veon: Just finished, almost done.

Share Button

flock-almost done

The last revision of the slide for the workshop has been

What do I talk about?

Oh yes, right,

It is with great pleasure that I announce my first involvement with the
flock-2017 in Hyannis, Massachusetts, also as speaker.

I will come from Italy with my mentor and web site coordinator – Robert Mayr
, and along with the person who initially inspired me to
actively participate in the Fedora Project – Gabriele Trombini

I will be presenting with robyduck a Fedora Websites workshop, an overview
on principal features of Fedora Websites and work on real issue ticket.
Attendees learn how Fedora Websites are make, with which tools and how they can

What do I expect from the flock? Definitely a unique experience, to meet
many of the developers and contributors of the Fedora Project. It will be a
full immersion of ideas and experiences.

The Fedora Project has already given me so much and I hope I can learn a lot

A dream come true thanks to the Fedora Project.

Powered by WPeMatico

Share Button

Robert Mayr: Flock 2017 – I’m waiting for you, Cape Cod!

Share Button

I am very happy I was able to organize my family and holidays to attend Flock again, this will be my third edition after 2013 and 2015, where I had a great experience and made a lot of friends, so I am sure this year will be even better ;)
The flight already will be very nice, because this year I will travel with Gabriele Trombini (mailga) and a new entry of Flock, Andrea Masala (veon). Cape Cod is a real nice venue and although I will be very busy during the conference, I hope we will have a couple of hours to make some sightseeing.
I will be co-speaker in a session I normally gave for the last years, but I am happy Andrea will handle that this year for me. He helped out a lot during the last two releases and I hope he will do even more in the near future. Our workshop will be rather interesting, because we will put our hands on real tickets, look how to fix them and also answer questions about how we handle, develop or debug the websites we are managing.
My talk, given with Gabriele, is a bout the Mindshare initiative, a Council objective for 2017, which aims to retool outreach teams. You will probably already understand this will not affect only ambassadors, but all outreach teams in Fedora world. If you are interested in knowing more, or give your feedback to the plans we have, then come to my talk, I will be happy to open discussions even after the talk, maybe in front of a cold beer :D
Other sessions will see me directly involved, as for example the Council session, but I will also attend the Ambassador workshop-session. Not only because it is directly related to the Mindshare talk, but because as the actual FAmSCo chair I am very interested in this session.

See you all there, and thanks to Fedora to make this possible.

Powered by WPeMatico

Share Button

Daniel Vrátil: KDE PIM in Randa 2017

Share Button

Randa Meetings is an annual meeting of KDE developers in a small village in Swiss Alps. The Randa Meetings is the most productive event I ever attended (since there’s nothing much else to do but hack from morning until night and eat Mario’s chocolate :-)) and it’s very focused – this year main topic is making KDE more accessible.

Several KDE PIM developers will be present as well – and while we will certainly want to hear other’s input regarding accessibility of Kontact, our main goal in Randa will be to port away from KDateTime (the KDE4 way of handling date and time in software) to QDateTime (the Qt way of handling date and time). This does not sound very interesting, but it’s a very important step for us, as afterward, we will finally be free of all legacy KDE4 code. It is no simple task, but we are confident we can finish the port during the hackfest. If everything goes smoothly, we might even have time for some more cool improvements and fixes in Kontact 😉

I will also close the KMail User Survey right before the Randa meetings so that we can go over the results and analyze them. So, if you haven’t answered the KMail User Survey yet, please do so now and help spread the word! There are still 3 more weeks left to collect as many answers as possible. After Randa, I will be posting a series of blog posts regarding results of the survey.

And finally, please support the Randa Meetings by contributing to our fundraiser – the hackfest can only happen thanks to your support!

Konqi can't wait to go to Randa again!

You can read reports from my previous adventures in Randa Meetings in 2014 and 2015 here:

Powered by WPeMatico

Share Button

Matthias Clasen: Post-GUADEC distractions

Share Button

Like everybody else, I had a great time at GUADEC this year.

One of the things that made me happy is that I could convince Behdad to come, and we had a chance to finally wrap up a story that has been going on for much too long: Support for color Emoji in the GTK+ stack and in GNOME.

Behdad has been involved in the standardization process around the various formats for color glyphs in fonts since the very beginning. In 2013, he posted some prototype work for color glyph support in cairo.

