Language Selection

English French German Italian Portuguese Spanish

OSS Leftovers

Filed under
OSS
  • Spinnaker is the next big open source project to watch

    Spinnaker is an open source continuous delivery (CD) platform from Netflix and Google, though it now also has the backing of other major software companies. Spinnaker 1.0 launched last July, so it’s not the newest kid on the block, but the service is slowly but surely gaining momentum now, with users that include Target, Adobe, Daimler and Capital One, as well as a growing ecosystem of vendors who support it.

    Today, after a few years of working on the project without any formal structure in place, the Spinnaker project announced that it is growing up and putting a formal governance system in place at the project’s second community summit in Seattle this week.

  • Andy Wingo: heap object representation in spidermonkey

    I was having a look through SpiderMonkey's source code today and found something interesting about how it represents heap objects and wanted to share.

    I was first looking to see how to implement arbitrary-length integers ("bigints") by storing the digits inline in the allocated object. (I'll use the term "object" here, but from JS's perspective, bigints are rather values; they don't have identity. But I digress.) So you have a header indicating how many words it takes to store the digits, and the digits follow. This is how JavaScriptCore and V8 implementations of bigints work.

    Incidentally, JSC's implementation was taken from V8. V8's was taken from Dart. Dart's was taken from Go. We might take SpiderMonkey's from Scheme48. Good times, right??

    When seeing if SpiderMonkey could use this same strategy, I couldn't find how to make a variable-sized GC-managed allocation. It turns out that in SpiderMonkey you can't do that! SM's memory management system wants to work in terms of fixed-sized "cells". Even for objects that store properties inline in named slots, that's implemented in terms of standard cell sizes. So if an object has 6 slots, it might be implemented as instances of cells that hold 8 slots.

    Truly variable-sized allocations seem to be managed off-heap, via malloc or other allocators. I am not quite sure how this works for GC-traced allocations like arrays, but let's assume that somehow it does.

  • Pocket Offers New Features to Help People Read, Watch and Listen across iOS, Android and Web

    We know that when you save something to Pocket, there is a reason why. You are saving something you want to learn about, something that fascinates you, something that will help shape and change you. That’s why we’ve worked hard to make Pocket a dedicated, quiet place to focus so that you can come back and absorb what you save when you are ready.

    The trick is, in the reality of our lives, it’s not always that simple. Our lives don’t always have a quiet moment with a coffee cup in hand with Pocket in the other. We have work to do, kids to take care of, school to attend. But with Pocket we’ve always worked hard to ensure that Pocket gives you tools to fit content around your life, freeing you from the moment of distraction and putting you in control.

  • OpenBSD's unveil()

    One of the key aspects of hardening the user-space side of an operating system is to provide mechanisms for restricting which parts of the filesystem hierarchy a given process can access. Linux has a number of mechanisms of varying capability and complexity for this purpose, but other kernels have taken a different approach. Over the last few months, OpenBSD has inaugurated a new system call named unveil() for this type of hardening that differs significantly from the mechanisms found in Linux.

    The value of restricting access to the filesystem, from a security point of view, is fairly obvious. A compromised process cannot exfiltrate data that it cannot read, and it cannot corrupt files that it cannot write. Preventing unwanted access is, of course, the purpose of the permissions bits attached to every file, but permissions fall short in an important way: just because a particular user has access to a given file does not necessarily imply that every program run by that user should also have access to that file. There is no reason why your PDF viewer should be able to read your SSH keys, for example. Relying on just the permission bits makes it easy for a compromised process to access files that have nothing to do with that process's actual job.

  • digest 0.6.18

    Earlier today, digest version 0.6.18 arrived on CRAN. It will get uploaded to Debian in due course.

    digest creates hash digests of arbitrary R objects (using the md5, sha-1, sha-256, sha-512, crc32, xxhash32, xxhash64 and murmur32 algorithms) permitting easy comparison of R language objects.

  • Did your first pull request get accepted?
  • Clazy 1.4 released

    Clazy 1.4 has been released and brings 10 new checks.

    Clazy is a clang compiler plugin which emits warnings related to Qt best practices. We’ll be showing Clazy at Qt World Summit in Boston, Oct 29-30, where we are a main Sponsor.

  • I'd like to interject for a moment

    Mastodon is merely an implementation of Fediverse. As it happens, only one of my Fediverse channels runs on Mastodon (the Japanese language one at Pawoo). Main one still uses Gnusocial, the anime one was on Gnusocial and migrated to Pleroma a few months ago. All of them are communicating using the OStatus protocol, although a movement is afoot to switch to ActivityPub. Hopefully it's more successful than the migration from RSS to Atom was.

