All posts by jzb

[$] Testing AI-enhanced reviews for Linux patches

Post Syndicated from jzb original https://lwn.net/Articles/987319/

Code review is in high demand, and short supply, for most open-source projects.
Reviewer time is precious, so any tool that can lighten the load is worth exploring.
That is why Jesse Brandeburg and Kamel Ayari decided to test whether
tools like ChatGPT could review patches to provide quick feedback to
contributors about common problems. In a
talk
at the Netdev 0x18 conference this July, Brandeburg provided an overview of an
experiment using machine learning to review emails containing patches
sent to the netdev
mailing list. Large-language models (LLMs) will not be replacing human reviewers anytime
soon, but they may be a useful addition to help humans focus on deeper
reviews instead of simple rule violations.

NGINX has moved to Github

Post Syndicated from jzb original https://lwn.net/Articles/989229/

The NGINX team has announced
that official NGINX open-source development has moved away from
Mercurial to GitHub, and
the project will now be taking contributions
in the form of pull requests:

Additionally, starting today, we will begin accepting bugs reports,
feature requests and enhancements directly through GitHub, under the
“Issues” tab. Moreover, we’ve moved our community forums to the GitHub
“Discussions” area, where you will now be able
to engage in conversation, ask, and answer questions.

[…] We understand that changes like these may require adjustment,
so to give you more time, we will continue accepting patches and
provide community support via mailing lists until December 31st, 2024.

Tellico 4.0 released

Post Syndicated from jzb original https://lwn.net/Articles/988837/

Version 4.0 of the Tellico collection management
software has been released. This is the first release to use the
KDE Frameworks 6 and Qt6 libraries, with a fallback
available for Frameworks 5 and Qt5. Other notable changes in 4.0
include importing video collections from file metadata and correctly
importing multi-disc album data from Discogs, MusicBrainz, and iTunes. Users
of prior versions are advised to make a backup of their data before upgrading.

Security updates for Wednesday

Post Syndicated from jzb original https://lwn.net/Articles/988746/

Security updates have been issued by AlmaLinux (buildah, gvisor-tap-vsock, nodejs:18, python-urllib3, and skopeo), Debian (firefox-esr and openssl), Fedora (apr and seamonkey), Red Hat (podman), Slackware (mozilla and seamonkey), SUSE (bubblewrap and flatpak, buildah, docker, dovecot23, ffmpeg, frr, go1.21-openssl, graphviz, java-1_8_0-openj9, kubernetes1.26, kubernetes1.27, kubernetes1.28, openssl-1_0_0, openssl-3, perl-DBI, python-aiohttp, python-Django, python-WebOb, thunderbird, tiff, ucode-intel, unbound, webkit2gtk3, and xen), and Ubuntu (drupal7 and twisted).

Firefox 130.0 released

Post Syndicated from jzb original https://lwn.net/Articles/988607/

Version
130.0
of the Firefox browser has been released. Notable in this
release is the addition of a Firefox Labs tab in Firefox
Settings. This allows users to easily enable experimental features,
such as the ability to translate selected text portions to different
languages after a full-page translation, and add
an AI chatbot to the sidebar
. Firefox 130 also addresses several
security issues
, adds 11 new languages to its translation support,
and more.

[$] Transcribing audio with AI using Speech Note

Post Syndicated from jzb original https://lwn.net/Articles/987315/

One of the joys of writing about technology is the opportunity to
cover interesting talks on open‑source and free‑software topics. One
of the pains is creating transcriptions of said talks, or continually
referring back to a recording, to be able to write about
them. Speech Note is an
open-source application that uses machine-learning models, running locally, to
translate speech to text and take the pain out of transcription. It
also handles text to speech, and language translations. While not
perfect, its transcriptions are better than one might expect, even when
handling jargon, accents, and less-than-perfect audio.

[$] Advances in font technology and GTK text rendering

Post Syndicated from jzb original https://lwn.net/Articles/987176/

At this year’s GUADEC in Denver, Colorado, Behdad Esfahbod and Matthias Clasen
presented a two-part talk on a topic that’s deeply important to desktop
environments: fonts. Esfahbod covered advances in font
technology that are making their way to becoming standards, and Clasen briefly
discussed improvements in GTK text rendering. The talk presented some
fascinating insights into the problems around accurately rendering
writing systems on the desktop, and where font technologies may be
going in the near future.

Understanding the Postgres Hackers Mailing List Language

Post Syndicated from jzb original https://lwn.net/Articles/987892/

Reading an established open-source project’s developer mailing list
may leave new contributors wishing they had a decoder ring. Greg
Sabino Mullane has written up a valuable explainer
for those new to the PostgreSQL hackers (pgsql-hackers)
mailing list that may also be useful for decoding other lists as well:

The mailing lists are full of acronyms and jargon that might not be
familiar to younger people who did not grow up on email (although text
messages have inherited many of the abbreviations). If you are a
non-native English speaker, or under the age of 30, or not steeped in
the world of tech, I offer some solutions below.

To do this, I downloaded the last year’s worth of hackers email,
wrote a program to strip out all the non-human stuff (headers, code
blocks, attachments, etc.), and then did some data analysis on the
results.

