I have been invited by Kisio Digital to present the work we have been doing around KDE Itinerary at the Paris Open Transport Meetup next week. The meetup is near Gare de Lyon and starts on Thursday at 19:00. Feel free to come by, I’m looking forward to discuss ideas on how to move KDE Itinerary forward.

While in Paris I’m also going to meet the team behind Navitia, an open source platform for processing and querying static and real-time ground transport data, in particular for local and nation-wide railway networks. That’s obviously very interesting for KDE Itinerary, as mentioned earlier access to dynamic information such as real-time traffic data is probably the biggest challenge for us.

And yes, I of course made sure to pick travel options that don’t have enough test coverage in KDE Itinerary yet ;-)

Linux packaging was a nightmare for years. But recently serious contenders came up claiming to solve the challenge: first containers changed how code is deployed on servers for good. And now a solution for the desktops is within reach. Meet Flatpak!

Preface

In the beginning I probably should admit that over the years I identified packaging within the Linux ecosystem as a fundamental problem. It prevented wider adoption of Linux in general, but especially on the desktop. I was kind of obsessed with the topic.

The general arguments were/are:

• Due to a missing standard it was not easy enough for developers to package software. If they used one of the formats out there they could only target a sub-set of distributions. This lead to lower adoption of the software on Linux, making it a less attractive platform.
• Since Linux was less attractive for developers, less applications were created on/ported to Linux. This lead to a smaller ecosystem. Thus it was less attractive to users since they could not find appealing or helpful applications.
• Due to missing packages in an easy-accessible format, installing software was a challenge as soon as it was not packaged for the distribution in use. So Linux was a lot less attractive for users because few software was available.

History, server side

In hindsight I must say the situation was not as bad as I thought on the server level: Linux in the data center grew and grew. Packaging simply did not matter that much because admins were used to problems deploying applications on servers anyway and they had the proper knowledge (and time) to tackle challenges.

Additionally, the recent rise of container technologies like Docker had a massive impact: it made deploying of apps much easier and added other benefits like sandboxing, detailed access permissions, clearer responsibilities especially with dev and ops teams involved, and less dependency hell problems. Together with Kubernetes it seems as there is an actual standard evolving of how software is deployed on Linux servers.

To summarize, in the server ecosystem things never were as bad, and are quite good these days. Given that Azure serves more Linux servers than Windows servers there are reasons to believe that Linux is these days the dominant server platform and that Windows is more and more becoming a niche platform.

History, client side

On the desktop side things were bad right from the start. Distribution specific packaging made compatibility a serious problem, incompatible packaging formats with RPMs and DEBs made it worse. One reason why no package format ever won was probably that no solution offered real benefits above the other. Given today’s solutions for packaging software out there RPM and DEB are missing major advantages like sandboxing and permission systems. They are helplessly outdated, I question if they are suited for software packaging at all today.

There were attempts to solve the problem. There were attempts at standardization – for example via the LSB – but that did not gather enough attraction. There were platform agnostic packaging solutions. Most notably is Klik which started already 15 years ago and got later renamed to AppImage. But despite the good intentions and the ease of use it never gained serious attention over the years.

But with the approach of Docker things changed: people saw the benefits of container formats and the technology technology for such approaches was widely available. So people gave the idea another try: Flatpak.

Flatpak

Flatpak is a “technology for building and distributing desktop applications on Linux”. It is an attempt to establish an application container format for Linux based desktops and make them easy consumable.

According to the history of Flatpak the initial idea goes way back. Real work started in 2014, and the first release was in 2015. It was developed initially in the ecosystem of Fedora and Red Hat, but soon got attention from other distributions as well.

Many features look somewhat similar to the typical features associated with container tools like Docker:

• Build for every distro
• Consistent environments
• Full control over dependencies
• Easy to use  build tools
• Future-proof builds
• Distribution of packages made easy

Additionally it features a sandboxing environment and a permissions system.

The most appealing feature for end users is that it makes it simple to install packages and that there are many packages available because developers only have to built them once to support a huge range of distributions.

By using Flatpak the software version is also not tied to the distribution update cycle. Flatpak can update all installed packages centrally as well.

Flathub

One thing I like about Flatpak is that it was built with repositories (“shops”) baked right in. There is a large repository called flathub.org where developers can submit their applications to be found and consumed by users:

• Flathub Games

• Flathub feed of new and updated applications

• Flathub popular apps

• 

The interface is simple but has a somewhat proper design. Each application features screenshots and a summary. The apps themselves are grouped by categories. The ever changing list of new & updated apps shows that the list of apps is ever growing. A list of the two dozen most popular apps is available as well.

I am a total fan of Open Source but I do like the fact that there are multiple closed source apps listed in the store. It shows that the format can be used for such use cases. That is a sign of a healthy ecosystem. Also, there are quite a few games which is always good

Of course there is lots of room for improvement: at the time of writing there is no way to change or filter the sorting order of the lists. There is no popularity rating visible and no way to rate applications or leave comments.

Last but not least, there is currently little support from external vendors. While you find many closed source applications in Flathub, hardly any of them were provided by the software vendor. They were created by the community but are not affiliated with the vendors. To have a broader acceptance of Flatpak the support of software vendors is crucial, and this needs to be highlighted in the web page as well (“verified vendor” or similar).

