Valuebound: Create custom Entity Type in Drupal8 for better content management

Planet Drupal - Mon, 04/07/2016 - 21:22

Entities were introduced from Drupal 7.  I would say in Drupal 8 , entities are essential part takers like node, users, files, images and comments, etc.. Still sometimes you need to create custom entities according to your requirements. From the experience of working with some of the top level Media companies in the world, sometimes we need to create custom entity types. Example like recently we got the requirement to create the entity for string the analytic data of the Articles. Why  we need to create  the custom entity instead of using nodes  or exiting entities, because the client doesn’t want to show the data in content administration page (‘admin/content’). Still it should be able…

Categories: Elsewhere

Paul Wise: Check All The thingS!

Planet Debian - Mon, 04/07/2016 - 20:10

check-all-the-things (aka cats, Meow!) is a tool that aims to make it easy to know which tools can be used to check a directory tree and to make it easy to run those tools on the directory tree. The tree could either be a source tree or a build tree or both. It aims to check as much of the tree as possible so the output can be very verbose and have many false positives. It is not for the busy, lazy or noise intolerant. It runs the checks by matching file names and MIME types against those registered for a list of checks. Each check has a set of dependencies, flags, filename wildcards, MIME type wildcards, comments and prerequisite commands. By default it:

  • doesn't check file MIME types as this is slower
  • shows which command is currently running
  • limits check output to 10 lines
  • hides checks that output nothing
  • kills checks when interrupted with Ctrl+C
  • exits when interrupted twice in quick succession
  • outputs various remarks at the end

It runs all checks for the current distro/release except:

  • dangerous ones that execute code in the current dir
  • ones that modify files in the current dir
  • ones that access the network (if there is no default route)
  • ones that need work to be usable
  • ones that need a human to run them

There are command-line options to customise the behaviour and automatic bash shell completion via argcomplete. There are 177 checks (including TODO ones) in 73 different categories. There are an additional 224 not-well-specified TODO items for new checks in comments. It is exceptionally easy to add new checks once one knows how to use the tool one wants to add.

At this point in time it is probably not a good idea to run it in an untrusted directory tree for several reasons:

  • there could be unknown vulnerabilities in the tools used
  • there could be unknown interactions with interpreters (known ones worked around)
  • there could be some commands doing unknown code execution
  • there could be other weirdness in some layers
  • there is no automatic sandboxing at all yet

The project initially started as really hacky wiki page full of commands to run. At some point I figured it was time to make this actually be maintainable and started on a project to do that. At around the same time Jakub Wilk was working on maquack to replace the wiki page. Somehow I found out about it and talked to him about it. It was vastly less hacky than my version so I ended up taking it over and continuing it under the check-all-the-things name. I polished it for the last two years and finally released it into Debian unstable during DebCamp16.

Categories: Elsewhere

Gunnar Wolf: Got the C.H.I.P.s for DebConf!

Planet Debian - Mon, 04/07/2016 - 15:17

I had my strong doubts as to whether the shipment would be allowed through customs, and was happily surprised by a smiling Graham today before noon. He handed me a smallish box that arrived to his office, containing...

Our fifty C.H.I.P. computers, those I offered to give away at DebConf!

The little machines are quite neat. They are beautiful little devices, including even a plastic back (so you can safely work with it over a conductive surface or things like that). Quite smaller than the usual Raspberry-like format. It has more than enough GPIO to make several of my friends around here drool about the possibilities.

So, what's to this machine besides a nice small ARM CPU, 512MB RAM, wireless connectivity (Wifi and bluetooth)? Although I have not yet looked into them (but intend to do so very soon!), it promises to have the freest available hardware around, and is meant for high hackability!

And not that it matters — But we managed to import them all, legally and completely hassle-free, into South Africa!

That's right — We are all used to the declaring commercial value as one dollar mindset. But... The C.H.I.P.s are actually priced at US$9 a piece. The declared commercial value is US$450. South Africans said all their customs are very hard to clear — But we were able receive 50 legally shipped computers, declared at their commercial value, without any hassles!

(yes, we might have been extremely lucky as well)

Anyway, stay tuned — By Thursday I will announce the list of people that get to take one home. I still have some left, so feel free to mail me at gwolf+chip@gwolf.org.

Categories: Elsewhere

Microserve: DrupalCamp Bristol 2016 - 22nd to 24th July

Planet Drupal - Mon, 04/07/2016 - 14:01
DrupalCamp Bristol 2016 - 22nd to 24th JulyJul 4th 2016

DrupalCamp Bristol is back for a second year, with a variety of talks covering hot topics in the Drupal (and wider digital) area. This year we will be hosting the event over 3 days with a Business Day, Conference Day and Sunday Sprints which is open to all.

