Planet Debian

Subscribe to Planet Debian feed
Planet Debian - https://planet.debian.org/
Updated: 7 min 46 sec ago

Russ Allbery: Review: Skeen's Leap

21 November, 2018 - 11:30

Review: Skeen's Leap, by Jo Clayton

Series: Skeen #1 Publisher: Open Road Copyright: 1986 Printing: 2016 ISBN: 1-5040-3845-2 Format: Kindle Pages: 320

Skeen is a Rooner: a treasure hunter who finds (or steals) artifacts from prior civilizations and sells them to collectors. She's been doing it for decades and she's very good at her job. Good enough to own her own ship. Not good enough to keep from being betrayed by her lover, who stole her ship and abandoned her on a miserable planet with a long history of being temporarily part of various alien empires until its sun flares and wipes out all life for another round.

At the start, Skeen's Leap feels like a gritty space opera, something from Traveller or a similar universe in which the characters try to make a living in the interstices of sprawling and squabbling alien civilizations. But, shortly into the book, Skeen hears rumors of an ancient teleportation gate and is drawn through it into an entirely different world. A world inhabited by the remnants of every civilization that has fled Kildun Aalda during one of its solar flares, alongside native (and hostile) shape-changers. A world in which each of those civilizations have slowly lost their technology from breakdowns and time, leaving a quasi-medieval and diverse world with some odd technological spikes. And, of course, the gate won't let Skeen back through.

This turns out not to be space opera at all. Skeen's Leap is pure sword and sorcery, with technology substituted (mostly) in for the sorcery.

It's not just the setting: the structure of the book would be comfortably at home in a Conan story. Skeen uses her darter pistol and streetwise smarts to stumble into endless short encounters, most of them adding another member to her growing party. She rescues a shapeshifter who doesn't want to be rescued, befriends an adventuring scholar seeking to map the world, steals from an alien mob boss, attaches herself to four surplus brothers looking for something to do in the world, and continues in that vein across the world by horse and ship, searching for the first and near-extinct race of alien refugees who are rumored to have the key to the gate. Along the way, she and her companions occasionally tell stories. Hers are similar to her current adventures, just with spaceships and seedy space stations instead of ships and seedy ports.

Skeen's Leap is told in third person, but most of it is a very tight third-person that barely distinguishes Skeen's rambling and sarcastic thoughts from the narration. It's so very much in Skeen's own voice that I had to check when writing this review whether it was grammatically in first or third. The narrator does wander to other characters occasionally, but Skeen is at the center of this book: practical, avaricious, competent, life-hardened, observant, and always a survivor. The voice takes a bit to get used to (although the lengthy chapter titles in Skeen's voice are a delight from the very start), but it grew on me. I suspect one's feeling about Skeen's voice will make or break one's enjoyment of this book. I do wish she'd stop complaining about her lost ship and the lover who betrayed her, though; an entire book of that got a bit tiresome.

One subtle thing about this book that I found fascinating once I noticed it is its embrace of the female gaze. In most novels, even with female protagonists, descriptions of other characters use a default male gaze, or at best a neutral one. Women are pretty or beautiful or cute; men are described in more functional terms. Skeen's Leap is one of the few SFF novels I've seen with a female gaze that lingers on the attractiveness and shape of male bodies throughout, and occasionally stands gender roles on their head. (The one person in the book who might be Skeen's equal is a female ship captain with a similar background.) It's an entertaining variation.

Despite the voice and the unapologetic female perspective, though, this wasn't quite my thing. I picked up this book looking for a space opera, so the episodic sword-and-sorcery plot structure didn't fit my mood. I wanted deeper revelations and more complex world-building, but that's not on the agenda for this book (although it might be in later books in the series). This is pure adventure story, and by the end of the book the episodes were blending together and it all felt too much the same. It doesn't help that the book ends somewhat abruptly, at a milestone in Skeen's quest but quite far from any conclusion.

If you're looking for sword and sorcery with some SF trappings and a confident female protagonist, this isn't bad, but be warned that it doesn't end so much as stop, and you'll need (at least) the next book for the full story.

Followed by Skeen's Return.

Rating: 6 out of 10

Reproducible builds folks: Reproducible Builds: Weekly report #186

20 November, 2018 - 20:16

Here’s what happened in the Reproducible Builds effort between Sunday November 11 and Saturday November 17 2018:

  • Code review for the LLVM compiler to support the -fmacro-prefix-map argument is currently in progress. Like the -fdebug-prefix-map flag, this argument replaces a string prefix for the FILE pre-processor macro.

  • Kyle Rankin, the Chief Security Officer of Puri.sm authored a blog post entitled “Protecting the Digital Supply Chain” which describes how with Reproducible Builds you can show that no malicious code was injected in software supply chains:

    Think of it like the combination of a food safety inspector and an independent lab that verifies the nutrition claims on a box of cereal all rolled into one.

  • Chris Lamb gave a presentation at the SFScon conference in Bozen, Italy on reproducible builds and how they can prevent developers from becoming targets of various attacks.

  • Holger Levsen updated our website to add the Tor project as a participant at our upcoming Paris Summit. In addition, Bernhard M. Wiedemann applied a sitewide change to use consistent capitalisation for openSUSE [].

  • 38 Debian package reviews were added, 4 were updated and 19 were removed in this week, adding to our knowledge about identified issues. The nondeterminstic_output_in_pkgconfig_files_generated_by_meson was removed as a fix was applied upstream [], and the note for the randomness_in_binaries_generated_by_golang issue was updated. (1, 2)

  • diffoscope is our in-depth “diff-on-steroids” utility which helps us diagnose reproducibility issues in packages. This week, Marius Gedminas provided a patch to add a python_requires field to diffoscope’s setup.py [] and Mattia Rizzolo sorted the list of recommended Python modules in debian/tests/control […].

