Welcome to Planet openSUSE

This is a feed aggregator that collects what openSUSE contributors are writing in their respective blogs.

To have your blog added to this aggregator, please read the instructions.


Monday
22 May, 2017


face

Weblate has started to use HackerOne Community Edition some time ago and I think it's good to share my experience with that. Do you have open source project and want to get more attention of security community? This post will answer how it looks from perspective of pretty small project.

I've applied with Weblate to HackerOne Community Edition by end of March and it was approved early in April. Based on their recommendations I've started in invite only mode, but that really didn't bring much attention (exactly none reports), so I've decided to go public.

I've asked for making the project public just after coming from two weeks vacation, while expecting the approval to take some time where I'll settle down things which have popped up during vacation. In the end that was approved within single day, so I was immediately under fire of incoming reports:

Reports on HackerOne

I was surprised that they didn't lie - you will really get huge amount of issues just after making your project public. Most of them were quite simple and repeating (as you can see from number of duplicates), but it really provided valuable input.

Even more surprisingly there was second peak coming in when I've started to disclose resolved issues (once Weblate 2.14 has been released).

Overall the issues could be divided to few groups:

  • Server configuration such as lack of Content-Security-Policy headers. This is certainly good security practice and we really didn't follow it in all cases. The situation should be way better now.
  • Lack or rate limiting in Weblate. We really didn't try to do that and many reporters (correctly) shown that this is something what should be addressed in important entry points such as authentication. Weblate 2.14 has brought lot of features in this area.
  • Not using https where applicable. Yes, some APIs or web sites did not support https in past, but now they do and I didn't notice.
  • Several pages were vulnerable to CSRF as they were using GET while POST with CSRF protection would be more appropriate.
  • Lack of password strength validation. I've incorporated Django password validation to Weblate hopefully avoiding the weakest passwords.
  • Several issues in authentication using Python Social Auth. I've never really looked at how the authentication works there and there are some questionable decisions or bugs. Some of the bugs were already addressed in current releases, but there are still some to solve.

In the end it was really challenging week to be able to cope with the incoming reports, but I think I've managed it quite well. The HackerOne metrics states that there are 2 hours in average to respond on incoming incidents, what I think will not work in the long term :-).

Anyway thanks to this, you can now enjoy Weblate 2.14 which more secure than any release before, if you have not yet upgraded, you might consider doing that now or look into our


Sunday
21 May, 2017


face

The annual openSUSE Conference 2017 is upcoming! Next weekend it will be again in the Z-Bau in Nuremberg, Germany.

The conference program is impressive and if you can make it, you should consider stopping by.

Stefan Schäfer from the Invis server project and me will organize a workshop about openSUSE for Small and Medium Business (SMB).

SMB is a long running concern of the heart of the two of us: Both Stefan, who even does it for living, and me have both used openSUSE in the area of SMB for long and we know how well it serves there. Stefan has even initiated the Invis Server Project, which is completely free software and builds on top of the openSUSE distributions. The Invis Server adds a whole bunch of extra functionality to openSUSE that is extremely useful in the special SMB usecase. It came a long way starting as Stefans own project long years ago, evolving as proper maintained openSUSE Spin in OBS with a small, but active community.

The interesting question is how openSUSE, Invis Server and other smaller projects like for example Kraft can unite and offer a reliable maintained and comprehensive solution for this huge group of potential users, that is now locked in to proprietary technologies mainly while FOSS can really make a difference here.

In the workshop we first will introduce the existing projects briefly, maybe discuss some technical questions like integration of new packages in the openSUSE distributions and such, and also touch organizational question like how we want to setup and market openSUSE SMB.

Participants in the workshop should not expect too much presentation. We rather hope for a lively discussion with many people bringing in their projects that might fit, their experiences and ideas. Don’t be shy 🙂

 

 



Saturday
20 May, 2017


face

Dear Tumbleweed users and hackers,

What a bad decision of mine to include snapshot 0510 in the review before it hit the mirrors. Now I have barely anything to report this week. Only a single snapshot found its way to you: 20170516. On May 16th is when the openSUSE infrastructure was ‘released’ again to the openSUSE Release managers, as the audit of the events of the previous weekend had been completed.

We build/tested two more snapshots this week ((0517 and 0518) which both will not find their way to you. I’ll explain further down why.

So, let’s first focus on the positive side of things: snapshot 0516 released with some updates:

  • Another batch of KDE Applications 17.04.0
  • Boost fixed a regression which caused a build failure in quite some packages

Of course, there could not be that much in this snapshot, as the community did also not have access to the build server over the weekend and could not provide any updates.

