Up to now, text support in librsvg has been fairly limited. The text chapter in the SVG spec is pretty big and it contains features that are very much outside of my experience (right-to-left languages, vertical text). But now I think I have a plan for how to improve the text features.

Bidirectional text

Bidirectional text, or "bidi" for short, happens when one has a right-to-left language like Arabic or Hebrew intermixed with things like Arabic numerals, or Latin text.

This is an interesting little example from the SVG spec:

<?xml version="1.0" encoding="utf-8"?>
<svg xmlns="http://www.w3.org/2000/svg"
     width="100%" height="100%" viewBox="0 0 600 72"
     direction="rtl" xml:lang="he">

  <title direction="ltr" xml:lang="en">Right-to-left Text</title>
  <desc direction="ltr" xml:lang="en">
    An example for using the 'direction' and 'unicode-bidi' properties
    in documents that predominantly use right-to-left languages.
  </desc>

  <text x="300" y="50" text-anchor="middle" font-size="36"> כתובת MAC:&#x200F;
    <tspan direction="ltr" unicode-bidi="embed">00-24-AF-2A-55-FC</tspan> 
  </text>

</svg>

It is supposed to render like this; it says "MAC address: xxx-yyy-zzz":

However, until librsvg 2.52.2 this did not work correctly. You see, librsvg takes each piece of text inside a <text> and creates a Span for it. If there is a <tspan> element, it also gets a Span created. However, librsvg did not handle the case where an inner <tspan> changes the direction property from its parent <text> element.

Another bug:

<?xml version="1.0" encoding="utf-8"?>
<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xml:lang="fa" direction="rtl" width="200" height="100">
    <g font-family="Dana-FaNum" font-size="16">
        <text x="50%" y="50%"><tspan font-weight="bold">نام: </tspan><tspan>مهدی</tspan></text>
    </g>
</svg>

It is supposed to render more or less like this (the line says, "Name: Mehdi"):

This was broken, too!. I did not realize that within <text>, the spans need to be laid out exactly in the text direction, in this case rtl. I thought that it was sufficient to let Pango deal with each group of characters within a span.

Together with that, I fixed text-anchor for right-to-left text. This is what one uses to align a text block with respect to its start, middle, or end. It was also broken for RTL languages before.

One remaining bug is that there should be a space to the left of the :, but librsvg is eating it. I think it needs to implement the SVG2 white-space behavior, which replaces the ambiguous definition of xml:space from SVG1.1.

A test that makes me exceedingly happy

This family of images from Wikimedia Commons has been broken for many years. Someone has been painstakingly making SVG2 maps of German rail by writing SVG code by hand; they use features that became available only after Madds Holland's Outreachy internship from last Summer. Also, the maps use text offsetting features that were just broken.

The little arrowheads were broken because librsvg didn't support orient="auto-start-reverse" in markers (arrowheads get done with SVG's "marker" feature). Madds added support for that during their Outreachy internship.

Then, most of the the multi-line text objects in there were laid out incorrectly. Librsvg was laying out spans inside text chunks incorrectly when they had dx/dy offsets and the text also had text-anchor different from the default.

Previously:

Now:

One last detail which I haven't figured out is that the positioning of glyphs is a bit off. If you look at the slanted label for the LU-Rheingönheim station, the "heim" at the end looks a bit misaligned with the rest of the label. Firefox renders it correctly. Advice is appreciated!

Future plans

All those fixes will appear in librsvg 2.52.3, due in a few days.

I want to add more tests for right-to-left and bidi text; they can be affected by many properties for which there are no tests right now.

After bidi text works reasonably well, I want to add support for positioning individual glyphs with the x/y/dx/dy properties. People from Wikimedia Commons really want this, to be able to lay out equations and such.

Once individual glyphs can be positioned independently, maybe textPath support, which cartographers really like for curved labels.

A handy tool

I recently discovered the Ahem font. It is part of the CSS fonts tests, and consequently part of the Web Platform Tests. Quoting from its description:

The font’s em-square is exactly square. Its ascent and descent combined is exactly the size of the em square; this means that the font’s extent is exactly the same as its line-height, meaning that it can be exactly aligned with padding, borders, margins, and so forth.

That is, you can typeset something with the Ahem font and it will appear as contiguous squares. If you render the string ABCD, it will appear as a rectangle four-ems wide by one-em tall. This is wonderful for reproducible tests!