  • Chris Lamb’s previously-authored patches for GNU mtools to ensure the Debian Installer images could become reproducible which were sent upstream last week (1 & 2) are now available in upstream’s 4.0.20 release.

  • Upstream chromium-70 now builds reproducibly in openSUSE (with a admittedly-normalised build environment) since it uses the Git commit date.

  • Chris Lamb uploaded strip-nondeterminism (our tool to post-process files to remove known non-deterministic output) version 0.45.0-1 to Debian unstable in order that catch invalid ZIP “local” field lengths — we were previously blindly trusting the value supplied in the ZIP file (#803503). As part of this upload he moved the utility to the SemVer versioning scheme.

  • We have received more than 45 registrations for the upcoming Reproducible Builds summit in Paris between 11th—13th December 2018 and have now closed registrations. Very much looking forward to seeing you there!

Packages reviewed and fixed, and bugs filed Test framework development

There were a large number of updates to our Jenkins-based testing framework that powers tests.reproducible-builds.org by Holger Levsen this week, including:

  • Arch Linux-specific changes:

    • Perform some administration on the package blacklists. (1, 2)
    • Improve the documentation of a multi-line sed(1) statement. []
    • Move to using sudo(8) for cleanup tasks. []
  • Debian-specific changes:

  • Misc/generic changes:

    • Ensure all ProfitBricks (amd64 and i386) nodes in Karlsruhe use pb1 as a proxy and all nodes in Frankfurt use pb10. This might have produced some build failures but fixed issues with Squid running in the future. This complements previous work for the arm64 architecture.
    • Filed #913658: (“Broken links on packages pages”)
    • Document that the proxy setting for chroot installs are actually correct. []

In addition, Alexander Couzens provided workaround for an OpenWrt build system bug [], Eli Schwartz refactored our Arch Linux support [] and Mattia Rizzolo performed some node maintenance.

This week’s edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen, Mattia Rizzolo & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Rhonda D'Vine: TDOR 2018

20 November, 2018 - 17:11

Today is Transgender Day Of Remembrance. Today is a black day for trans people around the globe. We mourn the trans folks that aren't amongst us anymore due to hate crime violence against them. Reach out to the trans folks that are part of your life, that you know, ask them if they are in need of emotional support on this day. There are more trans folks getting killed for being trans than there are days in a year. Furthermost black trans women of color. If you feel strong enough you can read about it in this article.

Also, we are facing huge threats for our mere existence all over the world these days. If you follow any social media, check the hashtag #WontBeErased. The US government follows a path of Erasing Gender left and right, which also affects intersex people likewise and manifests the gender binary and gender separation even further, also hurting cis people. Now also in Ontario, Canada, gender identity gets erased, too. And Brazil, where next year's DebConf will be held, which already has the highest trans murders in the world, has elected Bolsonaro, a right wing extremist who is outspokenly gay antagonist and misogynist. And then there is Tanzania which started a hunt for LGBTIQ people. And those reports are only the tip of the iceberg. I definitely missed some other countries shit, like Ukraine (where next year's European Lesbian* Conference is taking place) or Austrian's government being right-winged and cutting the social system left and right so we are in need of Wieder Donnerstag (a weekly Thursday demonstration) again.

I'm currently drafting the announce mail to send out about the creation of the Debian Diversity Team which we finally formed. It is more important than ever to make it clear and visible that discrimination has no place within Debian, and that we in fact are a diverse community. I can understand the wish that it should focus on the visibility and welcoming aspects of the team, and especially to not make it look like it's a reaction to those world events. Which it isn't, this is in the works since two years now. And I totally agree with that. I just have a hard time to not add a solidarity message alongside mentioning that we are aware of the crap that's going on in the world and that we see your pain, and share it. So yes, the team has finally formed, but the announcement mail through debian-devel-announce about it is still pending. And we are in contact with the local team for next year's DebConf and following the news about Brazil to figure out how to make it as safe as possible for attendees, so that fear shouldn't be the guiding factor for you to not attend.

Stay strong, sending you hugs if wanted.

/personal | permanent link | Comments: 0 | Flattr this

Norbert Preining: Gaming: The Witness

20 November, 2018 - 12:47

As mentioned in my last Gaming blog post on Rise of the Tomb Raider, I decided to go for a “brain muscle training” game next, The Witness, a game full of maniac riddles, and no action, no shooting, no running, no jumping. Just solving puzzles.

You are dropped on an uninhabited island with panels that convey some riddles that are solved by tracing a line from the entrance (a round piece of the puzzle) to the exit (most of the time a bit protruding line). The simplest one is below on the left, and in the first stage one only needs to solve maze like riddles like the one on the right.

But soon the riddles add additional items, like colored fields that need to be separated. These new items are normally introduced through a series of riddles that by solving unveil their inner working. None of the rules is written down somewhere, each one has to be learned by solving riddles.

These riddle components are then combined to create more and more complicated ones. The rules are often not that clear an it takes lots of iteration to get a good grip on them.

In the later stages of the game I mostly turned on the game, copied a riddle to paper, and shut it down to solve it on paper, since some of these riddles take considerable time to solve!

The island is divided into 14 areas each of which has its own puzzles. These puzzles are usually connected with wires and solving all of them activates a laser pointing to the central mountain top.

Some parts of the island are only (maybe only initially only) accessible via boat, and the views from the boat ride are really nice.

The areas are somehow and explosion of colors and forms, the buildings are often overgrown by plants, wet lands full of flowers and deserts, everything can be found on this little island, next to each other.

These leaf colors are like straight from an Ishikawa tourist guide book

The last steps of the game are entering into the mountain and solving another huge bunch of very nasty complicated puzzles, until one emerges to the final steps:

Overall a great game I enjoyed a whole let – mostly because I like brain gymnastics. The riddles are well prepared, the steps to learning the rules well thought out, I great piece of entertainment.

