In bug 1566207 I added support for Heroku Review Apps (link to official docs). This feature allows creating a full Treeherder deployment (backend, frontend and data ingestion pipeline) for a pull request. This gives Treeherder engineers the ability to have their own deployment without having to compete over the Treeherder prototype app (a shared deployment). This is important as the number of engineers and contributors increases.

Once created you get a complete Heroku environment with add-ons and workers configured and the deployment for it.

Looking back, there are few new features that came out of the work, however, Heroku Review apps are not used as widely as I would have hoped for.

The OpenHW Group unveiled a Linux-driven “CORE-V Chassis” eval SoC due for tape-out in 2H 2020 based on an NXP i.MX SoC, but featuring its RISC-V-and PULP-based 64-bit, 1.5GHz CV64A CPU and 32-bit CV32E cores. Meanwhile, Think Silicon demonstrated a RISC-V-based NEOX|V GPU.

A not-for-profit, open source RISC-V initiative called the OpenHW Group that launched in June has announced that it plans to tape out a Linux-friendly CORE-V Chassis evaluation SoC in the second half of 2020 built around its 64-bit CV64A CPU core and 32-bit CV32E coprocessor. The RISC-V based cores will be integrated into an undefined, NXP i.MX heterogeneous, multi-core SoC design. The SoC was announced at this week’s RISC-V Summit in San Jose, Calif., where Think Silicon also demo’d an early version of a RISC-V-based NEOX|V GPU (see farther below).

The open source CV64A CPU core and 32-bit CV32E are based on RISC-V architecture PULP Platform cores developed by the University of ETH Zurich. The 64-bit CV64A core is based on ETH Zurich’s Ariane implementation of its RV64GC RISC-V core IP. RV64GC is also used by many other RISC-V projects, including SiFive’s U54.

• LibreOffice Writer: Starting The Program

• How to use the pipe in Linux commands

• How To Install LEMP Stack on CentOS 8

• OpenShift Scale-CI: Part 3 – OCP 4.1 and 4.2 Scale Run Highlights

• Toplip – A Very Strong File Encryption And Decryption CLI Utility

• Frédéric Wang: Review of my year 2019 at Igalia

  In 2016, I was among the new software engineers who joined Igalia. Three years later I applied to become co-owner of the company and the legal paperwork was completed in April. As my colleague Andy explained on his blog, this does not change a lot of things in practice because most of the decisions are taken within the assembly. However, I’m still very happy and proud of having achieved this step 

  One of my new duty has been to be the “mentor” of Miyoung Shin since February and to help with her integration at Igalia. Shin has been instrumental in Igalia’s project to improve Chromium’s Code Health with an impressive number of ~500 commits. You can watch the video of her BlinkOn lightning talk on YouTube. In addition to her excellent technical contribution she has also invested her energy in company’s life, helping with the organization of social activities during our summits, something which has really been appreciated by her colleagues. I’m really glad that she has recently entered the assembly and will be able to take a more active role in the company’s decisions!

Canonical is proud to announce the availability of Juju 2.7. This new release introduces a range of exciting features and several improvements which enhance Juju across various areas.

To learn more about Juju, visit our page.

Kubernetes extensions

Juju is becoming the simplest way to deploy and manage your container-centric workloads. This release was aimed at bringing more Juju features to k8s charms and more k8s features to Juju.

K8s charms can now define actions, introspect agents, and communicate back to Juju via the addition of juju-run within the pod’s PATH environmental variable. Experienced k8s operators will feel more at home with the ability to set secrets, administer service accounts, and other k8s-native features from their charms directly.

Also: How using Charmed OSM helps telcos to accelerate their NFV transformation

• NVIDIA 440.44 Linux Driver Brings Fixes, __GL_SYNC_DISPLAY_DEVICE Honored With Vulkan

  Out today is NVIDIA 440.44 as the latest stable Linux driver update in their new long-lived driver series. 

  Succeeding the 440.36 and 440.31 stable drivers, the 440.44 release isn't too exciting but at least NVIDIA should be introducing a new beta series shortly. 

