I am happy to share that this year we were able to host the KDE booth at the 19^th annual Southern California Linux Expo-SCaLE 19X  that took place on July 28-31, 2022 at the Hilton Los Angeles Airport in LA, California.

SCaLE covers visitors from all over the United States and around the world. It is the largest, community-run, open-source, and free software conference in North America.

We collaborated with OpenSUSE, LOPSA and NextCloud with the vision to promote cross community growth and to provide outreach and knowledge regarding our communities. 

Our booth was appreciated for a lot of things but the main attraction was the banner, attendees loved finding the logos of their favorite KDE tools. Our setup consisted of one big screen showcasing a promotional video of KDE, interactive laptops, Plasma Mobile, and lots of Katie and Konqui stickers.

I was pleasantly surprised to see the excitement attendees had seeing us participate; they were willing to know more about our products, and what was going on with the KDE community. People love experimenting on Plasma Desktop and had fun trying out our applications. Plasma Mobile was also a hot topic of discussion and attendees were very eager to know the updates regarding it. Amongst our attendees, we had a lot of college students interested in joining our community and contributing to open source projects in general. 

Attendees of all ages showed a keen interest towards our GCompris Application, with lots of kids enjoying playing educational games. One of the attendees was part of the education administration of a local school district and even expressed some interest in integrating the application as a beta at a few schools.

This was the first time we offered swag at our booth and the Katie and Konqui Stickers were a big hit in attracting attendees to our booth. 

We went into this conference with a specific goal of outreach and spreading the word about KDE and I believe we succeeded quite a bit as we got a chance to work at a grass-roots level and find the next generation of open source contributors who are excited about the future of KDE.

This entire conference would not have been possible without Drew Adams and the entire OpenSuse community who played a huge role in helping us get a foothold at this conference. On behalf of all of KDE we want to thank them and acknowledge all the hard work that was involved to make this event happen.

Hope to see you all at SCaLE 20X next year in March. 

Till then Happy coding.

Dear digiKam fans and users,

After four months of active maintenance and another bug triage, the digiKam team is proud to present version 7.9.0 of its open source digital photo manager. See below the list of most important features coming with this release.

Bundles Internal Component Updates

As with the previous releases, we take care about upgrading the internal components from the Bundles. Microsoft Windows Installer, Apple macOs Package, and Linux AppImage binaries now hosts:

Dolphin 22.12 is going to be released in a few days so it is high time that I report on its big new feature which I have implemented: the selection mode. In this light-hearted video I will present it next to problems, whose solutions have not been implemented yet.

The video has English subtitles.

At the end of the video I am mentioning that supporting KDE through a donation is definitely a good idea. Wait … There is actually a KDE fundraiser going on right now? Here is the link: https://kde.org/fundraisers/yearend2022/

Let’s go for my web review for the week 2022-48.

osquery | Easily ask questions about your Linux, Windows, and macOS infrastructure

Tags: tech, monitoring

This looks like an interesting OS level monitoring solution.

https://osquery.io/

WebAssembly: Go vs Rust vs AssemblyScript :: Ecostack — a developer blog

Tags: tech, webassembly, performance

Little simple benchmark of WebAssembly performances for the most common languages found there. Careful to the payload size though.

https://ecostack.dev/posts/wasm-tinygo-vs-rust-vs-assemblyscript/

Using Rust at a startup: A cautionary tale | by Matt Welsh | Nov, 2022 | Medium

Tags: tech, programming, rust, architecture

Don’t believe claims about Rust (or any other options in fact) being a language for universal use. It has a few spaces where it shines and others where it’ll be a drag. Picking the right language and stack is a multi-factor decision process where the technical advantages of the language itself say less than half of the story.

https://mdwdotla.medium.com/using-rust-at-a-startup-a-cautionary-tale-42ab823d9454

I am disappointed by dynamic typing • Buttondown

Tags: tech, type-systems, metaprogramming

Interesting take about what could make dynamic typing truly shine if it got all the way to runtime manipulation in a consistent manner. We’re far from it though.

