During the last years, I’ve been doing a lot of coding and no blogging. That’s a shame because without good announcements, there is no chance for people to know about the code.

All of the projects I’ve been coding on are more or less unfinished which is why I’ve not been too keen on blogging about them. It’s time to get over this inhibition and show the world these rough gems in all their glory.

This blog is just the announcement of more blogs that are about to come. For now, the projects that I’ll be be blogging about are just listed here with a short description and a link to the repository.

I will be fighting the urge to polish the projects more and delay announcing them even further. The plan is to blog about one project per week.

Kwats

RDF graphs contain triples. Prepending the triples from the graph with the IRI of the triples gives quads. The Dutch word kwats sounds like quads but means nonsense.

Kwats is a simple server where triples can be stored and queried. Triples are added in the form of graphs. The graphs are stored as files in git, along with provenance information.

A running server keeps the graphs in memory. Rules about what is allowed in the graphs is written in the form of SHACL.

Subtree of Life

Subtree of Life is a webpage to create phylogenetic trees that show the relationship between the species of your choice. How are cat, dog and bumblebee related? Like this.

The code for this webpage is finished. The user experience, documentation and packaging can be improved.

Xust

Xust was a big COVID project. It is meant to become an XQuery implementation like BaseX and Xidel.

Xust main has 1218 commits and the XQuery functionality is not usable yet. The repository contains Rust crates for an XML DOM, DTD validation, and XML Schema validation.

This is a fun repository to work on because of the large number of tests. The CI shows 75551 tests at the moment that finish in seconds.

Rehorse

Rehorse is a web application for rehearsing music. It started off as way to loop recordings that matches the sheet music. So you can loop easily between, say, measure 10 and 12.

The application has been in production for years but is not very polished. I maintain an instance of it for members of two bands.

Nix flake for KDE software

kde-nix-flake packages KDE software for Nix. Nix is a package manager available for many Linux distributions. It handles packaging, setting up a development environment, testing and deploying.

The file flake.nix contains instructions for running stable and nightly KDE software, setting up a build environment with nix develop, running tests with nix check, using Plasma as a desktop, using the binary cache for quick installation, and running jobs on a CI server.

Keeping this repository up to date with the development speed of KDE has turned out to be a challenge.

Diary

The simply named diary is another unfinished application that has been in production for years. It is a desktop application based on rust-qt-binding-generator that I use to write notes.

It was also meant to keep a calendar and a list of todo’s, but those parts are not finished.

Let’s go for my web review for the week 2023-43. A bit on the finishing line compared to the usual, I didn’t manage to post it earlier today… Well, technically it’s still Friday. 😉

Stop ChatControl! | de.indymedia.org

Tags: tech, politics, surveillance

This is a very worrying development in Europe. This feels a lot like a dream come true for police states… Let’s not go there.

https://de.indymedia.org/node/310589

Europe’s CSAM-scanning plan is a tipping point for democratic rights, experts warn | TechCrunch

Tags: tech, politics, surveillance

A longer account of a seminar showing the amount of people and arguments against chat control. The EU commission is pretty isolated in this madness.

https://techcrunch.com/2023/10/24/eu-csam-scanning-edps-seminar/?guccounter=1

Kyoto Statement on End-To-End Encryption – Global Encryption Coalition

Tags: tech, cryptography, politics, privacy

Timely and needed statement as fights against cryptography are emerging again.

https://www.globalencryption.org/2023/10/kyoto-statement-on-end-to-end-encryption/

Why can’t our tech billionaires learn anything new?

Tags: tech, criticism

An important read in my opinion. This whole manifesto from Andreesen is just ludicrous and this explains very well why. In any case we need more techno-pragmatists and less techno-optimists.

https://davekarpf.substack.com/p/why-cant-our-tech-billionaires-learn

This new data poisoning tool lets artists fight back against generative AI | MIT Technology Review

Tags: tech, cyberpunk, ai, machine-learning, copyright, tools

A very needed tool unfortunately. This is fascinating research as well. The world is really so cyberpunk now.

https://www.technologyreview.com/2023/10/23/1082189/data-poisoning-artists-fight-generative-ai/

Jina AI Launches World’s First Open-Source 8K Text Embedding, Rivaling OpenAI

Tags: tech, ai, machine-learning, gpt, foss

Another open source LLM available out there. This one seems to have interesting properties.

