This week’s openSUSE Tumbleweed snapshots had a steady amount of software packages in each of the daily releases.

While vim, Node.js and Salt updates made the headlines, AppStream, KDE Frameworks and the Linux Kernel provided several important updates.

In the most recent 20230118 snapshot, manpages-l10n moves to version 4.17.0, which now actively has Swedish maintained. The package also adds a new language. A week’s worth of fixes came in the ncurses 6.4.20230114 update. The package improves configure-script macros vs compiler warnings and it has a fix to avoid a conflict with pre-existing usage in vim. Two openSUSE packages updated in the snapshot. A change to allow both swap and none as paths for swap in fstab were made with the libstorage-ng 4.5.64 update. An update to identify Dell storage devices with the extension of regular expressions was made in yast2-storage-ng 4.5.16. The diffutils utility program used for creating patch files updated to version 3.9, but did not list any fixes for the platform, according to the changelog. Other packages to update were python-httpx 0.23.3 and python310-packaging 23.0.

Both the Node.js and the Linux Kernel updated in snapshot 20230117. The 6.1.6 kernel-source update enabled headset microphones with more Dell laptops through Advanced Linux Sound Architecture changes, and netfilter nftables consolidated set descriptions and added a function to create set stateful expressions. The nodejs19 package update to 19.4.0 improved timeout defaults handling. The package also had a change with an impact of less RAM for AArch64 and 32-bit arm. Fixes to handle btrfs subvolumes were made with GNOME’s tracker-miners 3.4.3 version. Georgian and Macedonian language changes were made with a yast2-trans update and a few other libraries were updated in the snapshot.

With the exception of three other packages in snapshot 20230116, KDE Frameworks updates took the majority of data packets for users who did a zypper dup. Frameworks 5.102.0 fixes a crash with KTextEditor and adds a missing KWindowSystem dependency. The Plasma Framework update centers a panel popup only if it would cover two-thirds of its panel widget and it adds a function to open a context menu. Another Frameworks update was made to the barcode namespace generator; Prison adds the 2.0 version of decoder ZXing. KDE hex editor okteta cleaned the spec file in version 0.26.10 and improved translations. An update of perl-Image-ExifTool 12.54, which is a command-line interface for reading and writing meta information, adds support for a number of new XMP tags, which included the decoding of Nikon, Fujifilm and Canon tags. An update of mpg123 1.31.2 fixed a build error that was network related.

Two packages were released in the 20230115 snapshot. An easier initial setup was made with the perl-Bootloader 0.941 update. The other package, python-Pygments, updated to version 2.14.0. This syntax highlighting package had a number of changes and improves parentheses handling for function definitions. The new version also fixes number and operator recognition.

Vim was among the several updates in snapshot 20230114. The text editor updated to version 9.0.1188 and fixes a memory leak when using class functions, yet the new release may provide an unexpected output when autoloading a script for an interactive operation. A newer 0.15.6 version of AppStream’s cross-distribution efforts added a patch to support meson 0.59, which is meant for the next minor version of Leap. The software component for metadata standardizing also added an Application Programming Interface for content rating descriptions and ratingIds. There were a few fixes with the NetworkManager 1.40.10 update. One of those fixes an evaluation of the autoconnect function and another ensures that dnsmasq is stopped after changing the dns backend and restarting the service. There were various other fixes in the package. An update of pipewire 0.3.64 had a mass amount of info about the update. It cleared some old buffer memory on ports to fix some bus errors, and now makes it possible to assign custom port names to the ports from an adapter. The audio and video package fixed an error in the quantum and rate calculations that could cause nodes to run with these wrong computations when multiple rates were allowed. Several patches were removed with the package update. The utility library for ndctl had a major version update. Version 75 had many improvements and added master-passphrase removal support. Other packages to update in the snapshot were gtksourceview5 5.6.2, libstorage-ng 4.5.63 and more.

Salt 3005.1 added a missing patch after a rebase to fix collections mapping issues, which arrived in snapshot 20230113. The release was full of patches and one of the fixes ensures the default values for interprocess communication buffers are the correct type. The new version also fixes an architecture parsing issue in apt source files. Mesa 22.3.3 fixes a broken graphics in a game, a hang with Plasma and a crash when creating graphics pipeline libraries with a module identifier. Some updates for Xfce packages also became available in the snapshot. The file manager thunar 4.18.2 prevents a crash for copy+overwrite via DBus and also prevents a rare crash when closing thunar. Another update was made to xfce4-panel 4.18.1, which fixes a sync timeout issue. A few more packages were updated in the snapshot.

The snapshot that began the week, 20230112, had file updated to version 5.44.

