Paul Wise: DebCamp16 day 8

Planet Debian - Sat, 02/07/2016 - 07:21

Apply wget security update to mentors.debian.net. Poke the DebConf video team about archiving the one Debian & stuff podcast episode. Discuss exclusion, privilege & DebConf. Usual spam reporting. Review wiki RecentChanges. Fix some typos from RecentChanges. File Debian wishlist bug #829177 against bugs.debian.org. Mention the recent post about breaking Android full-disk encryption on the exploits Debian wiki page. Answer questions about recommended build configuration for chromium-bsu from the maintainer of it in FreeBSD. Mention that HTML SRI could help secure initial Debian downloads. File Debian bug #829199 against file and add workaround in derivatives census. Report broken boss-gnome source package to BOSSLinux folks on IRC. Delete and re-download Parsix apt folder to stop hash sum mismatches. File Debian minor/wishlist bugs #829209/#829211/#829212 against cypher-lint. Add a porterbox guest account for one of the RTC GSoC students. Extend the expiry of another guest account. Direct query about the excuses HTML to the release team. File Debian bug #829241 against fonts-play. Discuss accessibility, life, the universe and rakia.

Categories: Elsewhere

Russ Allbery: Review: Ashes of Honor

Planet Debian - Sat, 02/07/2016 - 06:05

Review: Ashes of Honor, by Seanan McGuire

Series: October Daye #6 Publisher: DAW Copyright: September 2012 ISBN: 1-101-59480-2 Format: Kindle Pages: 368

This is the sixth book in the October Daye series, contains payoffs for some relationships that have been building over the whole series, and involves entangled politics set up by previous books. It's not the place to start with the series.

Ashes of Honor starts, as so many of Toby's books do, with a friend asking her for help. But this request is entirely unexpected, and the help needed comes as a complete surprise: a previously unknown changeling, who has disappeared. A changeling whose powers are completely out of control, and who poses a threat to reality itself.

As Toby's cases go, this involves a lot fewer horrible things happening to her and a lot more faerie politics and maneuvering than usual. I appreciated that; I'm not as fond of the books that go deep into despair or desperation. It does involve Toby getting almost killed multiple times, but, due to earlier events of the series, that isn't quite as bad as it used to be. More focus on investigation and political maneuvering and less Toby braving her way through horrors works for me.

Even more notably, this book marks Toby finally figuring out that she has friends and allies who are there to help, not just be obligations she feels overwhelmed by or aid that she's not allowed to accept. This was one of her most frustrating characteristics; it's a relief to see her finally relax. This opens the way not only for deeper friendships and more complex plots but also a relationship that I've been awaiting for the entire series, and it's as much fun as I was hoping it would be. Toby started the series rather messed up and unwilling to let anyone close. It was for understandable reasons, but I like her better when she realizes why people respect her.

Toby's connections with the royalty of the Bay Area also allow McGuire to tell a political story that moves farther afield from the Shadowed Hills. First in One Salt Sea and now in Ashes of Honor we see more of local politics, more of the lore of McGuire's universe, and another dangerous queen. Toby is particularly fun when she's dangerously outflanking people with considerably more power than she has. At this point, you could call it a specialty. I thought McGuire's take on San Jose and the sort of person who would be in charge of its fae was on point.

We also get more of the Luidaeg, which is always a good sign for a Toby novel, and more of Tybalt, who is entangled in a major subplot of the story. Next to Luidaeg, Tybalt is my favorite of Toby's friends, so this book is full of the things that make me happy. McGuire adds some more pieces to her transplanted Celtic mythology and some tantalizing hints of what the fae have left behind. I'm hoping we see more of that in future books. (I suspect that may be what this whole series is building up to.)

The story doesn't have quite as much oomph as One Salt Sea, but it's still one of the best books in the series so far. If you've enjoyed the series up to this point, keep reading.

Followed by Chimes at Midnight.

Rating: 8 out of 10

Categories: Elsewhere

DrupalCon News: The more exciting world of core contributions

Planet Drupal - Fri, 01/07/2016 - 23:24

The Core Conversations track is a place for sessions that spark discussion, open questions, and form the base for an ongoing development in the Drupal core space. We’d like to offer all accepted sessions some help facilitating or moderating discussion. The session could be a debate style panel, or a more traditional presentation.