This was clearly not meant for inclusion, he was looking for assistance turning this into a mergable patch. Unfortunately, nobody picked this up until I gave it a try in 2016. But my patch was not quite right, and things stalled again.

We finally picked it up this year. I produced a better cairo patch, which we reviewed, fixed and merged during the unconference days at GUADEC. Behdad also wrote and merged the necessary changes for fontconfig, so we can have an “emoji” font family, and made pango automatically choose that font when it finds Emoji.

After guadec, I worked on the input side in GTK+. As a first result, it is now possible to use Control-Shift-e to select Emoji by name or code.

This is a bit of an easter egg though, and only covers a few Emoji like ❤. The full list of supported names is here.

A more prominent way to enter Emoji is clearly needed, so i set out to implement the design we have for an Emoji chooser. The result looks like this:

As you can see, it supports variation selectors for skin tones, and lets you search by name. The clickable icon has to be enabled with a show-emoji-icon property on GtkEntry, but there is a context menu item that brings up the Emoji chooser, regardless.

I am reasonably happy with it, and it will be available both in GTK+ 3.92 and in GTK+ 3.22.19. We are bending the api stability rules a little bit here, to allow the new property for enabling the icon.

Working on this dialog gave me plenty of opportunity to play with Emoji in GTK+ entries, and it became apparent that some things were not quite right.  Some Emoji just did not appear, sometimes. This took me quite a while to debug, since I was hunting for some rendering issue, when in the end, it turned out to be insufficient support for variation selectors in pango.

Another issue that turned up was that pango did place the text caret in the middle of Emoji’s sometimes, and Backspace deleted them piece-meal, one character at a time, instead of all at once. This required fixes in pango’s implementation of the Unicode segmentation rules (TR29). Thankfully, Peng Wu had already done much of the work for this, I just fixed the remaining corner cases to handle all Emoji correctly, including skin tone variations and flags.

So, what’s still missing ? I’m thinking of adding optional support for completion of Emoji names like :grin: directly in the entry, like this:

But this code still needs some refinement before it is ready to land. It also overlaps a bit with traditional input method functionality, and I am still pondering the best way to resolve that.

To try out color Emoji, you can either wait for GNOME 3.26, which will be released in September, or you can get:

  • cairo from git master
  • fontconfig from git master
  • pango 1.40.9 or .10
  • GTK+ from the gtk-3-22 branch
  • a suitable Emoji font, such as EmojiOne or Noto Color Emoji

It was fun to work on this, I hope you enjoy using it! ❤

Powered by WPeMatico

Share Button

Fedora Badges: New badge: FrOSCon 2017 Attendee !

Share Button

FrOSCon 2017 AttendeeYou visited the Fedora booth at FrOSCon 2017!

Powered by WPeMatico

Share Button

Richard Hughes: Shipping PKCS7 signed metadata and firmware

Share Button

Over the last few days I’ve merged in the PKCS7 support into fwupd as an optional feature. I’ve done this for a few reasons:

  • Some distributors of fwupd were disabling the GPG code as it’s GPLv3, and I didn’t feel comfortable saying just use no signatures
  • Trusted vendors want to ship testing versions of firmware directly to users without first uploading to the LVFS.
  • Some firmware is inherently internal use only and needs to be signed using existing cryptographic hardware.
  • The gpgme code scares me.

Did you know GPGME is a library based around screen scraping the output of the gpg2 binary? When you perform an action using the libgpgme APIs you’re literally injecting a string into a pipe and waiting for it to return. You can’t even use libgcrypt (the thing that gpg2 uses) directly as it’s way too low level and doesn’t have any sane abstractions or helpers to read or write packaged data. I don’t want to learn LISP S-Expressions (yes, really) and manually deal with packing data just to do vanilla X509 crypto.

Although the LVFS instance only signs files and metadata with GPG at the moment I’ve added the missing bits into python-gnutls so it could become possible in the future. If this is accepted then I think it would be fine to support both GPG and PKCS7 on the server.

One of the temptations for X509 signing would be to get a certificate from an existing CA and then sign the firmware with that. From my point of view that would be bad, as any firmware signed by any certificate in my system trust store to be marked as valid, when really all I want to do is check for a specific (or a few) certificates that I know are going to be providing certified working firmware. Although I could achieve this to some degree with certificate pinning, it’s not so easy if there is a hierarchical trust relationship or anything more complicated than a simple 1:1 relationship.