    Yet, I noticed that a lot of people fall to the idea that Mastodon is an exclusive brand. Rarely one has to know or care what MTA someone else uses. Microsoft was somewhat successful in establishing Outlook as such a powerful brand to the exclusion of the compatible e-mail software. The maintainer of Mastodon is doing his hardest to present it as a similar brand, and regrettably, he's very successful at that.

  • How to level up your organization's security expertise

    IT security is critical to every company these days. In the words of former FBI director Robert Mueller: “There are only two types of companies: Those that have been hacked, and those that will be.”

    At the same time, IT security is constantly evolving. We all know we need to keep up with the latest trends in cybersecurity and security tooling, but how can we do that without sacrificing our ability to keep moving forward on our business priorities?

    No single person in your organization can handle all of the security work alone; your entire development and operations team will need to develop an awareness of security tooling and best practices, just like they all need to build skills in open source and in agile software delivery. There are a number of best practices that can help you level up the overall security expertise in your company through basic and intermediate education, subject matter experts, and knowledge-sharing.

More in Tux Machines

Can You Build An Open Source Pocket Operator?

Toys are now musical instruments. Or we’ll just say musical instruments are now toys. You can probably ascribe this recent phenomenon to Frooty Loops or whatever software the kids are using these days, but the truth is that it’s never been easier to lay down a beat. Just press the buttons on a pocket-sized computer. One of the best examples of the playification of musical instruments is Pocket Operators from Teenage Engineering. They’re remarkable pieces of hardware, and really just a custom segment LCD and a few buttons. They also sound great and you can play real music with them. It’s a game changer when it comes to enabling musicianship. Of course, with any popular platform, there’s a need for an Open Source copy. That’s where [Chris]’ Teensy Beats Shield comes in. It’s a ‘shield’ of sorts for a Teensy microcontroller that adds buttons, knobs, and a display, turning this into a platform that uses the Teensy’s incredible audio system designer. Read more

Android Leftovers

today's leftovers

  • Destination Linux EP92 – Elementary My Dear Distro
    On this very special episode of Destination Linux, we are joined by 2 friends of the show. Unfortunately, Zeb was sick this week so we needed a last minute guest host, thankfully Gabriele Musco of TechPills stepped up to help out. If that wasn’t special enough, Daniel Foré from elementary joined us for a segment to discuss the latest release of elementary OS 5.0 (Juno). This episode we discuss a ton of hot topics in the Linux world including Microsoft making 60,000 patents available to the Open Invention Network (OIN), Plex joins the universal package format game with a new Snap, Google+ announces it is shutting down after a security bug debacle, there were some patches proposed to the Linux kernel’s new Code of Conduct. All that and much more including our Tips, Tricks and Software Spotlight picks!
  • Tune Into Free Live Stream of Keynotes at Open Source Summit & ELC + OpenIoT Summit Europe, October 22-24!
  • ethtool Commands and Examples
  • WHAT TO DO AFTER INSTALLING ELEMENTARY OS 5.0
  • Weblate 3.2.2
    Weblate 3.2.2 has been released today. It's a second bugfix release for 3.2 fixing several minor issues which appeared in the release.
  • Kiwi TCMS 6.1
    We're happy to announce Kiwi TCMS version 6.1! This release introduces new database migrations, internal updates and bug fixes. It is a small release designed to minimize the number of database migrations by squashing them together. You can explore everything at https://demo.kiwitcms.org. NOTE: there is the 6.0.1 release which resolves an upgrade problem caused by non-applied migrations which have been later squashed and released in the same release! It is best to jump through the intermediate releases to ensure a smooth upgrade!
  • NeuroFedora update: week 42
    There is a lot of software available in NeuroFedora already. You can see the list here. If you use software that is not on our list, please suggest it to us using the suggestion form.
  • FPgM report: 2018-42
  • Asynchronous bodhi-ci
  • Fuchsia Friday: New ‘Sherlock’ prototype offers more questions than answers

    That brings us to today, with the newly developed Sherlock prototype. First introduced earlier this month, Sherlock features 2GB of RAM and an Amlogic T931 processor. There’s no public information about this processor, beyond it having at least 4 cores, but Amlogic’s T series chips have been almost exclusively built into Smart TVs.

    What makes me hesitant to definitively call Sherlock a Smart TV is a feature that the overwhelming majority of Smart TVs no longer have: a camera. A few short years ago, Smart TVs began to include microphones and cameras to offer things like voice control and Skype video calling.

    It didn’t take long for it to be discovered how vulnerable these devices were and that people probably don’t want their TV watching them back. Then again, that isn’t stopping a rumored Facebook set-top TV box with built-in camera.

  • Google’s Fuchsia OS could mean the end of Android

    If you’ve had your ear to the Google grapevine the past couple of years, you might already know about Fuchsia. As early as 2016 there were whispers and rumors about a new OS for Android, and little more has trickled down to public knowledge since then.