https://buttondown.email/hillelwayne/archive/i-am-disappointed-by-dynamic-typing/

Git Notes: git’s coolest, most unloved­ feature - Tyler Cipriani

Tags: tech, git

Obscure feature definitely but we’re happy it’s there… maybe one day it’ll indeed allow to have much more independence from the code forges.

https://tylercipriani.com/blog/2022/11/19/git-notes-gits-coolest-most-unloved-feature/

I/O is no longer the bottleneck

Tags: tech, performance

Definitely this, we have to stop pointing disk I/O so much for performance issues. This is just not really slow anymore. Obviously network is a different story.

https://benhoyt.com/writings/io-is-no-longer-the-bottleneck/

Falsehoods programmers believe about undefined behavior

Tags: tech, compiler, c, c++, rust

Undefined behavior do exist and well… they’re really undefined, don’t make any assumption about them.

https://predr.ag/blog/falsehoods-programmers-believe-about-undefined-behavior/

Cache invalidation really is one of the hardest problems in computer science – Surfing Complexity

Tags: tech, performance, multithreading

Nice summary on the false sharing problem with caches and how it can impact your performances in multithreaded contexts.

https://surfingcomplexity.blog/2022/11/25/cache-invalidation-really-is-one-of-the-hardest-things-in-computer-science/

Recognizing patterns in memory // TimDbg

Tags: tech, debugging, memory

Interesting set of memory patterns. Didn’t know all of them, some are definitely useful and I already use, I’ll try to look for the others next time I need to.

https://www.timdbg.com/posts/recognizing-patterns/

Massively increase your productivity on personal projects with comprehensive documentation and automated tests

Tags: tech, git, project-management, maintenance

Nice list of things to keep in mind when working on projects, even small personal ones. This greatly improve maintainability in the long run.

https://simonwillison.net/2022/Nov/26/productivity/

Why writing by hand is still the best way to retain information - Stack Overflow Blog

Tags: tech, low-tech, note-taking, book

There’s definitely a tension between something which you can organize and search easily (by typing) and something you can remember better (by hand writing). That’s why I can’t get rid of hand written notes completely, I practice a mix of both depending on the use.

https://stackoverflow.blog/2022/11/23/why-writing-by-hand-is-still-the-best-way-to-retain-information/

Bye for now!

Let’s go for my web review for the week 2022-47.

Open letter for the right to install any software on any device - FSFE

Tags: tech, vendor-lockin, foss

Definitely something to sign, let’s get back some freedom on the device we got in our pocket.

https://fsfe.org/activities/upcyclingandroid/openletter.html

Digital environmental impact evaluation accross organizations

Tags: tech, ecology

I often find tools regarding environmental impacts on the client side. This group seems to focus more on the server side, definitely something to look into.

https://boavizta.org/en

The Fediverse Could Be Awesome (if we don’t screw it up)

Tags: tech, fediverse, social-media

This sudden rise of the Fediverse is indeed a chance. Let’s hope it’s not wasted. Good list of things to pay attention to in this article.

https://www.eff.org/deeplinks/2022/11/fediverse-could-be-awesome-if-we-dont-screw-it

ooh.directory

Tags: tech, blog, rss

Woa, that’s definitely welcome. A strong list of blogs to use in your feed aggregator. Time to explore.

https://ooh.directory/

Tree views in CSS

Tags: tech, web, frontend, css

Nice CSS trick to make collapsable trees without too much fuss.

https://iamkate.com/code/tree-views/

An Interactive Guide to Flexbox in CSS

Tags: tech, frontend, browser, css

Nice guide, the interactive parts definitely help. Good way to improve CSS use.

https://www.joshwcomeau.com/css/interactive-guide-to-flexbox/

Internals of sets and dicts | Fluent Python, the lizard book

Tags: tech, python, performance, optimization

Interesting deep dive on how sets and dicts are implemented in CPython. There are a couple of interesting tricks in there.