<?xml version="1.0" encoding="utf-8"?>
<svg xmlns="http://www.w3.org/2000/svg" width="600" height="300">
  <rect x="0" y="0" width="100%" height="100%" fill="white"/>
  <line x1="50%" y1="0" x2="50%" y2="100%" stroke-width="2" stroke="blue"/>
  <line x1="0" y1="100" x2="100%" y2="100" stroke-width="2" stroke="blue"/>

  <text x="50%" y="100" font-family="Ahem" font-size="20" text-anchor="end"><tspan dy="-1em">A</tspan><tspan dx="-40" dy="1em">BC</tspan></text>
</svg>

That renders like this:

Text rendering clearly means spending days trying to get three black squares to draw in the correct position.

NUREMBERG, Germany, Oct. 20, 2021 - Thousands of patients in the coastal area of Kribi, Cameroon, are set to gain enhanced health-care delivery as a hospital in the city expands with the use of energy efficient open-source solutions.

The Ebomé Hospital, which is on the southern coast of central Africa, has 24-hour emergency services, an operating room, radiology, maternity, a laboratory, a pharmacy and other services. The hospital treats thousands of people every year.

As the facility expands, it will use the Hospital Information System GNU Health to manage patient records, laboratory information and administrative services. The system will be running openSUSE Leap 15.3 on several Raspberry Pi 4 computers.

“The excellent, long time relationship among openSUSE and GNU Health communities have resulted in a solid infrastructure that delivers state of the art technology all while delivering outstanding performance and protecting the privacy of the patients and health professionals,” said computer scientist, physician and Free Software advocate Luis Falcón. “From Single Board Computers to enterprise grade servers, to mobile phones. Our communities will continue pioneering and delivering state-of-the-art technology in the areas of public health, hospital and laboratory management, bioinformatics and personal health tech like MyGNUHealth.”

Patients can access personal health records through MyGNUHealth running openSUSE on the PinePhone; or running KDE’s Plasma Mobile, XFCE or their favorite desktop environment. The hospital, which is managed by a Spanish Non-Governmental Organization called Ambala, will be using GNU Health’s 4.0 version on the single board devices with all the hospital- and laboratory-management components.

Half of the 40 Pi workstations in the facility are donated by GNU Solidario, which is an NGO founded by Falcón, and openSUSE.

“The donation of Raspberry Pi and other single board computers helps us a lot to achieve our mission of Universal Health,” he said. “We ship GNU Health embedded on these devices to any health institution around the globe. They don’t have to worry about installation or any technical details, and focus on what is most important, the well-being of their population and patients.”

The 62-bed facility has 65 health professionals and covers an estimated population area of 180,000 people.

The collaboration with the hospital will be discussed at GNU Health Con 2021 from Dec. 10 - 11.

People interested in supporting the project and donating boards like a Raspberry Pi 4 can send an email to info@gnuhealth.org or view the GNU Health donations page.

Recently, I moved my domain DNS record under Cloudflare. Cloudflare can smartly optimize web pages. But when I enabled HTML Auto Minify and Rocket Loader simultaneously, I found that the DOMContentLoaded event was missing when accessing the web pages. In this post, I’ll share my experience and solutions to this problem.

Introduction to Auto Minify and Rocket Loader

Auto Minify can delete unnecessary characters (such as spaces, comments, etc.) in the website source code to reduce the source file size, including CSS, Javascript, and HTML. As a result, it reduces the amount of data that needs to be transmitted to the visitor and shortens the page loading time.

Rocket Loader reduces rendering time by asynchronously loading JavaScript, including embedded JavaScript in web pages and third-party scripts. Please refer to their blog for further details.

Finding that the DOMContentLoaded event is missing

As we all know, document.readyState is defined as three states in Chrome:

• When the value is loading, it means that the browser is rendering the web page.
• When it becomes interactive, DOM elements on the web page can be accessed. However, resources such as images, style sheets, and frames are still being loaded.
• When finally it becomes complete, it means that all resources of the webpage have been loaded.

The DOMContentLoaded window event is triggered when the state changes from loading to interactive. The load window event is triggered when the state changes from interactive to complete.

However, after enabling HTML Auto Minify and Rocket Loader simultaneously, I found that the functions meant to be executed when the DOMContentLoaded window event was triggered were not executed actually.

First of all, I judged that it’s impossible to be caused by bugs from web pages, as the website is working normally when I test them locally, and I also used the following code to ensure that the functions are directly executed when document.readyState is interactive or complete:

if (document.readyState === "interactive" ||
    document.readyState === "complete") {
  foo();
} else {
  window.addEventListener("DOMContentLoaded", foo);
}

So it’s puzzling.

