Planet GNU

Aggregation of development blogs from the GNU Project

December 04, 2020

GNU Guix

Add a subcommand showing GNU Guix history of all packages

Hello, everyone! I'm Magali and for the next three months, I'll be an Outreachy intern in the GNU Guix community. As part of my Outreachy application process, I made my first ever contribution to Free Software adding a package to Guix, and since then I'm eager to begin contributing even more.

My task for this three-month period is to add a subcommand showing the history of all packages. Although Guix makes it possible to install and have an older version of a package, it isn't as easy to find, for example, the commit related to these versions.

The subcommand I'll implement will be something like guix git log. The idea is that, for instance, when the user invokes guix git log --oneline | grep msmtp, a list with all the commits, one per line, related to msmtp, will be shown.

In order to accomplish my task, I have to sharpen up my Scheme skills, learn more about the guile-git, which is a Guile library that provides bindings to libgit2. So, to begin with, I'll dive into the Guix code and see how commands are built.

By the end of this internship, I hope to learn much more than just programming. I also expect to gain meaninful experience and improve my communication skills.

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the kernel Linux, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

04 December, 2020 12:00PM by Magali Lemes

health @ Savannah

Argentina chooses GNU Health for COVID19 observatory and contact tracing

In the context of the GNU Health International Conference, GHCon2020, Bioengineer Ingrid Spessotti, Dr Fiorella de la Lama and health professionals from Diamante Municipality presented the use of GNU Health as a COVID-19 observatory and contact tracing tool.

The Government of Argentina, through the National Scientific and Technological Promotion Bureau (Agencia Nacional de Promoción Científica y Tecnológica), chose GNU Health as the system for management of epidemics in municipalities. This project is lead by Dr. Fernando Sassetti, head of the Public Health office at the National University of Entre Rios.

Health professionals were trained in GNU Health epidemiological surveillance system, as well as the contact tracing functionality.

Spessotti explained some of the functionality and benefits of these GNU Health packages, for instance:

  • Real-time observatory and epidemiological surveillance
  • Automatic notification of notifiable disease to the National Ministry of Health
  • Reporting on cases and contacts
  • Calls registry, monitoring of signs and symptoms.
  • Risk factors on each individual (eg, chronic diseases, socioeonomic status...)
  • Geolocalization of suspected or confirmed cases
  • Clinical management and followup for both inpatient and outpatient cases.

We're very proud and grateful to the Government of Argentina for choosing Libre Software in the public administration, particularly in the public health system. Choosing Libre software is choosing open science and digital sovereignty for the sake of the people of Argentina and the rest of the world.

The presentation can be downloaded from the GHCon2020 conference.

04 December, 2020 11:15AM by Luis Falcon

November 30, 2020

gbehistun @ Savannah

Development of Behistun - The Gungadin Software Tools

Development has now proceed at a good pace.  The initial focus has been the development of configuration tools for setting up a Gnu System, in the form of the Gungadin Software Tools.

That is:

1. Setup for bashrc
2. Definitions of fstab, Xmodmap, and dircolors
3. Various tools for emacs
4. Abbreviated User Guide for Gnu Systems
5. Abbreviated Development Guide for Elisp

30 November, 2020 09:32PM by Christopher Dimech

FSF Blogs

November GNU Spotlight with Mike Gerwitz: Nineteen new GNU releases

19 new GNU releases in the last month (as of November 25, 2020):

30 November, 2020 06:29PM

denemo @ Savannah

Version 2.5 is imminent. Please test!

New Features

    MusicXML export
        Supports export of multi-movement scores

    Support for Musical Sketches
        Cut selection as sketch

    Support for LilyPond 2.20.0

    Menu Navigation from Keyboard enabled

    Comments in Lyric verses

Bug Fixes

    Various fixes in MusicXML import
    Wrong Keyboard Shortcuts on MacOS

30 November, 2020 05:20PM by Richard Shann

GNU Guix

Welcome our intern for the Outreachy 2020-2021 round

We are thrilled to announce that Magali L. Sacramento (IRC: lemes) will join Guix as an Outreachy intern over the next few months.

Outreachy logo

Magali will work on adding a subcommand to Guix showing the history of all packages. This will facilitate the use of guix time-machine and inferiors, as it will add support to easily search for a given package version on all the defined channels.

Simon Tournier will be the primary mentor, with Gábor Boskovits co-mentoring, and the whole community will undoubtedly help and provide guidance, as it has always done.

Welcome, and looking forward to work together!

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the Hurd or the Linux kernel, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

30 November, 2020 03:30PM by Gábor Boskovits, Simon Tournier

November 28, 2020

health @ Savannah

Reorganization and migration of Mercurial repositories

Dear community

Since Richard Stallman adopted GNU Health in 2011, the development environment has been hosted at GNU Savannah, which generously provided a mercurial (hg) repository, that has been in use since then.

Many years have passed, and GNU Health is today a Libre digital health ecosystem made of different components.

In the last couple of years, GNU Health has been facing a tremendous growth, both in the community and in the development environment, yet, the hosting facilities at Savannah has remained pretty much the same.

One of the issues I have faced is not being able to have multiple mercurial repositories to match all the new components. To give you an idea, this is a list of the GNU Health ecosystem components from 2011 and 2020.

2011 components:

  • HIS
  • HIS-client

2020 components:

  • HIS
  • HIS-client
  • HIS-client plugins (camera, crypto, FRL)
  • PyWEBDAV server
  • MyGNUHealth
  • FHIR server
  • Thalamus
  • Federation Portal

As you can imagine, having a single mercurial repository to hold all these components, with their own development and release process, is not feasible. I've spent quite a bit of time trying and asking to find a solution to modernize GNU Savannah, but this change has not happen. As a result, I have taken the decision to move part of the development environment from Savannah to OSDN.

There are many reasons behind why I've chosen OSDN among other platforms. Some of them:

  • Freedom to create and manage our mercurial repositories and packages
  • Support of Mercurial
  • Only Libre Software projects allowed
  • Anybody in the world can access. There is no ban on countries.
  • OSDN has mirrors in many regions / countries in the world.

Currently all the components (except the HIS server) have now their own mercurial repo at OSDN. The HIS repository will be migrated in the coming days, once we establish the connection from the Weblate translation server.

Of course, GNU Health will continue to be hosted at GNU.org, as well as the mailing lists and news. The official packages will be published at GNU.org. All these packages are also now hosted at OSDN.

Let me take this opportunity to thank both GNU and OSDN for their
generosity and support for the GNU Health and the Libre
Software community around the globe!

Happy and healthy hacking!

--
Dr. Luis Falcon, MD, MSc
President, GNU Solidario
GNU Health: Freedom and Equity in Healthcare
http://www.gnuhealth.org
Fingerprint: ACBF C80F C891 631C 68AA 8DC8 C015 E1AE 0098 9199

28 November, 2020 01:35PM by Luis Falcon

November 26, 2020

GNU Guix

Music Production on Guix System

The recent release of Guix 1.2.0 was accompanied by a release song (lyrics). Let me tell you how this happened and how you can use Guix System for your own music productions!

Collage of cables, a rack-mounted USB audio interface, a Chapman Stick, and a screenshot of Ardour

It all started only three days before the 1.2.0 release when someone on the #guix IRC channel brought up the tradition of OpenBSD people to write, record, and publish at least one song alongside their system releases.

A wistful look at my neglected instruments later I felt compelled to take this as a challenge: with less than three days to go could we actually compose, record, and publish a song using nothing but free software despite a jam-packed weekend schedule? I wanted to find out.

Inspiration and Planning

The working title “Ode to One Two Oh” was an obvious choice, being a quasi-palindrome, and its five syllables suggested a time signature of 5/4. Where to from here?

As I stared at my Emacs session with a Guile REPL (read, eval, print, loop) buffer I tried to recall what the letters “REPL” stand for. Clearly, in my case the “P” was for “Procrastination”, but what about the others? I had stumbled upon the chorus: a description of the Guix development process. Contribute as others before us have shared their contributions (Reciprocation), review patches and discuss (Evaluation), hack on something else (Procrastination), and repeat (Loop).

The words suggested a simple descending melody, which would need to be elevated by a somewhat less simple chord progression. After trying out a few harmonies on the Grand Stick I remembered how terrible my memory was and decided that I would need to scatter the harmonies onto a canvas, listen to the whole progression, and adjust the lines as needed — all without having to build up muscle memory for harmonies and progressions I may very well end up discarding in the process.

This is where my composition workflow probably deviates from most other people. Many would use a MIDI sequencer for that kind of approach, whereas I decided to hone in on the exact harmonies with an unlikely tool: the unparalleled music engraving application Lilypond. Lilypond sports a versatile language that covers primitive note input, the means of combining them to larger phrases and musical ideas, and the means of abstraction — it allows for musical ideas to be named and recombined in different shapes. For everything the language doesn’t account for with specialized syntax I can simply switch to Guile Scheme. No other notation software is as flexible and malleable as Lilypond. I let it generate both sheet music and a MIDI file — the sheet music is displayed in a PDF viewer in Emacs and the MIDI file sent to fluidsynth (because I trust my ears over my eyes).

lilypond draft.ly && \
  fluidsynth -r 48000 -i -n -a alsa \
    ~/soundfonts/FluidR3GM.sf2 draft.midi

I always try to keep the duration of my stay in the MIDI world at a minimum, because a composition workflow that is firmly rooted in MIDI tends to result in music that sounds sterile or robotic, an undesirable quality that can be hard to eradicate later. So I put them aside and focused on another part of the song. Mirroring the quasi-palindrome of the title, the song’s structure would be A B C B A. With the smooth chords of the B section locked down I walked up to the Grand Stick (I mounted it on a modified microphone stand for more flexibility) and tapped out a contrasting two-handed funky bass line to the click of a metronome.

Time to record!

Audio Recording

How does the signal of my stringed instrument make it into a file on my computer’s disk? The Stick’s stereo signal feeds into two daisy-chained Axoloti boards with hand-crafted signal processing tuned to the peculiarities of my instrument; the stereo output of the DSP boards is connected to two inputs on my USB audio interface (the Tascam US16x08, though any class-compliant audio interface will work just fine), which presents itself to the system as a 16 channel input sound card.

Exposed Axoloti boards feeding on a Chapman Stick audio signal

The computer runs JACK 1 to shuffle the incoming signals on all channels to other JACK clients (audio applications and plugins). I use patchage to conveniently wire up inputs and outputs in an interactive graphical signal flow diagram.

audio and MIDI signal flow in patchage

The center piece of my recording session is the venerable Ardour, an incredibly flexible and polished digital audio workstation (DAW) that natively supports JACK and also serves as an LV2 audio plugin host.

Okay, the Stick is ready to be recorded, but I prefer to record a drum track first instead of playing to the click of a metronome. But wait, I really can’t record the drums now! This is an apartment and the neighbors are asleep. Oh, and I’m a lousy funk drummer. Let’s cheat!

Custom drum patterns in Hydrogen

My drum machine of choice is Hydrogen. It lets me create any number of arbitrarily long patterns, combine them, and — that’s crucially important — sync up with other JACK applications such as Ardour. I toggled a button in Ardour to let it take control of the JACK transport, meaning that when I start recording in Ardour the drum machine starts playing in sync — perfect! Let’s roll!

Rough Processing

After frustrating minutes had turned into exhausting hours of recording the bass line (eventually resorting to punching in and out instead of re-recording everything whenever I made an audible mistake) I put my arranger’s hat on and tried to get a sense for what might still be missing. The recorded track sounded rather “flat”; after all this was the “raw” signal straight from the instrument’s pre-amplifier. Time to spruce it up and approximate the final sound!

Over the years the selection of audio plugins that I’m using to process my recordings has narrowed down to few more than the Calf suite of LV2 plugins. I will admit to being an extremely superficial person, so a big factor in choosing the Calf plugins is the consistent, very pretty and intuitive user interface they present. What made me stick to the Calf plugins, though, is that they also sound really good. Furthermore, they make it easy to tweak the many parameters and come with helpful diagnostics (such as listening only to the changed frequencies, or spectral visualizations, etc).

Selection of Calf plugins

First thing I do is to use light compression to even out slight variations in dynamics. Calf Mono Compressor does the job here. The principle is simple: a compressor lowers the volume when a sound gets loud and it raises the volume of the resulting signal according to the dialed in makeup gain. It has a bunch of other knobs to control how far ahead it will look to watch out for loud sounds, another to prevent “pumping” (too rapid activation and deactivation), another to smooth out the “knee” of the threshold curve, etc — but what it really comes down to is: at what level should the signal be reduced, by how much, and what’s the gain to make up for the overall loss in volume.

One piece of advice: resist the temptation of overdoing this! Compression may make the sound punchier, but don’t throw away all dynamics here or you’ll risk draining the life from your hard-earned waveforms. So I stick with a ratio of no more than two, keep the makeup gain fairly low, and the threshold somewhat high to only trigger the compressor in the upper fifth of the dynamic range.

Next: equalization. This is to scoop out an unpleasant character by attenuating certain frequency ranges. Again, the Calf suite has got me covered. A five band EQ is sufficient as I don’t want to be tempted to make sharp cuts in the frequency spectrum of the signal. As a general rule I don’t boost any frequencies but primarily cut. Here, too, the key is to be gentle. Don’t cut more than two or three decibels or you’ll end up with a comically filtered sound. (Exceptions apply for drum recordings, but thankfully we dodged that bullet by using Hydrogen.) If you find that you need to cut or boost more than that, chances are that there are problems with your recording. Don’t try to compensate for problems with post-processing that could have been avoided by improving the recording quality. I scoop out the mids a tiny bit and cut out the very low bass frequencies that don’t contribute anything more than a rumble.