Graham: Asking for donations in Plasma

Post Syndicated from jzb original https://lwn.net/Articles/987715/

The KDE project plans to directly
ask for donations in the Plasma desktop starting with version
6.2. According to this
blog post
by Nate Graham, users will see a
system notification
once per year (in December) asking for a
donation to the non-profit KDE e.V.:

Now, I know that messages like this can be controversial! The
change was carefully considered, and we tried our best to minimize
the annoying-ness factor: It’s small and unobtrusive, and no matter
what you do with it (click any button, close it, etc) it’ll go away
until next year. It’s implemented as a KDE Daemon (KDED) module,
which allows users and distributors to permanently disable it if they
like.

[$] Debian discusses principles for package maintenance

Post Syndicated from jzb original https://lwn.net/Articles/986480/

Achieving consensus among Debian Developers on technical topics and
procedures can be, to put it mildly, challenging. Nevertheless, that
is exactly what Otto Kekäläinen has tried to do with a proposal that
would set up “principles all Debian packages should follow to be
open for collaboration in package maintenance
“. In the near term,
it seems unlikely that the proposal will be accepted, but the
discussion may be effective at improving collaboration nonetheless.

Security updates for Wednesday

Post Syndicated from jzb original https://lwn.net/Articles/987519/

Security updates have been issued by Fedora (calibre, dotnet8.0, dovecot, webkit2gtk4.0, and webkitgtk), Oracle (nodejs:20), Red Hat (bind, bind and bind-dyndb-ldap, postgresql:16, and squid), Slackware (kcron and plasma), SUSE (keepalived and webkit2gtk3), and Ubuntu (drupal7).

Call for nominations: Ubuntu Community Council

Post Syndicated from jzb original https://lwn.net/Articles/987406/

Nominations are now
open
for people interested in joining the Ubuntu
Community Council
, “the highest governance body of the Ubuntu
project
“. Any Ubuntu Member can
apply from now until Sunday, September 22 at 23:59 UTC.

The Ubuntu project turned 20 this year, but is still in constant
flux. The advent of new communication platforms, new projects under
our umbrella, and the ever-growing popularity of the project requires
our community to evolve. We need to make sure Ubuntu is set to tackle
the challenges of the next 20 years. It needs a strong and active
community council to guide the project forwards.

See Merlijn Sebrechts’s blog
post
, “A year in the Ubuntu community council”, for an overview of
what it’s like to serve on the council.

Sovereign Tech Fund (STF) to invest in FreeBSD infrastructure modernization

Post Syndicated from jzb original https://lwn.net/Articles/987311/

The FreeBSD Foundation has announced that Germany’s Sovereign Tech
Fund
(STF) has agreed to invest €686,400 toward improvements in the
FreeBSD project’s infrastructure, security, regulatory compliance, and
developer experience:

The work commissioned by STF also aligns closely with the recent
August
9, 2024 summary report
released by the U.S. Office of the
National Cyber Director
(ONCD), consolidating feedback from the 2023
request for information on key priorities for securing the open source
software ecosystem. By enhancing security controls and SBOM tooling,
the FreeBSD Foundation is helping to keep FreeBSD at the forefront of
improved vulnerability disclosure mechanisms and secure software
foundations.

“Something has gone seriously wrong,” dual-boot systems warn after Microsoft update (Ars Technica)

Post Syndicated from jzb original https://lwn.net/Articles/986659/

Ars Technica covers
a recent update
that is causing problems for users with systems that dual-boot Windows
and Linux.

“Note that Windows says this update won’t apply to systems that
dual-boot Windows and Linux,” one frustrated person wrote. “This
obviously isn’t true, and likely depends on your system configuration
and the distribution being run. It appears to have made some linux efi
shim bootloaders incompatible with microcrap efi bootloaders (that’s
why shifting from MS efi to ‘other OS’ in efi setup works). It appears
that Mint has a shim version that MS SBAT doesn’t recognize.”

The reports indicate that multiple distributions, including Debian,
Ubuntu, Linux Mint, Zorin OS, and Puppy Linux, are all
affected. Microsoft has yet to acknowledge the error publicly, explain
how it wasn’t detected during testing, or provide technical guidance
to those affected. Company representatives didn’t respond to an email
seeking answers.

Górny: Gentoo: profiles and keywords rather than releases

Post Syndicated from jzb original https://lwn.net/Articles/986655/

Gentoo developer Michał Górny has written a lengthy blog
post
that explains how Gentoo approaches releases:

Gentoo is something of a hybrid, as it combines the best of both
worlds. It is a rolling release distribution with a single shared
repository that is available to all users. However, within this
repository we use a keywording system to provide a choice between
stable and testing packages, to facilitate both production and
development systems (with some extra flexibility), and versioned
profiles to tackle major lock-step upgrades.

[$] Modernizing openSUSE installation with Agama

Post Syndicated from jzb original https://lwn.net/Articles/974969/

Linux installers receive a disproportionate amount of attention
compared to the amount of time that most users spend with them. Ideally,
a user spends only a few minutes using the installer, versus years using
the distribution after it is installed. Yet, the installer sets the
first impression, and if it fails to do its job, little else matters.
Installers also have to continually evolve to keep pace with new
hardware, changes in distribution packaging (such as image-based Linux
distributions), and so forth. Along those lines, the SUSE team that maintains the
venerable YaST installer has
decided it’s time to start (almost) fresh with a new Linux installer
project, called Agama,
for new projects. YaST is not going away as an administration tool,
but it is likely to be relieved of installer duties at some point.