The combination of Google’s Summer of Code program and students working on numerous KDE projects during it has served as a long and successful tradition for KDE. KDE, being a big organization with a large community associated with it and hosting many projects of different facets provides a lot of opportunities for students to participate in this program and to contribute to an open-source project that they are interested in.
Hence it is no surprise that this year also many students decided to be a part of the world of KDE.
Be prepared for a long, detailed post about many interesting projects and the great results achieved during the season of GSoC ’15.
1. Porting activities
Many KDE projects are still in the process of porting the code to the new frameworks Qt5/QtQuick and KDE Frameworks 5 (KF5) – the next generation of KDE libraries, modularized and optimized for easy integration in other applications. This year several students helped to make this transition smoother and complete.
Aroonav Mishra ported a considerable portion of Amarok to Qt5/KF5 and the porting of the media player is in continuation. R. Harish did this for Kopete.
GCompris consists of several activities, wherein each activity is aimed to teach children a different educational lesson. This year Sagar Chand Agarwal and Siddhesh Suthar helped port a couple of GCompris’ activities to QtQuick. Almost all the work has been integrated to the master branch and will be available in the next release.
The educational entertainment software GCompris welcomes any form of help to finish this move.
Mohamed Anwer did his project on digiKam. In digiKam, the communication with the database was done in KIO-slaves, running in separate process. To increase the portability of the application and to reduce the serialization of data between different processes, the decision was made to change the architecture and to move it to Qt5’s threads. The new thread-based implementation done during this summer resulted in a much better performance. Also, in numerous other segments of the source code a wrapper for all KIO-related stuff was provided. The implementation behind this wrapper, which optionally doesn’t use KIO anymore, now allows compilation of digiKam as a pure Qt-application without any dependency on KIO. For more information,visit: https://mohamedanwer.wordpress.com/tag/gsoc15/
Vyacheslav Matyushin ported KSystemLog,a utility showing different system protocols to KF5. While porting the code, he also fixed many bugs and memory leaks. In addition to that, many new features were added like the support for local and remote journald, filtering of the log entries by priority, improved configuration dialog and more.
Main window showing log entires colored according to their priority. By default, all priorities are displayed. User can select priorities to be displayed
Journald mode configuration widget allows to add remote journals
A porting project of a different kind was taken up by Gábor Péterffy who ported Marble to Android. Marble Maps is available now in Google Play and provides navigation and routing functionality using OpenStreetMap’s content. Distance measurements, interactive route planning are available in the first version of Marble on Android.
KDevelop got a new “checker framework” contributed by Laszlo Kis-Adam who you might also know as dfighter. The idea behind this project was to provide a general framework for different static code analysis tools and profilers that can be used in KDevelop. This framework aims to unify and simplify the code infrastructure and to provide a consistent and user-friendly GUI for using such tools in KDevelop. Some existing plugins for cppcheck, Valgrind and Krazy were ported to this framework. The support for code analysers clang-check and pylint was added. The final report contains a lot of detailed information on this as well as a video demo of this amazingly useful functionality.
During GSoC2014 clang was integrated into KDevelop in order to use it for source code indexing, syntax checking and highligting instead of KDevelop’s own complex implementations for these tasks. Despite the ginormous progress attained last year, there was and is still a lot to do in the area of kdev-clang plugin for KDevelop – bug fixing, adding features, stabilizing the code. This year Sergey Kalinichev worked on the project “Further Clang integration in KDevelop” and extended the feature-set of this plugin with regard to code parsing, syntax highligting, code completion and refactoring. See his final report with couple of examples on this https://sklin0.wordpress.com/2015/08/23/gsoc-2015-final-status-report/.
This plugin is a must try for all KDevelop users!