https://jina.ai/news/jina-ai-launches-worlds-first-open-source-8k-text-embedding-rivaling-openai/

From Twitter to X, Elon Musk’s transformation from free speech defender to champion of disinformation | RSF

Tags: tech, twitter, social-media, information, criticism

I never liked the “it’s neutral, it’s just a tool”. A very naive view in my opinion. New illustration of this with Twitter. Tools are inserted in a socio-technical system, and the sociology side will influence the design enough to make the tool not so neutral. Here clearly all hell broke loose and it became a massive danger to democracy due to the level of misinformation and the type of messages which are advantaged by the changes.

https://rsf.org/en/twitter-x-elon-musk-s-transformation-free-speech-defender-champion-disinformation

The Carpentries retires its X/Twitter accounts and Facebook profile

Tags: tech, social-media, twitter, fediverse

More organizations leaving Twitter (now X… rofl). It’s a good thing and a logical step if you take values and code of conduct into account. It clearly became a cesspool from what I see.

https://carpentries.org/blog/2023/10/announcing-the-carpentries-departure-from-x-and-facebook/

GRC | ValiDrive  

Tags: tech, storage, scam, tools

Beware the fraudulent cheap drives you can buy nowadays. Looks like a nifty tool to check a drive if you have suspicions.

https://www.grc.com/validrive.htm

iLeakage

Tags: tech, apple, security

The spectre attack still has real world effects… This affects Safari this time.

https://ileakage.com/

Stealing OAuth tokens of connected Microsoft accounts via open redirect in Harvest App | 0xcrypto

Tags: tech, security, web

If you got to implement an OAuth integration. Please be responsible and don’t do this… this could lead to very serious breaches for your users.

https://eval.blog/research/microsoft-account-token-leaks-in-harvest/

Salt Labs | Oh-Auth - Abusing OAuth to take over millions of accounts

Tags: tech, security

OAuth is nice and taking over the world… but don’t weaken the security, follow all the steps and verify the tokens you get handed.

https://salt.security/blog/oh-auth-abusing-oauth-to-take-over-millions-of-accounts

The Cloud Computer / Oxide

Tags: tech, cloud, infrastructure, foss

OK, I admit this looks like a very cool product. This could turn interesting for private infrastructures. Trying to get the benefits of cloud approaches while keeping it under control.

https://oxide.computer/blog/the-cloud-computer

My 2023 all-flash ZFS NAS build

Tags: tech, storage, networking, self-hosting

Very thorough explanation of an interesting NAS setup. There are a few interesting tools I didn’t know about in there.

https://michael.stapelberg.ch/posts/2023-10-25-my-all-flash-zfs-network-storage-build/

Protomaps | A free and open source map of the world

Tags: tech, tools, geospatial, geography, map

Looks like a nice new solution to host and serve global maps.

https://protomaps.com/

Analyzing Data 180,000x Faster with Rust

Tags: tech, rust, optimization

This gives a good list of things to try when optimizing (Rust code or otherwise).

https://willcrichton.net/notes/k-corrset/

O3DE

Tags: tech, 3d, gaming, simulation

Nice to see Amazon Lumberyard getting a new life. It’s really feature packed.

https://o3de.org/

A Journey Into Shaders

Tags: tech, 3d, shader, mathematics

Wanna get started playing with shaders? This is a neat into leading to a blob made of metaballs.

https://www.mayerowitz.io/blog/a-journey-into-shaders

The Three Cs: 🤝 Concatenate, 🗜️ Compress, 🗳️ Cache – Harry Roberts – Web Performance Consultant

Tags: tech, web, http, caching, compression, performance, networking

Interesting exploration of the performance for web resources when they’re bundled or not. Also dabbles in the reasons behind the exhibited performances, definitely to keep in mind.

https://csswizardry.com/2023/10/the-three-c-concatenate-compress-cache/

Web Components Will Outlive Your JavaScript Framework | jakelazaroff.com

Tags: tech, blog, webcomponents, frontend, complexity

Another testament to the fact that it’s probably better to have minimal dependencies on your webpages. This is especially true for documents if you’re aiming for longevity. If you’re making an actual application the trade-off will be different.