There are only two points where I had problems: One were the puzzles depending on colors, which due to my color weakness was a major hurdle.

The other problem was due to my restricted time to play: The game is great if you finish it in short time (my total play time was slightly above 20h). But if you do it like me, once in a while a bit, then again for weeks nothing, one (or at least me) tends to forget the rules of some of the puzzles, and has a hard time re-learning them.

In any case, a great and very recommendable game for those enjoying brain games.

Russ Allbery: Review: Hidden Figures

20 November, 2018 - 11:49

Review: Hidden Figures, by Margot Lee Shetterly

Publisher: William Morrow Copyright: 2016 ISBN: 0-06-236361-1 Format: Kindle Pages: 272

I appreciate the film industry occasionally finding good books that I should read.

As I suspect most people now know from the publicity of the movie, Hidden Figures is the story of the black women mathematicians who performed the calculations that put a man on the Moon. Or at least that's the hook, and the conclusion of the story in a way. But the meat of the story, at least for me, was earlier: the black women who formed the mathematical backbone of NACA, the National Advisory Committee for Aeronautics, and specifically the NACA facility at Langley Research Center in Hampton, Virginia. NACA eventually transformed into NASA and took on a new mission of space exploration, but that comes relatively late in this story.

The story opens in 1943 when Melvin Butler, the personnel officer at the Langley Memorial Aeronautical Laboratory, had a problem: he needed more support staff for NACA's mission to improve US airplane technology. Specifically, he needed mathematicians and computers (at the time, computer was a job title for a person who performed mathematical computations; practical electronic computers were still far in the future). An initially-controversial female computing pool, started at Langley in 1935, had proven incredibly successful, but mathematically-trained white women were in scarce supply. Butler therefore, with support and cover from A. Philip Randolph's successful push for Roosevelt to open war jobs to black candidates, made the decision to start recruiting black women.

Shetterly makes clear how complex and fraught this was. Langley was located in Virginia, a segregated southern state, and while the NAACP had already started opening cracks in the walls of segregation, Brown v. Board of Education was more than ten years into the future. The white female computers were already logistically separated, since no woman could supervise a man. The black women would need to be segregated further, and Butler's recruitment efforts were kept fairly quiet. But wartime necessity opened a lot of doors. And so, West Computing (distinct from the white women in East Computing) was formed, named after its location in Langley's underdeveloped West Area.

Hidden Figures starts with Dorothy Vaughan, the woman who will eventually become the head of West Computing, and later follows threads of connection from her to Katherine Johnson, Mary Jackson, and others who started in West Computing. It also, effectively and memorably, starts by setting the scene through both biographical details of the women's lives and authorial descriptions of the complex tapestry of black colleges and social relationships they came from.

For me, writing this as a white man in 2018 who grew up on the west coast and visited even the modern US South a mere handful of times, it's very hard to get an emotional or visceral sense of what segregation was like, beneath the bones of historical fact. Hidden Figures does the best job of that of any book I have ever read. Shetterly is blunt and unflinching in her descriptions, but also borrows from her biographical subjects a sense of practical determination and persistence that avoids drowning the story in the injustice of US racial politics. Segregation was an obstacle and a constraint these women navigated around, persisted against, suffered through, and occasionally undermined, but it wasn't the point. The point was the work they were doing: the NACA work to develop and then fine-tune military aircraft technology, the post-war work of supersonic research, and finally the space program. Segregation, racism, and sexism was pervasive, but at the same time they were just injustices that got in the way of what their true life's work. That core of determined joy in the work is what makes this book sing, and outlines a path towards hope.

That this is Shetterly's first book is extremely impressive. She has a confident grasp of her material, full control over a complicated interweaving of timelines and biographies of multiple women, and an ability to describe both cultural institutions and engineering work in a way that holds a reader's attention and interest. This is tricky material for a book because, while these women's lives are dramatic, it's a drama of careful work, slow progress, persistence, and carefully-chosen defiance. (I will always remember the story of Miriam Mann taking the "COLORED COMPUTERS" sign off the lunch table each day and making it disappear into her purse, until whoever was responsible for placing it finally gave up and stopped.) The dramatic beats don't follow a normal plot structure. But Shetterly handles this magnificently for most of the book, keeping the pacing fast enough to remain engrossing but slow enough to communicate the underlying reality and sense of place.

The one mild criticism I have of the book is that once it enters the NASA era and the challenge of the space program, I thought Shetterly started forcing her dramatic beats just a touch. I think she was trying to build to a climactic payoff and emphasizing the inherent drama of the Moon landing to do so, but it felt in a few places like she was trying too hard and not letting the story carry itself. This was at the same time as a huge transition from performing calculations themselves to learning to program computers, and I would have loved for Shetterly to dwell a bit more on that, but she rarely got into the details of the day-to-day work. That quibble aside, though, the story is compelling and fascinating to the very end.

Shetterly also pulls off a very advanced technique that I would not recommend other writers try: the whole story is told using the language of the time. Black people are Negros, women are girls, and the very language of the book rolls back decades of social progress. This was done carefully and exceptionally well, and for me it did a lot to communicate the visceral feel of the time (and to drive home just how much society has changed in at least the level of condescension and contempt that can be openly stated). I was surprised at how much the pervasive use of "girls" made my skin crawl, and how clearly and succinctly it communicated the struggle of the computers to be taken seriously as mathematicians and engineers.

I have not watched the movie version of Hidden Figures and probably won't, although I hear it's very good. But for others like me who prefer words over images, I can confirm that the book is excellent. It's not just a valuable history at the cross-section of aviation, computing, racial politics, and gender politics. It's also an illuminating and compelling case study on the effects of institutional racism and sexism, on how black women maneuvered through those restrictions, and on the persistence, determination, and patience required for social change.