• Intel's OpenSWR OpenGL Software Rasterizer Pulls In Tessellator From Microsoft Direct3D Code

  OpenSWR is Intel's performance-minded software rasterizer for purposes like workstation visualizations and is where it outperforms the likes of LLVMpipe. This CPU-based OpenGL implementation can make use of not only AVX/AVX2 but also AVX-512 and other optimizations to support speedy CPU-based GL operations from laptops to Xeon Scalable hardware. Like LLVMpipe, OpenSWR does leverage LLVM in part. Those unfamiliar with this long-standing Intel open-source project can learn more at OpenSWR.org.

• Windows Subsystem For Linux Performance At The End Of 2019

  Recently I wrapped up some benchmarks looking at the performance of Ubuntu on Microsoft's Windows Subsystem for Linux comparing WSL on Windows 10 Build 18362 (May 2019 Update) and then both WSL and WSL2 performance using the Windows 10 Build 19008 Insider's Preview (what will come as Windows 10 20H1 update) for looking at where the WSL performance is heading. Additionally, looking at the bare metal performance of Ubuntu 18.04 LTS for which the WSL instances were based plus Ubuntu 19.10. As well, for the Windows-compatible tests also looking at how the Windows performance itself was outside of WSL/WSL2.

• IPFire 2.23 - Core Update 139 is available for testing

  the last Core Update for this decade is finally available for testing! If you have a couple of hours free over the holidays, please help us out by installing it and sending us your feedback!

• Security updates for Wednesday

  Security updates have been issued by Arch Linux (crypto++ and thunderbird), Debian (cacti, freeimage, git, and jackson-databind), Fedora (nss), openSUSE (clamav, dnsmasq, munge, opencv, permissions, and shadowsocks-libev), Red Hat (nss, nss-softokn, nss-util, rh-maven35-jackson-databind, and thunderbird), Scientific Linux (nss, nss-softokn, nss-util, nss-softokn, and thunderbird), SUSE (caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, crowbar-ui, etcd, flannel, galera-3, mariadb, mariadb-connector-c, openstack-dashboard-theme-SUSE, openstack-heat-templates, openstack-neutron, openstack-nova, openstack-quickstart, patterns-cloud, python-oslo.messaging, python-oslo.utils, python-pysaml2, libssh, and strongswan), and Ubuntu (git, libpcap, libssh, and thunderbird). 

• Daniel Stenberg: BearSSL is curl’s 14th TLS backend

  curl supports more TLS libraries than any other software I know of. The current count stops at 14 different ones that can be used to power curl’s TLS-based protocols (HTTPS primarily, but also FTPS, SMTPS, POP3S, IMAPS and so on).

  The beginning

  The very first curl release didn’t have any TLS support, but already in June 1998 we shipped the first version that supported HTTPS. Back in those days the protocol was still really SSL. The library we used then was called SSLeay. (No, I never understood how that’s supposed to be pronounced)

  The SSLeay library became OpenSSL very soon after but the API was brought along so curl supported it from the start.

• Announcing Version 2.7 of the Mozilla Root Store Policy

  After many months of discussion on the mozilla.dev.security.policy mailing list, our Root Store Policy governing Certificate Authorities (CAs) that are trusted in Mozilla products has been updated. Version 2.7 has an effective date of January 1st, 2020.

• Week notes - 2019 w49 - worklog - The Weak Notes

  A week with a bad cold makes it more difficult to write week notes. So here my weak notes. Everything seems heavier to type, to push.

  This last week-end I was at JSConf JP. I wrote down some notes about it.

  The week starts with two days of fulltime diagnosis (Monday, Tuesday). Let's get to it: 69 open bugs for Gecko. We try to distribute our work across the team so we are sure that at least someone is on duty for each day of the week. When we have finished our shift, we can add ourselves for more days. That doesn't prevent us for working on bugs the rest of the week. Some of the bugs take longer.

• Problematic monetization in security products, Avira edition

  A while back we’ve seen how Avast monetizes their users. Today we have a much smaller fish to fry, largely because the Avira’s extensions in question aren’t installed by default and require explicit user action for the additional “protection.” So these have far fewer users, currently 400 thousands on Firefox and slightly above a million on Chrome according to official add-on store numbers. It doesn’t make their functionality any less problematic however.