https://www.fluentpython.com/extra/internals-of-sets-and-dicts/#_footnoteref_6

Always use [closed, open) intervals. A programmer’s perspective

Tags: tech, programming, mathematics

Good reasons to use [closed, open) intervals. If you didn’t know where it was coming from, here it is.

https://fhur.me/posts/always-use-closed-open-intervals

D2 Tour | D2 Documentation

Tags: tech, diagrams

That looks like a nice declarative language to make diagrams. Missing sequence diagrams but otherwise seems fairly useful and readable.

https://d2lang.com/tour/intro/

Ignore RuboCop changes in Git Blame

Tags: tech, git

Now this is a very interesting trick for git. This way large reformatting commits are less of a concern when exploring commit history.

https://blog.testdouble.com/posts/2022-11-21-rubocop-git-blame/

Inhumanity of Root Cause Analysis – Verica

Tags: tech, complexity, project-management, failure, postmortem

A bit heavy handed in the way it tries to paint Root Cause Analysis as evil. Still it has good points about its shortcomings. In particular I appreciate the emphasis on complexity which indeed points to have contributing factors and unexpected outcomes. Definitely things to keep in mind for any postmortem efforts.

https://www.verica.io/blog/inhumanity-of-root-cause-analysis/

The Ancient Japanese Technique That Produces Lumber Without Cutting Trees

Tags: history, japan, ecology

Very interesting technique. Clearly some more work but prevents deforesting like mad for lumber. It’s amazing to see those… clearly a bit like giant bonsais.

https://dsfantiquejewelry.com/blogs/interesting-facts/the-ancient-japanese-technique-that-produces-lumber-without-cutting-trees

Bye for now!

Since the last post about AudioTube, a lot has happened! So in this blog post, you can find a summary of the important changes.

Notable new features

Library

AudioTube now has a library, in which you can see your favourite, most often and recently played songs.

Filtering through previous searches

This allows searching through locally known songs and previous search terms, without even sending a request to youtube.

Lyrics

While playing a song, you can now see the lyrics of the song in a separate tab.

User Interface improvements

Finally, AudioTube displays album covers everywhere. Devin Lin has redesigned and improved the actual audio player. Mathis Brüchert has done several design improvements across the board, like rounded album covers, improved spacing.

The support for wider screens has also been improved, and the queue list will now only expand up too 900 virtual pixels.

Fixes

Fetching thumbnails is now much faster, since in most cases the thumbnail ID can be reliably predicted, without querying yt-dlp. In the few remaining cases, querying yt-dlp is still the fallback

Install

If you want to try AudioTube, you can get the latest stable version from flathub. If you want the latest improvements, which are usually already reasonably stable, you can grab a nightly build from the KDE Nightly flatpak repository.

Code improvements

While developing the library feature, a small new library was developed. I called it FutureSQL, after the QFuture type it uses for most parts of its API. FutureSQL provides an asynchronous API for QtSql, by running the database queries on a separate thread. It also provides convinient template functions for passing parameters to SQL queries.

Possibly the most interesting feature is automatically deserialize the resulting data from an SQL query into a struct. This works thanks to C++ templates.

In the simplest cases, nothing but

struct Song {
	using ColumnTypes = std::tuple<QString, QString, QString, QString>;

	QString videoId;
	QString title;
	QString album;
	QString artist
}

is required.

The library version of this code does not yet have a stable release, however you can already try the API if you build the library from the repository.

The major new feature in this release is initial QML support, contributed by Jonah Brüchert. Jonah also contributed QObject::connect helper and a coroutine version of QQuickImageProvider. As always, this release includes some smaller enhancements and bugfixes, you can find a full list of them on the Github release page.

As always, big thank you to everyone who report issues and contributed to QCoro. Your help is much appreciated!