Recommended. This is a piece of American history that you don't want to miss.

Rating: 8 out of 10

Mike Gabriel: Development Setup: Ubuntu MATE 19.04 + Ayatana Indicators

20 November, 2018 - 06:33

This is a quick HowTo that shows how to setup a Ubuntu MATE 19.04 development setup in which Ubuntu System Indicators [1] get replaced by Ayatana System Indicators [1].

The current development strategy is to use nightly DEB packages provided by the Arctica Project and Ayatana Indicators upstream on top of Ubuntu MATE 19.04 and see what details still require work.

Preparing Ubuntu MATE 19.04 development setup

First step is to download a Ubuntu MATE 18.10 (aka cosmic) ISO image and install Ubuntu MATE 18.10 into a test environment (e.g. a virtual machine).

Then edit /etc/apt/sources.list and replace all occurrences of cosmic by disco.

Then update all lists of available packages and upgrade the system to the current development state of Ubuntu MATE 19.04:

$ sudo apt update
$ sudo apt upgrade
$ sudo apt dist-upgrade

It may be required that you run several upgrade and dist-upgrade iterations, because it may occur that not all packages upgrade cleanly (this is normal during development cycles).

Adding Nightly Builds of the Arctica Project's DEB Package Archive

Add a new file /etc/apt/sources.list.d/ayatana-indicators.list and put this content into it:

deb http://packages.arctica-project.org/ubuntu-nighty disco main
deb http://packages.arctica-project.org/ubuntu-extras disco main

The Release files of the Ubuntu Nightly Builds Archive has been signed by GnuPG Key 0xA8680F5598DE3101:

pub   rsa4096 2015-09-14 [SC] [expires: 2019-08-25]
      7A49 CD37 EBAE 2501 B9B4  F7EA A868 0F55 98DE 3101
uid           [ unknown] ArcticaProject PkgMaster <pkgmaster@arctica-project.org>
sub   rsa4096 2015-09-14 [E] [expires: 2019-08-25]

You can import this key into your APT keyring by this command line:

$ sudo wget -qO - http://packages.arctica-project.org/archive.key | sudo apt-key add -

Important: As we always want to prefer packages from packages.arctica-project.org even if a newer version of that package is in Ubuntu, we need to pin packages from that APT repository:

Package: *
Pin: release o=ArcticaProject
Pin-Priority: 1001

Place the above config snippet into /etc/apt/preferences.d/arctica.

When done, update your package lists once more:

$ sudo apt update
Replacing Slick Greeter by Arctica Greeter

You can simply exchange Slick Greeter as used in Ubuntu MATE 18.10 by Arctica Greeter:

$ sudo apt install arctica-greeter
$ sudo apt remove --purge slick-greeter

From a text console (TTY 1-6), restart LightDM to make the switch-over complete:

$ sudo invoke-rc.d lightdm restart

Todos for Arctica Greeter:

  • Add an Arctica Greeter theme for Ubuntu
  • Work on date & time system indicator
  • Work on sound indicator
  • Work on keyboard indicator or replace by fcitx
  • Better understand when Arctica Greeter kicks in as lock screen
  • Beautify Arctica Greeter's default theme
  • Improve remote logon support (e.g. session type chooser)
Switching over to Ayatana-Indicator-aware MATE Indicator Applet

At first, install mate-indicator-applet from Arctica Project's Ubuntu Extras archive area.

$ sudo apt install mate-indicator-applet

Then remove all Ubuntu Indicators packages from the system:

$ sudo dpkg --purge `dpkg -l "indicator-*" | grep indicator | awk '{print $2}'`
Installing Ayatana System Indicators

Then install system indicators from Ayatana Indicators project by executing:

$ sudo apt install ayatana-indicator-<name>
Known to work well
  • ayatana-indicator-application
  • ayatana-indicator-session
  • ayatana-indicator-power
  • ayatana-indicator-notifications
Known to work sort of
  • ayatana-indicator-printers (needs more testing)
  • ayatana-indicator-systemtray (needs quite some coding)
  • ayatana-indicator-datetime (calendar widget not shown)
Still FTBFS'ing
  • ayatana-indicator-sound (packaging problem, needs some work)
  • ayatana-indicator-keyboard (not yet fully ported)
  • ayatana-indicator-display (undecided, if we should ship this)
Installing AppIndicator based Applications

The ayatana-indicator-application system indicator acts as a SNI (StatusNotifier DBus Interface) provider and applications supporting the AppIndicator based SNI DBus API can send their systray icon and menu to it.

This means, that you can run all sorts of variants of SNI capable applications on top of the application indicator. They can be linked against the new libayatana-appindicator, the older libappindicator or any other library or module providing SNI API support.

Some AppIndicator based applications that are nice to test:

  • Package: variety
  • Package: gtk-redshift
  • Package: nm-applet

To avoid a clash of SNI DBus providers, make sure that you have the package indicator-application removed from the system.

References

Urvika Gola: Attending ReactConf’18 in Henderson, Nevada

19 November, 2018 - 19:42

I recently attended React Conf hosted in Henderson, Nevada. The conference was very well put up at The Westin Lake Las Vegas and had this veryyy amazing view.

View from the conference venue – The Westin Lake Las Vegas Resort

The conference started keynote by people who were working on the React Core team at Facebook. The very first keynote was “React today and tomorrow” where they talked about popularity of React – how npm downloads are going up and installation of chrome react dev tools are increasing!

React.lazy was announced recently. React.lazy helps to lazy load the components (components let you split the UI into independent reusable pieces and think about each piece in isolation) without breaking the internet!