Then I embed the following code into the web page so that starting from the time when JavaScript is executed, the console will show the value of document.readyState every time the state changes:

console.log(document.readyState);
document.onreadystatechange = function () {
  console.log(document.readyState)
}

Then learned from the result that after enabling both HTML Auto Minify and Rocket Loader, document.readyState only has two states, loading and complete. The state interactive is missing, and when the state changes from loading to complete, only the load window event will be triggered. The DOMContentLoaded event has never been triggered.

It seems to be a bug to Rocket Loader or may be just intentional.

According to the principles of Rocket Loader introduced by Cloudflare, it will postpone the loading of all JavaScript until rendering is finished. When rendering completes and the JavaScript code is being executed, document.readyState should already be interactive.

However, if HTML Auto Minify is also turned on simultaneously, document.readyState is incorrectly set to loading concluded from the result fore-mentioned. (I guess maybe a piece of code in Rocket Loader incorrectly assigned document.readyState to loading when it starts to execute Javascript code. Because Rocket Loader is not open-sourced, the reasons for doing this are unknown. Of course, the fact may be completely different from my guess.) As a result, the situation makes judgment for whether to directly execute functions completely invalid, resulting in the DOMContentLoaded event still being registered.

Solution

Now that the mechanism is known to us, the solution is also straightforward. Add the following code before all DOMContentLoaded event listeners. You don’t need to change any of the original codes and then, congratulations, you fixed this.

var inCloudFlare = true;
window.addEventListener("DOMContentLoaded", function () {
  inCloudFlare = false;
});
if (document.readyState === "loading") {
  window.addEventListener("load", function () {
    if (inCloudFlare) window.dispatchEvent(new Event("DOMContentLoaded"));
  });
}

This code judges that if the DOMContentLoaded event has still not occurred after the load event occurs, the code will manually triggers the DOMContentLoaded event, thereby making the DOMContentLoaded event equivalent to the load event. The only disadvantage of this solution is that the DOMContentLoaded event is only triggered when document.readyState is complete, but this is currently a necessary cost for fixing.

Of course, you can also resolve this problem by directly disabling the global Auto Minify for HTML, or Configure Page Rules for HTML pages that use the DOMContentLoaded event so that the Auto Minify can be disabled on those pages.

Dear Tumbleweed users and hackers,

Due to my slacking off last Friday, I have to write the review over two weeks again. But that might turn out even better this time, as otherwise, the review might be a bit short (we struggled a bit this week with ‘openQA being slower in testing than OBS with building’). During the last two weeks, we have released a total of 6 snapshots (0929, 1001, 1005, 1008, 1011, and 1012).

The main changes included in those snapshots were:

• GNOME 41.0
• Mozilla Firefox 92.0.1 & 93.0
• Mesa 21.2.3
• Pipewire 0.3.38
• Apache 2.4.51
• Linux kernel 5.14.9
• Samba 4.15.0 (See special info message)
• Squid 5.2
• meson 0.59.2
• LibreOffice 7.2.2.1
• openSSH 8.8p1
• PostgreSQL 14.0
• Rust 1.55
• LLVM 13

In the staging projects we are currently preparing these updates:

• KDE Plasma 5.23
• KDE Frameworks 5.87.0
• RPM 4.17
• Coreutils 9.0: causes issues with 32bit archs (intel, arm, ppc)
• gpg 2.3.2
• openssl 3.0
• bison 3.8.2

Three openSUSE Tumbleweed snapshots released this week have brought updates for text editors, browsers, emails clients, database management systems and many other pieces of software.

Mozilla Firefox, Thunderbird, nano, and PostgreSQL were all in the latest 20211012 snapshot. A new major version of Firefox 93.0 added support for the optimised image format AVIF, which offers a significant file size reduction as opposed to other image formats. The browser also improved web compatibility for privacy protections and fixed more than a handful of Common Vulnerabilities and Exposures. Thunderbird 91.2.0 addressed many of the same CVEs, fixed some issues with the calendar and fixed the new mail notifications that did not properly take subfolders into account. The 5.9 version of text editor nano added syntax highlighting for YAML files and fetchmail 6.4.22 added a few patches, addressed a CVE related to an IMAP connections and now highlights being compatible with OpenSSL 1.1.1 and 3.0.0. The new major version of postgresql 14 provided improvements for heavy workloads, enhanced distributed workloads and added a couple more predefined roles like pg_read_all_data, pg_write_all_data and pg_database_owner. Other packages to update in the snapshot were GNOME’s document viewer evince 41.2, Flatpak 1.12.1, graphics library gegl 0.4.32, glusterfs 9.3 and many RubyGems and YaST package updates.