MIDI Resurgence

With the bass line and the drums in place it was time to revisit the harmonies for part B. I really did want to record them with my very red virtual analog hardware synthesizer, but when I brought it into my tiny work room I realized that I had ran out of space on my lap — I had run out of space on my desk months ago, and with all those audio cables piling up on the floor even that was no option.

Lilypond generated a MIDI file earlier, so I sighed and told Ardour to import it. I assigned the ancient electric piano plugin mdaEPiano as a synthesizer to the track, and expanded the track vertically to drag around every MIDI note event by hand, refining the notes and adding tiny timing and velocity imperfections to make it seem as if a human played them. To paper over the clearly audible undesirable imperfections of the plugin’s sound generation I added some Calf Reverb (for the graphics people: adding reverb is roughly equivalent to using the blur tool in a graphics application). I could have picked one of the many better synthesizers and emulators, but we go way back, this plugin and I.

MIDI support in Ardour is really well thought-out as you don’t need to ever leave the main window, so you are always surrounded by audio context. You just expand the track vertically and have as much access to the events as you want. This approach may be a little unusual for those who are used to MIDI sequencers, but for my purposes it is close to perfect.

Audio and MIDI tracks in Ardour

Lyrics and Vocals: Human vs Machine

At this point things were coming together nicely, but we only had lyrics (a handful of words, really) for the chorus. Not enough for a song, but just a little too much for a laundry list. So I turned to IRC again where our resident Debian ambassador and assuredly human person Vagrant Cascadian happened to volunteer a stroke of genius: what if the lyrics were composed entirely of typos in package descriptions that had been fixed since the last release? Vagrant carefully reordered the words to a poignant poem, bringing them alive as the voice of the adversarial machine, a symbol of the waning hold of the bugs and errors on our way to the next release. What would be more fitting than to let the machine croak these words in the release song?

I started up the Festival speech synthesis software and a few Scheme expressions later the inimitable monotone of none other than the entity known only as cmu_us_fem_cg droned the words into an audio file that I promptly imported into Ardour, and processed with the GxDetune plugin, Calf Vintage Delay, and some reverb.

I did my best between bites of a Monday pre-release lunch to perform the role of the human contemplating this cycle of creation through hacking by recording three vocal lines (two low, one high) for the chorus.

Final touches

With about half an hour or so left before the release announcement it became clear that there would be no “audio mastering” in the traditional sense. I put on my monitoring headphones (flat frequency response for an “objective” mixing experience) and adjusted the volume levels, plugin settings, and faded in and out the noisy edges of each take. I also added a few more effects: a phaser on the Chapman Stick track to emphasize that this is supposed to be funk; a crossover (Calf X-Over 2 Band) and three audio busses to first process the low bass frequencies separately from the high frequencies (e.g. to use different amplifier simulations) and then to rejoin them; and a limiter on the master bus to avoid any volume spikes above 0dB and to compress the mix.

Mixing tracks in Ardour

I exported the final mix as a Vorbis OGG audio file and sent it off to Ludovic to have it included in the release announcement.

Concluding Thoughts

Some of the tools used in the production

So what’s the verdict? Is the result perfect? Absolutely not! But I do want to point out that any and all mistakes and imperfections are entirely due to my own lack of skill and time — they are not the result of the limitations of free software. A more skilled audio engineer would certainly not be limited by a system like the one I used, a system composed entirely of freedom-respecting software that is made extra reliable by the user-empowering and liberating features of Guix System.

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the Hurd or the Linux kernel, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

26 November, 2020 03:30PM by Ricardo Wurmus

November 25, 2020

FSF Blogs

November 23, 2020

Moving into the future with the FSF tech team

23 November, 2020 06:25PM

GNU Guix

GNU Guix 1.2.0 released

Image of a flight of the Guix.

We are pleased to announce the release of GNU Guix version 1.2.0, right in time to celebrate the eighth anniversary of Guix!

The release comes with ISO-9660 installation images, a virtual machine image, and with tarballs to install the package manager on top of your GNU/Linux distro, either from source or from binaries. Guix users can update by running guix pull.

It’s been almost 7 months since the last release, during which 200 people contributed code and packages, and a number of people contributed to other important tasks—code review, system administration, translation, web site updates, Outreachy mentoring, you name it!

There’s been more than 10,200 commits in that time frame and it is the challenge of these release notes to summarize all that activity.

Before reading any further, sit back and play this very special release tune, Ode to One Two Oh (lyrics) brought to you by your friendly Guix team—see credits below!

Security

A major highlight in this release is the ability to authenticate channels, which probably makes Guix one of the safest ways to deliver complete operating systems today. This was the missing link in our “software supply chain” and we’re glad it’s now fixed. The end result is that guix pull and related commands now cryptographically authenticate channel code that they fetch; you cannot, for instance, retrieve unauthorized commits to the official Guix repository. We detailed the design and implementation back in July. The manual explains what you need to know as a user and as a channel author. There’s also a new guix git authenticate command to use this authentication mechanism for arbitrary Git repositories!

Example commit graph.

Coupled to that, guix pull and guix system reconfigure now detect potential system downgrades or Guix downgrades and raise an error. This ensures you cannot be tricked into downgrading the software in your system, which could potentially reintroduce exploitable vulnerabilities in the software you run.

With these safeguards in place, we have added an unattended upgrade service that, in a nutshell, runs guix pull && guix system reconfigure periodically. Unattended upgrades and peace of mind.

Another important change from a security perspective that we’re proud of is the reduction of binary seeds to 60 MiB on x86_64 and i686, thanks to tireless work on GNU Mes, Gash, and related software.

On the same security theme, the build daemon and origin programming interface now accept new cryptographic hash functions (in particular SHA-3 and BLAKE2s) for “fixed-output derivations”—so far we were unconditionally using SHA256 hashes for source code.

User experience

We want Guix to be accessible and useful to a broad audience and that has again been a guiding principle for this release. The graphical system installer and the script to install Guix on another distro have both received bug fixes and usability improvements. First-time users will appreciate the fact that guix help now gives a clear overview of the available commands, that guix commands are less verbose by default (they no longer display a lengthy list of things that they’ll download), and that guix pull displays a progress bar as it updates its Git checkout. guix search, guix system search, and similar commands now invoke a pager automatically (less by default), addressing an oft-reported annoyance.

Performance improved in several places. Use of the new “baseline compiler” that landed in Guile 3.0.4 leads to reduced build times for Guix itself, which in turn means that guix pull is much less resource-hungry. Performance got better in several other areas, and more work is yet to come.

We’re giving users more flexibility on the command line, with the addition of three package transformation options: --with-debug-info (always debug in good conditions!), --with-c-toolchain, and --without-tests. Transformations are now recorded in the profile and replayed upon guix upgrade. Furthermore, those options now operate on the whole dependency graph, including “implicit” inputs, allowing for transformations not possible before, such as:

guix install --with-input=python=python2 python-itsdangerous

Last, the new (guix transformations) module provides an interface to the transformation options available at the command line, which is useful if you want to use such transformations in a manifest.

The reference manual has been expanded: there’s a new “Getting Started” section, the “Programming Interface” section contains more info for packagers. We added code examples in many places; in the on-line copy of the manual, identifiers in those code snippets are clickable, linking to the right place in the Guix or Guile manuals.

Last but not least, the manual is fully translated into French, German, and Spanish, with partial translations in Russian and Chinese. Guix itself is fully translated in those three languages and partially translated in eleven other languages.

Packs, GNU/Hurd, disk images, services, …

But there’s more! If you’re interested in bringing applications from Guix to Guix-less machines, guix pack -RR now supports a new ‘fakechroot’ execution engine for relocatable packs, and the ability to choose among different engines at run time with the GUIX_EXECUTION_ENGINE variable. The fakechroot engine improves performance compared to the proot engine, for hosts that do not support unprivileged user namespaces.

Support for whole-system cross-compilation—as in guix system build --target=arm-linux-gnueabihf config.scm—has been improved. That, together with a lot of porting work both for packages and for the Guix System machinery, brings the hurd-vm service—a cross-compiled Guix GNU/Hurd system running as a virtual machine under GNU/Linux. This in turn has let us start work on native GNU/Hurd support.

Related to this, the new (gnu image) module implements a flexible interface to operating system images; from the command line, it is accessible via guix system disk-image --image-type=TYPE. Several image types are supported: compressed ISO-9660, qcow2 containing ext4 partitions, ext2 with Hurd options, and so on. This is currently implemented using genimage.

In addition to those already mentioned, a dozen of new system services are available, including services for Ganeti, LXQt, R Shiny, Gemini, and Guix Build Coordinator.

2,000 packages have been added, for a total of more than 15K packages; 3,652 were upgraded. The distribution comes with GNU libc 2.31, GCC 10.2, GNOME 3.34, Xfce 4.14.2, Linux-libre 5.9.3, and LibreOffice 6.4.6.2 to name a few. There’s also a new build system for packages built with Maven (bootstrapping Maven in Guix was the topic of a talk at the Guix Days last week).

The NEWS file lists additional noteworthy changes and bug fixes you may be interested in.

Try it!

You can go ahead and download this new version and get in touch with us.

Speaking of which, our Debian ambassador told us that you will soon be able to apt install guix if you’re on Debian or a derivative distro!

Enjoy!

Credits

Ricardo Wurmus (grand stick, synthesizer, drums, vocals, lyrics) — Luis Felipe (illustration) — Vagrant Cascadian (Debian packaging, lyrics) — Festival (back vocals)

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the Hurd or the Linux kernel, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

23 November, 2020 03:45PM by Ludovic Courtès

November 22, 2020

parallel @ Savannah

GNU Parallel 20201122 ('Biden') released [stable]

GNU Parallel 20201122 ('Biden') [stable] has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

No new functionality was introduced so this is a good candidate for a stable release.

Please help spreading GNU Parallel by making a testimonial video like Juan Sierra Pons: http://www.elsotanillo.net/wp-content/uploads/GnuParallel_JuanSierraPons.mp4

It does not have to be as detailed as Juan's. It is perfectly fine if you just say your name, and what field you are using GNU Parallel for.

Quote of the month:

  GNU parallel should be taught in class, it is one of the best tools to run grids of experiments
    -- no love deep learning @tetraduzione@twitter

New in this release:

  • Bug fixes and man page updates.

News about GNU Parallel:

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

If you like GNU Parallel record a video testimonial: Say who you are, what you use GNU Parallel for, how it helps you, and what you like most about it. Include command that uses GNU Parallel if you feel like it.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

For example you can run this to convert all jpeg files into png and gif files and have a progress bar:

  parallel --bar convert {1} {1.}.{2} ::: *.jpg ::: png gif

Or you can generate big, medium, and small thumbnails of all jpeg files in sub dirs:

  find . -name '*.jpg' |
    parallel convert -geometry {2} {1} {1//}/thumb{2}_{1/} :::: - ::: 50 100 200

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with:

    $ (wget -O - pi.dk/3 || lynx -source pi.dk/3 || curl pi.dk/3/ || \
       fetch -o - http://pi.dk/3 ) > install.sh
    $ sha1sum install.sh | grep 3374ec53bacb199b245af2dda86df6c9
    12345678 3374ec53 bacb199b 245af2dd a86df6c9
    $ md5sum install.sh | grep 029a9ac06e8b5bc6052eac57b2c3c9ca
    029a9ac0 6e8b5bc6 052eac57 b2c3c9ca
    $ sha512sum install.sh | grep f517006d9897747bed8a4694b1acba1b
    40f53af6 9e20dae5 713ba06c f517006d 9897747b ed8a4694 b1acba1b 1464beb4
    60055629 3f2356f3 3e9c4e3c 76e3f3af a9db4b32 bd33322b 975696fc e6b23cfb
    $ bash install.sh

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your command line will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 November, 2020 03:29PM by Ole Tange

November 19, 2020

FSF Blogs

automake @ Savannah

automake-1.16.3 released [stable]

This is to announce automake-1.16.3, a stable release.

There have been 62 commits by 15 people in the 35 weeks since 1.16.2.
Special thanks to Karl Berry and Zack Weinberg for doing so much of the work.

See the NEWS below for a brief summary.

Thanks to everyone who has contributed!
The following people contributed changes to this release:

  Akim Demaille (1)
  Colomban Wendling (1)
  Felix Yan (1)
  Issam E. Maghni (1)
  Jim Meyering (12)
  Karl Berry (23)
  Miro Hron\v{c}ok (1)
  Paul Eggert (4)
  Reuben Thomas (3)
  Robert Menteer (1)
  Robert Wanamaker (1)
  Samuel Tardieu (1)
  Samy Mahmoudi (1)
  Vincent Lefevre (1)
  Zack Weinberg (10)

Jim [on behalf of the automake maintainers]
==================================================================

Here is the GNU automake home page:
    http://gnu.org/s/automake/

For a summary of changes and contributors, see:
  http://git.sv.gnu.org/gitweb/?p=automake.git;a=shortlog;h=v1.16.3
or run this command from a git-cloned automake directory:
  git shortlog v1.16.2..v1.16.3

Here are the compressed sources:
  https://ftp.gnu.org/gnu/automake/automake-1.16.3.tar.xz (1.6MB)
  https://ftp.gnu.org/gnu/automake/automake-1.16.3.tar.gz (2.3MB)

Here are the GPG detached signatures[*]:
  https://ftp.gnu.org/gnu/automake/automake-1.16.3.tar.xz.sig
  https://ftp.gnu.org/gnu/automake/automake-1.16.3.tar.gz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify automake-1.16.3.tar.xz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

  gpg --keyserver keys.gnupg.net --recv-keys 7FD9FCCB000BEEEE

and rerun the 'gpg --verify' command.

Please report bugs and problems to <bug-automake@gnu.org>,
and send general comments and feedback to <automake@gnu.org>.

