Staring at a blank screen, notebook, or any other space flooded with emptiness can conjure feelings of worry, confusion, and definitely fear. Yet this is a ritual anyone who considers themselves a creative willingly puts themselves through on a regular basis. Some may dread these less than pleasant feelings, but I am sure there are also many who embrace them, and I am one of them. Full disclosure, creating something is a scary process for me, and that's ok. From beginning to final product there are plenty of uncomfortable moments that I find extremely beneficial and rewarding to a successful creative process. Hopefully after I share how these often referred to as negative emotions are helpful, you, too, will see how essential they are to your creative process, and why they should be embraced and not avoided.
The monthly Drupal core bug fix release window is scheduled for this Wednesday. However, the last bug fix release was two months ago, and there haven't been enough changes to the development version since then to warrant a new release.
Upcoming release windows include:
- Wednesday, January 21 (security release window)
- Wednesday, February 4 (bug fix release window)
My monthly report covers a large part of what I have been doing in the free software world. I write it for my donators (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.Debian LTS
This month I have been paid to work 20 hours on Debian LTS. I did the following tasks:
- CVE triage: I pushed 47 commits to the security tracker this month. Due to this, I submitted two wishlist bugs against the security tracker: #772927 and #772961.
- I released DLA-106-1 which had been prepared by Osamu Aoki.
- I released DLA-111-1 fixing one CVE on cpio.
- I released DLA-113-1 and DLA-114-1 on bsd-mailx/heirloom-mailx fixing one CVE for the former and two CVE for the latter.
- I released DLA-120-1 on xorg-server. This update alone took more than 6h to backport all the patches, fixing a massive set of 12 CVE.
Not in the paid hours, but still related to Debian LTS, I kindly asked Linux Weekly News to cover Debian LTS in their security page and this is now live. You will see DLA on the usual security page and there’s also a dedicated page tracking this: http://lwn.net/Alerts/Debian-LTS/
I modified the LTS wiki page to have a dedicated Funding sub-page. This avoids having a direct link to Freexian’s offer on the main LTS page (which surprised a few persons) and allows to give some more background information and makes it possible for other persons/companies to also get listed in the same way (since there’s no exclusive relationship between Debian and Freexian here!).
And I also answered some questions of Nguyen Cong (a new LTS contributor, employed by Toshiba with explicit permission to contribute to LTS during work hours! \o/), on IRC, on ask.debian.net (again) and on the mailing list! It’s great to see the LTS project expanding beyond current members of the Debian project.Distro Tracker
I want to give again some more priority to Distro Tracker at least to complete the transition from the old PTS to this new service… last month has been a bit better than November but not by much.
I reviewed a patch in #771604 (about displaying long descriptions), I merged another patch in #757443 (fixing bad markup which rendered the page unusable with Konqueror), I fixed #760382 where package gone through NEW would never lose their version in NEW.Kali related contributions
I’m not covering my Kali work here but only some things which got contributed upstream (or to Debian).
First I ensured that we could build the Kali ISO with live-build 4.x in jessie. This resulted in multiple patches merged to the Debian live project (1 2 3 4). I also submitted a patch for a regression in the handling of conditionals in package lists, it got dropped and has been fixed differently instead. I also filed #772651 to report a problem in how live-build decided of the variant of the live-config package to install.
Kali has forked the sysvinit package to be able to disable the services by default and I was investigating how to port this feature in the new systemd world. It turns out systemd has such a feature natively: it’s called Preset files. Unfortunately it’s not usable in Debian because Debian does not call systemctl preset during package installation. I filed bug #772555 to get this fixed (in Stretch, it’s too late for Jessie :-().Saltstack
I’m using salt to automate some administration task in Kali, at home and at work. I discovered recently that the project tries to collect “Salt Formulas”: those are ready to use instructions for as many services as possibles.
I started using this for some simple services and quickly felt the need to extend “salt-formula”, the set of states used to configure salt with salt. I submitted 5 pull requests (#73 and #74 to configure salt in standalone mode, #75 to enable the upstream package repositories, #76 to automatically download and enable the desired salt formulas, #77 for some bugfixes) and they have all been merged in less than 24 hours (that’s the kind of thing that motivates you to contribute again in the future!).