Categories: Elsewhere

Thorsten Alteholz: My Debian Activities in June 2016

Planet Debian - Fri, 01/07/2016 - 22:45

FTP assistant

This month I marked 233 packages for accept and rejected 29. I also sent 11 emails to maintainers asking questions. Currently there are 33 packages in NEW and the minimum this week has been as low as 24 packages. Come on you fellow developers, where are your packages? I am sure you can do better .

Debian LTS

This was my twenty-fourth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 18.75h. This resulted in patches for 13 CVEs and the following uploads:

  • [DLA 522-1] python2.7 security update
  • [DLA 533-1] php5 security update
  • [DLA 534-1] libgd2 security update
  • [DLA 536-1] wget security update

I also looked at mxml and libstruts1.2-java and marked CVEs for these packages as “no-dsa”. I also reviewed a patch of Salvatore for an embargoed CVE of xerces-c. Last but not least I looked at the remaining two CVEs for asterisk, but was not really able to create working patches …

This month I called again for testing php5. Thanks a lot to Stefan and anybody else who sent in their reports! As there are already new CVEs for php5 available, I am afraid I need your support again in July …

This month I also had another term of frontdesk work and answered questions or looked for CVEs that are important for Wheezy LTS or could be ignored.

Other stuff

I made some progress with the Alljoyn framework. Up to now the following packages are available:

  • alljoyn-core-1504
  • alljoyn-core-1509
  • alljoyn-core-1604
  • alljoyn-gateway-1504
  • alljoyn-services-1504
  • alljoyn-services-1509
  • alljoyn-thin-client-1504
  • alljoyn-thin-client-1509
  • alljoyn-thin-client-1604
  • duktape

Unfortunately as some of those modules still need to be released in current versions, there are some gaps.

Anyway, the next uploads will include an XMPP connector, to basically bridge a local AllJoyn bus to a remote AllJoyn bus over XMPP. Further, with the lighting module, real lamps can be switched on and off and much more. Also the Home Appliances and Entertainment Service Framework seems to be interesting as well.

In the Javascript world I uploaded some new packages …

  • node-strip-ansi
  • node-lodash-compat
  • node-has-flag
  • node-errs
  • node-ejs
  • node-absolute-path

… and uploaded new versions for the following packages:

  • node-base62
  • node-array-flatten
  • node-eventsource
  • node-xmlhttprequest-ssl
  • node-wrappy
Categories: Elsewhere

Joachim Breitner: When to reroll a six

Planet Debian - Fri, 01/07/2016 - 21:47

This is a story about counterintuitive probabilities and how a small bit of doubt turned out to be very justified.

It begins with the game “To Court the King” (German: „Um Krone und Kragen“). It is a nice game with dice and cards, where you start with a few dice, and use your dice rolls to buy additional cards, which give you extra dice or special powers to modify the dice that you rolled. You can actually roll your dice many times, but every time, you have to set aside at least one die, which you can no longer change or reroll, until eventually all dice have been set aside.

A few years ago, I have played this game a lot, both online (on yucata.de) as well as in real life. It soon became apparent that it is almost always better to go for the cards that give you an extra die, instead of those that let you modify the dice. Intuitively, this is because every additional die allows you to re-roll your dice once more.

I concluded that if I have a certain number of dice (say, n), and I want to have a sum as high as possible at the end, then it may make sense to reroll as many dice as possible, setting aside only those showing a 6 (because that is the best you can get) or, if there is no dice showing a 6, then a single die with the best score. Besides for small number of dice (2 or 3), where even a 4 or 5 is worth keeping, this seemed to be a simple, obvious and correct stategy to maximize the expected outcome of this simplified game.

It is definitely simple and obvious. But some doubt that it was correct remained. Having one more die still in the game (i.e. not set aside) definitely improves your expected score, because you can reroll the dice more often. How large is this advantage? What if it ever execeeds 6 – then it would make sense to reroll a 6. The thought was strange, but I could not dismiss it.

So I did what one does these days if one has a question: I posed it on the mathematics site of StackExchange. That was January 2015, and nothing happened.

