Dear Tumbleweed users and hackers,

This week has been overshadowed a lot with Snapshots that did not pass openQA – in total, we have had 6 snapshots in QA – of which only 2 made it through and have been published. Of course, all the issues identified have resulted in relevant bug reports which the maintainers will be working on, fixing, resubmitting the packages that needed to be reverted, and then we move forward. After all, openQA does exactly what we want it to do: it protects you, the users, from getting broken snapshots.

So, as said, we published two snapshots (1016 and 1019), containing those updates:

• KDE Gear 21.08.2
• KDE Plasma 5.23.0
• KDE Frameworks 5.87.0
• Apparmor profile update for Samba printing subsystem
• Gimp 2.10.28
• Linux kernel 5.14.11 (5.14.12 was responsible for one of the snapshots being blocked)
• Mesa 21.2.4

The staging projects are currently filled with:

• KDE Plasma 5.23.1
• Systemd 249.5
• Linux kernel 5.14.14
• Bison 3.8.2: breaks gdb
• RPM 4.17: one fix for suse-hpc missing (Fix submitted to devel prj)
• Coreutils 9.0
• gpg 2.3.x: some openQA issues detected, https://progress.opensuse.org/issues/101358
• openSSL 3.0.0: no active progress

The past week produced two openSUSE Tumbleweed snapshots and both included a lot of updates for users of KDE.

Plasma, Gear and Frameworks weren’t the only packages to update in the snapshots.

Snapshot 20211019 offered quite a bit of updated packages. Remote access package remmina 1.4.21 provided updates for the GNOME 40 runtime and made some backward compatibility with WebKit versions under 2.32.0. The refreshable braille display package brltty updated to version 6.4 and made sysusers.d a new package while also removing some old SUSE RPM constructs. The PDF rendering library poppler 21.10.0 fixed the rendering of some odd splash patterns and added support for setting custom stamp annotations. Mesa 21.2.4 had several fixes and rolled out patches for both PowerPC and LLVM i386 compiling. A package to get a major update in the snapshot was rdma-core 37.1, which focuses on userspace components for the Linux Kernel’s drivers/infiniband subsystem; this new major version fixed cmake flags to correct paths for pkg-config. KDE’s 5.87.0 Frameworks version had an enormous amount of updated packages in the snapshot. Among the updates was the removal of defunct Python and Ruby script engines with Plasma Framework. The 5.87.0 Breeze Icons package added 22px variants of the preferences icons and the same version of the UI framework package Kirigami fixed Breadcrumb Control on mobile when using layers.

The previous snapshot this week, 20211016, updated the 25th Anniversary Edition of KDE’s Plasma; the 5.23.0 version dives into a cool blue default color scheme and provides System Settings that lets users pick accent colors to make their system pop out with a personal touch. The Kickoff launcher for Plasma, which is located in the bottom left-hand corner of the screen, had some large rewritten code to make it faster and easier to use. Plasma also made changes to let users drag-and-drop stuff between native Wayland and XWayland apps. KDE’s 21.08.2 version of Gear restored the ability to quickly switch between “Zoom to Fit” and “Actual Size” with a keyboard shortcut for the App Gwenview and video editing app Kdenlive made a minor timing delay for startup crash detection. The sound editing app Audacity updated to version 3.0.5 had a single bug fix and gimp 2.10.28 improved the dark theme by adding a white border on the mouse-hover. The graphics editor also set a light background for selected text in layers and removed a 3D shadow box. The updated version of git 2.33.1 fixed git pull and git rebase -r for various corner cases and bugs. LibreOffice 7.2.2.2 updated translations and the container command-line utility package skopeo updated to version 1.5.0, which introduced an --ignore option to allow sync command to continue syncing even after a particular image sync fails. Other packages to update in the snapshot were GNOME’s video player totem 3.38.2, python-kiwi 9.24.0 and several 4.2.17 versions of the widget abstraction library libyui.

Up to now, text support in librsvg has been fairly limited. The text chapter in the SVG spec is pretty big and it contains features that are very much outside of my experience (right-to-left languages, vertical text). But now I think I have a plan for how to improve the text features.

Bidirectional text

Bidirectional text, or "bidi" for short, happens when one has a right-to-left language like Arabic or Hebrew intermixed with things like Arabic numerals, or Latin text.