==================================================================
NEWS

* New features added

  - In the testsuite summary, the "for $(PACKAGE_STRING)" suffix
    can be overridden with the AM_TESTSUITE_SUMMARY_HEADER variable.

* Bugs fixed

  - Python 3.10 version number no longer considered to be 3.1.

  - Broken links in manual fixed or removed, and new script
    contrib/checklinkx (a small modification of W3C checklink) added,
    with accompany target checklinkx to recheck urls.

  - install-exec target depends on $(BUILT_SOURCES).

  - valac argument matching more precise, to avoid garbage in DIST_COMMON.

  - Support for Vala in VPATH builds fixed so that both freshly-generated and
    distributed C files work, and operation is more reliable with or without
    an installed valac.

  - Dejagnu doesn't break on directories containing spaces.

* Distribution

  - new variable AM_DISTCHECK_DVI_TARGET, to allow overriding the
    "make dvi" that is done as part of distcheck.

* Miscellaneous changes

  - install-sh tweaks:
    . new option -p to preserve mtime, i.e., invoke cp -p.
    . new option -S SUFFIX to attempt backup files using SUFFIX.
    . no longer unconditionally uses -f when rm is overridden by RMPROG.
    . does not chown existing directories.

  - Removed function up_to_date_p in lib/Automake/FileUtils.pm.
    We believe this function is completely unused.

  - Support for in-tree Vala libraries improved.

19 November, 2020 04:47AM by Jim Meyering

November 16, 2020

FSF Blogs

libredwg @ Savannah

libredwg-0.11.1 released (bugfixes)

out_dxf bugfixes mostly. 0.11 failed to produce dxf files which could
be imported into AutoCAD.  This bugfix release improves DXF importing
from 10% to about 90%. But beware: Some dwg2dxf DXF files still can
silently crash AutoCAD, so be sure to save your DWG before DXFIN.
Most 3DSOLID's still cannot be imported via DXF, but some can now.

Major bugfixes:
  * Fixed decode of Unicode string streams (GH #279)
  * Fixed UCS-2 to UTF-8 conversion for the chars 128-255.
  * Fixed DXF output of many objects: VISUALSTYLE, HATCH, DIMENSION*, ATTDEF,
    ATTRIB, TEXT, VIEWPORT, INSERT, SEQEND, VERTEX, BLOCK, STYLE, MULTILEADER,
    DICTIONARY, XRECORD INT64 type, MLINESTYLE angles, SPATIAL_FILTER.origin,
    SPATIAL_INDEX class appname, duplicate STYLE eed, ACDBPLACEHOLDER for r13-r14,
    LAYER.name with |, LAYER.plotflag for Defpoints, LTYPE.shape_flag, STLYE.flag,
    PDFUNDERLAY group 170,
    ACSH_CHAMFER_CLASS, ACSH_FILLET_CLASS, ACSH_BOOLEAN_CLASS, BLOCKBASEPOINTPARAMETER,
    PROXY_OBJECT, PROXY_ENTITY.
    HEADER.DIMSAV.
    Common: lineweight, shadow_flags (GH #275)
  * Moved PSPACE entities from BLOCKS to ENTITIES (GH #277)
  * Fixed \r\n quoting in DXF texts (GH #275)
  * Generalize and fix DXF text splitup into 255 chunks and quoting, add basic
    shift-jis quoting support for Katagana and Hiragana letters
    (Japanese \M+1xxxx => Unicode \U+XXXX)
  * Added indxf dwg_has_subclass check to avoid buffer overflows when writing to
    wrong subclasses. (GH #295)
  * Fixed dwg_dim_blockname calculation, esp. for anonymous blocks.
  * Improved SAB 2 to SAT 1 conversion: Split overlarge blocks into block_size of max 4096.
    Add "^ " quoting rule.
  * Fixed decode of empty classes section, esp. for r13c3 and r14.
  * Keep IDBUFFER for old DXFs (r13-r14)
  * Fixed SummaryInfo types from T to TU16, relevant for DXF headers also (GH #275)
  * Add missing UTF-8 conversion in geojson for TEXT, MTEXT, GEOPOSITIONMARKER. (GH #271)
  * Fixed and improved some Dockerfile, added a check-docker target.
  * Drop unneeded perl/LibreDWG.xs, we rather use the generated c directly.
Minor features:
  * Add CMake basic library support, so the library can be included into cmake projects.
    (no programs)
  * Improved header C++ compat.
  * Promoted ACSH_HISTORY_CLASS to stable. Needed for ACIS entities in DXF.
  * Added to examples: filt_sat.pl and dec_sat.pl to compare and decode DXF sat parts.

Here are the compressed sources:
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.11.1.tar.gz   (15.7MB)
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.11.1.tar.xz   (8MB)

Here are the GPG detached signatures[*]:
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.11.1.tar.gz.sig
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.11.1.tar.xz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

Here are more binaries:
  https://github.com/LibreDWG/libredwg/releases/tag/0.11.1

Here are the SHA256 checksums:

269629b0a4e5dc54e86790501200e4a6917eddb51f9303f75657adb088931690  libredwg-0.11.1.tar.gz
b6dd03ff30c3fcfb5b82a00176bd184b58965d7198228f2cc5bf923a99f1a6f7  libredwg-0.11.1.tar.xz

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify libredwg-0.11.1.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

  gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414

and rerun the 'gpg --verify' command.

16 November, 2020 08:39PM by Reini Urban

GNU Guix

Online Guix Day Conference: schedule released!

The Guix hackers are very happy to announce the first online Guix Day Conference on Sunday November, 22nd. This conference is open to everyone (no registration fee) and will be held entirely online. Want to know the schedule, read on!

There will be no presentation on the 22nd! Please watch the talks beforehand.

Guix Days logo

Join us live on the 22nd to participate in the various sessions!

Live discussions will take place on Sunday, November 22nd, and the agenda is the following (UTC+1):

(break)

(long break)

(break)

Chinese users will find a mirror hosted at https://guix.org.cn. You will also find alternative links below for different formats, and downloading through IPFS.

Each session will be question/answer and discussion related to the topic via the BigBlueButton instance generously hosted by Fosshost. Warm thanks to them!

The slots are short so please watch the videos beforehand to better enjoy the discussions. The term BoF means open discussion to address prospects. The last discussion may be longer depending on what you have to share.

The main channel for the day will be the video chat and questions will be asked via the chat hosted there or––because we love it––via #guix on irc.freenode.net then the floor might be shared, opening more mics. The discussions will not be recorded because we would like to keep them informal––where people are less impressed to share their point of views.

The Code of Conduct applies for all the channels of communication.

GNU Guix in psychology research and teaching

Presented by Lars-Dominik Braun. (video webm, video mp4, doi, slide, ipfs)

The Leibniz Institute for Psychology supports psychologists in adopting open science practices by providing them with free infrastructure services. One of these services is PsychNotebook, a web platform providing access to shareable and reproducible R and Python programming environments, using RStudio and JupyterLab in particular. PsychNotebook is used by researchers for analyzing research data and by instructors to teach psychology students script-based analyses.

The session covers why psychology among other research field needs this platform, how it is designed and what role GNU Guix plays in all of this. In particular, four challenges are addressed: user management, project management, web app deployment/proxying; as well as usability and how GNU Guix supports or provide reproducible environments.

Fixing the CI

Presented by Mathieu Othacehe. (video webm, video mp4, ipfs)

The session covers the following points:

Nix and Guix: similarities and differences

Presented by Andrew Tropin. (video, video mp4, ipfs)

The session covers an high-level overview and comparison of Nix and GNU Guix package managers or NixOS and Guix System distributions. The comparison had been initiated to understand the differences between those two great projects. It may inspire people from both communities to implement missing features or help someone to decide, which package manager or operating system to pick.

From v1.2 to release process

Chaired by Simon Tournier.

The session covers a proposal to smooth the release process; ironic for a rolling-release project, isn’t it? Make a release means:

  1. how and what to do: tools
  2. schedule / track
  3. who do: people

The #1 is roughly described in the file maintenance/doc/release.org. Even if a non-negligible part is based on experience and cannot be documented; see #3. However, tools are still missing: going further than guix weather --coverage or --display-missing.

The #2 means track what is going on between 2 releases. It seems easier to write down important changes when they happen than parse all the log history one week before releasing in order to publish the NEWS file. More importantly, #2 means stay on track with the schedule: release when it is ready? at fixed date? what must be in? does it make sense to synchronize with staging merges? how to synchronize with the branch core-updates?

The #3 means who take the responsibility to do the job. And it appears easier to divide the workload. More importantly, how to share the skill? Guix could take inspiration from Nix or GNU Glibc or your-name-it.

Porting Guix to modern PowerPC

Presented by Tobias Platen. (video webm, video mp4, ipfs)

The sessions covers how to port of Guix to modern 64-bit Little Endian, since that one is best supported by the Talos II and its graphics card, the AST2500. The final aim would be a self hosting version of Guix that runs on the Talos II, the Blackbird and the upcoming Libre-SOC. Such port may also be useful to support older PowerMacs including the G4 and G5.

Just build it with Guix

Presented by Efraim Flashner. (video webm, video mp4, ipfs)

The session covers how to use Guix as build plateform. Creating custom packages is ubiquitous with Guix and packaging with Guix is fairly straightforward. But what about working with packages where you want to package a non-release version? Or if you're hacking on another package which either isn't packaged or you want to test your changes before sending off a patch set or a pull request? The file guix.scm is the unofficial filename for Guix build instructions for this case. It provides a target for creating an environment for hacking on the package, and it creates a recipe to build what's currently in that repository; meaning you can use the power of Guix for builds even while working on other projects. A combination of a little bit of boiler-plate for building “this here repository” and standard package definitions allow for easy building and rebuilding without dirtying the source tree. And also for building multiple versions of the package in one go.

Progress so far on the Guix Build Coordinator

Presented by Chris Baines. (video webm, video mp4, ipfs)

The session looks at the Guix Build Coordinator, a tool for building lots of derivations, potentially across many machines, and doing something useful with the results. This is a new tool that might be able to help with patch review, quality assurance as well as substitute availability. The talk will cover the motivation, design, implementation and future, along with a small demo of the Guix Build Coordinator.

Peer-to-peer substitutes and sources

Chaired by David Dashyan.

The session covers the status of the peer-to-peer substitutes distribution. Especially the almost 2 years old first draft adding support to distribute and retrieve substitutes over IPFS; see the wip-ipfs-substitutes branch. Moreover the branches wip-ipfs and wip-ipfs2 are attempts to add the Go part of IPFS. The discussion will address the next steps to merge the branch wip-ipfs-substitutes or how to add decentralized substitutes distribution.

Guile Hacker Handbook

Presented by Jérémy Korwin-Zmijowski. (video webm, video mp4, ipfs)

The sessions covers Guile Hacker Handbook (GHH). The purpose of the GHH is to show Guile the way modern programming languages are shown, i.e., demonstrating its tools and following development approach we often stick to professionally.

Lengthy manuals are often hard to grasp at first; especially when learning new materials from scratch. Instead, it seems easier to rely first on tutorials or blog posts. Writing style and direct application sometimes helps to understand the underlying concepts). Then reads the reference manual feels more comfortable. GHH is an attempt to address this. For example, GHH is about Guile, not Scheme.

GHH is also about Test Driven Development and focuses on tests as first-class citizen.

(BoF) Rust and Cargo

Chaired by John Soo.

The session covers the various issues with the Rust ecosystem in Guix. The discussion is about:

  • packaging efforts
  • build systems
  • incremental compilation/shared libraries
Bootstrapping the Java Ecosystem

Presented by Julien Lepiller. (video webm, video mp4, ipfs)

The session covers the Maven bootstrap and the Maven Build System and how this Maven story may inspire directions to implement similar bootstrap stories for other ecosystems.

Ensuring that software is built entirely from source is an essential practice to ensure user Freedom, as well as for auditability and security. Unfortunately, the Java ecosystem is very complex and presents some interesting challenges when building from source.

One of these challenges is Maven, a build tool and package manager that is used by many if not most of the Java developers nowadays. One key challenge is that Maven is itself a Java package, that is built with Maven and has a lot of dependencies, that themselves use Maven.

The discussion presents the current state of the bootstrap and how we break the various dependency cycles that occur. The recent addition to Guix of the maven build system is a major step towards a good support of the Java ecosystem in Guix. We will discuss how Maven works, what it expects, and how Guix can accommodate it to build offline, reproducibly, with no trusted binary.

The ways forward (roadmap and beyond)

Chaired by GNU Guix maintainers.

The session covers the medium- and long-term goals that may or may not look realistic. Pragmatic dream!

Code of Conduct

This online conference is an official Guix event. Therefore, the Code of Conduct applies. Please be sure to read it beforehand!

If you witness violations of the code of conduct during the event, please email guix-days@gnu.org, a private email alias that reaches the organizers (Simon zimoun Tournier and Julien roptat Lepiller) and the GNU Guix maintainers.

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the Hurd or the Linux kernel, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

16 November, 2020 12:00AM by Guix Hackers

November 15, 2020

Applied Pokology

GNU poke development news

The development of GNU poke is progressing well, and we keep hopes for a first release before the end of the year: we are determined for something good to happen in 2020! ;)

This article briefly reviews the latest news in the development of the program, like changes in certain syntax to make the language more compact, support for lambda expressions, support for stream-like IO spaces and how they can be used to write filters, support for using assignments to poke complex data structures, improvements in data integrity, annoying bugs fixed, and more.

