Skip to content

Sunday, 20 November 2022

Consider a legacy codebase in C++ that uses int instead of bool. It’s so legacy that it is probably C89, really, before the advent of the bool type in any form. So typical code that has a “boolean” variable as a class member variable looks like this:

class Example {
public:
    Example() : m_toggle(0) { }
    void SetIt(int v) { m_toggle = v; }
    void ToggleIt() { if (m_toggle) { m_toggle = 0; } else { m_toggle = 1; } }
    const char * Status() { if (m_toggle) return "ON"; else return "OFF"; }
private:
    int m_toggle;
};

There is an int in this class, but we use it like a boolean value. Except for SetIt(), there is sort-of-an-invariant that the value is either 0 or 1.

Suppose I wake up and want to replace that int by a bool, but in such a way that every use of that variable with an integer value – and not a boolean constant – will trigger a compile error? In other words, what type T do I need so that the following does-it-compile holds?

T t = 0; // error
T t{17}; // error
T t = false; // ok
T t{true}; // ok

Simple Replacement

Just replacing int with bool does not help. It is simple though: the rest of the code does not need to change. But the code still compiles, and so we are left with all the undesirable int-to-bool conversions.

Less Simple Replacement

We introduce a struct strong_bool that just wraps a single bool. We use this type instead of int or bool in the Example class. Trivially, it looks like this:

struct strong_bool
{
    bool b = false;
};

This flags down a whole bunch of uses already! Unfortunately it also flags the if (m_toggle) use (which ought to be ok: that’s a boolean in a boolean context), and uniform initialization with an int is acceptable.

Advanced Replacement

Let’s give the struct some stronger behavioral guarantees. We can turn it into a class (so there is no access to the inner bool b anymore), and provide it with:

  • a constructor, so that it can be created from a bool,
  • no other constructors, so that it cannot be created from anything but a bool,
  • a boolean-conversion operator, so it can work as a bool in some contexts.
class strong_bool
{
    bool b = false;
public:
    strong_bool() = default;
    template<typename T> strong_bool(T v) = delete;
    strong_bool(bool v) : b(v) {};
    explicit operator bool() const { return b; }
};

Templates to the rescue. It is possible to delete overloads of member functions, including constructors, so here, all of them are deleted (template<typename T>) all of them, and there is one non-template overload taking bool. The trick here is that the template matches first, so passing an int, or a pointer, or whatever, matches that type first – and that overload is deleted.

Edit 2022-11-29 Meanshile, cppcoach (his site) points out that my phrasing is poor here: “matches first” is not standards language. An overload set is formed, and the best match is chosen – which may be the deleted one.

Example, Repaired

Using the new templated version of strong_bool, we can convert the example class to use it. Each use of an int or integer constant where we really meant a bool value is flagged as an error by the compiler, so we can use those as a guide and end up with this:

class Example {
public:
    Example() = default;
    void SetIt(bool v) { m_toggle = v; }
    void ToggleIt() { if (m_toggle) { m_toggle = false; } else { m_toggle = true; } }
    const char * Status() { if (m_toggle) return "ON"; else return "OFF"; }
private:
    strong_bool m_toggle = false;
};

All’s well, right? Well, almost: that bool in the SetIt() method is a not-so-strong bool, so integral values can be passed in. They convert to bool following the standard rules. A call SetIt(3) is just fine. In other words, we have the internal use of the booleans repaired, but not the external API.

Switching the API type so that SetIt() also takes a strong_bool might not be possible, depending on the API stability guarantees given by the codebase. But if it is possible, then replacing that type in the API by a strong_bool would do the trick.

What About Performance?

This struct has the same size and alignment properties as a bool. It has size 1 (at least when compiled with Clang). With just about any optimizations enabled, the compiler can turn all reads and writes to the “inner” bool b into just that: writes to that value. The example program (e.g. Example 6) is optimized to call puts() three times, since the compiler can figure out what value b has anyway, and there is no need to keep the strong_bool or anything else around.

You don’t pay for what you don’t use, but here you get type safety for free!

Takeaway

With a simple type wrapper, you can use the compiler as a tool to hunt down unwanted conversions and dubious use-an-int-as-a-bool use in legacy code. And it’s gratis at runtime, and simple to implement at compile-time.

