The monthly Drupal core bug fix release window is scheduled for this Wednesday. However, the last release was a month ago and this is DrupalCon week, so there won't be a bug fix release this month. Enjoy DrupalCon (those of you who are there)!
Upcoming release windows include:
- Wednesday, June 18 (security release window)
- Wednesday, July 2 (bug fix release window)
I'm on the plane headed to my 4th DrupalCon, and this one is looking like a good time.
So much is happening this year. Drupal 8 is getting closer and closer to release, more and more Drupal businesses and services are being launched, and we continue to develop our Drupal products.
While my session on DevShop wasn't accepted, I am personally involved in a lot of BoF sessions this year.Drupal.org & GitHub, Living in Harmony: HubDrop.io
On Tuesday, I'll be discussing the future of Drupal.org and GitHub integration via HubDrop.io, our git-mirror-as-a-service. If you are interested in moving your module development to GitHub, but want to keep the code going to drupal.org to keep integrated with it's release system, than HubDrop is for you.
We will chat about what HubDrop is, what it will be in the future, and we'll fan the long-running flamewar over whether drupal code hosting should just move to GitHub.
Room 10A (Ashday), 3rd floor. Tuesday - 5:00 to 6:00The Great Multisite Debate
This BoF session was spawned by what I thought was a simple question posted on Twitter:May 16, 2014
After a flurry of replies, Jakub Suchy from Acquia suggested to continue the conversation as a DrupalCon BoF.
Apparently I touched on a controversial subject!
Multisite is a powerful (some would say dangerously so) feature of Drupal that let's you host many sites pointed at a single codebase on a server, and the Drupal hosting as a service companies out there are starting to offer multisite and multisite-like services.
Aegir is built on the concept of multisite, but it's not a requirement to use it.
During a temporary lapse in judgement, I offered to moderate this throwdown, so wish me luck.
Expect to see representatives from the Aegir project, Pantheon, Acquia, and more. It's bound to be a spirited debate!
Room 8A - JustDigital | 3rd floor. Thursday · 10:45-11:45Aegir Hosting Project
Now that I've been invited to become a maintainer of the Aegir project, Christopher Gervais (the aegir lead) has invited me to join him at the Birds of a Feather session.
Come see what's new in Aegir 3, chat with other aegir users, and talk about what might be in store for the future.
Room 8B - Unicon | 3rd floor. Thursday · 02:15-03:15Future of DevShop, Aegir, & Open Cloud Software
As an alternative to my session on DevShop, I've scheduled a BoF on the future of DevShop. I'd like to have a conversation about what people are interested and where things could go from here.
As the year progresses I plan on releasing more tools for Aegir & DevShop for cloud management.
If you haven't heard of DevShop yet, go read my session proposal: DevShop: Drupal DevOps in a Box
So the BoFs are certainly where it is at this year. I hope to see you there. Please don't be afraid to get in touch if you'd like to meetup beyond the BoFs!
Tags: Planet DrupalDrupalCon
You’ve probably come across this situation before. When visiting a certain site, you see a browser warning that the website is using mixed content — both HTTP and HTTPS together.
Avoiding mixed content is nothing new to some web developers, but read on if you’re looking for a quick fix to prevent both mixed content warnings and CSRF attacks, which are the underlying reason why browsers have those warnings in the first place.Introducing HSTS
If you follow my blog closely, you noticed that I skipped all my usual monthly summaries in 2014. It’s not that I stopped doing free software work, instead I was just too busy to be able to report about what I did. As an excuse, let me tell you that we just moved into a new house which was in construction since may last year.
The lack of visible activity on my blog resulted in a steady decrease of the amount of donations received (January: 70.72 €, February: 71.75 €, March: 51.25 €, April: 39.9 €, May: 40.33 €). Special thanks to all the people who kept supporting my work even though I stopped reporting about it.