https://jakelazaroff.com/words/web-components-will-outlive-your-javascript-framework/

The Negative Impact of Mobile-First Web Design on Desktop

Tags: tech, usability, ux, design, mobile, desktop

It’s nice that we get more content usable on mobiles… but this shouldn’t come at the expense of bad usability when on desktops.

https://www.nngroup.com/articles/content-dispersion/

Google Testing Blog: Improve Readability With Positive Booleans

Tags: tech, programming, craftsmanship

Definitely a good advice. We’re just better at understanding positive boolean expressions.

https://testing.googleblog.com/2023/10/improve-readability-with-positive.html?m=1

How To Tell Stuff To A Computer - The Enigmatic Art of Knowledge Representation

Tags: tech, knowledge, engineering

Looks like an old website, still it does a neat job of explaining how the field of knowledge representation evolved. This is nice to see a reference for beginners since I dabbled quite a bit into this years ago and it wasn’t very accessible.

https://www.lisperati.com/tellstuff/index.html

There is No Now - ACM Queue

Tags: tech, time, asynchronous, distributed, consistency

Time and synchronization are complicated in distributed systems. Luckily there are solutions to try to ease the pain. It’s not completely avoidable though.

https://queue.acm.org/detail.cfm?id=2745385

Refactoring has a price. Not refactoring has a cost. Either way, you pay.

Tags: tech, refactoring, craftsmanship, cost

Definitely this. One is more painful than the other though. It’s a question of paying small price over tine vs paying a big cost later.

https://www.germanvelasco.com/blog/refactoring-is-a-habit

Private Estimates, Public Progress - by Kent Beck

Tags: tech, agile, project-management, estimates

Indeed, going for scrutiny on made up numbers probably won’t get us nowhere. Tweaking them won’t help either. It’s the shared goals which matter most.

https://tidyfirst.substack.com/p/private-estimates-public-progress

Software Engineering Management Checklist

Tags: tech, management, engineering, learning

Definitely an excellent list to have in mind as soon as you get to engineering management. The four areas listed are the most important.

http://pnewman.org/engineering_mgmt_checklist.txt

We have used too many levels of abstractions and now the future looks bleak

Tags: tech, learning, engineering, criticism

Healthy criticism of where our industry went. Engineers should exhibit curiosity on how the sausage is made, not just blindly use tools they don’t understand.

https://unixsheikh.com/articles/we-have-used-too-many-levels-of-abstractions-and-now-the-future-looks-bleak.html

On Craft

Tags: tech, craftsmanship

Beautiful text. She talks with fondness about her grandfather, but there’s indeed lessons about craftsmanship here. It’s not only about machines, it can’t extend into a humanist world view.

https://www.drcathicks.com/post/on-craft

Advice to a novice programmer

Tags: tech, programming, learning

Good list of advices for someone who just got started programming. Who knows, it might come in handy later.

https://blog.plover.com/prog/katara-advice.html

A literary appreciation of the Olson/Zoneinfo/tz database – Jon Udell

Tags: tech, time, date, history

A database we take for granted… but if you look in the margins it’s full of history and very well crafted.

https://blog.jonudell.net/2009/10/23/a-literary-appreciation-of-the-olsonzoneinfotz-database/

Internet Artifacts

Tags: tech, internet, web, history

Very cool idea. Lots of history in there! There were things I even forgot about.

https://neal.fun/internet-artifacts/

The Theory That Men Evolved to Hunt and Women Evolved to Gather Is Wrong - Scientific American

Tags: history, science

Very interesting dive into where this theory comes from and how wrong it is.

https://www.scientificamerican.com/article/the-theory-that-men-evolved-to-hunt-and-women-evolved-to-gather-is-wrong1/

Bye for now!

Reworking Recent Files search for Plasma 6

For Plasma 6, lots of KRunner plugins and framework functionalities were improved. I took quite a bit of time to work on the recent files search plugin used by KRunner and Plasmas application launchers like Kickoff. This included performance improvements, usability improvements and technical refactorings.