Business Day (Friday 22nd July)

The event is aimed at business leaders and decision makers who are already familiar with Drupal, however client-side digital managers who are either responsible for a Drupal website or are considering using Drupal as a CMS of choice in the future will certainly find the day useful.

The event will be held within Colston Hall's prestigious Lantern room, and will feature lunch and refreshments throughout, along with a social event later in the evening at Colston Yard. Thank you to our kind sponsors for providing the bar tab!

This year we welcome the following talks:

  • New and improved … and amazing! Selling tech as business value, not shiny widgets. - Jeffrey A. "jam" McGuire (Open Source Evangelist, Acquia)
  • Elementary, my dear Watson (the movie guide to accessibility) - Léonie Watson (Senior Accessibility Engineer, The Paciello Group)
  • We hold these Online truths to be self-evident - Andrew Godleman (Transport for London Online)
  • Story mapping and sketching: humanising the requirements process - Mike Dunn, Will Scott (UX Consultants, Sift Digital)
  • Personalisation: The Holy Grail - Ben Wilding (MD, Cameron & Wilding)
  • Client Panel: a Q+A session with digital managers and product owners managing Drupal websites

Tickets are available via Eventbrite here.

Conference Day (Saturday 23rd July)

The event is primarily aimed at agency teams who use Drupal regularly, such as developers, PMs/AMs, and other agency team roles, and will consist of both high level talks and in-depth technical talks to suit all. This year we are welcoming a larger number of speakers over 3 individual tracks.

The event will again be held at the University of Bristol's School of Chemistry, and will feature lunch and refreshments throughout, along with a social event later in the evening at Zero Degrees. We are still looking for a Saturday Social Sponsor - please get in touch if you are interested. 

We are also pleased to announce a Quiz this year as a change to the closing session. Prizes will be given to the best teams!

The full timetable can be found here.

Tickets are available via Eventbrite here.

Sprints (Sunday 24th July)

If you are interested in staying for the weekend and would like to get involved with Drupal community contribution, then please feel free to attend the Sunday sprints. Torchbox have kindly provided their offices from 10am to 4pm and refreshments will be provided. Tickets are free, although we ask you to sign-up via Eventbrite to register your interest.


Looking forward to seeing everybody there,

The DrupalCamp Bristol Committee.

Written by: Rick Donohoe, Account Manager

Microserve is a Drupal Agency based in Bristol, UK. We specialise in Drupal Development, Drupal Site Audits and Health Checks, and Drupal Support and Maintenance. Contact us for for further information.

Categories: Elsewhere

Mike Hommey: Announcing git-cinnabar 0.4.0 beta 1

Planet Debian - Mon, 04/07/2016 - 12:45

Git-cinnabar is a git remote helper to interact with mercurial repositories. It allows to clone, pull and push from/to mercurial remote repositories, using git.

Get it on github.

These release notes are also available on the git-cinnabar wiki.

What’s new since 0.3.2?
  • Various bug fixes.
  • Updated git to 2.9 for cinnabar-helper.
  • Now supports bundle2 for both fetch/clone and push (https://www.mercurial-scm.org/wiki/BundleFormat2).
  • Now Supports git credential for HTTP authentication.
  • Removed upgrade path from repositories used with version < 0.3.0.
  • Experimental (and partial) support for using git-cinnabar without having mercurial installed.
  • Use a mercurial subprocess to access local mercurial repositories.
  • Cinnabar-helper now handles fast-import, with workarounds for performance issues on macOS.
Categories: Elsewhere

Drupal governance announcements: Coding standards proposals for final discussion on 7/12

Planet Drupal - Mon, 04/07/2016 - 06:23

The TWG coding standards committee is announcing two coding standards changes for final discussion. These appear to have reached a point close enough to consensus for final completion. The new process for proposing and ratifying changes is documented on the coding standards project page.

New issues for discussion:

Updates on existing issues:

These proposals will be re-evaluated during the next coding standards meeting currently scheduled for July 12. At that point the discussion will likely be extended, or if clear consensus has been reached one or more policies may be dismissed or ratified and moved to the next step in the process.