My codebase only has if-statements and assignements-with-int-constants, so the replacement does not need to be very complicated. Completing the API of strong_bool for a more complicated codebase is left as an exercise.

Saturday, 19 November 2022

I know there was an Akademy this year – I’m in the group photo, and I did write a little about the Akademy Awards, but I hardly wrote down what I thought about the event as a whole.

Akademy Logo with added scrawl 'I went to'
Akademy Logo with added scrawl 'I went to'

True to form, I have scrawled upon the Akademy logo with Kolourpaint, my favorite KDE drawing application. I seem to recall nicer banners in years past (for defacement purposes), maybe that’s something that the community can pick up. The location is known, the skyline inspiring.

Getting Back Together

Turns out, I missed “all y’alls”. That is, all the KDE people from around the world. Sitting down together for lunch, or dinner, or just hanging around in the hallway, really is valuable. It’s a message we (as in, KDE e.V.) have proclaimed for years: it is worth it to get together. Sprints are as much about team building through being physically in one location, as they are about getting stuff done.

It’s been done to death, really, this topic, but I’ll repeat it anyway: getting to know the team in-person, with a smile and haircolour and how they take their coffee (or if they don’t, and prefer tea), is something that is worth a gazillion video calls. It turns people into, well, people.

Hybrid events work ok, online-only events work, in my opinion, better because it’s an even playing field for all. For hybrid events, the in-person part gets infinitely more value for invested time.

Be Safe

Akademy had very clear, well-enforced and well-supported COVID rules. As far as I know, nobody got sick at the event. The rules went beyond what the public health guidelines were in Barcelona at the time – and far beyond what the Netherlands did then.

  • Very clear: published beforehand, reminded in email, and posted at entrances to the venue. The guidelines were simple, too: FFP2 inside, always.
  • Well-enforced: with simple rules, enforcement becomes a matter of simple reminders, too. “Hey, your mask” is enough, and I like to believe that KDE people care enough about their community friends that both enforcement and compliance are friendly and natural. I didn’t hear of any issues.
  • Well-supported: spare masks, tests and disinfectant at all entrances and near the rooms, too. Forget your materials? Grab new. Feeling not-so-hot? Tests are right there. Making compliance low-effort and low-cost helps a lot.

So, kudos to the Akademy team (like, way late, but nonetheless) for getting that rather tricky conference topic Done Right.

Getting Stuff Done

Ha ha ha.

You would think that after nearly a dozen Akademies I would have learned my lesson, right? I set out with some vague intentions to get some hacking done on Calamares, or maybe wrangle FreeBSD patches, but none of that happened.

Konsole Hackers under a Tree
Konsole Hackers under a Tree

It can be done. The photo shows Tomaz Canabrava and, I think, Matan Ziv-Av under some trees in the courtyard at the university, getting some work done on Konsole.

If I switch “getting stuff done” away from “writing lines of code” and focus on community building, administrative KDE e.V. things and fostering conversations, then my return on investment skyrockets, because that’s what Akademy is much better at (for my, anwyay).

Best Conversations

Always unexpected, what turns out to be the best talk or conversation at a conference.

There was a hallway track of businesses-using-old-Qt (e.g. Qt 5.6.3), which I found very useful for non-KDE things. Qt licensing and combating the misinformation from their marketing department was a bit of a recurring but unhappy topic.

But I think my favorite was a brainstorm with Neal and Nate and others about “bringing neon to other distro’s”. Not literally, of course, but there is a sense of “vanilla Plasma” and “standard KDE Plasma functionality” which can be communicated and documented better. KDE neon packages unmodified KDE release tarballs (or git checkouts), but also chases all the necessary dependencies for standard functionality. FreeBSD, for instance, packages the same, but does not necessarily get the dependencies right (and, for that matter, needs upstream patches still for some things like “change the password from the Users KCM”).

Takeaway

KDE Sprints – and Akademy – are really valuable from a team-building perspective and for smoothing a path forward for development. If you’re lucky, or well-disciplined, you can get stuff done at an event (but I can’t).

I hope to see everyone again next year, or at one of the KDE Sprints (KDE projects are strongly encouraged to organize their own things via that page).