  That’s especially the case for Avira Browser Safety extension that Avira offers for Firefox and Opera. While the vendor’s homepage lists “Find the best deals on items you’re shopping for” as last feature in the list, the extension description in the add-on stores “forgets” to mention this monetization strategy. I’m not sure why the identical Chrome extension is called “Avira Safe Shopping” but at least here the users get some transparency.

  [...]

  The Avira Browser Safety extension is identical to Avira Safe Shopping and monetizes by offering “best shopping deals” to the users. This functionality is underdocumented, particularly in Avira’s privacy policy. It is also risky however, as Avira chose to implement it in such a way that it will execute JavaScript code from Avira’s servers on arbitrary websites as well as in the context of the extension itself. In theory, this allows Avira or anybody with control of this particular server to target individual users, spy on them or mess with their browsing experience in almost arbitrary ways.

  In addition to that, the security part of the extension is implemented in a suboptimal way and will upload the entire browsing history of the users to Avira’s servers without even removing potentially sensitive data first. Again, Avira’s privacy policy is severely lacking and won’t make any clear statements as to what happens with this data.

Microsemi unveiled PolarFire FPGA + RISC-V SoC about one year ago, but at the time, development was done on a $3,000 platform with SiFive U54 powered HiFive Unleashed board combined with an FPGA...

• Data Engineer Interview Questions With Python

  Going to interviews can be a time-consuming and tiring process, and technical interviews can be even more stressful! This tutorial is aimed to prepare you for some common questions you’ll encounter during your data engineer interview. You’ll learn how to answer questions about databases, Python, and SQL.

• 8 AI Predictions for 2020: Business Leaders & Researchers Weigh In

  The first industrial revolution was powered by coal, the second by oil and gas, and the third by nuclear power. The fourth — AI — is fueled by an abundance of data and breakthroughs in compute power. While this abundance has allowed us to make significant progress in recent years, there is still much to be done for AI to be the positive life-changing force that many hope it will be. We asked thought leaders at the forefront of AI and machine learning technology to contribute some insight into what they think will transpire in 2020. Their predictions center around hardware, the human impact of AI, the public’s understanding of AI, and its limitations.

• The easiest way to deploy Django application

  Heroku is a cloud application platform, it facilitate the deployement of a web application.

  They support several programming languages, include Python.

• Encoding and Decoding Base64 Strings in Python

  Have you ever received a PDF or an image file from someone via email, only to see strange characters when you open it? This can happen if your email server was only designed to handle text data. Files with binary data, bytes that represent non-text information like images, can be easily corrupted when being transferred and processed to text-only systems.

  Base64 encoding allows us to convert bytes containing binary or text data to ASCII characters. By encoding our data, we improve the chances of it being processed correctly by various systems.

  In this tutorial, we would learn how Base64 encoding and decoding works, and how it can be used. We will then use Python to Base64 encode and decode both text and binary data.

• MicroProfile 3.2 is now available on Open Liberty in Red Hat Runtimes

  Open Liberty 19.0.0.12 provides support for MicroProfile 3.2, allowing users to provide their own health check procedures and monitor microservice applications easily with metrics. Additionally, updates allow trust to be established using the JDK’s default truststore or a certificate through an environment variable.

  [...]

  Open Liberty has added support for Jaeger in MicroProfile OpenTracing. A sample tracer is available for using Zipkin as a tracing backend. With the addition of Jaeger support, developers can also use Jaeger as a tracing backend.

• Working with Linux containers on RHEL 8 with Podman, image builder and web console

  Podman was released with Red Hat Enterprise Linux 7.6 and 8.0 as the next generation of Linux container tools, is designed to allow faster experimentation and development of features.

  Podman features include rootless, kube generate, and kube play (see: "Podman can now ease the transition to Kubernetes and CRI-O"). Podman is also compatible with the Open Containers Initiative (OCI), Runtime, Image, and Distribution specifications, so customers can build container images that run on OpenShift (which uses CRI-O) or other 3rd-party OCI compliant container engines, and vice versa.

  As can be seen in Figure 1, CRI-O, in Red Hat OpenShift, shares many of its underlying components with Podman. This allows Red Hat engineers to leverage knowledge gained in experiments conducted in Podman for new capabilities in OpenShift.