After almost a year of having my Ender3, it has received a lot of new parts, fixes and upgrades. The great thing about the Ender3 is that you can do so much with it and truly personalize it for your use case. One area that needed to be addressed was the power supply situation that […]

These software projects and technologies caught my attention and excitement during 2022, though they may not have necessarily appeared that year. My selection and focus have a clear bias as I have spent most of my life developing open-source, data center, and e-commerce infrastructure software on UNIX-like systems. I only included projects I have tried myself.

I admire software that solves complex problems in a simple, elegant, and lean manner and those that are easily adopted and standardized as the “default”.

Tree-sitter

Description from its website:

Tree-sitter is a parser generator tool and an incremental parsing library. It can build a concrete syntax tree for a source file and efficiently update the syntax tree as the source file is edited.

Why is this important? This comment summarizes it well:

Incremental parsing of incorrect code is one of those things that is literally impossible in the general case, but tree-sitter has found a lot of good ways to do it that are not just possible for a large fraction of reality, but also performant. It’s hard to understate how impressive a piece of engineering this is.

I see this technology having an impact on IDEs, editors, linters and other tools similar to what the LLVM project did years ago for the compiler and interpreter ecosystem, and what Language Server Protocol did for IDEs during the last years.

For example, the Emacs editor adopted LSP by including eglot by default.

Originally, you could replace the limited regexp-based syntax highlighting in Emacs with the emacs-tree-sitter modes. This is no longer necessary, as from version 29+, Tree-sitter support is part of Emacs by default.

Wireguard

Description from its website:

WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography.

Wireguard’s simplicity:

• implemented in ~5000 lines of code, when most VPN solutions range from tens of thousands to hundreds of thousands
• works at the interface level, which means you can treat it like any other interface
• the state is hidden from the user, so things like roaming just work
• It is incorporated in most open-source operating systems. There is a Windows native version and a multi-platform userspace version written in Go.
  • NetworkManager, which most people use to manage networks in desktop Linux, has native support for it, and GNOME even displays the toggle for Wireguard connections.
• Android/iOS app
• Most commercial VPN providers support it, including the only one that is worth your time.

Some higher-level solutions have been built on top of WireGuard. The most impressive is Tailscale, which brings magical usability to access private networks spread across the world.

And last but not least, Fritzboxes, one of the most popular consumer routers in Germany, supports Wireguard natively, since December 2022, which means I now can access my home LAN very easily and from almost any device.

Litestream and liteFS

I believe many of the complicated app architectures today are either too early or just unnecessary.

SQLite is a local database engine that operates on a single file per database. It is the most deployed database in the world, and it is likely running in your pocket inside your phone on many different apps.

Many businesses could start in a single machine using a SQLite database.

Litestream is a project from Ben Johnson that replicates sqlite3 databases to make sqlite globally distributed. The replication part was extracted into LiteFS, while Litestream kept the disaster recovery replication.

With this model, LiteFS uses FUSE (Filesystem in userspace) as a pass-through filesystem to intercept writes to the database to detect transaction boundaries and replicate those in the replica nodes.

Litestream allows replicating databases by continuously copying write-ahead log pages to cloud storage.

An alternative implementation of transaction replication using SQLite built-in VFS is also planned.

The project was since then acquired by Fly.io, which specializes in deploying apps close to the users.

Both projects give SQLite superpowers and allow for resilient and performant applications while keeping the setup and architecture lean and simple.

During the Twitter exodus to Mastodon, I saw people dealing with the complexity and resource requirements of operating Mastodon for a single user. My Fediverse instance is not Mastodon, but gotosocial. Uses 128M ram, a 140M SQLite database, and runs on a 5€ micro VM. The database is replicated to an sftp share with Litestream.

Nix

Nix is a tool for producing reproducible builds and deployments. It takes a different approach to package management using a declarative and functional build description.

When you build something with Nix, it ends in its own directory in the Nix store e.g. /nix/store/hxxrbmr2zh6ph90qi8b4n2m53yvan3fr-curl-7.85.0/ and as long as the inputs do not change, the location, which is content-addressed, will not change either. They will also depend on the exact versions they were built against.

This allows you the installation of multiple versions in parallel, and the current system profile itself is a collection of symbolic links to the right binaries, which means you can roll back very easily.

While Nix can be used on Linux and macOS, there is a full Linux distribution built on this model.

While it can also be used for CI, building container images, etc., I use Nix in two ways:

• Declare project dependencies

  If I have e.g. a folder with some Ansible roles I use to configure my home gadgets, I can make that project independent from where I am running it by just having a top shell.nix declaring dependencies. Then a simple .envrc file with the line use_nix and direnv setup in my shell.