That leads to a big backlog though, and the things that are coming to you shortly are numerous:

  • KDE Applications 17.04.1
  • KDE Framework 5.34.0
  • KDE Plasma 5.10 is already being tested (beta state, will hit Tumbleweed once it reaches final release
  • openSSL 1.0 and 1.1 will be parallel installable
  • GCC 7 as default compiler for Tumbleweed. We are almost there!
  • GStreamer 1.12 – with MP3 and A52 support enabled right away

Now, what happened to the two snapshots which are built bot won’t be released? Generally, a collection of things. For one, a regression in openQA caused some failures that needed to be understood. And due to the nature of the breakage, some test suites could simply not be run. And I don’t want to release a only partially tested snapshot out into the wild. I’m sure you will be hit by the corner cases we did not catch (this is the worst case of course. I would not expect there to be a problem. But I don’t gamble on the stability of your workstation).

The 2nd issue that arose now with snapshot 0518 is that the changes in openSSL packaging, making 1.0 and 1.1 able to co-exist nicely, caused a failure in bind, the major DNS server software used. Bind simply refuses to start in the current setup.

A solution to both issues is expected early next week, which means we can then resume releasing Tumbleweed.


Friday
19 May, 2017


face

ICC Examin allows since version 1.0 ICC Color Profile viewing on the Android mobile platform. ICC Examin shows ICC color profile elements graphically. This way it is much easier to understand the content. Color primaries, white point, curves, tables and color lists are displayed both numerically and as graphics. Matrices, international texts, Metadata are much easier to read.

Features:
* most profile elements from ICC specification version 2 and version 4
* additionally some widely used non standard tag are understood

ICC color profiles are used in photography, print and various operating systems for improving the visual appearance. A ICC profile describes the color response of a color device. Read more about ISO 15076-1:2010 Standard / Specification ICC.1:2010-12 (Profile version 4.3.0.0), color profiles and ICC color management under www.color.org .

The ICC Examin App is completely rewritten in Qt/QML. QML is a declarative language, making it easy to define GUI elements and write layouts with fewer code. In recent years the Qt project extended support from desktop platforms to mobiles like Nokias Meego, Sailfish OS, iOS, Android, embedded devices and more. ICC Examin is available as a paid app in the Google Play Store. Sources are currently closed in order to financially support further development. This ICC Examin version continues to use Oyranos CMS. New is the dependency to RefIccMAX for parsing ICC Profile binaries. In the process both the RefIccMAX library and the Oyranos Color Management System obtained changes and fixes in git for cross compilation with Android libraries. Those changes will be in the next respective releases.

The FLTK Toolkit, as used in previous versions, was not ported to the Android or other mobile platforms. Thus a complete rewrite was unavoidable. The old FLTK based version is still maintained by the same author.


face

Sources from the beta version of SUSE Linux Enterprise (SLE) Service Pack 3 (SP3) arrived today in the latest build for openSUSE’s next minor release of the 42 series.

The transition to a rolling development process for openSUSE Leap 42.3 has changed the traditional milestone process, but fixed milestones are alive and well with SLE development and Leap is benefiting from that hardened, enterprise core.

The latest sources from SLE SP3 Beta included in Leap builds are security and bug fixes n SUSEConnect version 0.3.0. Additionally, cpupower updated to a turbostat version with 17.04.12. The shared zypper 1.13.27 version helps to tag packages installed by user request as ‘i+’. The beta and Leap build also cleanup an algorithm for rollback snapshots with Snapper 0.5.0. Ceph’s  12.0.2 sets higher disk and memory constraints so s390x builds don’t fail. SLE SP3 and Leap also share the same 4.4.68 Linux Kernel, which provides plenty of improvements for architectures and wireless drivers.

Yast2-installation moved Container as a Service Platform to yast2-caasp package and added a features request, which added Network Time Protocol Servers settings to the overview dialog.

Community packages differing from SLE SP 3 Beta that testers can find in Leap are new features from Mozilla Thunderbird 52.1.0 and security fix from Mozilla Firefox 52.1.1. This past week KDE Applications was updated in the Leap builds to version 17.04.0. Two weeks ago, a Leap build for 42.3 updated Mesa from version 11.2.2 to version 17.0.4 (now Mesa 17.0.5), so more Graphics Processing Units are supported.

“I’d like to ask package maintainers and users alike to check whether there are any bigger changes left to be done in 42.3,” release manager Ludwig Nussel wrote to the openSUSE Factory Mailing List. “If so, please submit affected packages ASAP.”