Hosting your own hub

As mentioned Flatpak has repositories baked in, and it is well documented. It is easy to generate your own repository for your own flatpaks. This is especially appealing to projects or vendors who do not want to host their applications themselves.

While today it is more or less common to use a central market (Android, iOS, etc.) some still prefer to keep their code in there hands. It sometimes makes it easier to provide testing and development versions. Other use cases are software which is just developed and used in-house, or the mirroring of existing repositories for security or offline reasons: such use cases require local hubs, and it is no problem at all to bring them up with Flatpak.

Flatpak, distribution support

Flatpak is currently supported on most distributions. Many of them have the support built in right from the start, others, most notably Ubuntu, need to install some software first. But in general it is quite easy to get started – and once you did, there are hundreds of applications you can use.

What about the other solutions?

Of course Flatpak is not the only solution out there. After all, this is the open source world we are talking about, so there must be other solutions

Snap & Snapcraft

Snapcraft is a way to “deliver and update your app on any Linux distribution – for desktop, cloud, and Internet of Things.” The concept and idea behind it is somewhat similar to Flatpak, with a few notable differences:

• Snapcraft also target servers, while Flatpak only targets desktops
• Among the servers, Snapcraft additionally has iot devices as a specific target group
• Snapcraft does not support additional repositories; there is only one central market place everyone needs to use, and there is no real way to change that

Some more technical differences are in the way packages are built, how the sandbox work and so on, but we will noch focus on those in this post.

The Snapcraft market place called snapcraft.io provides lists of applications, but is much more mature than Flathub: it has vendor testimonials, features verified accounts, multiple versions like beta or development can be picked from within the market, there are case stories, for each app additional blog posts are listed, there is integration with social accounts, you can even see the distribution by countries and Linux flavors.

And as you can see, Snapcraft is endorsed and supported by multiple companies today which are listed on the web page and which maintain their applications in the market.

• snapcraft.io main page

• detailed view with option to download multiple versions

• snapcraft’s iot page

Flathub has a lot to learn until it reaches the same level of maturity. However, while I’d say that snapcraft.io is much more mature than Flathub it also misses the possibility to rate packages, or just list them by popularity. Am I the only one who wants that?

The main disadvantage I see is the monopoly. snapcraft.io is tightly controlled by a single company (not a foundation or similar). It is of course Canonical’s full right to do so, and the company and many others argue that this is not different from what Apple does with iOS. However, the Linux ecosystem is not the Apple ecosystem, and in the Linux ecosystem there are often strong opinions about monopolies, closed source solutions and related topics which might lead to acceptance problems in the long term.

Also, technically it is not possible to launch your own central server for example for in-house development, or for hosting a local mirror, or to support offline environments or for other reasons. To me this is particularly surprising given that Snapcraft targets specifically iot devices, and I would run iot devices in an closed network wherever I can – thus being unable to connect to snapcraft.io. The only solution I was able to identify was running a http proxy, which is far from the optimal solution.

So while Snapcraft has a mature market place, targets much more use cases and provides more packages to this date, I do wonder how it will turn out in the long run given that we are talking about the Linux ecosystem here. And while Canonical has quite some experience to develop their own solutions outside the “rest” of the community, those attempts seldom worked out.

AppImage

I’ve already mentioned AppImage above and I’ve written about it in the past when it was still called Klik. AppImage is “way for upstream developers to provide native binaries for Linux”. The result is basically a file that contains your entire application and which you can copy everywhere. It exists for more than a dozen years now.

The thing that is probably most worth mentioning about it is that it never caught on. After all, already long time ago it provided many impressive features, and made it possible to install software cross distribution. Many applications where also available as AppImage – and yet I never saw wider adoption. It seems to me that it only got traction recently because Snapcraft and Flatpak entered the market and kind of dragged it with them.

I’d love to understand why that is the case, or have an answer to the “why”. I only have few ideas but those are just ideas, and not explanations why AppImage, in all the years, never managed to become the Docker of the Linux desktop.

Maybe one problem was that it never featured a proper store: today we know from multiple examples on multiple platforms that a store can mean the difference. A central place for the users to browse, get a first idea of the app, leave comments and rate the application. Docker has a central “store”, Android and iOS have one, Flatpak and Snapcraft have one. However, AppImage never put a focus on that, and I do wonder if this was a missed opportunity. And no, appimage.github.io/apps is not a store.

Another difference to the other tools is that AppImage always focused on the Open Source tools. Don’t get me wrong, I appreciate it – but open source tools like Digikam were available on every distribution anyway. If AppImage would have focused to reach out to closed source software vendors as well, together with marketing this aggressively, maybe things would have turned out differently. You do not only need to make software easily available to users, you also need to make software available the people want.

Last but not least, AppImage always tried to provide as many features as possible, while it might have benefited from focusing on some and marketing them stronger. As an example, AppImage advertises that it can run with and without sandboxing. However, sandboxing is a large benefit of using such a solution to begin with. Another thing is integrated updates: there is a way to automatically update all appimages on a system, but it is not built in. If both would have been default and not optional, things maybe would have been different.

But again, these are just ideas, attempts to find explanations. I’d be happy if someone has better ideas.

Disadvantages of the Flatpak approach

There are some disadvantages with the Flatpak approach – or the Snapcraft one, or in general with any container approach. Most notably: libraries and dependencies.