I tried to answer it myself a month later, or at least work towards at an answer, and did that by brute force. Using a library for probabilitstic calculations for Haskell I could write some code that simply calculated the various expected values of n dice for up to n = 9 (beyond that, my unoptimized code would take too long):

1: 3.50000 (+3.50000) 2: 8.23611 (+4.73611) 3: 13.42490 (+5.18879) 4: 18.84364 (+5.41874) 5: 24.43605 (+5.59241) 6: 30.15198 (+5.71592) 7: 35.95216 (+5.80018) 8: 41.80969 (+5.85753) 9: 47.70676 (+5.89707)

The result supported the hypothesis that there is no point in rolling a 6 again: The value of an additional die grows and approaches 6 from beyond, but – judging from these number – is never going to reach it.

Then again nothing happend. Until 14 month later, when some Byron Schmuland came along, found this an interesting puzzle, and set out a 500 point bounty to whoever solved this problem. This attracted a bit attention, and a few not very succesful attempts at solving this. Eventually it reached twitter, where Roman Cheplyaka linked to it.

I do not know if the tweet made a difference, but a day later some joriki came along, and he had a very good idea: Why not make our life easier and think about dice with less sides, and look at 3 instead of 6. This way, and using a more efficient implementation, he could do a similar calculation for up to 50 dice. And it was very lucky that he went to 50, and not just 25, because up to 27, the results were very much as expected, approaching value of +3 from below. But then it surpassed +3 and became +3.000000008463403.

In other words: If you have roll 28 dice, and you have exactly two dice showing a 3, then it gives you better expected score if you set aside only one 3, and not both of them. The advantage is miniscule, but that does not matter – it is there.

From then on, the results behaved strangely. Between 28 and 34, the additional value was larger than 3. Then, from 35 on again lower than 2. It oscillated. Something similar could be observed when the game is played with coins.

Eventually, joriki improved his code and applied enough tricks so that he could solve it also for the 6-sided die: The difference of the expected value of 198 dice and having 199 dice is larger than 6 (by 10 − 21...)!

The optimizations that allowed him to calculate these numbers in a reasonable amount of time unfortunately was to assume that my original hypothesis (never rerolling a 6 is optimal), which held until n < 199. But this meant that for n > 199, the code did not yield correct results.

What is the rationale of the story? Don’t trust common sense when it comes to statistics; don’t judge a sequence just from a few initial numbers; if you have an interesting question, post it online and wait for 16 months.

Categories: Elsewhere

Leo 'costela' Antunes: Yet another letsencrypt (ACME) client

Planet Debian - Fri, 01/07/2016 - 20:35

Well, I apparently joined the hordes of people writing ACME (the Protocol behind Let’s Encrypt) clients.

Like the fairy tale Goldilocks, I couldn’t find a client in the right spot between minimalistic and full-featured for my needs: acme-tiny was too bare-bones; the official letsencrypt client (now called certbot) too huge; and simp_le came very close, but it’s support for pluggable certificate formats made it just a bit too big for me.

So, wile (named after another famous user of ACME products) was born. Maybe it will fill someone else’s very subjective needs.

Categories: Elsewhere

The Sego Blog: Drupal 8, Pantheon & GitKraken: Part 1 of 3

Planet Drupal - Fri, 01/07/2016 - 20:17
07/01/2016Drupal 8, Pantheon & GitKraken: Part 1 of 3

Welcome to the first installment of our three part Drupal 8, Pantheon & GitKraken series.  For more information on what this series will be covering check out our intro HERE.

Categories: Elsewhere

Freelock : Updating a D6 -> Drupal 8.0.x migration to Drupal 8.1.x

Planet Drupal - Fri, 01/07/2016 - 20:08

We have several Drupal 6 to Drupal 8 upgrade projects going on, which is particularly challenging given how quickly the Drupal Migration system is changing. Given that a couple of them are nearing launch, and were missing some node references, I set out to get the content updated from the production sites before launch.

Drupal 8Drupal MigrationDrupal PlanetDrupal upgrade
Categories: Elsewhere

Acquia Developer Center Blog: Come on down to Drupal South 2016!

Planet Drupal - Fri, 01/07/2016 - 19:08

Vladimir Roudakov and I sat down at DrupalCon New Orleans to talk about an event close to my heart: the 2016 edition of Drupal South. This year, it'll be held in Australia's Gold Coast. Knowing the Australasian Drupal community, this will be a very high quality event in terms of what you'll be able to get out of it. And knowing the location, right by the world famous "Surfers' Paradise" beach, if you're into sun, fun and Drupal, you'll be in for a treat!