Gurjot Singh worked on extending the animation capabilities of Kdenlive to allow smoother animations as opposed to the traditional keyframes technology. Before this, Kdenlive had support for only linear interpolation of keyframes for few effects and transitions. With the support for animation properties in the open-source multimedia framework MLT, which is used by Kdenlive, and with the integration work done during this GSoC by Gurjot, almost any entity can be now be animated in Kdenlive. Gurjot added configuration widgets for different interpolation types used for animations – which can be discrete, linear, smooth spline or a mix of them. Read more here: https://kdenlive.org/node/9443
Krita got a new tangent normal brush engine. Read more on Wolthera van Hövell tot Westerflier‘s blog http://wolthera.info/?p=770 who was the GSoC student working on Krita. Wolthera also addressed Krita’s widget for picking a colourspace (http://wolthera.info/?p=783).
Veaceslav Munteanu continues to contribute to digiKam for the third GSoC-program in row. This year, he implemented Advanced Metadata Hub – a new component that gives the user more control over the metadata management in digiKam. With this component it is possible now to define in addition to digiKam’s default namespaces new user-specific namespaces. It is also possible to edit new namespaces, disable them temporarily and to change their order which influences the search results in digiKam. Furthermore, lazy metadata synchronization was introduced to digiKam. When changing the metadata (applying a tag, rating or comment to an image), the synchronization process could slow-down the system for bigger image collections on slower (or remote) hard-disks. With the new lazy method the synchronization can be optionally postponed to a later point and the user doesn’t experience any immediate slow-down on metadata changes.
KStars, the outstanding open-source astronomy software, is now able to display artistic drawings for all modern constellations (https://en.wikipedia.org/wiki/88_modern_constellations_by_area) – thanks to the work done by M.S. Adityan during this summer. One of the main parts of the project was to understand how to map the image onto the sky map. The screenshot below shows art images for all 88 modern constellations that can be optionally switched on and off.
Daniel Leu contributed a job scheduler to KStars that will help automate astrophotography sessions. A job is specified as per the information provided by the user such as the object under observation, altitude, angular distance to the moon and the execution starting and finishing times and the job triggered by the scheduler communicates with the teleskop via the Ekos interface (http://api.kde.org/4.x-api/kdeedu-apidocs/kstars/html/namespaceEkos.html) and performes a slewing of the teleskop, loading of the sequence and its execution. To simplify the selection of the object to be observed, the user can now provide a FITS image and the object coordinates are determined out of the information stored in the FITS file.
David Kolozsvari joined the Marble team this summer and implemented a couple of nice features. He improved rendering of labels (street names, building names etc.) that are now drawn along the curved street paths. Before this, the labels were just shown “somewhere” on the map. As a result of his work:
Besides this, some smaller improvements and bug fixes were made by him. He has started working on improving Marble’s Print support as an extension to his contribution to Marble during GSoC. Check out his blog for demos and more (http://koldavidgsoc.blogspot.de/2015/08/gsoc-2015-summer-with-marble.html).
The second Marble-related GSoC-project was about the handling of OpenStreetMap (OSM) files. Marius Stanciu added support for opening OSM-files, viewing, editing and exporting them. The main part of the project was to provide an OSM editor for Marble. Plenty of features can be implemented in such an editor and Marius implemented it for tags and relations. Tags allow annotation of the placemarks to provide information on them beyond the location coordinates. With the help of relations, logical relationships between different points on the map can also be modeled. Take a look at Marius’ blogs for more screenshots and examples.http://mariusoc.blogspot.de/2015/08/wrapping-things-up.html
LabPlot, the data plotting and analysis tool for KDE had 3 students this year.
Minh Ngo added visualization of 3D-data to LabPlot by utilizing the very powerful library VTK. Different data source sources are supported – external files with 3D-data, LabPlot’s spreadsheets with column-based organisation of data and LabPlot’s matrices with matrix-like data structure. The data can be visualized as points in 3D-space, curves and surfaces. A lot of options for the 3D-plots are availble and can be adjusted by the user in a user-friendly GUI. Furthermore, several zooming functions were implemented that allow a comfortable navigation through the data. Because of the huge complexity of this topic, not everything could be implemented in such a short period of time. Minh is eager to contribute further to the projects and continues working on 3D-part of LabPlot with the aim to push LabPlot’s 3D-functionality to much higher level.