  As soon as I cd into the directory, Ansible is installed and appears in the path. I cd out and it disappears. The nix store is cached, so the second time is very fast (until you nix store gc).

  You can use this to have reproducible developer environments.

  Nix Flakes is a new format to package Nix-based projects in a more discoverable, composable, consistent and reproducible way.

  With Flakes, you could even pin your environment to a specific revision of the package descriptions.

• Manage packages, including my own

  Some packages I need all the time: Emacs, Chromium, tarsnap, etc. I use Nix for that, and keep my distribution just for the base system.

  nix profile install nixpkgs#tarsnap and the package is now always available. I also have packages that are not free to distribute, so I can keep the recipe to build it in git, or just override a few compile options from another package. It is just flexible.

The language is a functional DSL that takes some curve to learn, just like the built-in functions. I am not sure if this will be someday the future of deployments, but for me as been agreat addition to those two use cases..

Stable Diffusion

StableDiffusion is an AI model which allows to:

• transform text prompt into images
• transform images plus a text prompt into new images
• edit images by selecting an area and a prompt

Also impressive are the creations where StableDiffusion is used to change a single video frame, and another model is used to extrapolate the change to the rest of the frames, resulting in full video editing.

The Dreambooth model allows to finetune StableDiffusion for specific subjects. This is what the Lensa app does when generating many avatars from your selfies.

I believe this will have a huge impact on creative industries (design, gaming), and will make their software understand the semantics of the image, just like IDEs have been doing for years offering syntax-aware refactorings.

ChatGPT

I’d like to mention ChatGPT together with Copilot, but I haven’t tried Copilot yet.

These technologies are already proving to be very useful in the context of programming.

Leaving out the controversial topic of training proprietary models on GPL code for another occasion, I am impressed how good ChatGPT is to port code from one dimension to another, eg. rewriting using a different language, library, etc. I think it will become very useful for porting, refactoring and updating software.

For example, I was very pleased with ChatGPT being able to take some Linux commands, and generating me a set of Ansible tasks to replicate the configuration

Phoenix LiveView, hotwire and the return of the server-side HTML

Single-page applications (SPA) are with us for longer than I can remember, but the feeling something is not right in that model continues to live with me.

The architecture duplication on the server and client-side (controllers, views, stores), dividing teams through json messages in two worlds speaking different languages seems broken. The instability of the Javascript eco-system just makes things worse.

I can’t however, picture how to solve the challenges SPAs aim to solve when it comes to highlyy interactive applications.

Phoenix is a web framework for Elixir, a language running on the Erlang VM. His creator has a Rails background, so he took off from where Rails left and brought innovation to the space in the form of Phoenix LiveView, a technique that allows for highly interactive applications without abandoning the server side paradigm.

Other toolkits have appeared which allow to start server side and add interactivity in a structured way without abandoning the server side paradigm. One is HotWire from Basecamp, which includes Turbo and other libraries, and htmx, which works by just annotating HTML.

virtio-fs and krunvm

Something I always disliked about virtualization was the use of images. It added a whole layer of complexity.

virtio-fs is a filesystem that allows sharing the host filesystem with the guest. Unlike virtio-9p (the one used by Windows Subsystem for Linux), it has local semantics.

qemu has support for it, so you can boot a root filesystem.

One tool that takes advantage of virtio-fs is krunvm. It allows to run container images as micro virtual machines. The machines implement a few simple virtio devices enough to run an embedded kernel in libkrun.

krunvm takes virtio-fs to the next level, basically making it invisible, allowing you to mount any host folder into the virtual machine the same way that you do it with container images.

Follow the work Sergio Lopez is doing in this space.

---

These are my picks. What are yours?

People interested in mentorship for this year’s Google Summer of Code as part of openSUSE’s application will conclude a finalization meetup on Feb. 7 at 15:30 UTC on the project’s Jitsi instance channel.

After the project meeting, the project will submit an application for the openSUSE Project being a mentorship organization for 2023.

A large group of people involved in the project participated in a workshop on Jan. 10 with a focus on increasing mentorship for the organization and listing project mentoring ideas. Participants brainstormed project ideas during the workshop on the event’s etherpad and created listings for the project’s mentorship repository.

Still, there is plenty of time for people who are interested in mentoring to create an issue on the mentorship repository; the submitter of the issue will be listed as the main mentor. Those who do submit a project idea should list all the details from the template and label it with a tag as either a large-size project (350 hrs) or medium-size project (175 hrs).