Doing HTTP operations with Qt is relatively straightforward, but there are also a few pitfalls, unexpected default settings and low-hanging performance improvements around it worth keeping in mind.

Delete replies

The most common and most easily to make mistake when working with QNetworkAccessManager is probably missing to delete finished replies, and thus leaking reply objects over time. Make sure to call deleteLater() on the QNetworkReply instances in response to their finished() signal.

QNetworkReply *reply = ...
connect(reply, &QNetworkReply::finished, this, [reply]()) {
    reply->deleteLater();
    ...
});

Use transport security

That is, use URLs starting with https: rather than http:. That might sound obvious, but the little s is easy to miss.

So, pay extra attention to hardcoded URLs and think about how to deal with URLs taken from user input. In the best case the https: scheme can just be enforced unconditionally, but that might not be viable everywhere.

Minimize QNetworkAccessManager instances

You don’t need a QNetworkAccessManager per request, in theory one is enough. In practice you might end up with one per thread (e.g. in case of QML), but more than that should have a good justification.

There’s two reasons for this:

  • QNetworkAccessManager contains logic for request queuing and network connection reuse, which is bypassed by using multiple instances, so you are missing out on useful optimizations.
  • More instances increase the risk of missing important setup and configuration on one of them (see below), centralizing instance creation in one location is therefore usually a good idea

This also implies that you generally want to prefer QNetworkReply signals over QNetworkAccessManager signals for handling results or errors. This avoids interference when a QNetworkAccessManager is used by other components as well. It’s also worth checking whether components which do HTTP requests internally can use an externally provided QNetworkAccessManager instance. The QML engine is a common example (see QQmlNetworkAccessManagerFactory).

Redirection

Looking at properly setting up a QNetworkAccessManager instance, the most common issue is probably the redirection behavior, something that has caused us quite some operational headaches in the past. Rather unintuitively, in Qt 5 redirection is disabled by default.

auto nam = new QNetworkAccessManager(this);
nam->setRedirectPolicy(QNetworkRequest::NoLessSafeRedirectPolicy);

Starting with Qt 6, the redirection behavior NoLessSafeRedirectPolicy is the default.

HTTP Strict Transport Security (HSTS)

Another thing you probably want to enable in practically all cases is HTTP Strict Transport Security (HSTS). This involves managing persistent state, so this not just needs to be enabled, but also needs a storage location.

auto nam = new QNetworkAccessManager(this);
nam->setStrictTransportSecurityEnabled(true);
nam->enableStrictTransportSecurityStore(true, QStandardPaths::writableLocation(QStandardPaths::CacheLocation) + QLatin1String("/hsts/"));

For applications QStandardPaths::CacheLocation is a good default, for shared components/libraries QStandardPaths::GenericCacheLocation might be more appropriate so the HSTS state is shared among all users.

SSL error handling

Transport security errors are fatal by default, and that is usually what you want. One exception from this are self-signed server certificates, but thanks to Let’s Encrypt that has become increasingly uncommon as well.

If self-signed certificated need to be supported, QNetworkAccessManager unfortunately makes it very easy to just ignore all possible SSL errors, rather than just accept the unknown server certificate signature. KIO::SslUI has methods to help with that, including asking for user-confirmation and persisting choices.

QNetworkReply *reply = ...
connect(reply, &QNetworkReply::sslErrors, this, [reply](const QList<QSslError> &errors) {
    KSslErrorUiData errorData(reply, errors);
    if (KIO::SslUi::askIgnoreSslErrors(errorData)) {
        reply->ignoreSslErrors();
    }
});

Disk cache

By default QNetworkAccessManager doesn’t do any caching, every reply comes from a full request to the server. It’s however possible to enable the use of HTTP caching and have a persistent on disk cache for this.

Whether or not that makes sense needs to be looked at on a case-by-case basis though. Using real-time data or API (e.g. KPublicTransport) or having higher-level caching (e.g. KWeatherCore, KOSMIndoorMap) might not benefit from that, read-only assets used over a longer period of time on the other hand are ideal (e.g. avatar images in Tokodon).

auto nam = new QNetworkAccessManager(this);
auto diskCache = new QNetworkDiskCache(nam);
diskCache->setCacheDirectory(QStandardPaths::writableLocation(QStandardPaths::CacheLocation) + QLatin1String("/http/"));
nam->setCache(diskCache);

The same considerations for the storage locations as for the HSTS state apply here as well.