There are only a few more days left to get any major version updates in the next minor Leap 42 version. All major version updates have a submission deadline of May 21.

Leap 42.3 builds have been coming out on a regular basis with new community packages being updated in the newest builds. Testers are encouraged to test the rolling development and can download the iso image from the development button on software.opensuse.org. After installing Leap, testers can enter the terminal and enter zypper update for the newest Leap 42.3 packages.

Don’t forget to report bugs if you find one.


face

Here are the results the OBS frontend developer team has achieved in the last 2 weeks (2017-05-08 to 2017-05-19). OBS 2.8.1 Release We have pushed out version 2.8.1. You probably have already installed this new release last week right? If not check out the announcement about all the cool new things we rolled into our stable release and download it. Maintenance Let's start off with the maintenance tasks we did on our code base. Migrating...


Thursday
18 May, 2017


face

Multiple small pattern changes had momentarily slowed the releases of openSUSE Tumbleweed snapshots, but snapshots are expected to come more frequently moving forward.

The newest snapshot, 20170516, brought Linux Kernel 4.11 and tons of new fixes and features. The new kernel has at least eight prominent features and a pluggable IO scheduler for the multiqueue block layer is just one of the many features. There are some fixes for nvidia drivers in the 4.11.1 Kernel, which expected to arrive in the next Tumbleweed snapshot if all goes according to plan.

The snapshot also delivered an update for python-requests with version 2.13.0, which has multiple fixes including fixing an issue with JSON encoding detection. Python-sip 4.19.2 provided a fix for a crash and power-device supporter nut 2.7.4 changed some command and variable naming schemes as well as added a new class of device support for Automatic Transfer Switch.

KDE Applications 17.04.0 made it’s way into the 20170516 and 20170510 snapshots. Among the many improvements are 3D rendering with KAlgebra, more stability for the video editor Kdenlive and a new version of Minuet, which will helps teach and learn music, offers more exercises and ear-learning tasks.

Cryptsetup 1.7.5 provided a fixes to optional dracut ramdisk scripts for offline re-encryption on initial boot came in snapshot 20170510 and GNOME updated games to version 3.24.1 after cleaning up the licensing around the project and updating translations. Libvirt-python, perl-Net-HTTP and virtualbox all updated to 3.3.0, 6.14 and 5.1.22 respectively.

Snapshots 20170505 wasn’t listed in the last Tumbleweed update. That snapshot updated Mesa to version 17.0.5, which implemented the OpenGL 4.5 API. Libvirt 3.3.0 dropped some patches and zypper 1.13.25 fixed a translation shortcut error. Also added to the repositories in the snapshot was Mozilla Firefox 52.1.0, which had various stability and regression fixes.

GNU Compiler Collection (GCC) 7 is still progressing to become the default compiler, but there is still a bit of work to do.


Wednesday
17 May, 2017


face

Weblate 2.14 has been released today slightly ahead of the schedule. There are quite a lot of security improvements based on reports we got from HackerOne program, API extensions and other minor improvements.

Full list of changes:

  • Add glossary entries using AJAX.
  • The logout now uses POST to avoid CSRF.
  • The API key token reset now uses POST to avoid CSRF.
  • Weblate sets Content-Security-Policy by default.
  • The local editor URL is validated to avoid self-XSS.
  • The password is now validated against common flaws by default.
  • Notify users about imporant activity with their account such as password change.
  • The CSV exports now escape potential formulas.
  • Various minor improvements in security.
  • The authentication attempts are now rate limited.
  • Suggestion content is stored in the history.
  • Store important account activity in audit log.
  • Ask for password confirmation when removing account or adding new associations.
  • Show time when suggestion has been made.
  • There is new quality check for trailing semicolon.
  • Ensure that search links can be shared.
  • Included source string information and screenshots in the API.
  • Allow to overwrite translations through API upload.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate


face

In our latest sprint report, we promised you an extra post about the technology we have been using lately to manipulate configuration files. The wait is over! Here is the fine text by Michal Filka explaining everything you need to know to get started with CFA.

Welcome to CFA

As you should know if you follow our blog (we make sure to repeat it once in a while 😉 ), YaST was converted some time ago from a custom programming language called YCP to Ruby. However, this conversion was done on language basis. Some old design decisions and principles stayed, like the usage of SCR for accessing the underlying system.

