I am happy to announce a new release of GNU poke, version 1.2.

This is a bug fix release in the poke 1.x series, and is the
result of all the user feedback we have received since we did
the last release.  Our big thanks to everyone who provided
feedback :)

See the file NEWS in the released tarball for a detailed list
of changes in this release.

The tarball poke-1.2.tar.gz is now available at
https://ftp.gnu.org/gnu/poke/poke-1.2.tar.gz.

  GNU poke (http://www.jemarch.net/poke) is an interactive,
  extensible editor for binary data.  Not limited to editing basic
  entities such as bits and bytes, it provides a full-fledged
  procedural, interactive programming language designed to describe
  data structures and to operate on them.

This release is the product of a month of work resulting in 37
commits, made by 5 contributors.

Thanks to the people who contributed with code and/or
documentation to this release.  In certain but no significant
order they are:

   Mohammad-Reza Nabipoor
   David Faust
   Egeyar Bagcioglu
   Konstantinos Chasialis

Thank you all!  It is a real pleasure to hack with you.

And this is all for now.
Happy poking!

--
Jose E. Marchesi
Frankfurt am Main
18 April 2021

https://www.wsj.com/articles/amazon-strong-arms-partners-across-multiple-businesses-11618410439

"Amazon.com Inc. last year told smart-thermostat maker Ecobee it had to give the tech giant data from its voice-enabled devices even when customers weren’t using them."

"Amazon responded that if Ecobee didn’t serve up its data, the refusal could affect Ecobee’s ability to sell on Amazon’s retail platform..."

Magali Lemes joined Guix in December for a three-month internship with Outreachy. Magali implemented a guix git log command to browse the history of packaging changes, with mentoring from Simon Tournier and Gábor Boskovits. In this blog post, Magali and Simon wrap up on what's been accomplished.

Magali

The first tasks I had to do were pretty simple and were mainly meant to both get me acquainted with the source code and set the building blocks of the project. They were very important so that I could gradually build the subcommand. For starters, I created a Guix repository on Gitlab, so that I could push all the work I had done there, tweaked a little bit of the source code, and then proceeded to have the guix git log subcommand show the default channel checkout path.

From there on, I started adding options to the subcommand. The oneline option was the first and simplest option, and it pretty much emulates what git log --oneline does: it displays the commit short hash id and title. Afterwards, other options such as format, pretty, and grep came along. The possibility of retrieving commits from other channels---and not only from the default one---was also implemented. An example of invoking the subcommand would be:

guix git log --oneline --grep=guile-git

The road to doing all of this wasn't always smooth. Right at the beginning of the internship, for instance, I struggled with getting a segmentation fault error. It was a known bug, and I was able to overcome it.

I also got to participate in the one-day Guix workshop---a FOSDEM 2021 fringe event---and presented the work I had done so far. It was quite nice demonstrating the subcommand, receiving feedback and questions, and I could also get to know other things that were being worked on in Guix.

In the post I wrote three months ago, I mention that I wish I could gain meaningful experience and improve my communication skills. I'm glad to say that I feel like I was able to achieve that. Sending emails, explaining what I had done, and asking questions about what I had to do during the weekly meetings were a few of the situations I had to face, and that made me improve these skills. I also had a taste of what it's like to take part in a free software project, got to know a few people, and learned quite a lot about Guile Scheme.

One thing, though, that I wasn't able to implement in due time was the commit limiting options, such as guix git log --after=YYYY-MM-DD and guix git log --before=YYYY-MM-DD.

Hopefully, soon users will be able to invoke guix git log, and have the commit history from all Guix channels they have.

Simon

It was my first experience mentoring for the Outreachy program and now I am glad I did it. I have learnt a lot on various topics. I had already mentored interns occasionally, though it was the first time fully remote, not on the same timezone, and with code on which I am not expert. Thanks Gábor, Ludovic and Ricardo for pushing me to jump in this journey.

Reading back the initial proposal coming from a 2019 question, I am happy by the insofar Magali's internship. It paves the way for future proposals or the implementation of other guix git subcommands.

Next Outreachy round & acknowledgment

Guix is participating in the upcoming Outreachy round. If you are eligible, please get in touch with us and consider applying by April 30th!

In light of recent changes at the Free Software Foundation (FSF) and Outreachy’s subsequent decision to refuse funds coming from the FSF, we are grateful to Software Freedom Conservancy (SFC) for their decision to sponsor our upcoming internship. We are working on a longer-term solution so we can keep participating in Outreachy. In the meantime, thanks a lot, Conservancy!

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the kernel Linux, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

Terminal Hyperlinks are a new way for programs to print click-able text in terminals and terminal emulators.  Along with the app:// protocol, the hyperlinks can be used to greatly enhance the experience of using CLI (command-line interface) programs.  We are making extensive usage of this novel feature in GNU poke and we are very happy with the results.

This short video introduces the terminal hyperlinks, the app protocol and shows a few examples on how poke uses them.

https://www.youtube.com/watch?v=9Eg9Zn8AtY8

Fixed many more minor fuzzing errors.
See https://www.gnu.org/software/libredwg/ and https://github.com/LibreDWG/libredwg/blob/0.12.4/NEWS

Here are the compressed sources:
http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.4.tar.gz (17.4MB)
http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.4.tar.xz (9MB)

Here are the GPG detached signatures[*]:
http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.4.tar.gz.sig
http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.4.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

Here are more binaries:
https://github.com/LibreDWG/libredwg/releases/tag/0.12.4

Here are the SHA256 checksums:

```
081e9a70be529542b905b04be73e3e7590d60b1e976c0227f47004f3373ed9b1  libredwg-0.12.4.tar.gz
918857f119c34d9bef17321b646c4ba0fbfaa93dcaced403bae1933e1d9a6517  libredwg-0.12.4.tar.xz
```

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify libredwg-0.12.4.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414

and rerun the gpg --verify command.

users of a GTK-based desktops (LXDE, MATE, possibly others) on the i686 system, should refrain from upgrading for some time, or else the desktop may not start properly - this bug does not affect X86_64

Around 3 years ago I revamped planet.gnu.org and hosted it myself, as the previous host was defunc.

I won't have the energy host it for much longer, so planet.gnu.org is now looking for a new host and maintainer.
In any case I'll shut down the service when I upgrade to Debian 11 "bullseye" in a few months.

Everything needed to run the service is documented and stored in the infra and config repositories, there is no private data. A previous blog post discusses upcoming tasks. The [email protected] contact point is now managed by GNU's Mailman instance. The DNS alias is managed by the FSF sysadmins.

Of the deeper thoughts I might give to this moment, I have given them elsewhere. For this blogpost, I just want to speak of feelings... feelings of hurt and hope.