Snapshot 20211011 also added several RubyGems like style guide package rubygem-rubocop 1.22.1, which added new features like a Safety section to documentation for all cops that are Safe: false or SafeAutoCorrect: false. Another gem update was made to rubygem-spring 3.0, which added new Ruby and Rails dependencies. The update of ImageMagick 7.1.0.9 squashed “a dump truck load of VisualStudio compiler warnings” and had an impressive amount of CVE fixes. The update of libreoffice 7.2.2.1 made a change to add poppler as a vendor for all codestreams except Tumbleweed. OpenSSH 8.8 added some new features and security fixes; the release disables RSA signatures using the SHA-1 hash algorithm by default since the SHA-1 hash algorithm is cryptographically broken, according to the changelog. A major version of the openSUSE package checkmedia updated from version 5.4 to 6.1, which provided an add version option to tag media and fixed the auto-detect of a suitable signature location for Red Hat media. Other packages in the snapshot to update were libvirt 7.8.0, libzypp 17.28.5, firewalld 1.0.1 and more.

The new 5.2 major version of caching proxy squid was among the many packages updated in snapshot 20211008. The Web supporting package for HTTP, HTTPS and FTP added a Kerberos Group Helper and Loop Detection in Content Delivery Networks. The new version also fixes issues with Web Cache Communication Protocol that could have led to information being disclosed based on CVE-2021-28116. Linux Kernel 5.14.9 provided multiple USB additions and added a Memory Tagging Extension support check to thread switching and syscall entry/exit for AArch64. CVE-2021-42013 was fixed with the apache2 2.4.51 update. The update of redis 6.2.6 focused on fixing bugs that involved behavior changes and made some improvements by adding a latency monitor sample when a key is deleted via a lazy expire. Samoa has made the decision to no longer observe Daylight Saving Time and Jordan shifted its DST to the last Thursday of February, which was reflected in the timezone 2021c package update. Other packages to update in the snapshot were libsolv 0.7.20, Samba 4.15.0, libstorage-ng 4.4.43 and the 21.08.1 versions of KDE Gear’s umbrello and yakuake packages.

In response to feedback from openSUSE users, Leap is expecting to have regular rebuilds of the distribution on a quarterly or as needed basis soon.

These respins, which rebuild the ISO image, will receive openQA testing and have a rhythmic release now that the setup process is complete.

These respins allow users to take advantage of the latest bug fixes and updates immediately, which reduces the bandwidth for online updates after an installation of the General Availability (GA) release. Amended ISO images can update packages like GRUB and shim to improve these bootloader and firmware packages for users.

The updated ISO images, which contain a number extension in the filename like 15.3-X to distinguish from the GA release, will have a different checksum than the previously released images. The old ISO image found on get.opensuse.org will be removed and replaced with an up-to-date respin image.

With the completion of the setup process and initial rebuilds, the test results are showing little difference from the orginal GA release of Leap 15.3; the work continues and a respin will be available soon.

Users can expect a respin of Leap after any rebuild of SUSE Linux Enterprise for similar reasons as both Leap and SLE are connected.

Similar to the openSUSE Tumbleweed blogs, each respin of Leap is expected to have an article published on news.opensuse.org giving people information on what the rebuild changed or fixed, which will also be available in the changelog on download.opensuse.org.

It's KDE's birthday today. Twenty-five years ago Matthias Ettrich called for programmers to create a GUI for end users of Linux. They came and did. I wrote about the first Twenty Years of KDE five years ago. What I wrote there is still true, but there is more.

The table where KDE was founded

KDE started with tremendous ambition and momentum. Creating this unified graphical user interface, this integrated desktop for Linux, this vision drove hundreds and hundreds of amazing people to put together a massive amount of code, the desktop and tons of applications to cover all needs. And they succeeded, KDE's desktop represents the state of the art for many years now, on par with the best alternatives out there.

Over the years, with a growing community, the focus shifted. KDE was not only about this integrated desktop anymore, it turned into an umbrella for dedicated sub-communities working on specific parts and applications. The community got bigger and more diverse and created applications such as Kontact, Kate, Okular, Krita, GCompris or Kdenlive. All of them are at the top of their category.