15 November, 2020 12:00AM

November 13, 2020

GNUnet News

GNUnet 0.14.0

GNUnet 0.14.0 released

We are pleased to announce the release of GNUnet 0.14.0.
This is a new major release. It breaks protocol compatibility with the 0.13.x versions. Please be aware that Git master is thus henceforth INCOMPATIBLE with the 0.13.x GNUnet network, and interactions between old and new peers will result in issues. 0.13.x peers will be able to communicate with Git master or 0.13.x peers, but some services - in particular GNS - will not be compatible.
In terms of usability, users should be aware that there are still a large number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.14.0 release is still only suitable for early adopters with some reasonable pain tolerance.

Download links

The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A

Note that due to mirror synchronization, not all links might be functional early after the release. For direct access try http://ftp.gnu.org/gnu/gnunet/

Noteworthy changes in 0.14.0 (since 0.13.3)

  • GNS:
    • Aligned with specification LSD001.
    • Crypto agility: The GNS protocol now supports other zone types besides ECDSA-based PKEYs. However, the alternative EdDSA-based EDKEY crypto is not yet implemented. #6485
    • PKEY zones: ECDSA zone record sets are now encrypted using AES-CTR. #6487
  • IDENTITY: Identities can now be created either as ECDSA (default) or EdDSA key pairs.
  • POSTGRESQL: Allow NULL value returns and fix test cases. #6524
  • UTIL: String time conversion functions no longer localized to preserve reversibility. #6615
  • Buildsystem: README updates to clarify runtime/compile/optional dependencies
  • (NEW) MESSENGER: New messenger component (experimental)

A detailed list of changes can be found in the ChangeLog and the 0.14.0 bugtracker.

Known Issues

  • There are known major design issues in the TRANSPORT, ATS and CORE subsystems which will need to be addressed in the future to achieve acceptable usability, performance and security.
  • There are known moderate implementation limitations in CADET that negatively impact performance.
  • There are known moderate design issues in FS that also impact usability and performance.
  • There are minor implementation limitations in SET that create unnecessary attack surface for availability.
  • The RPS subsystem remains experimental.
  • Some high-level tests in the test-suite fail non-deterministically due to the low-level TRANSPORT issues.

In addition to this list, you may also want to consult our bug tracker at bugs.gnunet.org which lists about 190 more specific issues.

Thanks

This release was the work of many people. The following people contributed code and were thus easily identified: Christian Grothoff, Daniel Golle, t3sserakt, TheJackiMonster and Martin Schanzenbach.

13 November, 2020 11:00PM

November 12, 2020

www-zh-cn @ Savannah

LibrePlanet 2021: join us online on March 20 & 21 with keynote Julia Reda

Dear CTT members:

Mark your calendars: LibrePlanet 2021: Empowering Users will be held on March 20 and 21, 2021. For those of you who haven't been to the LibrePlanet conference before: expect a friendly, social, community-focused event with two days of inspiring talks and workshops from some of the most active and inspiring people in the free software community.

Participate in LibrePlanet 2021

Submit a session

Just like in 2020, LibrePlanet 2021: Empowering Users will be an online event. We're preparing to translate the enjoyment of real life interaction and catching up with everyone in the community in person to an online event in which we can create a space for people to enjoy talks, interact with other community members, exchange ideas, and get to know organizations through an exhibitor space. In the meantime, if you want to be a speaker at LibrePlanet 2021, you now just have a few more days to submit a session. Submissions will close right after this weekend, Monday at 12:00 EST (17:00 UTC).

Register for the event

Registration for the event will open soon for all attendees. Like for the previous edition, anyone will be able to watch the event online through libreplanet.org/2021. However, if you register for the conference, you will be able to enjoy an added level of participation in the event and with the free software community. For anyone who can spare a bit more, we have a special LibrePlanet 2021 gift waiting as well. Want to receive all the details? Subscribe to the LibrePlanet announcement list via libreplanet.org/2021

Volunteer

Volunteers are essential to help make the event a success, and this doesn't change for an online event. We can't do this without you. Tasks include moderation of IRC chat channels, coordination of program elements, writing, or just bringing us great ideas to make the event even better. If you are interested, please contact resources@fsf.org.

Get excited

If you want to know more about how the event is organized, and how we stream and record the event, fully free and online, you can read more in our blog post about the 2020 edition's technical challenges. You can also browse through the video archive of past LibrePlanet conference sessions on our MediaGoblin instance to get inspired.

Support LibrePlanet by becoming an exhibitor or sponsor

LibrePlanet is organized by the FSF, a 501(c)(3) charity. Your contribution will allow us to create a truly valuable event for many people all over the globe by by funding the equipment and staff time necessary to produce, stream, and document the event using only free software.

We also offer unique opportunities for businesses and other organizations to connect to a community that is dedicated to free software. Early bird pricing for exhibitors starts now, and will be available until February 15th, 2021. For information on how your company can be represented in our virtual exhibit hall, or to further sponsor the LibrePlanet conference, please email campaigns@fsf.org.

We can't wait to welcome you at the event!

best regards,
from FSF

12 November, 2020 01:30AM by Wensheng XIE

November 11, 2020

FSF Events

International Day Against DRM (IDAD) 2020

International Day Against DRM (IDAD) 2020

11 November, 2020 11:55PM

FSF News

PRESS: Copyright reform activist Julia Reda to keynote FSF's LibrePlanet, March 20 & 21, 2021

BOSTON, Massachusetts, USA -- November 11, 2020 -- The Free Software Foundation (FSF) today announced Julia Reda as its first confirmed keynote speaker for LibrePlanet 2021. The annual technology and social justice conference will be held online on March 20 and 21, 2021, with the theme "Empowering Users." Registration will open soon.

11 November, 2020 09:20PM

education @ Savannah

Teachers: Help Your Students Resist Zoom

New article published by the GNU Education Team.
Read and share at https://www.gnu.org/education/teachers-help-students-resist-zoom.html

Teachers: Help Your Students Resist Zoom

In the wake of the global COVID-19 emergency, the urgency of ensuring the continuity of classes left little to no space for a healthy debate on how to favor software that empowers students to learn. As a consequence, freedom-denying and privacy-violating software has seen widespread adoption in education.

Zoom, a proprietary online conferencing program that is becoming more and more dangerously popular, is an example of such harmful technology. No educational institution should ever use it.

Please don't force students to install Zoom on their computers, or to use its web version.

To all those teaching remote classes with Zoom

It is unfortunate that you are using Zoom, a nonfree program that spies on users and takes away your students' computer freedom, along with your own. By using Zoom, students are dependent on a software they cannot inspect, study or change. Their freedom to learn about technology and how it works is destroyed.

If you use Zoom, some students might decide to continue using it beyond your classes, effectively surrendering their privacy over communication, and would hence miss on the opportunity to learn how to keep control of their data and computing.

There are better programs you can use for teaching remote classes, free/libre programs like Jitsi or BigBlueButton. By choosing these and other free programs for education, you are enabling motivated students to learn about the software they use everyday, and some of them one day will be able to adapt it to their needs, serving a larger community. Those who will not pursue such curiosity, will still benefit from using a software that respects their freedoms and doesn't spy on them.

Choosing free software for your classes will positively impact life-long learning, a crucial skill for any student. In fact, students will learn that it is in their power to run, study, modify and share any free software they wish, according to their own curiosity and needs. In contrast, by adopting proprietary software, students are taught to become mere consumers of a user interface, with no power over the technology they are using.

If you independently opted for using Zoom in your classes, we urge you to switch to software that respects your students' and your freedom.

If Zoom was imposed on you by your school's administration, we recommend you to contact them and ask to drop Zoom in favour of a free program. Ask other teachers for help, and explain why software freedom is paramount for education.

Last resort

If you really can't remove Zoom, we propose this temporary workaround only as a last resort to help your students avoid using Zoom in the short term. We do not recommend it as a stable, long-term solution.

  • A day or two before the class, post the visual materials for each day in some freedom-respecting way, so students can download them.Any simple old-fashioned web site is suitable for this.
  • Encourage students to phone the Zoom server; tell them the phone number and the code for the conversation. That way they can listen to the audio of the session, while they follow the visual materials alongside.

life.) You could take this opportunity and talk about free software, and why software freedom is even more important today.

  • Make a recording of the Zoom conversation for each session, and post it in a freedom-respecting way soon after that session ends.

If there were situations in which this solution is not feasible, such as examinations, and students refuse to use Zoom, then you, as a teacher, could set up a different meeting in parallel or an alternative exam session using one of the free programs mentioned above. Another possibility is to provide a computer in your school with Zoom installed, and let the student join the exam using that computer. That way, the student won't be forced to install non-free software on their computer, and the use of Zoom will be limited to the exam. If you opt for this choice, we recommend the school computer to run a free software distribution.

Simply by telling students about this possibility, which you can do more than once, you will help inspire resistance
to Zoom and other freedom-trampling programs, and avoid inculcating surrender.

You will still be using Zoom, which is deleterious for your freedom. Some of your students will probably still be using Zoom, which is deleterious for their freedom. But, thanks to your efforts, some of them will avoid using Zoom.

Please note that the workarounds we suggest here are only meant as a short-term solution to help teachers react quickly to oppose the use of nonfree software for remote lectures rather than deferring to the new academic year. In the long-term, it is crucial to migrate to free/libre software and online conferencing programs like Jitsi and BigBlueButton.

All software and technology as a whole must be free, and this is a small step towards that goal. Saying NO to unjust computing even once is progress.

See examples of how people are successfully resisting nonfree software.

11 November, 2020 06:25PM by Dora Scilipoti

November 10, 2020

GNUnet News

GNS Specification Milestone 4/4 and Packaging 1+2

GNS Technical Specification Milestone 4/4 and Packaging 1+2

We are happy to announce the completion of the fourth and last milestone for the GNS Specification. The fourth milestone consists of involving a broader community for feedback and improvements:

Based on this and private feedback received, we updated the draft and the implementation. Most notably, GNS now supports alternative cryptographic schemes for zone keys ("crypto agility") which allows alternative zone types. The (protocol breaking) changes will be released as part of GNUnet 0.14.0. The specification document LSD001 can be found at:

Further, work on packaging has been done on Alpine (Packaging 1) and Debian (Packaging 2) packages. The packaging for Alpine is complete, the Debian package is in progress as review and final integration is out of our hands. For reference see also:

We will continue to engage with IETF/IRTF as much as possible (online or in-person) including future presentations and discussions at IETF/IRTF. There is still a packaging task open for Fedora (3) which is still work in progress. This work was (and other aspects still are) generously funded by NLnet as part of their Search and discovery fund.

10 November, 2020 11:00PM

November 09, 2020

grep @ Savannah

grep-3.6 released [stable]

This is to announce grep-3.6, a stable release.

There have been 18 commits by 3 people in the 6 weeks since 3.5.

This release has two important changes, a fix for a bug introduced in
grep-3.2 (from late 2018) and the removal of support for the long-deprecated
GREP_OPTIONS envvar.  See the NEWS below for more detail.

Thanks again to Norihiro Tanaka and Paul Eggert,
and to everyone else who has contributed.
The following people contributed changes to this release:

  Jim Meyering (9)
  Norihiro Tanaka (3)
  Paul Eggert (6)

Jim [on behalf of the grep maintainers]
==================================================================

Here is the GNU grep home page:
    http://gnu.org/s/grep/

For a summary of changes and contributors, see:
  http://git.sv.gnu.org/gitweb/?p=grep.git;a=shortlog;h=v3.6
or run this command from a git-cloned grep directory:
  git shortlog v3.5..v3.6

To summarize the 65 gnulib-related changes, run these commands
from a git-cloned grep directory:
  git checkout v3.6
  git submodule summary v3.5

==================================================================
Here are the compressed sources:
  https://ftp.gnu.org/gnu/grep/grep-3.6.tar.gz   (2.6MB)
  https://ftp.gnu.org/gnu/grep/grep-3.6.tar.xz   (1.6MB)

Here are the GPG detached signatures[*]:
  https://ftp.gnu.org/gnu/grep/grep-3.6.tar.gz.sig
  https://ftp.gnu.org/gnu/grep/grep-3.6.tar.xz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify grep-3.6.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

  gpg --keyserver keys.gnupg.net --recv-keys 7FD9FCCB000BEEEE

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
  Autoconf 2.69c
  Automake 1.16b
  Gnulib v0.1-3992-gbd90572c0

==================================================================
NEWS

* Noteworthy changes in release 3.6 (2020-11-08) [stable]

** Changes in behavior

  The GREP_OPTIONS environment variable no longer affects grep's behavior.
  The variable was declared obsolescent in grep 2.21 (2014), and since
  then any use had caused grep to issue a diagnostic.

** Bug fixes

  grep's DFA matcher performed an invalid regex transformation
  that would convert an ERE like a+a+a+ to a+a+, which would make
  grep a+a+a+ mistakenly match "aa".
  [Bug#44351 introduced in grep 3.2]

  grep -P now reports the troublesome input filename upon PCRE execution
  failure.  Before, searching many files for something rare might fail with
  just "exceeded PCRE's backtracking limit".  Now, it also reports which file
  triggered the failure.

09 November, 2020 05:33AM by Jim Meyering

November 08, 2020

Parabola GNU/Linux-libre

[From Arch 32] plasma-workspace needs manual intervention

plasma-workspace-5.20.1.1-1.1 cannot be installed with:

...
plasma-workspace: /usr/share/locale/zh_TW/LC_MESSAGES/kfontinst.mo exists in filesystem (owned by plasma-desktop)
plasma-workspace: /usr/share/locale/zh_TW/LC_MESSAGES/krdb.mo exists in filesystem (owned by plasma-desktop)
plasma-workspace: /usr/share/polkit-1/actions/org.kde.fontinst.policy exists in filesystem (owned by plasma-desktop)

use this to overwrite those duplicate files:

pacman -Sy --overwrite='*' plasma-workspace

08 November, 2020 04:17PM by David P.

November 05, 2020

autoconf @ Savannah

Autoconf 2.69d [beta], help needed

Zack Weinberg has released another beta, Autoconf 2.69d has been released, see the release announcement: <https://lists.gnu.org/archive/html/autoconf/2020-11/msg00003.html>

As written there: if you have time to help by developing and testing patches for the release blockers, please do.