To build great UIs using React, a few common factors are generally considered:-
-Suspense – Simplifying hard things, Idea about data fetching, code splitting, async data dependencies.
-Performance – Time Slicing, making sure that important components are rendered first.
-Developer tooling – for developers to debug and understand their app for example, by providing developer friendly warnings

Now with React DevTools extension one can inspect and debug trees and Profiler helps in understanding what’s going on internally with the application.

They also talked about the downside of React such as:-
-Reusing logic – the logic is split across different life cycles, classes, which are apparently difficult both for humans and machines.
-Giant components.

These are not separate problems but symptoms of one problem and the problem is react does not provide simple light weight stateful primitive simpler than a class component.

The sessions also talked about Declarative Animation, a declarative API – Pose which seemed really cool to implement. To differentiate a Declarative and Imperative code could be somewhat understood as:-

Declarative code is quite descriptive, it’s often an abstraction. In Imperative code understanding what something is doing is same as understanding what something is doing, step by step logic. If you want to make any contribution towards an imperative codebase, you would need to understand how different components are wired up.

Sooo. What’s new in v2?
-Support for PostCSS, previously there was only autoprefixer, which wouldn’t compile new CSS features but now you could use modern CSS features without worrying about legacy browser support.
-Added Babel Macros – Can be used to import graphQL files which in turn could be transformed for Apollo to consume at runtime. Can use relay Modern, it will run the relay compiler against GraphQL files. Import MDX as a JSX component and can be run in the application.
-Sass support and CSS Modules and a lot more!  – https://reactjs.org/blog/2018/10/01/create-react-app-v2.html

Day 2 of React Conf, started with talking about how performance is integral to UX. Code Splitting, a concept were instead of sending the whole code in the initial payload, we send what’s needed to render the first screen and later, lazily loading the rest based on subsequent navigation. A most common problem while implementing code splitting can be ‘what do you display to the user if the view hasn’t finished loading?’ Maybe a spinner, loader, placeholder…?? But lot of these degrades the UX. Then came Concurrent React into the picture, Concurrent React can work on multiple tasks at a time and switch between them according to priority. Concurrent React can partially render a tree without committing the result and does not block the main thread.

Two major components of Concurrent React.
-Time-slicing
-Suspense

Let’s consider a scenario in Synchronous React, if any user event triggers in between the execution of the existing thread, it will wait for the rendering to get completed in a single uninterrupted block. Whereas, in Concurrent React, React is going to pause the current render, switch to complete the user blocking task and resume. So basically, Concurrent React is non blocking, so you can render large amount of data without getting blocked.

Later, learnt about SVG in my favorite talk! –https://twitter.com/UrvikaGola/status/1055878157830504448.
i.e Scalable Vector Graphics Instruction on how to draw an image in a markup file.
but…why use SVG?
Scalable – Scales from small to big without loss of fidelity.
Vector based image – File size is smaller as compared to others.
Modifiable – Change with CSS and JS.

In React world, to use SVG inline can be done by:-
-Importing as a react component. (No HTTP requests cos you are not calling the image)
– Convert to JSX (No HTTP requests as well but difficult to update the SVG design)

Apart from all the technical learning there were outdoor activities like paddle boarding organized for conference attendees, board games, lawn games & karaoke etccc!

In the end, a big Thanks to React Conf Team and Facebook for the opportunity – learnt a lot about React, met some great developers and explored a new State!

 

Rodrigo Siqueira: An attempt to create a local Kernel community

19 November, 2018 - 09:00
An attempt to create a local Kernel community

Since the day I had my first class of Operating Systems (OS) in my engineering course, I got passionate about it; for me, OS represents one of the greatest achievements of mankind. As a result of my delight for OS, I always tried to gravitate around this field, but my school environment did not provide me with many opportunities to get into the area. To summarize this long journey, I will jump directly into the main point, on November 15 of 2017, I joined to a conference named Linuxdev-br [1] which brought together some of the best Brazilians Kernel developers. I took this opportunity to learn everything that I could by asking lots of questions to developers. Additionally, I was lucky to meet Gustavo Padovan. He helped me a lot during my first steps in the Linux Kernel.

From November 2017 until now, I did the best I could to become a Kernel developer, and I have to admit that the path was very complicated. I paid the price to work from 8 AM to 11 PM, from Sunday to Sunday, to maintain my efforts in my master and the Linux Kernel at the same time; unfortunately, I could not stay focused only in the Kernel. However, all of these efforts were paid off along the year; I had many patches accepted in the Kernel, I joined the Google Summer of Code (GSoC), I traveled to conferences, I returned to Linuxdev-br 2018 as a speaker, I joined XDC2018 [2], and many other good things happened.

Now I am close to complete one year of Linux Kernel, and one question still bugs me: why does it have to be so hard for someone in a similar condition to become part of this world? I realized that I had great support from many people (especially from my sweet and calm wife) and I also pushed myself very hard. Now, I feel that it is time to start giving back something to society; as a result, I began to promote some small events about free software in the university and the city I live. However, my main project related to this started around two months ago with six undergraduate students at the University of Sao Paulo, IME [3]. My plan is simple: train all of these six students to contribute to the Linux Kernel with the intention to help them to create a local group of Kernel developers. I am excited about this project! I noticed that within a few weeks of mentoring the students they already learned lots of things, and in a few days, they will send out their contributions to the Kernel. I want to write a new post about that in December 2018, reporting the results of this new tiny project and the summary of this one year of Linux Kernel. See you soon :)

Reference
  1. linuxdev-br
  2. XDC 2018
  3. IME USP

Dirk Eddelbuettel: RcppMsgPack 0.2.3

19 November, 2018 - 05:32

Another maintenance release of RcppMsgPack got onto CRAN today. Two new helper functions were added and not unlike the previous 0.2.2 release in, some additional changes are internal and should allow compilation on all CRAN systems.