KDE Plasma 5.22

I use KDE software for more than two decades now. I read my mail with KMail, I operate my shell with Konsole, I edit my texts with Kate, I manage my desktop with Plasma. It's special for software to stand this test of time. KDE's software is stable, it's durable, it's reliable, it's carefully adapted to deal with changes in its environment, so that it stays fresh and familiar at the same time. Some may remember the heat we got for breaking things with KDE 4.0. That was thirteen years ago. It has been much smoother sailing since then. So maybe this is what I learned to appreciate the most over the last years: KDE creates sustainable software.

The same is true for the community. The community always was KDE's finest features for me and, as I know, for many others as well. I met many very good friends there, and it's still great to also meet new people. People join, people leave, people stay around. It's a very healthy mix. KDE creates sustainable community.

Akademy 2021 group photo by Akademy Team (CC-BY)

There is a very strong feeling which keeps this together, the feeling of doing meaningful things together. It's an experience which is tremendously strong in KDE, but also in many other Free Software projects. Being free and empowered to do these changes you want to see in the software you use. Having people around you who support you, praise and criticise your work, and work with you on a shared purpose. This can be an incredibly strong source of motivation and satisfaction and happiness. It definitely has been for me.

Thanks, KDE, for a wonderful twenty-five years, and all the best for many more to come.

Ever since I started this personal blog site, I was curious if people actually read what I write. Luckily, based on the responses I received on Twitter, LinkedIn and in private, there is no problem with that. Next I wanted to see numbers. I was told, that Google Analytics is the gold standard of measurement. Well…

Google Analytics

Lets start it with the basic problem: even my own visits are not counted. The reason is simple: uBlock Origin. I need to use my tablet to get my visit counted, the only device where I do not use an ad blocker. According to Google Analytics, my most popular blog is about listening to music, while my IT and security related blogs are barely read by anyone. When I check the raw logs, the picture is quite different. My estimate is, that depending on the topic, 20 to 80 percent of visitors fly under the radar, when it comes to Google Analytics.

Awffull

Once upon a time I used webalizer to analyze my logs. Awffull is a fork of webalizer, but also has been dead for a long time. But while 20 years ago its output was considered to be rich and beautiful, it is like a time capsule now. A bit of nostalgia, but otherwise not much useful. It includes all results, including search and other bots.

Other suggestions

Last week I asked around what should I use to replace Google Analytics. Quite a few people suggested that I keep using GA, as even if it is not much use, it is still the gold standard. However it is a personal blog without any ads. It is not a business site and I am more curious about real usage than how many ads I can serve.

Matomo

Another frequent suggestion was Matomo. It is available both on-premise and as a cloud service. When used from the cloud it has the same problems as GA. Probably a bit more accurate results, but still blocked by ad blockers. And some posts suggest that on-premise installations are also effectively blocked.

Plausible

To a lesser extent, but it seems to have the same problem as Matomo and GA.

What’s next?

I plan to experiment a bit. I might even try Matomo and/or Plausible. But first I plan to setup syslog-ng with Elasticsearch and Kibana, and see, what I can do with the raw logs myself. A couple of ideas:

• syslog-ng can parse Apache access log and store the results in Elasticsearch
• based on the User-Agent I can label some traffic as RSS, search engine and probably a few more categories
• probably the closest to the truth in terms of human visitors: check CSS downloads with a page referrer

I hope that I’ll learn not just about my website traffic, but also more about syslog-ng, Elasticsearch and Kibana. And as many of my friends are in information security, working with raw logs promises to be the most effective.

If you have any suggestions, you can reach me on Twitter or LinkedIn (links in the upper right corner).

Recently I’ve been indulging myself in pixel art again. One might assume that’s my comfort zone, but honestly I don’t feel like I’ve ever truly mastered it.

The initial push came from my friend, who quit his corporate job, to dive back into his passion and is working on games. Their first title is an oldschool pixel maze, (with a 2021 artistic twist, of course). His work inspired me to get back to pixel pushing.

To combine exploration with usefulness, I imagined mixing up of the new application icon style with pixels to perhaps bring back the fun of colorful patterns into a wallpaper.

Sadly the result is visually way too overwhelming, but the assets created can at least please your nostalgia bone here on planet GNOME (unless it becomes a mess without the stylesheet, we’ll see). Stay curious!