I am reaching out, collecting the feelings of those I see around me, writing them in my mind's journal. Though I hold clear positions in this moment, there are few roots of feeling and emotion about the moment I feel I haven't steeped in myself at some time. Sometimes I tell this to friends, and they think maybe I am drifting from a mutual position, and this is painful for them. Perhaps they fear this could constitute or signal some kind of betrayal. I don't know what to say: I've been here too long to feel just one thing, even if I can commit to one position.

So I open my journal of feelings, and here I share some of the pages collecting the pain I see around me:

The irony of a movement wanting to be so logical and above feelings being drowned in them.

The feelings of those who found a comfortable and welcoming home in a world of loneliness, and the split between despondence and outrage for that unraveling.

The feelings of those who wanted to join that home too, but did not feel welcome.

The pent up feelings of those unheard for so long, uncorked and flowing.

The weight and shadow of a central person who seems to feel things so strongly but cannot, and does not care to learn to, understand the feelings of those around them.

I flip a few pages ahead. The pages are blank, and I interpret this as new chapters for us to write, together.

I hope we might re-discover the heart of our movement.

I hope we can find a place past the pain of the present, healing to build the future.

I hope we can build a new home, strong enough to serve us and keep us safe, but without the walls, moat, and throne of a fortress.

I hope we can be a movement that lives up to our claims: of justice, of freedom, of human rights, to bring these to everyone, especially those we haven't reached.

We are pleased to announce the release of Cuirass version 1.0, after almost five years of development and around 700 commits from 14 contributors.

Cuirass is the GNU Guix continuous integration software. It's a general purpose build automation server written in GNU Guile that checks out sources from VCS repositories, execute build jobs and store build results in a database. Cuirass also provides a web interface to monitor the build results.

Cuirass is running on the GNU Guix build farm.

Since January, the project is funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation, as explained here.

Thanks to this support, we were able to speed up the developments and finally propose a first release of this software. Many things have changed in Cuirass over the years and now is the perfect time to give it a try.

Here are the highlights of this new release.

Database

Let's start with the database that is the core of Cuirass. Until recently Cuirass was using an SQLite3 database. This technological choice proved to be quite challenging, and we had some troubles to make it scale as discussed here.

Cuirass now uses a PostgreSQL database, bringing the performance issues to an end while providing much more stability. Almost all the SQL queries are covered by test cases.

Specifications

In order to build some derivations, Cuirass first needs to be told what to build. Originally, an obscure association list describing the requested build jobs had to be passed to Cuirass.

Cuirass now operates on specification records that are described here. This input format is much more easy to understand for the user. It relies on Guix channels, which are well-adopted.

Here are a few different specifications examples.

This will build all the packages of the my-channel channel.

(list (specification
       (name "my-channel")
       (build '(channels my-channel))
       (channels
        (cons (channel
               (name 'my-channel)
               (url "https://my-channel.git"))
              %default-channels))))

This will build the linux-libre package on the default Guix channel master branch.

(list (specification
           (name "my-linux")
           (build '(packages "linux-libre"))))

Finally, this will build the packages declared in the my-manifest file of the my-channel channel, against the core-updates branch of the default Guix channel.

(list (specification
       (name "my-core-manifest")
       (build '(manifests "my-manifest"))
       (channels
        (list (channel
               (name 'my-channel)
               (url "https://my-channel.git"))
              (channel
               (name 'guix)
               (url %default-channel-url)
               (branch "core-updates"))))))

For people willing to spare some parens, a specification edition form has been implemented in the Web interface.

The Cuirass home page has also been updated to reflect this new input format.

Notifications

This feature was rightfully requested many times as this is a basic of any respectable CI system. Cuirass can now report failing and fixed builds in three different ways:

• By email on the [email protected] mailing list.

• Using Mastodon thanks to the Guile-Mastodon bindings.

• Using the RSS feed available here.

New build mode

The traditional way of building things in Cuirass is to send batches of derivations that need to be built to the local Guix daemon. The daemon can possibly offload those builds to other machines. While it's probably the most sensible way to proceed, this solution doesn't scale well and suffers from some limitations.

• There's no way to influence the scheduling decisions of the Guix daemon. It's quite delicate to prioritize builds or build machines from Cuirass.

• The Guix daemon doesn't offer much feedback. Cuirass needs to parse the debug output of the daemon to detect build events such as start and stop events.

• Using a unique daemon means using unique build parameters such as build timeout and max-silent-time properties. Some packages have different build properties and Cuirass cannot honor them.

• When relying heavily on offloading, the Guix daemon scales badly. Builds that often take a longer time to complete, such as emulated builds can saturate the build queue.

For all those reasons, using a new build mode seemed like a necessary evil. The rationale behind this new build mode is to have Cuirass communicate directly with the Guix daemons of all the offloading machines. Instead of dealing with a single, local, Guix daemon, Cuirass can now interact with several Guix daemons on remote machines.

The build jobs are not submitted to the local Guix daemon. Instead, a remote server dispatches build requests to the connect remote workers, according to the build priorities.

The remote server and the connected workers communicate using ZeroMQ over TCP. The workers are able to discover the remote server using Avahi.

The built items are exchanged as substitutes by spawning Guix publish servers both on the remote server and on each connected remote worker.

It seems more complex, and it is indeed more complex. However, the performance gains are real.

This chart shows the CPU idle time percentage of the GNU Guix build farm machines. The introduction of the remote building mechanism around January 2021 results in a much higher activity of the connected machines.

This remote build mode also unlocked new features such as:

• The live streaming of build logs from remote workers to Cuirass so that they can be browsed in real time through the web interface.

• The support for timeout and max-silent-time package properties.

• The support for specification and package priorities.

• The new "Workers status" and "Machine status" pages allowing to closely monitor remote machine activities.

The workers status page is accessible here.

The machine status page is accessible here.

Web interface

Besides the features related to the specification record introduction, several improvements were brought to the Web interface.

Some administration actions that previously required manual SQL intervention can now be performed directly through the Web interface.

Any Cuirass administrator can now:

• Add a specification
• Edit a specification
• Delete a specification
• Cancel an evaluation pending builds
• Retry all builds of an evaluation
• Retry an evaluation
• Restart a build

The build page was also improved to display the build weather and a build history.

Several issues were also fixed such as the broken pagination and the negative build duration.

Metrics

Cuirass computes periodically various metrics such as:

• Average evaluation duration per specification (seconds).
• Difference between newly added derivations and built derivations per day.
• Average time required for an evaluation to start its builds.
• Evaluation completion speed.
• Sum of currently pending builds.
• Builds count per machine during the last day.
• Percentage of failed evaluations.

Those metrics can be browsed here.

Documentation

The Cuirass documentation is now updated to reflect those changes and can be browsed online.

The release itself is available on Cuirass home page.

The Guix's Cuirass package as well as the Cuirass service were also updated.

Going further

The NLNet grant will allow me to keep working on Cuirass for a couple more months. This will hopefully help us to:

• Connect more armhf/aarch64 machines to the build farm.