The basic argument here is: all dependencies are kept in each package. This means:

• Multiple copies of the same libraries on the system, leading to larger disk consumption
• Multiple copies of the same library in the RAM during execution, leading to larger memory consumption
• And probably most important: if a library has a security problem, each and every package has to be updated

Especially the last part is crucial: in case of a serious library security problem the user has to rely on each and every package vendor that they update the library in the package and release an updated version. With a dependency based system this is usually not the case.

People often compare this problem to the Windows or Java world were a similar situation exists. However, while the underlying problem is existent and serious, with Flatpak at least there is a sandbox and a permission system something which was not the case in former Windows versions.

There needs to be made a trade off between the advanced security through permissions and sandboxing vs the risk of having not-updated libraries in those packages. That trade off is not easily done.

But do we even need something like Flatpak?

This question might be strange, given the needs I identified in the past and my obvious enthusiasm for it. However, these days more and more apps are created as web applications – the importance of the desktop is shrinking. The dominant platform for users these days are mobile phones and tablets anyway. I would even go so far to say that in the future desktops will still be there but mainly to launch a web browser

But we are not there yet and today there is still the need for easy consumption of software on Linux desktops. I would have hoped though to see this technology and this much traction and distribution and vendor support 10 years ago.

Conclusion

Well – as I mentioned early on, I can get somewhat obsessed with the topic. And this much too long blog post shows this for sure

But as a conclusion I say that the days of difficult-to-install-software on Linux desktops are gone. I am not sure if Snapcraft or Flatpak will “win” the race, we have to see that.

At the same time we have to face that desktops in general are just not that important anymore.  But until then, I am very happy that it became so much easier for me to install certain pieces of software in up2date versions on my machine.

Hi! I had the opportunity to participate in QtCon Brasil 2018 as a speaker during the last weekend. It happened in São Paulo, which is a city that I haven't visited for a long time. My talk was about the integration of Qt applications and Computer Vision, specially focused on the mobile environment with QtQuick … Continue reading Talking about Qt and Computer Vision at QtCon Brasil 2018

These past couple weekends were a blast! On the weekend of November 3 and 4, it happened on Rio de Janeiro the first Maker Faire of Latin America. And I was able to do a talk about Atelier and the current status of our project. The event hold more than 1.500 people on the first... Continue Reading →

Thank you to everyone who participated last Bug Day! We had a turnout of about six people, who worked through about half of the existing REPORTED (unconfirmed) Konsole bugs. Lots of good discussion occurred on #kde-bugs as well, thank you for joining the channel and being part of the team!

We will be holding a Bug Day on November 17th, 2018, focusing on Okular. Join at any time, the event will be occurring all day long!

This is a great opportunity for anyone, especially non-developers to get involved!

1. Check out our Bug Triaging guide for a primer on how to go about confirming and triaging bugs.
2. Log into KDE Phabricator and join the Bugsquad!
3. Join the #kde-bugs IRC channel on Freenode to chat with us in real-time as we go through the list.
4. Open the shared Etherpad for this event (use your KDE Identity login) to select your block of bugs and cross them off.

If you need any help, contact me!

KDevelop 5.3 released

Elisa (product page, release announcements blog) is a music player designer for excellent integration into the KDE Plasma desktop (but of course it runs everywhere, including some non-Free platforms). I had used it a few times, but had not gotten around to packaging it. So today I threw together a FreeBSD port of Elisa, and you’ll be able to install it from official packages whenever the package cluster gets around to it.

I say “threw together” because it took me only a half hour (most of that was just building it a half-dozen times in different ways). The Elisa code itself is very straightforward and nice. It doesn’t even spit out a single warning with Clang 6 on FreeBSD. That’s an indicator (for me, anyway) of good code. So if you want more music on FreeBSD, it’s there! (And the multimedia controls work from the SDDM lock screen, too)

Getting started – clang-tidy AST Matchers

Over the last few weeks I published some blogs on the Visual C++ blog about Clang AST Matchers. The series can be found here:

• Extending clang-tidy
• Examining the clang AST with clang-query
• Rewriting code with clang-tidy

I am not aware of any similar series existing which covers creation of clang-tidy checks, and use of clang-query to inspect the Clang AST and assist in the construction of AST Matcher expressions. I hope the series is useful to anyone attempting to write clang-tidy checks. Several people have reported to me that they have previously tried and failed to create clang-tidy extensions, due to various issues, including lack of information tying it all together.

Other issues with clang-tidy include the fact that it relies on the “mental model” a compiler has of C++ source code, which might differ from the “mental model” of regular C++ developers. The compiler needs to have a very exact representation of the code, and needs to have a consistent design for the class hierarchy representing each standard-required feature. This leads to many classes and class hierarchies, and a difficulty in discovering what is relevant to a particular problem to be solved.

I noted several problems in those blog posts, namely:

• clang-query does not show AST dumps and diagnostics at the same time<
• Code completion does not work with clang-query on Windows
• AST Matchers which are appropriate to use in contexts are difficult to discover
• There is no tooling available to assist in discovery of source locations of AST nodes

Last week at code::dive in Wroclaw, I demonstrated tooling solutions to all of these problems. I look forward to video of that talk (and videos from the rest of the conference!) becoming available.