05 November, 2020 05:36PM by Karl Berry

November 04, 2020

health @ Savannah

GNU Health HL7 FHIR server 0.9b3 is out

Dear GH community

The FHIR REST server 0.9b3 is out! This new version is Python3 compatible and can interact with the GNU Health HMIS node => 3.6

The FHIR server is a Flask application, that generates HL7 FHIR messages to a number of resources in the GNU Health Hospital Management Information System (HMIS) node .

This Reversion is the continuation of the great work done by Chris Zimmerman for Python2 and older GH instances.

The current resources are now being implemented are:

  • Conformance: Describes the server's FHIR capabilities.
  • Patient: Patient demographic information, like email, address, SSN, etc.
  • DiagnosticReport: Completed lab tests, but not the data
  • Observation: Lab data, like uric acid values
  • Practitioner: Health professionals and their information
  • Procedure: Surgeries/operations
  • Condition: Diseases/diagnoses
  • FamilyHistory: Family histories of patients
  • Medication: Medications (not prescriptions!)
  • MedicationStatement: Medications taken by a patient
  • Immunization: Immunizations
  • Organization: Institutions, departments, companies, etc.

This is still a beta version. We plan to add write support in the near future.

The server is now shipped as a Python package and hosted at PyPI (https://pypi.org/project/gnuhealth-fhir-server/). It also provides two scripts to run it via Tornado or Gunicorn WSGI servers.

The latest documentation about the FHIR REST server can be found at Wikibooks (https://en.wikibooks.org/wiki/GNU_Health/Using_the_FHIR_REST_server)

We have also created an instance at the GH Federation community server, so you can try it out without the need of installing it.

The HL7 provides yet another means to interact with GNU Health HMIS nodes from other systems, besides the current existing methods that are in place.

Best
Luis

04 November, 2020 03:26PM by Luis Falcon

October 31, 2020

remotecontrol @ Savannah

Google brings HVAC monitoring to all Nest Thermostats

https://9to5google.com/2020/10/30/nest-thermostats-hvac-monitoring/
"Filter reminders (based on run time)"

Google has forced a new monitoring technology approach on their devices to the users who rent the devices due to an inability to own the device. The new Google approach to HVAC thermostat monitoring of a premises has a significant observation vacuum in their logic.

GNU remotecontrol accounted for overcoming the filter change obstacle from the conceptual days of the software project.

https://www.gnu.org/software/remotecontrol/manual/remotecontrol.html#Proliphix-Alarms
Filter Change

"This example is an excellent illustration of the value gained by having a Remote Motoring Server, with its fully configurable and flexible alarm functionality, watching your network, your devices, and anything else you can monitor."

The outcome of the new forced monitoring technology approach from Google leaves the device renters in a position where they cannot understand the operational status of their HVAC systems.

31 October, 2020 04:01PM by Stephen H. Dawson DSL

October 29, 2020

www-zh-cn @ Savannah

Committee begins review of High Priority Projects free software list — your input is needed by January 8

Dear CTT members:

The High Priority Free Software Projects (HPP) initiative draws attention to areas of improvement to the HPP list and specific projects of great strategic importance to the goal of freedom for all computer users. Longtime committee member Benjamin Mako Hill said previously that an "updated High Priority Projects list is a description of the most important threats, and most critical opportunities, that free software faces in the modern computing landscape." As computing is more ubiquitous than ever, the HPP list must reflect ongoing changes in priorities for the free software movement. The committee is starting the new process of updating the HPP, and we need your input.

We need your input! Send your suggested changes for the list to hpp-feedback@gnu.org by January 8, 2021.

Remember, we're looking for projects of great strategic importance to the goal of freedom for all computer users. We are looking for areas where people feel they are heavily pressured or even required to use proprietary software, as well as for important missing features in existing free software, and for problems you see on the horizon as technology is developing.

If you wish, we encourage you to publish your thoughts independently (e.g., on your blog or social media) and send us a link to them. Keep in mind that not every project of great strategic importance to the goal of freedom for all computer users will be a software development project. We welcome suggestions of other forms of activism, internal or external (e.g., making free software communities safe for diverse participants, mandating use of free software in the public sector, etc.).

Suggestions for the HPP list are always welcome. The committee plans to start processing feedback for this update by January 8, 2021. Based upon the feedback we receive, the current content of the list, and our own contributions, we will publish a substantially revised list and an analysis before holding a lively discussion at LibrePlanet 2021.

Thank you.

29 October, 2020 03:52AM by Wensheng XIE

October 28, 2020

FSF News

PRESS: FSF calls for community participation to help update High Priority Free Software Projects list

BOSTON, Massachusetts, USA -- Wednesday, October 28, 2020 -- The Free Software Foundation (FSF) today announced a call for feedback from the community to help assemble an update to the Foundation's High Priority Free Software Projects list (HPP).

28 October, 2020 08:40PM

October 26, 2020

Riccardo Mottola

Arcitc Fox 27.11.0 release

 This 2020 with COVID, quarantines and lockdown was and is a strange year, but it allowed me to take care of Arctic Fox quite a bit. A lot of work is going on in my Arctic Fox fork, which Matt dutifully imports.

Thousands of commits flew in into this new release, tackling JavaScript upgrades, build fixes, further metro removal, JIT optimizations. SO much was imported from Firefox that this is really exciting!

Arctic Fox continues to run very well on MacOS-X 10.7 for example, on my MacBook Pro:



But also Linux is fully supported, of course. 



Linux/PowerPC works as before, but still no JIT of course. Roy continues his fork with WindowsXP support which differs only by a minimal set of patches.


SPARC64 support was pursued, now NetBSD/SPARC64 compiles fully, but.... the browser crashes on startup. Help seeked!

The same goes for ARM, ARM64 and MIPS: we would love to get these platforms working again: they were probably lost in PaleMoon.


Arctic Fox thus continues the pursue of PaleMoon and Firefox heritage but with enhanced compatibility on more platforms, no Rust and legacy OS/Compiler support. If you like this, please help!

26 October, 2020 10:01PM by Riccardo (noreply@blogger.com)

October 24, 2020

GNU Taler news

RFC 8905 - "The 'payto' URI Scheme for Payments" published

2020-11: RFC 8905: "The 'payto' URI Scheme for Payments" published

We are happy to announce the publication of RFC 8905 by the IETF.

RFC 8905 defines the 'payto' Uniform Resource Identifier (URI) scheme for designating targets for payments. A unified URI scheme for all payment target types allows applications to offer user interactions with URIs that represent payment targets, simplifying the introduction of new payment systems and applications.

Download links

You can download the RFC from here.

24 October, 2020 10:00PM

Parabola GNU/Linux-libre

[From Arch] libtraceevent>=5.9-1 update requires manual intervention

The libtraceevent package prior to version 5.9-1 was missing a soname link. This has been fixed in 5.9-1, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors

libtraceevent: /usr/lib/libtraceevent.so.1 exists in filesystem

when updating, use

pacman -Syu --overwrite /usr/lib/libtraceevent.so.1

to perform the upgrade.

24 October, 2020 12:15AM by David P.

October 22, 2020

parallel @ Savannah

GNU Parallel 20201022 ('Samuel Paty')

GNU Parallel 20201022 ('Samuel Paty') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Please help spreading GNU Parallel by making a testimonial video like Juan Sierra Pons: http://www.elsotanillo.net/wp-content/uploads/GnuParallel_JuanSierraPons.mp4 It does not have to be as detailed as Juan's. It is perfectly fine if you just say your name, and what field you are using GNU Parallel for.

Quote of the month:

  I get a weird sense of satisfaction every single time I see the lovely logo of #GNU Parallel (plus, what an underrated piece of great software!)
    -- Emre Sevinç @EmreSevinc@twitter

New in this release:

  • --termseq now works for jobs running remotely.
  • parsort: Performance optimized for 64-core machines.
  • Bug fixes and man page updates.

News about GNU Parallel:

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

If you like GNU Parallel record a video testimonial: Say who you are, what you use GNU Parallel for, how it helps you, and what you like most about it. Include command that uses GNU Parallel if you feel like it.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

For example you can run this to convert all jpeg files into png and gif files and have a progress bar:

  parallel --bar convert {1} {1.}.{2} ::: *.jpg ::: png gif

Or you can generate big, medium, and small thumbnails of all jpeg files in sub dirs:

  find . -name '*.jpg' |
    parallel convert -geometry {2} {1} {1//}/thumb{2}_{1/} :::: - ::: 50 100 200

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with:

    $ (wget -O - pi.dk/3 || lynx -source pi.dk/3 || curl pi.dk/3/ || \
       fetch -o - http://pi.dk/3 ) > install.sh
    $ sha1sum install.sh | grep 3374ec53bacb199b245af2dda86df6c9
    12345678 3374ec53 bacb199b 245af2dd a86df6c9
    $ md5sum install.sh | grep 029a9ac06e8b5bc6052eac57b2c3c9ca
    029a9ac0 6e8b5bc6 052eac57 b2c3c9ca
    $ sha512sum install.sh | grep f517006d9897747bed8a4694b1acba1b
    40f53af6 9e20dae5 713ba06c f517006d 9897747b ed8a4694 b1acba1b 1464beb4
    60055629 3f2356f3 3e9c4e3c 76e3f3af a9db4b32 bd33322b 975696fc e6b23cfb
    $ bash install.sh

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your command line will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 October, 2020 08:26PM by Ole Tange

October 20, 2020

rcs @ Savannah

RCS 5.10.0 available

GNU RCS (Revision Control System) 5.10.0 is available.

The full announcement was posted to the info-gnu mailing list:

20 October, 2020 02:55PM by Thien-Thi Nguyen

October 19, 2020

recutils @ Savannah

GNU recutils is back to active development

Hi good peoples!

During the last few years I somehow stopped adding new features to the GNU recutils, limiting its development to the resolution of important bugs, and releasing every one or another year.  The reason for this was that I considered the recutils to be, mostly, "finished".

However, as of recent some projects have adopted recutils as part of their infrastructure (guix, GNUnet) and it seemst hat Fred's and George's favorite tools are getting popular in the internets... and what is more, people are sending patches! o_O

So I have decided to put the GNU recutils back under active development, for the immense joy of adults and children (and turtles.)

The very first step is a simplification/modernization of the codebase, which is already work in progress (see the last couple of commits).  You see, I wrote recutils a looong time ago, and therefore I don't feel that comfortable looking at the code: I call this feeling/phenomena "shameware".

Then I will probably rewrite the multi-set internal implementation, to make it more efficient, and go straight to implement some facilities that the recutils users have been wishing for  for a long time (like sorting records in reverse order, ahem.)

So let's see, 2021 may introduce recutils 2.0!  Slowly and carefully... turtle steps..

Salud!

19 October, 2020 05:59PM by Jose E. Marchesi

October 16, 2020

Trisquel GNU/Linux

Trisquel 9.0 "Etiona" release announcement, and 10.0 plans

They say that good things come to those who wait, and for this release there has been a lot of waiting but also plenty of good things. Trisquel 9.0, codename "Etiona" is our most polished release yet, thanks to the contribution of a very committed team of volunteers. This release comes in several flavors:

  • MATE desktop, the default. Based on the popular fork of GNOME 2.x, this edition provides a classic desktop environment matching the user experience of previous Trisquel releases.
  • Trisquel Mini, a lightweight version for older machines and netbooks. Based on the LXDE desktop environment and a selection of resource-saving applications to bring new life to your hardware.
  • Triskel, running the KDE environment. Excellent for customizing the design and look in fine detail.
  • Trisquel netinstall image. To deploy with a command-line install interface, ideal for servers and advanced users.
  • Trisquel TOAST, based on the Sugar learning platform. Comes with dozens of educational activities for children.

Despite the longer than usual release time, all packages are fully up to date with long-term-support updates and security patches. The default web browser "Abrowser", our freedom and privacy respecting take on Mozilla's browser, provides the latest updates from upstream for a great browsing experience. Backports provide extended hardware support and other goodies like a newer LibreOffice and many other utilities.

Special thanks (in no particular order, and probably forgetting a few!) to adfeno, Ark74, leny2010, chaosmonk, davidpgil, dctrud, daroal, proninyaroslav, sudoman, a_slacker_here, rms, bill-auger, pabloyoyoista, kpengboy, pikurasa, mtsio, bandali, thomzane, jxself, valessio, DiivaaD, DNS, Eighth_Doctor, iank, fredd, freekurt, aklis, gnutastyc, calher, CharlieBrown, satellit, charh, fvnines, pehjota, and the whole Trisquel community, for your contributions, support, ideas and continuous encouragement.

Give Trisquel 10 a name

The development work for the next release is ready to start, and the first step start building packages is to set a codename. Join the forum/mailing-list to bring suggestions for an inspiring name from the celtic mythology (as is tradition).

New development server

Thanks to the Free Software Foundation, we now have a dedicated development server built on freedom-respecting hardware, ready to start working on Trisquel 10. A beefy 32-core, 128GB RAM machine built on the KGPE-D16 motherboard running Libreboot, hosted at the FSF's datacenter rack in Somerville.
 

MATE desktop
KDE desktop
Utilities
Games

16 October, 2020 04:30PM by quidam

vc-dwim @ Savannah

vc-dwim-1.10 released [stable]

It's been nearly a year, so here's a new release.
Thanks to Karl Berry for making nearly all of the nontrivial changes.