Does this matter?

For the security-related aspects I hopefully don’t have to argue why we should care, so let’s just look at the impact of disk caches. Here are some numbers:

  • Caching the conference list for Kongress cut down the transfer volume per application start by about 20%.
  • Adding a disk cache to Tokodon reduced transfer volume on a “warm” start by up to 80%.

How much can be saved varies greatly depending on the specific application, but it’s clearly worth looking into.

This week I’d like to highlight a particular 15-minute bug that got fixed: When Discover shows you significant error messages, they now take the form of normal dialogs rather than tiny little overlays at the bottom of the screen that disappear after a few seconds. And it should now show you fewer un-actionable error messages in general too! These major improvements were contributed by Jakub Narolewski and Aleix Pol Gonzalez, and will show up in Plasma 5.27. Thanks guys!

But that’s not all! There was a lot of work on other significant bugs too, and we managed to knock out several, in addition to landing some welcome features and fixes:

New Features

System Monitor (and widgets of the same name) can now detect and monitor power usage for NVIDIA GPUs (Pedro Liberatti, Plasma 5.27. Link)

You can now show the current temperature in a badge overlay on the Weather widget’s icon–both outside of the System Tray and also for the System Tray version of it! (Ismael Asensio, Plasma 5.27. Link):

User Interface Improvements

Okular’s scroll speed when using a touchpad is now significantly faster, and should generally match the speed at which everything scrolls when using a touchpad (Eugene Popov, Okular 23.04. Link)

In Discover’s Task Progress sheet, the progress bars are now much more visible and not obscured by a pointless background highlight effect (me: Nate Graham, Plasma 5.26.4. Link):

When changing songs/tracks and the Plasma Media Player widget is visible, there’s no longer a brief flicker that reveals the icon of the app playing the media (Fushan Wen, Plasma 5.26.4. Link)

A better error message is now shown when the Bluetooth file transfer service fails to start (Fushan Wen, Plasma 5.27. Link)

Discover will no longer attempt to check for updates when using a metered internet connection Bernardo Gomes Negri, Plasma 6. Link)

Other Significant Bugfixes

(This is a curated list of e.g. HI and VHI priority bugs, Wayland showstoppers, major regressions, etc.)

When Konsole is launched after changing the display layout, its main window is no longer absurdly small (Vlad Zahorodnii, Konsole 22.12. Link)

Elisa should no longer stutter occasionally during playback (Roman Lebedev, Elisa 23.04. Link)

When using Latte Dock in the Plasma Wayland session, various windows and Plasma pop-ups are no longer mis-positioned (David Redondo, Latte Dock 0.10.9. Link)

In the Plasma Wayland session, Plasma should no longer sometimes randomly crash when you move the cursor over a Plasma panel (Arjen Hiemstra, Plasma 5.26.4. Link)

When Kickoff is configured to use the default list item size, apps that live in the categories sidebar such as Help Center no longer have an awkwardly large icon (me: Nate Graham, Plasma 5.26.4. Link)

KWin now honors the “Panel Orientation” property that the kernel can set for screens, which means that many different types of devices that need the screen to be rotated by default will now have that done automatically (Xaver Hugl, Plasma 5.27. Link)

Various Plasma UI elements once again have the correct size in the Plasma X11 session when not opting into using Qt scaling (Fushan Wen, Frameworks 5.100.1. Link)

Other bug-related information of interest:

Automation & Systematization

Wrote a new “Welcome to KDE” page which will also be linked to in our new Welcome Center app that will debut in Plasma 5.27 (me: Nate Graham)

…And everything else

This blog only covers the tip of the iceberg! If you’re hungry for more, check out https://planet.kde.org, where you can find more news from other KDE contributors.

How You Can Help

If you’re a developer, check out our 15-Minute Bug Initiative. Working on these issues makes a big difference quickly! Otherwise, have a look at https://community.kde.org/Get_Involved to discover ways to be part of a project that really matters. Each contributor makes a huge difference in KDE; you are not a number or a cog in a machine! You don’t have to already be a programmer, either. I wasn’t when I got started. Try it, you’ll like it! We don’t bite!