Meanwhile, I’ll publish some blog posts here showing the same new features in clang-query and clang-tidy.

clang-query in Compiler Explorer

Recent work by the Compiler Explorer maintainers adds the possibility to use source code tooling with the website. The compiler explorer contains new entries in a menu to enable a clang-tidy pane.

clang-tidy in Compiler Explorer

I demonstrated use of compiler explorer to use the clang-query tool at the code::dive conference, building upon the recent work by the compiler explorer developers. This feature will get upstream in time, but can be used with my own AWS instance for now. This is suitable for exploration of the effect that changing source code has on match results, and orthogonally, the effect that changing the AST Matcher has on the match results. It is also accessible via cqe.steveire.com.

It is important to remember that Compiler Explorer is running clang-query in script mode, so it can process multiple let and match calls for example. The new command set print-matcher true helps distinguish the output from the matcher which causes the output. The help command is also available with listing of the new features.

The issue of clang-query not printing both diagnostic information and AST information at the same time means that users of the tool need to alternate between writing

set output diag

and

set output dump

to access the different content. Recently, I committed a change to make it possible to enable both output and diag output from clang-query at the same time. New commands follow the same structure as the set output command:

enable output dump
disable output dump

The set output <feature> command remains as an “exclusive” setting to enable only one output feature and disable all others.

Dumping possible AST Matchers

This command design also enables the possibility of extending the features which clang-query can output. Up to now, developers of clang-tidy extensions had to inspect the AST corresponding to their source code using clang-query and then use that understanding of the AST to create an AST Matcher expression.

That mapping to and from the AST “mental model” is not necessary. New features I am in the process of upstreaming to clang-query enable the output of AST Matchers which may be used with existing bound AST nodes. The command

enable output matcher

causes clang-query to print out all matcher expressions which can be combined with the bound node. This cuts out the requirement to dump the AST in such cases.

Inspecting the AST is still useful as a technique to discover possible AST Matchers and how they correspond to source code. For example if the functionDecl() matcher is already known and understood, it can be dumped to see that function calls are represented by the CallExpr in the Clang AST. Using the callExpr() AST Matcher and dumping possible matchers to use with it leads to the discovery that callee(functionDecl()) can be used to determine particulars of the function being called. Such discoveries are not possible by only reading AST output of clang-query.

Dumping possible Source Locations

The other important discovery space in creation of clang-tidy extensions is that of Source Locations and Source Ranges. Developers creating extensions must currently rely on the documentation of the Clang AST to discover available source locations which might be relevant. Usually though, developers have the opposite problem. They have source code, and they want to know how to access a source location from the AST node which corresponds semantically to that line and column in the source.

It is important to make use a semantically relevant source location in order to make reliable tools which refactor at scale and without human intervention. For example, a cursory inspection of the locations available from a FunctionDecl AST node might lead to the belief that the return type is available at the getBeginLoc() of the node.

However, this is immediately challenged by the C++11 trailing return type feature, where the actual return type is located at the end. For a semanticallly correct location, you must currently use

getTypeSourceInfo()->getTypeLoc().getAs().getReturnLoc().getBeginLoc()

It should be possible to use getReturnTypeSourceRange(), but a bug in clang prevents that as it does not appreciate the trailing return types feature.

Once again, my new output feature of clang-query presents a solution to this discovery problem. The command

enable output srcloc

causes clang-query to output the source locations by accessor and caret corresponding to the source code for each of the bound nodes. By inspecting that output, developers of clang-tidy extensions can discover the correct expression (usually via the clang::TypeLoc heirarchy) corresponding to the source code location they are interested in refactoring.

Next Steps

I have made many more modifications to clang-query which I am in the process of upstreaming. My Compiler explorer instance is listed as the ‘clang-query-future’ tool, while the clang-query-trunk tool runs the current trunk version of clang-query. Both can be enabled for side-by-side comparison of the future clang-query with the exising one.

You have probably read a lot about Akademy 2018 recently, and how great it was.
For me it was a great experience too and this year I met a lot of KDE people, both old and new. This is always nice.
I arrived on Thursday so I had one day to set everything up and had a little bit of time to get to know the city.
On Friday evening I enjoyed the "Welcoming evening", but I was very surprised when Volker told me that I would be on stage the next day, talking about privacy.
He told me that someone should have informed me several days before. The scheduled speaker, Sebastian, couldn't make it to Akademy.

That was really a pity. If I had known earlier, I would have prepared a proper presentation, as I think I have a lot to say on the topic. I care a lot about good encryption support in KDE PIM and I have also been busy with Tails, a distribution strongly focused on privacy and anonymity.

So the next day I rambled a bit about encrypting mail headers (also known as Memory Hole), but it wasn't a great talk. It was also very stressful, as we started with a lot of delay: Setting up the audio took much longer than expected so all talks started late. As I was in such a hurry. I forgot a lot of what I wanted to say and failed to draft a greater picture for the privacy goal.

To compensate, let me say it here. Privacy starts with encrypting everything, starting with the content of the connection. This is mostly done via TLS. Here KDE is lacking some bits, as we cannot display the encryption methods, so we are sometimes forced to downgrade to old and insecure encryption methods without user visual feedback. But at least we support TLS everywhere! Unfortunately metadata is often enough to track where people are. To hide this information, we need TOR/VPN support within the applications. For most applications you can use the TOR network by running

torsocks <cmd>

but this is not really user-friendly.
It also has the disadvantage that you can't see if DNS requests are transmitted via the TOR tunnel. And then there's deamons, which you don't normally run from the command line. Furthermore, e.g. GnuPG has an option to enable TOR support and does not like to run using torsocks.