Those who did not attend the workshop are still encouraged to participate as a mentor if they have the time or interest. The mentorship efforts have proven over the years to introduce people into open-source development, the many projects openSUSE has and the interactions it has with many other open-source projects. The openSUSE Project lists it’s GSoC mentorship projects on 101.opensuse.org.

The openSUSE Project has a long tradition of participating in GSoC and has done it several times since 2006. If you have any questions about the GSoC application or want to help mentor a project on 101.opensuse.org, email ddemaio@opensuse.org. The application period is open between Jan. 23 and Feb 7, but mentors can add their project on 101.opensuse.org now.

The openSUSE Project is planning activities for this year’s FOSDEM, which will take place Feb. 4 and 5 in Brussels.

The project will be in with operating systems space in Hall H and at its exhibit will have contributors available to discuss all openSUSE related projects to include ALP, MicroOS, Tumbleweed, Leap, Open Build Service, openQA and more. 

SUSE released its second prototype late last month of its Adaptable Linux Platform (ALP). There will be experts from the on hand to discuss ALP. 

Two ALP prototypes have been released so far; Les Droites was the first one released in October and Punta Baretti is the current available prototype for testing. More prototypes are expected for spring and summer.

Make sure not to miss talks from the community. Dan Čermák will talk about Modularity and ALP; Richard Brown will give a keynote for the distribution track. And Sarah Julia Kriesch will give a talk about collaboration and The Open Mainframe Project.

The booth will have swag, a quiz and beer. Enlighting yourself. Come see us and Have a lot of fun!

The latest Linux Saloon went off without a hitch, from a technical perspective. No issues during the streaming process, the bitrate was stable, OBS worked without issues and Zoom was crash free. It was a great way to start off the New Year. Of course, I did mess up the very beginning by forgetting to […]

Tearing down a piece of technology that is no longer working is something of a hobby of mine. I like to see if I can figure out why something is no longer working and then figure out if it is worth my time fixing it. This Kobalt 20v Drywall Cut-Out Tool was not something I […]

Dear Tumbleweed users and hackers,

It was another uneventful week for Tumbleweed: 6 snapshots were submitted to openQA for testing and all have returned successfully and been published. In staging, of course, the picture is a bit darker, but that’s all shielded before it reaches users and as such does precisely what we want it to do: safeguard the distro and detect issues before they are problems.

The main changes delivered in the 6 snapshots (0106…0111) include:

• Python pytest 7.2.0
• Meson 1.0.0
• KDE Plasma 5.26.5
• Linux kernel 6.1.3 & 6.1.4
• Libzypp 17.31.7
• Mozilla Firefox 108.0.2
• KDE Gear 22.12.1
• firewalls 1.3.0
• systemd 252.4
• Qt 5.15.8

In the staging area, we are busy testing the effects and working on the fallout, of

• Mesa 22.3.3
• Boost 1.81.0: breaks libetonyek and LibreOffice
• Python Sphinx 6.1
• libraw 0.21.0: breaks gegl (fix in the queue already)
• GnuPG 2.4: breaks gpgme:qt
• Ruby 3.2 to become the default ruby version: YaST is failing
• Switch to openSSL 3: Progress tracked in Staging:N

openSUSE Tumbleweed started the new year just like it finished the last; on a roll and giving users freshly updated software packages.

The rolling release has been on a daily release streak since the beginning of December and since the beginning of October has only missed one daily snapshot; :open_mouth: !

The latest snapshot to arrive was 20230111 and it brought an update in yast2 that gives help text within the YaST Control Center from the 4.5.21 update. A migration of the Pluggable Authentication Module settings to /usr/lib/pam.d took place in a samba 4.17.4+git update. There was a 1.0.2+git update with kdump, which improved the generation of calibrate.conf; it uses static IP addresses for calibration. The package also fixed s390x build dependencies and fixed the package summary in the spec file. The second Linux Kernel update this week arrived in this snapshot; kernel-source 6.1.4 fixed the grub2 menu handling for rebooting. Advanced Linux Sound Architecture changes with the kernel update applied a dual codec fixup for Dell Latitude laptops. An update from this year of ncurses improves configure-script macros vs compiler warnings, and vim’s benevolent dictator for life Bram Moolenaar suggested ncurses add an RV report+version, which was implemented in the release, according to the changlog. Several other packages updated in the snapshot, which included several libqt5 cross-platform application and User Interface framework packages.