MessagePack itself is an efficient binary serialization format. It lets you exchange data among multiple languages like JSON. But it is faster and smaller. Small integers are encoded into a single byte, and typical short strings require only one extra byte in addition to the strings themselves. RcppMsgPack brings both the C++ headers of MessagePack as well as clever code (in both R and C++) Travers wrote to access MsgPack-encoded objects directly from R.

Changes in version 0.2.3 (2018-11-18)
  • New functions msgpack_read and msgpack_write for efficient direct access to MessagePackage content from files (#13).

  • Several internal code polishes to smooth compilation (#14 and #15).

Courtesy of CRANberries, there is also a diffstat report for this release.

More information is on the RcppRedis page. Issues and bugreports should go to the GitHub issue tracker.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Lars Wirzenius: Retiring from Debian

18 November, 2018 - 23:59

I've started the process of retiring from Debian. Again. This will be my third time. It'll take a little while I take care of things to do this cleanly: uploading packages to set Maintainer to QA, removing myself from Plant Debian, sending the retirement email to -private, etc.

I've had a rough year, and Debian has also stopped being fun for me. There's a number of Debian people saying and doing things that I find disagreeable, and the process of developing Debian is not nearly as nice as it could be. There's way too much friction pretty much everywhere.

For example, when a package maintainer uploads a package, the package goes into an upload queue. The upload queue gets processed every few minutes, and the packages get moved into an incoming queue. The incoming queue gets processed every fifteen minutes, and packages get imported into the master archive. Changes to the master archive get pushed to main mirrors every six hours. Websites like lintian.debian.org, the package tracker, and the Ultimate Debian Database get updated at time. (Or their updates get triggered, but it might take longer for the update to actually happen. Who knows. There's almost no transparency.)

The developer gets notified, by email, when the upload queue gets processed, and when the incoming queue gets processed. If they want to see current status on the websites (to see if the upload fixed a problem, for example), they may have to wait for many more hours, possibly even a couple of days.

This was fine in the 1990s. It's not fine anymore.

That's not why I'm retiring. I'm just tired. I'm tired of dragging myself through high-friction Debian processes to do anything. I'm tired of people who should know better tearing open old wounds. I'm tired of all the unconstructive and aggressive whinging, from Debian contributors and users alike. I'm tired of trying to make things better and running into walls of negativity. (I realise I'm not being the most constructive with this blog post and with my retirement. I'm tired.)

I wish everyone else a good time making Debian better, however. Or whatever else they may be doing. I'll probably be back. I always have been, when I've retired before.

Craig Small: Another ActivityPub quirk

18 November, 2018 - 05:44

I’m wondering now if the problem with the activitypub is because the user object was already in the remote site and somehow the two were not being linked up properly.

Removing the user information off the mastodn instance may help, or not.

Craig Small: activitypub 4

18 November, 2018 - 05:13

4th attempt at getitng the linking working, works ok on the test site now!

Lisandro Damián Nicanor Pérez Meyer: Using libgps instead of libQgpsmm within a Qt application

18 November, 2018 - 02:12
I was in need of creating a Qt application using current Debian stable (Stretch) and gpsd. I could have used libQgpsmm which creates a QTcpSocket for stablishing the connection to the gpsd daemon. But then I hit an issue: libQgpsmm was switched to Qt 5 after the Strech release, namely in gpsd 3.17-4. And I'm using Qt 5.

So the next thing to do is to use libgps itself, which is written in C. In this case one needs to call gps_open() to open a connection, gps_stream() to ask for the needed stream... and use gps_waiting() to poll the socket for data.

gps_waiting() checks for data for a maximum of time specified in it's parameters. That means I would need to create a QTimer and poll it to get the data. Poll it fast enough for the application to be responsive, but not too excessively to avoid useless CPU cycles.

I did not like this idea, so I started digging gpsd's code until I found that it exposes the socket it uses in it's base struct, struct gps_data_t's gps_fd. So the next step was to set up a QSocketNotifier around it, and use it's activated() signal.

So (very) basically:

// Class private:
struct gps_data_t mGpsData;
QSocketNotifier * mNotifier;

// In the implementation:
result = gps_open("localhost", DEFAULT_GPSD_PORT, &mGpsData);
// [...check result status...]

result = gps_stream(&mGPSData,WATCH_ENABLE|WATCH_JSON, NULL);
// [...check result status...]

//  Set up the QSocketNotifier instance.
mNotifier = new QSocketNotifier(mGpsData.gps_fd, QSocketNotifier::Read, this); 

connect(mNotifier, &QSocketNotifier::activated, this, &MyGps::readData);

And of course, calling gps_read(&mGpsData) in MyGps::readData(). With this every time there is activity on the socket readData() will be called, an no need to set up a timer anymore.

Dirk Eddelbuettel: RcppGetconf 0.0.3

17 November, 2018 - 07:23

A second and minor update for the RcppGetconf package for reading system configuration — not unlike getconf from the libc library — is now on CRAN.

Changes are minor. We avoid an error on a long-dead operating system cherished in one particular corner of the CRAN world. In doing so some files were updated so that dynamically loaded routines are now registered too.

The short list of changes in this release follows:

Changes in inline version 0.0.3 (2018-11-16)
  • Examples no longer run on Solaris where they appear to fail.

Courtesy of CRANberries, there is a diffstat report. More about the package is at the local RcppGetconf page and the GitHub repo.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Shirish Agarwal: How to measure learning outcomes ? The learner and the Cynic

16 November, 2018 - 22:38

I have been having a series of strange dreams for few days now. I had seen a bollywood movie called Sui-Dhaaga few days back .

The story is an improbable, semi-plausible story of a person, couple, no a community’s search for self-respect and dignity in labor. While the clothes shown in the movie at the fashion show
were shown to be made by them, the styles seemed pretty much reminiscent of the materials and styles used by National Institute of Design.