Finally, consider making a tax-deductible donation to the KDE e.V. foundation.

Friday, 18 November 2022

Ever since work on NeoChat has started in 2020, the most requested feature has been support for end-to-end (E2EE) encrypted rooms. Unfortunately, while libQuotient, the library NeoChat uses for dealing with the Matrix protocol, had some pre-existing support for E2EE, it was not in a functional state at that time and was thus not enabled by default.

History

Early in 2021, Carl and I were made aware of NLnet, a dutch foundation that sponsors many open source projects, and decided to apply for some funding there to expedite the development process. Fortunately, the application process at NLnet is very light-weight, so there isn’t a lot of risk involved in applying for funding. A while after sending our application, NLnet got back to us with the good news that they would indeed be funding E2EE work for NeoChat and libQuotient.

The actual development work started with creating Qt-Style bindings for libOlm, the library that provides implementations of the cryptographic functions required for implementing end-to-end encryption in matrix. Most of this work was done by Carl and is now merged into libQuotient.

Building on this foundation, we implemented support for reading and sending encrypted messages into libQuotient. This includes support for all of the different types like texts, images, files, audio and others. By integrating this into libQuotient, this is almost completely transparent to the actual application, meaning that for the most part, app developers building on top of libQuotient do not need to do extra work for supporting E2EE. There are some parts, like loading images and notifications, that will need slight adaptions from how they were implemented before supporting E2EE. If you, as an app developer, have questions about those, come talk to us in #quotient:matrix.org.

The last part of end-to-end encryption that has been implemented so far is device verification. Device verification allows users to verify that their devices are actually who they claim they are and are not subject to, for example, a man-in-the-middle attack.

What works right now

For this to work, you need to use a dev-branch build of libQuotient with the correct build flags and a build of NeoChat from the master branch. (You will not find the correct versions of libQuotient or NeoChat in your package manager yet; if you do, please tell the packagers not to ship them yet 😃).

NeoChat can show new messages in all of your encrypted rooms and send useful notifications for them. It can also send all types of messages in those rooms, including through the Quick-Reply feature KNotifications offers on some platforms.

You can also verify your other devices by comparing emojis. This can be started either from a different client or from NeoChat’s device settings page.

There is one known bug that sometimes causes the first message sent from a megolm session (this typically means the first message sent from a specific device) to not be decryptable. This is purely a UI bug and restarting NeoChat should fix it. This is actually a bug in Qt that will hopefully be fixed upstream soon.

Coming soon

The immediate next step is releasing version 0.7 of libQuotient, which will contain all of the previously mentioned features. We’re currently in a phase of several beta releases for this, which means that the final release will be coming very soon. At that point, distros will be able to start shipping E2EE-enabled versions of libQuotient and NeoChat. (At this point i should probably mention that this is still not the most mature work and will thus not be enabled by default 😃)

Next steps

The next features we will implement are:

  • Cross-signing, which allows users to verify the identity of other users in a simple way.
  • Recovery from undecryptable messages, building on the previous device verification work
  • Secure Secret Storage and Sharing (SSSS), which is a method of securely storing encryption keys server-side, which allows us to load existing messages on a new device.
  • By this time, the matrix community will have probably come up with more amazing things to implement 😃

Special Thanks

  • NLnet, for funding this work (Sorry for taking so long!)
  • Alexey Rusakov, maintainer of libQuotient, for spending a lot of his time reviewing my merge requests and a lot of the rest of his time working on libQuotient in general
  • Carl Schwan, for reviewing all of my merge requests and working on NeoChat in general
  • James & Jan, for reporting a lot of bugs, fixing a lot of bugs and adding many new features & improvements
  • Everybody else who uses & tests NeoChat, reports bugs, fixes bugs, implements features, …

Lessons learned

  • Implementing end-to-end encryption is hard
  • It is also a lot of fun :)
  • Applying for an NLnet grant is easy, you should do it

Getting involved

There’s always more things to do in NeoChat. Come talk to us in #neochat:kde.org and have a look at community.kde.org/Get_Involved.

Let’s go for my web review for the week 2022-46. With all the turmoil in the social media space, this looks a bit like a special edition on this topic (more links to articles related to that than usual).