Initial QML Support

Jonah Brüchert has contributed initial support for QML. Unfortunately, we cannot extend the QML engine to support the async and await keywords from ES8, but we can make it possible to set a callback from QML that should be called when the coroutine finishes.

The problem with QCoro::Task is that it is a template class so it cannot be registered into the QML type system and used from inside QML. The solution that Jonach has come up with is to introduce QCoro::QmlTask class, which can wrap any awaitable (be it QCoro::Task or any generic awaitable type) and provides a then() method that can be called from QML and that takes a JavaScript function as its only argument. The function will be invoked by QCoro::QmlTask when the wrapped awaitable has finished.

The disadvantage of this approach is that in order to expose a class that uses QCoro::Task<T> as return types of its member functions into QML, we need to create a wrapper class that converts those return types to QCoro::QmlTask.

Luckily, we should be able to provide a smoother user experience when using QCoro in QML for Qt6 in a future QCoro release.

class QmlCoroTimer: public QObject {
 Q_OBJECT
public:
 explicit QmlCoroTimer(QObject *parent = nullptr)
 : QObject(parent)
 {}

 Q_INVOCABLE QCoro::QmlTask start(int milliseconds) {
 // Implicitly wraps QCoro::Task<> into QCoro::QmlTask
 return waitFor(milliseconds);
 }

private:
 // A simple coroutine that co_awaits a timer timeout
 QCoro::Task<> waitFor(int milliseconds) {
 QTimer timer;
 timer.start(milliseconds);
 co_await timer;
 }
};

...
QCoro::Qml::registerTypes();
qmlRegisterType<QmlCoroTimer>("cz.dvratil.qcoro.example", 0, 1);

import cz.dvratil.qcoro.example 1.0

Item {

 QmlCoroTimer {
 id: timer
 }

 Component.onCompleted: () {
 // Attaches a callback to be called when the QmlCoroTimer::waitFor()
 // coroutine finishes.
 timer.start(1000).then(() => {
 console.log("1 second elapsed!");
 });
 }
}

Read the documentation for QCoro::QmlTask for more details.

QCoro::connect Helper

The QCoro::connect() helper is similar to QObject::connect() - except you you pass in a QCoro::Task<T> instead of a sender and signal pointers. While using the .then() continuation can achieve similar results, the main difference is that QCoro::connect() takes a pointer to a context (receiver) QObject. If the receiver is destroyed before the connected QCoro::Task<T> finishes, the slot is not invoked.

void MyClass::buttonClicked() {
 QCoro::Task<QByteArray> task = sendNetworkRequest();
 // If this object is deleted before the `task` completes,
 // the slot is not invoked.
 QCoro::connect(std::move(task), this, &handleNetworkReply);
}

See the QCoro documentation for more details.

Full changelog

See changelog on Github

Let’s go for my web review for the week 2022-46. With all the turmoil in the social media space, this looks a bit like a special edition on this topic (more links to articles related to that than usual).

Microsoft “irreparably damaging” EU’s cloud ecosystem, industry group claims | Ars Technica

Tags: tech, microsoft, cloud, vendor-lockin

More anti-trust pressure coming toward Microsoft. Let’s see how it goes.

https://arstechnica.com/tech-policy/2022/11/microsoft-irreparably-damaging-eus-cloud-ecosystem-industry-group-claims/

Infosys leaked FullAdminAccess AWS keys on PyPi for over a year | Tom Forbes

Tags: tech, security

Shady practices clearly… don’t commit secrets in repositories. There are even tools to check this doesn’t happen.

https://tomforb.es/infosys-leaked-fulladminaccess-aws-keys-on-pypi-for-over-a-year/

“When We All Have Pocket Telephones”: A 1920s Comic Accurately Predicts Our Cellphone-Dominated Lives | Open Culture

Tags: tech, smartphone, history, culture

Interesting look at the perception of cellphones before they even existed.