• Red Hat Software Collections 3.4, Red Hat Developer Toolset 9 now generally available

  Building the next generation of enterprise applications requires the latest and greatest developer tools paired with production-grade stability. To help meet these twin needs, we’re pleased to deliver the latest version of Red Hat’s curated collection of the latest open source runtime languages, databases, compilers and related developer tools: Red Hat Software Collections 3.4.

• Celebrating 20 years of enterprise Java: Innovation

  Twenty years ago this week, enterprise Java was born. The Java 2 Platform, Enterprise Edition (J2EE) launched as version 1.2 on Dec. 12, 1999. It built upon many years of work previously in the enterprise distributed systems arena, such as the common object request broker architecture (CORBA) and distributed computing environment (DCE), and its birth marked the beginning of a technology that would become a powerhouse in the world of enterprise application development.

  Building on the "write once, run anywhere" promise of the Java programming language, the enterprise Java platform extends this neutrality and portability with a set of specifications that are well-suited for building large scale applications. As a result, enterprise Java has been able to offer an appealing option for developers that enables them to take advantage of the reliability, speed, efficiency and ease-of-use needed for enterprise-grade development.

• Keycloak: Core concepts of open source identity and access management

  Keycloak provides the flexibility to export and import configurations easily, using a single view to manage everything. Together, these technologies let you integrate front-end, mobile, and monolithic applications into a microservice architecture. In this article, we discuss the core concepts and features of Keycloak and its application integration mechanisms. You will find links to implementation details near the end.

• What 5 new innovations will open source yield in the 2020s?

  When I look back to where technology was in 2010, it’s astounding to think about how much has changed — and how so many of those advancements were fueled by open source.

  Ten years ago, AI was not a part of our everyday lives, most developers hadn’t even heard of containers or microservices, blockchain was little more than an idea, and serverless was a far-off dream. Now these technologies, built on open source projects and the communities that surround them, are shaping how developers do their jobs and how people interact with technology on a daily basis.

  In this blog post, I talk about some of the trends that have shaped the past decade as we look forward to what 2020 — and the next decade — has in store for us.

• Open and Innovative: others don’t have a patch on SUSE

  It’s not just general purpose and large x86_64 systems that feel the benefit of fixing vulnerable systems without waiting for a planned maintenance window. We see so many customers in the SUSE world that run critical applications or large database instances on IBM POWER. In many cases these systems do not have the same levels of flexibility built into general purpose systems, and so every minute of downtime hurts.
  SUSE Linux Enterprise Live Patching has supported live patching on the POWER systems for almost 2 years now. This is just another example of SUSE always listening to the user community and delivering to them what the users really need and when they need. Customers know and depend on SUSE to be the first to deliver the right technology at the right time.

• Talk Python to Me: Episode #242: Your education will be live-streamed

  Online education has certainly gone mainstream. Developers and companies have finally gotten comfortable taking online courses. Sometimes these are recorded, self-paced courses like we have at Talk Python Training. Other times, they are more like live events in webcast format.

  In this episode, you'll meet two guys who are taking the interactivity of online learning up a notch. Brian Clark and Cecil Philip run a weekly event on Twitch where they are live-streaming an interactive Python course. They take questions from 100's of students and dig into the diversions more mainstream online learning simply cannot.

• [Krita artist] Production report: episode 31

  Slowly but surely and in the background of the book-publishing project I've been working on a future episode of Pepper&Carrot. Here is a report about that with many screenshots:

• mintCast 323.5 – Traveling Networker Problem

  In our Innards section, we talk more about Linux Mint and Clem’s comments.

• How To Set up OpenVPN Server In 5 Minutes on Ubuntu Linux

• How to set rsync speed limit from eating all bandwidth

• Simple IPtables Rules For Linux Administrator

• Enable ‘2×2’, ‘3×3’ Workspace Grid in Ubuntu 18.04/19.10

• How to add bash auto completion in CentOS 8 Linux

• How to Set A Custom Screen Resolution in Ubuntu Desktop

• How to play Halo: The Master Chief Collection on Linux

Last week, we talked about MX Linux MX-19. This week, let's have a look at Fedora 31. Now, some of you may already start grumbling and complaining. Because I will focus a lot of my energy on the Gnome desktop and what it doesn't do, and all that. But then, Fedora is the pioneer child (not in the communist sense) of the Gnome world, showcasing the latest fixes and features the environment offers. Therein lies my hope and my expected but hopefully proven wrong disappointment.