So let’s fix this. This report will be a bit less detailed since it covers the whole period since the start of the year.Debian France
Preparations related to general assemblies. The year started with lots of work related to Debian France. First I took care of setting up limesurvey with Alexandre Delanoë to handle the vote to pick our new logo:
I also helped Sylvestre Ledru to finalize and close the accounting books for 2013 in preparation for the general assembly that was due later in the month. I wrote the moral report of the president to be presented to the assembly. And last step, I collected vote mandates to ensure that we were going to meet the quorum for the extraordinary assembly that was planned just after the usual yearly assembly.
The assemblies took place during a two days mini-debconf in Paris (January 17-18) where I was obviously present even though I gave no talk besides announcing the logo contest winner and thanking people for their participation.
It’s worth noting that the extraordinary assembly was meant primarily to enshrine in our bylaws the possibility to act as a trusted organization for Debian. This status should be officialized by the Debian project leader (Lucas Nussbaum) in the upcoming weeks since we answered satisfactorily to all questions. Our paypal donation form and the accounting tools behind it are ready.
Galette packaging and members map. I managed to hand over the package maintenance of galette to François-Régis Vuillemin. I sponsored all his uploads and we packaged a new plugin that allows to create a map with all the members who accept to share their location. The idea was to let people meet each other when they don’t live far away… with the long term goal to have Debian France organized activities not only in Paris but everywhere in France.
New contributor game. Last but not least, I organized a game to encourage people to do their first contribution to Debian by offering them a copy of my book if they managed to complete a small Debian project. We got many interesting projects but the result so far seem to be very mixed. Many people did not complete their project (yet)… that said for the few that did substantial work, it was rather good and they seem to be interested to continue to contribute.
Debian France booth at Solutions Linux in Paris. Like each year, I spent two days in Paris to help man the Debian France booth at Solutions Linux. We had lots of goodies on sale and we made more than 2000 EUR in earnings during the two days. I also used this opportunity to try to convince companies to support the new Debian LTS effort.The Debian Administrator’s Handbook
In the last days of 2013, we released the wheezy update of the book. Then I quickly organized everything needed so that the various translation teams can now focus their efforts on the latest release of the book.
Later (in February) I announced the availability of the French and Spanish translations.Debian Squeeze LTS
When the security team called for help to try to put in place long term support for Squeeze, I replied positively because I’m convinced that it’s very important if Debian wants to stay an acceptable choice in big deployments and because I knew that some of my customers would be interested…
Thus I followed all the discussions (on a semi-private list first and then on firstname.lastname@example.org) and contributed my own experience. I have also taken up the responsibility to coordinate with the Debian contributors who can be hired to work on Squeeze LTS so that we have a clear common offer for all the companies who have offered financial support towards Squeeze LTS. Expect further news on this front in the upcoming days/weeks.Tryton
I have been a long time user of SQL-Ledger to manage the accounting of my company Freexian. But while the license is free software, the project is not. It’s the work of a single developer who doesn’t really accept help. I have thus been considering to move to something else for a long time but never did anything.
This year, after some rough evaluation, I decided to switch to Tryton for my company. It’s probably not a wise choice from a business perspective because that migration took me many hours of unpaid labor but from a free software perspective it’s definitely better than everything else I saw.
I contributed a lot of bug reports and a few patches already (#3596, #3631, #3633, #3665, #3667, #3694, #3695, #3696, #3697) mainly about problems found in the French chart of accounts but also about missing features for my use case.
I also accepted to sponsor Matthias Berhle, who is maintaining the official Debian packages of Tryton. He’s already a Debian maintainer so it’s mainly a matter of reviewing new source packages and granting him the required rights.Misc Debian work
- Updated publican to version 4 and then 4.1.2. Required a new perl module that I requested to the Perl team in
- Updated to python-django-debug-toolbar and python-django-jsonfield for Django 1.6 compatibility.
- Filed bugs on packages depending against linux-image that got dropped (on request of Ben Hutchings)
- Filed #734866 and #734869 against bash/dash to request that they properly drop privileges in setuid context.
- Updated gnome-shell-timer.
- Created “Services” pages on the wiki for the PTS and its replacement.
- Worked on distro-tracker together with the participants of the new contributor game.
- Orphaned feed2omb with #742601.