Let’s start off with the usability improvements: While the runner was named “Recent Files”, it still provided results for directories. In Dolphin on the other hand, “Recent Locations” are a separate location you may access next to “Recent Files”. Luckily, functionality for only querying files already exists in the KActivities-Stats framework :).
The search for files was also improved. Natalie Clarius added some time ago a patch to avoid false positives when the query is part of the file path. For example, when you type for “myfile” and “/home/user/myfiles/test” was a recent file, this file would be returned by the KActivities-Stats framework. With Natalie’s logic, those files would not be shown in KRunner, but still they fill out the limit of recent files we want to query. Of course, one could look for more files in case we discarded too many, but that can cause a performance penalty due to additional SQL queries.
Instead, I have added the ability to filter by the filename in KActivities-Stats. This means false positives are always avoided, and you will for sure get the results you are looking for!

Another useful, but not yet user-facing change is special handling for queries shorter than 3 characters. For those queries, a substring check would cause too many unintended results to be useful. Instead, the filename must start with your given query. Similar to how the Applications-runner handles it. There are plans to make this feature more easily accessible, but for now, it can only be done on the command line using krunner --runner=krunner_recentdocuments.

Screenshot of KRunner in single-plugin mode with the recent files plugin

The final issue that everyone will benefit from being fixed is a memory leak. This means for each letter typed, the runner would allocate a bit more RAM for results from the query. This can add up over time in KRunner and Plasmashell. The KActivities-Stats that were “leaking” also caused CPU overhead, because they were notified about changes to the recent files list – even though they were never used again.
Luckily, you don’t have to worry about that at all from now on :).

Optimizations

Let us start with the small improvements: In my previous posts, I mentioned that constructing a QueryMatch object before being sure that the current item (application or systemsettings module) matches, causes a performance overhead. The same applied to the recent files plugin, because we discarded some files due to the false positive detection mentioned above.
Getting the filename was also optimized/simplified, because instead of using Qt API to get the filename from the URL, we can just use the resource title from KActivities-Stats.
String comparisons were speed up by reusing the results. For example, when checking if the filename contains the query, we can get the resulting index. If that index is 0, the query is contained and the filename also starts with it. Meaning we’d only do one string comparison for each recent file instead of up to 4.

Getting the appropriate icon is also way faster, because previously a method from KIO was used, which gets the file path, checks some extra cases, but usually gets the icon for the determined mime type. Because the extra cases were not relevant when only allowing files, we can directly get the icon for the respective mimetype. Luckily, we don’t even need to determine the mimetype, because the model already contains it.

Reusing previously fetched data

This is the most interesting part and was my original idea to improve performance: In KDE Frameworks 6, each runner lives in its own thread. Meaning, one may access member variables in a thread safe way. The data we want to reuse is the KActivities-Stats ResultsModel. This contains paths and additional metadata of recently used files. The number of files is limited to 20, which is the maximum number of entries is KRunner.
Implementing was straightforward: If one previously typed “firef” and after that “firefox”, the previous model can be reused as long as the limit of 20 did not exceed the previously found results. In addition to reusing the data, it is required to check the filenames again, because a file called “firef.test” should not match a query called “firefox”. Due to the preexisting logic to determine the match relevance, this is minimal additional work.
When measuring the real-world impact, it is important to note that fetching results from KActivities SQLite database is the most expensive part. Accessing the model is relatively cheap. Meaning the longer your queries are and if long as the number of results was not exceeded, your performance gains will be significant!

Profiling of the unoptimized version, loading the correct Icon takes a large porting of CPU cycles Optimized version, CPU cycles are significantly reduced and loading of icons is barely distinguishable from other, minor costs

In benchmarks, one is able to see that the CPU cycles with this patch are roundabout the same among the different measurements, whereas the CPU cycles before this patch correlated with the length of the query. The query was typed in letter by letter, keep in mind that the runner skips queries shorter than 3 characters unless the single runner mode is activated. For benchmarks, I decided against activating this mode, because it is not the normal usecase.

Tellico 3.5.2 is available, with a few new features and fixes.

Improvements and Bug Fixes

• Added support for importing Discogs collections (Bug 446262).
• Added VGCollect data source.
• Added SAO/NASA Astrophysics Data System data source.
• Updated Numista data source to return additional results.
• Updated IMDb and FilmAffinity data sources.
• Fixed a bug with writing some relative links (Bug 472778).
• Fixed title display for some custom collections (Bug 231867).

Let’s go for my web review for the week 2023-42.

