2018 08:20PM by Christopher Lemmer Webber

October 11, 2018

Andy Wingo

heap object representation in spidermonkey

I was having a look through SpiderMonkey's source code today and found something interesting about how it represents heap objects and wanted to share.

I was first looking to see how to implement arbitrary-length integers ("bigints") by storing the digits inline in the allocated object. (I'll use the term "object" here, but from JS's perspective, bigints are rather values; they don't have identity. But I digress.) So you have a header indicating how many words it takes to store the digits, and the digits follow. This is how JavaScriptCore and V8 implementations of bigints work.

Incidentally, JSC's implementation was taken from V8. V8's was taken from Dart. Dart's was taken from Go. We might take SpiderMonkey's from Scheme48. Good times, right??

When seeing if SpiderMonkey could use this same strategy, I couldn't find how to make a variable-sized GC-managed allocation. It turns out that in SpiderMonkey you can't do that! SM's memory management system wants to work in terms of fixed-sized "cells". Even for objects that store properties inline in named slots, that's implemented in terms of standard cell sizes. So if an object has 6 slots, it might be implemented as instances of cells that hold 8 slots.

Truly variable-sized allocations seem to be managed off-heap, via malloc or other allocators. I am not quite sure how this works for GC-traced allocations like arrays, but let's assume that somehow it does.

Anyway, the point of this blog post. I was looking to see which part of SpiderMonkey reserves space for type information. For example, almost all objects in V8 start with a "map" word. This is the object's "hidden class". To know what kind of object you've got, you look at the map word. That word points to information corresponding to a class of objects; it's not available to store information that might vary between objects of that same class.

Interestingly, SpiderMonkey doesn't have a map word! Or at least, it doesn't have them on all allocations. Concretely, BigInt values don't need to reserve space for a map word. I can start storing data right from the beginning of the object.

But how can this work, you ask? How does the engine know what the type of some arbitrary object is?

The answer has a few interesting wrinkles. Firstly I should say that for objects that need hidden classes -- e.g. generic JavaScript objects -- there is indeed a map word. SpiderMonkey calls it a "Shape" instead of a "map" or a "hidden class" or a "structure" (as in JSC), but it's there, for that subset of objects.

But not all heap objects need to have these words. Strings, for example, are values rather than objects, and in SpiderMonkey they just have a small type code rather than a map word. But you know it's a string rather than something else in two ways: one, for "newborn" objects (those in the nursery), the GC reserves a bit to indicate whether the object is a string or not. (Really: it's specific to strings.)

For objects promoted out to the heap ("tenured" objects), objects of similar kinds are allocated in the same memory region (in kind-specific "arenas"). There are about a dozen trace kinds, corresponding to arena kinds. To get the kind of object, you find its arena by rounding the object's address down to the arena size, then look at the arena to see what kind of objects it has.

There's another cell bit reserved to indicate that an object has been moved, and that the rest of the bits have been overwritten with a forwarding pointer. These two reserved bits mostly don't conflict with any use a derived class might want to make from the first word of an object; if the derived class uses the first word for integer data, it's easy to just reserve the bits. If the first word is a pointer, then it's probably always aligned to a 4- or 8-byte boundary, so the low bits are zero anyway.

The upshot is that while we won't be able to allocate digits inline to BigInt objects in SpiderMonkey in the general case, we won't have a per-object map word overhead; and we can optimize the common case of digits requiring only a word or two of storage to have the digit pointer point to inline storage. GC is about compromise, and it seems this can be a good one.

Well, that's all I wanted to say. Looking forward to getting BigInt turned on upstream in Firefox!

11 October, 2018 02:33PM by Andy Wingo