• Fix the build dependencies issue

• Add a substitutes availability API and its counterpart in GNU Guix to improve the the channel-with-substitute-available procedure to take a manifest argument. This way, the guix pull command can be instructed to only update to Guix revisions where the manifest packages are all substitutable.

This release is an important milestone as, combined with the recent substitute improvements, the whole substitute availability & download speed situation is now largely mitigated, at least on Intel architectures.

Don't hesitate to run your own Cuirass server to build stuff ahead of the GNU Guix build farm, or to build your custom channels. Also feel free to share the features you would like to see in the next Cuirass release.

I just uploaded the pilot test of what will be a series of videos indended to show how to use poke, writing pickles, and the like.  It is very improvised and I have never made a screencap/video of this kind before, so please bear with me ;)

https://youtu.be/n3ErUiLwFN4

Happy poking!

Let’s face it: functional package managers like Guix provide unequaled support for reproducibility and transactional upgrades, but the price to pay is that users often spend a fair amount of time downloading (or building) packages. Download times are okay on day-to-day use but they’re a pain point when performing large upgrades or when installing Guix System for the first time.

With that in mind, it should come as no surprise that Michael Stapelberg’s excellent 2020 Arch Linux Conference talk and the installation speed achieved by distri were a great motivation boost. Michael proposes radical ideas to speed up package installation, such as downloading and mounting ready-to-use SquashFS images. Not everything can be transposed to Guix as-is, but it certainly got us thinking.

This article dives into improvements made over the last few months that will be in the upcoming 1.2.1 release, and which are already one guix pull away; they all contribute to making substitute download and installation “faster”. This is an evolution of the existing mechanisms rather than a revolution, but one that users will surely welcome.

Reducing latency

One of the first things we notice is latency between subsequent substitute downloads. It may sound ridiculous, but guix-daemon would spawn one helper process (running the internal guix substitute command) for each substitute download. That means that not only would it create a new process each time, it would also be unable to reuse connections to the substitute servers. This is particularly noticeable and wasteful when downloading many substitutes in a row, such as when installing Guix System for the first time.

The latency in between subsequent substitute downloads was primarily this: fork (creating a new process), TCP connection establishment and TLS connection handshake. When running perf timechart record guix build … (what a wonderful tool perf timechart is!), we get this Gantt diagram, which gives an idea of all the time wasted creating these processes, waiting for them to initialize and connect to the substitute server, and so on:

Why was it done this way? Because the daemon, written in C++ and inherited from Nix, would historically delegate substitution to helper programs, with a flexible but naive protocol between the daemon and those helper programs.

Back in December, we tackled this issue (followup): the daemon would now launch a single guix substitute process and reuse it for subsequent substitute downloads. In turn, guix substitute would cache connections so we save time on connection establishment.

Another observation we made is that guix-daemon implemented post-processing steps after each download that would contribute to latency. Once guix substitute had completed a download and extracted the archive to the store, the daemon would traverse this store item a couple of times to reset file timestamps/permissions (“metadata canonicalization”), to deduplicate files, and to verify the integrity of the whole store item. This is I/O-intensive and particularly wasteful for store items with many files. Our next step was to delegate all this work to guix substitute, which allows it to pipeline archive extraction, integrity checks, deduplication, and metadata canonicalization. All this happens as the bytes flow in and no extra traversal is needed.

The speedup offered by these optimizations depends on several factors, including the latency of your network, the speed of your CPU and that of your hard disk, and it grows with the number of substitutes fetched in a row. What we can say is that even in a “favorable” situation—low-latency network, fast CPU, fast storage device—it definitely feels snappier.

Increasing bandwidth

With the latency issue pretty much solved, the next step was to look at bandwidth. When we introduced lzip-compressed substitutes back in 2019, the assumption was that a much higher compression ratio (compared to gzip), would inevitably translate to faster downloads. That is true… but only for some bandwidth/CPU power configurations.

Specifically, it turns out that, for someone with a fast connection, such as fiber-to-the-home (FTTH), downloads of lzip-compressed substitutes are actually CPU-bound. In other words, the limiting factor is the processing time to decompress those lzip’d archives—not the available bandwidth. Lzip currently achieves the best compression ratios so far, and that’s great, but decompression is compute-intensive.

Ever-increasing bandwidth is what drove the design and implementation of newer compression methods, such as “Z standard”, colloquially known as “zstd”. The decompression speed of zstd is on the order of 3.5 higher than that of gzip and an order of magnitude higher than that of lzip; but unlike the venerable lzo, zstd achieves high compression ratios: at level 19, the compression ratio of zstd is lower than that of lzip but in the same ballpark. Guillaume Le Vaillant provided an insightful comparison of gzip, lzip, and zstd on a plot showing their decompression speed as a function of the compression ratio:

There are several takeaways. First, zstd decompression is always faster than the alternatives. Second, zstd compresses better than gzip starting from level 2, so gzip “loses” on both criteria. Last, zstd at level 19 achieves a compression ratio comparable to lzip level 5 or 6—lzip level 9 remains better in that regard.

With brand new Guile bindings to zstd, we were able to add zstd support to guix publish and guix substitute. But what policy should be adopted for the official substitute server at ci.guix.gnu.org?

Our goal is to maximize substitute download speed. In some configurations, for example on relatively slow connections, fetching lzip substitutes is not CPU-bound; in those cases, fetching lzip substitutes remains the fastest option. And of course, there are these other configurations where lzip decompression is the limiting factor, and where we’d rather fetch a slightly less compressed zstd substitute (or even a much less compressed gzip substitutes, sometimes).

The solution we came up with is a naive but efficient solution: client-side adaptive compression selection. When it fetches and decompresses a substitute, guix substitute monitors its CPU usage as reported by times. If the user time to wall-clock time ratio is close to one, that probably means the substitute fetch and decompression process was CPU-bound; in that case, choose a compression method that yields faster decompression next time—assuming the substitute server offers several options. Conversely, if CPU usage is close to zero, the process is probably network-bound, so next time we’ll choose a better-compressed option.

The official server at ci.guix.gnu.org now provides zstd-compressed substitutes in addition to lzip and gzip. An extra complication is that we cannot drop gzip compression just yet because pre-1.1.0 Guix installations understand nothing but gzip. To ease transition, the server will probably offer substitutes in all three compression formats for one more year or so.

There’s a good reason to upgrade your daemon though: you’ll be able to benefit from those zstd substitutes and if you have high bandwidth, you’ll quickly see the difference!