Below is a little information about the event and Vlad, plus video, audio, and a text transcription of our conversation.

Drupal South 2016
Meet Vlad
Interview video - 14 min.

jam: So Vladimir and I are in glamorous downtown New Orleans at DrupalCon 2016 in North America. How’s your Con been so far, Vlad?

Vlad: It was pretty overwhelming. It’s my second Con in the US and third Con altogether and it’s been amazing. Everyone should try it. Everyone should try at least one DrupalCon in their life.

jam: As you can hear from his accent, Vlad is from Australia.

Vlad: Gidday!

jam: You work for Technocrat, right?

Vlad: That’s correct. Yes, I work for a company based in Sydney called Technocrat.

Vlad meets Drupal

jam: How long have you been doing Drupal?

Vlad: I’ve been doing Drupal since 2009. I actually kind of gave up on enterprise back in the day and went to a small company that was run from a basement. The owner came to me with a pile of paper like that and said, “Do you know Drupal?” I said, “I worked with Joomla! before” and he said, “Well, here are all the passwords of my clients. Can you fix the sites?” It was a few Drupal 5 sites and majority of them were Drupal 6 sites. So that’s how I met Drupal. In the basement of the Queensland – well, it’s actually called “Queensland” there – the house. So it’s like in a basement of the house back in Australia.

jam: So your introduction to Drupal was a hundred rescue projects.

Vlad: About 50, yes - not a hundred.

jam: So what did you think about Drupal after opening those up?

Vlad: Well, I don’t think I had time to think about it. I was actually trying to learn it for quite a bit. So just doing it all myself. Yes, it took quite a while and again, was overwhelming but the interest and bit--and still today ... So it was – I guess almost seven years to-date. I keep learning every day, which is – I guess – the most exciting part.

jam: Have you been paying attention to Drupal 8? Have you been excited about that?

Vlad: Yes, I actually just certified as Drupal 8 Acquia certified developer and we just released two projects as a part of Technocrat with at least two Drupal 8 projects into the wild.

jam: Wow! So what are you most excited about, technically in Drupal 8? How is it going to make your job better?

Vlad: Well, it’s already doing it. The fact that it packages a lot of stull than before – we used to use as the modules. So making it more stable is one thing. The second – and I guess the most exciting bit that it kind of comes with hidden gems like a backbone frontend library and Symfony. It’s invisible for a naked eye – for a person who starts doing Drupal 8 or just get introduced for Drupal, but for us as the developers, that brings enormous amount of stuff hidden that we actually can leverage and use. So that’s very, very exciting.

jam: What would you say your favorite thing about Drupal is in all these years?

Vlad: That’s a tough one. There are too many things but I guess community. Yes. So basically, whenever I go to: DrupalCon in the US--I haven’t been to any Drupal events in Europe yet--but in Australia as well. It becomes like a second family.

jam: Yes. I feel really privileged to be able to have close friends that I can see two-three-four-five times a year all over the world in different places and you sort of pick up the conversation that you were having before. It keeps going it – really, it does sort of feel like a family but the good kind of family, I guess.

Drupal South 2016

jam: So you might know that I grew up in New Zealand and you’re on the Drupal South organizing team this year for 2016. When and where is Drupal South going to be this year?

When and Where?

Vlad: So this year, Drupal South is actually coming to the Gold Coast, which is on the east side of Australia. Coming from very cold and rainy Melbourne last year, it actually would be nice to see the sun. So we decided to do it right on the beach on Gold Coast. Originally, Drupal South used to be called Drupal Downunder because Australian and New Zealand events were two different events. So at the moment, they are packed together as Drupal South.

jam: So last week of October – for those of us in the northern hemisphere, if we want one more dose of warm weather, we should come to the Gold Coast. What can people expect from a Drupal South? Is it 80 people in a university basement or what is it like?