We need more control over the used TLS certificates and a way to display the TLS parameters, like accepted ciphers, protocol versions etc. Because at the moment KDE just asks you about unknown certificates, but you can't view/ control the other important details of a TLS connection to harden your system. Sure a default user can't decide whether something is good or not and a user may need to access some rotten company side. But we can provide a rating like ssllabs to show that the TLS connection is not good.

Another topic is to have a good support for TOR/VPN for applications and KDE in total in a user friendly way. And be sure that everything within these applications really uses the tunnel. I think at usecases like: I want TOR for everything except this application. After we have good solutions for those, we can focus on all the different applications. I haven't a good overview what each application should do in regards to the Privacy goal additionally.
As I'm busy within KDE PIM I see some things there:

• Encrypting headers of mails to give less metadata to surveillance T742.
• Make it possible to search in encrypted mails. Until now, the encrypted data are a binary blob to the search. The search is important to find mails again and is often a reason, why users do not use encrypted messages. T8447.
• Protect Akregator webviewer against ad trackers T7528.
• Add GnuPG TOFU (Trust On First Use) trust model support for KMail. With TOFU you will get more security without exchanging the gpg fingerprints. To make it clear, exchanging fingerprints gives more security than is achieved with TOFU, but it is exhausting. Only a small number of users exchange fingerprints. So many users will profit from having extra security by the TOFU security model being supported by KMail.

To move forward in reaching the privacy goal, I volunteered to organize a Sprint together with Louise Galathea. It will hopefully take place next Spring.

But back to the Akademy - two days of many talks which was pretty overwhelming, in a good way. I really enjoyed the mix of non technical talks and technical talks. My highlight was a talk about Kontact from Markus Feilner. It is interessting to see how users master issues around Kontact and what solutions they find. The talk would have benefited from Markus talking to KDE PIM before, as some of his suggestions weren't correct. But it was nice to see that there are happy users who love all bells and whistles from Kontact. The days after the talk I encountered another user who gave Kontact a try after years, because of that talk.

The BOF session started on Monday. I started the Mondey joining the Promo BoF to get some insights into how Promo works and how KDE PIM can have better promotion to attract new contributors. Together we created a rough plan to focus first on the new website and then create several blog posts to promote KDE PIM. Internaly we started to create several junior jobs and are discussing who can mentor new people when they come along. This is still ongoing and hopefully new people will join the new spirit of KDE PIM and aren't overwhelmed by the big amount of repositories.

After the AGM I joined the Distros BoF and was impressed by how many Distros have a KDE focus. We started to talk about issues regarding KDE and downstream. Especially if distros are time based, they need a lot of manpower to validate if bugs have already been fixed upstream, or if it is a downstream bug. The fast release cycle of different KDE bundels (Plasma, Frameworks & Applications) makes it even more difficult to follow. Maybe this BoF helps the distros to talk more about their issues in the distributions@kde.org mailinglist directly and solutions can be found for common issues.

The next day I attend KConfig BOF and talked about issues reagarding config migration and how to store config. Also a very common issue is that you need to get updates of config values in your application. KDE PIM has some examples of bad decisions reagarding config handeling, as you can configure a lot of stuff and everything is seperated into several files. But the seperation is not well formed from the beginning - an issue that's grown with the years. It is also written down as task to do cleanups and make the configs easier to consume. Because a clearer seperation also helps users who want to move their KDE PIM from one computer to another.

In the afternoon, the KDE PIM BoF took place, where we followed up on what has been going on since the last Akademy and what new things we want to do. We discussed a lot of how we can improve the onbording for KDE PIM.
As we want to make it easier for other applications to use PIM related data, we have a long standing goal to move single parts of KDE PIM to Frameworks. For the next KDE Application 18.12 we want to push syndication into Frameworks release. If we would have more manpower, we would move those things faster to Frameworks. If you are interested, or currently using some parts of KDE PIM within your application, it is a good idea to help us getting things cleaned up and moved to Frameworks. A bigger audience can consume PIM data more easily.

In the evening I joined the LGBT & Quuer Dinner and it was nice to cook together and chat.

The next days I mostly sat down and tried to get some smaller things fixed, like the issue with the suspend icon within the logout Applet. It is very good to sit next to Kai-Uwe so he could see and propose workarounds directly. Finally he found the hard coded color in the theme and the issue is solved in the next release.

Since there were many open discussions I did not managed to write a line of code within these days - I was busy talking. Additionally I wanted to see the newest KDE PIM within Debian, so this also took some time.

On Friday I took a train back to Germany. As Volker is always interested about live data from delays for improving KItinerary, he wished me some delays. And I had a lot of delay - I arrived in Berlin 12h later than expected. I had to sleep in Dresden, as the last train from Prag leaves at 18:07 towards Berlin. And since I missed that one, I had to take a local train to Dresden and there was no train anymore to Berlin. And it wasn't really late - just midnight. I never thought about that Dresden is that badly connected to rest of Germany...
But it was nice as I stayed at a friends place, who I wouldn't have met otherwise. From the improving KItinerary it was not a success, as I only got one update from Deutsche Bahn at 23:25 - telling me that the train from Leipzig to Berlin would use another track. The more useful information, that I never would reach that train would be more useful.