Grabbing substitutes from your neighbors

When it comes to increasing download speeds, another option is to download from your neighbors rather than from a server far away. This is particularly useful at the workplace, where machines around you are likely to already have the store items you’re looking for, or, say, at Guix gatherings—at least when we can meet physically again…

The idea had been floating around for some time as a direct benefit of reproducible builds and co-maintainer Mathieu Othacehe recently implemented it. As Mathieu explains in his blog post, guix publish can now advertise itself on the local network using the mDNS/DNS-SD protocol via Avahi; when guix-daemon is passed the --discover option, guix substitute automatically discovers local substitute servers and adds them as the preferred download location. The Guix System installation image even allows you to enable it to speed up the installation process:

Again, that only speeds things up if substitute servers use a compression method with fast decompression, and with either a cache or fast compression if they compress things on the fly. Zstd comes in handy for that: Guillaume’s measurements show that zstd compression is inexpensive at low compression levels, while achieving higher compression ratios than gzip.

Going further

Put together, these changes have the potential to noticeably improve user experience. But as I wrote in the introduction, it’s not revolutionary either—users still have to download all these things.

The next big step might come from fetching substitutes over peer-to-peer, content-addressed networks such as IPFS or GNUnet. Their content-addressed nature could allow users to download less. The performance characteristics of these networks is less clear though.

There is still value in a plain HTTP-based substitute protocol like the one currently used that is easy to set up, though. In that spirit, an option would be to “upgrade” the existing substitute protocol to take advantage of content-addressability. After all, the daemon already performs file-level deduplication and there’s a fair amount of identical files between subsequent builds of the same package. So… what if we only downloaded those files not already available locally? This idea is appealing but we need to go beyond the prototyping phase to get a better idea of its viability.

For completeness, another option currently investigated by the Nix developers is that of “content-addressed derivations”. While currently store file names contain a hash of the inputs used to produce them, the idea of content-addressed derivations is to make it a content hash; that way, if an input change has no effect on the build result, the output is the same and nothing needs to be re-downloaded (this is what Eelco Dolstra described as the intensional model in Chapter 6 of his seminal PhD thesis). This option is appealing, also for other reasons, but it’s a fundamental change with what looks like a high implementation complexity and transition cost. We have yet to gauge the pros and cons of following this approach.

Until then, we hope Guix 1.2.1 will bring your faster substitutes and happiness!

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the Hurd or the Linux kernel, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

This is the email I sent to <[email protected]>, cc  <[email protected]>

Dear FSF,

I write this letter to support Dr. Richard Stallman as a board member of FSF.

Dr. Richard Stallman has been a strong leader in Free Software Movement ever since the beginning of free software. He has been always thinking from the free software point of view, and has been constantly promoting free software and free software community. This is what we need in Free Software Foundation. This is what we need to inspire people to work for the goal of Free Software Foundation.

I am expecting Dr. Richard Stall to do his best in FSF and wish him all the best.

best regards,
wxie

GNU Parallel 20210322 ('2002-01-06') [stable] has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

No new functionality was introduced so this is a good candidate for a stable release.

Please help spreading GNU Parallel by making a testimonial video like Juan Sierra Pons: http://www.elsotanillo.net/wp-content/uploads/GnuParallel_JuanSierraPons.mp4

It does not have to be as detailed as Juan's. It is perfectly fine if you just say your name, and what field you are using GNU Parallel for.

Quote of the month:

  GNU Parallel is my new favorite thing
    -- Will Tejeda @thewilltejeda

New in this release:

• Bug fixes and man page updates.

News about GNU Parallel:

• The very first version of Parallel dated 2002-01-06 was found in an old backup:

  #!/usr/bin/perl

  $processes=shift;

  chomp(@jobs=<>);
  for (@jobs) {
      $jobnr++;
      push @makefile,
      (".PHONY : job$jobnr\n",
       "job$jobnr :\n",
       "\t$_\n");
  }
  unshift @makefile, "all : ",(map { "job$_ " } 1 .. $jobnr),"\n";

  open (MAKE, "| make -k -f - -j $processes") || die;
  print MAKE @makefile;
  close MAKE;

• Introduction to GNU Parallel https://www.youtube.com/watch?v=Kj-6JkAqw-8

• Using GNU Parallel with GooseSLURM https://readthedocs.org/projects/gooseslurm/downloads/pdf/latest/#chapter.7

• Why GNU-parallel? https://github.com/lijingbu/omics/blob/main/why_gnu_parallel.md

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

If you like GNU Parallel record a video testimonial: Say who you are, what you use GNU Parallel for, how it helps you, and what you like most about it. Include a command that uses GNU Parallel if you feel like it.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

For example you can run this to convert all jpeg files into png and gif files and have a progress bar:

  parallel --bar convert {1} {1.}.{2} ::: *.jpg ::: png gif

Or you can generate big, medium, and small thumbnails of all jpeg files in sub dirs:

  find . -name '*.jpg' |
    parallel convert -geometry {2} {1} {1//}/thumb{2}_{1/} :::: - ::: 50 100 200

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with:

    $ (wget -O - pi.dk/3 || lynx -source pi.dk/3 || curl pi.dk/3/ || \
       fetch -o - http://pi.dk/3 ) > install.sh
    $ sha1sum install.sh | grep c82233e7da3166308632ac8c34f850c0
    12345678 c82233e7 da316630 8632ac8c 34f850c0
    $ md5sum install.sh | grep ae3d7aac5e15cf3dfc87046cfc5918d2
    ae3d7aac 5e15cf3d fc87046c fc5918d2
    $ sha512sum install.sh | grep dfc00d823137271a6d96225cea9e89f533ff6c81f
    9c5198d5 31a3b755 b7910ece 3a42d206 c804694d fc00d823 137271a6 d96225ce
    a9e89f53 3ff6c81f f52b298b ef9fb613 2d3f9ccd 0e2c7bd3 c35978b5 79acb5ca
    $ bash install.sh

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your command line will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

• Give a demo at your local user group/team/colleagues
• Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
• Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
• Request or write a review for your favourite blog or magazine
• Request or build a package for your favourite distribution (if it is not already there)
• Invite me for your next conference

If you use programs that use GNU Parallel for research:

• Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

• (Have your company) donate to FSF https://my.fsf.org/donate/

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

The WWWorst App Store

by Alexandre Oliva

Picture the most abusive app store.

Programs in it are meant to run on your own computer.

However, you have to be online to run them.

Every time you start them, they contact the app store.

If there is an updated version, it's installed automatically, no questions asked. You'd rather run the earlier version? Tough.

If the app store decides you're no longer welcome, the program won't start any more.

If the app store servers are offline, or if you are, it won't start either. Read more...

I am happy to announce a new release of GNU poke, version 1.1.

This is a bug fix release in the poke 1.x series, and is the result of
all the user feedback we have received since we did the first public
release.  Our big thanks to everyone who provided feedback :)

See the file NEWS in the released tarball for a detailed list of
changes in this release.

The tarball poke-1.1.tar.gz is now available at
https://ftp.gnu.org/gnu/poke/poke-1.1.tar.gz.