This is an interesting little example from the SVG spec:

<?xml version="1.0" encoding="utf-8"?>
<svg xmlns="http://www.w3.org/2000/svg"
     width="100%" height="100%" viewBox="0 0 600 72"
     direction="rtl" xml:lang="he">

  <title direction="ltr" xml:lang="en">Right-to-left Text</title>
  <desc direction="ltr" xml:lang="en">
    An example for using the 'direction' and 'unicode-bidi' properties
    in documents that predominantly use right-to-left languages.
  </desc>

  <text x="300" y="50" text-anchor="middle" font-size="36"> כתובת MAC:&#x200F;
    <tspan direction="ltr" unicode-bidi="embed">00-24-AF-2A-55-FC</tspan> 
  </text>

</svg>

It is supposed to render like this; it says "MAC address: xxx-yyy-zzz":

However, until librsvg 2.52.2 this did not work correctly. You see, librsvg takes each piece of text inside a <text> and creates a Span for it. If there is a <tspan> element, it also gets a Span created. However, librsvg did not handle the case where an inner <tspan> changes the direction property from its parent <text> element.

Another bug:

<?xml version="1.0" encoding="utf-8"?>
<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xml:lang="fa" direction="rtl" width="200" height="100">
    <g font-family="Dana-FaNum" font-size="16">
        <text x="50%" y="50%"><tspan font-weight="bold">نام: </tspan><tspan>مهدی</tspan></text>
    </g>
</svg>

It is supposed to render more or less like this (the line says, "Name: Mehdi"):

This was broken, too!. I did not realize that within <text>, the spans need to be laid out exactly in the text direction, in this case rtl. I thought that it was sufficient to let Pango deal with each group of characters within a span.

Together with that, I fixed text-anchor for right-to-left text. This is what one uses to align a text block with respect to its start, middle, or end. It was also broken for RTL languages before.

One remaining bug is that there should be a space to the left of the :, but librsvg is eating it. I think it needs to implement the SVG2 white-space behavior, which replaces the ambiguous definition of xml:space from SVG1.1.

A test that makes me exceedingly happy

This family of images from Wikimedia Commons has been broken for many years. Someone has been painstakingly making SVG2 maps of German rail by writing SVG code by hand; they use features that became available only after Madds Holland's Outreachy internship from last Summer. Also, the maps use text offsetting features that were just broken.

The little arrowheads were broken because librsvg didn't support orient="auto-start-reverse" in markers (arrowheads get done with SVG's "marker" feature). Madds added support for that during their Outreachy internship.

Then, most of the the multi-line text objects in there were laid out incorrectly. Librsvg was laying out spans inside text chunks incorrectly when they had dx/dy offsets and the text also had text-anchor different from the default.

Previously:

Now:

One last detail which I haven't figured out is that the positioning of glyphs is a bit off. If you look at the slanted label for the LU-Rheingönheim station, the "heim" at the end looks a bit misaligned with the rest of the label. Firefox renders it correctly. Advice is appreciated!

Future plans

All those fixes will appear in librsvg 2.52.3, due in a few days.

I want to add more tests for right-to-left and bidi text; they can be affected by many properties for which there are no tests right now.

After bidi text works reasonably well, I want to add support for positioning individual glyphs with the x/y/dx/dy properties. People from Wikimedia Commons really want this, to be able to lay out equations and such.

Once individual glyphs can be positioned independently, maybe textPath support, which cartographers really like for curved labels.

A handy tool

I recently discovered the Ahem font. It is part of the CSS fonts tests, and consequently part of the Web Platform Tests. Quoting from its description:

The font’s em-square is exactly square. Its ascent and descent combined is exactly the size of the em square; this means that the font’s extent is exactly the same as its line-height, meaning that it can be exactly aligned with padding, borders, margins, and so forth.

That is, you can typeset something with the Ahem font and it will appear as contiguous squares. If you render the string ABCD, it will appear as a rectangle four-ems wide by one-em tall. This is wonderful for reproducible tests!

<?xml version="1.0" encoding="utf-8"?>
<svg xmlns="http://www.w3.org/2000/svg" width="600" height="300">
  <rect x="0" y="0" width="100%" height="100%" fill="white"/>
  <line x1="50%" y1="0" x2="50%" y2="100%" stroke-width="2" stroke="blue"/>
  <line x1="0" y1="100" x2="100%" y2="100" stroke-width="2" stroke="blue"/>

  <text x="50%" y="100" font-family="Ahem" font-size="20" text-anchor="end"><tspan dy="-1em">A</tspan><tspan dx="-40" dy="1em">BC</tspan></text>
</svg>

That renders like this:

Text rendering clearly means spending days trying to get three black squares to draw in the correct position.

NUREMBERG, Germany, Oct. 20, 2021 - Thousands of patients in the coastal area of Kribi, Cameroon, are set to gain enhanced health-care delivery as a hospital in the city expands with the use of energy efficient open-source solutions.