Here are the compressed sources and a GPG detached signature[*]:
  https://ftp.gnu.org/gnu/vc-dwim/vc-dwim-1.10.tar.xz
  https://ftp.gnu.org/gnu/vc-dwim/vc-dwim-1.10.tar.xz.sig

Use a mirror for higher download bandwidth:
  https://ftpmirror.gnu.org/vc-dwim/vc-dwim-1.10.tar.xz
  https://ftpmirror.gnu.org/vc-dwim/vc-dwim-1.10.tar.xz.sig

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify vc-dwim-1.10.tar.xz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

  gpg --keyserver keys.gnupg.net --recv-keys 7FD9FCCB000BEEEE

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
  Autoconf 2.69c
  Automake 1.16b
  Gnulib v0.1-3952-g8bc21357b

NEWS

* Noteworthy changes in release 1.10 (2020-10-15) [stable]

** Changes in behavior

  vc-dwim now requires a one-line summary

** New features

  --debug is much more verbose, and implies --verbose.

16 October, 2020 06:34AM by Jim Meyering

mdk @ Savannah

GNU MDK 1.2.11 released

A new bug fix release.  Happy hacking!

16 October, 2020 12:00AM by Jose Antonio Ortega Ruiz

October 15, 2020

Andy Wingo

on "binary security of webassembly"

Greets!

You may have seen an interesting paper cross your radar a couple months ago: Everything Old is New Again: Binary Security of WebAssembly, by Daniel Lehmann, Johannes Kinder and Michael Pradel. The paper makes some strong claims and I would like to share some thoughts on it.

reader-response theory

For context, I have been working on web browsers for the last 8 years or so, most recently on the JavaScript and WebAssembly engine in Firefox. My work mostly consists of implementing new features, which if you are familiar with software development translates as "writing bugs". Almost all of those bugs are security bugs, potentially causing Firefox to go from being an agent of the user to an agent of the Mossad, or of cryptocurrency thieves, or anything else.

Mitigating browser bug flow takes a siege mentality. Web browsers treat all web pages and their corresponding CSS, media, JavaScript, and WebAssembly as hostile. We try to reason about global security properties, and translate those properties into invariants ensured at compile-time and run-time, for example to ensure that a web page from site A can't access cookies from site B.

In this regard, WebAssembly has some of the strongest isolation invariants in the whole platform. A WebAssembly module has access to nothing, by default: neither functionality nor data. Even a module's memory is isolated from the rest of the browser, both by construction (that's just how WebAssembly is specified) and by run-time measures (given that pointers are 32 bits in today's WebAssembly, we generally reserve a multi-gigabyte region for a module's memory that can contain nothing else).

All of this may seem obvious, but consider that a C++ program compiled to native code on a POSIX platform can use essentially everything that the person running it has access to: your SSH secrets, your email, all of your programs, and so on. That same program compiled to WebAssembly does not -- any capability it has must have been given to it by the person running the program. For POSIX-like programs, the WebAssembly community is working on a POSIX for the web that standardizes a limited-capability access to data and functionality from the world, and in web browsers, well of course the module has access only to the capabilities that the embedding web page gives to it. Mostly, as the JS run-time accompanying the WebAssembly is usually generated by emscripten, this set of capabilties is a function of the program itself.

Of course, complex WebAssembly systems may contain multiple agents, acting on behalf of different parties. For example, a module might, through capabilities provided by the host, be able to ask flickr to delete a photo, but might also be able to crawl a URL for photos. Probably in this system, crawling a web page shouldn't be able to "trick" the WebAssembly module into deleting a photo. The C++ program compiled to WebAssembly could have a bug of course, in which case, you get to keep both pieces.

I mention all of this because we who work on WebAssembly are proud of this work! It is a pleasure to design and build a platform for high-performance code that provides robust capabilities-based security properties.

the new criticism

Therefore it was with skepticism that I started reading the Lehmann et al paper. The paper focusses on WebAssembly itself, not any particular implementation thereof; what could be wrong about WebAssembly?

I found the answer to be quite nuanced. To me, the paper shows three interesting things:

  1. Memory-safety bugs in C/C++ programs when compiled to WebAssembly can cause control-flow edges that were not present in the source program.

  2. Unexpected control-flow in a web browser can sometimes end up in a call to eval with the permissions of the web page, which is not good.

  3. It's easier in some ways to exploit bugs in a C/C++ program when compiled to WebAssembly than when compiled natively, because many common mitigations aren't used by the WebAssembly compiler toolchain.

Firstly, let's dicuss the control-flow point. Let's say that the program has a bug, and you have made an exploit to overwrite some memory location. What can you do with it? Well, consider indirect calls (call_indirect). This is what a compiler will emit for a vtable method call, or for a call to a function pointer. The possible targets for the indirect call are stored in a table, which is a side array of all possible call_indirect targets. The actual target is selected at run-time based on an index; WebAssembly function pointers are just indices into this table.

So if a function loads an index into the indirect call table from memory, and some exploit can change this index, then you can cause a call site to change its callee. Although there is a run-time type check that occurs at the call_indirect site to ensure that the callee is called with the right type, many functions in a module can have compatible types and thus be callable without an error.

OK, so that's not great. But what can you do with it? Well it turns out that emscripten will sometimes provide JavaScript's eval to the WebAssembly module. Usually it will be called only with a static string, but anything can happen. If an attacker can redirect a call site to eval instead of one of the possible targets from the source code, you can (e.g.) send the user's cookies to evil.com.

There's a similar vulnerability regarding changing the operand to eval, instead. Strings are represented in linear memory as well, and there's no write protection on them, even if they are read-only data. If your write primitive can change the string being passed to eval, that's also a win for the attacker. More details in the paper.

This observation brings us to the last point, which is that many basic mitigations in (e.g.) POSIX deployments aren't present in WebAssembly. There are no OS-level read-only protections for static data, and the compiler doesn't enforce this either. Also WebAssembly programs have to bundle their own malloc, but the implementations provided by emscripten don't implement the "hardening" techniques. There is no addres-space layout randomization, so exploits are deterministic. And so on.

on mitigations

It must be said that for most people working on WebAssembly, security "mitigations" are... unsatisfactory. They aren't necessary for memory-safe programs, and they can't prevent memory-unsafe programs from having unexpected behavior. Besides, we who work on WebAssembly are more focussed on the security properties of the WebAssembly program as embedded in its environment, but not on the program itself. Garbage in, garbage out, right?

In that regard, I think that one answer to this paper is just "don't". Don't ship memory-unsafe programs, or if you do, don't give them eval capabilities. No general mitigation will make these programs safe. Writing your program in e.g. safe Rust is a comprehensive fix to this class of bug.

But, we have to admit also that shipping programs written in C and C++ is a primary goal of WebAssembly, and that no matter how hard we try, some buggy programs will get shipped, and therefore that there is marginal value to including mitigations like read-only data or even address space randomization. We definitely need to work on getting control-flow integrity protections working well with the WebAssembly toolchain, probably via multi-table support (part of the reference types extension; my colleague Paulo Matos just landed a patch in this area). And certainly Emscripten should work towards minimizing the capabilities set exposed to WebAssembly by the generated JavaScript, notably by compiling away uses of eval by embind.

Finally, I think that many of the problems identified by this paper will be comprehensively fixed in a different way by more "managed" languages. The problem is that C/C++ pointers are capabilities into all of undifferentiated linear memory. By contrast, handles to GC-managed objects are unforgeable: given object A, you can't get to object B except if object A references B. It would be great if we could bring some of the benefits of this more capability-based approach to in-memory objects to languages like C and C++; more on that in a future note, I think.

chapeau

In the end, despite my initial orneriness, I have to admit that the paper authors point out some interesting areas to work on. It's clear that there's more work to do. I was also relieved to find that my code is not at fault in this particular instance :) Onwards and upwards, and until next time, happy hacking!

15 October, 2020 10:29AM by Andy Wingo

October 13, 2020

malloc as a service

Greetings, internet! Today I have the silliest of demos for you: malloc-as-a-service.

loading walloc...

>&&<&>>>>>&&>

The above input box, if things managed to work, loads up a simple bare-bones malloc implementation, and exposes "malloc" and "free" bindings. But the neat thing is that it's built without emscripten: it's a standalone C file that compiles directly to WebAssembly, with no JavaScript run-time at all. I share it here because it might come in handy to people working on WebAssembly toolchains, and also because it was an amusing experience to build.

wat?

The name of the allocator is "walloc", in which the w is for WebAssembly.

Walloc was designed with the following priorities, in order:

  1. Standalone. No stdlib needed; no emscripten. Can be included in a project without pulling in anything else.

  2. Reasonable allocation speed and fragmentation/overhead.

  3. Small size, to minimize download time.

  4. Standard interface: a drop-in replacement for malloc.

  5. Single-threaded (currently, anyway).

Emscripten includes a couple of good malloc implementations (dlmalloc and emmalloc) which probably you should use instead. But if you are really looking for a bare-bones malloc, walloc is fine.

You can check out all the details at the walloc project page; a selection of salient bits are below.

Firstly, to build walloc, it's just a straight-up compile:

clang -DNDEBUG -Oz --target=wasm32 -nostdlib -c -o walloc.o walloc.c

The resulting walloc.o is a conforming WebAssembly file on its own, but which also contains additional symbol table and relocation sections which allow wasm-ld to combine separate compilation units into a single final WebAssembly file. walloc.c on its own doesn't import or export anything, in the WebAssembly sense; to make bindings visible to JS, you need to add a little wrapper:

typedef __SIZE_TYPE__ size_t;

#define WASM_EXPORT(name) \
  __attribute__((export_name(#name))) \
  name

// Declare these as coming from walloc.c.
void *malloc(size_t size);
void free(void *p);
                          
void* WASM_EXPORT(walloc)(size_t size) {
  return malloc(size);
}

void WASM_EXPORT(wfree)(void* ptr) {
  free(ptr);
}

If you compile that to exports.o and link via wasm-ld --no-entry --import-memory -o walloc.wasm exports.o walloc.o, you end up with the walloc.wasm used in the demo above. See your inspector for the URL.

The resulting wasm file is about 2 kB (uncompressed).

Walloc isn't the smallest allocator out there. A simple bump-pointer allocator that never frees is the fastest thing you can have. There is also an alternate allocator for Rust, wee_alloc, which is said to be smaller than walloc, though I think it is less space-efficient for small objects. But still, walloc is pretty small.

implementation notes

When a C program is compiled to WebAssembly, the resulting wasm module (usually) has associated linear memory. It can be linked in a way that the memory is created by the module when it's instantiated, or such that the module is given a memory by its host. The above example passed --import-memory to the linker, allowing the host to bound memory usage for the module instance.

The linear memory has the usual data, stack, and heap segments. The data and stack are placed first. The heap starts at the &__heap_base symbol. (This symbol is computed and defined by the linker.) All bytes above &__heap_base can be used by the wasm program as it likes. So &__heap_base is the lower bound of memory managed by walloc.

                                              memory growth ->
+----------------+-----------+-------------+-------------+----
| data and stack | alignment | walloc page | walloc page | ...
+----------------+-----------+-------------+-------------+----
^ 0              ^ &__heap_base            ^ 64 kB aligned

Interestingly, there are a few different orderings of data and stack used by different toolchains. It used to even be the case that the stack grew up. This diagram from the recent "Everything Old is New Again: Binary Security of WebAssembly" paper by Lehmann et al is a good summary:

The sensible thing to prevent accidental overflow (underflow, really) is to have the stack grow down to 0, with data at higher addresses. But this can cause WebAssembly code that references data to take up more bytes, because addresses are written using variable-length "LEB" encodings that favor short offsets, so it isn't the default, right now at least.

Anyway! The upper bound of memory managed by walloc is the total size of the memory, which is aligned on 64-kilobyte boundaries. (WebAssembly ensures this alignment.) Walloc manages memory in 64-kb pages as well. It starts with whatever memory is initially given to the module, and will expand the memory if it runs out. The host can specify a maximum memory size, in pages; if no more pages are available, walloc's malloc will simply return NULL; handling out-of-memory is up to the caller.

Walloc has two allocation strategies: small and large objects.

big bois

A large object is more than 256 bytes.

There is a global freelist of available large objects, each of which has a header indicating its size. When allocating, walloc does a best-fit search through that list.

struct large_object {
  struct large_object *next;
  size_t size;
  char payload[0];
};
struct large_object* large_object_free_list;

Large object allocations are rounded up to 256-byte boundaries, including the header.

If there is no object on the freelist that can satisfy an allocation, walloc will expand the heap by the size of the allocation, or by half of the current walloc heap size, whichever is larger. The resulting page or pages form a large object that can satisfy the allocation.

If the best object on the freelist has more than a chunk of space on the end, it is split, and the tail put back on the freelist. A chunk is 256 bytes.

+-------------+---------+---------+-----+-----------+
| page header | chunk 1 | chunk 2 | ... | chunk 255 |
+-------------+---------+---------+-----+-----------+
^ +0          ^ +256    ^ +512                      ^ +64 kB

As each page is 65536 bytes, and each chunk is 256 bytes, there are therefore 256 chunks in a page. The first chunk in a page that begins an allocated object, large or small, contains a header chunk. The page header has a byte for each of the 256 chunks in the page. The byte is 255 if the corresponding chunk starts a large object; otherwise the byte indicates the size class for packed small-object allocations (see below).

+-------------+---------+---------+----------+-----------+
| page header | large object 1    | large object 2 ...   |
+-------------+---------+---------+----------+-----------+
^ +0          ^ +256    ^ +512                           ^ +64 kB

When splitting large objects, we avoid starting a new large object on a page header chunk. A large object can only span where a page header chunk would be if it includes the entire page.

