Language Selection

English French German Italian Portuguese Spanish

today's leftovers

Filed under
Misc
  • Red Hat DevSecOps Day in San Diego on November 8
  • The Ripple Effects of IBM's Big Bet on Red Hat
  • Red Hat Aims To Be The Default Choice For Next-Generation IT

    Prior to announcement, I caught up with Red Hat Chief Information Officer Mike Kelly, who offered thoughts on the steps his team had undertaken to continue to improve Red Hat's product (using a Red Hat-on-Red Hat program), to advise technology executives at various stages of leveraging open source technology, and in improving the overall operation. Clearly these are the sorts of improvements that helped make the company attractive to IBM.

  • Planet KDE Categories

    Jings no wonder people find computer programming scary when the most easily accessible lanugage, JavaScript, is also the most messy one.

    Occationally people would mention to me that the categories on Planet KDE didn’t work and eventually I looked into it and it mostly worked but also sometimes maybe it didn’t. Turns out we were checking for no cookies being set and if not we’d set some defaults for the categories. But sometimes the CDN would set a cookie first and ours would not get set at all. This was hard to recreate as it didn’t happen when working locally of course. And then our JavaScript had at least three different ways to run the initial-setup code but there’s no easy way to just read a cookie, madness I tell you. Anyway it should be fixed now and set categories by default but only if it hasn’t set some before so you may still have to manually choose which you read.

  • FAW 2018 Day 3: “Becoming part of Fedora family because of her!”
  • KubeCon and CloudNativeCon

    This December, Canonical, the company behind Ubuntu, will be present at KubeCon and CloudNativeCon in Seattle.
    The team at Ubuntu will be out in force showcasing their work across Kubernetes and containers and highlighting what makes Ubuntu the platform of choice for developers.

  • Clear Linux Developers Weigh Supporting Snaps

    While Clear Linux augments their package/bundle archive with Flatpak support on the desktop, they are currently deciding whether to also support Snaps that are commonly associated with Ubuntu Linux.

More in Tux Machines

Programming: Django, PHP, Polonius and More

  • Django 2.2 alpha 1 released
    Django 2.2 alpha 1 is now available. It represents the first stage in the 2.2 release cycle and is an opportunity for you to try out the changes coming in Django 2.2. Django 2.2 has a salmagundi of new features which you can read about in the in-development 2.2 release notes.
  • Eliminating PHP polyfills
    The Symfony project has recently created a set of pure-PHP polyfills for both PHP extensions and newer language features. It allows developers to add requirements upon those functions or language additions without increasing the system requirements upon end users. For the most part, I think this is a good thing, and valuable to have. We've done similar things inside MediaWiki as well for CDB support, Memcached, and internationalization, just to name a few. But the downside is that on platforms where it is possible to install the missing PHP extensions or upgrade PHP itself, we're shipping empty code. MediaWiki requires both the ctypes and mbstring PHP extensions, and our servers have those, so there's no use in deploying polyfills for those, because they'll never be used. In September, Reedy and I replaced the polyfills with "unpolyfills" that simply provide the correct package, so the polyfill is skipped by composer. That removed about 3,700 lines of code from what we're committing, reviewing, and deploying - a big win.
  • Polonius and region errors
    Now that NLL has been shipped, I’ve been doing some work revisiting the Polonius project. Polonius is the project that implements the “alias-based formulation” described in my older blogpost. Polonius has come a long way since that post; it’s now quite fast and also experimentally integrated into rustc, where it passes the full test suite.
  • Serious Python released!
    Well, Serious Python is the the new name of The Hacker's Guide to Python — the first book I published. Serious Python is the 4th update of that book — but with a brand a new name and a new editor!

today's howtos

Ditching Out-of-Date Documentation Infrastructure

Long ago, the Linux kernel started using 00-Index files to list the contents of each documentation directory. This was intended to explain what each of those files documented. Henrik Austad recently pointed out that those files have been out of date for a very long time and were probably not used by anyone anymore. This is nothing new. Henrik said in his post that this had been discussed already for years, "and they have since then grown further out of date, so perhaps it is time to just throw them out." He counted hundreds of instances where the 00-index file was out of date or not present when it should have been. He posted a patch to rip them all unceremoniously out of the kernel. Joe Perches was very pleased with this. He pointed out that .rst files (the kernel's native documentation format) had largely taken over the original purpose of those 00-index files. He said the oo-index files were even misleading by now. Read more

Mozilla: Rust 1.32.0, Privacy, UX and Firefox Nightly

  • Announcing Rust 1.32.0
    The Rust team is happy to announce a new version of Rust, 1.32.0. Rust is a programming language that is empowering everyone to build reliable and efficient software.
  • Rust 1.32 Released With New Debugger Macro, Jemalloc Disabled By Default
    For fans of Rustlang, it's time to fire up rustup: Rust 1.32 is out today as the latest feature update for this increasingly popular programming language. The Rust 1.32 release brings dbg!() as a new debug macro to print the value of a variable as well as its file/line-number and it works with more than just variables but also commands.
  • Julien Vehent: Maybe don't throw away your VPN just yet...
    At Mozilla, we've long adopted single sign on, first using SAML, nowadays using OpenID Connect (OIDC). Most of our applications, both public facing and internal, require SSO to protect access to privileged resources. We never trust the network and always require strong authentication. And yet, we continue to maintain VPNs to protect our most sensitive admin panels. "How uncool", I hear you object, "and here we thought you were all about DevOps and shit". And you would be correct, but I'm also pragmatic, and I can't count the number of times we've had authentication bugs that let our red team or security auditors bypass authentication. The truth is, even highly experienced programmers and operators make mistakes and will let a bug disable or fail to protect part of that one super sensitive page you never want to leave open to the internet. And I never blame them because SSO/OAuth/OIDC are massively complex protocols that require huge libraries that fail in weird and unexpected ways. I've never reached the point where I fully trust our SSO, because we find one of those auth bypass every other month. Here's the catch: they never lead to major security incidents because we put all our admin panels behind a good old VPN.
  • Reflections on a co-design workshop
    Co-design workshops help designers learn first-hand the language of the people who use their products, in addition to their pain points, workflows, and motivations. With co-design methods [1] participants are no longer passive recipients of products. Rather, they are involved in the envisioning and re-imagination of them. Participants show us what they need and want through sketching and design exercises. The purpose of a co-design workshop is not to have a pixel-perfect design to implement, rather it’s to learn more about the people who use or will use the product, and to involve them in generating ideas about what to design. We ran a co-design workshop at Mozilla to inform our product design, and we’d like to share our experience with you. [...] Our UX team was tasked with improving the Firefox browser extension experience. When people create browser extensions, they use a form to submit their creations. They submit their code and all the metadata about the extension (name, description, icon, etc.). The metadata provided in the submission form is used to populate the extension’s product page on addons.mozilla.org.
  • Firefox Nightly: These Weeks in Firefox: Issue 51