Categories: Elsewhere

Daniel Stender: My work for Debian in June

Planet Debian - Mon, 04/07/2016 - 00:37

At least a little much more time lst month for helping to improve the operating system we're working on. I've worked on a couple of package updates, mostly they are for PAPT, DPMT or pkg-go (in order of completion):

  • ocrodjvu/0.9.2-1
  • ocrodjvu/0.10-1
  • python-djvulibre/0.7.2-1
  • golang-github-masterzen-simplexml/0.0~git20140219.95ba304-2
  • golang-github-tent-http-link-go/0.0~git20130702.0.ac974c6-2 (team upload)
  • golang-github-masterzen-xmlpath/0.0~git20140218.13f4951-2 (all these fixed to test with golang-gopkg-check.v1)
  • afl-cov/0.6-1
  • afl/2.14b-1
  • afl/2.16b-1
  • pylint-django/0.7.2-1 (team upload)
  • prospector/0.12-1
  • pyuca/1.1.2-1 (team upload)
  • python-jstontest/1.2-2
  • python-svg.path/2.1.1-1 [RFA]
  • python-xmp-toolkit/2.0.1+git20140309.5437b0a-3 (closed #815305)
  • sphinx-argparse/0.1.15-2 (closed #827813)
  • vcr.py/1.7.3-2 [RFA]
  • pyinfra/0.1~dev26-1
  • pyomo/4.3.11388-1
  • pyomo/4.3.11388+git20160622.d3e3f0a-1 (closed #823306)
  • python-bcrypt/3.0.0-1 (gladly closed #824952)
  • pydocstyle/1.0.0-3 (ship transition script /usr/bin/pep257)
  • pep8-naming/0.4.1-1
  • afl/2.17b-1
  • pep8-naming/0.4.1-2
  • manuel/1.8.0-5 (team upload)

New packages:

  • python-jsontest/1.2-1 (needed for the Pyinfra tests)

Sponsored Uploads:

  • dwarfutils/20160507+git20160523.9086738-1 (new shared library and several CVE fixes)
  • dwarfutils/20160507+git20160523.9086738-2
  • dwarfutils/20160613-1 (closed #827382, patched for reproducible builds)
  • dwarfutils/20160613-2 (closed #827921, now co-installable with libdw-dev)
  • dwarfutils/20160613-3 (upload to unstable)
  • squirrel3/3.1-3 (closed #828963)

Again some further ahead with these ones.

The "new package of the month" is going to be Theano. I'm still working on the introduction, it'll come hereafter very soon.

Categories: Elsewhere

Reproducible builds folks: Reproducible builds: week 61 in Stretch cycle

Planet Debian - Sun, 03/07/2016 - 23:37

What happened in the Reproducible Builds effort between June 19th and June 25th 2016.

Media coverage
  • Holger Levsen gave a talk at openSUSE Conference 2016 explaining the general idea and status of Reproducible Builds. This talk is available as video recording.

  • This was followed by Bernhard Wiedemannn, detailing his work on Reproducible Builds for openSUSE which is also available as video recording:

    • openSUSE uses SOURCE_DATE_EPOCH now too
    • How to create bit-for-bit identical RPMs
    • How strip-nondeterminism is Python and thus unsuitable for the openSUSE base system
  • Mozilla awarded $77k to work on reproducible builds for Tails. The goal is to enable anyone (given sufficient technical skills and hardware resources) to rebuild from source a given Tails release, in order to independently verify that it matches the ISO image that was published. A substantial part of this work will be done in Debian: for example, to make the side-effects of some packages' post-installation scripts deterministic. On the longer term, this work should benefit other projects that want to make their own builds reproducible (e.g. operating system images for the cloud and embedded systems, operating system installation media, other Live systems).

GSoC and Outreachy updates Toolchain fixes Other upstream fixes

Emil Velikov searched on IRC for hints on how to guarantee unique values during build to invalidate shader caches in Mesa, when also no VCS information is available. A possible solution is a timestamp, which is unique enough for local builds, but can still be reproducible by allowing it to be overwritten with SOURCE_DATE_EPOCH.

Packages fixed

The following 9 packages have become reproducible due to changes in their build dependencies:

cclib librun-parts-perl llvm-toolchain-snapshot python-crypto python-openid r-bioc-shortread r-bioc-variantannotation ruby-hdfeos5 sqlparse

The following packages have become reproducible after being fixed:

Some uploads have fixed some reproducibility issues, but not all of them:

Patches submitted that have not made their way to the archive yet:

  • #827684 against cgoban by Chris Lamb: set SHELL to static value.
  • #827731 against tin by Alexis Bienvenüe: drop patch which overwrites __DATE__/__TIME__ macros, since gcc can handle it now
  • #827863 against swedish by Alexis Bienvenüe: use C locale for sorting.
  • #827987 against glances by Chris Lamb: Use SOURCE_DATE_EPOCH for embedded timestamp.
  • #827994 against cmtk by Chris Lamb: use C locale for sorting.
  • #828008 against aghermann by Chris Lamb: honour SOURCE_DATE_EPOCH for timestamps embedded into manpages.
  • #828012 against bind9 by Chris Lamb: honour SOURCE_DATE_EPOCH for embedded timestamp.
  • #828017 against frog by Chris Lamb: don't include pyc/pyo files in the package.
  • #828021 against extra-cmake-modules by Scarlett Clark: normalize permission and file order in tarballs.
  • #828060 against libffado by Chris Lamb: exclude file with test output from package.
  • #828066 against gsmlib by Chris Lamb: honour SOURCE_DATE_EPOCH for timestamps embedded into manpages.
  • #828067 against grib-api by Chris Lamb: exclude pyc files from package.
  • #828122 against libxmlbird by Chris Lamb: sort list of globbed files.
  • #828123 against magnum by Chris Lamb: use static value for embedded hostname.
  • #828131 against pyjwt by Chris Lamb: exclude coverage data from package.
  • #828145 against mkdocs by Chris Lamb: honour SOURCE_DATE_EPOCH for embedded timestamp.
  • #828164 against zeal by Chris Lamb: use UTC for embedded timestamp.
  • #828168 against x42-plugins by Daniel Shahaf: use printf instead of non-portable echo.
Package reviews