Microsoft “irreparably damaging” EU’s cloud ecosystem, industry group claims | Ars Technica

Tags: tech, microsoft, cloud, vendor-lockin

More anti-trust pressure coming toward Microsoft. Let’s see how it goes.

https://arstechnica.com/tech-policy/2022/11/microsoft-irreparably-damaging-eus-cloud-ecosystem-industry-group-claims/


Infosys leaked FullAdminAccess AWS keys on PyPi for over a year | Tom Forbes

Tags: tech, security

Shady practices clearly… don’t commit secrets in repositories. There are even tools to check this doesn’t happen.

https://tomforb.es/infosys-leaked-fulladminaccess-aws-keys-on-pypi-for-over-a-year/


“When We All Have Pocket Telephones”: A 1920s Comic Accurately Predicts Our Cellphone-Dominated Lives | Open Culture

Tags: tech, smartphone, history, culture

Interesting look at the perception of cellphones before they even existed.

https://www.openculture.com/2022/08/when-we-all-have-pocket-telephones.html


The Age of Social Media Is Ending - The Atlantic

Tags: tech, social-media

Interesting point of view, also lays out nicely how social networks degenerated into social media. I appreciate this kind of perspective.

https://www.theatlantic.com/technology/archive/2022/11/twitter-facebook-social-media-decline/672074/


Fediverse

Tags: tech, fediverse, social-media, ecology

Good thinking about the recent Mastodon users increase. Highlights fairly well why it’s desirable, why it’s a better social media platform but also the challenges ahead… including resources consumption.

https://bastianallgeier.com/notes/fediverse


Home invasion - Mastodon’s Eternal September begins

Tags: tech, fediverse, social-media

Success is a two sided coin. Clearly this mass exodus of Twitter users will overwhelm existing Mastodon users and a few instance administrators. It’s understandable that is can be perceived as some kind of assault from people not used to the customs. How will the preexisting culture hold? The Pandora box is now opened we shall see.

https://www.hughrundle.net/home-invasion/


Is the fediverse about to get Fryed? (Or, “Why every toot is also a potential denial of service attack”) – Aral Balkan

Tags: tech, architecture, fediverse, performance, social-media

There are indeed a few architectural problems with the Fediverse as it is. Can this be solved? Hopefully yes.

https://ar.al/2022/11/09/is-the-fediverse-about-to-get-fryed-or-why-every-toot-is-also-a-potential-denial-of-service-attack/


How fast is ASP.NET Core?

Tags: tech, benchmarking, web, framework, microsoft, dotnet

Don’t believe too good to be true marketing claims by vendors. Clearly something went wrong there and the benchmark has been gamed.

https://dusted.codes/how-fast-is-really-aspnet-core


Refactoring with =delete

Tags: tech, programming, refactoring, c++

This is a clever and important use of =delete which I sometimes miss in other languages.

https://quuxplusone.github.io/blog/2022/11/11/refactoring-with-delete/


Immutable Collections should be Your Default

Tags: tech, programming, multithreading, java

Illustrated with Java, still this highlight fairly well the caveats of mutable collections in multithreaded code.

https://alexn.org/blog/2022/10/27/immutable-collections-your-default/


Performance Optimizations Can Have Unexpectedly Large Effects When Combined With Caches

Tags: tech, performance, optimization

Interesting take about how performance optimizations can sometimes leverage even more performance gains than you would expect.

https://justinblank.com/notebooks/performanceoptimizationscanhaveunexpectedlylargeeffectswhencombinedwithcaches.html


The hidden cost of complexity

Tags: tech, software, complexity

A simplified mental model of complexity in software projects. It’s not completely accurate but is valuable in the way it is easy to reason about it and probably use it for decision making.

https://medium.com/@dolevp/the-hidden-cost-of-complexity-d9d8eb91594c


Split Your Overwhelmed Teams - ACM Queue

Tags: tech, management, team, burnout

Interesting take of the cognitive overload in bigger teams which end up with more responsibilities. Indeed splitting the teams and the responsibilities can then be a way out.

https://queue.acm.org/detail.cfm?id=3570920


Why do we call it “boilerplate code?” • Buttondown

Tags: tech, programming, history, etymology

I love this kind of explorations. Where does the term boilerplate code come? Let’s find out.

https://buttondown.email/hillelwayne/archive/why-do-we-call-it-boilerplate-code/


Digital Books wear out faster than Physical Books - Internet Archive Blogs

Tags: book, low-tech

The limits of digital books, this won’t get me off the paper books addiction I got.

http://blog.archive.org/2022/11/15/digital-books-wear-out-faster-than-physical-books/



Bye for now!