BTW I have some salt states to setup schroot and sbuild. I will try to package those as proper salt formulas in the future…Misc stuff
Mailing list governance. In Debian, we often complain about meta-discussion on mailing lists (i.e. discussions about how we discuss together) and at the same time we need to have that kind of discussions from time to time. So I suggested to host those discussions in a new mailing list and to get this new list setup, our rules require to have other people interested in having this list. The idea had some support when we discussed it on debian-private, so I relaunched it on debian-project while filing the official request in the BTS: #772645. Unfortunately, I only got one second. So if you’re interested in pursuing this idea, speak up now…
Sponsorship. I sponsored another Galette plugin this month: galette-plugin-fullcard. Thanks to François-Régis Vuillemin for his work.
See you next month for a new summary of my activities.
If you’re a Unix person instead of e.g. a Microsoft® Windows® person, you’ve probably been annoyed by Iceweasel (or Mozilla™ Firefox®) creating a ~/Desktop directory, among others (things like ~/Downloads).
Here’s a quick fix I found somewhere in the ’net:mkdir -p -m0700 ~/.config cat >~/.config/user-dirs.dirs <<'EOF' XDG_DESKTOP_DIR="$HOME/" XDG_DOCUMENTS_DIR="$HOME/" XDG_DOWNLOAD_DIR="$HOME/" XDG_MUSIC_DIR="$HOME/" XDG_PICTURES_DIR="$HOME/" XDG_PUBLICSHARE_DIR="$HOME/" XDG_TEMPLATES_DIR="$HOME/" XDG_VIDEOS_DIR="$HOME/" EOF
Upon next start, Iceweasel (and other XDG-compliant applications) will throw stuff into ~/ instead.
We had stopped following the upstream stable branch maintained by Willy Tarreau after 18.104.22.168 (released October 2012). Since then, we have only applied specific security fixes and other critical fixes. Raphaël Hertzog and Holger Levsen started to rebase our package on 22.214.171.124 (released November 2014), bringing in a few security fixes we didn't yet have and a larger number of fixes for functional and performance issues.
I spent most of my time reviewing the several hundred changes from the upstream stable branch. I found a number of mistakes that would have caused regressions. Those should all be fixed in the update to linux-2.6, though I did not have nearly enough time for a thorough regression test. I sent my fixes to Willy for inclusion in 126.96.36.199.
I also reviewed and applied fixes for several security flaws in the kernel entry and exit paths. Andy Lutomirski identified and fixed a number of problems upstream, the most serious of which was CVE-2014-9322 (though this is not listed in the changelog because the details weren't yet public). Willy found and backported the upstream fixes for inclusion in 188.8.131.52. I checked that these make sense (so far as I understand this code) and verified that Andy's test cases now have the expected results when run on the new kernel version.
I tried to make Google::API::Client deb package, it requires Module::Build::Tiny, and dh-make-perl don’t suppot it, so I worte a override code in debian/rules.
./Build install –destdir=$$(pwd)/debian/$pkgname –installdirs=vendor
More elegant answer should be to add Module::Build::Lite support to dh-make-perl.
Recently I have been test driving some Drupal 8 development to get a feel for some of the new concepts and APIs that have been introduced. I find the best way to learn and get motivated about a new technology is to dive right into a fun side project, where you can be free to experiment and break things at your own leisure. You also have the advantage of selecting a set of features which touch a variety of APIs.
In this post I’ll go over the approach I took to building a Drupal 8 install profile and some of the issues I faced.Install Profile
I decided to write an install profile in an attempt to keep HEAD up to date. This would allow me to replace core and reinstall my website and be more resilient to upgrade issues.
Review: Ancillary Sword, by Ann LeckieSeries: Imperial Radch #2 Publisher: Orbit Copyright: October 2014 ISBN: 0-316-24665-4 Format: Trade paperback Pages: 354
This is the second book in the Imperial Radch series and a direct sequel to Ancillary Justice. You don't want to read this book out of order, since the previous book sets up the background of everything that happens here. Besides, Ancillary Justice is an amazing book.
It's going to be challenging to review Ancillary Sword without spoiling the previous book. If you're planning on reading Ancillary Justice but haven't gotten to it, you may want to stop here and come back to this review after you've read it. Or, even better, just read both books. They're some of the best science fiction I've read.
Ancillary Justice started small, with one person and their quixotic search for revenge, and grew large, to encompass conflicts and confrontations that would shake the Radch. Ancillary Sword returns to a smaller scale and stays there. This means that much of what was left unresolved at the end of the previous book is still unresolved; Leckie does not continue escalating into large-scale conflict. It also means that we see a lot more of Breq making personal choices and trying to work out her own sense of morality, plus semi-adopting a couple more injured people along the way.