- Tried in vain to fight against silliness of Debian specific changes in syslinux (see #742836).
- Preliminary EFI support in live-build (see #731709).
- Updated python-django to 1.6.5 in unstable, 1.4.5+deb7u7 in wheezy-security and 1.6.5-1~bpo70+1 to wheezy-backports.
- Sponsored dolibarr, python-suds, a zim backport, a ckeditor NMU to fix an RC bug, libapache2-mod-form, ledgersmb.
- Filed bugs on the fly: #749332 (new upstream release of libjs-jquery-cookie), #749498 (problem with Files-Excluded and https URL for copyright-format 1.0), #747354 (bug in clamav-milter init script), #747101 (git-import-orig should offer a –download option).
- Filed tickets on mirrorbrain to make it work better with Debian mirrors: update to #26 (avoid error 404 on files still available on some mirrors) and #150 (auto-disable outdated mirrors).
See you next month for a new summary of my activities.
For somebody working in a development agency, estimation is a critical part of the job. Different companies handle this process differently, and the method can be anything from a wild guess ("That'll cost around $n") to a very methodic approach.
When I started looking for a lightweight solution of serving a music library over LAN I did not expect so many complications. I expected it not to be a unique need to have something running on a SheevaPlug straight from the Debian repository. Apparently it kind of was.
Debian used to have mt-daapd (popcon: 165), but now it is available from oldstable only and upstream is dead. There is tangerine (popcon: 98) with its Mono dependencies and GUI which seemed to me overkill and more like a demo of a networked application written in Mono than a music library server. The most promising candidate was forked-daapd (popcon: 220) but it was far from being a true winner.
First, it had a series of dead upstreams. At the beginning it was forked from mt-daapd (hence the name) by Julien Blache who also served as the prior Debian maintainer. Then the code base was forked and converted to use Grand Central Dispatch. Then the GCD fork died off slowly as well a few years ago. When I found the package it had been unmaintained for a few years and was based on the GCD branch which prevented building it on many architectures and the server itself was crashing or quitting occasionally.
Luckily there still existed a fork thanks to Espen Jürgensen which was well maintained and could serve as a way out but examining it closely it turned out that it had switched to libevent from GCD but to a version (1.4) which is present only in oldstable! And some say Debian’s software versions are ancient ;-). Moreover it was not simply libevent 1.4-based, but it included some heavily patched parts of it.
Espen also liked the idea of packaging his version in Debian and we extracted the patches to libevent and slowly got them accepted to libevent’s master.
Forked-daapd’s master works best with libevent 2.1.4-alpha, but thanks to Espen the development branch now also works with libevent 2.0.x giving up some performance and a little feature.
This was a long journey, but finally Espen’s forked-daapd became ready for being used as a new upstream of the Debian package thus please welcome 20.0+git20140530+gc740e6e-1, the first version of forked-daapd building on all architectures for a very long time and a prime candidate for being the music library server in Jessie (and wheezy-backports, soon)!
Testing, bug reports are always welcome!
From the package description:forked-daapd is an iTunes-compatible media server, originally intended as a rewrite of Firefly Media Server (also known as mt-daapd). It supports a wide range of audio formats, can stream video to iTunes, FrontRow and other compatible clients, has support for Apple's Remote iPhone/iPod application and can stream music to AirTunes devices like the AirPort Express. It also features RSP support for Roku's SoundBridge devices. Built-in, on-the-fly decoding support enables serving popular free music formats like FLAC, Ogg Vorbis or Musepack to those clients that do not otherwise support them.
DrupalCon Austin 2014 kicks off today in Austin, Texas, at the Austin Convention Center. More than 3,300 people are expected to attend the event, which offers educational and networking opportunities for the mix of developers, designers, IT managers, agencies and Fortune 500 companies that make up the Drupal community.
Changed in version 3.3.1: bufsize now defaults to -1 to enable buffering by default to match the behavior that most code expects. In versions prior to Python 3.2.4 and 3.3.1 it incorrectly defaulted to 0 which was unbuffered and allowed short reads. This was unintentional and did not match the behavior of Python 2 as most code expected.