  GNU poke (http://www.jemarch.net/poke) is an interactive, extensible
  editor for binary data.  Not limited to editing basic entities such
  as bits and bytes, it provides a full-fledged procedural,
  interactive programming language designed to describe data
  structures and to operate on them.

This release is the product of a month of work resulting in 70
commits, made by 10 contributors.

Thanks to the people who contributed with code and/or documentation to
this release.  In certain but no significant order they are:

   Bruno Haible
   Egeyar Bagcioglu
   Luca Saiu
   Sergei Trofimovich
   Kostas Chasialis
   Mohammad-Reza Nabipoor
   Morten Linderud
   Sergio Durigan Junior
   Thomas Weißschuh

My gratitude to you all!  It is a real pleasure to hack with you.

And this is all for now.
Happy poking!

--
Jose E. Marchesi
Frankfurt am Main
21 March 2021

A security vulnerability that can lead to local privilege escalation has been found in guix-daemon. It affects multi-user setups in which guix-daemon runs locally.

It does not affect multi-user setups where guix-daemon runs on a separate machine and is accessed over the network via GUIX_DAEMON_SOCKET, as is customary on cluster setups. Exploitation is more difficult, but not impossible, on machines where the Linux protected hardlinks feature is enabled, which is common — this is the case when the contents of /proc/sys/fs/protected_hardlinks are 1.

Vulnerability

The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build directory world-writable. The user then creates a hardlink to a root-owned file such as /etc/shadow in that build directory. If the user passed the --keep-failed option and the build eventually fails, the daemon changes ownership of the whole build tree, including the hardlink, to the user. At that point, the user has write access to the target file.

Fix

This bug has been fixed. See below for upgrade instructions.

The fix consists in adding a root-owned “wrapper” directory in which the build directory itself is located. If the user passed the --keep-failed option and the build fails, the guix-daemon first changes ownership of the build directory, and then, in two stages, moves the build directory into the location where users expect to find failed builds, roughly like this:

1. chown -R USER /tmp/guix-build-foo.drv-0/top
2. mv /tmp/guix-build-foo.drv-0{,.pivot}
3. mv /tmp/guix-build-foo.drv-0.pivot/top /tmp/guix-build-foo.drv-0

In step #1, /tmp/guix-build-foo.drv-0 remains root-owned, with permissions of #o700. Thus, only root can change directory into it or into top. Likewise in step #2.

The build tree becomes accessible to the user once step #3 has succeeded, not before. These steps are performed after the package build scripts have stopped running.

Upgrading

On multi-user systems, we recommend upgrading the guix-daemon now.

To upgrade the daemon on Guix System, run something like:

guix pull
sudo guix system reconfigure /run/current-system/configuration.scm
sudo herd restart guix-daemon

On other distros, use something like this:

sudo --login guix pull
sudo systemctl restart guix-daemon.service

Conclusions

One of the flagship features of GNU Guix is to enable unprivileged package management, which includes building packages. Building occurs in an isolated build environment. This environment is isolated from the rest of the system not only to control the build process to implement the functional packaging model, but also to protect the system from package build scripts.

Despite our best efforts, there is always the possibility that we have overlooked something, as in this case.

This issue is tracked as bug #47229; you can read the thread for more information.

We are grateful to Nathan Nye of WhiteBeam Security for reporting this bug.

Please report any issues you may have to [email protected]. See the security web page for information on how to report security issues.

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the Hurd or the Linux kernel, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

LibreJS Blocks JavaScript, But the Site Will Not Function

Here are some Guidelines and Suggestions to Fix That

Write site-specific extensions to replace sites' JavaScript code

Many websites damage users' freedom by sending nonfree JavaScript programs to the user's browser. We invite volunteers to develop free browser extensions to replace for the JavaScript sent by particular sites (see the lists below).

Our first response to the problem of nonfree JS code was to develop LibreJS, which enables Firefox-based browsers to detect and block that code. That protects us from running a site's nonfree JS programs, but does not make the site actually function. Writing an extension for it, as we propose here, would achieve that. It would also avoid the risk inherent in running software straight off someone else's website.

We could also solve the problem by convincing the webmasters to correct their sites to function without the JavaScript code, but convincing them proves to be very difficult, since mostly they don't understand the issue, let alone care about it. Maybe recommending use of these extensions for their sites will convince them to pay attention to supporting non-JavaScript access.

Therefore we invite volunteers to pick a site and write a browser extension to make that site function, assuming that LibreJS blocks the nonfree JavaScript sent by the site.

The first thing to do is to look briefly at the licenses of the JavaScript files on the site. Some of them might actually be free software. If some of the JS code sent by the site is free, you can include it in your extension, changing it as needed.

Next, check whether the site has published an API. If so, it is best to communicate using the API, if that can do the job. Otherwise, you need to use the browser debugging facilities to figure out what data and commands the JavaScript code sends to the server—in effect, its undocumented API.

The way to avoid infringing copyright on the site's own JavaScript code is not to study the code. Not any part of it, not even once. If you did not read the code, it follows that you did not copy any of it. Look only at the licenses.

These extensions should be honest—they should not “cheat.” If the site's JavaScript asks the user for information and sends it, the extension should ask the user for that information and send it. If the site asks per (1) to check a box to agree to XYZ, the extension should ask per to check a box to agree to XYZ. The extension should faithfully pass on whatever responses the user enters. If the site sends a cookie, the extension should let it be handled according to the browser settings for cookies.

It is impossible to implement real security via JS code sent to the user, but whatever the site does to try to implement something resembling security, the extension should carry out faithfully. In particular, if the site asks the user to answer questions to prove perself not to be a robot, the extension should show per the same questions, get the answers, and send them in—thus enabling per to demonstrate that perse is human.

Jeff Carpenter's librecaptcha might be useful if the site sends a captcha. We will start a project to convert it to JS, and we will need volunteers for that, so please write to me if you are interested in helping.

Meanwhile, if the site's JS code gathers information surreptitiously, it is admirable to thwart that snooping. One idea is to ask the user what answer to return—for example, “The site is trying to find out your location. What do you want to tell it?” But it would be good to avoid asking the user frequently or repeatedly.

When you have an extension working, please mail a copy to the GNU Project at <[email protected]>. You can also register it in Firefox's extensions list, if you can stomach running the nonfree software to do that.

We have set up a mailing list, js-extensions-discussion where you can talk with others who are developing extensions.

Once things are going, we would like to set up a savannah.gnu.org repo where we will put the extensions that are working. To do that, we need a volunteer or two to manage it. We expect this task not to be a lot of work; the reason to have two is for redundancy.

We could also have a Savannah project which you could (if you wish) use for developing an extension; that too would require volunteers to take care of it.

Here are some suggestions for sites to write extensions for. However, if some other site interests you more, by all means go where your interests take you. Read more...