So this is possible I’ve created a LVFS CA certificate, and also a server certificate for the specific instance I’m running on OpenShift. I’ve signed the instance certificate with the CA certificate and am creating detached signatures with an embedded (signed-by-the-CA) server certificate. This seems to work well, and means we can issue other certificates (or CRLs) if the server ever moves or the trust is compromised in some way.

So, tl;dr: (should have been at the top of this page…) if you see a /etc/pki/fwupd/LVFS-CA.pem appear on your system in the next release you can relax. Comments, especially from crypto experts welcome. Thanks!

Powered by WPeMatico

Share Button

Bodhi: Bodhi 2.10.0 released

Share Button

Compatibility changes

This release of Bodhi has a few changes that are technically backward incompatible in some senses, but it was determined that each of these changes are justified without raising Bodhi’s major version, often due to features not working at all or being unused. Justifications for each are given inline.

  • dnf and iniparse are now required dependencies for the Python bindings. Justification: Technically, these were needed before for some of the functionality, and the bindings would traceback if that functionality was used without these dependencies being present. With this change, the module will fail to import without them, and they are now formal dependencies.
  • Support for EL 5 has been removed in this release. Justification: EL 5 has become end of life.
  • The pkgtags feature has been removed. Justification: It did not work correctly and enabling it was devastating (#1634).
  • Some bindings code that could log into Koji with TLS certificates was removed. Justification: It was unused (b4474676).
  • Bodhi’s short-lived ci_gating feature has been removed, in favor of the new Greenwave integration feature. Thus, the ci.required and ci.url settings no longer function in Bodhi. The bodhi-babysit-ci utility has also been removed. Justification: The feature was never completed and thus no functionality is lost (#1733).


  • There are new search endpoints in the REST API that perform ilike queries to support case insensitive searching. Bodhi’s web interface now uses these endpoints (#997).
  • It is now possible to search by update alias in the web interface (#1258).
  • Exact matches are now sorted first in search results (#692).
  • The CLI now has a --mine flag when searching for updates or overrides (#811, #1382).
  • The CLI now has more search parameters when querying overrides (#1679).
  • The new case insensitive search is also used when hitting enter in the search box in the web UI (#870).
  • Bodhi is now able to query Pagure for FAS groups for ACL info (f9414601).
  • The Python bindings’ candidates() method now automatically intiializes the username (6e8679b6).
  • CLI errors are now printed in red text (431b9078).
  • The graphs on the metrics page now have mouse hovers to indicate numerical values (#209).
  • Bodhi now has support for using Greenwave to gate updates based on test results. See the new test_gating.required, test_gating.url, and greenwave_api_url settings in production.ini for details on how to enable it. Note also that this feature introduces a new server CLI tool, bodhi-check-policies, which is intended to be run via cron on a regular interval. This CLI tool communicates with Greenwave to determine if updates are passing required tests or not (#1733).

Bug fixes

  • The autokarma check box’s value now persists when editing updates (#1692, #1482, and #1308).
  • The CLI now catches a variety of Exceptions and prints user readable errors instead of tracebacks (#1126, #1626).
  • The Python bindings’ get_releases() method now uses a GET request (#784).
  • The HTML sanitization code has been refactored, which fixed a couple of issues where Bodhi didn’t correctly escape things like e-mail addresses (#1656, #1721).
  • The bindings’ docstring for the comment() method was corrected to state that the email parameter is used to make anonymous comments, rather than to enable or disable sending of e-mails (#289).
  • The web interface now links directly to libravatar’s login page instead of POSTing to it (#1674).
  • The new/edit update form in the web interface now works with the new typeahead library (#1731).

Development improvements

  • Several more modules have been documented with PEP-257 compliant docblocks.
  • Several new tests have been added to cover various portions of the code base, and Bodhi now has
    89% line test coverage. The goal is to reach 100% line coverage within the next 12 months, and
    then begin to work towards 100% branch coverage.

Release contributors

The following developers contributed to Bodhi 2.10.0:

  • Ryan Lerch
  • Matt Jia
  • Matt Prahl
  • Jeremy Cline
  • Ralph Bean
  • Caleigh Runge-Hottman
  • Randy Barlow

Powered by WPeMatico

Share Button

Ben Williams: F26-20170815 Updated ISOs released

Share Button

We the Fedora Respins-SIG are happy to announce new F26-20170815 Updated Lives. (with Kernel 4.12.5-300).
This will be the First Set of updated isos for Fedora 26. 