So it was unintentional it seems that the previous documentation clearly documented the default to be 0 and the implementation matching the documentation. And it was unintentional that it was the only sane value for any non-trivial handling of pipes (without running into deadlocks).
Yay for breaking programs that follow the documentation! Yay for changing such an important setting between 3.2.3 and 3.2.4 and introducing deathlocks into programs.
A few people have observed dropouts using WebRTC, including the new Debian community service at rtc.debian.org
I've been going over some of these problems and made some improvements. If you tried it before and had trouble, please try again (rtc.debian.org is running with some of the fixes already).
In this case, you may see the picture of the other person for a split second and then the websocket link disconnects and JSCommunicator re-initializes itself.
People observing this problem had sometimes found that audio-only calls would work more frequently.
I believe one reason for this problem has been some incorrect handling of the OpenSSL error queue. I posted my observations about this on the resiprocate developer's list and included a fix for it in the recent 1.9.7 release.Call starts, no remote picture appears, call stops after 20 seconds or so
A BYE message usually includes a reason such as this:
Reason: SIP ;cause=200; text="RTP Timeout"
This particular reason (RTP Timeout) may indicate that the TURN server is faulty, not running at all or is not reachable due to one or both users being behind a firewall.
If you experience this problem but some other reason code appears, please share your observations on the repro-users mailing list so it can be improved.
In the first post of this series, we looked at why Symfony is being included in Drupal 8, and what that means for longtime Drupal developers. Now that we've considered the implications, just what is getting incorporated into Drupal?
Drupal is not using Symfony as a full stack framework. Rather, it is taking advantage of specific components. This post is essentially a list of these components with a link and a brief description for each.
Title: High Performance Drupal
Authors: Jeff Sheltren & Narayan Newton
Title: Drupal for Designers & Drupal Development Tricks for Designers
Author: Dani Nordin
Want to use the most awesome version of Drupal on the most awesome Drupal hosting? ;) This guide is for you!Let's Get Started!
First, head to http://www.acquia.com/acquia-cloud-free to set up your new site. This process takes a few minutes, but worry not; you can bide your time watching helpful tutorial videos! Once your site is provisioned, you'll be taken to the Acquia Cloud workflow page.
After two weeks working as OPW intern for Mozilla, it's time for a recap!
What exactly I've been doing in these two weeks?
Yes, this is the thing I'm most proud of.
I'm a bit cheating here, as strictly speaking, since the beginning of the internship I've triaged only
But I've decided to count from the beginning of my activity on bugzilla, at the end of March, since I've started work on that as part of the small contribution required for applying to OPW.
Therefore, it's all OPW related :)
Here's the grand total.
Right now, I've decided to work on an average of 5 bugs a day: it's mostly triage and/or verification, which is quite fun.
It consists in trying to have a more complete and detailed bug report for the developers: asking the right questions to the reporter, ensuring that the bug is filed against the right product or component and all the information about platforms and version are correct.
Or verifying that the bug isn't a duplicate, which involves doing some voodoo with Bugzilla quicksearch (I'm not so good with that yet, mostly because I'm not imaginative enough in the queries... but I'm getting better!)
Sometimes triaging means reading lots of documentation (to be sure that something is a bug and not a feature) and checking meta-bugs and release notes to be able to pinpoint the time when something was introduced and the reasoning behind it.
That takes a lot of time, but it makes you discover some funny things, like the Mighty Bouncing Unicorn.
And while I know it sounds a bit cruel, it's really good when you're verifying a fix and you find it's not totally ok, or that it triggered another bug.
I've been assured that feeling satisfied after that it's an essential part of the sadistic QA work.
This started as a personal project even before knowing I've been selected for OPW, and it's now part of my internship: I've been writing a first draft of FAQ for those who approach for the first time the Bug Triaging and Verifying work in Mozilla.
It meant taking a whole lot of IRC logs and scan them for the most asked questions during bugdays, and you can find here my first draft. I'll send a RFC today about it on dev-quality mailing list and link it to the main Bugdays page.Lessons learned
So, what I've learned in these two weeks?