One of the first dreams I had were of being in some sort of bare foot Design school which is/was interdisciplinary in nature. I am the bored guy who is there because he has no other skills and have been pressured by parents and well-wishers to do the course and even failed in that. I have been observing a guy who is always cleaner than the rest of us, always has a smile on his face and is content and enjoys working with cloth, whether it is tailoring or anything and everything to do with cloth. The material used is organic handspun Khadi which is mixed with silk to lose the coarseness and harshness that handspun Khadi has but using the least of chemicals and additives and is being sold at very low prices so that even a poor person can afford it.

This in reality is still a distant dream.

Anyways, with that as a backgrounder to the story, one day there is a class picnic/short travel. Because the picnic is ‘free’ i.e. paid by the Institute , almost everybody else except the gentleman who is always smiling and content agrees and wants to go to the picnic. The gentleman asks that he would prefer to be there in the classroom, studying and working with the cloth.

The lone teacher/management is in a fix. While he knows the student and doesn’t question his sincerity he is in a fix because the whole class/school is going for the picnic and there are expensive machines, material lying around. Even the watchmen want to be on the picnic and the teacher/management doesn’t have the heart to say no to them.

He asks in a sort of dejected voice if somebody wants to stay behind with him. A part of me wants to go to the picnic, a part of me wants to stay behind and if possible learn about the person’s mystery of his smile and contentedness.

After awaiting appropriate time and teacher asking couple of times, I take on a bored, resigned tone and volunteer to stay behind, provided I get some of the sweets and any clothes or whatever is distributed.

The next day, I wear one of my lesser shabbier clothes and go to school and find him near the gates of the school, at a nearby chai shop/tapri. He asks me how I am and asks if I would like to eat and drink something. I quickly order 3-4 items and after a fullish breakfast ended by a sweet masala chai we go to the school.

The ‘school’ is nothing but a two rooms with two adjacent toilets, one for men, one for women. The school is probably 500 meters squarish spaced with one corner for embroidery works, one corner for dyeing works, one corner for handspunning khadi and one corner which has tailoring machines. Just last year we had painted the walls of the school using organic colors and the year before we had some students come in who helped us in having more natural light and air to the school.

We also had a new/old water pump which after a long fight with the local councillor we had been able to get and got running water of sorts. We went to the loo, washed our hands, faces, cracked a few jokes and then using the heavy iron key chain which had multiple keys, opened the front door and we went in. He going to his seat, while I going to mine. As always, he’s fully absorbed, immersed in his work.

After waiting for half an hour to an hour, I announced that I’m going to take a leak and have water. He agreed to join me and we had a short break. After coming back, I sat a little across him and asked if I could ask him a few questions. Without missing a beat, he said sure. I asked him a few probing questions as to who he was, who else was in his family, what he used to do before enrolling here.

Slowly but surely, he teased out the answers sharing that while he had been a successful person and had money (he actually said ‘entrepreneur’ but my dream self couldn’t make out what it was) and while he had money saved, his wife was supporting him in this venture as she was good at Maths (a ‘statistician’ which again my dream self was oblivious was all about) and apart from learning about clothes, how they are made etc. something which he always enjoyed but which was discouraged in his house. They were working on a book about ‘learning outcomes’ (which again my dream self knew nothing about, but when he said he would be sharing stories about me and my class-mates I was excited and apprehensive at the same time.) He assured it would be nothing bad.

I asked him in my innocence as to why such a book was necessary because in my world-view we were doing nothing exciting about a school where most of us were learning in the hopes that with the skills we would somehow be able to eke out a living. Looking at the bleakness of the background of the people around me, I didn’t think there was anything worth writing about. I had learnt about writers who were given money to write about fairy tales and even had got a comic book or two with bright colors and pictures. When I asked him if it was going to be something similar to that book, he replied in the negative . He shared that they were in-fact were going to self-publish the book as the book was going to be ‘controversial’ in nature. While my dream self didn’t understand what ‘controversial was all about but was concerned when he explained that they would be putting up their own money to bring out the book. I felt this was foolishness as nobody I knew would spent money to print a book which didn’t have pictures and it was not also a fantasy like about a hero battling dragons and such.

At this moment, my dream ended. For those who had been working in the education sector I’m sure they would be having a laugh on almost all the aspects of the dream/story. ‘Learning outcomes’ has never been a serious consideration by either the Government of the day or previous Governments. Teachers are the most lowly paid staff in the Government machinery. Most of them who enter the profession, do it out of not being able to get a job any other way and are also not obsessed by the subject/s they teach. They somehow want to make ends meet. The less said of the ‘no detention’ policy of the Government, the better. Even the Government doesn’t believe the stats trouted by its own people but instead on ASER made by Pratham although the present Government has reversed it as it wants to show they have been doing the best job in field of education.

Daniel Lange: Frustrating spammers

16 November, 2018 - 16:31

Sometimes tiny things make my day at 9am already.

That spammer got frustrated because none of his bots would get comments pasted to my blog:

Greetings to Cambodia.

BTW: Mikrotik RouterOS 6.41, CVE-2018-7445. RCE unpatched for 9+ months.