Snapshot 20230110 updated a package that several small or embedded system developers are finding useful; busybox, which combines tiny versions of many common UNIX utilities into a single small executable. This package fixes a Common Vulnerability and Exposure. CVE-2022-30065 did not properly sanitize while processing a crafted awk pattern, leading to possible code execution. The package also had various other fixes and enabled SHA hardware acceleration. GNOME’s virtual file system gvfs updated to version 1.50.3 and fixes hangs when a connection is released. It also prevent automounts from resuming after a suspension, and the package update adds support for xx-large and x-large thumbnails. Notification about unprepared critical updates were stopped in the gnome-software 43.3 update. GNOME’s evolution 3.46.3 fixed a few memory leaks and some bugs; like a crash when RSS is reading a feed with an empty author, or like duplicating of attachments when forwarding personal information management application. The image processing package GraphicsMagick updated to version 1.3.39 and added new features like support reading AV1 Image File Format via libheif if it supports the decoding of AVIF. Members of the project and its principal maintainer are asking for volunteers to help maintain the 26-year-old package. An update of php8 8.1.14 took care of CVE-2022-31631, which occurred due to an uncaught integer overflow that made it possible to force the function to return a single apostrophe if the function is called on user-supplied input without any length restrictions in place. The package fixed several bugs including two failures related to OpenSSL. Along with yast2-installation and yast2-trans several other packages updated in the snapshot.

A total of two packages updated in the 20230109 snapshot. One of the packages, hidapi, updated for version 0.13.0. The library for communicating with USB and Bluetooth devices added a Meson build script and added support for devices over the Serial Peripheral Interface, which is an interface specification used for short-distance communication primarily with embedded systems. The other package to update was libmfx 22.6.5. The Intel Media SDK dispatcher library package added security reporting information.

Three packages were updated in snapshot 20230108. The updates included libstorage-ng 4.5.62 receiving updated Macedonian translations using Weblate. A major version python-cryptography dropped support for LibreSSL below version 3.5. The 39.0.0 cryptographic package also removed support for OpenSSL 1.1.0. The tool that generates smaller dumpfiles from kdump memory dumps was the last package to update. This 1.7.2 makedumpfile added support for the Linux Kernel update to version 6.0 that is specific to x86_64.

The 44.1 major version of gedit arrived in snapshot 20230107. The general-purpose text editor had some code refactorings, updated translations and makes more use of Tepl features related to GtkSourceView-based. KDE Gear 22.12.1 had tons of fixes. Kdenlive has a new camera proxy for the Akaso action camera. The video editing package fixed a couple crashes like one where the app kept dropping an effect with a scene and a zoom that was behaving incorrectly. An update of KMail fixed a bug where opening a progress window did nothing and a fix for Kontact crashing upon startup. The kitinerary added support for international tickets with Italy’s primary train operator Trenitialia. Several other KDE Gear packages were updated in the snapshot. An update of systemd 252.4 added several patches and fixed CVE-2022-4415, which was a security flaw that could cause a local-information leak due to systemd-coredump not respecting a kernel setting. A CVE-2022-46908 patch was dropped and SQL functions removed related to its harmful side-effects with the update of sqlite3 3.40.1; the script did not properly implement the azProhibitedFunctions protection mechanism. The sqlite package also fixed a potential infinite loop in alternative memory. A crash that might occur when managing browser history was fixed with Mozilla Firefox 108.0.2 update. There were several other packages updated in the snapshot including firewalld 1.3.0, btrfsprogs 6.1.2, zypper 1.14.59 and more.

Chess players using GNOME will have a keyboard shortcut fix with gnome-chess 43.1, which arrived in snapshot 20230106. The screen reader for those with no or limited sight will benefit from the Orca 43.1 update. There were many bug fixes with the speech and refreshable braille package, which included several issues related to preferring the TableCell interface and a fix for repetition of text elements during Orca’s Say All command for web content. Bugfix release KDE Plasma 5.26.5 fixed the initialization order with KSignalHandler in the kscreenlocker package. There was a fix for connecting to WPA3-personal networks in the plasma-nm update. The KDE update also brought many fixes for the Window Manager and Wayland Compositor KWin. One of those requires a reboot after changing a primary selection option. There was an update of fetchmail 6.4.35 that now warns about OpenSSL with version before 1.1.1s or 3.0.7, and the update rejects wolfSSL older than version 5.5.0. It also updated Swedish and Esperanto translations. The super-thin layer on the DBus interface fwupd added many new features in the 1.8.9 update. It added SHA384 support for Trusted Platform Module hashes and categories like X-FingerprintReader, X-GraphicsTablet, X-Dock and X-UsbDock. The kernel received it’s first update of the week in this snapshot from last Friday.

I don’t ever like to talk negatively about a project as I never want to demotivate anyone with their labor of love. I also don’t want to ignore when something isn’t ready and Wayland isn’t ready, for me. I very much want it to be for the obvious performance increases in certain areas but there […]