Vlad: We keep going back to basements. Now, it’s a – we’re actually going up this year. So I’ll talk about that a bit later but what’s actually happening is a few people came to me during this conference to say, “So what is Drupal South? Is it actually another Drupal camp?” and I’ll say, “No, no, we actually have three Drupal camps in Australia every year and this is an actual conference.” So this is pretty much what – if any of you came to DrupalCon 2013 in Sydney, that’s going to be exactly what it was there. So we are looking at approximately 300-350 people sharing the knowledge. There are some similarities with DrupalCon and the fact that DrupalCon is a big inspiration for me but also it’s going to be a bit different. So there’s going to be a few differences. Talking about the location, the Gold Coast itself, it’s a fun, family destination. We actually are located – I think half a block from the beach. We specifically moved it to October. First of all, not to smash too close together to events like DrupalCon but also because it’s going to be much, much warmer. The Gold Coast is a perfect destination because there are amusement parks, there are entertainment districts. It’s a strip of high rises that people were building since the ‘60s and ‘70s and it’s pretty much like a completely separate city. Actually, a few cities packed together. So it’s very nice. So if you are looking at some family vacations as well as learning or teaching some Drupal, you should definitely come.

International Visitors

jam: Alright! Last week of October, 2016. I have been to the last two Drupal Souths and I was really, really happy. One of the things that I like at different Drupal events is the different mix of people but there were an awful lot of international guests in Melbourne. For example, a lot of people from India, a lot of people from China who I might not see in other places. So you’re expecting about 300 or 400 people. What kind of focus and what kind of activities are there going to be?

Vlad: Well, it’s basically – we are targeting mostly Drupal crowds as usual but this year, it’s a bit different. First of all, I think DrupalCon in Asia changed the perspective in Asia on DrupalCon and a few events like camps happening all over Asia like Manila, Shanghai also, I think to promote Drupal quite a bit. I talked to a few people here and we do expect international guests from India or from China and I think there are a few sponsors that are coming up from there so Australia definitely becoming an international destination in terms of Drupal.

Student Day

Apart from your standard Drupal event where you have a number of sessions, maybe training, a few parties, we’re actually planning a few surprises and one of them – it’s a student day. So actually, at the moment we’re looking at a pre-conference day where we’re trying to get as many students as we can and either go to a local university, which we are trying to work out now. And actually teach Drupal to students or maybe organize a mini conference for them and promote the actual conference. We’re also trying to do that in advance before the conference. So just work with local universities and promote Drupal a bit more.

Conference Sharing

Another thing is conference sharing. Something interest – I realized while traveling to different conferences in Australia, not many people are aware of conferences that are actually happening apart from stuff they’ve been doing for ages. For example, last year I went to WordCamp, WordPress mini conference that was in Brisbane and realized we don’t really have much overlap. There are excellent events happening for Python conference, excellent events put together by Linux Australia – a Linux conference. So what I’m trying to organize is to actually have a table or something to promote other conferences in Australia and New Zealand region to people. So I actually have more people going to PHP conferences next year because it would make sense for people doing Drupal to do that. So that’s another thing.

More hands-on

The last thing we were planning to do is more hands-on session. So usually at DrupalCon, you come and listen to the person for a number of minutes. So say a half-an-hour session or a 45-minute session. So what we are looking at the moment – I’m not sure it’s going to happen – or how it’s going to happen and what format it’s going to be, but we are planning to have a hands-on session where the actual session itself is a mini training course and people can come in and learn about Views not just by watching the presentation but actually will try to present or to actually put together the mini-course so people can actually come and go away with something they built.

jam: Oh! So I can have a concrete achievement from having attended a session like that. That sounds great! That sounds like a really, really, really good idea.

Call for Papers, Call for Sponsors

jam: When is the call for papers? Who should be coming to present? What else do you need?

Vlad: Head to the website to find out more information about sponsorships and sessions as well. So we accept sessions from everyone. If you are using Drupal as a company, if you are planning to use Drupal, if you have any experience in Drupal or so that you want to share, we’re going to have a – not that many actual session tracks but we’ll try to definitely have a distinct line between development, project management, and business. So that’s something that I also have a strong opinion about because a lot of project managers and businesses came to me and said, “Look, we are non-technical people and we also want to share.” On the same note, a lot of advanced developers came in and complained about not having enough advanced session.

jam: Nobody is ever happy ;-)

Vlad: Yes, that’s true but I’m actually trying to cater for that. Although the conference is not very big, we’re really, really trying to do that. So head to the website. There is a sponsor section there. There is a call for paper section there. Submit your session. I’m sure we’re going to have a good conference. One more thing to add is I was talking about heading up before. So one of the things is we are having the conference at Q1 building. It’s the Q1 Resort building. I think it’s an 80-something floor building. So it’s one of the tallest in the Gold Coast. It used to be tallest but someone already built much, much higher. So we’re actually going to split the conference between level two and level 78 and we’re going to have an access to an observation deck. So that’s one of the reasons to actually come in and see the Gold Coast from the level 77 and 78.

jam: What’s that website?