That I'm pretty good at figuring things alone, but I like to have feedback on what I'm working on.
That testing things is an art, and perfectionism is a big plus.
That there are such things as stupid questions, but you have to ask them nonetheless.
That people in the Mozilla community are quite friendly and not scary at all. Not even in video! :)
I've been thinking about this a lot, and I think I'd like to have
a guide to all the technical terms in the UI (it took me a while to figure out what exactly was the hamburger menu, or understand the difference between awesomebar, search bar and new tab search). This is essential when triaging or verifying theme related bugs, or UI bugs in general.
a big jargon/acronym file: m-c? UX? nightlies? australis? WFM? STR? m-a? Mozilla's people speak another language, especially in bug reports. You get familiar with that after a while, but at first glance can be quite obscure.
They will probably become my next pet project.
Work on the ROS/Blender robotics control pipeline has culminated in the integration of the system with the tiny robotic Einstein head that had been living at Polytechnic University under the watchful eye of the OpenCog group. Back at Hanson Robotics, tiny Einstein was mercilessly ripped apart and his head attached to an absurdly long robot snake neck apparatus that mimics the configuration of the upcoming “Dmitroid” robot system. Once suitably mutated, tiny Einstein was able to make a few statements and even sing a couple of tunes.
Until recently I was very happy with my console mail client, Lumail, thinking I'd written it in a flexible manner, with lots of Lua-callable primitives.
Now I'm beginning to suspect that I might have gone down the wrong path at some point.
The user interface, at startup consists of a list of mailboxes. The intention being that you select a mailbox, and open it. That then takes you to a list of messages. (There is a cool and simple to use option to open the union of multiple mailboxes, which is something I use daily.)
Now the list of mailboxes is sorted alphabetically, so the user interface looks something like this:
Now the issue that triggered my rethink:
- Can it be possible for Lua to sort the maildir list? So I could arbitrarily have the Maildir .people.katy at the top of the list, always?
Sure you think. It's just a list of strings. You could pass an array to a lua on_sort_maildirs function, and then use the returned array/table as teh display order. Simple.
Simple until you realize the user might want to do more than operate solely on the list of strings. Perhaps they wish to put folders with unread messages at the top. At which point you need a "count_unread( maildir )" function. (Which does exist.)
Anyway the realisation I had is that the CMaildir object, on the C++ side, isn't exposed to the Lua-side. So the (useful) member functions which should be exported/visible are not.
Really what I'm trying to say is that I think I've implemented and exported useful Lua primitives, but actually many more parts of the implementation could be usefully exported - but are not, and that comes from the choice I made to expose "things" not "objects". If I'd exposed objects right from the start I'd have been in a better place.
I continued to toy with a basic GUI mail-client last week, but I've pretty much written that off as a useful way to spend my time. For the moment I'll leave email alone, I've done enough and despite niggles what I have is absolutely the best mail client for me.
(It is a shame that Mutt is so heavyweight and hard to deal with, and that notmuch never really took off.)
All people ever say is: thank you (a celebration of life) and please (an opportunity to make life more wonderful). Marshall Rosenberg
I have said "I love you" many times in my life, and many times I have failed to say it, because, for me, it is not an easy thing to say.
It is not easy when I have no idea what the other person will make of it: will they be frightened? Will they feel awkward around me afterwards? Will they disappear from my life?
But do I know what I myself mean when I say it?
I have said "I love you" because I thought you somehow expected it of me. "please, consider me worth of you".
I have said "I love you" to beg for affection. "please, love me back".
I have said "I love you" because I was grateful to you for existing in my life. "thank you".
I now understand why it has not been easy for me to say "I love you" when I was feeling, or imagining, that I had to say it.
I now understand why I have sometimes made myself awkward, as I was begging.
I now understand why, when I said "I love you" out of gratitude, when I said it to celebrate that you exist in my life, that's when I felt no trouble, no fear, and when I felt that my words really were fitting with what I was feeling and what I was wanting to say.