OSS Leftovers

  • cairo release 1.16.0 now available
    After four years of development since 1.14.0, version 1.16.0 of the cairo 2D graphics library has been released.
  • Cairo 1.16 Released With OpenGL ES 3.0 Support, Colored Emojis
    It's been four years since the debut of the Cairo 1.14 stable series and today that has been succeeded by Cairo 1.16. Cairo, as a reminder, is the vector graphics library for 2D drawing and supports back-ends ranging from OpenGL to PDF, PostScript, DirectFB, and SVG outputs. Cairo is used by the likes of the GTK+ tool-kit, Mozilla's Gecko engine, Gnuplot, Poppler, and many other open-source projects.
  • Open source MDM offers flexibility, with challenges
    Open source platforms may require more effort from IT than commercial products do, but they can also address an organization's specific requirements -- if the company is willing to invest in the necessary resources. The open source mobile device management (MDM) market is very limited, but there are a few options. If organizations determine that an open source platform is worth the effort, then they can weigh a few different options for open source MDM tools.
  • Three-Year Moziversary
    Another year at Mozilla. They certainly don’t slow down the more you have of them. For once a year of stability, organization-wise. The two biggest team changes were the addition of Jan-Erik back on March 1, and the loss of our traditional team name “Browser Measurement II” for a more punchy and descriptive “Firefox Telemetry Team.”
  • Citus Data donates 1% equity to non-profit PostgreSQL orgs
    There’s open source and there’s open source. There’s genuine free and open source software (FOSS) and then there’s largely locked down proprietary non-dynamic library open source that is generally supplied as a commercially supported version of an open source kernel base that doesn’t see whole lot of real world code commits — and, no, there’s no acronym for that. Then, there’s other ways of evidencing real open openness such as non-technical contributions (could be language translation/localisation etc.) and then there’s plain old contributions. Scale-out Postgres database technologies ​​​​Citus Data is donating 1 percent of its equity to non-profit PostgreSQL organisations in the US and Europe.
  • Pagely NorthStack Makes WordPress Serverless
    WordPress is getting the serverless treatment, thanks to a new effort from managed WordPress hosting provider Pagely. The new NorthStack platform disaggregates the usual stack that WordPress requires into a series of services that largely run on serverless infrastructure at Amazon Web Services (AWS). The NorthStack effort is an attempt to lower the fixed costs and infrastructure needed to deploy and run WordPress. "WordPress itself is based on 12-year-old code. It does not want to be in a serverless environment," Joshua Strebel, CEO of Pagely, told eWEEK. "WordPress wants to live on one AWS EC2 node up next to its database with everything all contained in it."
  • Why Open Source Healthcare is Vital for Innovation
    Dana Lewis’ story is far from being a rarity. The diabetes industry is one of the worst offenders for overcharging or price gouging medication and equipment for patients. This is leading many individuals to take the same path as Dana Lewis. Open source platforms like OpenAPS, GitHub pages, and social media offer DIYers step-by-step instructions on how to build their own artificial pancreas tools. Kate Farnsworth built a DIY monitor device that keeps blood sugar levels of her diabetic daughter in constant check This tool, that has dramatically improved the life of a 15-year-old Sydney, cost her mom just $250.
  • The EU has approved Microsoft’s $7.5 billion GitHub acquisition
     

    Microsoft’s upcoming $7.5 billion acquisition of GitHub has cleared another major hurdle: the EU has approved the deal after determining that there are no antitrust concerns in Microsoft buying the popular open-source software repository, via the Financial Times.  

  • EU watchdog waves through Microsoft's GitHub takeover
     

    The EC noted that, in making its decision, it probed whether Microsoft would leverage the popularity of GitHut to boost sales of its own DevOps tools and cloud services, and looked into whether Microsoft would have the ability and incentive to further integrate its own DevOps tools and cloud services with GitHub while limiting integration with third parties' DevOps tools and cloud services.

  • Microsoft’s $7.5BN GitHub buy gets green-lit by EU regulators
     

    The Commission decided Microsoft would have no incentive to undermine the GitHub’s openness — saying any attempt to do so would reduce its value for developers, who the Commission judged as willing and able to switch to other platforms.

  • EU clears Microsoft acquisition of GitHub
  • Doing your civic duty one line of code at a time
    When it comes to doing our civic duty in today's technologically driven world, there is a perception that we don't care like older generations did. History teaches us that in the early 20th century's New Deal, Americans stepped up to the nation's challenges on a wide range of government-financed public works projects. Airport construction. Infrastructure improvements. Building dams, bridges, hospitals. This was more than just individuals "pulling themselves up by their bootstraps" but, by design, performing incredible civic duties. Quite an amazing feat when you think about it.