Vlad: The website is goldcoast2016.drupal.org.au.

jam: Alright. I will link to that in the show notes. I just want to say that I’ve been to a PHP conference in a hotel where the sessions were divided between the ground floor and the sixth floor and being in Germany, their elevators are small and slow. Make sure you’ll give us enough time to get between sessions in the elevator. Taking into account how many elevators there are because it jammed up the process at this thing that I’ve been to before.

Vlad: Well, I think we’re not going to split the actual sessions. We’ll either going to do some sponsors talks up in the sky or maybe have a coding lounge or something like that.

jam: That would be cool!

Outta here!

jam: This is Vlad. He’s on the team for Drupal South 2016, which is happening in October and it sounds like it’s going to be a great venue. It sounds like it’ll be a great opportunity to combine it with some vacation time – very, very, very nice. I have been to a couple of these in the past and I really, really enjoyed them and I’ve been to another Drupal conference in Australia and I’ve gotten a lot out of them. So this is a great community. If you want to come and meet some new interesting Drupalists, I would say it’s very, very likely to be a good conference.

Alright Vlad, great talking to you! Have a great rest of DrupalCon. If you could see behind us, the lunch queue is starting to move and yes, it’s time to go get some food. Take care, man. Good to see you.

Vlad: Thanks a lot. Thanks a lot, jam.

Skill Level: BeginnerIntermediateAdvanced
Categories: Elsewhere

Elena 'valhalla' Grandi: Busy/idle status indicator

Planet Debian - Fri, 01/07/2016 - 18:24
Busy/idle status indicator

About one year ago, during my first http://debconf15.debconf.org/, I've felt the need for some way to tell people whether I was busy on my laptop doing stuff that required concentration or just passing some time between talks etc. and available for interruptions, socialization or context switches.

One easily available method of course would have been to ping me on IRC (and then probably go on chatting on it while being in the same room, of course :) ), but I wanted to try something that allowed for less planning and worked even in places with less connectivity.

My first idea was a base laptop sticker with two statuses and then a removable one used to cover the wrong status and point to the correct one, and I still think it would be nice, but having it printed is probably going to be somewhat expensive, so I shelved the project for the time being.

Lately, however, I've been playing with hexagonal stickers https://terinjokes.github.io/StickerConstructorSpec/ and decided to design something on this topic, whith the result in the figure above, with the “hacking” sticker being my first choice, and the “concentrating” alternative probably useful while surrounded by people who may misunderstand the term “hacking”.

While idly looking around for sticker printing prices I realized that it didn't necessarly have to be a sticker and started to consider alternatives.

One format I'm trying is inspired by "do not disturb" door signs: I've used some laminating pouches I already had around which are slightly bigger than credit-card format (but credit-card size would also work of course ) and cut a notch so that they can be attached to the open lid of a laptop.

They seem to fit well on my laptop lid, and apart from a bad tendency to attract every bit of lint in a radius of a few meters the form factor looks good. I'll try to use them at the next conference to see if they actually work for their intended purpose.

SVG sources (and a PDF) are available on my website http://www.trueelena.org/computers/projects/busy_idle_indicator.html under the CC-BY-SA license.
Categories: Elsewhere

Acquia Developer Center Blog: Extending OOTB Drupal 8 Experiences with Lightning

Planet Drupal - Fri, 01/07/2016 - 17:59

The following post is from the Acquia Lightning blog. Acquia Lightning, “the Drupal distribution for Enterprise Authoring,” is a Drupal starter kit that enables developers to create great authoring experiences and empower editorial teams. Lightning provides users with a lightweight framework for building working solutions in Drupal. For more information, including a product roadmap, and installation instructions, check out the Acquia Lightning site.

Tags: acquia drupal planet
Categories: Elsewhere


Subscribe to jfhovinne aggregator - Elsewhere