SCR was designed together with YaST. It uses concept of “agents” for accessing configuration files. These agents contains a description of configuration file using their own format. Moreover SCR offers location transparency. You can e.g. work with a file in the execution system or in a chrooted environment. However, this piece of code is proprietary and limited by the inconsistent quality level of the agents. In addition, is written in C++, developed only within SUSE and, sadly, not very well designed. You cannot easily use just the parser or the location transparency functionality. You always have to go through the complete SCR stack when parsing an input. Similarly, when using location transparency (setting a new location), all subsequent SCR calls are influenced by this. For this and some other reasons we decided to replace the proprietary SCR with something else. That’s how we started to develop and use “Configuration files API”

Configuration files API (CFA) is a library written in ruby intended for accessing various configuration files. You can download it from rubygems.org. It is also available as a set of RPM packages for OpenSUSE 42.3 in the build service. It is structured into several layers and creates an internal abstraction of configuration file. It has been designed and developed in SUSE’s YaST team. However this time it uses (or can use) third party parsers. CFA provides location transparency for the parser on the bottom layer and unified API for application on the top one. Location transparency is achieved by a well known File interface, so you can use any piece of code which implements that interface. Implementing support for a new parser is a bit more complicated. In the worst case you may need to implement a ruby bindings. However, once you have a bindings, implementing other pieces which are needed to get things working in the CFA’s stack is simple.

Lets go through the layers in details.

Bottom layer: File access

Is responsible for the direct access to the configuration files. In the simplest case it accesses local configuration files using the Ruby’s File class, but it can be adapted to access remote, chrooted or memory files too. The developer simply needs to provide a file handler implementing the corresponding read and write methods. Handlers for files in memory and in a chrooted


Monday
15 May, 2017


face

Hosted Weblate provides also free hosting for free software projects. The hosting requests queue was over one month long, so it's time to process it and include new project.

This time, the newly hosted projects include:

We now also host few new Minetest mods:

If you want to support this effort, please donate to Weblate, especially recurring donations are welcome to make this service alive. You can do them on Liberapay or Bountysource.

Filed under: Debian English SUSE Weblate


face

Weblate 2.13.1 has been released quickly after 2.13. It fixes few minor issues and possible upgrade problem.

Full list of changes:

  • Fixed listing of managed projects in profile.
  • Fixed migration issue where some permissions were missing.
  • Fixed listing of current file format in translation download.
  • Return HTTP 404 when trying to access project where user lacks privileges.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Aptoide, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate


face

Weblate 2.13 has been released today pretty much on the schedule. The most important change being more fine grained access control and some smaller UI improvements. There are other new features and bug fixes as well.

Full list of changes:

  • Fixed quality checks on translation templates.
  • Added quality check to trigger on losing translation.
  • Add option to view pending suggestions from user.
  • Add option to automatically build component lists.
  • Default dashboard for unauthenticated users can be configured.
  • Add option to browse 25 random strings for review.
  • History now indicates string change.
  • Better error reporting when adding new translation.
  • Added per language search within project.
  • Group ACLs can now be limited to certain permissions.
  • The per project ALCs are now implemented using Group ACL.
  • Added more fine grained privileges control.
  • Various minor UI improvements.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Aptoide, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English Gammu phpMyAdmin SUSE Weblate


face

During last week I've noticed several interesting posts about challenges being free software maintainer. After being active in open source for 16 years I can share much of the feelings I've read and I can also share my dealings with the things.

First of all let me link some of the other posts on the topic:

I guess everybody involved in in some popular free software project knows it - there is much more work to be done than people behind the project can handle. It really doesn't matter it those are bug reports, support requests, new features or technical debt, it's simply too much of that. If you are the only one behind the project it can feel even more pressing.

There can be several approaches how to deal with that, but you have to choose what you prefer and what is going to work for you and your project. I've used all of the below mentioned approaches on some of the projects, but I don't think there is a silver bullet.

Finding more people

Obviously if you can not cope with the work, let's find more people to do the work. Unfortunately it's not that easy. Sometimes people come by, contribute few patches, but it's not that easy to turn them into regular contributor. You should encourage them to stay and to care about the part of the project they have touched.

You can try to attract completely new contributors through programs as Google Summer of Code (GSoC) or Outreachy, but that has it's own challenges as well.

With phpMyAdmin we're participating regularly in GSoC (we've only missed last year as we were not chosen by Google that year) and it indeed helps to bring new people on the board. Many of them even stay around your project (currently 3 of 5 phpMyAdmin team members are former GSoC students). But I think this approach really works only for bigger organizations.