This release of MediaGoblin removes support for Python 2 and marks the end of five years of concurrent support for both Python 2 and Python 3. That’s a major achievement, so congratulations to everyone who contributed.

As a bonus, the release also includes a completely rewritten replacement for the previously Python 2-only audio spectrograms feature. Thank you to Fernando Gutierrez for this contribution; it’s a significant piece of work. The release also includes contributions from Jeremy Bowman, Jesús Eduardo Estupiñan Medina, Charlotte Koch, Olivier Mehani, milquetoast and Ben Sturmfels.

On reflection, the Python 3 transition has been bitter-sweet. Without doubt, Python 3 is both technically and ergonomically superior to Python 2, but I don’t think anyone in the Python community realised quite how long or how much work the transition would be. It’s been an especially challenging time for small projects like MediaGoblin and for anyone supporting a significant Python codebase on limited resources. Looking forward though, ending support for Python 2 significantly simplifies the maintenance of the project, making it easier to add new features and prevent bugs. We’re really excited about this! Although we’re not bug-free yet, as of this release our test suite is passing 100% and we’ll be continuing with further quality improvements.

We would like to take this opportunity to acknowledge Boris Bobrov, project maintainer and long-time contributor. Boris recently retired from his maintainer role which he began in 2016. Thanks Boris for all your hard work, contributions and leadership, we really appreciate it!

This release is named Punky Magmalian after a character created by artist and MediaGoblin contributor Charlotte Koch. Take a look at Charlotte’s other work on her MediaGoblin site.

For more details on this release and on upgrading see the release notes. To join us and help improve MediaGoblin, please visit our getting involved page.

New Features

    MusicXML export
        Supports export of multi-movement scores

    Support for Musical Sketches
        Cut selection as sketch

    Support for LilyPond 2.20.0

    Menu Navigation from Keyboard enabled

    Comments in Lyric verses

Bug Fixes

    Various fixes in MusicXML import
    Various fixes in LilyPond import
    Wrong Keyboard Shortcuts on MacOS

It is often the case in binary formats that certain elements are separated by some data that is not really used for any meaningful purpose other than occupy that space. The reason for keeping that space varies from case to case; sometimes to reserve it for future use, sometimes to make sure that the following data is aligned to some particular alignment. This is known as "padding". There are several ways to implement padding in GNU poke. This article shows these techniques and discusses their advantages and disadvantages.

inspired by the computing page of rms

Computers

My librebooted ThinkPad X200 computer is the machine I use the most and where I do most of my computing. I also have the privilege of having access to a fleet of servers through our school's Computer Science Club that I use for some more computationally intensive tasks every now and again, and also for hosting this very website.

GNU/Linux distribution

I used a wide variety of distros over the years; but I have since found Trisquel to be my favourite and it's put my "distro-hopping" days behind me. Sometimes I pair it up with GNU Guix. For the kernel, I usually use GNU Linux-libre from jxself's APT repository.

Actual computing

I spend most of my time in GNU Emacs.

TODO: elaborate

Maintaining this site ยง

I took a great amount of inspiration from technomancy's setup. The pages of this site are written in plain HTML using GNU Emacs, with GNU M4 acting as a full-featured template engine. A GNUmakefile provides convenient make rules to build and publish the site. The bibliography of my publications is generated from bandali.bib using bibtex2html, and further processed and put together using GNU sed and another GNUmakefile. The git repository containing all the sources used to build this site are available here.

I am happy to announce the first release of GNU poke, version 1.0.

The tarball poke-1.0.tar.gz is now available at
https://ftp.gnu.org/gnu/poke/poke-1.0.tar.gz.

  GNU poke (http://www.jemarch.net/poke) is an interactive, extensible
  editor for binary data.  Not limited to editing basic entities such
  as bits and bytes, it provides a full-fledged procedural,
  interactive programming language designed to describe data
  structures and to operate on them.

This release is the product of 3 years of work resulting in 4126
commits, made by 19 contributors.

The program is far from being perfect and there are known bugs and
limitations in place.  We also have lots of awesome ideas still to be
implemented, extensions we want to add, pickles for many data formats
to write, documentation to improve, and lots of work in
progress... the GUI, the machine-interface... working in poke is so
fun that it is difficult to stop :'D

But it is time to start the releasing cycles so everyone can benefit
from poke, which is already immensely useful for many activities like
systems programming, testing of software, design and documentation of
file formats and protocols, reverse engineering, and much more.
Releasing often will hopefully also bring in more developers to our
little but enthusiastic community... there is so much to do!

In any case, we wish you have fun with poke and that you find it
useful.

Please send us comments, suggestions, bug reports, patches,
questions, complaints, bitcoins, or whatever, to [email protected].

Many of the poke developers and users populate the #poke IRC channel
at irc.freenode.net, and you are more than welcome to join us there
and say hello.

Now it is time to mention the names of all the people who have
contributed with code and/or documentation to this release.  In
certain but no significant order they are:

   John Darrington
   Tim Rühsen
   Luca Saiu
   Bruno Haible
   Mohammad-Reza Nabipoor
   Eric Blake
   Egeyar Bagcioglu
   Kostas Chasialis
   Darshit Shah
   Dan Čermák
   David Faust
   Carlo Caione
   Henner Zeller
   Aurelien Aptel
   Indu Bhagat
   Darkstar
   Michael Drüing
   Pierre-Evariste Dagand

My gratitude to you all!  It is a real pleasure to hack with you.

Finally, as a personal note, I would like to dedicate this release to
my father Eduardo.  For this is also your work in a sense, and I love
you very much.

And this is all for now.
Happy poking!

--
Jose E. Marchesi
Frankfurt am Main
26 February 2021

Add llvmfuzz and oss-fuzz integration, fixed many minor fuzzing errors. libfuzzer is much better than afl++ and honggfuzz.

See https://www.gnu.org/software/libredwg/ and https://github.com/LibreDWG/libredwg/blob/0.12.3/NEWS

Here are the compressed sources:
http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.3.tar.gz (17.4MB)
http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.3.tar.xz (9MB)

Here are the GPG detached signatures[*]:
http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.3.tar.gz.sig
http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.3.tar.xz.sig

Use a mirror for higher download bandwidth:
https://www.gnu.org/order/ftp.html

Here are more binaries:
https://github.com/LibreDWG/libredwg/releases/tag/0.12.3

Here are the SHA256 checksums:

47933ccc0230c66c571606f7a5897fa1fb0f664fba871b883f1a785783f58a33  libredwg-0.12.3.tar.gz
b31a33466ba23312119138d0ac022399841ee0f40d9bbd970410a2fc471e15ee  libredwg-0.12.3.tar.xz

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify libredwg-0.12.3.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414

and rerun the gpg --verify command.

Editing data with GNU poke mainly involves creating mapped values and storing them in Poke variables. However, this may not be that convenient when poking several files simultaneously, and when the complexity of the data increases. poke provides a convenient mechanism for this: maps and map files.