KDE e.V., the non-profit organisation supporting the KDE community, is looking to hire a software engineer to help improve the software stack that KDE software relies on. Please see the call for proposals for more details about this contract opportunity. We are looking forward to your application.

The full call for proposals has more details.

Wednesday, 16 November 2022

First, I would like to send a big Thank you! to Canonical for sponsoring my trip to Prague for the Ubuntu Summit! It was a great success. I saw some great talks and valuable workshops. I now know how to snap our applications the have daemons and services thanks to the Snapping Daemons and Services workshop. Prague itself is an amazing city. Wow. Just wow. I got to see old friends and meet many new ones. I will take away some wonderful memories. Did I mention a river cruise? Yes! It was great fun.

I did a lightning talk with Jonathon and a Snapping Desktop Applications workshop with Olivier. The talk was “lightning” fast! But good practice for my speech giving skills ( a challenge for a shy person such as myself!) The workshop was great presentations of different ways snaps are done for different projects. The audience was smaller than I had hoped ( it was the end of the summit and many folks were wrapping up to leave.) I still left with a feeling of accomplishment.

This week I will apply my new found knowledge and push out some more snaps!

By Adam Szopa

Adam Szopa on stage presenting the New Goals at Akademy 2022

KDE is ready with three new Community Goals, and you’re invited to the kick-off meeting!

Join the new Goal Champions on Monday, November 28th at 17:00 CET (16:00 UTC) for a kick-off meeting. We will talk about the new Goals, the initial short-term plans, and the ways you can contribute. The meeting will be hosted on our BBB instance and will be open to all.

In case you missed the announcement at Akademy, the new Goals are:

  • KDE for All - Boosting Accessibility: This is not the first time a proposal about accessibility has been submitted, but this year the community decided it’s time to act. The author of the proposal - and now brand new Goal Champion - Carl is well known in the community for his work on KDE websites, NeoChat and more. He notes that making KDE software accessible will require cooperation from many parts of the community, from designers to library developers, and will even entail tweaking the underlying Qt toolkit. Testing will also be more challenging, as we will need to ensure that everybody’s accessibility requirements are met.
  • Sustainable Software: KDE software is many things: free, beautiful, performant, customizable… The list goes on. But how about all that and environmentally sustainable too? This is the question that Cornelius, our new Champion, will answer while working with the community towards this Goal. This topic of course is not new to him, as he helped set up funding for KDE Eco, KDE’s incursion into research to produce more energy-efficient software. Cornelius plans to help continue certifying KDE apps (like KDE’s PDF reader Okular!), set up testing for measuring the environmental impact of our software, and improving its efficiency where needed.
  • Automate and systematize internal processes: Every year the number of KDE apps grows, and at the same time we acquire more users and more hardware partners. This is of course fantastic, but at some point relying solely on volunteer efforts for critical parts of delivering quality software to everyone ceases to be scalable. Nate, our first two-time Champion, will not let die of success and will work to automate processes, change our culture on quality assurance and involve more people where responsibility lies on a single person.

Our previous Goals, Consistency, All about the Apps, and Wayland; are not forgotten! We will continue to focus on them moving forward. However, the selection of the new Goals indicate where the Community wants to go next, and it’s now time for the Champions to leverage the support of the community and the KDE e.V to deliver on those ideas.

Want to know more? The new Champions will meet you on November 28th at 17:00 CET (16:00 UTC) to discuss the Goals, so be sure to mark your calendars and see you at the meeting!

Tuesday, 15 November 2022

Join us tonight at 8PM UTC for our first Kdenlive Café of the year. Besides the usual community feedback, we’ll be sharing news about the fundraiser, 22.12 release and the roadmap for future versions.
 
Today we also release the 22.12 BETA, please give it a spin and let us know if you encounter any issues.
 
 

The post Kdenlive Café and Beta testing appeared first on Kdenlive.