F-Droid version of KDEConnect uninstalled by PlayProtect - Help - KDE Discuss

Tags: tech, android, google, trust

This will lower even more the trust we can have in those devices. The only way to really own them seems be to just blow the warranty and flash them…

https://discuss.kde.org/t/f-droid-version-of-kdeconnect-uninstalled-by-playprotect/5992

I’m banned for life from advertising on Meta. Because I teach Python. — Reuven Lerner

Tags: tech, facebook, ai, machine-learning, automation, criticism

The risks of too much automation… this is chilling to see what using machine learning based system all the way can lead to. It’s just a ridiculous situation and no way to get out of it.

https://lerner.co.il/2023/10/19/im-banned-for-life-from-advertising-on-meta-because-i-teach-python/

We Were Wrong About the GPLs — /dev/lawyer

Tags: tech, foss, licensing, law

Interesting line of argument regarding Free Software licenses. I wonder what the judges will conclude in the end… this could have important consequences.

https://writing.kemitchell.com/2023/10/13/Wrong-About-GPLs

Google-hosted malvertising leads to fake Keepass site that looks genuine | Ars Technica

Tags: tech, browser, google, attention-economy, security

This is a bad case of content moderation if it gets presented to users like this… but Google is not going to leave advertisement money on the table. The way browsers changed in recent years also make this kind of deceptions easier (harder to check certificates, hard to spot punycoding).

https://arstechnica.com/security/2023/10/google-hosted-malvertising-leads-to-fake-keepass-site-that-looks-genuine/

Atlas of Surveillance

Tags: tech, surveillance

US centric but a very welcome tool. Let’s hope we get similar initiatives for other countries as well.

https://atlasofsurveillance.org/

Encrypt. Now.

Tags: tech, privacy, surveillance, politics

Definitely very important as our privacy is attacked once more…

https://blog.tripu.info/encrypt/

Multi-modal prompt injection image attacks against GPT-4V

Tags: tech, ai, gpt, security

This is a hard problem to solve, and going multi-modal makes it harder in my opinion.

https://simonwillison.net/2023/Oct/14/multi-modal-prompt-injection/

Llemma: An Open Language Model For Mathematics | EleutherAI Blog

Tags: tech, mathematics, ai, machine-learning, gpt

On specialized and formalized domains like this it might lead to something interesting. That said there’s a tension with the fact that it doesn’t know when it doesn’t know which might be problematic. Also I wonder how it fares compared to computational models like WolframAlpha. In the end very formal domains like this have large knowledge bases already available.

https://blog.eleuther.ai/llemma/

LocalAI

Tags: tech, ai, machine-learning, gpt, foss

A good way to get some control back if you want to use a LLM. You can host it locally, it’s free software. Definitely a step in the right direction.

https://localai.io/

LocalSend

Tags: tech, tools, foss

Looks like a nice FOSS tool to share files between devices without going through the Internet.

https://localsend.org/

SSH server & client security auditing

Tags: tech, ssh, tools, security

Looks like a nice tool to check if your SSH config is secure. Works both for servers and clients.

https://github.com/jtesta/ssh-audit

Organizing multiple Git identities | Garrit’s Notes

Tags: tech, tools, git

This is pretty much exactly how I organize my projects. I highly recommend this approach, works very well.

https://garrit.xyz/posts/2023-10-13-organizing-multiple-git-identities

An Interactive Intro to CRDTs | jakelazaroff.com

Tags: tech, crdt, web, distributed

Long article in two parts (make sure to read the second one as well) showing how to build an interactive painter with CRDT. Nice way to understand how they work.

https://jakelazaroff.com/words/an-interactive-intro-to-crdts/

Surfacing request errors when using HTMX

Tags: tech, web, frontend, htmx

Nice explanation on how to handle request errors with HTMX. It’s in fact relatively simple even though there’s a couple of pitfalls.

https://xvello.net/blog/htmx-error-handling/

Inside STL: The different types of shared pointer control blocks - The Old New Thing

Tags: tech, c++

This is a too little known fact in my opinion. Good thing someone sheds some light on it.

https://devblogs.microsoft.com/oldnewthing/20230821-00/?p=108626

Why async Rust? - Without boats, dreams dry up

Tags: tech, rust, asynchronous, community

Good exploration on how and why async Rust was designed. As usual it’s not purely for technical reasons, there’s a human and community factor to it.