Freeing a large object pushes it on the global freelist. We know a pointer is a large object by looking at the page header. We know the size of the allocation, because the large object header precedes the allocation. When the next large object allocation happens after a free, the freelist will be compacted by merging adjacent large objects.

small fry

Small objects are allocated from segregated freelists. The granule size is 8 bytes. Small object allocations are packed in a chunk of uniform allocation size. There are size classes for allocations of each size from 1 to 6 granules, then 8, 10, 16, and 32 granules; 10 sizes in all. For example, an allocation of e.g. 12 granules will be satisfied from a 16-granule chunk. Each size class has its own free list.

struct small_object_freelist {
  struct small_object_freelist *next;
};
struct small_object_freelist small_object_freelists[10];

When allocating, if there is nothing on the corresponding freelist, walloc will allocate a new large object, then change its chunk kind in the page header to the size class. It then goes through the fresh chunk, threading the objects through each other onto a free list.

+-------------+---------+---------+------------+---------------------+
| page header | large object 1    | granules=4 | large object 2' ... |
+-------------+---------+---------+------------+---------------------+
^ +0          ^ +256    ^ +512    ^ +768       + +1024               ^ +64 kB

In this example, we imagine that the 4-granules freelist was empty, and that the large object freelist contained only large object 2, running all the way to the end of the page. We allocated a new 4-granules chunk, splitting the first chunk off the large object, and pushing the newly trimmed large object back onto the large object freelist, updating the page header appropriately. We then thread the 4-granules (32-byte) allocations in the fresh chunk together (the chunk has room for 8 of them), treating them as if they were instances of struct freelist, pushing them onto the global freelist for 4-granules allocations.

           in fresh chunk, next link for object N points to object N+1
                                 /--------\                     
                                 |        |
            +------------------+-^--------v-----+----------+
granules=4: | (padding, maybe) | object 0 | ... | object 7 |
            +------------------+----------+-----+----------+
                               ^ 4-granule freelist now points here 

The size classes were chosen so that any wasted space (padding) is less than the size class.

Freeing a small object pushes it back on its size class's free list. Given a pointer, we know its size class by looking in the chunk kind in the page header.

and that's it

Hey have fun with the thing! Let me know if you find it useful. Happy hacking and until next time!

13 October, 2020 01:34PM by Andy Wingo

October 07, 2020

www-zh-cn @ Savannah

Join the FSF for an online birthday celebration on Friday, October 9th

This Friday, October 9th, from 12:00 EDT (16:00 UTC) until 17:00 (21:00 UTC), we will host a fun and informative live event with guests from all over the world, to discuss the future of free software and learn from their experiences in different fields driving free software forward. You can find the full program on the FSF Web site, but here are some of the highlights we are looking forward to:

    We invited illustrator and artist David Revoy, who also designed our beautiful coral anniversary artwork, to join us and talk about his artwork, the challenges of design in free software, and his work with Pepper & Carrot. You can join us in the IRC #fsf channel on Freenode to ask him questions as well!

    We count on federated social media to keep developing our ethical social experience online, so we asked Pouhiou, co-director of Framasoft, to have a conversation with us about what a program like video sharing platform Peertube can mean for the future, and the importance and challenges of moderating a server.

    We will also be joined by Eda Nano, board member at April in France, who can elaborate on developments of free software in France, and talk about collaboration between organizations.

    A segment focusing on the challenges and successes of local free software activism worldwide will welcome organizers from free software groups large and small, including long-time LibrePlanet speaker Italo Vignoli from The Document Foundation, located in Italy, and Bonnie Mehring, Free Software Foundation Europe's junior project manager.

    Also, be sure to join us for short talks from FSF president Geoffrey Knauth, executive director John Sullivan, and FSF founder Richard Stallman on the last thirty-five years of software freedom, and what the future holds for the FSF.

It is promising to be a fun, educational, and entertaining event. You can join us via fsf.org, and join the conversation with our speakers live through IRC on Freenode in the #fsf channel; we'll make sure we put the link up prominently on our homepage as well. You can also join the online experience by sending in your own video commemorating the occasion, following the instructions on the LibrePlanet wiki.

This birthday celebration is gratis, and all of our speakers are volunteering their time to create a joyous event where we can share our experiences and knowledge together. The LibrePlanet safe space policy will be followed throughout the event, so please make sure you read it. If this online experience is anything like LibrePlanet 2020, we will have a wonderful event, and we can't wait to see everyone online.

07 October, 2020 09:28AM by Wensheng XIE

October 06, 2020

FSF News

www @ Savannah

Should Rockets Have Only Free Software?

New article by Richard Stallman: Should Rockets Have Only Free Software?

Could there be a rocket that is totally free software? Should we demand that SpaceX liberate the software in its satellite launching rockets? I don't think the person who asked me this was serious, but answering that question may illuminate similar issues about the sorts of products people really buy today.

06 October, 2020 02:40PM by Dora Scilipoti

October 04, 2020

FSF Events

The FSF's 35th anniversary event

Join us in celebrating the FSF's thirty-fifth year of fighting for software freedom.

Online and via IRC in #fsf (on Freenode)
Celebration image
Source files for the anniversary artwork by illustrator and artist David Revoy.
Our work will not be finished until every computer user is able to do all of their digital tasks in complete freedom -- whether that's on a desktop, laptop, or the computer in your pocket. The fight for free software continues, and we wouldn't be here without you.

To celebrate, we have a full week of announcements and surprises planned.

We will end in an online anniversary event featuring both live and prerecorded segments this Friday, October 9th, from 12:00 EDT (16:00 UTC) until 17:00 EDT (21:00 UTC).


Submit a celebration video

We'd love for you to join in celebration of this amazing community by submitting a short (two-minute) video sharing your favorite memory about free software or the FSF, or a wish for the future of software freedom. We'll be collecting the videos all week and airing a selection during the birthday event on October 9th. Please follow these instructions on how to successfully (and freely!) submit the video via FTP.

If you submit your video before Thursday October 8th 16:00 EDT (20:00 UTC), you may be featured in the live event on October 9th. However, submissions after this time will still be accepted.


Program (Times are in EDT)

  • 12:00 - 12:10: Welcome and introductory remarks
    by Greg Farough (FSF campaigns manager)
    and Zoë kooyman (FSF program manager)

  • 12:10 - 12:25: Celebrating 35 years of FSF
    by FSF president Geoffrey Knauth

  • 12:30 - 13:15 Free software design and Q&A
    with illustrator and artist David Revoy

  • 13:15 - 13:30: Community videos

  • 13:30 - 14:15: Free software in France, federated social media and moderation
    with Pouhiou, co-founder of Framasoft and Eda Nano, board member of April, France

  • 14:15 - 14:30: A prerecorded message from RMS
    by FSF founder Richard Stallman

  • 14:30 - 15:00: FSF History Quiz
    by Craig Topham (FSF copyright and licensing associate & quizmaster)

  • 15:00 - 16:30: How to organize local free software groups
    with Bonnie Mehring (FSFE, DE), Italo Vignoli (TDF)
    and local groups organizers from around the world.

  • 16:30 - 16:45: Celebrating 35 years of FSF
    by FSF executive director John Sullivan

  • 16:45 - 16:55: Community videos

  • 16:55 - 17:00: Closing remarks

This live event will follow the LibrePlanet safe space policy will be followed throughout the event, so please make sure you read it.


How to join the anniversary event

The event will be livestreamed through the fsf.org Web site, and the link will be posted here as soon as the livepage is available. Join the conversation, and ask questions to the speakers through IRC on Freenode at #fsf.


Support the FSF and receive an anniversary pin

Image of anniversary pin

If you are also able to, please consider making a donation of $35 or more to help keep the fight for user freedom going another 35 years, we'll send you a commemorative pin as pictured at the top of this email.


Share

Invite people to join the community's celebration of thirty-five years of software freedom sharing the hashtag #FSF35.

Feel free to adapt the text and use it with the #fsf35 hashtag and the included image.

Join me in celebrating #fsf35 with the free software community and the @FSF this Friday, October 9th by tuning into fsf.org for the live anniversary event.


Illustration Copyright © 2020 Free Software Foundation, Inc., by David Revoy, licensed under Creative Commons Attribution 4.0 International license.

04 October, 2020 08:55PM

Sylvain Beucler

git filter-branch and --state-branch - how?

I'm mirroring and reworking a large Git repository with git filter-branch (conversion ETA: 20h), and I was wondering how to use --state-branch which is supposed to speed-up later updates, or split a large conversion in several updates.

The documentation is pretty terse, the option can produce weird results (like an identity mapping that breaks all later updates, or calling the expensive tree-filter but discarding the results), wrappers are convoluted, but I got something to work so I'll share :)

The main point is: run the initial script and the later updates in the same configuration, which means the target branch needs to be reset to the upstream branch each time, before it's rewritten again by filter-branch. In other words, don't re-run it on the rewritten branch, nor attempt some complex merge/cherry-pick.

git fetch
git branch --no-track -f myrewrite origin/master
git filter-branch \
  --xxx-filter ... \
  --xxx-filter ... \
  --state-branch refs/heads/filter-branch/myrewrite \
  -d /dev/shm/filter-branch/$$ -f \
  myrewrite

Updates restart from scratch but only take a few seconds to skim through all the already-rewritten commits, and maintain a stable history.

Note that if the process is interrupted, the state-branch isn't modified, so it's not a stop/resume feature. If you want to split a lenghty conversion, you could simulate multiple upstream updates by checking out successive points in history (e.g. per year using $(git rev-list -1 --before='2020-01-01 00:00:00Z')).

--state-branch isn't meant to rewrite in reverse chronological order either, because all commit ids would constantly change. Still, you can rewrite only the recent history for a quick discardable test.

Be cautious when using/deleting rewritten branches, especially during early tests, because Git tends to save them to multiple places which may desync (e.g. .git/refs/heads/, .git/logs/refs/, .git/packed-refs). Also remember to delete the state-branch between different tests. Last, note the unique temporary directory -d to avoid ruining concurrent tests ^_^'

04 October, 2020 10:18AM

October 01, 2020

Parabola GNU/Linux-libre

[From Arch] ghostpcl>=9.53.2-2 and ghostxps>=9.53.2-2 updates require manual intervention

The ghostpcl and ghostxps packages prior to version 9.53.2-2 were missing a soname link each. This has been fixed in 9.53.2-2, so the upgrade will need to overwrite the untracked files created by ldconfig. If you get any of these errors

ghostpcl: /usr/lib/libgpcl6.so.9 exists in filesystem
ghostxps: /usr/lib/libgxps.so.9 exists in filesystem

when updating, use

pacman -Syu --overwrite /usr/lib/libgpcl6.so.9,/usr/lib/libgxps.so.9

to perform the upgrade.

01 October, 2020 09:20PM by David P.

September 30, 2020

GNU Taler news

Talk about GNU Taler in Valencia

2020-10: GNU Taler presentation by Javier Sepúlveda in Valencia

Javier Sepúlveda will give a talk in Spanish about GNU Taler at Valencia at an event organized by the GNU/Linux group from Valencia, which is a public organization supported by the Valencia City Hall to promote urban innovation and entrepreneurship.

30 September, 2020 10:00PM

Christopher Allan Webber

Spritely website launches, plus APConf video(s)!

Note: This originally appeared as a post on my Patreon account... thanks to all who have donated to support my work!

Hello, hello! Spritely's website has finally launched! Whew... it's been a lot of work to get it to this state! Plus check out our new logo:

Spritely logo

Not bad, eh? Also with plenty of cute characters on the Spritely site (thank you to David Revoy for taking my loose character sketches and making them into such beautiful paintings!)

But those cute characters are there for a reason! Spritely is quite ambitious and has quite a few subprojects. Here's a video that explains how they all fit together. Hopefully that makes things more clear!

Actually that video is from ActivityPub Conference 2020, the talks of which have now all have their videos live! I also moderated the intro keynote panel about ActivityPub authors/editors. Plus there's an easter egg, the ActivityPub Conference Opening Song! :)

But I can't take credit for APConf 2020... organization and support are thanks to Morgan Lemmer-Webber, Sebastian Lasse, and FOSSHost for hosting the website and BigBlueButton instance and conf.tube for generously hosting all the videos. There's a panel about the organization of APConf you can watch if you're interested in more of that! (And of course, all the other great videos too!)

So... what about that week I was going to work on Terminal Phase? Well... I'm still planning on doing it but admittedly it hasn't happened yet. All of the above took more time than expected. However, today I am working on my talk about Spritely Goblins for RacketCon, and as it turns out, extending Terminal Phase is a big part of that talk. But I'll announce more soon when the Terminal Phase stuff happens.

Onwards and upwards!

30 September, 2020 07:20PM by Christopher Lemmer Webber

September 28, 2020

grep @ Savannah

grep-3.5 released [stable]

This is to announce grep-3.5, a stable release.

Thanks especially to Paul Eggert, Norihiro Tanaka and Bruno Haible
for changes both in grep proper and in gnulib.

There have been 56 commits by 3 people in the 38 weeks since 3.4.

See the NEWS below for a summary.