The Ebomé Hospital, which is on the southern coast of central Africa, has 24-hour emergency services, an operating room, radiology, maternity, a laboratory, a pharmacy and other services. The hospital treats thousands of people every year.

As the facility expands, it will use the Hospital Information System GNU Health to manage patient records, laboratory information and administrative services. The system will be running openSUSE Leap 15.3 on several Raspberry Pi 4 computers.

“The excellent, long time relationship among openSUSE and GNU Health communities have resulted in a solid infrastructure that delivers state of the art technology all while delivering outstanding performance and protecting the privacy of the patients and health professionals,” said computer scientist, physician and Free Software advocate Luis Falcón. “From Single Board Computers to enterprise grade servers, to mobile phones. Our communities will continue pioneering and delivering state-of-the-art technology in the areas of public health, hospital and laboratory management, bioinformatics and personal health tech like MyGNUHealth.”

Patients can access personal health records through MyGNUHealth running openSUSE on the PinePhone; or running KDE’s Plasma Mobile, XFCE or their favorite desktop environment. The hospital, which is managed by a Spanish Non-Governmental Organization called Ambala, will be using GNU Health’s 4.0 version on the single board devices with all the hospital- and laboratory-management components.

Half of the 40 Pi workstations in the facility are donated by GNU Solidario, which is an NGO founded by Falcón, and openSUSE.

“The donation of Raspberry Pi and other single board computers helps us a lot to achieve our mission of Universal Health,” he said. “We ship GNU Health embedded on these devices to any health institution around the globe. They don’t have to worry about installation or any technical details, and focus on what is most important, the well-being of their population and patients.”

The 62-bed facility has 65 health professionals and covers an estimated population area of 180,000 people.

The collaboration with the hospital will be discussed at GNU Health Con 2021 from Dec. 10 - 11.

People interested in supporting the project and donating boards like a Raspberry Pi 4 can send an email to info@gnuhealth.org or view the GNU Health donations page.

Recently, I moved my domain DNS record under Cloudflare. Cloudflare can smartly optimize web pages. But when I enabled HTML Auto Minify and Rocket Loader simultaneously, I found that the DOMContentLoaded event was missing when accessing the web pages. In this post, I’ll share my experience and solutions to this problem.

Introduction to Auto Minify and Rocket Loader

Auto Minify can delete unnecessary characters (such as spaces, comments, etc.) in the website source code to reduce the source file size, including CSS, Javascript, and HTML. As a result, it reduces the amount of data that needs to be transmitted to the visitor and shortens the page loading time.

Rocket Loader reduces rendering time by asynchronously loading JavaScript, including embedded JavaScript in web pages and third-party scripts. Please refer to their blog for further details.

Finding that the DOMContentLoaded event is missing

As we all know, document.readyState is defined as three states in Chrome:

• When the value is loading, it means that the browser is rendering the web page.
• When it becomes interactive, DOM elements on the web page can be accessed. However, resources such as images, style sheets, and frames are still being loaded.
• When finally it becomes complete, it means that all resources of the webpage have been loaded.

The DOMContentLoaded window event is triggered when the state changes from loading to interactive. The load window event is triggered when the state changes from interactive to complete.

However, after enabling HTML Auto Minify and Rocket Loader simultaneously, I found that the functions meant to be executed when the DOMContentLoaded window event was triggered were not executed actually.

First of all, I judged that it’s impossible to be caused by bugs from web pages, as the website is working normally when I test them locally, and I also used the following code to ensure that the functions are directly executed when document.readyState is interactive or complete:

if (document.readyState === "interactive" ||
    document.readyState === "complete") {
  foo();
} else {
  window.addEventListener("DOMContentLoaded", foo);
}

So it’s puzzling.

Then I embed the following code into the web page so that starting from the time when JavaScript is executed, the console will show the value of document.readyState every time the state changes:

console.log(document.readyState);
document.onreadystatechange = function () {
  console.log(document.readyState)
}

Then learned from the result that after enabling both HTML Auto Minify and Rocket Loader, document.readyState only has two states, loading and complete. The state interactive is missing, and when the state changes from loading to complete, only the load window event will be triggered. The DOMContentLoaded event has never been triggered.

It seems to be a bug to Rocket Loader or may be just intentional.

According to the principles of Rocket Loader introduced by Cloudflare, it will postpone the loading of all JavaScript until rendering is finished. When rendering completes and the JavaScript code is being executed, document.readyState should already be interactive.