Week 44 in Usability & Productivity is coming right up! This week was a bit lighter in terms of the number of bullet points, but we got some really great new features, and there’s a lot of cool stuff in progress that I hope to be able to blog about next week! In the meantime, take a look at this week’s progress:

New Features

• Plasma now offers support for WireGuard VPN tunnels when the appropriate Network Manager plugin is installed (Bruce Anderson, KDE Plasma 5.15.0)
• The Alt+tab window switcher now supports screen readers for improved accessibility (Christian Hempfling and Frederik Gladhorn, KDE Plasma 5.15.0)
• The Alt+tab window switcher now supports using the keyboard to switch between items (David Edmundson, KDE Plasma 5.15.0)
• KRunner’s unit conversion runner can now convert between several units of measurement that are used in the petroleum industry, such as oil barrels and milli-darcies (João Oliveira, KDE Frameworks 5.53)

Bugfixes

• KDE Connect works again in KDE Neon (Erik Duisters, KDE Connect 1.3.4)
• The KWin window manager no longer crashes when KRunner is invoked while switching between virtual desktops (Vlad Zagorodniy, KDE Plasma 5.14.4)
• KWin window rules now work for Electron apps and other apps that change their window class during operation (Martin Flöser, kDE Plasma 5.15.0)
• Discover now respects your locale preferences when displaying dates and times (Aleix Pol Gonzalez, KDE Plasma 5.14.4)
• Fixed a common crash with recently-rewritten System Settings pages (David Edmundson, KDE Framewotks 5.53)

UI Polish & Improvement

• Discover’s Settings page has been renamed “Sources” and now has actual pushbuttons instead of hamburger menus (Aleix Pol Gonzalez, KDE Plasma 5.15.0):
  
• Discover now has improved handling for local packages: it can tell you the dependencies and shows a “Launch” button after installation (Aleix Pol Gonzalez, KDE Plasma 5.15.0)
• Improved the standalone search widget’s layout to match KRunner (me: Nate Graham, KDE Plasma 5.15.0):
  
• We have brand new icons for the root folder and the root disk/volume, which are now used for in the Places panel for the root folder item, and to specially highlight the root volume/disk (me: Nate Graham and Noah Davis, KDE Frameworks 5.53):
  
  New Root icons seen at the default size (16×16) and a larger size (32×32)
• Dolphin now warns you of the consequences before letting you rename something to begin with a period, which makes it invisible (Shubham Jangra, KDE Applications 18.12.0)
• Okular’s inline annotations now have improved the word wrap behavior (Albert Astals Cid, KDE Applications 18.12.0)

Next week, your name could be in this list! Not sure how? Just ask! I’ve helped mentor a number of new contributors recently and I’d love to help you, too! You can also check out https://community.kde.org/Get_Involved, and find out how you can help be a part of something that really matters. You don’t have to already be a programmer. I wasn’t when I got started. Try it, you’ll like it! We don’t bite!

If my efforts to perform, guide, and document this work seem useful and you’d like to see more of them, then consider becoming a patron on Patreon, LiberaPay, or PayPal. Also consider making a donation to the KDE e.V. foundation.

C++ comparison operators are usually fairly straightforward to implement. Writing them by hand can however be quite error prone if there are many member variables to consider. Missing a single one of them will still compile and mostly work fine, apart from some hard to debug corner cases, such as misbehaving or crashing algorithms and containers, or data loss. Can we do better?

Background

In KItinerary we have a number of classes representing schema.org types. Those are fairly straightforward value types with a number of properties, to be consumed both statically (by C++ code) and dynamically (by QML, Grantlee and JSON-LD de/serialization).

As implementing getters, setters, Q_PROPERTY statements, member variables, etc for about a hundred or so properties by hand would result in an unreasonable amount of boilerplate code, this is all done by a macro (example).

So far so good, but now we’d like to add comparison operators for those types. Specifically we needed operator== for optimizing away some memory allocations in case of non-changing write operations (similar to the common pattern of not emitting change signals in setter methods on non-changes). But the thoughts below are of course also applicable to any other comparison function, not just equality.

Implementation

Ideally we’d find an alternatives to writing the comparison functions by hand that would either be impossible to break or would at least not fail silently (e.g. by producing compiler errors).

QMetaProperty

One idea would be to implement the comparison functions entirely generically by leveraging the property iteration support in QMetaObject. That is we iterate over all properties with the STORED flag and compare their values. This gets the job done, but has two drawbacks:

• Comparison happens via QVariant, which means we have to register comparison operators for all types with the meta type system. That might actually be nice to have anyway, but it is limited to less-than and equal.
• All property values are passed through QVariant, which in some situations can have a relevant performance impact, in particular when using types that are too large for inline storage inside QVariant (causing allocations).

More preprocessor magic

Another idea could be to use more elaborate preprocessor constructs that allow for iteration over all properties. The Boost.Preprocessor library has the building blocks for this. From experience in an old pre-C++11 project attempting to catch SQL errors at compile time this works but doesn’t really lead to a nice syntax nor easily maintainable code.