Thanks to everyone who has contributed!
The following people contributed changes to this release:

  Jim Meyering (22)
  Norihiro Tanaka (1)
  Paul Eggert (33)

Jim [on behalf of the grep maintainers]
==================================================================

Here is the GNU grep home page:
    http://gnu.org/s/grep/

For a summary of changes and contributors, see:
  http://git.sv.gnu.org/gitweb/?p=grep.git;a=shortlog;h=v3.5
or run this command from a git-cloned grep directory:
  git shortlog v3.4-almost..v3.5

To summarize the 806 gnulib-related changes, run these commands
from a git-cloned grep directory:
  git checkout v3.5
  git submodule summary v3.4-almost

==================================================================
Here are the compressed sources:
  https://ftp.gnu.org/gnu/grep/grep-3.5.tar.gz   (2.6MB)
  https://ftp.gnu.org/gnu/grep/grep-3.5.tar.xz   (1.6MB)

Here are the GPG detached signatures[*]:
  https://ftp.gnu.org/gnu/grep/grep-3.5.tar.gz.sig
  https://ftp.gnu.org/gnu/grep/grep-3.5.tar.xz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify grep-3.5.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

  gpg --keyserver keys.gnupg.net --recv-keys 7FD9FCCB000BEEEE

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
  Autoconf 2.69c
  Automake 1.16b
  Gnulib v0.1-3927-g02b29b878

==================================================================
NEWS

* Noteworthy changes in release 3.5 (2020-09-27) [stable]

** Changes in behavior

  The message that a binary file matches is now sent to standard error
  and the message has been reworded from "Binary file FOO matches" to
  "grep: FOO: binary file matches", to avoid confusion with ordinary
  output or when file names contain spaces and the like, and to be
  more consistent with other diagnostics.  For example, commands
  like 'grep PATTERN FILE | wc' no longer add 1 to the count of
  matching text lines due to the presence of the message.  Like other
  stderr messages, the message is now omitted if the --no-messages
  (-s) option is given.

  Two other stderr messages now use the typical form too.  They are
  now "grep: FOO: warning: recursive directory loop" and "grep: FOO:
  input file is also the output".

  The --files-without-match (-L) option has reverted to its behavior
  in grep 3.1 and earlier.  That is, grep -L again succeeds when a
  line is selected, not when a file is listed.  The behavior in grep
  3.2 through 3.4 was causing compatibility problems.

** Bug fixes

  grep -I no longer issues a spurious "Binary file FOO matches" line.
  [Bug#33552 introduced in grep 2.23]

  In UTF-8 locales, grep -w no longer ignores a multibyte word
  constituent just before what would otherwise be a word match.
  [Bug#43225 introduced in grep 2.28]

  grep -i no longer mishandles ASCII characters that match multibyte
  characters.  For example, 'LC_ALL=tr_TR.utf8 grep -i i' no longer
  dumps core merely because 'i' matches 'İ' (U+0130 LATIN CAPITAL
  LETTER I WITH DOT ABOVE) in Turkish when ignoring case.
  [Bug#43577 introduced partly in grep 2.28 and partly in grep 3.4]

  A performance regression with -E and many patterns has been mostly fixed.
  "Mostly" as there is a performance tradeoff between Bug#22357 and Bug#40634.
  [Bug#40634 introduced in grep 2.28]

  A performance regression with many duplicate patterns has been fixed.
  [Bug#43040 introduced in grep 3.4]

  An N^2 RSS performance regression with many patterns has been fixed
  in common cases (no backref, and no use of -o or --color).
  With only 80,000 lines of /usr/share/dict/linux.words, the following
  would use 100GB of RSS and take 3 minutes. With the fix, it used less
  than 400MB and took less than one second:
    head -80000 /usr/share/dict/linux.words > w; grep -vf w w
  [Bug#43527 introduced in grep 3.4]

** Build-related

  "make dist" builds .tar.gz files again, as they are still used in
  some barebones builds.

28 September, 2020 03:30AM by Jim Meyering

September 26, 2020

hyperbole @ Savannah

GNU Hyperbole 7.1.3, the Antiviral Release, is now available on GNU ELPA

What's new in this release is described here:

   http://www.gnu.org/s/hyperbole/HY-NEWS.html

   Everything back until release 7.0.3 is new since the last major
   release announcement (about a year ago), so updates are extensive.

========================================================================

  • Introduction

========================================================================

Hyperbole is like Markdown for hypertext.  Hyperbole automatically
recognizes dozens of common patterns in any buffer regardless of mode
and can instantly activate them as hyperbuttons with a single key:
email addresses, URLs, grep -n outputs, programming backtraces,
sequences of Emacs keys, programming identifiers, Texinfo and Info
cross-references, Org links, Markdown links and on and on.  All you do
is load Hyperbole and then your text comes to life with no extra
effort or complex formatting.

Hyperbole interlinks all your working information within Emacs for
fast access and editing, not just within special modes.  Every button
is automatically assigned a type and new types can be developed for
your own buttons with simple function definitions.  You can create
your own buttons by simply dragging between two buffers.

But Hyperbole is also a hub controller for your information supplying
built-in capabilities of contact management/hierarchical record
lookup, legal-numbered outlines with hyperlinkable views and a unique
window and frame manager.  It is even Org-compatible so you can use
all of Org's capabilities together with Hyperbole.

Hyperbole is unique, powerful, extensively documented, and free.  Like
Emacs, Org, Counsel and Helm, Hyperbole has many different uses all
based around the theme of reducing cognitive load and improving your
everyday information management.  Then as you grow with it across
time, it helps you build new capabilities that continue to speed your
work.

========================================================================

  • Using Hyperbole

========================================================================

To install:

   {M-x package-install RET hyperbole RET} to install it.

   It installs in about a minute and can be uninstalled even faster if
   ever need be.  Give it a try.

Then to invoke its menu:

   {C-h h} or {M-x hyperbole RET}

The best way to get a feel for many of its capabilities is to
invoke the interactive DEMO and explore sections of interest:

   {C-h h d d}

The Hyperbole home page with screen shots is here:

   http://www.gnu.org/s/hyperbole

For use cases, see:

   http://www.gnu.org/s/hyperbole/HY-WHY.html

For what users think about Hyperbole, see:

   http://www.gnu.org/s/hyperbole/hyperbole.html#user-quotes

Enjoy,

The Hyperbole Team

26 September, 2020 01:59AM by Robert Weiner

September 24, 2020

autoconf @ Savannah

Autoconf 2.69c [beta]

Autoconf 2.69c has been released, see the release announcement:
<https://lists.gnu.org/archive/html/autoconf/2020-09/msg00006.html>

24 September, 2020 05:31PM by Zack Weinberg

September 23, 2020

parallel @ Savannah

GNU Parallel 20200922 ('Ginsburg') released

GNU Parallel 20200922 ('Ginsburg') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Quote of the month:

  Great tool, gets jobs done fast.
  Great tool, gets jobs done fast.
  Great tool, gets jobs done fast.
    -- Paul F. De La Cruz @pdelacruzcc@twitter

 

New in this release:

  • New CPU detection for GNU/Linux.
  • Bug fixes and man page updates.

News about GNU Parallel:

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

For example you can run this to convert all jpeg files into png and gif files and have a progress bar:

  parallel --bar convert {1} {1.}.{2} ::: *.jpg ::: png gif

Or you can generate big, medium, and small thumbnails of all jpeg files in sub dirs:

  find . -name '*.jpg' |
    parallel convert -geometry {2} {1} {1//}/thumb{2}_{1/} :::: - ::: 50 100 200

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with:

    $ (wget -O - pi.dk/3 || lynx -source pi.dk/3 || curl pi.dk/3/ || \
       fetch -o - http://pi.dk/3 ) > install.sh
    $ sha1sum install.sh | grep 3374ec53bacb199b245af2dda86df6c9
    12345678 3374ec53 bacb199b 245af2dd a86df6c9
    $ md5sum install.sh | grep 029a9ac06e8b5bc6052eac57b2c3c9ca
    029a9ac0 6e8b5bc6 052eac57 b2c3c9ca
    $ sha512sum install.sh | grep f517006d9897747bed8a4694b1acba1b
    40f53af6 9e20dae5 713ba06c f517006d 9897747b ed8a4694 b1acba1b 1464beb4
    60055629 3f2356f3 3e9c4e3c 76e3f3af a9db4b32 bd33322b 975696fc e6b23cfb
    $ bash install.sh

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your command line will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

23 September, 2020 03:49PM by Ole Tange

September 15, 2020

GNU Taler news

GNU Taler launched at Bern University of Applied Sciences

2020-09: GNU Taler operational at Bern University of Applied Sciences

The GNU Taler payment system was launched at the Bern University of Applied Sciences in the presence of a representative of the Swiss National Bank. Students, staff, faculty and visitors can visit the cafeteria at Höheweg 80 to withdraw the electronic equivalent of Swiss Franks (CHF) onto Taler Wallet App running on their mobile phones and pay at a Taler-enabled snack machine. The system is expected to expand to allow payments at other places in the future. Various faculty members and students are involved various aspects of the project. Students interested in working on projects or theses related to the subject should contact Prof. Grothoff.

15 September, 2020 10:00PM

September 13, 2020

Christopher Allan Webber

Spritely Goblins v0.7 released!

I'm delighted to say that Spritely Goblins v0.7 has been released! This is the first release featuring CapTP support (ie, "capability-secure distributed/networked programming support"), which is a huge milestone for the project!

Okay, caveat... there are still some things missing from the CapTP stuff so far; you can only set up a bidirectional connection between two machines, and can't "introduce" capabilities to other machines on the network. Also setting up connections is an extremely manual process. Both of those should be improved in the next release.

But still! Goblins can now be used to easily write distributed programs! And Goblins' CapTP code even includes such wild features as distributed garbage collection!

As an example (also mentioned in a recent blogpost), I recently wrote a short chat program demo. Both the client and server "protocol" code were less than 250 lines of code, despite having such features as authenticating users during subscription to the chatroom and verifying that messages claimed by the chatroom came from the users it said it did. (The GUI code, by contrast, was a little less than 300 lines.) I wrote this up without writing any network code at all and then tested hooking together two clients over Tor Onion Services using Goblins' CapTP support, and it Just Worked (TM):

Goblins chat GUI demo

What's interesting here is that not a single line of code was added to the backend or GUI to accomodate networking; the host and guest modules merely imported the backend and GUI files completely unchanged and did the network wiring there. Yes, that's what it sounds like: in Goblins you can write distributed asynchronous programs

This is the really significant part of Goblins that's starting to become apparent, and it's all thanks to the brilliant design of CapTP. Goblins continues to stand on the shoulders of giants; thank you to everyone in the ocap community, but especially in this case Michael FIG, Mark S. Miller, Kevin Reid, and Baldur Jóhannsson, all of whom answered an enormous amount of questions (some of them very silly) about CapTP.

There are more people to thank too (too many to list here), and you can see some of them in this monster thread on the captp mailing list which started on May 18th (!!!) as I went through my journey of trying to understand and eventually implement CapTP. I actually started preparing a few weeks before which really means that this journey took me about four and a half months to understand and implement. As it turns out, CapTP is a surprisingly simple protocol protocol in its coneptualization once you understand what it's doing (though implementing it is a bit more complex). I do hope to try to build a guide for others to understand and implement on their own systems... but that will probably wait until Goblins is ported to another language (due to the realative simplicity of the task due to the language similarities, the current plan is to port to Guile next).

Anyway. This is a big deal, a truly exciting moment for goblinkind. If you're excited yourself, maybe join the #spritely channel on irc.freenode.net.

OH! And also, I can't believe I nearly forgot to say this, but if you want to hear more about Spritely in general (not just Goblins), we just released a Spritely-centric episode of FOSS and Crafts. Maybe take a listen!

13 September, 2020 10:20PM by Christopher Lemmer Webber

September 11, 2020

remotecontrol @ Savannah

September 08, 2020

FSF Events

LibrePlanet 2021 CFS office hours

The LibrePlanet call for sessions is open now and will be open until November 20 and we want to hear from you!

Speaking at a conference, and even submitting a proposal, can be intimidating or hard. Luckily, some great, experienced speakers are volunteering their time to help out during the CFS office hours.

Whether you want to propose a talk and want feedback on your idea, proposal wording, talk title, or just advice on how to deal with nerves, there is one more office hour slot scheduled over the next few weeks.

Join #libreplanet on Freenode IRC on any of the following dates:

  • Tuesday, September 15 from 13:00 - 14:00 (EDT)
  • Tuesday, September 22 from 13:00 - 14:00 (EDT)
  • Tuesday, September 29 from 13:00 - 14:00 (EDT)
  • Tuesday, October 06 from 13:00 - 14:00 (EDT)
  • Tuesday, October 13 from 13:00 - 14:00 (EDT)
  • Tuesday, October 20 from 13:00 - 14:00 (EDT)
  • Tuesday, October 27 from 13:00 - 14:00 (EDT)

If you do not have an IRC client, you can log onto Freenode IRC here, and connect to the channel #libreplanet.

If you can't make an office hours meeting, feel free to email campaigns@fsf.org with questions.

08 September, 2020 10:50PM

September 07, 2020

gnuastro @ Savannah

Gnuastro 0.13 released

The 13th release of Gnuastro is now available. See the the full announcement for more.

07 September, 2020 03:21AM by Mohammad Akhlaghi

September 05, 2020

GNUnet News

GNUnet 0.13.3

GNUnet 0.13.3 released

Continuing to "release early / release often", we present GNUnet 0.13.3. This is a bugfix release for gnunet 0.13.2.
It fixes some build issues and contains major changes to the re:claimID API.

Download links

The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A

Note that due to mirror synchronization, not all links might be functional early after the release. For direct access try http://ftp.gnu.org/gnu/gnunet/

Noteworthy changes in 0.13.3 (since 0.13.2)

  • REST:
    • re:claimID attestation API change reflected in endpoint naming.
    • Fix regression in NAMESTORE REST API endpoint processing.
  • RECLAIM: "Attestations" renamed to "Credentials". Credentials are now converted to "Presentations" when a ticket is issued in preparation for DID-style VCs and Privacy-ABCs.
  • UTIL: Fix gnunet-qr device parameter.
  • SET: Separated into set intersection (SETI) and set union subsystems (SETU).
  • BUILD:
    • Fix build on OpenBSD.
    • Correctly check for required libsodium version. #6506

Thanks

This release was the work of many people. The following people contributed code and were thus easily identified: Christian Grothoff, Jonathan Buchanan, Johannes Späth and Martin Schanzenbach.

05 September, 2020 10:00PM