Looking back to the past two years or so, I found Fedora to have improved a little in the performance area, has become more consistent, gained stability in major areas side by side with bugs and problems in others, and still isn't user-friendly enough for immediate consumption. Y'know, proprietary stuff, window buttons, desktop icons, stuff like that. Fedora 30 is a good melting pot of all these observations. I wasn't happy, but then, it's time to rewind the clock, reset my emotions, and boldly charge head first into the wall of open-source.

• Hellpoint, the dark sci-fi action RPG from Cradle Games now launching in 2020 with new details

  Cradle Games recently put out some fresh exciting details for Hellpoint, their upcoming crowdfunded dark sci-fi action RPG.

  Firstly, it seems the release has been pushed back a while. They were aiming for this year but they're just not going to hit it. They've been going through console certification, along with doing regular updates to the PC Beta and they're now saying it's going to be sometime in "Q1 2020" for Hellpoint's release.

• Get Wasteland 2 Director's Cut FREE in the GOG Winter Sale, lots of Linux games going cheaps

  Is there seriously another big sale going on already? Yep! This time it comes with a FREE game too. GOG are offering Wasteland 2 Director's Cut at no cost.

  Firstly then, the Wasteland 2 Director's Cut Digital Classic Edition going FREE on GOG which also comes with Wasteland 1: The Original Classic so you're getting two games for nothing here. That should keep you busy enough through the colder Winter nights.

• Action-RPG platform shooter Bite the Bullet is going to have some really crazy weapons

  Mega Cat Studios previously showed how eating enemies in Bite the Bullet would power you up, now they're talking about the varied weapons you get to play with.

  As a huge fan of Broforce and other such crazy action platformers, Bite the Bullet is high up on my list of games coming out next year. We shouldn't be waiting too long on it, with it due in the first quarter of 2020. To show it off a little more, Mega Cat Studios have a new video talking about all the weapons and some of them are pretty crazy.

• Another Steam Beta is out, updates the Linux Runtime to help Steam Play Proton

  Quite a small update to the Steam Beta recently, but for some Linux gamers using Steam Play Proton it might be a rather helpful one.

  The new Library got tweaked a little again, now allowing for Family Sharing of tools, Valve also fixed new categories created in small mode or Big Picture mode not being properly saved when switching to normal mode and recently played but disallowed by Family View games not appearing in the Recent Games shelf when Family View is enabled on startup.

• How to change the keyboard on your Android device, and get new keyboards

• Google built its own tiny HDMI 2.1 box to jump-start ‘the next generation of Android TV’

• Pixel's improved RAM management set to appear on other Android phones

• Google is making it easier to search AOSP with a new Android Code Search tool

• Nokia 7.1 gets Android 10 with Dark Mode

• Android TV gets Android 10 update with performance and security enhancements

• BREAKING: Motorola One Power receiving stable Android 10 update with December patch

• Samsung Galaxy Note10 5G gets new Android 10 beta, S10 5G receives stable build

• 10 best offline Android games to play right now

• The best iPhone and Android apps of 2019

• Orange Bank brings Google Pay to all Android users

• How to Install ElkArte Forum with Apache and Let's Encrypt on Debian 10

  ElkArte is a free, open-source and powerful forum software that allows you to create your own online forum community. In this tutorial, we will explain how to install ElkArte on Debian 10 server.

• My Free Software Activities in November 2019

  Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

• Debian GNU/Linux riscv64 port -- Sponsors and Build machines

  In previous posts about the riscv64 port there were mentions about history, progress and other details, but in this one I want to address the topic of sponsors and build machines, which even if there are mentions from time to time (e.g. in talks and slides posted here), it has not been covered in a comprehensive manner.

  And it's only fair that we acknowledge people and orgs sponsoring and contributing resources... and about time too. They will appear roughly in chronological order.