Minor bugfix:

• Fixed extending the write buffer for the 2 CRC bytes. Occurs very seldomly (GH #315)

See https://www.gnu.org/software/libredwg/ and https://github.com/LibreDWG/libredwg/blob/0.12.2/NEWS

Here are the compressed sources:
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.2.tar.gz   (17.4MB)
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.2.tar.xz   (9MB)

Here are the GPG detached signatures[*]:
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.2.tar.gz.sig
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.12.2.tar.xz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

Here are more binaries:
  https://github.com/LibreDWG/libredwg/releases/tag/0.12.2

Here are the SHA256 checksums:

8b4c0ddbd52598c5849e2c4b267411e557f282f336ef497afc919d516c0c394e  libredwg-0.12.2.tar.gz
9227f4cb8a4aa1b785038e2c583affe0d84194c97dca4794e143258b0302fb85  libredwg-0.12.2.tar.xz
6fe27f0e1f73b8ba1c9eb20a9597fe2781207c68cb3f8883e52c60f7b3ea2c27  libredwg-0.12.2-win32.zip
92d6fddb5dbe108edf8381e8c87889edd082d1c75b48b30bda8ca1b5fab00628  libredwg-0.12.2-win64.zip

[*] Use a .sig file to verify that the corresponding file (without the .sig suffix) is intact.  First, be sure to download both the .sig file and the corresponding tarball.  Then, run a command like this:

  `gpg --verify libredwg-0.12.2.tar.gz.sig`

If that command fails because you don't have the required public key, then run this command to import it:

  `gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414`

and rerun the `gpg --verify` command.

GNU Parallel 20210222 ('Ang Sang Su Kyi') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Please help spreading GNU Parallel by making a testimonial video like Juan Sierra Pons: http://www.elsotanillo.net/wp-content/uploads/GnuParallel_JuanSierraPons.mp4

It does not have to be as detailed as Juan's. It is perfectly fine if you just say your name, and what field you are using GNU Parallel for.

Quote of the month:

  GNU Parallel is a priceless timesaver
    -- June "Wakalix" @TWakalix@twitter

New in this release:

• --filter only run jobs where the filter is true. The filter can contain replacement strings and Perl code such as: '{1} < {2}+1'
• --template takes a text file as a template with replacement strings. Then it replaces the replacement strings and saves it under a new filename.
• --plus implements {0%} {0#} replacement string for zero padded slot and sequence.
• Warn that you probably mean -d '\r\n' if the first 3 values end in \r\n (DOS newline).
• {= perlexpression =} must return the same value, if run twice on the same input.
• Man pages available as .rst-format.
• Bug fixes and man page updates.

News about GNU Parallel:

• A short tutorial on Gnu Parallel https://www.polarmicrobes.org/a-short-tutorial-on-gnu-parallel/
• 5 reasons why I love coding on Linux https://opensource.com/article/21/2/linux-programming
• Simple Tutorial to install & use GNU Parallel https://medium.com/analytics-vidhya/simple-tutorial-to-install-use-gnu-parallel-79251120d618
• LiDO3 - first contact https://www.lido.tu-dortmund.de/cms/de/LiDO3/LiDO3_first_contact_handout.pdf
• Rill Stage 2-1: Ways of command-line data analysis https://blog.jastix.biz/post/rill-stage-2-1-cli-data-analysis/
• Introduction to GNU Parallel https://blog.knoldus.com/introduction-to-gnu-parallel/
• GNU Parallel https://www.hahwul.com/cullinan/parallel/

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

If you like GNU Parallel record a video testimonial: Say who you are, what you use GNU Parallel for, how it helps you, and what you like most about it. Include a command that uses GNU Parallel if you feel like it.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

For example you can run this to convert all jpeg files into png and gif files and have a progress bar:

  parallel --bar convert {1} {1.}.{2} ::: *.jpg ::: png gif

Or you can generate big, medium, and small thumbnails of all jpeg files in sub dirs:

  find . -name '*.jpg' |
    parallel convert -geometry {2} {1} {1//}/thumb{2}_{1/} :::: - ::: 50 100 200

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with:

    $ (wget -O - pi.dk/3 || lynx -source pi.dk/3 || curl pi.dk/3/ || \
       fetch -o - http://pi.dk/3 ) > install.sh
    $ sha1sum install.sh | grep 3374ec53bacb199b245af2dda86df6c9
    12345678 3374ec53 bacb199b 245af2dd a86df6c9
    $ md5sum install.sh | grep 029a9ac06e8b5bc6052eac57b2c3c9ca
    029a9ac0 6e8b5bc6 052eac57 b2c3c9ca
    $ sha512sum install.sh | grep f517006d9897747bed8a4694b1acba1b
    40f53af6 9e20dae5 713ba06c f517006d 9897747b ed8a4694 b1acba1b 1464beb4
    60055629 3f2356f3 3e9c4e3c 76e3f3af a9db4b32 bd33322b 975696fc e6b23cfb
    $ bash install.sh

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your command line will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

• Give a demo at your local user group/team/colleagues
• Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
• Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
• Request or write a review for your favourite blog or magazine
• Request or build a package for your favourite distribution (if it is not already there)
• Invite me for your next conference

If you use programs that use GNU Parallel for research:

• Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

• (Have your company) donate to FSF https://my.fsf.org/donate/

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

 Hello All-

In celebration of the (slightly belated) 10-year anniversary of Guile v2.0, we're having another Guile Potluck!  The Guile Potluck is a randomly annual event to give people a chance to show off their Guile projects and skills.  Think of it as a game jam, but, not constrained to games. 

To participate, on or before Mar 6, send an email to [email protected] with Potluck in the subject line. Please include instructions on how to find your entry, which could be anything you like.  For example,

   - a script showing off some feature of Guile or your favorite Guile library
   - a blog post describing something interesting about Guile
   - an updated release of a neglected library
   - a mini-game
   - a graphical or audio demoscene-type demo
   
There probably won't be any prizes.  But there will definitely be an e-mail and blog post about the entries.

I'd love to see y'all participate. Feel free to e-mail me at [email protected] if you'd like to discuss anything directly.

And please forward this info along, if you know of any other corners of the internet that might be interested.

Regards,
Mike Gran

Dear community:

I am very proud to announce the release of the series 3.8 from the GNU Health Hospital Management Information System (HMIS) component!

Twelve years old, the GNU Health project has now become a Libre digital Health ecosystem, with different solutions to meet different realities, integrating them in the Federation.

The year 2020, the year of the COVID-19 pandemic, has put our societies against the ropes, and challenging the public health system of every country around the globe.
The GNU Health community responded swiftly to this formidable challenge. Within hours of the official World Health Organization announcement, we were able to deliver the new ICD-10 codes of the COVID-19 disease; Include the pathology in the person record when it was confirmed by laboratory and setting the disease as a notifiable disease so the Min. of Health could have uptodate epidemiological information.