One of my favorite types of stories is where I get to watch someone who is very good at something do the thing that they're very good at. Breq's unique background and experience makes her a wildcard outsider with vast experience in her new role. (Not to mention the special advantages she has from her implants.) Her long experience with people, similarly from a unique perspective, lets her use her power to effectively navigate political situations while keeping people slightly off-balance. And now she has some real power, made more potent for being somewhat ill-defined.
In short, this is a story of political agency, given to someone who hasn't had it before but who is very good at using it. It's immensely satisfying, in part because it's not a simple wish fulfillment. Breq can't just reshape the world to her preferences; in fact, she can't do much about one of the social conflicts she runs into, except treat the people involved with unexpected respect. But she can occasionally do something, and she can always upset existing power structures in subtle ways, and the way Leckie writes this makes it so much fun to read.
I think one of the reasons why I enjoyed this so much is that Breq is not relentlessly introspective. She just acts. Usually this sort of book involves lots of soul-searching and analysis, and the lack is refreshing. The other people in the story analyze Breq much more than she analyzes herself, sometimes incorrectly, and Breq finds the whole thing faintly amusing. Not only does this keep the story from bogging down in too much internal drama, it means that Breq frequently surprises the reader, usually in ways that had me grinning. And, despite not mulling things over incessantly, she is growing and developing, finding her own sense of morality and and ethics in a way that's sometimes only apparent in retrospect.
The one caveat I will mention is that this is a book that concerns itself a great deal with colonialism and racial slavery, but it's a fantasy of political agency focused on someone who's part of the dominant culture. While it's not quite accurate to say that Breq is this world's equivalent of white, she can pass, and she's Radchaai. I thought the book handles the issues reasonably well, but it is still using oppressed cultures to focus on the agency and power of someone who is, comparatively, privileged. This didn't bother me while I was reading the story, but it started to bother me a little afterwards once it was pointed out. There's nothing inherently wrong with that story, but it's a rather common pattern, and I'm afraid Ancillary Sword doesn't do much to broaden the pattern. That said, it's a caveat rather than a fatal flaw, at least for me.
Ancillary Sword is obviously the middle book of a trilogy, and normally the lack of forward progress on the overarching story and the sense of filling in background and setting the scene would undermine the book. But Breq and the other characters in this world are so fascinating that I didn't mind. The ending was not quite what I expected, but worked better the more that I thought about it. I'm really looking forward to the next book.
Followed by Ancillary Mercy.
Rating: 9 out of 10
These changes to a couple of my scripts were done some time ago, but I never pushed them out or announced them.
faq2html, which I use to convert package README files and other documentation to something suitable for the web, no longer tries to parse the document for leading headers when a title is specified with -t. This makes the web page generation for new copyright-format 1.0 LICENSE files a little less awful, although I really need to write an HTML converter specifically for that file format. (That will require me to figure out what a reasonable web conversion of that file format actually is.)
You can get the latest version of faq2html from my web tools page.
The release script I use to prepare and move around copies of my software releases has been updated to handle Perl distributions that use Build.PL a little better, and to generate xz-compressed tarballs if the upstream build system only generates gzip-compressed tarballs (as Perl's does). I'm moving towards standardizing on xz compression for all of my software releases, although I'll also provide gzip-compressed tarballs for the forseeable future.
You can get the latest version of release from my scripts page.
This is a relatively minor change which expands the set of Boost libraries included in the package to Boost Fusion per issue ticket 7. Boost Fusion is a very clever library providing a fusion of both compile-time meta-programming and run-time programming to provide something similar to the STL (i.e. containers, algorithms, ...) for heterogenous tuples. I also added pointers to both the mailing list and the GitHub issue tracker to the DESCRIPTION file, README and main manual page.
A brief summary of changes from the NEWS file is below.Changes in version 1.55.0-2 (2015-01-03)
Added Boost Fusion requested in GH ticket #7 by Dirk for RcppStreams
Review: Programming Ruby, by Dave Thomas, et al.Publisher: Pragmatic Bookshelf Copyright: 2005 Printing: May 2006 ISBN: 0-9745140-5-5 Format: Trade paperback Pages: 785
There are a few different editions of this book. The version I read is the second edition, written by Dave Thomas with Chad Fowler and Andy Hunt and published in 2005, covering Ruby 1.8.2. There's now a fourth edition, covering Ruby 1.9 and 2.0, which is probably what you'd want if you were buying this book today. This book, in whatever edition, is called the Pickaxe in the Ruby community after it's cover.