Ankit Wagarde added a very useful tool to LabPlot that allows to extract data from images – the Datapicker. After import of an image and setting the reference points, the user start to select the data points on the image that get automatically converted into numbers. Those numbers can be used in your own plots where you can e.g. combine your own results with results of another work where the imported image was taken from. Different scalings are supported as well as data point with error bars. Arbitrary number of curves on the plot from the imported image is supported whereas different symbol styles can be used to differentiate the appearance of the curves
Currently, LabPlot is lacking any scripting functionality and has a very limited set of features to generate new data. On the other hand, Cantor – another KDE-education software – unifies the usage of different open-source computer algebra systems (CAS) like Maxima, Octave, etc. in a single program. Garvit Khatri integrated Cantor into LabPlot. This allows now to perform calculations, to produce and to analyze data with the CAS of your choice, to plot the generated data and to modify the appearance of the plot directly in LabPlot. The user benefits now from the very powerful CAS languages and from the numerous editing features for plots in LabPlot. The screenshot below shows a simple calculation done in python3 with scipy/numpy and the visualization of the calculated data in LabPlot’s manner.
All in all – a very nice example for how two open-source projects can collaborate and bundle the man-power and the available features two produce software of much greater value.
KDE’s universal document viewer Okular was extended by Saheb Preet Singh to support PDF tags, layers and linearized documents. PDF tags allow to add additional description to different structures in a PDF document. Information can be stored on different layers of a PDF file – a feature allowing to make some content visible or invisible in the document. In Okular, tags and layers are shown in a tree-like view and can be searched and filtered for. The third new feature in Okular, the support for linearized PDF documents, make viewing over the internet faster – the document is streamed over the network and the user can start to read the document without the need to wait until the complete file is downloaded.
balooctl, the command line tool to control Baloo, KDE’s indexing and search framework, got a lot of useful features allowing to get a better overview of the current state of Baloo. The main part of the project taken by Pinak Ahuja was the Baloo Monitor – a GUI tool showing Baloo’s current state, file being indexed, total progress and estimated remaining time
and a button to suspend/resume indexing. On the way to these results, Baloo’s architecture needed to be partially redesigned and re-factored to make the interaction of this tool with Baloo’s back-end possible.
This work went far beyond the original proposal and was done in close collaboration and with the help of the project mentor. The monitor has been added as a KCM to KInfoCenter.
Aleksandr Mezin improved the KDE System Settings by adding a new configuration module for pointing devices. This module unifies now the functionality that was previously spread between Mouse and Touchpad KCMs.
With the help of KDE’s visual designers Aleksandr was able to create a nice looking UI where the pointing devices can be configured at the same place. Currently, all properties of libinput driver can be configured in this new module for X11 as well as for Wayland (with patched version of KWin), whereas a better and more complete support for evdev and synaptics drivers is to be expected in the near feature.
Ranveer Aggarwal worked on the implementation of an interface for installing 3rd party plugins for different KDE applications like additional codecs for k3b, KIPI-plugins for Gwenview, etc.
3rd party plugins can be fetched from the system packages manager, the installation is handled with the help of PackageKit that unifies the handling of different package management systems.
Ranveer’s final report exemplifies the usage of this new interface for couple of KDE applications:
KDE Connect https://albertvaka.wordpress.com/ is a very useful application for KDE and smartphone users that allows to control your KDE desktop with the smartphone, to receive the phone notifications on your computer or to interchange data between different devices. This year Vineet Garg improved the secure communication over the network and added the support for TLSv1.2 to KDE Connect. By the way, the first version of KDE Connect was written during GSoC2013.
The KDE infrastructure got a new very nice service – KDE Reportshttps://reports.kde.org/. In this web app, contributed by Ahmed AbouElhamayed, graphical reports for KDE related statistics are shown. Charts for the current number of bug reports, total average time taken to resolve a bug, number of commits, review requests, social media activities and for many many other things allow you to get better insights into the ongoing KDE activities.