139 reviews have been added, 20 have been updated and 21 have been removed in this week.

New issues found:

53 FTBFS bugs have been reported by Chris Lamb, Santiago Vila and Mateusz Łukasik.

diffoscope development Quote of the week

"My builds are so reproducible, they fail exactly every second time." — Johannes Ziemke (@discordianfish)


This week's edition was written by Chris Lamb (lamby), Reiner Herrmann and Holger Levsen and reviewed by a bunch of Reproducible builds folks on IRC.

Categories: Elsewhere

Joey Hess: twenty years of free software -- part 7 git-annex

Planet Debian - Sun, 03/07/2016 - 22:10

My first Haskell program, and the only software I've written that was inspired by living in a particular place, git-annex has received the lion's share of my time for five years.

It was written just to solve my own problem, but in a general way, that turned out to be useful in lots of other situations. So over the first half a year or so, it started attracting some early adopters who made some very helpful suggestions.

Then I did the git-annex assistant kickstarter, and started blogging about each day I worked on it. Four years of funding and seven hundred and twenty one posts later, the git-annex devblog is still going. So, I won't talk about technical details in this post, they've all been covered.

One thing I wondered when starting git-annex -- besides whether I would be able to write it in Haskell at all -- was would that prevent it from getting many patches. I count roughly 65 "thanks" messages in the changelog, so it gets perhaps one patch contributed per month. It's hard to say if that's a lot or a little.

Part of git-annex is supporting various cloud storage systems via "special remotes". Of those not written by me, only 1 was contributed in Haskell. Compare with 13 that use the plugin system that lets other programming languages be used.

The other question about using Haskell is, did it make git-annex a better program. I think it did. The strong type system did prevent plenty of bugs, although there have still been some real howlers. The code is still not taking full advantage of the power of Haskell's type system, on the other hand it uses many Haskell libraries that do leverage the type system more. I've done more small and large refactorings of git-annex than on any other program I've written, because the strong types and referential transparency makes refactoring easier and safer in Haskell.

And the code has turned out to be much more flexible, for all its static types, than the kind of code I was writing before. Examples include building the git-annex assistant, which uses the rest of git-annex as a library, and making git-annex run actions concurrently, thanks to there being no global variables to complicate things (and excellent support for concurrency and parallelism in Haskell).

So: Glad I wrote it, glad I used Haskell for it, estatic that many other people have found it useful, and astounded that I've been funded to work on it for four years.

Next: ?twenty years of free software -- part 8 github-backup

Categories: Elsewhere

Iustin Pop: A relaxation week

Planet Debian - Sun, 03/07/2016 - 22:03
A (forced) relaxation week

This was an interesting week, much more so than I expected.

The start of the week was the usual: on Monday a run, although at an easier pace after Sunday's longer indoor bike ride, on Tuesday a 30Km outside bike ride (flat, on road, with a mountain bike so not fast at all).

On Wednesday however, I had a planned "intervention" at my dentist—bone reconstruction (or regeneration, not sure what the right term is for the implantation of scaffolding). The dentist told me I won't be allowed to do sports, especially in the first few days after the procedure, so I knew I will have to take it easy; easy bike rides are fine, but not anything more (e.g. especially not running).

The procedure went well and after that I went to work (the dentist looked at me in a funny way when I mentioned I'm not going home but instead back to work). There was a bit of pain a couple of hours after the local anaesthesia went away, but the painkillers did work, so I was able to function somewhat OK. Laughing was the only thing that caused pain, so I tried to be very serious; didn't work well…

On Thursday morning however, I did feel funny and when I looked into the mirror, I got a shock. The affected side of my face was heavily swollen, and I was feeling as bad as I looked. I had a followup checkup at the dentist, so I went there, and they told me “Oh, this is normal. Bone reconstruction is much more difficult on the body as opposed to extraction, since the body actually has to rebuild stuff, instead of just healing the wound. And yes, you should just go back home and take the day off!”. OK, logically that explanation makes sense, but my dental extraction had a very predictable pain/recovery curve (spike right at the extraction, plateau for that day, then slow recovery that went to faster recovery after a few days). This procedure was very different, with the first day easy, and the second day much worse. The dentist continued “Oh, and by the way, expect this to be worse in the morning, as the body can work all night; also, this should go away by itself over the weekend, so let's meet again on Monday.”