A clever overloading trick from Verdigris

The solution I ended up using is inspired by Woboq’s Verdigris. The basic idea is that each property macro generates a part of the comparison function only, the comparison for its property and a call to the comparison function for the previous property. The chaining is done by overloading on a template type that essentially describes a numerical value by inheritance. A little constexpr helper functions allows us to determine the index of a property at compile time. Olivier describes this in more detail in his blog post about Verdigris implementation details.

The resulting code for KItinerary can be found here. It’s worth noting that while this might look inefficient due to the many function calls, this is all inline code in a single translation unit, so in an optimized build this ends up essentially as the hand-written comparison function would look like.

Language support?

Would it make sense to have C++ support something like bool operator==(const T&) const = default, that is let the compiler generate the implementation for us, as it can for a number of other member functions? Proposals for such a language extension exist.

There’s a bigger conceptual problem though, that one runs immediately into once the comparison operator is implemented: the semantics of comparing things. Here are a few examples:

• Floating point numbers: how close together is “equal” depends on what those numbers represent, in my case of geo coordinates anything within a few meters is certainly more than enough. And there is the little detail that NAN does not compare equal to itself, which isn’t what KItinerary needed either, as NAN is its indicator for “value not set”.
• QString: here the default equal comparison doesn’t distinguish between null and empty strings. That’s probably very often what you’d expect, unless you put special semantics on that distinction, such as in the NAN case above.
• Date/time values: two QDateTime instances compare equal if they refer to the same point in time, not if they represent exactly the same information (e.g. time specified with an UTC offset vs a full IANA timezone). For KItinerary timezones are a very crucial information, so the default semantic doesn’t cut it there.

An all-or-nothing approach for compiler-generated comparison operator implementations means it’s not a viable option in case one needs more control over the semantics. That of course does not mean it is useless, but it does mean the alternative implementation techniques remain valid either way.

Make sure you commit anything you want to end up in the 18.12 release to them

We're already past the dependency freeze.

The Freeze and Beta is this Thursday 15 of November.

More interesting dates
November 29: KDE Applications 18.12 RC (18.11.90) Tagging and Release
December 6: KDE Applications 18.12 Tagging
December 13: KDE Applications 18.12 Release

https://community.kde.org/Schedules/Applications/18.12_Release_Schedule

Slimbook and a pint of Cider

The weekend of 3 and 4 November Dave and I went to staff the KDE booth at Freenode#live, in Bristol. I had never been in that corner of England before, It turns out to have hills, and a river, and tides. Often an event brings me to a city, and then out, without seeing much of it. This time I traveled in early and left late the day after the event so I had some time to wander around, and it was quite worthwhile.

Turns out there is quite a lot of cider available, and the barman gave me an extensive education on the history of cider and a bit on apple cultivation when I asked about it. Sitting down with a Slimbook and a pint can be quite productive; I got some Calamares fixes done before the conference.

Our stand, before visitors arrived

We (as in the KDE community) have invested into getting booth materials ready for this kind of events, so we quickly had Konqui peeking at visitors and Plasma running on a range of devices (no Power9 this week, though). Dave had 3D-printed a KDE logo we stuck to the top of the monitor, and had a pile of leaflets and stickers (KDE, neon, Krita, GCompris, and some Wiki To Learn) to hand out.

Next to our stand was MineTest, with a demo and they sat hacking at the code of the game for most of the weekend. On the other side, Freenode themselves were handing our IRC.horse stickers and other goodies.

The hallway track

A conference booth isn’t just about giving away goodies, though, and we spent the weekend, 9-to-5, talking with people about the KDE community and its software products. Plasma could be seen — and played with — on the machines we had at hand, and we did some small application demo’s. As usual, people told us they used i3 — and our response as usual is that Free Software on the desktop is better than non-free software. Some people had last used KDE in 2010 or so, so we could show how the different parts now operate independently and more flexibly — and how Plasma is now pretty darn lightweight.

Here in the photo is Dave extolling the virtues of something. (I’ve edited the photo to make some people in the background un-recognizable by pasting Dave’s eyeball over their faces — I forgot to ask permission to post)

Conference track

.. and a conference isn’t just about the booths and vendor stands, either. It’s about the talks. Here’s one I sat in on about business models and how licensing affects the available models (in particular with reference to recent license changes in some projects). The KDE community is interesting because it’s not one-community-one-company like a lot that I see. We have a collection of small and medium companies building on, and building with, the KDE community’s software products. I think that’s healthy and generally happy. No licensing gotcha’s for us when using Qt under the LGPL version 2.1 and KDE’s Frameworks also under the LGPL.

Two talks I would like to single out are Leslie Hawthorn and VM Brasseur, (those are YouTube links). Neither are technical talks, but social talks, about what we (as Free Software contributors) do and why, and social issues we all face — and how to bring Software Freedom to more people.

A concept I didn’t know existed was platform shaming. See above: there’s lots of ways to use Free Software from the KDE community, in combination with i3, or on Windows, and on Free Software operating systems. Those are all OK.

Bugfixing Dave

I’d like to thank Dave for being a great booth- room- and dinner-mate, and Christel and the Freenode#live crew for a wonderful well-organized weekend. Not to mention the speakers and attendees who made it a happy and instructive time.

(Post in french, english version below)

Le mois dernier est sorti la seconde édition de mon livre “Dessin et peinture numérique avec Krita”. Je viens juste de recevoir quelques copies, le moment est donc parfait pour en parler rapidement sur mon blog.