Check out recent Ahmed’s blogs for a number of useful examples
Besides the porting activities mentioned above, Kopete got help from two more students this year. Nikolaos Chatzidakis worked (and is still working on it even GSoC is already finished, on a GnuPGP-plugin for Kopete to allow secure encrypting, signing, decrypting and verifying of messages via GnuPGP. Joseph W Joshua contributed to a new history plugin for Kopete based on a SQL-database. The idea behind this plugin is to store the messages in a database and to provide an interface for quick and advanced searching in the history.
For many students participated in this year’s GSoC, the contribution to the open-source community and especially to KDE didn’t end with the final reports written in August. Many students are still in touch with their mentors, continue to work on their projects or are even looking for new tasks. All in all, a great GSoC season for KDE with remarkable achievements. We’re looking forward for GSoC2016!
Qualys on Thursday reported a flaw in the OpenSSH client that could let a hacker steal the client’s private crypto keys. The bug is the result of an undocumented feature called “roaming” that exists in version 5.4 and above. It’s one of two vulnerabilities that a malicious SSH server or a trusted but compromised server can exploit, Qualys said. The other is a heap-based buffer overflow.
The Linux Foundation this week announced an expansion of the Dronecode project with investments from new members and the creation of three technical working groups. The foundation launched the open source project in 2014 in an effort to create a unified platform for commercial drone technology. Twenty-seven companies have joined Dronecode since, bringing membership to 51, officials said.
Black Duck Software on Tuesday announced it has added to its Hub software container-scanning capabilities that let users map open source security flaws for applications, Linux distros, and other software in Docker and other Linux containers. Adding a containerized scanner to a Docker host enables automatic identification of known open source vulnerabilities in all layers of containers on the host.
KDE contributor Ken Vermette has written The Quintessential 2016 Review of Plasma 5.5 which was released last month, a 9 page cover of the good, the bad and the beautiful.
Plasma 5.5 marks the beginning of the lifecycle where the vast majority of pe…
Tune in for an overview of our party plans and the reopening of Classic.
Hacking team fail0verflow last week demonstrated a hack of Sony’s PlayStation 4 game console that allows anyone running the modification to run the Linux OS on the appliance. The demo was part of a lightning talk session at the 32nd Chaos Communication Congress. The hackers used exploits in FreeBSD, PS4’s operating system and WebKit, which powers the game console’s browser.
I am confident that adopting a client-side framework through progressive decoupling will give us the best of both worlds. Of course, this does not mean I oppose fully decoupling through any other framework; in fact, I believe we should redouble our efforts toward a first-class API-first Drupal. But progressive decoupling means that we will be able to work toward a next-generation user experience without abandoning much of the work we’ve done so far.
Special thanks to all of the following experts who provided review and input: Miško Hevery (creator of Angular; Google) and Igor Minar (technical lead for Angular; Google); Ed Faulkner (core maintainer for Ember); Amitai Burstein (Drupal and Elm contributor; Gizra); Sebastian Siemssen (Drupal contributor, Elm and React developer; Zensations); and John Albin Wilkins (Drupal 8 mobile initiative lead), Alex Bronstein (Drupal core maintainer; Acquia), Wim Leers (Drupal core contributor; Acquia), and Preston So (Drupal contributor, Acquia).
First, have we decided on the right criteria regardless of the frameworks themselves? This is probably the most important at this stage. While many organizations choose to adopt client-side frameworks for fully decoupled implementations, Drupal is the first to consider layering a framework on top to allow both richly dynamic and more traditional modules to coexist gracefully through progressive decoupling. What issues around templates, rendering, and client-side caching should we incorporate into these criteria? Is there anything missing or overemphasized?
Finally, have we drawn the right conclusions against these criteria? In other words, did we fill out the cells correctly? While they have been reviewed by some of the frameworks’ experts, there might be unexpected gotchas or caveats.
At the moment, the most promising candidates in the comparison matrix appear to be Angular 2, Ember, and React, given their technical robustness, relative suitability for progressively decoupled Drupal, and their strong levels of community support and broader adoption. Given that Backbone is already in core and several modules already rely on it, we have included it too.