GNU Health has played a crucial role in many public health systems, not only by providing real-time observatory of COVID-19, but also, very importantly, study the impact of the socioeconomic conditions in both the incidence and severity of the disease on the underprivileged.

Our community keeps growing! A notable example is that GNU Health is now also part of the KDE community! KDE has adopted MyGNUHealth, the GH Personal Health record.
We are very grateful to KDE for trusting us! Most GNU/Linux users will have in their favorite GNU/Linux distribution a Personal Health Record focused on privacy and integrated with Libre devices and trackers. MyGNUHealth also runs on the PinePhone!

What is new in GNU Health 3.8 series

• New Dentistry package with odontogram and dental procedures
• Enhanced Page of Life generation (PoL)
• Use FODT (Flat ODT) format for reports
• Integrated infectious diseases Contact Tracing
• Epidemiological observatory
• International Classification of diseases, 11th revision (ICD-11)
• Improved integration with Weblate (now 23 languages!)
• Updated the UNIPROT protein natural variants DB from 2020
• The HL7 FHIR server is now ported to Python3
• New repositories for the components (HMIS, client, plugins, Thalamus...)

Development focus

In addition of the GH HMIS server, we will focus the development in the following  areas of the GNU Health ecosystem:

• MyGNUHealth: The GNU Health application for desktop and mobile devices
• The GNU Health Federation Portal

The GH Federation Portal has already started. It is a VueJS application and provides a single point of entry for individuals, health professionals and epidemiologists to the GNU Health Information system.

The GNU Health Federation integrates information from many health institutions and people from a region or country. The GH Federation portal will allow to manage resources, as well as the main point for analytics and reporting of massive demographics and epidemiological data generated nationwide. People, health centers and research institutions can benefit from the GNU Health Federation and from the GNU Health ecosystem in general.

Upgrading from GNU Health 3.6

• Make a FULL BACKUP your kernel, database and attach directories !!!
• Follow the instructions on the Wikibooks.

As always, no matter how hard we try to avoid them, there will be bugs, so please test the new system, upgrade process, languages, and give us your feedback via them via [email protected]

The community server has been already migrated to 3.8.0, so you just need to download the GNU Health HMIS client and enjoy it.

Free Software day

Finally, today is the Free Software day. We have chosen this date as the release date of the GH HMIS component, as a way to remind and stress the importance of Libre Software and Open Science in our society.

Happy and Healthy Hacking !

--
Dr. Luis Falcon, M.D.
President, GNU Solidario
Advancing Social Medicine
https://www.gnuhealth.org

FreeIPMI 1.6.7 - 02/12/21
-----------------------------------
o Do not require IPMI access when running ipmi-fru with the --fru-file option.
o Fix default permissions of various config and system files.
o Minor documentation updates.

https://ftp.gnu.org/gnu/freeipmi/freeipmi-1.6.7.tar.gz

Version 3.12 of GNU mailutils is available for download.  This version includes the following bugfixes:

• Fix expunging of mailboxes in mbox and dotmail format in a read-only directory
• inc: when updating the "unseen" sequence, translate message numbers to uids
• Fix default port selection in SMTP mailer
• Fix building the mda utilities with mailbox quotas off
• Fix bugs in the testsuite

When experimenting with Godot and its GDScript language, I realized that I missed a good old REPL (Read-Eval-Print Loop) to familiarize myself with the language and API.

This is now possible with this new Godot Editor plugin

Try it at:
https://godotengine.org/asset-library/asset/857

Dear GNU CTT:

Thank you very much for the hard work in the past years.
Wish you all a good, happy and healthy Chinese New Year!

We are proud to know that:

Boston, Massachusetts, USA -- February 9th, 2021 -- The Free Software Foundation (FSF) has been awarded a four-star and 100% rating, the highest possible, from Charity Navigator, the largest independent evaluator of US-based nonprofit charities. The FSF was also selected for Charity Navigator's "Top Ten List" as one of "10 Charities Worth Watching." These designations exemplify the FSF's strong financial health and commitment to accountability and transparency.
Using objective analysis, Charity Navigator awards only the most fiscally responsible organizations a four-star rating, with metrics including governance, ethical practices, operations in accordance with industry best practices, and openness with donors and stakeholders. This is the eighth year in a row the FSF has received a four-star rating, a record attained by only six percent of the 160,000 charities evaluated by Charity Navigator. The FSF also earned perfect scores on "Financial Health" and "Accountability & Transparency," resulting in the organization's first-ever 100% rating, an accomplishment less than one percent of all charities evaluated by Charity Navigator are able to achieve. This is the second time the FSF has placed in the list of "10 Charities Worth Watching."
"The Free Software Foundation's exceptional four-star rating sets it apart from its peers and demonstrates its trustworthiness to the public,” according to Michael Thatcher, President and CEO of Charity Navigator. “Only a quarter of charities rated by Charity Navigator receive the distinction of our four-star rating. This adds the FSF to a preeminent group of charities working to overcome our world’s most pressing challenges. Based on its four-star rating, people can trust that their donations are going to a financially responsible and ethical charity when they decide to support the Free Software Foundation."
FSF executive director, John Sullivan, shared: "This is truly an accomplishment requiring the whole organization's efforts. It reflects excellence by our board of directors in its leadership, especially overseeing the FSF's financial management and key organizational policies, and by our whole staff, doing their work with exceptional efficiency and diligence, focused precisely on the FSF's mission. This is full validation of our supporters' confidence that when you contribute to the FSF, that hard-earned money will substantially advance the cause of software freedom."
The FSF's Charity Navigator profile can be visited at https://www.charitynavigator.org/index.cfm?bay=search.summary&orgid=8557.

 This 2020 with COVID, quarantines and lockdown was and is a strange year, but it allowed me to take care of Arctic Fox quite a bit. A lot of work is going on in my Arctic Fox fork, which Matt dutifully imports.

Thousands of commits flew in into this new release, tackling JavaScript upgrades, build fixes, further metro removal, JIT optimizations. SO much was imported from Firefox that this is really exciting!

Arctic Fox continues to run very well on MacOS-X 10.7 for example, on my MacBook Pro:

But also Linux is fully supported, of course. 

Linux/PowerPC works as before, but still no JIT of course. Roy continues his fork with WindowsXP support which differs only by a minimal set of patches.

SPARC64 support was pursued, now NetBSD/SPARC64 compiles fully, but.... the browser crashes on startup. Help seeked!

The same goes for ARM, ARM64 and MIPS: we would love to get these platforms working again: they were probably lost in PaleMoon.

Arctic Fox thus continues the pursue of PaleMoon and Firefox heritage but with enhanced compatibility on more platforms, no Rust and legacy OS/Compiler support. If you like this, please help!