At this point I realised than “I'm not allowed to do sports” is not by doctor's orders, but rather “my condition doesn't allow me to do sport”. Sad panda ☹

Friday was even worse; my face was swollen in a different way, such that I looked even more like a monster from the Witcher games. I had to stay at home again, not being able to do much, as the painkillers I got were mostly ineffective. From my usual ~10K steps a day (or more if I run), my Friday was a paltry sub-2K step day. The only thing I was able to do was watch anime. I found Log Horizon to be a pretty interesting anime, much more so than what the synopsis said; the ramification on politics and how to interaction between the two cultures unfolded was much more in-depth than I presumed. Didn't finish it yet, so this is a partial but very strong recommendation for it. Besides watching stuff, I also went to the shop to buy some food, which turned out to be an excuse for "junk food foraging!". The pain took my willpower away and instead of the planned and short grocery list, I found myself with lots of chocolate and ice cream on my hands. Funny how the brain works…

On Saturday I was a bit better; the swelling went partially away, so if you squinted you could pretend I look my normal-ugly, not the monster-ugly from before. I was able to go outside of the house, do some shopping, etc. so I was able to go back to a ~9K steps day. I also stopped taking painkillers since anyway they weren't of much help, and kept myself entertained with movies and other stuff (cough cough Grim Dawn…, since it's a mindless click-kill-loot-repeat ARPG that one can play even when only partially functional).

Today (Sunday) was swelling was slightly worse; however, I was feeling well enough to try to go back on the bike trainer (the first three days of "no sports" were over), and planned to do a slow/relaxing one hour Zwift ride. Right, as all the people who ever tried this, it works as long as only fast people overtake you (since you can't catch them anyway), or as long as you don't get to sprint sections. I did slightly improve my Watopia 300m sprint personal record (29.20s → 28.29s), which was good enough. After the first lap I took it easier—as in had to, since I was not really in shape. I was in any case very glad about ending my 4 days long break from sports!

So, my dentist was right indeed. The swelling did by and large clear up over the weekend (although I'll have to see how tomorrow will be), and was also right about how much more difficult this was. On one hand makes sense (growing bone does sound complex), on the other hand, I couldn't imagine that the body works so hard that it puts you out. The dentist was however slightly wrong with the “you should not do any strenuous activity, especially in the first three days”; they should have said, “ha ha, you'll be flat out for the first days, take it easy and enjoy the painkillers” instead.

Looking forward now to get back into my regular routine; relaxation is good, but only when done by choice—like most things in life ☺

Categories: Elsewhere

Jonathan McDowell: Confirming all use of an SSH agent

Planet Debian - Sun, 03/07/2016 - 17:55

For a long time I’ve wanted an ssh-agent setup that would ask me before every use, so I could slightly more comfortable forward authentication over SSH without worrying that my session might get hijacked somewhere at the remote end (I often find myself wanting to pull authenticated git repos on remote hosts). I’m at DebConf this week, which is an ideal time to dig further into these things, so I did so today. As is often the case it turns out this is already possible, if you know how.

I began with a setup that was using GNOME Keyring to manage my SSH keys. This isn’t quite what I want (eventually I want to get to the point that I can sometimes forward a GPG agent to remote hosts for signing purposes as well), so I set about setting up gpg-agent. I used Chris’ excellent guide to GnuPG/SSH Agent setup as a starting point and ended up doing the following:

$ echo use-agent >> ~/.gnupg/options $ echo enable-ssh-support >> ~/.gnupg/gpg-agent.conf $ sudo sed -i.bak "s/^use-ssh-agent/# use-ssh-agent/" /etc/X11/Xsession.options $ sudo rm /etc/xdg/autostart/gnome-keyring-ssh.desktop

The first 2 commands setup my local agent, and told it to do SSH agent foo. The next stopped X from firing up ssh-agent, and the final one prevents GNOME Keyring from being configured to be the SSH agent, without having to remove libpam-gnome-keyring as Chris did. After the above I logged out of and into X again, and could see ~/.gnupg/S.gpg-agent.ssh getting created and env | grep SSH showing SSH_AUTH_SOCK pointing to it (if GNOME Keyring is still handling things it ends up pointing to something like /run/user/1000/keyring/ssh).

After this it turned out all I need to do was ssh-add -c <ssh keyfile>. The -c says “confirm use” and results in the confirm flag being appended to the end of ~/.gnupg/sshcontrol (so if you’ve already done the ssh-add you can go and add the confirm if that’s the behaviour you’d like).