What we’ve learned from talking to the different projects is that they are often converging on similar techniques and best practices; they are by and large adding support for Virtual DOM implementations or rehydration (seamless state transfer), and they are all obsessing over small payload size and performance, better testability, etc. Therefore it is important to focus on the fundamental, often philosophical, differences between the projects that will likely be unchanged in time; key architectural differences, their release cadence and stance on backward compatibility, their license, their governance model, their flexibility and learning curve, etc.
From a quick glance at the criteria and our needs, it seems that Ember is currently our best candidate, as it appears to have a slight technical edge overall. Ember 2.0 has an all-new rendering engine named Glimmer, and it has server-side rendering through FastBoot. On the other hand, however, Ember is quite bulky and opinionated (enforcing patterns for code structure) compared to other candidate frameworks. A more fundamental difference is that unlike Angular and React, which have corporate governance and funding, Ember is a community-driven project like Drupal.
While React is lightweight, it needs integration with a variety of other libraries in the React ecosystem to work as a full-fledged implementation, which gives it a steep learning curve from an implementation standpoint. Because React is a relatively young project, best practices are shifting quickly and making it less attractive. The Virtual DOM, among React’s most compelling features, has also seen its core ideas filter into other framework projects. But more importantly, React is licensed with what I believe to be a potentially unacceptable patent clause, which states that an organization can no longer use React once it sues Facebook for any (unrelated) patent infringement. This has already generated some concerted pushback from both WordPress’s Calypso and React contributors.
Whatever the result of the debate around which client-side framework to adopt, I believe that Drupal needs to move quickly to embrace a framework that will aid development of a progressively decoupled architecture and corresponding user experience improvements. By providing some baseline criteria and including our accomplished community, I have no doubt we can reach this decision quickly but also intelligently.
Special thanks to Preston So for contributions to this blog post.
Front page news:
If your 2015 was anything like mine, it passed by extremely quickly. It was marked by periods of frustration (spammers still love Drupal.org) and elation (Drupal 8 launched, woot!).
That was a lot of work in what was a tumultuous year. Between all the DrupalCon websites, and major updates to some of our existing sub-sites, we launched as many sites as some web development shops—at least the smaller ones.
We made several small but high impact usability improvements to Drupal.org, and built better features to highlight the contributions of individuals and organizations on their profiles. We modernized and hardened our infrastructure. We made Drupal.org a little more beautiful to better promote this amazing software and community that we support to people finding us for the first time. Among all of that…
What was the most important work in 2015?
If I had to call out just one thing the Drupal.org team did this year that was essential to the success of Drupal and the community, I would highlight the great work done to launch DrupalCI and make it a production system that could handle our community’s unique testing needs.
DrupalCI (the CI stands for Continuous Integration) started as a community initiative. It had been in progress for years as work to replace our aging testbot infrastructure. The old testbots required a manual spin up of new testing servers that were hosted on VMs in a cluster at the Open Source Labs. They were proprietary and rigid. If a testbot went down, it would require manual intervention to free up the queue and allow tests to begin again.
By working closely with the community throughout Q2 and Q3 of 2015, we were able to launch a testing infrastructure that supports multiple testing environments—a feature which has already helped support other projects, like PHP 7—dynamically scales to the testing load, and which is tightly integrated with the Drupal.org issue queues. Overall the new system is much more configurable and far more scalable than the previous system.
Why is testing so vital to the community? Because Drupal 8 represents a much larger code base than Drupal 7. A huge proportion of those new lines of code are tests. Every time a patch is submitted to Drupal Core, up to 15,000+ tests are run—with over 100,000 assertions. Core maintainers and initiative leads need those tests to help them understand how the new code introduced will affect Drupal. Contrib developers can also use DrupalCI to ensure their modules will work well with Drupal.
Though the work to get DrupalCI into production and optimized, we were able to give core maintainers faster and more reliable information about code submitted for inclusion in Drupal.
I honestly believe that without DrupalCI, we would not have had Drupal 8 in 2015. It sped the release of Drupal, which makes it the most accomplishment for our team in 2015.