You can also motivate people by money. It's way which is not really much used on free software projects, partly because lack of funding (I'll get to that later) and partly because it doesn't necessarily bring long time contributors, just cash hunters. I've been using Bountysource for some of my projects (Weblate and Gammu) and so far it mostly works other way around - if somebody posts bounty on the issue, it means it's quite important for him to get that fixed, so I use that as indication for myself. On attracting new developers it never really worked well, even when I've tried to post bounties to some easy to fix issues, where newbies could learn our code base and get paid for that


face

Weblate is growing quite well in last months, but sometimes it's development is really driven by people who complain instead of following some roadmap with higher goals. I think it's time to change it at least a little bit. In order to get broader feedback I've sent out short survey to active project owners in Hosted Weblate week ago.

I've decided to target at smaller audience for now, though publicly open survey might follow later (but it's always harder to evaluate feedback across different user groups).

Overall feelings were really positive, most people find Weblate better than other similar services they have used. This is really something I like to hear :-).

Weblate overall experience

Weblate compared with other tools

But the most important part for me was where users want to see improvements. This somehow matches my expectation that we really should improve the user interface.

Weblate future development

We have quite a lot features, which are really hidden in the user interface. Also interface for some of the features is far from being intuitive. This all probably comes from the fact that we really don't have anybody experienced with creating user interfaces right now. It's time to find somebody who will help us. In case you are able to help or know somebody who might be interested in helping, please get in touch. Weblate is free software, but this can still be paid job.

Last part of the survey was focused on some particular features, but the outcome was not as clear as I hoped for as almost all feature group attracted about same attention (with one exception being extending the API, which was not really wanted by most of the users).

Overall I think doing some survey like this is useful and I will certainly repeat it (probably yearly or so), to see where we're moving and what our users want. Having feedback from users is important for every project and this seemed to worked quite well. Anyway if you have further feedback, don't hesitate to use our issue tracker at GitHub or contact me directly.

Filed under: Debian English phpMyAdmin SUSE Weblate


face

Weblate 2.12 has been released today, few days behind schedule. It brings improved screenshots management, better search and replace features or improved import. Many of the new features were already announced in previous post, where you can find more details about them.

Full list of changes:

  • Improved admin interface for groups.
  • Added support for Yandex Translate API.
  • Improved speed of sitewide search.
  • Added project and component wide search.
  • Added project and component wide search and replace.
  • Improved rendering of inconsistent translations.
  • Added support for opening source files in local editor.
  • Added support for configuring visual keyboard with special characters.
  • Improved screenshot management with OCR support for matching source strings.
  • Default commit message now includes translation information and URL.
  • Added support for Joomla translation format.
  • Improved reliability of import across file formats.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Aptoide, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English phpMyAdmin SUSE Weblate


face

Weblate should be released by end of February, so it's now pretty much clear what will be there. So let's look at some of the upcoming features.

There were many improvements in search related features. They got performance improvements (this is especially noticeable on site wide search). Additionally you can search for strings within translation project. On related topic, search and replace is now available for component or project wide operations, what can help you in case of massive renaming in your translations.

We have worked on improving machine translations as well, this time we've added support for Yandex. In case you know some machine translation service which we do not yet support, please submit that to our issue tracker.

Biggest improvement so far comes for visual context feature - it allows you to upload screenshots which are later shown to translators to give them better idea where and in which context the translation is used. So far you had to manually upload screenshot for every source string, what was far from being easy to use. With Weblate 2.12 (and this is already available on Hosted Weblate right now) the screenshots management got way better.

There is now separate interface to manage screenshots (see screenshots for Weblate as an example), you can assign every screenshot to multiple source strings, however you can also let Weblate automatically recognize texts on the screenshots using OCR and suggest strings to assign. This can save you quite a lot of effort, especially with screenshots with lot of strings. This feature is still in early phase, so the suggestions are not always 100% matching, but we're working to improve it further.

There will be some more features as well, you can look at our 2.12 milestone at GitHub to follow the process.

Filed under: Debian English SUSE Weblate


face

Exactly on the schedule, Weblate 2.11 is out today. This release brings extended stats available to users and various other improvements and bug fixes.

Full list of changes:

  • Include language detailed information on language page.
  • Mercurial backend improvements.
  • Added option to specify translation component priority.
  • More consistent usage of Group ACL even with less used permissions.
  • Added WL_BRANCH variable to hook scripts.
  • Improved developer documentation.
  • Better compatibility with various Git versions in Git exporter addon.
  • Included per project and component stats.
  • Added language code mapping for better support of Microsoft Translate API.
  • Moved fulltext cleanup to background job to make translation removal faster.
  • Fixed displaying of plural source for languages with single plural form.
  • Improved error handling in import_project.
  • Various performance improvements.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Aptoide, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English phpMyAdmin SUSE Weblate


face

Are you considering to write your own image templates, but you don’t know how to start? You have come to the right place. In this short article you will learn to create you own image templates and how you can publish them. The Subproject First create a subproject of your home project. This will be the place where you collect your image templates. Adding The Image Configuration Let’s start with our first image. For that...