Simple when you know how, but I’ve had conversations with several people in the past who wanted the same thing and hadn’t figured out how, so hopefully this is helpful to others.

Categories: Elsewhere

Joey Hess: Hacker Holler

Planet Debian - Sun, 03/07/2016 - 17:50

A quiet place in which to get away and code is all I was looking for when I moved here. I found much more, but that's still the essence of the place.

On returning home from the beach, I've just learned that after several years renting this house, I will soon have to leave, or buy it.

The house is an EarthShip, tucked away in its own private holler (as we say here in the Appalachian Mtns of Tennessee), below a mountain that is National Forest, two miles down back roads from a river.

A wonderful place to relax and code, but developing only free software for twenty years doesn't quite stretch to being able to afford buying this kind of place.

But, I got to thinking of times friends were able to visit me here. Grilling over wood fires with friends from Debian. Steep hikes and river swims. Sharing dialup bandwidth between our Linux laptops. A bunch of us discussing Haskell in the living room at midnight. And too, I've many times talked about the place with someone who got a gleam in their eye, imagining themselves living there.

And then there's my Yurt, my relief valve before I moved here. And a great spot I like to visit on an old logging road above a creek.

Could we put all this together somehow? Might a handful of my friends be able to contribute somewhere in the range of $10 thousand to buy in?

Interested? Want more details? Have ideas?
Visit the Hacker Holler website and get in touch.

(Limited to folks I've met in person or spent a lot of time online with.)

Categories: Elsewhere

Elena 'valhalla' Grandi: Debconf streaming and kudos to the video team

Planet Debian - Sun, 03/07/2016 - 15:56
Debconf streaming and kudos to the video team

With http://debconf16.debconf.org/ being in South Africa, a lot of people (like me) probably weren't able to attend and are missing the cheese and wine party, mao games and general socialization that is happening there.

One thing we don't have to miss, however, are the talks: as usual the video team https://wiki.debconf.org/wiki/DebConf16/Videoteam is doing a great job recording and https://debconf16.debconf.org/video/live-streaming/ all talks so that people can still participate a bit from their home.

What they do, however, requires a lot of manpower, so if you are attending Debconf please consider volunteering https://wiki.debconf.org/wiki/Videoteam/roles_for_volunteers to help: from my experience last year they are very nice people who are welcoming towards new contributors and they have periodical training sessions to help people getting started with the various tasks. More informations about video team meetings and training session are in the topic of the IRC channel, #debconf-video@OFTC.

I don't think there are cookies involved (which just proves that the video team isn't evil), but you may get a t-shirt and you will get a warm fuzzy feeling of having helped people around the world.

@Debian #debconf
Categories: Elsewhere

Petter Reinholdtsen: How to use the Signal app if you only have a land line (ie no mobile phone)

Planet Debian - Sun, 03/07/2016 - 14:20

For a while now, I have wanted to test the Signal app, as it is said to provide end to end encrypted communication and several of my friends and family are already using it. As I by choice do not own a mobile phone, this proved to be harder than expected. And I wanted to have the source of the client and know that it was the code used on my machine. But yesterday I managed to get it working. I used the Github source, compared it to the source in the Signal Chrome app available from the Chrome web store, applied patches to use the production Signal servers, started the app and asked for the hidden "register without a smart phone" form. Here is the recipe how I did it.

First, I fetched the Signal desktop source from Github, using

git clone https://github.com/WhisperSystems/Signal-Desktop.git

Next, I patched the source to use be able to talk to other Signal users using

cat <<EOF | patch -p0 diff -ur ./js/background.js userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/0.15.0_0/js/background.js --- ./js/background.js 2016-06-29 13:43:15.630344628 +0200 +++ userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/0.15.0_0/js/background.js 2016-06-29 14:06:29.530300934 +0200 @@ -47,8 +47,8 @@ }); }); - var SERVER_URL = 'https://textsecure-service-staging.whispersystems.org'; - var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com'; + var SERVER_URL = 'https://textsecure-service-ca.whispersystems.org:4433'; + var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments.s3.amazonaws.com'; var messageReceiver; window.getSocketStatus = function() { if (messageReceiver) { diff -ur ./js/expire.js userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/0.15.0_0/js/expire.js --- ./js/expire.js 2016-06-29 13:43:15.630344628 +0200 +++ userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/0.15.0_0/js/expire.js2016-06-29 14:06:29.530300934 +0200 @@ -1,6 +1,6 @@ ;(function() { 'use strict'; - var BUILD_EXPIRATION = 0; + var BUILD_EXPIRATION = 1474492690000; window.extension = window.extension || {}; EOF

The first part is changing the servers, and the second is updating an expiration timestamp. This timestamp need to be updated regularly. It is set 90 days in the future by the build process (Gruntfile.js). The value is seconds since 1970 times 1000, as far as I can tell.