Happy but not satisfied
Larry Garfield (Crell) wrote a blog post shortly after the release of Drupal 8 where he talked about how he was happy that Drupal 8 was released—and feels it is a huge leap forward for the project—but he is not satisfied because he sees how much work is left to be done.
That is the nature of software. It can always be a little better—more performant, more usable, more extendable.
Drupal.org improved in 2015, but the team is far from satisfied. There is so much more work to complete.
At DrupalCon Amsterdam, I outlined the top 7 initiatives that the Drupal.org team would focus on. When I look back on the year, we did not hit all of our goals.
In April, one year into my time at the Drupal Association, I could point back to a lot of accomplishments, but for many, the improvements were not fast enough. By DrupalCon Los Angeles, we had achieved one of our initiative goals, and moved forward many more, but we added four more to our list. In agile project management terms, we burned up (added more work) than we burned down (work completed).
While the fact that more work is requested faster than we could complete it is not unusual, it did make us think, and we learned some lessons. We have to focus on fewer, high impact priorities. We need to plan for the unplannable – we know there will be unforeseen needs from the community and new technology to support that may not exist yet, and we must be flexible enough to respond. We need to build more partnerships and find great solutions with technology providers that are experts in their fields.
We are pretty excited that much of the planning and design work put into 2015 should result in a much more rapid pace of change to Drupal.org in 2016.
What’s next for Drupal.org
So, we are celebrating all the good things from 2015—there were a lot—but we are also closing the book on what was a challenging year.
Our focus shifts now to supporting the community as we all work to make Drupal 8 successful. We’ll be keeping the Drupal.org Roadmap up to date and adding in new initiatives.
As we start the new year, we are still committed to the content strategy work that will make the content creation experience on Drupal.org and sub-sites better. This will improve our documentation as well as make it easier to talk about the benefits of Drupal to decision makers that help choose Drupal as the best content management framework for their organization.
Additionally, we are doing some exciting work to better support Composer on Drupal.org to align us with the rest of the PHP community as well as planning some much needed improvements to our Git workflow and developer tools.
Lastly, we are not done improving how we highlight contributions within the Drupal community. As Dries outlined in Amsterdam, Drupal is a public good. We need to highlight the great work that people around the world are doing in building Drupal and the community that supports it.
We can’t wait to get started on 2016!
Front page news:
Simutrans plans the move to Steam. The game will be available for free on the distribution platform. This might help new players to get to know the game, and those who already play the game and also use Steam an easier way to keep Simutrans up to date. If you do not use Steam, don’t […]
Journey to this mystic land for our penultimate Winter Weekend.
As the new year begins, the focus falls on Invention and a big anniversary.
Researchers last week revealed a zero-day flaw that lets attackers take over a Linux system by pressing the backspace key repeatedly. Pressing backspace 17 to 20 times will overwrite the highest byte of the return address of the grub_memset() function, ultimately causing a reboot by redirecting control flow to the 0x00eb53e8 address, according to the Cybersecurity Group at the Universitat Politecnica de Valencia.
The Linux Foundation last week announced it was teaming up with a group of high-tech and financial giants on a project to advance the blockchain technology made famous by bitcoin virtual currency. IBM, Cisco and Intel have agreed to collaborate with a number of financial institutions and other companies to develop an enterprise-grade open source distributed ledger framework.
More festive fun is in store with these Winter Weekend bonuses.
A chat about Invention | Good Morning Gielinor | Community highlights |The best of 2015.
= Minutes for Tuesday, December 8th, 2015, 20:00 UTC =
Next meeting date Tuesday, December 15th, 2015, 20:00 UTC
== Attending ==
* Shaun McCance
Today, we are giving you more control over how your data is shared in Firefox by letting you block additional trackers in Private Browsing with Tracking Protection. We recently introduced Private Browsing with Tracking Protection to give you control over … Continue reading
Joomla! 3.4.6 is now available. This is a security release for the 3.x series of Joomla which addresses a critical security vulnerability and 2 low level security vulnerabilities. We strongly recommend that you update your sites immediately.