Saturday
13 May, 2017


face
I already submitted to talks for the Cephalocon 2017 in Boston end of August this year but unfortunately - for the community - the conference was cancelled on Friday this week.

Here a quote from the cancellation statement:
The Ceph community has always been based on the principles of openness, inclusion, and a level playing field for all participants. We have worked hard to ensure that no matter what time zone you’re in, who you are, or how technically knowledgeable you are there is always a way for you to participate and contribute to the Ceph community.

It is our sincere hope that the people of the United States will course-correct their leadership to conform to the principles that the country was founded on, and has served so well throughout history. In the meantime, we wont be hosting any events that require members of our community to travel to the U.S. and potentially suffer harassment, digital privacy violations, or rejection at the border.
For the full statement please check this page

Though these are `SAD` news for the community, I fully support the decision and the statement. I'm looking forward for a new date for a Cephalocon, propably in Canada, Mexico or around the next OpenStack Summit in Sydney end of this year. It would be really good if the full Ceph community - including the developers - could get together at least once in a while.

Friday
12 May, 2017


face

Dear Tumbleweed users and hackers,

In the last two weeks, a total of 6 snapshots had been released to the wild (0428, 0429, 0430, 0502, 0503, 0505): all those snapshots were mainly in Week 18 – while we were having some struggles this week due to the way the pattern packages are now laid out. The change was slightly more complex than anticipated and small issues crept in here and there. But the change is well worth the effort, as patterns are now smaller chunks with their own respective maintainer groups assigned. For example, the KDE Team has more, and especially more direct, control over their pattern. The same holds, of course, true for all other desktop related patterns: those now live in the respective desktop environment’s devel projects.

Most of the big issues should be ironed out now and you should also shortly see snapshot 0510 on your the mirrors. I will thus include the changes of this snapshot in the review as well.

The last two weeks brought these interesting bits to Tumbleweed:

  • Mozilla Thunderbird & Mozilla Firefox 52.1.0
  • KDE Frameworks 5.33.0
  • GNOME 3.24.1
  • Linux Kernel 4.10.13
  • KDE Plasma 5.9.5
  • KDE Applications 17.04.0 (in snapshot 0510)
  • Pattern split: patterns-openSUSE will be removed in favor of new names!
  • grub 2.02
  • Many more python packages ported to singlespec

It’s always impressive to go through the various release messages a week later and be stunned how much this community manages to achieve in such a short time! Thanks go out to all contributors for making openSUSE Tumbleweed the awesome distro it is!

And as you are so many, of course you keep the staging areas busy, currently mostly with those ‘major’ changes (work in progress features for the upcoming snapshots):

  • GNOME 3.24.2
  • GCC7 as default compiler! Help is needed to make this happen!
  • icu 5.9
  • Linux Kernel 4.11.0

Thursday
11 May, 2017


Michael Meeks: 2017-05-11 Thursday.

21:00 UTCmember

face
  • Mail, more admin, testing, chat with Thorsten.
  • Annoyed to see that Ahok goes to jail in Indonesia for two years for blasphemy, despite no prosecution case or real offence; pleased to see that Stephen Fry walks free, although he is beyond utterly wrong about God who as Psalm 89 tells us has Righteousness and justice as the foundation of his throne. Not a fan of blasphemy laws, discussing all things is important.
  • Poked at improving online unit tests.

face

At Collabora Productivity we recently encountered the need to investigate calls in a third-party application to COM services offered by one or more other applications. In particular, calls through the IDispatch mechanism.

In practice, it is use of the services that Microsoft Office offers to third-party applications that we want to trace and dump symbolically.


We looked around for existing tools but did not find anything immediately suitable, especially not anything available under an Open Source license. So we decided to hack a bit on one of the closest matches we found, which is Deviare-InProc. It is on GitHub, https://github.com/nektra/Deviare-InProc.

Deviare-InProc already includes code for much of the hardest things needed, like injecting a DLL into a target process, and hooking function calls. What we needed to do was to hook COM object creation calls and have the hook functions notice when objects that implement IDispatch are created, and then hook their Invoke implementations.

The DLL injection functionality is actually "just" part of the sample code included with Deviare-InProc. The COM tracing functionality that we wrote is based on the sample DLL to be injected.