https://without.boats/blog/why-async-rust/

Learn Wayland by writing a GUI from scratch

Tags: tech, graphics, wayland

Understanding the Wayland protocol by going all the way back to what’s going on with the domain socket. Can serve as a nice introduction.

https://gaultier.github.io/blog/wayland_from_scratch.html

What Every Developer Should Know About GPU Computing

Tags: tech, gpu, computation, architecture

Nice primer on how computation works on GPUs. Goes a bit into the architecture as well. Good starting point.

https://codeconfessions.substack.com/p/gpu-computing

Wrapping Meshes With Geodesic Walks - Casey Primozic’s Homepage

Tags: tech, 3d, web, geometry

Very interesting computational geometry tricks. You can make interesting shapes out of this.

https://cprimozic.net/blog/wrapping-meshes-with-geodesic-walks/

Fluid Simulation

Tags: tech, 3d, gpu, graphics, simulation

Nice notes breaking down how to simulate fluids. Easily translates to GPU computation too.

https://kyndinfo.notion.site/Fluid-Simulation-f0516d9d12e245a08ae5c7545ac822dd

API design principle: Reading a property or adding an event handler should not alter observable behavior - The Old New Thing

Tags: tech, programming, api, design

Definitely a good principle to follow when designing APIs. Otherwise you make them less obvious and more dangerous to use.

https://devblogs.microsoft.com/oldnewthing/20231016-00/?p=108895

Why Software Design Matters - by Kent Beck

Tags: tech, software, design, programming

Yes, definitely this. Plenty of reasons why it’s important.

https://tidyfirst.substack.com/p/why-software-design-matters

To Design or Not To Design? - by Kent Beck

Tags: tech, agile, tests, design, craftsmanship, business

There will always be some design and some testing. The intensity of both activities needs to be properly managed over time though.

https://tidyfirst.substack.com/p/to-design-or-not-to-design

Write more “useless” software | nicole@web

Tags: tech, learning, programming

Play is definitely needed for growth. It’s true for kids, it’s still true for so called grown ups.

https://ntietz.com/blog/write-more-useless-software/

Software engineering is about thinking, not typing | Organizing Chaos

Tags: tech, engineering, productivity

Definitely this. Also with experience you tend to type less and influence others more.

https://jordankaye.dev/posts/thinking-not-typing/

Manage Your Capacity, Not Your Time - The Engineering Manager

Tags: management, productivity, time, energy

Good advices. Keep some slack, have an idea of your energy level, that’s what impacts your capacity. Time is a given you can’t do much with it.

https://www.theengineeringmanager.com/management-101/manage-your-capacity-not-your-time/

Diving into Engineering Metrics - by Nicola Ballotta

Tags: tech, engineering, management, metrics

Good starting point before really exploring this field deeper. Especially important here is the last section on how to use them properly. Be cautious, keep people well-being in mind at all time.

https://hybridhacker.email/p/diving-into-engineering-metrics

Bye for now!

This past weekend I attended the Google Summer of Code Mentor Summit 2023 as part of the KDE delegation.

I have been a mentor for GSOC almost every year since 2005 but this was my first time attending the mentor summit.

There were sessions about the typical things you'd expect: how to get more diverse folks as students, how to make sure we onboard them correctly, sustainability, funding, etc. All in all nothing groundbreaking and sadly no genius solution for the issues we face was given, but to a certain degree it helps to see that most of us have similar problems and it's not that we're doing things particularly wrong, it's just that running a Free Software project is though.

Carl Schwan and me ran a Desktop Linux session together with Jonathan Blandford of GNOME (check his Crosswords game, seems pretty nice) and basically asked folks "How happy are you with the Desktop Linux", you can find the notes about it at https://collaborate.kde.org/s/HKn6BoNCRNezn3K Nothing we don't know about really, Wayland and flatpak/snap are still a bit painful for some folks even if there's a general agreement they are good ideas.

I also organized a little session for all the attendees from Barcelona (it was about 6 of us or so) to sell them talk about Barcelona Free Software

One thing that always pops up in your mind when going to events is "How useful was it for me to attend this" since traveling to California from Europe is not easy, it is not cheap and it means investing quite some time (which in my case included taking vacation from work). 