However, if HTML Auto Minify is also turned on simultaneously, document.readyState is incorrectly set to loading concluded from the result fore-mentioned. (I guess maybe a piece of code in Rocket Loader incorrectly assigned document.readyState to loading when it starts to execute Javascript code. Because Rocket Loader is not open-sourced, the reasons for doing this are unknown. Of course, the fact may be completely different from my guess.) As a result, the situation makes judgment for whether to directly execute functions completely invalid, resulting in the DOMContentLoaded event still being registered.

Solution

Now that the mechanism is known to us, the solution is also straightforward. Add the following code before all DOMContentLoaded event listeners. You don’t need to change any of the original codes and then, congratulations, you fixed this.

var inCloudFlare = true;
window.addEventListener("DOMContentLoaded", function () {
  inCloudFlare = false;
});
if (document.readyState === "loading") {
  window.addEventListener("load", function () {
    if (inCloudFlare) window.dispatchEvent(new Event("DOMContentLoaded"));
  });
}

This code judges that if the DOMContentLoaded event has still not occurred after the load event occurs, the code will manually triggers the DOMContentLoaded event, thereby making the DOMContentLoaded event equivalent to the load event. The only disadvantage of this solution is that the DOMContentLoaded event is only triggered when document.readyState is complete, but this is currently a necessary cost for fixing.

Of course, you can also resolve this problem by directly disabling the global Auto Minify for HTML, or Configure Page Rules for HTML pages that use the DOMContentLoaded event so that the Auto Minify can be disabled on those pages.

Dear Tumbleweed users and hackers,

Due to my slacking off last Friday, I have to write the review over two weeks again. But that might turn out even better this time, as otherwise, the review might be a bit short (we struggled a bit this week with ‘openQA being slower in testing than OBS with building’). During the last two weeks, we have released a total of 6 snapshots (0929, 1001, 1005, 1008, 1011, and 1012).

The main changes included in those snapshots were:

• GNOME 41.0
• Mozilla Firefox 92.0.1 & 93.0
• Mesa 21.2.3
• Pipewire 0.3.38
• Apache 2.4.51
• Linux kernel 5.14.9
• Samba 4.15.0 (See special info message)
• Squid 5.2
• meson 0.59.2
• LibreOffice 7.2.2.1
• openSSH 8.8p1
• PostgreSQL 14.0
• Rust 1.55
• LLVM 13

In the staging projects we are currently preparing these updates:

• KDE Plasma 5.23
• KDE Frameworks 5.87.0
• RPM 4.17
• Coreutils 9.0: causes issues with 32bit archs (intel, arm, ppc)
• gpg 2.3.2
• openssl 3.0
• bison 3.8.2

Three openSUSE Tumbleweed snapshots released this week have brought updates for text editors, browsers, emails clients, database management systems and many other pieces of software.

Mozilla Firefox, Thunderbird, nano, and PostgreSQL were all in the latest 20211012 snapshot. A new major version of Firefox 93.0 added support for the optimised image format AVIF, which offers a significant file size reduction as opposed to other image formats. The browser also improved web compatibility for privacy protections and fixed more than a handful of Common Vulnerabilities and Exposures. Thunderbird 91.2.0 addressed many of the same CVEs, fixed some issues with the calendar and fixed the new mail notifications that did not properly take subfolders into account. The 5.9 version of text editor nano added syntax highlighting for YAML files and fetchmail 6.4.22 added a few patches, addressed a CVE related to an IMAP connections and now highlights being compatible with OpenSSL 1.1.1 and 3.0.0. The new major version of postgresql 14 provided improvements for heavy workloads, enhanced distributed workloads and added a couple more predefined roles like pg_read_all_data, pg_write_all_data and pg_database_owner. Other packages to update in the snapshot were GNOME’s document viewer evince 41.2, Flatpak 1.12.1, graphics library gegl 0.4.32, glusterfs 9.3 and many RubyGems and YaST package updates.

Snapshot 20211011 also added several RubyGems like style guide package rubygem-rubocop 1.22.1, which added new features like a Safety section to documentation for all cops that are Safe: false or SafeAutoCorrect: false. Another gem update was made to rubygem-spring 3.0, which added new Ruby and Rails dependencies. The update of ImageMagick 7.1.0.9 squashed “a dump truck load of VisualStudio compiler warnings” and had an impressive amount of CVE fixes. The update of libreoffice 7.2.2.1 made a change to add poppler as a vendor for all codestreams except Tumbleweed. OpenSSH 8.8 added some new features and security fixes; the release disables RSA signatures using the SHA-1 hash algorithm by default since the SHA-1 hash algorithm is cryptographically broken, according to the changelog. A major version of the openSUSE package checkmedia updated from version 5.4 to 6.1, which provided an add version option to tag media and fixed the auto-detect of a suitable signature location for Red Hat media. Other packages in the snapshot to update were libvirt 7.8.0, libzypp 17.28.5, firewalld 1.0.1 and more.