One problem we encountered was that in some cases, we would need to trace IDispatch::Invoke calls that are made in a process that has already been started (through some unclear mechanism out of our control). The InjectDLL functionality in Deviare-InProc does have the functionality to inject the DLL into an existing process. But in that case, the process might already have performed its creation of IDispatch implementing COM objects, so it is too late to get anything useful from hooking CoGetClassObject().

We solved that with a hack that works nicely in many cases, by having the injected DLL itself create an object known to implement IDispatch, and hoping its Invoke implementation is the same as that used by the interesting things we want to trace.

Here is a snippet of a sample VBScript file:

     Set objExcel = CreateObject("Excel.application")
     set objExcelBook = objExcel.Workbooks.Open(FullName)

     objExcel.application.visible=false
     objExcel.application.displayalerts=false
         
     objExcelBook.SaveAs replace(FileName, actualFileName, prefix & actualFileName) & "csv", 23

     objExcel.Application.Quit
     objExcel.Quit

And here is the corresponding output from tracing cscript executing that file. (In an actual use case, no VBScript source would obviously be available to inspect directly.)

Process #10104 successfully launched with dll injected!
Microsoft (R) Windows Script Host Version 5.812
Copyright (C) Microsoft Corporation. All rights reserved.

# CoGetClassObject({00024500-0000-0000-C000-000000000046}) (Excel.Application.15)
#   riid={00000001-0000-0000-C000-000000000046}
#   CoCreateInstance({0000032A-0000-0000-C000-000000000046}) (unknown)
#     riid={00000149-0000-0000-C000-000000000046}
#     result:95c668
#   CoCreateInstance({00000339-0000-0000-C000-000000000046}) (unknown)
#     riid={00000003-0000-0000-C000-000000000046}
#     result:98aad8
#   result:95dd8c
# Hooked Invoke 0 of 95de1c (old: 487001d) (orig: 76bafec0)
95de1c:Workbooks() -> IDispatch:98ed74
98ed74:Open({"c:\temp\b1.xls"}) : ({"c:\temp\b1.xls"}) -> IDispatch:98ea14
95de1c:Application() -> IDispatch:95de1c
95de1c:putVisible(FALSE)
95de1c:Application() -> IDispatch:95de1c
95de1c:putDisplayAlerts(FALSE)
98ea14:SaveAs(23,"c:\temp\converted_b1.csv")
95de1c:Application() -> IDispatch:95de1c
95de1c:Quit()
95de1c:Quit()

Our work on top of Deviare-InProc is available at https://github.com/CollaboraOnline/Deviare-InProc.

Binaries are available


face

Today we are happy to announce the new Image Templates Page. What’s that? – You might ask. Just have a look yourself. Click on the newly added ‘New image’ link on the OBS front page. And there it is! The image template page is a place where you can find all kinds of pre-configured KIWI image configurations provided by other users and projects. Are you just about to create a new image for your server...


Wednesday
10 May, 2017


face
Screenshot Status Page

Screenshot https://status.opensuse.org/

Worried about downtimes and maintenance windows of openSUSE services that you missed because there was no information provided? ;-)

Now is your chance to get informed about any (un-)expected downtime of any openSUSE service!

The openSUSE Heroes team is pleased to announce that status.opensuse.org is up and running as public status page, providing you with the latest updates about our infrastructure.  We tried our best to get the page mobile friendly and easy to understand. Even RSS and Atom feeds are available. A big “thank you” to the team from Cachet, the open source status page system, for developing that great tool.

You wonder where this status page get’s it’s information from?

For the moment, the Heroes will update the page manually with information – until our new monitoring system is up and running and can take over some parts of the job. Thanks to a nice API, updates and status queries can be done even via command line (and therefor integrated in whatever tool you can imagine). But as we want to provide you with the best information available, we might still use a “human form” instead of automatism. Let’s see what the future brings and how familiar we will get with the tool…

If you like, you can even use the experimental Email notification feature by clicking on the “Subscribe” button at the bottom of the page. After a confirmation, you will get informed via Email once an Hero changes the status of a component/service. Please note that this feature is experimental at the moment and details might change in the future. If you like, you can already define which component/service is of interest for you (per default you get informed about any change), but at the moment you need to follow the  steps below if you want to limit the amount of information:

  • hit the subscribe button and enter your Email address
  • verify the subscription by clicking on the link provided in the confirmation Email
  • now exchange the word “verify” in the link with the word “manage” and reload the page
  • this should give you a list of checkboxes in front of each service where you can select the services you want to get notifications for
  • after choosing your interested services, click on the “Update Subscription” button at the bottom of the page and you are done

To unsubscribe, again exchange the “subscribe/verify” in the link with the word “unsubscribe” and you are done.