J’avais écrit la première édition pour la version 2.9.11 de Krita, il y a bientôt trois ans. Beaucoup de choses ont changées depuis, j’ai donc mis à jour cette seconde édition pour la version 4.1.1, et ajouté quelques notes supplémentaires concernant de nouvelles fonctions.

Aussi, mon éditeur a de nouveau travaillé sur la mise à jour et l’amélioration de la traduction Française de Krita. Merci encore aux éditions D-Booker pour leur contribution

Vous pouvez commander ce livre directement sur le site de l’éditeur, au format papier ou numérique.

Last month was released the 2nd edition of my book “Dessin et peinture numérique avec Krita”. I just received a few copies, so now is time to write a little about it.

I wrote the first edition for Krita 2.9.11, almost three years ago. A lot of things have changed, so I updated this second edition for Krita version 4.1.1, and added a few notes about some new features.

Also, my publisher worked again on updating and improving the french translation of Krita. Thanks again to D-Booker edition for their contribution

You can order this book directly from the publisher website, printed or digital edition.

Jings no wonder people find computer programming scary when the most easily accessible lanugage, JavaScript, is also the most messy one.

Occationally people would mention to me that the categories on Planet KDE didn’t work and eventually I looked into it and it mostly worked but also sometimes maybe it didn’t.  Turns out we were checking for no cookies being set and if not we’d set some defaults for the categories.  But sometimes the CDN would set a cookie first and ours would not get set at all. This was hard to recreate as it didn’t happen when working locally of course.  And then our JavaScript had at least three different ways to run the initial-setup code but there’s no easy way to just read a cookie, madness I tell you.  Anyway it should be fixed now and set categories by default but only if it hasn’t set some before so you may still have to manually choose which you read.

In the Configure Feed menu at the top you can select to read blogs in different languages.  By default it shows only blogs in English, as well as Dot News, Project News and any User blogs who have asked to be added (only two are listed in our config).  You can also show blogs in Chinese (also only 2 listed), Italian (none listed), Polish (one), Portugese (two), Spanish (four but kdeblog by Jose is especially prolific) or French (none).  Work to be done includes working out how to make this apply to the RSS feed.

by

Some years ago I added an embedded Twitter feed to the side of Planet KDE.  This replaced the earlier feed manually curated feeds from identi.ca and twitter which people added but had since died out (in the case of identi.ca) and been blocked (in the case of Twitter).  That embedded Twitter feed used the #KDE tag and while there was the odd off topic or abusive post for the most part it was an interesting way to browse what the people of the internet were saying about us.  However Twitter shut that off a few months ago which you could well argue is what happens with closed proprietary services.

We do now have a Mastodon account but my limited knowledge and web searching on the subject doesn’t give a way to embed a hashtag feed and the critical mass doesn’t seem to be there yet, and maybe it never will due to the federated-with-permissions model just creating more silos.

So now I’ve added a manually curated Twitter feed back to Planet KDE with KDE people and projects.  This may not give us an insight into what the wider internet community is thinking but it might be an easy way to engage more about KDE people and projects as a community.  Or it might not, I haven’t decided yet and I’m happy to take feedback on whether it should stay.

In the mean time ping me to be added to the list or subscribe a bug on bugs.kde.org to request you or someone you know or or your project be added (or removed).  Also volunteers wanted to help curate the feed, ping me to help out.

by

Chrys took up the role of coordinator, fixer and new master of KDE accessibility, which I think is just fantastic. We have been working on what he decided to be most important, mostly chrys fixing issues to make things work with Plasma and screen readers. After getting Orca to read desktop icons he spent quite some time to improve the various start menus.

With so much fresh energy around I started poking at KWin, which was a bit scary, to be honest. It was fun to read code I hadn’t looked at before. In the end, after I spent a while working on a huge work-around, it turned out that we could enable the task switcher to work with relatively little code added. The main issue was that KWin does really not want to give focus to the task switcher. My first attempt was to write sub-classes of QAccessibleInterface for everything in KWin. That started to work, but during some debugging I realized that KWin was actually creating the regular representations for its UI, it was just not properly announcing them to Orca. Thus I threw away my almost complete prototype. At least I verified that it’s possible to create an entire Qt UI for screen readers only, disconnected from the actual UI. Thanks to QAccessible::installFactory it is nowadays pretty easy to instantiate custom representations (subclasses of QAccessibleInterface). Once that was done, I started over and made the task switcher think it’s an active window without letting X11 or Wayland know. That way we get the right dbus messages sent to Orca, when alt-tabbing through the windows. Thanks David, Martin, Roman and Vlad for your input

More work is needed on Plasma when it comes to keyboard usability – getting the focus onto the panel and the various notification areas. I’m sure some great ideas are already being worked on, but I can see this easily as a blocker going forward. Configuring the network, checking the battery status and other tasks are really important after all.

I wrote the basics for Kate to work with screen readers in 2014 and it seems like there are some improvements needed when working with Orca, luckily we got some help from Joanie (who maintains Orca) to figure out what goes wrong when navigating by lines. Now it’s just to verify the findings and get the issues sorted out.

If you have a bit of time and want to help, we need someone with good English skills to help clean up the wiki. Good written instructions are really helpful when getting blind users to try Plasma for the first time. We’d also be happy if more people joined in testing and improving things. Join the KDE Accessibility mailing list to join the fun.