https://www.openculture.com/2022/08/when-we-all-have-pocket-telephones.html

The Age of Social Media Is Ending - The Atlantic

Tags: tech, social-media

Interesting point of view, also lays out nicely how social networks degenerated into social media. I appreciate this kind of perspective.

https://www.theatlantic.com/technology/archive/2022/11/twitter-facebook-social-media-decline/672074/

Fediverse

Tags: tech, fediverse, social-media, ecology

Good thinking about the recent Mastodon users increase. Highlights fairly well why it’s desirable, why it’s a better social media platform but also the challenges ahead… including resources consumption.

https://bastianallgeier.com/notes/fediverse

Home invasion - Mastodon’s Eternal September begins

Tags: tech, fediverse, social-media

Success is a two sided coin. Clearly this mass exodus of Twitter users will overwhelm existing Mastodon users and a few instance administrators. It’s understandable that is can be perceived as some kind of assault from people not used to the customs. How will the preexisting culture hold? The Pandora box is now opened we shall see.

https://www.hughrundle.net/home-invasion/

Is the fediverse about to get Fryed? (Or, “Why every toot is also a potential denial of service attack”) – Aral Balkan

Tags: tech, architecture, fediverse, performance, social-media

There are indeed a few architectural problems with the Fediverse as it is. Can this be solved? Hopefully yes.

https://ar.al/2022/11/09/is-the-fediverse-about-to-get-fryed-or-why-every-toot-is-also-a-potential-denial-of-service-attack/

How fast is ASP.NET Core?

Tags: tech, benchmarking, web, framework, microsoft, dotnet

Don’t believe too good to be true marketing claims by vendors. Clearly something went wrong there and the benchmark has been gamed.

https://dusted.codes/how-fast-is-really-aspnet-core

Refactoring with =delete

Tags: tech, programming, refactoring, c++

This is a clever and important use of =delete which I sometimes miss in other languages.

https://quuxplusone.github.io/blog/2022/11/11/refactoring-with-delete/

Immutable Collections should be Your Default

Tags: tech, programming, multithreading, java

Illustrated with Java, still this highlight fairly well the caveats of mutable collections in multithreaded code.

https://alexn.org/blog/2022/10/27/immutable-collections-your-default/

Performance Optimizations Can Have Unexpectedly Large Effects When Combined With Caches

Tags: tech, performance, optimization

Interesting take about how performance optimizations can sometimes leverage even more performance gains than you would expect.

https://justinblank.com/notebooks/performanceoptimizationscanhaveunexpectedlylargeeffectswhencombinedwithcaches.html

The hidden cost of complexity

Tags: tech, software, complexity

A simplified mental model of complexity in software projects. It’s not completely accurate but is valuable in the way it is easy to reason about it and probably use it for decision making.

https://medium.com/@dolevp/the-hidden-cost-of-complexity-d9d8eb91594c

Split Your Overwhelmed Teams - ACM Queue

Tags: tech, management, team, burnout

Interesting take of the cognitive overload in bigger teams which end up with more responsibilities. Indeed splitting the teams and the responsibilities can then be a way out.

https://queue.acm.org/detail.cfm?id=3570920

Why do we call it “boilerplate code?” • Buttondown

Tags: tech, programming, history, etymology

I love this kind of explorations. Where does the term boilerplate code come? Let’s find out.

https://buttondown.email/hillelwayne/archive/why-do-we-call-it-boilerplate-code/

Digital Books wear out faster than Physical Books - Internet Archive Blogs

Tags: book, low-tech

The limits of digital books, this won’t get me off the paper books addiction I got.

http://blog.archive.org/2022/11/15/digital-books-wear-out-faster-than-physical-books/

Bye for now!

Ever since work on NeoChat has started in 2020, the most requested feature has been support for end-to-end (E2EE) encrypted rooms. Unfortunately, while libQuotient, the library NeoChat uses for dealing with the Matrix protocol, had some pre-existing support for E2EE, it was not in a functional state at that time and was thus not enabled by default.