Please be aware that we – the openSUSE Heroes – still need to train our self with the new system. We will try our best not to bother you with too much spam, but especially for the experimental Email feature, we can not guarantee at the moment.


Michael Meeks: 2017-05-10 Wednesday.

21:00 UTCmember

face
  • Took E. to Addenbrooks in the morning; back, mail, built ESC stats, call, plugged through the task backlog. Read Firefox & Chrome's seccomp-bpf usage - which are not particularly obvious.

Tuesday
09 May, 2017


Michael Meeks: 2017-05-09 Tuesday.

21:00 UTCmember

face
  • Admin, commercial call; Board calls; call later, revised Biology with H.

face

Five students will spend this summer putting their coding skills into practice for openSUSE and other projects during this year’s Google Summer of Code.

The international program that matches mentors and students funded 1,315 student projects this year for 201 open source organizations, who will benefit from the active involvement from these new developers.

“We are excited to be selected as a mentoring organization and to mentor these talented, young GSoC students,” said Christian Bruckmayer, one of the openSUSE mentors. “This year’s projects focus on enhancing the capabilities of our open source tools, so that the benefits are shared amongst the open-source ecosystem.”

The student proposals selected this year regarding openSUSE mentoring will help not only the openSUSE Project, but multiple other open-source projects like KDE and the Free and Open Source Software Developers’ European Meeting (FOSDEM) as well as many others.

In addition to the two student proposals selected for openSUSE’s Open Source Event Management project, which is a self hosted solution to organize conferences, two other students will be developing implementations on OSEM for FOSDEM.

The student projects should enhance the features and capabilities for all the organizations that use the event manager to organize and manage conferences all over the world, Bruckmayer said.

Another student project that will benefit multiple open-source projects is openSUSE’s Ruby on Rails based Travel Support Program application, which helps manage the requests and reimbursements for free open source organizations. openSUSE’s Travel Support Program application was adopted by KDE e.V. to support its Travel Cost Reimbursement initiative. The new features are expected to make the TSP application more useful.

The last development that was selected from the student proposals  for openSUSE were two student projects focusing on Jangouts, which is a videoconferencing tool based on WebRTC and Janus Gateway that provides a self-hosted open source alternative to Google Hangouts. One of the students will look at revamping the User Interface while the other will focus on integrating callstats.io in to Jangouts, which is an analytics tool to help determine how to best improve the quality of audio and video calls.

openSUSE uses 101.opensuse.org to reach out to students who want to participate in GSoC as well as other mentoring programs openSUSE supports.


Monday
08 May, 2017


Michael Meeks: 2017-05-08 Monday.

21:00 UTCmember

face
  • Up early, M.'s SATs start today - music practise, Bible study etc. Mail chew, consultancy call, sync. with Tamas. Lunch, more calls & admin.

face

oSC17 is just around the corner, and if you want to be part of making it awesome you can now sign up to become a volunteer!

Volunteers are invaluable to conferences, and they play a major role in creating a pleasant conference atmosphere for attendees.

We need volunteers to help out with various things throughout the conference, such as:

  • Help at the registration desk, which involves:
    • welcoming people at the conference and marking them as attended
    • help people find what they are looking for (rooms, toilet, bus stop, etc.)
    • assist people with the schedule, and direct them to the next available session (keynote, workshop, etc)
    • provide people with a t-shirt and urge them to put on a name tag
    • handle incidents that might come up
  • Help with speakers by making sure that:
    • speakers know where they need to be before their talk
    • there is a bottle of water and glasses at the speaker desk
    • speakers upload their presentation and make the link public in OSEM
  • Help setup everything on Friday morning, and tear down on Sunday evening

Volunteers will receive an instructions sheet, as well as a short briefing. Please be available at the registration desk 15-30 minutes prior to the time you are scheduled to volunteer.

Make sure to fill out the volunteers form, so that we know we can count on your help!

See you soon at oSC17, 26-28 May 2017!


Sunday
07 May, 2017


Michael Meeks: 2017-05-07 Sunday.

21:00 UTCmember

face
  • Up earlyish, practice & played at NCC; Julie over for fine roast chicken lunch; tidied up; played some games. Snoozed, finished cupboard side kick-board. Out to play running games nearby the statue of the Queen, racing, so walked through the graveyard rather than the heath; such a lot of hopeless tombstones. Tea, read stories to babes.

Older blog entries ->