Rapha&#235;l Hertzog: Freexian’s report about Debian Long Term Support, October 2018

15 November, 2018 - 21:36

Like each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In October, about 209 work hours have been dispatched among 13 paid contributors. Their reports are available:

  • Abhijith PA did 1 hour (out of 10 hours allocated + 4 extra hours, thus keeping 13 extra hours for November).
  • Antoine Beaupré did 24 hours (out of 24 hours allocated).
  • Ben Hutchings did 19 hours (out of 15 hours allocated + 4 extra hours).
  • Chris Lamb did 18 hours (out of 18 hours allocated).
  • Emilio Pozuelo Monfort did 12 hours (out of 30 hours allocated + 29.25 extra hours, thus keeping 47.25 extra hours for November).
  • Holger Levsen did 1 hour (out of 8 hours allocated + 19.5 extra hours, but he gave back the remaining hours due to his new role, see below).
  • Hugo Lefeuvre did 10 hours (out of 10 hours allocated).
  • Markus Koschany did 30 hours (out of 30 hours allocated).
  • Mike Gabriel did 4 hours (out of 8 hours allocated, thus keeping 4 extra hours for November).
  • Ola Lundqvist did 4 hours (out of 8 hours allocated + 8 extra hours, but gave back 4 hours, thus keeping 8 extra hours for November).
  • Roberto C. Sanchez did 15.5 hours (out of 18 hours allocated, thus keeping 2.5 extra hours for November).
  • Santiago Ruano Rincón did 10 hours (out of 28 extra hours, thus keeping 18 extra hours for November).
  • Thorsten Alteholz did 30 hours (out of 30 hours allocated).
Evolution of the situation

In November we are welcoming Brian May and Lucas Kanashiro back as contributors after they took some break from this work.

Holger Levsen is stepping down as LTS contributor but is taking over the role of LTS coordinator that was solely under the responsibility of Raphaël Hertzog up to now. Raphaël continues to handle the administrative side, but Holger will coordinate the LTS contributors ensuring that the work is done and that it is well done.

The number of sponsored hours increased to 212 hours per month, we gained a new sponsor (that shall not be named since they don’t want to be publicly listed).

The security tracker currently lists 27 packages with a known CVE and the dla-needed.txt file has 27 packages needing an update.

Thanks to our sponsors

New sponsors are in bold.

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

Dirk Eddelbuettel: Rcpp now used by 1500 CRAN packages

15 November, 2018 - 18:44

Right now Rcpp stands at 1500 reverse-dependencies on CRAN. The graph is on the left depicts the growth of Rcpp usage (as measured by Depends, Imports and LinkingTo, but excluding Suggests) over time. What an amazing few days this has been as we also just marked the tenth anniversary and the big one dot oh release.

Rcpp cleared 300 packages in November 2014. It passed 400 packages in June 2015 (when I only tweeted about it), 500 packages in late October 2015, 600 packages in March 2016, 700 packages last July 2016, 800 packages last October 2016, 900 packages early January 2017,
1000 packages in April 2017, and 1250 packages in November 2018. The chart extends to the very beginning via manually compiled data from CRANberries and checked with crandb. The next part uses manually saved entries. The core (and by far largest) part of the data set was generated semi-automatically via a short script appending updates to a small file-based backend. A list of packages using Rcpp is kept on this page.

Also displayed in the graph is the relative proportion of CRAN packages using Rcpp. The four per-cent hurdle was cleared just before useR! 2014 where I showed a similar graph (as two distinct graphs) in my invited talk. We passed five percent in December of 2014, six percent July of 2015, seven percent just before Christmas 2015, eight percent last summer, nine percent mid-December 2016, cracked ten percent in the summer of 2017 and eleven percent this year. We are currently at 11.199 percent or just over one in nine packages. There is more detail in the chart: how CRAN seems to be pushing back more and removing more aggressively (which my CRANberries tracks but not in as much detail as it could), how the growth of Rcpp seems to be slowing somewhat outright and even more so as a proportion of CRAN – just like every growth curve should, eventually. But we leave all that for another time.

1500 user packages is pretty mind-boggling. We can use the progression of CRAN itself compiled by Henrik in a series of posts and emails to the main development mailing list. Not that long ago CRAN itself did not have 1500 packages, and here we are at almost 13400 with Rcpp at 11.2% and still growing (albeit slightly more slowly). Amazeballs.

This puts a whole lot of responsibility on us in the Rcpp team as we continue to keep Rcpp as performant and reliable as it has been.

And with that, and as always, a very big Thank You! to all users and contributors of Rcpp for help, suggestions, bug reports, documentation or, of course, code.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Sven Hoexter: docker and exec permissions

15 November, 2018 - 05:53
# docker version|grep Version
Version:      18.03.1-ce
Version:      18.03.1-ce

# cat Dockerfile
FROM alpine
RUN addgroup service && adduser -S service -G service
COPY --chown=root:root debug.sh /opt/debug.sh
RUN chmod 544 /opt/debug.sh
USER service
ENTRYPOINT ["/opt/debug.sh"]

# cat debug.sh
#!/bin/sh
ls -l /opt/debug.sh
whoami

# docker build -t foobar:latest .; docker run foobar
Sending build context to Docker daemon   5.12kB
[...]
Sucessfully built 41c8b99a6371
Successfully tagged foobar:latest
-r-xr--r--    1 root     root            37 Nov 14 22:42 /opt/debug.sh
service

# docker version|grep Version
Version:           18.09.0
Version:          18.09.0

# docker run foobar
standard_init_linux.go:190: exec user process caused "permission denied"

That changed with 18.06 and just uncovered some issues. I was, well let's say "surprised", that this ever worked at all. Other sets of perms like 0700 or 644 already failed with different error message on docker 18.03.1.

Steinar H. Gunderson: Visiting London

14 November, 2018 - 20:42

I'm visiting London the rest of the week (November 14th–18th) to watch match 5 and 6 of the Chess World Championship. If you're in the vicinity and want to say hi, drop me a note. :-)

Pages

Creative Commons License ลิขสิทธิ์ของบทความเป็นของเจ้าของบทความแต่ละชิ้น
ผลงานนี้ ใช้สัญญาอนุญาตของครีเอทีฟคอมมอนส์แบบ แสดงที่มา-อนุญาตแบบเดียวกัน 3.0 ที่ยังไม่ได้ปรับแก้