With this release we include F26-MD-20170815 which is a Multi-Desktop iso in support of Fosscon (FOSSCON is a Free and Open Source software conference held annually in Philadelphia PA. )

With F26 we are still using Livemedia-creator to build the updated lives.

With this new build of F26 Updated Lives will save you about 600 M of updates after install.

As always the isos can be found at

Powered by WPeMatico

Share Button

Tong Hui: Report for COSCUP 2017

Share Button

In the early of the month,as a GNOME Foundation member, I participated in the 12th COSCUP (Conference for Open Source Coder, User & Promoter). From 1996 to 2017, COSCUP has made significant contribution for promoting free and open source in Taiwan. This dozen years or FOSS promoting made Taiwan as much as contributor grows faster than any other Asia country, so I would like to learn what make Taiwan FOSS career successfully, and also advocate GNOME in this conference.

There were thousands participants join COSCUP 2017, and more than 80 talks and workshop by hundreds of free and open source communities contributors and promoters.

As a GNOME Foundation member, together with Bin Li, we have a task to promote GNOME and collaborate with Local Free Desktop community in this COSCUP.

I also gave a short talk together with Mandy Wang in this COSCUP. We talked about how to recruit my girlfriend into FOSS and ‘train’ her become a GNOME contributor.

My talk with Mandy Wang (Photo by Vagabond, CC BY-SA 2.0)

China-Taiwan contributors Meet-up

At BoF (Birds of Feather) session in this COSCUP, Mandy and me from mainland of China, together with Franklin Weng (KDE-TW), zerng07 and freedomknight from Taiwan who works much more on localization of GNOME and KDE. We had a local free desktop meet-up that night.

Firstly we reviewed what we done past years, and communicate what difficulties we met and how we solved. And then we chatted what we should do and need to do to promoting free desktop in China and Taiwan.

By chat with Taiwan contributor I learned so many experience, so it could help us to do more than before.

With some staff of COSCUP 2017 (Photo by Vagabond CC BY-SA 2.0)

Finally, Thanks all hundreds of volunteers who working in COSCUP, make this event wonderful and awesome!

Powered by WPeMatico

Share Button

Maria Leonova: Fedora Design Interns 2017

Share Button

Here’s an update on internships. Older post linked to here. Quick recap: there’s been 2 long-term interns for Fedora design team since February, and one short-term guy, who came for 2 weeks at the beginning of June. Guys have been doing an amazing job, I can’t stress enough how happy I am to have them around.

So let me give you a short overview of their work:

Martin Modry


Martin has created some lovely designs before he moved on to pursue other endeavors in life 😉 Here are some examples of his work:



He’s created several designs for L10N roles, his work is now continued by Mary in this ticket. He’s shown true understanding of the design issues, and worked directly with ticket creators.


Martin Petr

Martin Petr worked with us for 2 weeks 6 hours a day, which allowed him to tackle many projects for Fedora Design and different teams at Red Hat. As always we started of with badges work, soon moving on to other design issues.



He’s created really cool icons for Lightning talks group; they chose the red one in top row for their page. It does work best when resized to be smaller and incorporates references eg to lightning, as well as a neat design solution.lightning_all.png

He also helped create Fedora Release Party poster, which has been widely used. For example, see here. Martin worked on a Fedora telegram theme, and even started to mock up an updated graphics for this year’s site. Martin has an eye for latest trends in design and is super-creative.

Me and many other people are looking forward for him to come back and stay with us for 2 more weeks at the end of September!

Tereza Hlavackova

Terka has been around the longest  – since the end of February and going strong! She’s done an impressive amount of work and I really love her designs. She’s a great help with badges, as well as with some other artwork issues.



Some of her designs include FAF, podcast and Fedora diversity icons. She’s done a great job working with requestors and going through design iterations. Terka’s been away for some time, and I’m looking forward for her to come back, too!

Conclusions and future projects

Altogether I find the Internship program extremely helpful for myself, for Fedora Design team and for some Red Hat teams as well. Both Martins and Terka are great designers, and I hope, they in their turn, only benefit from working in a professional environment, using open source products and communicating with real customers. Not every design issue can be solved easily, some require discussions and iterations, and these guys have been handling them beautifully.

Powered by WPeMatico

Share Button