Honestly, I think it's quite useful and we should attend more similar events. We get to know key people from other projects and we make sure other projects know about us. One of the most funny interactions was me sitting in a table, someone joining and saying "Woah KDE, you guys are super famous, love your work" and literally seconds after another person joining us and saying "Uh, KDE what is that?"

There's not much pictures because Google forbids taking pictures inside their buildings, the few exceptions include the chocolate table, it's quite a large quantity of chocolate we got to try, thanks Robert from Musicbrainz for pushing people to bring it :)

I'd like to thank Google and KDE e.V. for sponsoring my trip to the Summit, please donate at https://kde.org/fundraisers/plasma6member/

The next release for the big three in KDE land (KDE Frameworks, KDE Plasma and KDE Gear) is going to happen at the same time.

This is because we are switching to Qt6[*] and it helps if we can release all the products  at the same time.

If you want to help us with the effort, make sure to donate at https://kde.org/fundraisers/plasma6member/

The agreed schedule is:

8 November 2023: Alpha

KDE Gear 24.01.75 / KDE Plasma 5.80.0 / KDE Frameworks 5.245.0

29 November 2023: Beta 1

KDE Gear 24.01.80 / KDE Plasma 5.90.0 / KDE Frameworks 5.246.0

20 December 2023: Beta 2

KDE Gear 24.01.85 / KDE Plasma 5.91.0 / KDE Frameworks 5.247.0

10 January 2024: Release Candidate 1

KDE Gear 24.01.90 / KDE Plasma 5.92.0 / KDE Frameworks 5.248.0

For KDE Gear that want to ship with Qt6 for this release they need to be switched to Qt6 (and obviously stable) *BEFORE* this date.

31 January 2024: Release Candidate 2

KDE Gear 24.01.95 / KDE Plasma 5.93.0 / KDE Frameworks 5.249.0

21 February 2024: Private Tarball Release

KDE Gear 24.02.0 / KDE Plasma 6.0 / KDE Frameworks 6.0

28 February 2024: Public Release

KDE Gear 24.02.0 / KDE Plasma 6.0 / KDE Frameworks 6.0 

You can see that Alpha is less than 3 weeks away! Interesting times ahead!

[*]  some KDE Gear apps may remain in Qt5 if we have not had time to port them

Do you know isocpp.org's blog? As an open-minded C++ programmer, I am a fond reader and have been inspired multiple times. I always enjoyed the blog posts from Andrey Karpov. He has deep knowledge with static code analysis and is a co-founder of PVS-Studio, a commercial static code analyzer for C++, C#, C, and Java. To advertise new releases of their product, Andrey and his co-workers scan popular open source projects with their tool. They explain the numerous results and showcase by these real-world examples how beneficial static code analysis is even for mature and healthy code bases. I found these posts both entertaining and instructive. If you are not aware of them, you might find them an interesting read: Clang 11, LLVM 15, Qt 6, GCC 13. I find this topic intriguing; nevertheless, for a long time I did not manage to dive deeper into this topic.

I am a satisfied user of Kile, KDE's user-friendly TeX/LaTeX editor. In the span of almost 20 years (Is Kile really that old? When have I gotten this old?), I have typeset dozens of documents with hundreds of pages using Kile. To check Kile's status, I visited its project page. One thing is, that it has not seen a release for a long time. The other thing that caught my eye is the result of cppcheck, visible in every open merge request. Cppcheck is an open-source static code analyzer for C and C++. It tries to find undefined behavior, dangerous code patterns, and bad coding style. GitLab showed a staggering 300+ cppcheck findings for Kile's open merge requests.

Gitab shows for every Kile merge request cppcheck's code quality scan results

This does not mean Kile having 300 bugs! Most findings are harmless, but some real issues might hide between all these findings. Since June I reduced the number of cppcheck findings by almost 200. Thereby, we improved some bad code style and even found real bugs.

Unused variables or unused assigned values

or unused assigned values

or unused assigned values

Unused variables are variables that are in the code but are not used. Closely related are cases of assigned values, that are never used after the assignment. This should not happen, often it is a result of code changes with no longer variables or assignments left. I removed 17 such cases, and it makes the code clearer to understand.

Case closed? Not so fast. In one instance, it revealed a tiny bug.