Based on a tip and good help from the #nuug IRC channel, I wrote a script to launch Signal in Chromium.

#!/bin/sh cd $(dirname $0) mkdir -p userdata exec chromium \ --proxy-server="socks://localhost:9050" \ --user-data-dir=`pwd`/userdata --load-and-launch-app=`pwd`

The script set start the app and configure Chromium to use the Tor SOCKS5 proxy to make sure those controlling the Signal servers (today Amazon and Whisper Systems) as well as those listening on the lines will have a harder time location my laptop based on the Signal connections if they use source IP address.

When the script starts, one need to follow the instructions under "Standalone Registration" in the CONTRIBUTING.md file in the git repository. I right clicked on the Signal window to get up the Chromium debugging tool, visited the 'Console' tab and wrote 'extension.install("standalone")' on the console prompt to get the registration form. Then I entered by land line phone number and pressed 'Call'. 5 seconds later the phone rang and a robot voice repeated the verification code three times. After entering the number into the verification code field in the form, I could start using Signal from my laptop.

As far as I can tell, The Signal app will leak who is talking to whom and thus who know who to those controlling the central server, but such leakage is hard to avoid with a centrally controlled server setup. It is something to keep in mind when using Signal - the content of your chats are harder to intercept, but the meta data exposing your contact network is available to people you do not know. So better than many options, but not great. And sadly the usage is connected to my land line, thus allowing those controlling the server to associate it to my home and person. I would prefer it if only those I knew could tell who I was on Signal. There are options avoiding such information leakage, but most of my friends are not using them, so I am stuck with Signal for now.

Categories: Elsewhere

Frederic Marand: MongoDB 8.x-2.0-alpha1 released

Planet Drupal - Sun, 03/07/2016 - 12:52

On behalf of all contributors to the MongoDB module suite for Drupal over the years, I am pleased to announce the 8.x-2.0-alpha1 release of the MongoDB package for Drupal 8, six years after we started this project on Drupal 6.

This release is the first step to an initial stable release of the MongoDB package for Drupal 8, containing:

  • mongodb a module exposing the new PHP library as Symfony services exposed to a Drupal 8.x instance. It is designed as a minimal and consistent connection layer on top of the PHP library for MongoDB, for all modules targeting MongoDB on Drupal 8.x, be they contributed or bespoke.
  • mongodb_watchdog a PSR-3 logger storing event data in MongoDB. On top of the features already present in 6.x and 7.x versions, it introduces a per-request report showing all events logged during a request, in order.

read more

Categories: Elsewhere

Holger Levsen: I won't be going to DebConf16

Planet Debian - Sun, 03/07/2016 - 11:49

With great sadness I'm acknowledging and announcing that I won't be going to DebConf16 today, due to sudden health issues (which should be ok soon). Seeing the first pictures on planet Debian a few minutes ago made me very very sad, but still didn't change my mind.

Have a whole lot of fun in Cape Town, have great discussions in corridors and while hiking, enjoy the talks and the workshops and hugs to everyone who wants to be hugged. I'll follow online from the distance…

I('ll) miss you.

Categories: Elsewhere

Paul Wise: DebConf16 Open Festival day 1

Planet Debian - Sun, 03/07/2016 - 07:17

Today was day one of the DebConf16 Open Festival and I attended the open hardware panel, part of the talk about Code For South Africa, shirish's experiences and the DebConf new folks session.

The open hardware panel was a wide ranging discussion between bdale, Andy and indiebio. bdate talked about the experiences he has had with his rocketry hardware. bdale said "Make concious decisions about what you are buying", referencing a case where he investigated, found a GPL violation and didn't buy. Various people care about openness of different layers of the hardware. Off-the-shelf products are very strongly integrated, which is great for makers but means that people who care about lower layers like CPU micro-architecture aren't able to participate. Andy said "We are just beginning to come out of the shareware stage [of open hardware]". bdale mentioned the companies who do hardware production as a service from design files. Later in the pub some folks mentioned j-core, an open re-implementation of SuperH processors.

I missed most of the code4sa talk unfortunately, but it was about government services and open data.

shirish covered his journey through life to Debian. His youth, how satellite TV and knowledge of the outside world came to India around the time of the Iraq war. His experience accessing the Internet for the first time, uncensored vs the usual censorship in India's media. His experiences of Windows 95 viruses and crashes. He learned of PCTwist Linux through a magazine cover. His initial install was not a success but eventually managed to break through and install a desktop, but experienced network and other issues. Eventually he encountered Ubuntu and began contributing bug reports. His experiences there led him to Debian. He began blogging about Debian. In the last few years he and others have been going around the country doing mini-DebConfs at institutes around India. The first question was predictably about having a DebConf in India and how shirish might like to get more involved. DebConf in India sounds like a possibility some day and shirish was thinking about getting involved in publicity, marketting and the Debian installer.