I've used a lot of different programming languages, so I can usually pick one up on the fly reasonably well, but I still like to read a good introductory book before using one seriously. It's a bit too easy to get lost or to fall into habits that don't match the best practices of the language community without a solid introduction. I've been using a bit of Ruby off and on since I started using Puppet, but I'm looking at doing more serious development using Chef, so I decided it was time to get that introduction. (It helped that I had this book sitting around, although that's also why I read an older edition.)
Programming Ruby starts with the obligatory introduction to installing and running Ruby, and then provides a high-level introduction to the language and its basic types — just enough to make Ruby comprehensible before starting into the object system. Everything is an object in Ruby, so the book introduces the object system as early as possible, and then shows the rest of the language from constants up in the light of that object system. The rest of part one follows the normal language introduction path, building up from constants and methods to exceptions, modules, and basic IO. It closes with chapters about threads and processes, unit testing, and the debugger.
Part two is a grab-bag of one-chapter topics describing how to use Ruby in a particular setting, or showing one angle of the language. The best of those chapters for me was the one on RDoc, partly because I'm quite impressed by Ruby's documentation system. A few of these chapters are oddly in-depth for an introductory book — I doubt I'm ever going to use all the details about special irb configuration, and if I do, I'd just look them up — but I greatly appreciated the solid chapter on how to write Ruby extensions in C. There is also the obligatory chapter on writing GUI applications with Tk, which always seems to show up in these sorts of introductions and which always baffles me. Does anyone actually do this any more instead of writing a web application?
Part three dives back into the language and provides a more complete and formal description. The authors aren't afraid to get into some of the internals, which I appreciated. There is a good chapter here on the details of the type system and how objects and classes interact, and a much-needed extended discussion of duck typing. This type of weak typing and runtime binding is fundamental to how Ruby approaches objects, for better or worse. (I have mixed opinions; it makes some things easier, but I increasingly appreciate strong typing and more formal interface definitions.) Some discussion of marshalling and introspection closes out the discussion portion of the book.
That's about 420 pages of the material. The rest of the book is a detailed reference on all of the core classes, and a quicker overview of the standard library. Normally, this sort of thing is thrown into language introductions to pad out the page count, but usually the language's official documentation is better at this sort of reference. But I found Programming Ruby to be an exception. The reference is succinct, sticking to a paragraph or two for each method, and did a great job of providing enough cross-reference and discussion to put each class into a broader perspective. It's the most useful example of this type of reference section I've seen. I still probably won't use it after this initial reading, but I think I got a better feel for the language from reading through it.
It's hard to review a book like this without reviewing the language it documents, at least a little bit. I'll indulge: it entertains me how much Ruby is obviously based on Perl, including borrowing some of Perl's more dubious ideas. The global punctuation variables will look familiar to any Perl programmer, and the oddly-named global variables for the interpreter flags are in the same spirit. The language unfortunately has similar problems as Perl with safely running commands without using the shell; it's possible, but not the default and not what the built-ins do. There are places where I wish Ruby were a little less like Perl.
The plus side for an experienced Perl programmer is that Ruby feels quite familiar and has made some clear improvements. The ? and ! convention for methods that return booleans or modify objects in-place is brilliant in its simplicity, and something I'd love to see in more languages. And the way Ruby implements ubiquitous code blocks for both iterators and for any temporary objects is lovely once one gets used to it. It's similar to Python's context managers, except more general and built deeper into the language. Returning to the review of the book, rather than the topic, Programming Ruby has a good, clear explanation of blocks, iterators, and yield.
If you're interested in getting a grounding in Ruby, this book still feels like a solid introduction. The edition I read is getting a bit long in the tooth now that we're on Ruby 2.1, but the pace of language change has slowed, and most of the book is still applicable. (If you're buying it new, you should, of course, get the later edition.) The table of contents makes it seem like the book is covering the same ground multiple times, but that organizational strategy worked better than I expected. Ruby is not the most organized language in the world, so I still felt a bit overwhelmed with random method names in places, but I never felt lost in the mechanics of the language.
In short, recommended if you want a good introduction to the language, although probably in a later edition.
Rating: 8 out of 10