Firefox is one of the most popular free and open-source browsers for Linux users. Even though you have a lot of open source chrome alternatives, Firefox still is one of the best choices to go with.

And you don’t even need to install Firefox on Ubuntu or most other distributions because it is installed by default.

What if you can make your browsing experience on Firefox even better by using some keyboard shortcuts?

Hold on, of course, not everyone prefers to use keyboard shortcuts. But, if you’re comfortable with that and want to do perform tasks in a jiffy, you should know some of the most common Firefox keyboard shortcuts.

It is also worth noting that you could use some of these shortcuts on Chrome/Chromium as well- however, we already have a list of useful Google Chrome shortcuts to help you out. So, if you’re using Chrome/Chromium, I insist you check out that article.

• The 15 Best Document Scanner Apps for Android Devices in 2020

  It doesn’t matter whether you are an Office job holder, a businessman, or a student; you will face a situation where scanning some papers or documents seem to be essential. But finding a scanner is tough in many places nowadays. You can deal with such a problem if you have installed any document scanner apps on your Android device. In PlayStore, some scanner apps can turn your mobile phone into a tiny scanner. So, just by installing a useful document scanner App, you can scan notes and documents anytime, anywhere.

• Google ADT-3 is a Developer-Focused TV Box for Android TV on Android 10

  Back in 2014, Google killed Google TV and announced Android TV, and as a result, introduced ADT-1, the first developer kit specifically designed for Android TV.

There are lots of layers of security in the LVFS and fwupd design, including restricted account modes, 2FA, and server side AppStream namespaces. The most powerful one is the so-called vendor-id that the vendors cannot assign themselves, and is assigned by me when creating the vendor account on the LVFS. The way this works is that all firmware from the vendor is tagged with a vendor-id string like USB:0x056A which in this case matches the USB consortium vendor assigned ID. Client side, the vendor-id from the signed metadata is checked against the physical device and the firmware is updated only if the ID matches. This ensures that malicious or careless users on the LVFS can never ship firmware updates for other vendors hardware. About 90% of the vendors on the LVFS are locked down with this mechanism.

Some vendors have to have IDs that they don’t actually own, a good example here is for a DFU device like the 8bitdo controllers. In runtime mode they use the USB-assigned 8bitdo VID, but in bootloader mode they use a generic VID which is assigned to the chip supplier as they are using the reference bootloader. This is obviously fine, and both vendor IDs are assigned to 8bitdo on the LVFS for this reason. Another example is where Lenovo is responsible for updating Lenovo-specific NVMe firmware, but where the NVMe vendor isn’t always Lenovo’s PCI ID.

• Vim Text Editor for Beginners Part 1 - Introduction

  In my newly refreshed Vim series, you'll learn all the things you'll need to know in order to use this text editor in your daily workflow. In this first video, we'll get Vim installed take an initial look.

• Vim Text Editor for Beginners Part 2 - Combining Files

  In my newly refreshed Vim series, you'll learn all the things you'll need to know in order to use this text editor in your daily workflow.

• Qt Shader Tools Looks To Become Official Qt6 Module

  The currently-experimental Qt Shader Tools allows for graphics/compute shader conditioning and used by the in-development Qt graphics abstraction layer for supporting Vulkan / Metal / Direct3D / OpenGL APIs.

  Qt Shader Tools offers various shader features in preparing them for consumption by different graphics APIs. Qt Shader Tools is currently used ahead of time for QtGUI with Qt 5.14+. But for Qt 6.0, Qt Shader Tools is going through the appropriate steps for becoming a formal Qt 6 module for compiling and translating shaders between interfaces.

• Python Positional-only parameters

  I have downloaded Python 3.8 and start to play around with those latest python functions. In this article, we will look at the Positional-only parameter syntax which is a function parameter syntax / to indicate that some function parameters must be specified positionally and cannot be used as keyword arguments which means after the / syntax we may specify a value for each parameter within that function.

• For Loop in Python Explained With Practical Examples

  If you are just getting started to learn Python, you must be in search of something to explore for loop in Python.

  Of course, our list of free python resources should help you learn about it quickly.

  In either case, we shall help you learn more about the ‘for‘ loop in python using a couple of important examples.