The DebConf new folks session was a great intro to DebConf for folks new to the community. There were some quite excellent touches added to this year's version of the event by indiebio and Rhonda.

I also got some things done. Usual spam reporting. Reviewed wiki RecentChanges. Talked to the chromium-bsu/MacPorts maintainer about AX_CHECK_GL brokenness. Filed Debian wishlist bug #829292 asking to update autoconf-archive. Redirected a Hurd porterbox request to the exodar admin and quickly found out I was wrong to do that, rectified. Then we found out the LDAP sync to exodar was broken. Replied to someone who intends to sell Debian pre-installs. Thanked BunsenLabs folks for joining the derivatives list. Applied reproducible builds patch for cats from Chris Lamb. Heard about awesome new terminal-mode screensaver. Moo! Prepared a blog post about check-all-the-things.

Categories: Elsewhere

Russ Allbery: Review: Coming Home

Planet Debian - Sun, 03/07/2016 - 06:55

Review: Coming Home, by Jack McDevitt

Series: Alex Benedict #7 Publisher: Ace Copyright: November 2014 Printing: November 2015 ISBN: 0-425-26088-7 Format: Mass market Pages: 356

Coming Home is a direct sequel to Firebird, the first time McDevitt has done that in this series. You therefore don't want to start here, although the nature of the sequel doesn't require that you remember Firebird in that much detail.

The mystery of the disappearing starships was understood in Firebird but not resolved. The title advertises that as a major theme in this book, but it progresses very slowly. There's more media bickering and various factional attempts to draw Alex (and, to a lesser extent, Chase) into the controversies. McDevitt does a good job writing popular media, the strange position of public intellectual and talk-show favorite, and the way this filters into popular arguments. But with Alex trying to take a nuanced and unsure position and with a lot of talk but little action, it's not the most compelling reading.

Coming Home holds to form in balancing a mystery and a second plot. Since the starship problem is understood, it can't be the central mystery of the book. That role is taken by the discovery of communication device from the very early days of space flight, which takes Alex and Chase to Earth for the first time in this series (at least that I can recall). This time, the search is for a legendary trove of historical artifacts that was moved from a space flight museum in Florida when the ocean rose to cover the state. From there, its location was lost in the middle of a general economic collapse called the Time of Troubles that destroyed most of Earth's governmental systems (and, apparently rather more importantly to McDevitt, the space program).

Anyone who has gotten this far in the series will know the standard problem with McDevitt's futures: they're indistinguishable from the 1960s except that they have flying cars. There is a tiny break from that tradition here, since climate change has clearly happened to Earth, covering Florida with the ocean and shifting the major cities north. But the sense of deep history that McDevitt is trying for in this series doesn't work: I just don't believe as much time has gone by as the story claims. He does offer an explanation for why technology has been stagnant for apparently millennia, but it's just a contention that science ran out of more things to discover due to authorial fiat and is now just a matter of engineering and step-wise refinement. (I think the science behind the disappearing starships happening in this very same book undermines that contention considerably.)

Even if one can put that aside, Earth is, well, boring. This is partly an intriguing stylistic choice by McDevitt: Earth is intended to be just one more world. It might have a longer history than many other human-occupied worlds, but history is so long everywhere that this only matters to a few people like Alex and Chase. The choice makes sense, but it doesn't make a good story. And there are other things that I flatly didn't believe, such as the supposed isolation of Earth from the communication network of Alex's home world of Rimway for... no apparent reason other than that different communication networks don't talk to each other except via, essentially, letters. Even if one is willing to ignore the mysterious failure of forward progress in technology, this makes no social or engineering sense given the capabilities already shown in the series.

I found the main mystery at best mildly interesting. McDevitt does a good job showing the research and investigation process, with all its tedium and dead ends, but I wasn't as invested in the search as he wanted me to be. The endless space boosterism started getting on my nerves, as it so often does in science fiction of a certain type, and I had a much harder time swallowing McDevitt's Earth than his fictional Rimway. I will give him credit for a surprisingly affecting conclusion of the main mystery, but the missing starship subplot putters to an undistinguished end.

I think this series is running out of steam. It's become increasingly formulaic, and the characters, like McDevitt's future technology, have stopped developing. I was hoping the reunion foreshadowed since Firebird would shake things up, but at least in this book it doesn't. Maybe it will in subsequent books, but I'm starting to question whether I really want to keep reading.

Rating: 5 out of 10

Categories: Elsewhere


Subscribe to jfhovinne aggregator - Elsewhere