The new 5.2 major version of caching proxy squid was among the many packages updated in snapshot 20211008. The Web supporting package for HTTP, HTTPS and FTP added a Kerberos Group Helper and Loop Detection in Content Delivery Networks. The new version also fixes issues with Web Cache Communication Protocol that could have led to information being disclosed based on CVE-2021-28116. Linux Kernel 5.14.9 provided multiple USB additions and added a Memory Tagging Extension support check to thread switching and syscall entry/exit for AArch64. CVE-2021-42013 was fixed with the apache2 2.4.51 update. The update of redis 6.2.6 focused on fixing bugs that involved behavior changes and made some improvements by adding a latency monitor sample when a key is deleted via a lazy expire. Samoa has made the decision to no longer observe Daylight Saving Time and Jordan shifted its DST to the last Thursday of February, which was reflected in the timezone 2021c package update. Other packages to update in the snapshot were libsolv 0.7.20, Samba 4.15.0, libstorage-ng 4.4.43 and the 21.08.1 versions of KDE Gear’s umbrello and yakuake packages.

In response to feedback from openSUSE users, Leap is expecting to have regular rebuilds of the distribution on a quarterly or as needed basis soon.

These respins, which rebuild the ISO image, will receive openQA testing and have a rhythmic release now that the setup process is complete.

These respins allow users to take advantage of the latest bug fixes and updates immediately, which reduces the bandwidth for online updates after an installation of the General Availability (GA) release. Amended ISO images can update packages like GRUB and shim to improve these bootloader and firmware packages for users.

The updated ISO images, which contain a number extension in the filename like 15.3-X to distinguish from the GA release, will have a different checksum than the previously released images. The old ISO image found on get.opensuse.org will be removed and replaced with an up-to-date respin image.

With the completion of the setup process and initial rebuilds, the test results are showing little difference from the orginal GA release of Leap 15.3; the work continues and a respin will be available soon.

Users can expect a respin of Leap after any rebuild of SUSE Linux Enterprise for similar reasons as both Leap and SLE are connected.

Similar to the openSUSE Tumbleweed blogs, each respin of Leap is expected to have an article published on news.opensuse.org giving people information on what the rebuild changed or fixed, which will also be available in the changelog on download.opensuse.org.

It's KDE's birthday today. Twenty-five years ago Matthias Ettrich called for programmers to create a GUI for end users of Linux. They came and did. I wrote about the first Twenty Years of KDE five years ago. What I wrote there is still true, but there is more.

The table where KDE was founded

KDE started with tremendous ambition and momentum. Creating this unified graphical user interface, this integrated desktop for Linux, this vision drove hundreds and hundreds of amazing people to put together a massive amount of code, the desktop and tons of applications to cover all needs. And they succeeded, KDE's desktop represents the state of the art for many years now, on par with the best alternatives out there.

Over the years, with a growing community, the focus shifted. KDE was not only about this integrated desktop anymore, it turned into an umbrella for dedicated sub-communities working on specific parts and applications. The community got bigger and more diverse and created applications such as Kontact, Kate, Okular, Krita, GCompris or Kdenlive. All of them are at the top of their category.

KDE Plasma 5.22

I use KDE software for more than two decades now. I read my mail with KMail, I operate my shell with Konsole, I edit my texts with Kate, I manage my desktop with Plasma. It's special for software to stand this test of time. KDE's software is stable, it's durable, it's reliable, it's carefully adapted to deal with changes in its environment, so that it stays fresh and familiar at the same time. Some may remember the heat we got for breaking things with KDE 4.0. That was thirteen years ago. It has been much smoother sailing since then. So maybe this is what I learned to appreciate the most over the last years: KDE creates sustainable software.

The same is true for the community. The community always was KDE's finest features for me and, as I know, for many others as well. I met many very good friends there, and it's still great to also meet new people. People join, people leave, people stay around. It's a very healthy mix. KDE creates sustainable community.

Akademy 2021 group photo by Akademy Team (CC-BY)

There is a very strong feeling which keeps this together, the feeling of doing meaningful things together. It's an experience which is tremendously strong in KDE, but also in many other Free Software projects. Being free and empowered to do these changes you want to see in the software you use. Having people around you who support you, praise and criticise your work, and work with you on a shared purpose. This can be an incredibly strong source of motivation and satisfaction and happiness. It definitely has been for me.

Thanks, KDE, for a wonderful twenty-five years, and all the best for many more to come.