History

Early in 2021, Carl and I were made aware of NLnet, a dutch foundation that sponsors many open source projects, and decided to apply for some funding there to expedite the development process. Fortunately, the application process at NLnet is very light-weight, so there isn't a lot of risk involved in applying for funding. A while after sending our application, NLnet got back to us with the good news that they would indeed be funding E2EE work for NeoChat and libQuotient.

The actual development work started with creating Qt-Style bindings for libOlm, the library that provides implementations of the cryptographic functions required for implementing end-to-end encryption in matrix. Most of this work was done by Carl and is now merged into libQuotient.

Building on this foundation, we implemented support for reading and sending encrypted messages into libQuotient. This includes support for all of the different types like texts, images, files, audio and others. By integrating this into libQuotient, this is almost completely transparent to the actual application, meaning that for the most part, app developers building on top of libQuotient do not need to do extra work for supporting E2EE. There are some parts, like loading images and notifications, that will need slight adaptions from how they were implemented before supporting E2EE. If you, as an app developer, have questions about those, come talk to us in #quotient:matrix.org.

The last part of end-to-end encryption that has been implemented so far is device verification. Device verification allows users to verify that their devices are actually who they claim they are and are not subject to, for example, a man-in-the-middle attack.

What works right now

For this to work, you need to use a dev-branch build of libQuotient with the correct build flags and a build of NeoChat from the master branch. (You will not find the correct versions of libQuotient or NeoChat in your package manager yet; if you do, please tell the packagers not to ship them yet 😃).

NeoChat can show new messages in all of your encrypted rooms and send useful notifications for them. It can also send all types of messages in those rooms, including through the Quick-Reply feature KNotifications offers on some platforms.

You can also verify your other devices by comparing emojis. This can be started either from a different client or from NeoChat's device settings page.

There is one known bug that sometimes causes the first message sent from a megolm session (this typically means the first message sent from a specific device) to not be decryptable. This is purely a UI bug and restarting NeoChat should fix it. This is actually a bug in Qt that will hopefully be fixed upstream soon.

Coming soon

The immediate next step is releasing version 0.7 of libQuotient, which will contain all of the previously mentioned features. We're currently in a phase of several beta releases for this, which means that the final release will be coming very soon. At that point, distros will be able to start shipping E2EE-enabled versions of libQuotient and NeoChat. (At this point i should probably mention that this is still not the most mature work and will thus not be enabled by default 😃)

Next steps

The next features we will implement are:

• Cross-signing, which allows users to verify the identity of other users in a simple way.
• Recovery from undecryptable messages, building on the previous device verification work
• Secure Secret Storage and Sharing (SSSS), which is a method of securely storing encryption keys server-side, which allows us to load existing messages on a new device.
• By this time, the matrix community will have probably come up with more amazing things to implement 😃

Special Thanks

• NLnet, for funding this work (Sorry for taking so long!)
• Alexey Rusakov, maintainer of libQuotient, for spending a lot of his time reviewing my merge requests and a lot of the rest of his time working on libQuotient in general
• Carl Schwan, for reviewing all of my merge requests and working on NeoChat in general
• James & Jan, for reporting a lot of bugs, fixing a lot of bugs and adding many new features & improvements
• Everybody else who uses & tests NeoChat, reports bugs, fixes bugs, implements features, ...

Lessons learned

• Implementing end-to-end encryption is hard
• It is also a lot of fun :)
• Applying for an NLnet grant is easy, you should do it

Getting involved

There's always more things to do in NeoChat. Come talk to us in #neochat:kde.org and have a look at community.kde.org/Get_Involved.

Welcome to my new blog.

This is the successor of my previous blog on https://dragotin.wordpress.com.

After paying wordpress quite some money to get an advertise free blog I decided to get rid of that and have my own hosted blog where I do not have to pay for not having battle ships or girls underneath my articles. Yes, that is true: Readers sent me screenshots with this kind of images.

So I am starting this journey here with Hugo. Let’s see how that turns out :-)