01 QString icon;
02 if (ext == "application-x-bzdvi" ) {
03     icon = ext;
04 }
05 else if( ext == "htm" || ext == "html" ) {
06     icon = "text-html";
07 }
08 else if(ext == "pdf" ) {
09     icon = "application-pdf";
10 }
11 else if( ext == "txt") {
12     ext = "text-plain";
13 }
[..]
22 else {
23     icon = "text-plain";
24 }
25 return icon;

Cppcheck complained that in line 12 the variable ext gets assigned a value that is never used. Well, yes, because the value should be assigned to icon like in the other if branches. After fixing, text files gained an icon in Kile's documentation browser.

Document browser has now icons for text files, too. The light gray color is a new feature independent of the issue at hand.

Another bug went unnoticed by me, but Kile's maintainer Michel spotted it.

01 //both exist, take most recent
02 if(read1 && read2) {
03     read1 = file1.lastModified() > file2.lastModified();
04     read2 = !read1;
05 }
06
07 if(read1) {
08     dir = S();
09     trg = "index.html";
10
11    translate(dir);
12    setRelativeBaseDir(dir);
13    translate(trg);
14     setTarget(trg);
15 }

Cppchechk warned that in line 4 the value assigned to read2 is never used. I removed the line, but the actual fix was adding an else(read2) branch. This case was forgotten and spotted with a careful review of cppcheck's findings.

C-style pointer castings

C-style castings are tricky, as they are sometimes a promise from the programmer that the types are compatible and the compiler has no way of checking. With C++ there are five (!) different type of casts, many are not dangerous as the compiler can check the compatibility of what the programming is asking for. For more details, see a blog post from Anteru explaining more details.

Six cases of C-style pointer castings were not necessary and could be dropped. Twelve more could be replaced by C++'s static_casts, ensuring all safety checks from C++ are applied.

Other improvements

Many other improvements made the code more beautiful, like having variable scopes reduced as much as possible. This leads to variables that are only known inside a loop, and that variable declaration and its use stay closer together.

In one case cppcheck found a potential memory leak as a variable was created with new whenever the surrounding method was called, but the object was never deleted.

Two for loops with iterators could be slightly simplified by range-based for loops. The latter prevents off-by-one errors and expresses the intend more direct.

That is all?

I fixed only some of the most obvious findings. I spared the complicated ones, as my understand of Kile's code base is still limited. Further, I did not want to introduce new bugs to not endanger the hopefully upcoming release.

In the remaining cppcheck findings are some more potential bugs, their description looks promising.

Have a look at cppcheck findings yourself!

I can recommend to examine cppcheck findings for your project's, too. At first, it might look like a cumbersome task. I am sure it is worth the effort.

Fixing cppcheck findings is also a good junior job to get in touch with the development of your pet part of KDE. Start with some, not too many at once, trivial fixes and follow the feedback from the maintainer. My experience with Kile was pleasant, thanks Michel!

A new release of Doxyqml is out. Doxyqml is the tool which we use to transform our QML code in non working C++ code, but good enough for Doxyqml to understand it. This power the documentation of Kirigami, Kirigami Addons, Plasma Framework and more on api.kde.org.

This release mainly fix various compatibility bugs with more recent QML versions.

Thanks to Frederik Gladhorn, Joshua Goins, Libor Tomsik, Matej Starc and Nikolai R Kristiansen for their contributions to this release.

Here is the full release log:

• Add support for single quote strings(Carl Schwan)
• Ignore private functions in generated api (Carl Schwan)
• Add support for typed functions (Carl Schwan)
• qmlclass.py::add_import: dynamically get import qualifier (Matej Starc)
• Allow arbitrary default arguments (Frederik Gladhorn)
• Fix wasteful newline if there was no meaningful comment (Joshua Goins)
• Change expected test data to account for the new comments (Joshua Goins)
• Simplify header comments, add version/import at the very last minute (Joshua Goins)
• Don’t parse internal module types (Joshua Goins)
• Use @version instead of @since command (Joshua Goins)
• Add import statements for QML components (Joshua Goins)
• Support array literals as function args (Nikolai R Kristiansen)
• Fixed parsing curly brackets in JS function (Libor Tomsik)

The release can be found on PyPi.org.